aboutsummaryrefslogtreecommitdiffstats
path: root/lib/librte_cryptodev
diff options
context:
space:
mode:
Diffstat (limited to 'lib/librte_cryptodev')
-rw-r--r--lib/librte_cryptodev/Makefile7
-rw-r--r--lib/librte_cryptodev/rte_crypto_sym.h66
-rw-r--r--lib/librte_cryptodev/rte_cryptodev.c390
-rw-r--r--lib/librte_cryptodev/rte_cryptodev.h238
-rw-r--r--lib/librte_cryptodev/rte_cryptodev_pmd.h92
-rw-r--r--lib/librte_cryptodev/rte_cryptodev_version.map28
6 files changed, 685 insertions, 136 deletions
diff --git a/lib/librte_cryptodev/Makefile b/lib/librte_cryptodev/Makefile
index aebf5d9f..18f5e8c5 100644
--- a/lib/librte_cryptodev/Makefile
+++ b/lib/librte_cryptodev/Makefile
@@ -52,11 +52,4 @@ SYMLINK-y-include += rte_cryptodev_pmd.h
# versioning export map
EXPORT_MAP := rte_cryptodev_version.map
-# library dependencies
-DEPDIRS-y += lib/librte_eal
-DEPDIRS-y += lib/librte_mempool
-DEPDIRS-y += lib/librte_ring
-DEPDIRS-y += lib/librte_mbuf
-DEPDIRS-y += lib/librte_kvargs
-
include $(RTE_SDK)/mk/rte.lib.mk
diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h
index d3d38e4f..3a408448 100644
--- a/lib/librte_cryptodev/rte_crypto_sym.h
+++ b/lib/librte_cryptodev/rte_crypto_sym.h
@@ -105,9 +105,31 @@ enum rte_crypto_cipher_algorithm {
RTE_CRYPTO_CIPHER_ZUC_EEA3,
/**< ZUC algorithm in EEA3 mode */
+ RTE_CRYPTO_CIPHER_DES_CBC,
+ /**< DES algorithm in CBC mode */
+
+ RTE_CRYPTO_CIPHER_AES_DOCSISBPI,
+ /**< AES algorithm using modes required by
+ * DOCSIS Baseline Privacy Plus Spec.
+ * Chained mbufs are not supported in this mode, i.e. rte_mbuf.next
+ * for m_src and m_dst in the rte_crypto_sym_op must be NULL.
+ */
+
+ RTE_CRYPTO_CIPHER_DES_DOCSISBPI,
+ /**< DES algorithm using modes required by
+ * DOCSIS Baseline Privacy Plus Spec.
+ * Chained mbufs are not supported in this mode, i.e. rte_mbuf.next
+ * for m_src and m_dst in the rte_crypto_sym_op must be NULL.
+ */
+
RTE_CRYPTO_CIPHER_LIST_END
+
};
+/** Cipher algorithm name strings */
+extern const char *
+rte_crypto_cipher_algorithm_strings[];
+
/** Symmetric Cipher Direction */
enum rte_crypto_cipher_operation {
RTE_CRYPTO_CIPHER_OP_ENCRYPT,
@@ -116,6 +138,10 @@ enum rte_crypto_cipher_operation {
/**< Decrypt cipher operation */
};
+/** Cipher operation name strings */
+extern const char *
+rte_crypto_cipher_operation_strings[];
+
/**
* Symmetric Cipher Setup Data.
*
@@ -241,12 +267,20 @@ enum rte_crypto_auth_algorithm {
RTE_CRYPTO_AUTH_LIST_END
};
+/** Authentication algorithm name strings */
+extern const char *
+rte_crypto_auth_algorithm_strings[];
+
/** Symmetric Authentication / Hash Operations */
enum rte_crypto_auth_operation {
RTE_CRYPTO_AUTH_OP_VERIFY, /**< Verify authentication digest */
RTE_CRYPTO_AUTH_OP_GENERATE /**< Generate authentication digest */
};
+/** Authentication operation name strings */
+extern const char *
+rte_crypto_auth_operation_strings[];
+
/**
* Authentication / Hash transform data.
*
@@ -276,17 +310,16 @@ struct rte_crypto_auth_xform {
* this specifies the length of the digest to be compared for the
* session.
*
+ * It is the caller's responsibility to ensure that the
+ * digest length is compliant with the hash algorithm being used.
* If the value is less than the maximum length allowed by the hash,
- * the result shall be truncated. If the value is greater than the
- * maximum length allowed by the hash then an error will be generated
- * by *rte_cryptodev_sym_session_create* or by the
- * *rte_cryptodev_sym_enqueue_burst* if using session-less APIs.
+ * the result shall be truncated.
*/
uint32_t add_auth_data_length;
/**< The length of the additional authenticated data (AAD) in bytes.
- * The maximum permitted value is 240 bytes, unless otherwise specified
- * below.
+ * The maximum permitted value is 65535 (2^16 - 1) bytes, unless
+ * otherwise specified below.
*
* This field must be specified when the hash algorithm is one of the
* following:
@@ -541,8 +574,7 @@ struct rte_crypto_sym_op {
struct {
uint8_t *data;
- /**< If this member of this structure is set this is a
- * pointer to the location where the digest result
+ /**< This points to the location where the digest result
* should be inserted (in the case of digest generation)
* or where the purported digest exists (in the case of
* digest verification).
@@ -560,18 +592,13 @@ struct rte_crypto_sym_op {
* @note
* For GCM (@ref RTE_CRYPTO_AUTH_AES_GCM), for
* "digest result" read "authentication tag T".
- *
- * If this member is not set the digest result is
- * understood to be in the destination buffer for
- * digest generation, and in the source buffer for
- * digest verification. The location of the digest
- * result in this case is immediately following the
- * region over which the digest is computed.
*/
phys_addr_t phys_addr;
/**< Physical address of digest */
uint16_t length;
- /**< Length of digest */
+ /**< Length of digest. This must be the same value as
+ * @ref rte_crypto_auth_xform.digest_length.
+ */
} digest; /**< Digest parameters */
struct {
@@ -586,7 +613,7 @@ struct rte_crypto_sym_op {
* set up for the session in the @ref
* rte_crypto_auth_xform structure as part of the @ref
* rte_cryptodev_sym_session_create function call.
- * This length must not exceed 240 bytes.
+ * This length must not exceed 65535 (2^16-1) bytes.
*
* Specifically for CCM (@ref RTE_CRYPTO_AUTH_AES_CCM),
* the caller should setup this field as follows:
@@ -619,7 +646,10 @@ struct rte_crypto_sym_op {
* operation, this field is used to pass plaintext.
*/
phys_addr_t phys_addr; /**< physical address */
- uint16_t length; /**< Length of digest */
+ uint16_t length;
+ /**< Length of additional authenticated data (AAD)
+ * in bytes
+ */
} aad;
/**< Additional authentication parameters */
} auth;
diff --git a/lib/librte_cryptodev/rte_cryptodev.c b/lib/librte_cryptodev/rte_cryptodev.c
index 54e95d5c..b65cd9ce 100644
--- a/lib/librte_cryptodev/rte_cryptodev.c
+++ b/lib/librte_cryptodev/rte_cryptodev.c
@@ -1,7 +1,7 @@
/*-
* BSD LICENSE
*
- * Copyright(c) 2015-2016 Intel Corporation. All rights reserved.
+ * Copyright(c) 2015-2017 Intel Corporation. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -101,16 +101,138 @@ struct rte_cryptodev_callback {
uint32_t active; /**< Callback is executing */
};
+#define RTE_CRYPTODEV_VDEV_NAME ("name")
#define RTE_CRYPTODEV_VDEV_MAX_NB_QP_ARG ("max_nb_queue_pairs")
#define RTE_CRYPTODEV_VDEV_MAX_NB_SESS_ARG ("max_nb_sessions")
#define RTE_CRYPTODEV_VDEV_SOCKET_ID ("socket_id")
static const char *cryptodev_vdev_valid_params[] = {
+ RTE_CRYPTODEV_VDEV_NAME,
RTE_CRYPTODEV_VDEV_MAX_NB_QP_ARG,
RTE_CRYPTODEV_VDEV_MAX_NB_SESS_ARG,
RTE_CRYPTODEV_VDEV_SOCKET_ID
};
+/**
+ * The crypto cipher algorithm strings identifiers.
+ * It could be used in application command line.
+ */
+const char *
+rte_crypto_cipher_algorithm_strings[] = {
+ [RTE_CRYPTO_CIPHER_3DES_CBC] = "3des-cbc",
+ [RTE_CRYPTO_CIPHER_3DES_ECB] = "3des-ecb",
+ [RTE_CRYPTO_CIPHER_3DES_CTR] = "3des-ctr",
+
+ [RTE_CRYPTO_CIPHER_AES_CBC] = "aes-cbc",
+ [RTE_CRYPTO_CIPHER_AES_CCM] = "aes-ccm",
+ [RTE_CRYPTO_CIPHER_AES_CTR] = "aes-ctr",
+ [RTE_CRYPTO_CIPHER_AES_DOCSISBPI] = "aes-docsisbpi",
+ [RTE_CRYPTO_CIPHER_AES_ECB] = "aes-ecb",
+ [RTE_CRYPTO_CIPHER_AES_GCM] = "aes-gcm",
+ [RTE_CRYPTO_CIPHER_AES_F8] = "aes-f8",
+ [RTE_CRYPTO_CIPHER_AES_XTS] = "aes-xts",
+
+ [RTE_CRYPTO_CIPHER_ARC4] = "arc4",
+
+ [RTE_CRYPTO_CIPHER_DES_CBC] = "des-cbc",
+ [RTE_CRYPTO_CIPHER_DES_DOCSISBPI] = "des-docsisbpi",
+
+ [RTE_CRYPTO_CIPHER_NULL] = "null",
+
+ [RTE_CRYPTO_CIPHER_KASUMI_F8] = "kasumi-f8",
+ [RTE_CRYPTO_CIPHER_SNOW3G_UEA2] = "snow3g-uea2",
+ [RTE_CRYPTO_CIPHER_ZUC_EEA3] = "zuc-eea3"
+};
+
+/**
+ * The crypto cipher operation strings identifiers.
+ * It could be used in application command line.
+ */
+const char *
+rte_crypto_cipher_operation_strings[] = {
+ [RTE_CRYPTO_CIPHER_OP_ENCRYPT] = "encrypt",
+ [RTE_CRYPTO_CIPHER_OP_DECRYPT] = "decrypt"
+};
+
+/**
+ * The crypto auth algorithm strings identifiers.
+ * It could be used in application command line.
+ */
+const char *
+rte_crypto_auth_algorithm_strings[] = {
+ [RTE_CRYPTO_AUTH_AES_CBC_MAC] = "aes-cbc-mac",
+ [RTE_CRYPTO_AUTH_AES_CCM] = "aes-ccm",
+ [RTE_CRYPTO_AUTH_AES_CMAC] = "aes-cmac",
+ [RTE_CRYPTO_AUTH_AES_GCM] = "aes-gcm",
+ [RTE_CRYPTO_AUTH_AES_GMAC] = "aes-gmac",
+ [RTE_CRYPTO_AUTH_AES_XCBC_MAC] = "aes-xcbc-mac",
+
+ [RTE_CRYPTO_AUTH_MD5] = "md5",
+ [RTE_CRYPTO_AUTH_MD5_HMAC] = "md5-hmac",
+
+ [RTE_CRYPTO_AUTH_NULL] = "null",
+
+ [RTE_CRYPTO_AUTH_SHA1] = "sha1",
+ [RTE_CRYPTO_AUTH_SHA1_HMAC] = "sha1-hmac",
+
+ [RTE_CRYPTO_AUTH_SHA224] = "sha2-224",
+ [RTE_CRYPTO_AUTH_SHA224_HMAC] = "sha2-224-hmac",
+ [RTE_CRYPTO_AUTH_SHA256] = "sha2-256",
+ [RTE_CRYPTO_AUTH_SHA256_HMAC] = "sha2-256-hmac",
+ [RTE_CRYPTO_AUTH_SHA384] = "sha2-384",
+ [RTE_CRYPTO_AUTH_SHA384_HMAC] = "sha2-384-hmac",
+ [RTE_CRYPTO_AUTH_SHA512] = "sha2-512",
+ [RTE_CRYPTO_AUTH_SHA512_HMAC] = "sha2-512-hmac",
+
+ [RTE_CRYPTO_AUTH_KASUMI_F9] = "kasumi-f9",
+ [RTE_CRYPTO_AUTH_SNOW3G_UIA2] = "snow3g-uia2",
+ [RTE_CRYPTO_AUTH_ZUC_EIA3] = "zuc-eia3"
+};
+
+int
+rte_cryptodev_get_cipher_algo_enum(enum rte_crypto_cipher_algorithm *algo_enum,
+ const char *algo_string)
+{
+ unsigned int i;
+
+ for (i = 1; i < RTE_DIM(rte_crypto_cipher_algorithm_strings); i++) {
+ if (strcmp(algo_string, rte_crypto_cipher_algorithm_strings[i]) == 0) {
+ *algo_enum = (enum rte_crypto_cipher_algorithm) i;
+ return 0;
+ }
+ }
+
+ /* Invalid string */
+ return -1;
+}
+
+int
+rte_cryptodev_get_auth_algo_enum(enum rte_crypto_auth_algorithm *algo_enum,
+ const char *algo_string)
+{
+ unsigned int i;
+
+ for (i = 1; i < RTE_DIM(rte_crypto_auth_algorithm_strings); i++) {
+ if (strcmp(algo_string, rte_crypto_auth_algorithm_strings[i]) == 0) {
+ *algo_enum = (enum rte_crypto_auth_algorithm) i;
+ return 0;
+ }
+ }
+
+ /* Invalid string */
+ return -1;
+}
+
+/**
+ * The crypto auth operation strings identifiers.
+ * It could be used in application command line.
+ */
+const char *
+rte_crypto_auth_operation_strings[] = {
+ [RTE_CRYPTO_AUTH_OP_VERIFY] = "verify",
+ [RTE_CRYPTO_AUTH_OP_GENERATE] = "generate"
+};
+
static uint8_t
number_of_sockets(void)
{
@@ -132,7 +254,7 @@ static int
parse_integer_arg(const char *key __rte_unused,
const char *value, void *extra_args)
{
- int *i = (int *) extra_args;
+ int *i = extra_args;
*i = atoi(value);
if (*i < 0) {
@@ -143,6 +265,25 @@ parse_integer_arg(const char *key __rte_unused,
return 0;
}
+/** Parse name */
+static int
+parse_name_arg(const char *key __rte_unused,
+ const char *value, void *extra_args)
+{
+ struct rte_crypto_vdev_init_params *params = extra_args;
+
+ if (strlen(value) >= RTE_CRYPTODEV_NAME_MAX_LEN - 1) {
+ CDEV_LOG_ERR("Invalid name %s, should be less than "
+ "%u bytes", value,
+ RTE_CRYPTODEV_NAME_MAX_LEN - 1);
+ return -1;
+ }
+
+ strncpy(params->name, value, RTE_CRYPTODEV_NAME_MAX_LEN);
+
+ return 0;
+}
+
int
rte_cryptodev_parse_vdev_init_params(struct rte_crypto_vdev_init_params *params,
const char *input_args)
@@ -179,6 +320,12 @@ rte_cryptodev_parse_vdev_init_params(struct rte_crypto_vdev_init_params *params,
if (ret < 0)
goto free_kvlist;
+ ret = rte_kvargs_process(kvlist, RTE_CRYPTODEV_VDEV_NAME,
+ &parse_name_arg,
+ params);
+ if (ret < 0)
+ goto free_kvlist;
+
if (params->socket_id >= number_of_sockets()) {
CDEV_LOG_ERR("Invalid socket id specified to create "
"the virtual crypto device on");
@@ -191,6 +338,73 @@ free_kvlist:
return ret;
}
+const struct rte_cryptodev_symmetric_capability *
+rte_cryptodev_sym_capability_get(uint8_t dev_id,
+ const struct rte_cryptodev_sym_capability_idx *idx)
+{
+ const struct rte_cryptodev_capabilities *capability;
+ struct rte_cryptodev_info dev_info;
+ int i = 0;
+
+ rte_cryptodev_info_get(dev_id, &dev_info);
+
+ while ((capability = &dev_info.capabilities[i++])->op !=
+ RTE_CRYPTO_OP_TYPE_UNDEFINED) {
+ if (capability->op != RTE_CRYPTO_OP_TYPE_SYMMETRIC)
+ continue;
+
+ if (capability->sym.xform_type != idx->type)
+ continue;
+
+ if (idx->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+ capability->sym.auth.algo == idx->algo.auth)
+ return &capability->sym;
+
+ if (idx->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
+ capability->sym.cipher.algo == idx->algo.cipher)
+ return &capability->sym;
+ }
+
+ return NULL;
+
+}
+
+#define param_range_check(x, y) \
+ (((x < y.min) || (x > y.max)) || \
+ (y.increment != 0 && (x % y.increment) != 0))
+
+int
+rte_cryptodev_sym_capability_check_cipher(
+ const struct rte_cryptodev_symmetric_capability *capability,
+ uint16_t key_size, uint16_t iv_size)
+{
+ if (param_range_check(key_size, capability->cipher.key_size))
+ return -1;
+
+ if (param_range_check(iv_size, capability->cipher.iv_size))
+ return -1;
+
+ return 0;
+}
+
+int
+rte_cryptodev_sym_capability_check_auth(
+ const struct rte_cryptodev_symmetric_capability *capability,
+ uint16_t key_size, uint16_t digest_size, uint16_t aad_size)
+{
+ if (param_range_check(key_size, capability->auth.key_size))
+ return -1;
+
+ if (param_range_check(digest_size, capability->auth.digest_size))
+ return -1;
+
+ if (param_range_check(aad_size, capability->auth.aad_size))
+ return -1;
+
+ return 0;
+}
+
+
const char *
rte_cryptodev_get_feature_name(uint64_t flag)
{
@@ -211,19 +425,65 @@ rte_cryptodev_get_feature_name(uint64_t flag)
return "CPU_AESNI";
case RTE_CRYPTODEV_FF_HW_ACCELERATED:
return "HW_ACCELERATED";
-
+ case RTE_CRYPTODEV_FF_MBUF_SCATTER_GATHER:
+ return "MBUF_SCATTER_GATHER";
+ case RTE_CRYPTODEV_FF_CPU_NEON:
+ return "CPU_NEON";
+ case RTE_CRYPTODEV_FF_CPU_ARM_CE:
+ return "CPU_ARM_CE";
default:
return NULL;
}
}
-
int
rte_cryptodev_create_vdev(const char *name, const char *args)
{
- return rte_eal_vdev_init(name, args);
+ return rte_vdev_init(name, args);
+}
+
+struct rte_cryptodev *
+rte_cryptodev_pmd_get_dev(uint8_t dev_id)
+{
+ return &rte_cryptodev_globals->devs[dev_id];
+}
+
+struct rte_cryptodev *
+rte_cryptodev_pmd_get_named_dev(const char *name)
+{
+ struct rte_cryptodev *dev;
+ unsigned int i;
+
+ if (name == NULL)
+ return NULL;
+
+ for (i = 0; i < rte_cryptodev_globals->max_devs; i++) {
+ dev = &rte_cryptodev_globals->devs[i];
+
+ if ((dev->attached == RTE_CRYPTODEV_ATTACHED) &&
+ (strcmp(dev->data->name, name) == 0))
+ return dev;
+ }
+
+ return NULL;
+}
+
+unsigned int
+rte_cryptodev_pmd_is_valid_dev(uint8_t dev_id)
+{
+ struct rte_cryptodev *dev = NULL;
+
+ if (dev_id >= rte_cryptodev_globals->nb_devs)
+ return 0;
+
+ dev = rte_cryptodev_pmd_get_dev(dev_id);
+ if (dev->attached != RTE_CRYPTODEV_ATTACHED)
+ return 0;
+ else
+ return 1;
}
+
int
rte_cryptodev_get_dev_id(const char *name)
{
@@ -262,6 +522,35 @@ rte_cryptodev_count_devtype(enum rte_cryptodev_type type)
return dev_count;
}
+uint8_t
+rte_cryptodev_devices_get(const char *dev_name, uint8_t *devices,
+ uint8_t nb_devices)
+{
+ uint8_t i, count = 0;
+ struct rte_cryptodev *devs = rte_cryptodev_globals->devs;
+ uint8_t max_devs = rte_cryptodev_globals->max_devs;
+
+ for (i = 0; i < max_devs && count < nb_devices; i++) {
+
+ if (devs[i].attached == RTE_CRYPTODEV_ATTACHED) {
+ const struct rte_cryptodev_driver *drv = devs[i].driver;
+ int cmp;
+
+ if (drv)
+ cmp = strncmp(drv->pci_drv.driver.name,
+ dev_name, strlen(dev_name));
+ else
+ cmp = strncmp(devs[i].data->name,
+ dev_name, strlen(dev_name));
+
+ if (cmp == 0)
+ devices[count++] = devs[i].data->dev_id;
+ }
+ }
+
+ return count;
+}
+
int
rte_cryptodev_socket_id(uint8_t dev_id)
{
@@ -427,7 +716,7 @@ rte_cryptodev_pci_probe(struct rte_pci_driver *pci_drv,
if (cryptodrv == NULL)
return -ENODEV;
- rte_eal_pci_device_name(&pci_dev->addr, cryptodev_name,
+ rte_pci_device_name(&pci_dev->addr, cryptodev_name,
sizeof(cryptodev_name));
cryptodev = rte_cryptodev_pmd_allocate(cryptodev_name, rte_socket_id());
@@ -447,7 +736,7 @@ rte_cryptodev_pci_probe(struct rte_pci_driver *pci_drv,
"device data");
}
- cryptodev->pci_dev = pci_dev;
+ cryptodev->device = &pci_dev->device;
cryptodev->driver = cryptodrv;
/* init user callbacks */
@@ -483,7 +772,7 @@ rte_cryptodev_pci_remove(struct rte_pci_device *pci_dev)
if (pci_dev == NULL)
return -EINVAL;
- rte_eal_pci_device_name(&pci_dev->addr, cryptodev_name,
+ rte_pci_device_name(&pci_dev->addr, cryptodev_name,
sizeof(cryptodev_name));
cryptodev = rte_cryptodev_pmd_get_named_dev(cryptodev_name);
@@ -507,7 +796,7 @@ rte_cryptodev_pci_remove(struct rte_pci_device *pci_dev)
if (rte_eal_process_type() == RTE_PROC_PRIMARY)
rte_free(cryptodev->data->dev_private);
- cryptodev->pci_dev = NULL;
+ cryptodev->device = NULL;
cryptodev->driver = NULL;
cryptodev->data = NULL;
@@ -668,6 +957,8 @@ rte_cryptodev_configure(uint8_t dev_id, struct rte_cryptodev_config *config)
return -EBUSY;
}
+ RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->dev_configure, -ENOTSUP);
+
/* Setup new number of queue pairs and reconfigure device. */
diag = rte_cryptodev_queue_pairs_config(dev, config->nb_queue_pairs,
config->socket_id);
@@ -678,10 +969,14 @@ rte_cryptodev_configure(uint8_t dev_id, struct rte_cryptodev_config *config)
}
/* Setup Session mempool for device */
- return rte_cryptodev_sym_session_pool_create(dev,
+ diag = rte_cryptodev_sym_session_pool_create(dev,
config->session_mp.nb_objs,
config->session_mp.cache_size,
config->socket_id);
+ if (diag != 0)
+ return diag;
+
+ return (*dev->dev_ops->dev_configure)(dev, config);
}
@@ -868,7 +1163,7 @@ rte_cryptodev_info_get(uint8_t dev_id, struct rte_cryptodev_info *dev_info)
RTE_FUNC_PTR_OR_RET(*dev->dev_ops->dev_infos_get);
(*dev->dev_ops->dev_infos_get)(dev, dev_info);
- dev_info->pci_dev = dev->pci_dev;
+ dev_info->pci_dev = RTE_DEV_TO_PCI(dev->device);
if (dev->driver)
dev_info->driver_name = dev->driver->pci_drv.driver.name;
}
@@ -1088,7 +1383,7 @@ rte_cryptodev_sym_session_create(uint8_t dev_id,
return NULL;
}
- sess = (struct rte_cryptodev_sym_session *)_sess;
+ sess = _sess;
RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->session_configure, NULL);
if (dev->dev_ops->session_configure(dev, xform, sess->_private) ==
@@ -1104,6 +1399,53 @@ rte_cryptodev_sym_session_create(uint8_t dev_id,
return sess;
}
+int
+rte_cryptodev_queue_pair_attach_sym_session(uint16_t qp_id,
+ struct rte_cryptodev_sym_session *sess)
+{
+ struct rte_cryptodev *dev;
+
+ if (!rte_cryptodev_pmd_is_valid_dev(sess->dev_id)) {
+ CDEV_LOG_ERR("Invalid dev_id=%d", sess->dev_id);
+ return -EINVAL;
+ }
+
+ dev = &rte_crypto_devices[sess->dev_id];
+
+ /* The API is optional, not returning error if driver do not suuport */
+ RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->qp_attach_session, 0);
+ if (dev->dev_ops->qp_attach_session(dev, qp_id, sess->_private)) {
+ CDEV_LOG_ERR("dev_id %d failed to attach qp: %d with session",
+ sess->dev_id, qp_id);
+ return -EPERM;
+ }
+
+ return 0;
+}
+
+int
+rte_cryptodev_queue_pair_detach_sym_session(uint16_t qp_id,
+ struct rte_cryptodev_sym_session *sess)
+{
+ struct rte_cryptodev *dev;
+
+ if (!rte_cryptodev_pmd_is_valid_dev(sess->dev_id)) {
+ CDEV_LOG_ERR("Invalid dev_id=%d", sess->dev_id);
+ return -EINVAL;
+ }
+
+ dev = &rte_crypto_devices[sess->dev_id];
+
+ /* The API is optional, not returning error if driver do not suuport */
+ RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->qp_detach_session, 0);
+ if (dev->dev_ops->qp_detach_session(dev, qp_id, sess->_private)) {
+ CDEV_LOG_ERR("dev_id %d failed to detach qp: %d from session",
+ sess->dev_id, qp_id);
+ return -EPERM;
+ }
+
+ return 0;
+}
struct rte_cryptodev_sym_session *
rte_cryptodev_sym_session_free(uint8_t dev_id,
struct rte_cryptodev_sym_session *sess)
@@ -1206,3 +1548,27 @@ rte_crypto_op_pool_create(const char *name, enum rte_crypto_op_type type,
return mp;
}
+
+int
+rte_cryptodev_pmd_create_dev_name(char *name, const char *dev_name_prefix)
+{
+ struct rte_cryptodev *dev = NULL;
+ uint32_t i = 0;
+
+ if (name == NULL)
+ return -EINVAL;
+
+ for (i = 0; i < RTE_CRYPTO_MAX_DEVS; i++) {
+ int ret = snprintf(name, RTE_CRYPTODEV_NAME_MAX_LEN,
+ "%s_%u", dev_name_prefix, i);
+
+ if (ret < 0)
+ return ret;
+
+ dev = rte_cryptodev_pmd_get_named_dev(name);
+ if (!dev)
+ return 0;
+ }
+
+ return -1;
+}
diff --git a/lib/librte_cryptodev/rte_cryptodev.h b/lib/librte_cryptodev/rte_cryptodev.h
index 8f63e8f6..88aeb873 100644
--- a/lib/librte_cryptodev/rte_cryptodev.h
+++ b/lib/librte_cryptodev/rte_cryptodev.h
@@ -1,6 +1,6 @@
/*-
*
- * Copyright(c) 2015-2016 Intel Corporation. All rights reserved.
+ * Copyright(c) 2015-2017 Intel Corporation. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -66,6 +66,12 @@ extern "C" {
/**< KASUMI PMD device name */
#define CRYPTODEV_NAME_ZUC_PMD crypto_zuc
/**< KASUMI PMD device name */
+#define CRYPTODEV_NAME_ARMV8_PMD crypto_armv8
+/**< ARMv8 Crypto PMD device name */
+#define CRYPTODEV_NAME_SCHEDULER_PMD crypto_scheduler
+/**< Scheduler Crypto PMD device name */
+#define CRYPTODEV_NAME_DPAA2_SEC_PMD cryptodev_dpaa2_sec_pmd
+/**< NXP DPAA2 - SEC PMD device name */
/** Crypto device type */
enum rte_cryptodev_type {
@@ -77,6 +83,9 @@ enum rte_cryptodev_type {
RTE_CRYPTODEV_KASUMI_PMD, /**< KASUMI PMD */
RTE_CRYPTODEV_ZUC_PMD, /**< ZUC PMD */
RTE_CRYPTODEV_OPENSSL_PMD, /**< OpenSSL PMD */
+ RTE_CRYPTODEV_ARMV8_PMD, /**< ARMv8 crypto PMD */
+ RTE_CRYPTODEV_SCHEDULER_PMD, /**< Crypto Scheduler PMD */
+ RTE_CRYPTODEV_DPAA2_SEC_PMD, /**< NXP DPAA2 - SEC PMD */
};
extern const char **rte_cyptodev_names;
@@ -110,6 +119,20 @@ extern const char **rte_cyptodev_names;
#endif
/**
+ * Crypto parameters range description
+ */
+struct rte_crypto_param_range {
+ uint16_t min; /**< minimum size */
+ uint16_t max; /**< maximum size */
+ uint16_t increment;
+ /**< if a range of sizes are supported,
+ * this parameter is used to indicate
+ * increments in byte size that are supported
+ * between the minimum and maximum
+ */
+};
+
+/**
* Symmetric Crypto Capability
*/
struct rte_cryptodev_symmetric_capability {
@@ -122,35 +145,11 @@ struct rte_cryptodev_symmetric_capability {
/**< authentication algorithm */
uint16_t block_size;
/**< algorithm block size */
- struct {
- uint16_t min; /**< minimum key size */
- uint16_t max; /**< maximum key size */
- uint16_t increment;
- /**< if a range of sizes are supported,
- * this parameter is used to indicate
- * increments in byte size that are supported
- * between the minimum and maximum */
- } key_size;
+ struct rte_crypto_param_range key_size;
/**< auth key size range */
- struct {
- uint16_t min; /**< minimum digest size */
- uint16_t max; /**< maximum digest size */
- uint16_t increment;
- /**< if a range of sizes are supported,
- * this parameter is used to indicate
- * increments in byte size that are supported
- * between the minimum and maximum */
- } digest_size;
+ struct rte_crypto_param_range digest_size;
/**< digest size range */
- struct {
- uint16_t min; /**< minimum aad size */
- uint16_t max; /**< maximum aad size */
- uint16_t increment;
- /**< if a range of sizes are supported,
- * this parameter is used to indicate
- * increments in byte size that are supported
- * between the minimum and maximum */
- } aad_size;
+ struct rte_crypto_param_range aad_size;
/**< Additional authentication data size range */
} auth;
/**< Symmetric Authentication transform capabilities */
@@ -159,25 +158,9 @@ struct rte_cryptodev_symmetric_capability {
/**< cipher algorithm */
uint16_t block_size;
/**< algorithm block size */
- struct {
- uint16_t min; /**< minimum key size */
- uint16_t max; /**< maximum key size */
- uint16_t increment;
- /**< if a range of sizes are supported,
- * this parameter is used to indicate
- * increments in byte size that are supported
- * between the minimum and maximum */
- } key_size;
+ struct rte_crypto_param_range key_size;
/**< cipher key size range */
- struct {
- uint16_t min; /**< minimum iv size */
- uint16_t max; /**< maximum iv size */
- uint16_t increment;
- /**< if a range of sizes are supported,
- * this parameter is used to indicate
- * increments in byte size that are supported
- * between the minimum and maximum */
- } iv_size;
+ struct rte_crypto_param_range iv_size;
/**< Initialisation vector data size range */
} cipher;
/**< Symmetric Cipher transform capabilities */
@@ -196,6 +179,94 @@ struct rte_cryptodev_capabilities {
};
};
+/** Structure used to describe crypto algorithms */
+struct rte_cryptodev_sym_capability_idx {
+ enum rte_crypto_sym_xform_type type;
+ union {
+ enum rte_crypto_cipher_algorithm cipher;
+ enum rte_crypto_auth_algorithm auth;
+ } algo;
+};
+
+/**
+ * Provide capabilities available for defined device and algorithm
+ *
+ * @param dev_id The identifier of the device.
+ * @param idx Description of crypto algorithms.
+ *
+ * @return
+ * - Return description of the symmetric crypto capability if exist.
+ * - Return NULL if the capability not exist.
+ */
+const struct rte_cryptodev_symmetric_capability *
+rte_cryptodev_sym_capability_get(uint8_t dev_id,
+ const struct rte_cryptodev_sym_capability_idx *idx);
+
+/**
+ * Check if key size and initial vector are supported
+ * in crypto cipher capability
+ *
+ * @param capability Description of the symmetric crypto capability.
+ * @param key_size Cipher key size.
+ * @param iv_size Cipher initial vector size.
+ *
+ * @return
+ * - Return 0 if the parameters are in range of the capability.
+ * - Return -1 if the parameters are out of range of the capability.
+ */
+int
+rte_cryptodev_sym_capability_check_cipher(
+ const struct rte_cryptodev_symmetric_capability *capability,
+ uint16_t key_size, uint16_t iv_size);
+
+/**
+ * Check if key size and initial vector are supported
+ * in crypto auth capability
+ *
+ * @param capability Description of the symmetric crypto capability.
+ * @param key_size Auth key size.
+ * @param digest_size Auth digest size.
+ * @param aad_size Auth aad size.
+ *
+ * @return
+ * - Return 0 if the parameters are in range of the capability.
+ * - Return -1 if the parameters are out of range of the capability.
+ */
+int
+rte_cryptodev_sym_capability_check_auth(
+ const struct rte_cryptodev_symmetric_capability *capability,
+ uint16_t key_size, uint16_t digest_size, uint16_t aad_size);
+
+/**
+ * Provide the cipher algorithm enum, given an algorithm string
+ *
+ * @param algo_enum A pointer to the cipher algorithm
+ * enum to be filled
+ * @param algo_string Authentication algo string
+ *
+ * @return
+ * - Return -1 if string is not valid
+ * - Return 0 is the string is valid
+ */
+int
+rte_cryptodev_get_cipher_algo_enum(enum rte_crypto_cipher_algorithm *algo_enum,
+ const char *algo_string);
+
+/**
+ * Provide the authentication algorithm enum, given an algorithm string
+ *
+ * @param algo_enum A pointer to the authentication algorithm
+ * enum to be filled
+ * @param algo_string Authentication algo string
+ *
+ * @return
+ * - Return -1 if string is not valid
+ * - Return 0 is the string is valid
+ */
+int
+rte_cryptodev_get_auth_algo_enum(enum rte_crypto_auth_algorithm *algo_enum,
+ const char *algo_string);
+
/** Macro used at end of crypto PMD list */
#define RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() \
{ RTE_CRYPTO_OP_TYPE_UNDEFINED }
@@ -225,6 +296,14 @@ struct rte_cryptodev_capabilities {
/**< Utilises CPU AES-NI instructions */
#define RTE_CRYPTODEV_FF_HW_ACCELERATED (1ULL << 7)
/**< Operations are off-loaded to an external hardware accelerator */
+#define RTE_CRYPTODEV_FF_CPU_AVX512 (1ULL << 8)
+/**< Utilises CPU SIMD AVX512 instructions */
+#define RTE_CRYPTODEV_FF_MBUF_SCATTER_GATHER (1ULL << 9)
+/**< Scatter-gather mbufs are supported */
+#define RTE_CRYPTODEV_FF_CPU_NEON (1ULL << 10)
+/**< Utilises CPU NEON instructions */
+#define RTE_CRYPTODEV_FF_CPU_ARM_CE (1ULL << 11)
+/**< Utilises ARM CPU Cryptographic Extensions */
/**
@@ -256,6 +335,10 @@ struct rte_cryptodev_info {
struct {
unsigned max_nb_sessions;
/**< Maximum number of sessions supported by device. */
+ unsigned int max_nb_sessions_per_qp;
+ /**< Maximum number of sessions per queue pair.
+ * Default 0 for infinite sessions
+ */
} sym;
};
@@ -300,6 +383,8 @@ struct rte_cryptodev_stats {
/**< Total error count on operations dequeued */
};
+#define RTE_CRYPTODEV_NAME_MAX_LEN (64)
+/**< Max length of name of crypto PMD */
#define RTE_CRYPTODEV_VDEV_DEFAULT_MAX_NB_QUEUE_PAIRS 8
#define RTE_CRYPTODEV_VDEV_DEFAULT_MAX_NB_SESSIONS 2048
@@ -311,6 +396,7 @@ struct rte_crypto_vdev_init_params {
unsigned max_nb_queue_pairs;
unsigned max_nb_sessions;
uint8_t socket_id;
+ char name[RTE_CRYPTODEV_NAME_MAX_LEN];
};
/**
@@ -365,8 +451,30 @@ rte_cryptodev_get_dev_id(const char *name);
extern uint8_t
rte_cryptodev_count(void);
+/**
+ * Get number of crypto device defined type.
+ *
+ * @param type type of device.
+ *
+ * @return
+ * Returns number of crypto device.
+ */
extern uint8_t
rte_cryptodev_count_devtype(enum rte_cryptodev_type type);
+
+/**
+ * Get number and identifiers of attached crypto device.
+ *
+ * @param dev_name device name.
+ * @param devices output devices identifiers.
+ * @param nb_devices maximal number of devices.
+ *
+ * @return
+ * Returns number of attached crypto device.
+ */
+uint8_t
+rte_cryptodev_devices_get(const char *dev_name, uint8_t *devices,
+ uint8_t nb_devices);
/*
* Return the NUMA socket to which a device is connected
*
@@ -621,8 +729,8 @@ struct rte_cryptodev {
/**< Functions exported by PMD */
uint64_t feature_flags;
/**< Supported features */
- struct rte_pci_device *pci_dev;
- /**< PCI info. supplied by probing */
+ struct rte_device *device;
+ /**< Backing device */
enum rte_cryptodev_type dev_type;
/**< Crypto device type */
@@ -635,10 +743,6 @@ struct rte_cryptodev {
/**< Flag indicating the device is attached */
} __rte_cache_aligned;
-
-#define RTE_CRYPTODEV_NAME_MAX_LEN (64)
-/**< Max length of name of crypto PMD */
-
/**
*
* The data part, with no function pointers, associated with each device.
@@ -818,6 +922,36 @@ extern struct rte_cryptodev_sym_session *
rte_cryptodev_sym_session_free(uint8_t dev_id,
struct rte_cryptodev_sym_session *session);
+/**
+ * Attach queue pair with sym session.
+ *
+ * @param qp_id Queue pair to which session will be attached.
+ * @param session Session pointer previously allocated by
+ * *rte_cryptodev_sym_session_create*.
+ *
+ * @return
+ * - On success, zero.
+ * - On failure, a negative value.
+ */
+int
+rte_cryptodev_queue_pair_attach_sym_session(uint16_t qp_id,
+ struct rte_cryptodev_sym_session *session);
+
+/**
+ * Detach queue pair with sym session.
+ *
+ * @param qp_id Queue pair to which session is attached.
+ * @param session Session pointer previously allocated by
+ * *rte_cryptodev_sym_session_create*.
+ *
+ * @return
+ * - On success, zero.
+ * - On failure, a negative value.
+ */
+int
+rte_cryptodev_queue_pair_detach_sym_session(uint16_t qp_id,
+ struct rte_cryptodev_sym_session *session);
+
#ifdef __cplusplus
}
diff --git a/lib/librte_cryptodev/rte_cryptodev_pmd.h b/lib/librte_cryptodev/rte_cryptodev_pmd.h
index c6a57945..17ef37c7 100644
--- a/lib/librte_cryptodev/rte_cryptodev_pmd.h
+++ b/lib/librte_cryptodev/rte_cryptodev_pmd.h
@@ -57,14 +57,6 @@ extern "C" {
#include "rte_crypto.h"
#include "rte_cryptodev.h"
-
-#ifdef RTE_LIBRTE_CRYPTODEV_DEBUG
-#define RTE_PMD_DEBUG_TRACE(...) \
- rte_pmd_debug_trace(__func__, __VA_ARGS__)
-#else
-#define RTE_PMD_DEBUG_TRACE(...)
-#endif
-
struct rte_cryptodev_session {
RTE_STD_C11
struct {
@@ -160,11 +152,8 @@ extern struct rte_cryptodev_global *rte_cryptodev_globals;
* @return
* - The rte_cryptodev structure pointer for the given device ID.
*/
-static inline struct rte_cryptodev *
-rte_cryptodev_pmd_get_dev(uint8_t dev_id)
-{
- return &rte_cryptodev_globals->devs[dev_id];
-}
+struct rte_cryptodev *
+rte_cryptodev_pmd_get_dev(uint8_t dev_id);
/**
* Get the rte_cryptodev structure device pointer for the named device.
@@ -174,25 +163,8 @@ rte_cryptodev_pmd_get_dev(uint8_t dev_id)
* @return
* - The rte_cryptodev structure pointer for the given device ID.
*/
-static inline struct rte_cryptodev *
-rte_cryptodev_pmd_get_named_dev(const char *name)
-{
- struct rte_cryptodev *dev;
- unsigned i;
-
- if (name == NULL)
- return NULL;
-
- for (i = 0; i < rte_cryptodev_globals->max_devs; i++) {
- dev = &rte_cryptodev_globals->devs[i];
-
- if ((dev->attached == RTE_CRYPTODEV_ATTACHED) &&
- (strcmp(dev->data->name, name) == 0))
- return dev;
- }
-
- return NULL;
-}
+struct rte_cryptodev *
+rte_cryptodev_pmd_get_named_dev(const char *name);
/**
* Validate if the crypto device index is valid attached crypto device.
@@ -202,20 +174,8 @@ rte_cryptodev_pmd_get_named_dev(const char *name)
* @return
* - If the device index is valid (1) or not (0).
*/
-static inline unsigned
-rte_cryptodev_pmd_is_valid_dev(uint8_t dev_id)
-{
- struct rte_cryptodev *dev = NULL;
-
- if (dev_id >= rte_cryptodev_globals->nb_devs)
- return 0;
-
- dev = rte_cryptodev_pmd_get_dev(dev_id);
- if (dev->attached != RTE_CRYPTODEV_ATTACHED)
- return 0;
- else
- return 1;
-}
+unsigned int
+rte_cryptodev_pmd_is_valid_dev(uint8_t dev_id);
/**
* The pool of rte_cryptodev structures.
@@ -233,10 +193,12 @@ extern struct rte_cryptodev *rte_cryptodevs;
* Function used to configure device.
*
* @param dev Crypto device pointer
+ * config Crypto device configurations
*
* @return Returns 0 on success
*/
-typedef int (*cryptodev_configure_t)(struct rte_cryptodev *dev);
+typedef int (*cryptodev_configure_t)(struct rte_cryptodev *dev,
+ struct rte_cryptodev_config *config);
/**
* Function used to start a configured device.
@@ -413,6 +375,31 @@ typedef void * (*cryptodev_sym_configure_session_t)(struct rte_cryptodev *dev,
typedef void (*cryptodev_sym_free_session_t)(struct rte_cryptodev *dev,
void *session_private);
+/**
+ * Optional API for drivers to attach sessions with queue pair.
+ * @param dev Crypto device pointer
+ * @param qp_id queue pair id for attaching session
+ * @param priv_sess Pointer to cryptodev's private session structure
+ * @return
+ * - Return 0 on success
+ */
+typedef int (*cryptodev_sym_queue_pair_attach_session_t)(
+ struct rte_cryptodev *dev,
+ uint16_t qp_id,
+ void *session_private);
+
+/**
+ * Optional API for drivers to detach sessions from queue pair.
+ * @param dev Crypto device pointer
+ * @param qp_id queue pair id for detaching session
+ * @param priv_sess Pointer to cryptodev's private session structure
+ * @return
+ * - Return 0 on success
+ */
+typedef int (*cryptodev_sym_queue_pair_detach_session_t)(
+ struct rte_cryptodev *dev,
+ uint16_t qp_id,
+ void *session_private);
/** Crypto device operations function pointer table */
struct rte_cryptodev_ops {
@@ -447,6 +434,10 @@ struct rte_cryptodev_ops {
/**< Configure a Crypto session. */
cryptodev_sym_free_session_t session_clear;
/**< Clear a Crypto sessions private data. */
+ cryptodev_sym_queue_pair_attach_session_t qp_attach_session;
+ /**< Attach session to queue pair. */
+ cryptodev_sym_queue_pair_attach_session_t qp_detach_session;
+ /**< Detach session from queue pair. */
};
@@ -520,6 +511,13 @@ int rte_cryptodev_pci_probe(struct rte_pci_driver *pci_drv,
*/
int rte_cryptodev_pci_remove(struct rte_pci_device *pci_dev);
+/**
+ * @internal
+ * Create unique device name
+ */
+int
+rte_cryptodev_pmd_create_dev_name(char *name, const char *dev_name_prefix);
+
#ifdef __cplusplus
}
#endif
diff --git a/lib/librte_cryptodev/rte_cryptodev_version.map b/lib/librte_cryptodev/rte_cryptodev_version.map
index 9dde0e72..9ac510ec 100644
--- a/lib/librte_cryptodev/rte_cryptodev_version.map
+++ b/lib/librte_cryptodev/rte_cryptodev_version.map
@@ -46,3 +46,31 @@ DPDK_16.11 {
rte_cryptodev_pci_remove;
} DPDK_16.07;
+
+DPDK_17.02 {
+ global:
+
+ rte_cryptodev_devices_get;
+ rte_cryptodev_pmd_create_dev_name;
+ rte_cryptodev_pmd_get_dev;
+ rte_cryptodev_pmd_get_named_dev;
+ rte_cryptodev_pmd_is_valid_dev;
+ rte_cryptodev_sym_capability_check_auth;
+ rte_cryptodev_sym_capability_check_cipher;
+ rte_cryptodev_sym_capability_get;
+ rte_crypto_auth_algorithm_strings;
+ rte_crypto_auth_operation_strings;
+ rte_crypto_cipher_algorithm_strings;
+ rte_crypto_cipher_operation_strings;
+
+} DPDK_16.11;
+
+DPDK_17.05 {
+ global:
+
+ rte_cryptodev_get_auth_algo_enum;
+ rte_cryptodev_get_cipher_algo_enum;
+ rte_cryptodev_queue_pair_attach_sym_session;
+ rte_cryptodev_queue_pair_detach_sym_session;
+
+} DPDK_17.02;