> -----Original Message----- > From: Akhil Goyal <gak...@marvell.com> > Sent: Wednesday, August 11, 2021 9:20 AM > To: Matan Azrad <ma...@nvidia.com>; dev@dpdk.org > Cc: Anoob Joseph <ano...@marvell.com>; Nicolau, Radu > <radu.nico...@intel.com>; Doherty, Declan <declan.dohe...@intel.com>; > hemant.agra...@nxp.com; Ananyev, Konstantin > <konstantin.anan...@intel.com>; NBU-Contact-Thomas Monjalon > <tho...@monjalon.net>; Zhang, Roy Fan <roy.fan.zh...@intel.com>; > asoma...@amd.com; ruifeng.w...@arm.com; > ajit.khapa...@broadcom.com; De Lara Guarch, Pablo > <pablo.de.lara.gua...@intel.com>; Trahe, Fiona <fiona.tr...@intel.com>; > Ankur Dwivedi <adwiv...@marvell.com>; Michael Shamis > <michae...@marvell.com>; Nagadheeraj Rottela > <rnagadhee...@marvell.com>; jianjay.z...@huawei.com > Subject: RE: [PATCH v2 3/4] examples/fips_validation: remove illegal usage of > APIs > > > > > From: Akhil Goyal > > > Some of the cryptodev APIs are not allowed to be used by application > > > directly. Hence removing the usage of 1. queue_pair_release: it is not > > > required, as configure > > > of queue pair release the previous queue pairs and the > > > dev is not directly exposed to application, hence cannot > > > use its ops from app. > > > 2. rte_cryptodev_stop: it can be used directly without > > > checking if the device is started or not. > > > 3. rte_cryptodev_pmd_destroy: application should use > > > rte_cryptodev_close instead. > > > > > > Signed-off-by: Akhil Goyal <gak...@marvell.com> > > > > Look's like it should be backported to stable releases with a Fixes > > reference. > > What do you think? > > > > Besides, > > Acked-by: Matan Azrad <ma...@nvidia.com> > > > Yes, Agreed. > I wanted to get opinion from the Maintainer of fips app first if the changes > are > Correct or not.
Hi Akhil, FIPS requirement is upon failure of running self-test the device memory shall be destroyed completely and not visible by the application at all - rte_cryptodev_close does not provide this functionality. In this case we may need new API rte_cryptodev_destroy() to replace rte_cryptodev_pmd_destroy(). Regards, Fan
