diff options
Diffstat (limited to 'lib/librte_cryptodev')
-rw-r--r-- | lib/librte_cryptodev/Makefile | 7 | ||||
-rw-r--r-- | lib/librte_cryptodev/rte_crypto_sym.h | 66 | ||||
-rw-r--r-- | lib/librte_cryptodev/rte_cryptodev.c | 390 | ||||
-rw-r--r-- | lib/librte_cryptodev/rte_cryptodev.h | 238 | ||||
-rw-r--r-- | lib/librte_cryptodev/rte_cryptodev_pmd.h | 92 | ||||
-rw-r--r-- | lib/librte_cryptodev/rte_cryptodev_version.map | 28 |
6 files changed, 685 insertions, 136 deletions
diff --git a/lib/librte_cryptodev/Makefile b/lib/librte_cryptodev/Makefile index aebf5d9f..18f5e8c5 100644 --- a/lib/librte_cryptodev/Makefile +++ b/lib/librte_cryptodev/Makefile @@ -52,11 +52,4 @@ SYMLINK-y-include += rte_cryptodev_pmd.h # versioning export map EXPORT_MAP := rte_cryptodev_version.map -# library dependencies -DEPDIRS-y += lib/librte_eal -DEPDIRS-y += lib/librte_mempool -DEPDIRS-y += lib/librte_ring -DEPDIRS-y += lib/librte_mbuf -DEPDIRS-y += lib/librte_kvargs - include $(RTE_SDK)/mk/rte.lib.mk diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h index d3d38e4f..3a408448 100644 --- a/lib/librte_cryptodev/rte_crypto_sym.h +++ b/lib/librte_cryptodev/rte_crypto_sym.h @@ -105,9 +105,31 @@ enum rte_crypto_cipher_algorithm { RTE_CRYPTO_CIPHER_ZUC_EEA3, /**< ZUC algorithm in EEA3 mode */ + RTE_CRYPTO_CIPHER_DES_CBC, + /**< DES algorithm in CBC mode */ + + RTE_CRYPTO_CIPHER_AES_DOCSISBPI, + /**< AES algorithm using modes required by + * DOCSIS Baseline Privacy Plus Spec. + * Chained mbufs are not supported in this mode, i.e. rte_mbuf.next + * for m_src and m_dst in the rte_crypto_sym_op must be NULL. + */ + + RTE_CRYPTO_CIPHER_DES_DOCSISBPI, + /**< DES algorithm using modes required by + * DOCSIS Baseline Privacy Plus Spec. + * Chained mbufs are not supported in this mode, i.e. rte_mbuf.next + * for m_src and m_dst in the rte_crypto_sym_op must be NULL. + */ + RTE_CRYPTO_CIPHER_LIST_END + }; +/** Cipher algorithm name strings */ +extern const char * +rte_crypto_cipher_algorithm_strings[]; + /** Symmetric Cipher Direction */ enum rte_crypto_cipher_operation { RTE_CRYPTO_CIPHER_OP_ENCRYPT, @@ -116,6 +138,10 @@ enum rte_crypto_cipher_operation { /**< Decrypt cipher operation */ }; +/** Cipher operation name strings */ +extern const char * +rte_crypto_cipher_operation_strings[]; + /** * Symmetric Cipher Setup Data. * @@ -241,12 +267,20 @@ enum rte_crypto_auth_algorithm { RTE_CRYPTO_AUTH_LIST_END }; +/** Authentication algorithm name strings */ +extern const char * +rte_crypto_auth_algorithm_strings[]; + /** Symmetric Authentication / Hash Operations */ enum rte_crypto_auth_operation { RTE_CRYPTO_AUTH_OP_VERIFY, /**< Verify authentication digest */ RTE_CRYPTO_AUTH_OP_GENERATE /**< Generate authentication digest */ }; +/** Authentication operation name strings */ +extern const char * +rte_crypto_auth_operation_strings[]; + /** * Authentication / Hash transform data. * @@ -276,17 +310,16 @@ struct rte_crypto_auth_xform { * this specifies the length of the digest to be compared for the * session. * + * It is the caller's responsibility to ensure that the + * digest length is compliant with the hash algorithm being used. * If the value is less than the maximum length allowed by the hash, - * the result shall be truncated. If the value is greater than the - * maximum length allowed by the hash then an error will be generated - * by *rte_cryptodev_sym_session_create* or by the - * *rte_cryptodev_sym_enqueue_burst* if using session-less APIs. + * the result shall be truncated. */ uint32_t add_auth_data_length; /**< The length of the additional authenticated data (AAD) in bytes. - * The maximum permitted value is 240 bytes, unless otherwise specified - * below. + * The maximum permitted value is 65535 (2^16 - 1) bytes, unless + * otherwise specified below. * * This field must be specified when the hash algorithm is one of the * following: @@ -541,8 +574,7 @@ struct rte_crypto_sym_op { struct { uint8_t *data; - /**< If this member of this structure is set this is a - * pointer to the location where the digest result + /**< This points to the location where the digest result * should be inserted (in the case of digest generation) * or where the purported digest exists (in the case of * digest verification). @@ -560,18 +592,13 @@ struct rte_crypto_sym_op { * @note * For GCM (@ref RTE_CRYPTO_AUTH_AES_GCM), for * "digest result" read "authentication tag T". - * - * If this member is not set the digest result is - * understood to be in the destination buffer for - * digest generation, and in the source buffer for - * digest verification. The location of the digest - * result in this case is immediately following the - * region over which the digest is computed. */ phys_addr_t phys_addr; /**< Physical address of digest */ uint16_t length; - /**< Length of digest */ + /**< Length of digest. This must be the same value as + * @ref rte_crypto_auth_xform.digest_length. + */ } digest; /**< Digest parameters */ struct { @@ -586,7 +613,7 @@ struct rte_crypto_sym_op { * set up for the session in the @ref * rte_crypto_auth_xform structure as part of the @ref * rte_cryptodev_sym_session_create function call. - * This length must not exceed 240 bytes. + * This length must not exceed 65535 (2^16-1) bytes. * * Specifically for CCM (@ref RTE_CRYPTO_AUTH_AES_CCM), * the caller should setup this field as follows: @@ -619,7 +646,10 @@ struct rte_crypto_sym_op { * operation, this field is used to pass plaintext. */ phys_addr_t phys_addr; /**< physical address */ - uint16_t length; /**< Length of digest */ + uint16_t length; + /**< Length of additional authenticated data (AAD) + * in bytes + */ } aad; /**< Additional authentication parameters */ } auth; diff --git a/lib/librte_cryptodev/rte_cryptodev.c b/lib/librte_cryptodev/rte_cryptodev.c index 54e95d5c..b65cd9ce 100644 --- a/lib/librte_cryptodev/rte_cryptodev.c +++ b/lib/librte_cryptodev/rte_cryptodev.c @@ -1,7 +1,7 @@ /*- * BSD LICENSE * - * Copyright(c) 2015-2016 Intel Corporation. All rights reserved. + * Copyright(c) 2015-2017 Intel Corporation. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -101,16 +101,138 @@ struct rte_cryptodev_callback { uint32_t active; /**< Callback is executing */ }; +#define RTE_CRYPTODEV_VDEV_NAME ("name") #define RTE_CRYPTODEV_VDEV_MAX_NB_QP_ARG ("max_nb_queue_pairs") #define RTE_CRYPTODEV_VDEV_MAX_NB_SESS_ARG ("max_nb_sessions") #define RTE_CRYPTODEV_VDEV_SOCKET_ID ("socket_id") static const char *cryptodev_vdev_valid_params[] = { + RTE_CRYPTODEV_VDEV_NAME, RTE_CRYPTODEV_VDEV_MAX_NB_QP_ARG, RTE_CRYPTODEV_VDEV_MAX_NB_SESS_ARG, RTE_CRYPTODEV_VDEV_SOCKET_ID }; +/** + * The crypto cipher algorithm strings identifiers. + * It could be used in application command line. + */ +const char * +rte_crypto_cipher_algorithm_strings[] = { + [RTE_CRYPTO_CIPHER_3DES_CBC] = "3des-cbc", + [RTE_CRYPTO_CIPHER_3DES_ECB] = "3des-ecb", + [RTE_CRYPTO_CIPHER_3DES_CTR] = "3des-ctr", + + [RTE_CRYPTO_CIPHER_AES_CBC] = "aes-cbc", + [RTE_CRYPTO_CIPHER_AES_CCM] = "aes-ccm", + [RTE_CRYPTO_CIPHER_AES_CTR] = "aes-ctr", + [RTE_CRYPTO_CIPHER_AES_DOCSISBPI] = "aes-docsisbpi", + [RTE_CRYPTO_CIPHER_AES_ECB] = "aes-ecb", + [RTE_CRYPTO_CIPHER_AES_GCM] = "aes-gcm", + [RTE_CRYPTO_CIPHER_AES_F8] = "aes-f8", + [RTE_CRYPTO_CIPHER_AES_XTS] = "aes-xts", + + [RTE_CRYPTO_CIPHER_ARC4] = "arc4", + + [RTE_CRYPTO_CIPHER_DES_CBC] = "des-cbc", + [RTE_CRYPTO_CIPHER_DES_DOCSISBPI] = "des-docsisbpi", + + [RTE_CRYPTO_CIPHER_NULL] = "null", + + [RTE_CRYPTO_CIPHER_KASUMI_F8] = "kasumi-f8", + [RTE_CRYPTO_CIPHER_SNOW3G_UEA2] = "snow3g-uea2", + [RTE_CRYPTO_CIPHER_ZUC_EEA3] = "zuc-eea3" +}; + +/** + * The crypto cipher operation strings identifiers. + * It could be used in application command line. + */ +const char * +rte_crypto_cipher_operation_strings[] = { + [RTE_CRYPTO_CIPHER_OP_ENCRYPT] = "encrypt", + [RTE_CRYPTO_CIPHER_OP_DECRYPT] = "decrypt" +}; + +/** + * The crypto auth algorithm strings identifiers. + * It could be used in application command line. + */ +const char * +rte_crypto_auth_algorithm_strings[] = { + [RTE_CRYPTO_AUTH_AES_CBC_MAC] = "aes-cbc-mac", + [RTE_CRYPTO_AUTH_AES_CCM] = "aes-ccm", + [RTE_CRYPTO_AUTH_AES_CMAC] = "aes-cmac", + [RTE_CRYPTO_AUTH_AES_GCM] = "aes-gcm", + [RTE_CRYPTO_AUTH_AES_GMAC] = "aes-gmac", + [RTE_CRYPTO_AUTH_AES_XCBC_MAC] = "aes-xcbc-mac", + + [RTE_CRYPTO_AUTH_MD5] = "md5", + [RTE_CRYPTO_AUTH_MD5_HMAC] = "md5-hmac", + + [RTE_CRYPTO_AUTH_NULL] = "null", + + [RTE_CRYPTO_AUTH_SHA1] = "sha1", + [RTE_CRYPTO_AUTH_SHA1_HMAC] = "sha1-hmac", + + [RTE_CRYPTO_AUTH_SHA224] = "sha2-224", + [RTE_CRYPTO_AUTH_SHA224_HMAC] = "sha2-224-hmac", + [RTE_CRYPTO_AUTH_SHA256] = "sha2-256", + [RTE_CRYPTO_AUTH_SHA256_HMAC] = "sha2-256-hmac", + [RTE_CRYPTO_AUTH_SHA384] = "sha2-384", + [RTE_CRYPTO_AUTH_SHA384_HMAC] = "sha2-384-hmac", + [RTE_CRYPTO_AUTH_SHA512] = "sha2-512", + [RTE_CRYPTO_AUTH_SHA512_HMAC] = "sha2-512-hmac", + + [RTE_CRYPTO_AUTH_KASUMI_F9] = "kasumi-f9", + [RTE_CRYPTO_AUTH_SNOW3G_UIA2] = "snow3g-uia2", + [RTE_CRYPTO_AUTH_ZUC_EIA3] = "zuc-eia3" +}; + +int +rte_cryptodev_get_cipher_algo_enum(enum rte_crypto_cipher_algorithm *algo_enum, + const char *algo_string) +{ + unsigned int i; + + for (i = 1; i < RTE_DIM(rte_crypto_cipher_algorithm_strings); i++) { + if (strcmp(algo_string, rte_crypto_cipher_algorithm_strings[i]) == 0) { + *algo_enum = (enum rte_crypto_cipher_algorithm) i; + return 0; + } + } + + /* Invalid string */ + return -1; +} + +int +rte_cryptodev_get_auth_algo_enum(enum rte_crypto_auth_algorithm *algo_enum, + const char *algo_string) +{ + unsigned int i; + + for (i = 1; i < RTE_DIM(rte_crypto_auth_algorithm_strings); i++) { + if (strcmp(algo_string, rte_crypto_auth_algorithm_strings[i]) == 0) { + *algo_enum = (enum rte_crypto_auth_algorithm) i; + return 0; + } + } + + /* Invalid string */ + return -1; +} + +/** + * The crypto auth operation strings identifiers. + * It could be used in application command line. + */ +const char * +rte_crypto_auth_operation_strings[] = { + [RTE_CRYPTO_AUTH_OP_VERIFY] = "verify", + [RTE_CRYPTO_AUTH_OP_GENERATE] = "generate" +}; + static uint8_t number_of_sockets(void) { @@ -132,7 +254,7 @@ static int parse_integer_arg(const char *key __rte_unused, const char *value, void *extra_args) { - int *i = (int *) extra_args; + int *i = extra_args; *i = atoi(value); if (*i < 0) { @@ -143,6 +265,25 @@ parse_integer_arg(const char *key __rte_unused, return 0; } +/** Parse name */ +static int +parse_name_arg(const char *key __rte_unused, + const char *value, void *extra_args) +{ + struct rte_crypto_vdev_init_params *params = extra_args; + + if (strlen(value) >= RTE_CRYPTODEV_NAME_MAX_LEN - 1) { + CDEV_LOG_ERR("Invalid name %s, should be less than " + "%u bytes", value, + RTE_CRYPTODEV_NAME_MAX_LEN - 1); + return -1; + } + + strncpy(params->name, value, RTE_CRYPTODEV_NAME_MAX_LEN); + + return 0; +} + int rte_cryptodev_parse_vdev_init_params(struct rte_crypto_vdev_init_params *params, const char *input_args) @@ -179,6 +320,12 @@ rte_cryptodev_parse_vdev_init_params(struct rte_crypto_vdev_init_params *params, if (ret < 0) goto free_kvlist; + ret = rte_kvargs_process(kvlist, RTE_CRYPTODEV_VDEV_NAME, + &parse_name_arg, + params); + if (ret < 0) + goto free_kvlist; + if (params->socket_id >= number_of_sockets()) { CDEV_LOG_ERR("Invalid socket id specified to create " "the virtual crypto device on"); @@ -191,6 +338,73 @@ free_kvlist: return ret; } +const struct rte_cryptodev_symmetric_capability * +rte_cryptodev_sym_capability_get(uint8_t dev_id, + const struct rte_cryptodev_sym_capability_idx *idx) +{ + const struct rte_cryptodev_capabilities *capability; + struct rte_cryptodev_info dev_info; + int i = 0; + + rte_cryptodev_info_get(dev_id, &dev_info); + + while ((capability = &dev_info.capabilities[i++])->op != + RTE_CRYPTO_OP_TYPE_UNDEFINED) { + if (capability->op != RTE_CRYPTO_OP_TYPE_SYMMETRIC) + continue; + + if (capability->sym.xform_type != idx->type) + continue; + + if (idx->type == RTE_CRYPTO_SYM_XFORM_AUTH && + capability->sym.auth.algo == idx->algo.auth) + return &capability->sym; + + if (idx->type == RTE_CRYPTO_SYM_XFORM_CIPHER && + capability->sym.cipher.algo == idx->algo.cipher) + return &capability->sym; + } + + return NULL; + +} + +#define param_range_check(x, y) \ + (((x < y.min) || (x > y.max)) || \ + (y.increment != 0 && (x % y.increment) != 0)) + +int +rte_cryptodev_sym_capability_check_cipher( + const struct rte_cryptodev_symmetric_capability *capability, + uint16_t key_size, uint16_t iv_size) +{ + if (param_range_check(key_size, capability->cipher.key_size)) + return -1; + + if (param_range_check(iv_size, capability->cipher.iv_size)) + return -1; + + return 0; +} + +int +rte_cryptodev_sym_capability_check_auth( + const struct rte_cryptodev_symmetric_capability *capability, + uint16_t key_size, uint16_t digest_size, uint16_t aad_size) +{ + if (param_range_check(key_size, capability->auth.key_size)) + return -1; + + if (param_range_check(digest_size, capability->auth.digest_size)) + return -1; + + if (param_range_check(aad_size, capability->auth.aad_size)) + return -1; + + return 0; +} + + const char * rte_cryptodev_get_feature_name(uint64_t flag) { @@ -211,19 +425,65 @@ rte_cryptodev_get_feature_name(uint64_t flag) return "CPU_AESNI"; case RTE_CRYPTODEV_FF_HW_ACCELERATED: return "HW_ACCELERATED"; - + case RTE_CRYPTODEV_FF_MBUF_SCATTER_GATHER: + return "MBUF_SCATTER_GATHER"; + case RTE_CRYPTODEV_FF_CPU_NEON: + return "CPU_NEON"; + case RTE_CRYPTODEV_FF_CPU_ARM_CE: + return "CPU_ARM_CE"; default: return NULL; } } - int rte_cryptodev_create_vdev(const char *name, const char *args) { - return rte_eal_vdev_init(name, args); + return rte_vdev_init(name, args); +} + +struct rte_cryptodev * +rte_cryptodev_pmd_get_dev(uint8_t dev_id) +{ + return &rte_cryptodev_globals->devs[dev_id]; +} + +struct rte_cryptodev * +rte_cryptodev_pmd_get_named_dev(const char *name) +{ + struct rte_cryptodev *dev; + unsigned int i; + + if (name == NULL) + return NULL; + + for (i = 0; i < rte_cryptodev_globals->max_devs; i++) { + dev = &rte_cryptodev_globals->devs[i]; + + if ((dev->attached == RTE_CRYPTODEV_ATTACHED) && + (strcmp(dev->data->name, name) == 0)) + return dev; + } + + return NULL; +} + +unsigned int +rte_cryptodev_pmd_is_valid_dev(uint8_t dev_id) +{ + struct rte_cryptodev *dev = NULL; + + if (dev_id >= rte_cryptodev_globals->nb_devs) + return 0; + + dev = rte_cryptodev_pmd_get_dev(dev_id); + if (dev->attached != RTE_CRYPTODEV_ATTACHED) + return 0; + else + return 1; } + int rte_cryptodev_get_dev_id(const char *name) { @@ -262,6 +522,35 @@ rte_cryptodev_count_devtype(enum rte_cryptodev_type type) return dev_count; } +uint8_t +rte_cryptodev_devices_get(const char *dev_name, uint8_t *devices, + uint8_t nb_devices) +{ + uint8_t i, count = 0; + struct rte_cryptodev *devs = rte_cryptodev_globals->devs; + uint8_t max_devs = rte_cryptodev_globals->max_devs; + + for (i = 0; i < max_devs && count < nb_devices; i++) { + + if (devs[i].attached == RTE_CRYPTODEV_ATTACHED) { + const struct rte_cryptodev_driver *drv = devs[i].driver; + int cmp; + + if (drv) + cmp = strncmp(drv->pci_drv.driver.name, + dev_name, strlen(dev_name)); + else + cmp = strncmp(devs[i].data->name, + dev_name, strlen(dev_name)); + + if (cmp == 0) + devices[count++] = devs[i].data->dev_id; + } + } + + return count; +} + int rte_cryptodev_socket_id(uint8_t dev_id) { @@ -427,7 +716,7 @@ rte_cryptodev_pci_probe(struct rte_pci_driver *pci_drv, if (cryptodrv == NULL) return -ENODEV; - rte_eal_pci_device_name(&pci_dev->addr, cryptodev_name, + rte_pci_device_name(&pci_dev->addr, cryptodev_name, sizeof(cryptodev_name)); cryptodev = rte_cryptodev_pmd_allocate(cryptodev_name, rte_socket_id()); @@ -447,7 +736,7 @@ rte_cryptodev_pci_probe(struct rte_pci_driver *pci_drv, "device data"); } - cryptodev->pci_dev = pci_dev; + cryptodev->device = &pci_dev->device; cryptodev->driver = cryptodrv; /* init user callbacks */ @@ -483,7 +772,7 @@ rte_cryptodev_pci_remove(struct rte_pci_device *pci_dev) if (pci_dev == NULL) return -EINVAL; - rte_eal_pci_device_name(&pci_dev->addr, cryptodev_name, + rte_pci_device_name(&pci_dev->addr, cryptodev_name, sizeof(cryptodev_name)); cryptodev = rte_cryptodev_pmd_get_named_dev(cryptodev_name); @@ -507,7 +796,7 @@ rte_cryptodev_pci_remove(struct rte_pci_device *pci_dev) if (rte_eal_process_type() == RTE_PROC_PRIMARY) rte_free(cryptodev->data->dev_private); - cryptodev->pci_dev = NULL; + cryptodev->device = NULL; cryptodev->driver = NULL; cryptodev->data = NULL; @@ -668,6 +957,8 @@ rte_cryptodev_configure(uint8_t dev_id, struct rte_cryptodev_config *config) return -EBUSY; } + RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->dev_configure, -ENOTSUP); + /* Setup new number of queue pairs and reconfigure device. */ diag = rte_cryptodev_queue_pairs_config(dev, config->nb_queue_pairs, config->socket_id); @@ -678,10 +969,14 @@ rte_cryptodev_configure(uint8_t dev_id, struct rte_cryptodev_config *config) } /* Setup Session mempool for device */ - return rte_cryptodev_sym_session_pool_create(dev, + diag = rte_cryptodev_sym_session_pool_create(dev, config->session_mp.nb_objs, config->session_mp.cache_size, config->socket_id); + if (diag != 0) + return diag; + + return (*dev->dev_ops->dev_configure)(dev, config); } @@ -868,7 +1163,7 @@ rte_cryptodev_info_get(uint8_t dev_id, struct rte_cryptodev_info *dev_info) RTE_FUNC_PTR_OR_RET(*dev->dev_ops->dev_infos_get); (*dev->dev_ops->dev_infos_get)(dev, dev_info); - dev_info->pci_dev = dev->pci_dev; + dev_info->pci_dev = RTE_DEV_TO_PCI(dev->device); if (dev->driver) dev_info->driver_name = dev->driver->pci_drv.driver.name; } @@ -1088,7 +1383,7 @@ rte_cryptodev_sym_session_create(uint8_t dev_id, return NULL; } - sess = (struct rte_cryptodev_sym_session *)_sess; + sess = _sess; RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->session_configure, NULL); if (dev->dev_ops->session_configure(dev, xform, sess->_private) == @@ -1104,6 +1399,53 @@ rte_cryptodev_sym_session_create(uint8_t dev_id, return sess; } +int +rte_cryptodev_queue_pair_attach_sym_session(uint16_t qp_id, + struct rte_cryptodev_sym_session *sess) +{ + struct rte_cryptodev *dev; + + if (!rte_cryptodev_pmd_is_valid_dev(sess->dev_id)) { + CDEV_LOG_ERR("Invalid dev_id=%d", sess->dev_id); + return -EINVAL; + } + + dev = &rte_crypto_devices[sess->dev_id]; + + /* The API is optional, not returning error if driver do not suuport */ + RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->qp_attach_session, 0); + if (dev->dev_ops->qp_attach_session(dev, qp_id, sess->_private)) { + CDEV_LOG_ERR("dev_id %d failed to attach qp: %d with session", + sess->dev_id, qp_id); + return -EPERM; + } + + return 0; +} + +int +rte_cryptodev_queue_pair_detach_sym_session(uint16_t qp_id, + struct rte_cryptodev_sym_session *sess) +{ + struct rte_cryptodev *dev; + + if (!rte_cryptodev_pmd_is_valid_dev(sess->dev_id)) { + CDEV_LOG_ERR("Invalid dev_id=%d", sess->dev_id); + return -EINVAL; + } + + dev = &rte_crypto_devices[sess->dev_id]; + + /* The API is optional, not returning error if driver do not suuport */ + RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->qp_detach_session, 0); + if (dev->dev_ops->qp_detach_session(dev, qp_id, sess->_private)) { + CDEV_LOG_ERR("dev_id %d failed to detach qp: %d from session", + sess->dev_id, qp_id); + return -EPERM; + } + + return 0; +} struct rte_cryptodev_sym_session * rte_cryptodev_sym_session_free(uint8_t dev_id, struct rte_cryptodev_sym_session *sess) @@ -1206,3 +1548,27 @@ rte_crypto_op_pool_create(const char *name, enum rte_crypto_op_type type, return mp; } + +int +rte_cryptodev_pmd_create_dev_name(char *name, const char *dev_name_prefix) +{ + struct rte_cryptodev *dev = NULL; + uint32_t i = 0; + + if (name == NULL) + return -EINVAL; + + for (i = 0; i < RTE_CRYPTO_MAX_DEVS; i++) { + int ret = snprintf(name, RTE_CRYPTODEV_NAME_MAX_LEN, + "%s_%u", dev_name_prefix, i); + + if (ret < 0) + return ret; + + dev = rte_cryptodev_pmd_get_named_dev(name); + if (!dev) + return 0; + } + + return -1; +} diff --git a/lib/librte_cryptodev/rte_cryptodev.h b/lib/librte_cryptodev/rte_cryptodev.h index 8f63e8f6..88aeb873 100644 --- a/lib/librte_cryptodev/rte_cryptodev.h +++ b/lib/librte_cryptodev/rte_cryptodev.h @@ -1,6 +1,6 @@ /*- * - * Copyright(c) 2015-2016 Intel Corporation. All rights reserved. + * Copyright(c) 2015-2017 Intel Corporation. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -66,6 +66,12 @@ extern "C" { /**< KASUMI PMD device name */ #define CRYPTODEV_NAME_ZUC_PMD crypto_zuc /**< KASUMI PMD device name */ +#define CRYPTODEV_NAME_ARMV8_PMD crypto_armv8 +/**< ARMv8 Crypto PMD device name */ +#define CRYPTODEV_NAME_SCHEDULER_PMD crypto_scheduler +/**< Scheduler Crypto PMD device name */ +#define CRYPTODEV_NAME_DPAA2_SEC_PMD cryptodev_dpaa2_sec_pmd +/**< NXP DPAA2 - SEC PMD device name */ /** Crypto device type */ enum rte_cryptodev_type { @@ -77,6 +83,9 @@ enum rte_cryptodev_type { RTE_CRYPTODEV_KASUMI_PMD, /**< KASUMI PMD */ RTE_CRYPTODEV_ZUC_PMD, /**< ZUC PMD */ RTE_CRYPTODEV_OPENSSL_PMD, /**< OpenSSL PMD */ + RTE_CRYPTODEV_ARMV8_PMD, /**< ARMv8 crypto PMD */ + RTE_CRYPTODEV_SCHEDULER_PMD, /**< Crypto Scheduler PMD */ + RTE_CRYPTODEV_DPAA2_SEC_PMD, /**< NXP DPAA2 - SEC PMD */ }; extern const char **rte_cyptodev_names; @@ -110,6 +119,20 @@ extern const char **rte_cyptodev_names; #endif /** + * Crypto parameters range description + */ +struct rte_crypto_param_range { + uint16_t min; /**< minimum size */ + uint16_t max; /**< maximum size */ + uint16_t increment; + /**< if a range of sizes are supported, + * this parameter is used to indicate + * increments in byte size that are supported + * between the minimum and maximum + */ +}; + +/** * Symmetric Crypto Capability */ struct rte_cryptodev_symmetric_capability { @@ -122,35 +145,11 @@ struct rte_cryptodev_symmetric_capability { /**< authentication algorithm */ uint16_t block_size; /**< algorithm block size */ - struct { - uint16_t min; /**< minimum key size */ - uint16_t max; /**< maximum key size */ - uint16_t increment; - /**< if a range of sizes are supported, - * this parameter is used to indicate - * increments in byte size that are supported - * between the minimum and maximum */ - } key_size; + struct rte_crypto_param_range key_size; /**< auth key size range */ - struct { - uint16_t min; /**< minimum digest size */ - uint16_t max; /**< maximum digest size */ - uint16_t increment; - /**< if a range of sizes are supported, - * this parameter is used to indicate - * increments in byte size that are supported - * between the minimum and maximum */ - } digest_size; + struct rte_crypto_param_range digest_size; /**< digest size range */ - struct { - uint16_t min; /**< minimum aad size */ - uint16_t max; /**< maximum aad size */ - uint16_t increment; - /**< if a range of sizes are supported, - * this parameter is used to indicate - * increments in byte size that are supported - * between the minimum and maximum */ - } aad_size; + struct rte_crypto_param_range aad_size; /**< Additional authentication data size range */ } auth; /**< Symmetric Authentication transform capabilities */ @@ -159,25 +158,9 @@ struct rte_cryptodev_symmetric_capability { /**< cipher algorithm */ uint16_t block_size; /**< algorithm block size */ - struct { - uint16_t min; /**< minimum key size */ - uint16_t max; /**< maximum key size */ - uint16_t increment; - /**< if a range of sizes are supported, - * this parameter is used to indicate - * increments in byte size that are supported - * between the minimum and maximum */ - } key_size; + struct rte_crypto_param_range key_size; /**< cipher key size range */ - struct { - uint16_t min; /**< minimum iv size */ - uint16_t max; /**< maximum iv size */ - uint16_t increment; - /**< if a range of sizes are supported, - * this parameter is used to indicate - * increments in byte size that are supported - * between the minimum and maximum */ - } iv_size; + struct rte_crypto_param_range iv_size; /**< Initialisation vector data size range */ } cipher; /**< Symmetric Cipher transform capabilities */ @@ -196,6 +179,94 @@ struct rte_cryptodev_capabilities { }; }; +/** Structure used to describe crypto algorithms */ +struct rte_cryptodev_sym_capability_idx { + enum rte_crypto_sym_xform_type type; + union { + enum rte_crypto_cipher_algorithm cipher; + enum rte_crypto_auth_algorithm auth; + } algo; +}; + +/** + * Provide capabilities available for defined device and algorithm + * + * @param dev_id The identifier of the device. + * @param idx Description of crypto algorithms. + * + * @return + * - Return description of the symmetric crypto capability if exist. + * - Return NULL if the capability not exist. + */ +const struct rte_cryptodev_symmetric_capability * +rte_cryptodev_sym_capability_get(uint8_t dev_id, + const struct rte_cryptodev_sym_capability_idx *idx); + +/** + * Check if key size and initial vector are supported + * in crypto cipher capability + * + * @param capability Description of the symmetric crypto capability. + * @param key_size Cipher key size. + * @param iv_size Cipher initial vector size. + * + * @return + * - Return 0 if the parameters are in range of the capability. + * - Return -1 if the parameters are out of range of the capability. + */ +int +rte_cryptodev_sym_capability_check_cipher( + const struct rte_cryptodev_symmetric_capability *capability, + uint16_t key_size, uint16_t iv_size); + +/** + * Check if key size and initial vector are supported + * in crypto auth capability + * + * @param capability Description of the symmetric crypto capability. + * @param key_size Auth key size. + * @param digest_size Auth digest size. + * @param aad_size Auth aad size. + * + * @return + * - Return 0 if the parameters are in range of the capability. + * - Return -1 if the parameters are out of range of the capability. + */ +int +rte_cryptodev_sym_capability_check_auth( + const struct rte_cryptodev_symmetric_capability *capability, + uint16_t key_size, uint16_t digest_size, uint16_t aad_size); + +/** + * Provide the cipher algorithm enum, given an algorithm string + * + * @param algo_enum A pointer to the cipher algorithm + * enum to be filled + * @param algo_string Authentication algo string + * + * @return + * - Return -1 if string is not valid + * - Return 0 is the string is valid + */ +int +rte_cryptodev_get_cipher_algo_enum(enum rte_crypto_cipher_algorithm *algo_enum, + const char *algo_string); + +/** + * Provide the authentication algorithm enum, given an algorithm string + * + * @param algo_enum A pointer to the authentication algorithm + * enum to be filled + * @param algo_string Authentication algo string + * + * @return + * - Return -1 if string is not valid + * - Return 0 is the string is valid + */ +int +rte_cryptodev_get_auth_algo_enum(enum rte_crypto_auth_algorithm *algo_enum, + const char *algo_string); + /** Macro used at end of crypto PMD list */ #define RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() \ { RTE_CRYPTO_OP_TYPE_UNDEFINED } @@ -225,6 +296,14 @@ struct rte_cryptodev_capabilities { /**< Utilises CPU AES-NI instructions */ #define RTE_CRYPTODEV_FF_HW_ACCELERATED (1ULL << 7) /**< Operations are off-loaded to an external hardware accelerator */ +#define RTE_CRYPTODEV_FF_CPU_AVX512 (1ULL << 8) +/**< Utilises CPU SIMD AVX512 instructions */ +#define RTE_CRYPTODEV_FF_MBUF_SCATTER_GATHER (1ULL << 9) +/**< Scatter-gather mbufs are supported */ +#define RTE_CRYPTODEV_FF_CPU_NEON (1ULL << 10) +/**< Utilises CPU NEON instructions */ +#define RTE_CRYPTODEV_FF_CPU_ARM_CE (1ULL << 11) +/**< Utilises ARM CPU Cryptographic Extensions */ /** @@ -256,6 +335,10 @@ struct rte_cryptodev_info { struct { unsigned max_nb_sessions; /**< Maximum number of sessions supported by device. */ + unsigned int max_nb_sessions_per_qp; + /**< Maximum number of sessions per queue pair. + * Default 0 for infinite sessions + */ } sym; }; @@ -300,6 +383,8 @@ struct rte_cryptodev_stats { /**< Total error count on operations dequeued */ }; +#define RTE_CRYPTODEV_NAME_MAX_LEN (64) +/**< Max length of name of crypto PMD */ #define RTE_CRYPTODEV_VDEV_DEFAULT_MAX_NB_QUEUE_PAIRS 8 #define RTE_CRYPTODEV_VDEV_DEFAULT_MAX_NB_SESSIONS 2048 @@ -311,6 +396,7 @@ struct rte_crypto_vdev_init_params { unsigned max_nb_queue_pairs; unsigned max_nb_sessions; uint8_t socket_id; + char name[RTE_CRYPTODEV_NAME_MAX_LEN]; }; /** @@ -365,8 +451,30 @@ rte_cryptodev_get_dev_id(const char *name); extern uint8_t rte_cryptodev_count(void); +/** + * Get number of crypto device defined type. + * + * @param type type of device. + * + * @return + * Returns number of crypto device. + */ extern uint8_t rte_cryptodev_count_devtype(enum rte_cryptodev_type type); + +/** + * Get number and identifiers of attached crypto device. + * + * @param dev_name device name. + * @param devices output devices identifiers. + * @param nb_devices maximal number of devices. + * + * @return + * Returns number of attached crypto device. + */ +uint8_t +rte_cryptodev_devices_get(const char *dev_name, uint8_t *devices, + uint8_t nb_devices); /* * Return the NUMA socket to which a device is connected * @@ -621,8 +729,8 @@ struct rte_cryptodev { /**< Functions exported by PMD */ uint64_t feature_flags; /**< Supported features */ - struct rte_pci_device *pci_dev; - /**< PCI info. supplied by probing */ + struct rte_device *device; + /**< Backing device */ enum rte_cryptodev_type dev_type; /**< Crypto device type */ @@ -635,10 +743,6 @@ struct rte_cryptodev { /**< Flag indicating the device is attached */ } __rte_cache_aligned; - -#define RTE_CRYPTODEV_NAME_MAX_LEN (64) -/**< Max length of name of crypto PMD */ - /** * * The data part, with no function pointers, associated with each device. @@ -818,6 +922,36 @@ extern struct rte_cryptodev_sym_session * rte_cryptodev_sym_session_free(uint8_t dev_id, struct rte_cryptodev_sym_session *session); +/** + * Attach queue pair with sym session. + * + * @param qp_id Queue pair to which session will be attached. + * @param session Session pointer previously allocated by + * *rte_cryptodev_sym_session_create*. + * + * @return + * - On success, zero. + * - On failure, a negative value. + */ +int +rte_cryptodev_queue_pair_attach_sym_session(uint16_t qp_id, + struct rte_cryptodev_sym_session *session); + +/** + * Detach queue pair with sym session. + * + * @param qp_id Queue pair to which session is attached. + * @param session Session pointer previously allocated by + * *rte_cryptodev_sym_session_create*. + * + * @return + * - On success, zero. + * - On failure, a negative value. + */ +int +rte_cryptodev_queue_pair_detach_sym_session(uint16_t qp_id, + struct rte_cryptodev_sym_session *session); + #ifdef __cplusplus } diff --git a/lib/librte_cryptodev/rte_cryptodev_pmd.h b/lib/librte_cryptodev/rte_cryptodev_pmd.h index c6a57945..17ef37c7 100644 --- a/lib/librte_cryptodev/rte_cryptodev_pmd.h +++ b/lib/librte_cryptodev/rte_cryptodev_pmd.h @@ -57,14 +57,6 @@ extern "C" { #include "rte_crypto.h" #include "rte_cryptodev.h" - -#ifdef RTE_LIBRTE_CRYPTODEV_DEBUG -#define RTE_PMD_DEBUG_TRACE(...) \ - rte_pmd_debug_trace(__func__, __VA_ARGS__) -#else -#define RTE_PMD_DEBUG_TRACE(...) -#endif - struct rte_cryptodev_session { RTE_STD_C11 struct { @@ -160,11 +152,8 @@ extern struct rte_cryptodev_global *rte_cryptodev_globals; * @return * - The rte_cryptodev structure pointer for the given device ID. */ -static inline struct rte_cryptodev * -rte_cryptodev_pmd_get_dev(uint8_t dev_id) -{ - return &rte_cryptodev_globals->devs[dev_id]; -} +struct rte_cryptodev * +rte_cryptodev_pmd_get_dev(uint8_t dev_id); /** * Get the rte_cryptodev structure device pointer for the named device. @@ -174,25 +163,8 @@ rte_cryptodev_pmd_get_dev(uint8_t dev_id) * @return * - The rte_cryptodev structure pointer for the given device ID. */ -static inline struct rte_cryptodev * -rte_cryptodev_pmd_get_named_dev(const char *name) -{ - struct rte_cryptodev *dev; - unsigned i; - - if (name == NULL) - return NULL; - - for (i = 0; i < rte_cryptodev_globals->max_devs; i++) { - dev = &rte_cryptodev_globals->devs[i]; - - if ((dev->attached == RTE_CRYPTODEV_ATTACHED) && - (strcmp(dev->data->name, name) == 0)) - return dev; - } - - return NULL; -} +struct rte_cryptodev * +rte_cryptodev_pmd_get_named_dev(const char *name); /** * Validate if the crypto device index is valid attached crypto device. @@ -202,20 +174,8 @@ rte_cryptodev_pmd_get_named_dev(const char *name) * @return * - If the device index is valid (1) or not (0). */ -static inline unsigned -rte_cryptodev_pmd_is_valid_dev(uint8_t dev_id) -{ - struct rte_cryptodev *dev = NULL; - - if (dev_id >= rte_cryptodev_globals->nb_devs) - return 0; - - dev = rte_cryptodev_pmd_get_dev(dev_id); - if (dev->attached != RTE_CRYPTODEV_ATTACHED) - return 0; - else - return 1; -} +unsigned int +rte_cryptodev_pmd_is_valid_dev(uint8_t dev_id); /** * The pool of rte_cryptodev structures. @@ -233,10 +193,12 @@ extern struct rte_cryptodev *rte_cryptodevs; * Function used to configure device. * * @param dev Crypto device pointer + * config Crypto device configurations * * @return Returns 0 on success */ -typedef int (*cryptodev_configure_t)(struct rte_cryptodev *dev); +typedef int (*cryptodev_configure_t)(struct rte_cryptodev *dev, + struct rte_cryptodev_config *config); /** * Function used to start a configured device. @@ -413,6 +375,31 @@ typedef void * (*cryptodev_sym_configure_session_t)(struct rte_cryptodev *dev, typedef void (*cryptodev_sym_free_session_t)(struct rte_cryptodev *dev, void *session_private); +/** + * Optional API for drivers to attach sessions with queue pair. + * @param dev Crypto device pointer + * @param qp_id queue pair id for attaching session + * @param priv_sess Pointer to cryptodev's private session structure + * @return + * - Return 0 on success + */ +typedef int (*cryptodev_sym_queue_pair_attach_session_t)( + struct rte_cryptodev *dev, + uint16_t qp_id, + void *session_private); + +/** + * Optional API for drivers to detach sessions from queue pair. + * @param dev Crypto device pointer + * @param qp_id queue pair id for detaching session + * @param priv_sess Pointer to cryptodev's private session structure + * @return + * - Return 0 on success + */ +typedef int (*cryptodev_sym_queue_pair_detach_session_t)( + struct rte_cryptodev *dev, + uint16_t qp_id, + void *session_private); /** Crypto device operations function pointer table */ struct rte_cryptodev_ops { @@ -447,6 +434,10 @@ struct rte_cryptodev_ops { /**< Configure a Crypto session. */ cryptodev_sym_free_session_t session_clear; /**< Clear a Crypto sessions private data. */ + cryptodev_sym_queue_pair_attach_session_t qp_attach_session; + /**< Attach session to queue pair. */ + cryptodev_sym_queue_pair_attach_session_t qp_detach_session; + /**< Detach session from queue pair. */ }; @@ -520,6 +511,13 @@ int rte_cryptodev_pci_probe(struct rte_pci_driver *pci_drv, */ int rte_cryptodev_pci_remove(struct rte_pci_device *pci_dev); +/** + * @internal + * Create unique device name + */ +int +rte_cryptodev_pmd_create_dev_name(char *name, const char *dev_name_prefix); + #ifdef __cplusplus } #endif diff --git a/lib/librte_cryptodev/rte_cryptodev_version.map b/lib/librte_cryptodev/rte_cryptodev_version.map index 9dde0e72..9ac510ec 100644 --- a/lib/librte_cryptodev/rte_cryptodev_version.map +++ b/lib/librte_cryptodev/rte_cryptodev_version.map @@ -46,3 +46,31 @@ DPDK_16.11 { rte_cryptodev_pci_remove; } DPDK_16.07; + +DPDK_17.02 { + global: + + rte_cryptodev_devices_get; + rte_cryptodev_pmd_create_dev_name; + rte_cryptodev_pmd_get_dev; + rte_cryptodev_pmd_get_named_dev; + rte_cryptodev_pmd_is_valid_dev; + rte_cryptodev_sym_capability_check_auth; + rte_cryptodev_sym_capability_check_cipher; + rte_cryptodev_sym_capability_get; + rte_crypto_auth_algorithm_strings; + rte_crypto_auth_operation_strings; + rte_crypto_cipher_algorithm_strings; + rte_crypto_cipher_operation_strings; + +} DPDK_16.11; + +DPDK_17.05 { + global: + + rte_cryptodev_get_auth_algo_enum; + rte_cryptodev_get_cipher_algo_enum; + rte_cryptodev_queue_pair_attach_sym_session; + rte_cryptodev_queue_pair_detach_sym_session; + +} DPDK_17.02; |