> -----Original Message----- > From: Akhil Goyal <[email protected]> > Sent: Wednesday, August 11, 2021 9:20 AM > To: Matan Azrad <[email protected]>; [email protected] > Cc: Anoob Joseph <[email protected]>; Nicolau, Radu > <[email protected]>; Doherty, Declan <[email protected]>; > [email protected]; Ananyev, Konstantin > <[email protected]>; NBU-Contact-Thomas Monjalon > <[email protected]>; Zhang, Roy Fan <[email protected]>; > [email protected]; [email protected]; > [email protected]; De Lara Guarch, Pablo > <[email protected]>; Trahe, Fiona <[email protected]>; > Ankur Dwivedi <[email protected]>; Michael Shamis > <[email protected]>; Nagadheeraj Rottela > <[email protected]>; [email protected] > Subject: RE: [PATCH v2 3/4] examples/fips_validation: remove illegal usage of > APIs > > > > > From: Akhil Goyal > > > Some of the cryptodev APIs are not allowed to be used by application > > > directly. Hence removing the usage of 1. queue_pair_release: it is not > > > required, as configure > > > of queue pair release the previous queue pairs and the > > > dev is not directly exposed to application, hence cannot > > > use its ops from app. > > > 2. rte_cryptodev_stop: it can be used directly without > > > checking if the device is started or not. > > > 3. rte_cryptodev_pmd_destroy: application should use > > > rte_cryptodev_close instead. > > > > > > Signed-off-by: Akhil Goyal <[email protected]> > > > > Look's like it should be backported to stable releases with a Fixes > > reference. > > What do you think? > > > > Besides, > > Acked-by: Matan Azrad <[email protected]> > > > Yes, Agreed. > I wanted to get opinion from the Maintainer of fips app first if the changes > are > Correct or not.
Hi Akhil, FIPS requirement is upon failure of running self-test the device memory shall be destroyed completely and not visible by the application at all - rte_cryptodev_close does not provide this functionality. In this case we may need new API rte_cryptodev_destroy() to replace rte_cryptodev_pmd_destroy(). Regards, Fan
