diff options
Diffstat (limited to 'doc/guides/cryptodevs')
-rw-r--r-- | doc/guides/cryptodevs/aesni_mb.rst | 5 | ||||
-rw-r--r-- | doc/guides/cryptodevs/index.rst | 3 | ||||
-rw-r--r-- | doc/guides/cryptodevs/kasumi.rst | 101 | ||||
-rw-r--r-- | doc/guides/cryptodevs/overview.rst | 79 | ||||
-rw-r--r-- | doc/guides/cryptodevs/qat.rst | 3 | ||||
-rw-r--r-- | doc/guides/cryptodevs/snow3g.rst | 52 |
6 files changed, 165 insertions, 78 deletions
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst index 9e04853a..60a89142 100644 --- a/doc/guides/cryptodevs/aesni_mb.rst +++ b/doc/guides/cryptodevs/aesni_mb.rst @@ -46,8 +46,11 @@ AESNI MB PMD has support for: Cipher algorithms: * RTE_CRYPTO_SYM_CIPHER_AES128_CBC +* RTE_CRYPTO_SYM_CIPHER_AES192_CBC * RTE_CRYPTO_SYM_CIPHER_AES256_CBC -* RTE_CRYPTO_SYM_CIPHER_AES512_CBC +* RTE_CRYPTO_SYM_CIPHER_AES128_CTR +* RTE_CRYPTO_SYM_CIPHER_AES192_CTR +* RTE_CRYPTO_SYM_CIPHER_AES256_CTR Hash algorithms: diff --git a/doc/guides/cryptodevs/index.rst b/doc/guides/cryptodevs/index.rst index a3f11f31..9616de1e 100644 --- a/doc/guides/cryptodevs/index.rst +++ b/doc/guides/cryptodevs/index.rst @@ -38,6 +38,7 @@ Crypto Device Drivers overview aesni_mb aesni_gcm + kasumi null snow3g - qat
\ No newline at end of file + qat diff --git a/doc/guides/cryptodevs/kasumi.rst b/doc/guides/cryptodevs/kasumi.rst new file mode 100644 index 00000000..d6b3a975 --- /dev/null +++ b/doc/guides/cryptodevs/kasumi.rst @@ -0,0 +1,101 @@ +.. BSD LICENSE + Copyright(c) 2016 Intel Corporation. All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + * Neither the name of Intel Corporation nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +KASUMI Crypto Poll Mode Driver +=============================== + +The KASUMI PMD (**librte_pmd_kasumi**) provides poll mode crypto driver +support for utilizing Intel Libsso library, which implements F8 and F9 functions +for KASUMI UEA1 cipher and UIA1 hash algorithms. + +Features +-------- + +KASUMI PMD has support for: + +Cipher algorithm: + +* RTE_CRYPTO_SYM_CIPHER_KASUMI_F8 + +Authentication algorithm: + +* RTE_CRYPTO_SYM_AUTH_KASUMI_F9 + +Limitations +----------- + +* Chained mbufs are not supported. +* KASUMI(F9) supported only if hash offset field is byte-aligned. + +Installation +------------ + +To build DPDK with the KASUMI_PMD the user is required to download +the export controlled ``libsso_kasumi`` library, by requesting it from +`<https://networkbuilders.intel.com/network-technologies/dpdk>`_. +Once approval has been granted, the user needs to log in +`<https://networkbuilders.intel.com/dpdklogin>`_ +and click on "Kasumi Bit Stream crypto library" link, to download the library. +After downloading the library, the user needs to unpack and compile it +on their system before building DPDK:: + + make kasumi + +Initialization +-------------- + +In order to enable this virtual crypto PMD, user must: + +* Export the environmental variable LIBSSO_KASUMI_PATH with the path where + the library was extracted (kasumi folder). + +* Build the LIBSSO library (explained in Installation section). + +* Set CONFIG_RTE_LIBRTE_PMD_KASUMI=y in config/common_base. + +To use the PMD in an application, user must: + +* Call rte_eal_vdev_init("cryptodev_kasumi_pmd") within the application. + +* Use --vdev="cryptodev_kasumi_pmd" in the EAL options, which will call rte_eal_vdev_init() internally. + +The following parameters (all optional) can be provided in the previous two calls: + +* socket_id: Specify the socket where the memory for the device is going to be allocated + (by default, socket_id will be the socket where the core that is creating the PMD is running on). + +* max_nb_queue_pairs: Specify the maximum number of queue pairs in the device (8 by default). + +* max_nb_sessions: Specify the maximum number of sessions that can be created (2048 by default). + +Example: + +.. code-block:: console + + ./l2fwd-crypto -c 40 -n 4 --vdev="cryptodev_kasumi_pmd,socket_id=1,max_nb_sessions=128" diff --git a/doc/guides/cryptodevs/overview.rst b/doc/guides/cryptodevs/overview.rst index 9f9af43c..d612f71b 100644 --- a/doc/guides/cryptodevs/overview.rst +++ b/doc/guides/cryptodevs/overview.rst @@ -33,62 +33,63 @@ Crypto Device Supported Functionality Matrices Supported Feature Flags .. csv-table:: - :header: "Feature Flags", "qat", "null", "aesni_mb", "aesni_gcm", "snow3g" + :header: "Feature Flags", "qat", "null", "aesni_mb", "aesni_gcm", "snow3g", "kasumi" :stub-columns: 1 - "RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO",x,x,,, - "RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO",,,,, - "RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING",x,x,x,x,x - "RTE_CRYPTODEV_FF_CPU_SSE",,,x,x,x - "RTE_CRYPTODEV_FF_CPU_AVX",,,x,x,x - "RTE_CRYPTODEV_FF_CPU_AVX2",,,x,x, - "RTE_CRYPTODEV_FF_CPU_AESNI",,,x,x, - "RTE_CRYPTODEV_FF_HW_ACCELERATED",x,,,, + "RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO",x,x,x,x,x,x + "RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO",,,,,, + "RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING",x,x,x,x,x,x + "RTE_CRYPTODEV_FF_CPU_SSE",,,x,x,x,x + "RTE_CRYPTODEV_FF_CPU_AVX",,,x,x,x,x + "RTE_CRYPTODEV_FF_CPU_AVX2",,,x,x,, + "RTE_CRYPTODEV_FF_CPU_AESNI",,,x,x,, + "RTE_CRYPTODEV_FF_HW_ACCELERATED",x,,,,, Supported Cipher Algorithms .. csv-table:: - :header: "Cipher Algorithms", "qat", "null", "aesni_mb", "aesni_gcm", "snow3g" + :header: "Cipher Algorithms", "qat", "null", "aesni_mb", "aesni_gcm", "snow3g", "kasumi" :stub-columns: 1 - "NULL",,x,,, - "AES_CBC_128",x,,x,, - "AES_CBC_192",x,,x,, - "AES_CBC_256",x,,x,, - "AES_CTR_128",,,,, - "AES_CTR_192",,,,, - "AES_CTR_256",,,,, - "SNOW3G_UEA2",x,,,,x + "NULL",,x,,,, + "AES_CBC_128",x,,x,,, + "AES_CBC_192",x,,x,,, + "AES_CBC_256",x,,x,,, + "AES_CTR_128",x,,x,,, + "AES_CTR_192",x,,x,,, + "AES_CTR_256",x,,x,,, + "SNOW3G_UEA2",x,,,,x, + "KASUMI_F8",,,,,,x Supported Authentication Algorithms .. csv-table:: - :header: "Cipher Algorithms", "qat", "null", "aesni_mb", "aesni_gcm", "snow3g" + :header: "Cipher Algorithms", "qat", "null", "aesni_mb", "aesni_gcm", "snow3g", "kasumi" :stub-columns: 1 - "NONE",,x,,, - "MD5",,,,, - "MD5_HMAC",,,x,, - "SHA1",,,,, - "SHA1_HMAC",x,,x,, - "SHA224",,,,, - "SHA224_HMAC",,,x,, - "SHA256",,,,, - "SHA256_HMAC",x,,x,, - "SHA384",,,,, - "SHA384_HMAC",,,x,, - "SHA512",,,,, - "SHA512_HMAC",x,,x,, - "AES_XCBC",x,,x,, - "SNOW3G_UIA2",x,,,,x - + "NONE",,x,,,, + "MD5",,,,,, + "MD5_HMAC",,,x,,, + "SHA1",,,,,, + "SHA1_HMAC",x,,x,,, + "SHA224",,,,,, + "SHA224_HMAC",,,x,,, + "SHA256",,,,,, + "SHA256_HMAC",x,,x,,, + "SHA384",,,,,, + "SHA384_HMAC",,,x,,, + "SHA512",,,,,, + "SHA512_HMAC",x,,x,,, + "AES_XCBC",x,,x,,, + "SNOW3G_UIA2",x,,,,x, + "KASUMI_F9",,,,,,x Supported AEAD Algorithms .. csv-table:: - :header: "AEAD Algorithms", "qat", "null", "aesni_mb", "aesni_gcm", "snow3g" + :header: "AEAD Algorithms", "qat", "null", "aesni_mb", "aesni_gcm", "snow3g", "kasumi" :stub-columns: 1 - "AES_GCM_128",x,,x,, - "AES_GCM_192",x,,,, - "AES_GCM_256",x,,,, + "AES_GCM_128",x,,x,,, + "AES_GCM_192",x,,,,, + "AES_GCM_256",x,,,,, diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst index 4b8f782a..cae19582 100644 --- a/doc/guides/cryptodevs/qat.rst +++ b/doc/guides/cryptodevs/qat.rst @@ -44,6 +44,9 @@ Cipher algorithms: * ``RTE_CRYPTO_SYM_CIPHER_AES128_CBC`` * ``RTE_CRYPTO_SYM_CIPHER_AES192_CBC`` * ``RTE_CRYPTO_SYM_CIPHER_AES256_CBC`` +* ``RTE_CRYPTO_SYM_CIPHER_AES128_CTR`` +* ``RTE_CRYPTO_SYM_CIPHER_AES192_CTR`` +* ``RTE_CRYPTO_SYM_CIPHER_AES256_CTR`` * ``RTE_CRYPTO_SYM_CIPHER_SNOW3G_UEA2`` * ``RTE_CRYPTO_CIPHER_AES_GCM`` diff --git a/doc/guides/cryptodevs/snow3g.rst b/doc/guides/cryptodevs/snow3g.rst index c1098b1a..670a62a9 100644 --- a/doc/guides/cryptodevs/snow3g.rst +++ b/doc/guides/cryptodevs/snow3g.rst @@ -51,55 +51,33 @@ Limitations ----------- * Chained mbufs are not supported. -* Snow3g(UEA2) supported only if cipher length, cipher offset fields are byte-aligned. -* Snow3g(UIA2) supported only if hash length, hash offset fields are byte-aligned. +* Snow3g(UIA2) supported only if hash offset field is byte-aligned. +* In-place bit-level operations for Snow3g(UEA2) are not supported + (if length and/or offset of data to be ciphered is not byte-aligned). Installation ------------ -To build DPDK with the SNOW3G_PMD the user is required to download -the export controlled ``libsso`` library, by requesting it from -`<https://networkbuilders.intel.com/network-technologies/dpdk>`_, -and compiling it on their system before building DPDK:: - - make -f Makefile_snow3g - -**Note**: If using a gcc version higher than 5.0, and compilation fails, apply the following patch: - -.. code-block:: diff - - /libsso/src/snow3g/sso_snow3g.c - - static inline void ClockFSM_4(sso_snow3gKeyState4_t *pCtx, __m128i *data) - { - __m128i F, R; - - uint32_t K, L; - + uint32_t K; - + /* Declare unused if SNOW3G_WSM/SNB are defined */ - + uint32_t L __attribute__ ((unused)) = 0; - - F = _mm_add_epi32(pCtx->LFSR_X[15], pCtx->FSM_X[0]); - R = _mm_xor_si128(pCtx->LFSR_X[5], pCtx->FSM_X[2]); - - /libsso/include/sso_snow3g_internal.h - - -inline void ClockFSM_1(sso_snow3gKeyState1_t *pCtx, uint32_t *data); - -inline void ClockLFSR_1(sso_snow3gKeyState1_t *pCtx); - -inline void sso_snow3gStateInitialize_1(sso_snow3gKeyState1_t * pCtx, sso_snow3g_key_schedule_t *pKeySched, uint8_t *pIV); - +void ClockFSM_1(sso_snow3gKeyState1_t *pCtx, uint32_t *data); - +void ClockLFSR_1(sso_snow3gKeyState1_t *pCtx); - +void sso_snow3gStateInitialize_1(sso_snow3gKeyState1_t * pCtx, sso_snow3g_key_schedule_t *pKeySched, uint8_t *pIV); +To build DPDK with the KASUMI_PMD the user is required to download +the export controlled ``libsso_snow3g`` library, by requesting it from +`<https://networkbuilders.intel.com/network-technologies/dpdk>`_. +Once approval has been granted, the user needs to log in +`<https://networkbuilders.intel.com/dpdklogin>`_ +and click on "Snow3G Bit Stream crypto library" link, to download the library. +After downloading the library, the user needs to unpack and compile it +on their system before building DPDK:: + make snow3G Initialization -------------- In order to enable this virtual crypto PMD, user must: -* Export the environmental variable LIBSSO_PATH with the path where - the library was extracted. +* Export the environmental variable LIBSSO_SNOW3G_PATH with the path where + the library was extracted (snow3g folder). -* Build the LIBSSO library (explained in Installation section). +* Build the LIBSSO_SNOW3G library (explained in Installation section). * Set CONFIG_RTE_LIBRTE_PMD_SNOW3G=y in config/common_base. |