From f239aed5e674965691846e8ce3f187dd47523689 Mon Sep 17 00:00:00 2001 From: Luca Boccassi Date: Wed, 16 Aug 2017 18:42:05 +0100 Subject: New upstream version 17.08 Change-Id: I288b50990f52646089d6b1f3aaa6ba2f091a51d7 Signed-off-by: Luca Boccassi --- drivers/crypto/armv8/Makefile | 4 +- drivers/crypto/armv8/rte_armv8_pmd.c | 154 +++++++++++++-------------- drivers/crypto/armv8/rte_armv8_pmd_ops.c | 73 ++++++++----- drivers/crypto/armv8/rte_armv8_pmd_private.h | 20 ++-- 4 files changed, 136 insertions(+), 115 deletions(-) (limited to 'drivers/crypto/armv8') diff --git a/drivers/crypto/armv8/Makefile b/drivers/crypto/armv8/Makefile index 1474951c..86611fa2 100644 --- a/drivers/crypto/armv8/Makefile +++ b/drivers/crypto/armv8/Makefile @@ -1,7 +1,7 @@ # # BSD LICENSE # -# Copyright (C) Cavium networks Ltd. 2017. +# Copyright (C) Cavium, Inc. 2017. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions @@ -13,7 +13,7 @@ # notice, this list of conditions and the following disclaimer in # the documentation and/or other materials provided with the # distribution. -# * Neither the name of Cavium networks nor the names of its +# * Neither the name of Cavium, Inc nor the names of its # contributors may be used to endorse or promote products derived # from this software without specific prior written permission. # diff --git a/drivers/crypto/armv8/rte_armv8_pmd.c b/drivers/crypto/armv8/rte_armv8_pmd.c index 3d603a5a..a5c39c9b 100644 --- a/drivers/crypto/armv8/rte_armv8_pmd.c +++ b/drivers/crypto/armv8/rte_armv8_pmd.c @@ -1,7 +1,7 @@ /* * BSD LICENSE * - * Copyright (C) Cavium networks Ltd. 2017. + * Copyright (C) Cavium, Inc. 2017. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -13,7 +13,7 @@ * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. - * * Neither the name of Cavium networks nor the names of its + * * Neither the name of Cavium, Inc nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. * @@ -36,6 +36,7 @@ #include #include #include +#include #include #include #include @@ -44,6 +45,8 @@ #include "rte_armv8_pmd_private.h" +static uint8_t cryptodev_driver_id; + static int cryptodev_armv8_crypto_uninit(struct rte_vdev_device *vdev); /** @@ -288,27 +291,14 @@ auth_set_prerequisites(struct armv8_crypto_session *sess, * Generate authentication key, i_key_pad and o_key_pad. */ /* Zero memory under key */ - memset(sess->auth.hmac.key, 0, SHA1_AUTH_KEY_LENGTH); - - if (xform->auth.key.length > SHA1_AUTH_KEY_LENGTH) { - /* - * In case the key is longer than 160 bits - * the algorithm will use SHA1(key) instead. - */ - error = sha1_block(NULL, xform->auth.key.data, - sess->auth.hmac.key, xform->auth.key.length); - if (error != 0) - return -1; - } else { - /* - * Now copy the given authentication key to the session - * key assuming that the session key is zeroed there is - * no need for additional zero padding if the key is - * shorter than SHA1_AUTH_KEY_LENGTH. - */ - rte_memcpy(sess->auth.hmac.key, xform->auth.key.data, - xform->auth.key.length); - } + memset(sess->auth.hmac.key, 0, SHA1_BLOCK_SIZE); + + /* + * Now copy the given authentication key to the session + * key. + */ + rte_memcpy(sess->auth.hmac.key, xform->auth.key.data, + xform->auth.key.length); /* Prepare HMAC padding: key|pattern */ auth_hmac_pad_prepare(sess, xform); @@ -334,27 +324,14 @@ auth_set_prerequisites(struct armv8_crypto_session *sess, * Generate authentication key, i_key_pad and o_key_pad. */ /* Zero memory under key */ - memset(sess->auth.hmac.key, 0, SHA256_AUTH_KEY_LENGTH); - - if (xform->auth.key.length > SHA256_AUTH_KEY_LENGTH) { - /* - * In case the key is longer than 256 bits - * the algorithm will use SHA256(key) instead. - */ - error = sha256_block(NULL, xform->auth.key.data, - sess->auth.hmac.key, xform->auth.key.length); - if (error != 0) - return -1; - } else { - /* - * Now copy the given authentication key to the session - * key assuming that the session key is zeroed there is - * no need for additional zero padding if the key is - * shorter than SHA256_AUTH_KEY_LENGTH. - */ - rte_memcpy(sess->auth.hmac.key, xform->auth.key.data, - xform->auth.key.length); - } + memset(sess->auth.hmac.key, 0, SHA256_BLOCK_SIZE); + + /* + * Now copy the given authentication key to the session + * key. + */ + rte_memcpy(sess->auth.hmac.key, xform->auth.key.data, + xform->auth.key.length); /* Prepare HMAC padding: key|pattern */ auth_hmac_pad_prepare(sess, xform); @@ -414,7 +391,7 @@ armv8_crypto_set_session_chained_parameters(struct armv8_crypto_session *sess, order = sess->chain_order; break; default: - return -EINVAL; + return -ENOTSUP; } /* Select cipher direction */ sess->cipher.direction = cipher_xform->cipher.op; @@ -431,10 +408,10 @@ armv8_crypto_set_session_chained_parameters(struct armv8_crypto_session *sess, case RTE_CRYPTO_CIPHER_AES_CBC: sess->cipher.algo = calg; /* IV len is always 16 bytes (block size) for AES CBC */ - sess->cipher.iv_len = 16; + sess->cipher.iv.length = 16; break; default: - return -EINVAL; + return -ENOTSUP; } /* Select auth generate/verify */ sess->auth.operation = auth_xform->auth.op; @@ -448,9 +425,12 @@ armv8_crypto_set_session_chained_parameters(struct armv8_crypto_session *sess, sess->auth.mode = ARMV8_CRYPTO_AUTH_AS_HMAC; break; default: - return -EINVAL; + return -ENOTSUP; } + /* Set the digest length */ + sess->auth.digest_length = auth_xform->auth.digest_length; + /* Verify supported key lengths and extract proper algorithm */ switch (cipher_xform->cipher.key.length << 3) { case 128: @@ -465,7 +445,7 @@ armv8_crypto_set_session_chained_parameters(struct armv8_crypto_session *sess, default: /* Fall through */ sess->crypto_func = NULL; sess->cipher.key_sched = NULL; - return -EINVAL; + return -ENOTSUP; } if (unlikely(sess->crypto_func == NULL)) { @@ -519,20 +499,23 @@ armv8_crypto_set_session_parameters(struct armv8_crypto_session *sess, break; default: is_chained_op = false; - return -EINVAL; + return -ENOTSUP; } + /* Set IV offset */ + sess->cipher.iv.offset = cipher_xform->cipher.iv.offset; + if (is_chained_op) { ret = armv8_crypto_set_session_chained_parameters(sess, cipher_xform, auth_xform); if (unlikely(ret != 0)) { ARMV8_CRYPTO_LOG_ERR( "Invalid/unsupported chained (cipher/auth) parameters"); - return -EINVAL; + return ret; } } else { ARMV8_CRYPTO_LOG_ERR("Invalid/unsupported operation"); - return -EINVAL; + return -ENOTSUP; } return 0; @@ -544,30 +527,36 @@ get_session(struct armv8_crypto_qp *qp, struct rte_crypto_op *op) { struct armv8_crypto_session *sess = NULL; - if (op->sym->sess_type == RTE_CRYPTO_SYM_OP_WITH_SESSION) { + if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) { /* get existing session */ - if (likely(op->sym->session != NULL && - op->sym->session->dev_type == - RTE_CRYPTODEV_ARMV8_PMD)) { + if (likely(op->sym->session != NULL)) { sess = (struct armv8_crypto_session *) - op->sym->session->_private; + get_session_private_data( + op->sym->session, + cryptodev_driver_id); } } else { /* provide internal session */ void *_sess = NULL; + void *_sess_private_data = NULL; - if (!rte_mempool_get(qp->sess_mp, (void **)&_sess)) { - sess = (struct armv8_crypto_session *) - ((struct rte_cryptodev_sym_session *)_sess) - ->_private; - - if (unlikely(armv8_crypto_set_session_parameters( - sess, op->sym->xform) != 0)) { - rte_mempool_put(qp->sess_mp, _sess); - sess = NULL; - } else - op->sym->session = _sess; + if (rte_mempool_get(qp->sess_mp, (void **)&_sess)) + return NULL; + + if (rte_mempool_get(qp->sess_mp, (void **)&_sess_private_data)) + return NULL; + + sess = (struct armv8_crypto_session *)_sess_private_data; + + if (unlikely(armv8_crypto_set_session_parameters(sess, + op->sym->xform) != 0)) { + rte_mempool_put(qp->sess_mp, _sess); + rte_mempool_put(qp->sess_mp, _sess_private_data); + sess = NULL; } + op->sym->session = (struct rte_cryptodev_sym_session *)_sess; + set_session_private_data(op->sym->session, cryptodev_driver_id, + _sess_private_data); } if (unlikely(sess == NULL)) @@ -645,15 +634,11 @@ process_armv8_chained_op } } else { adst = (uint8_t *)rte_pktmbuf_append(m_asrc, - op->sym->auth.digest.length); - } - - if (unlikely(op->sym->cipher.iv.length != sess->cipher.iv_len)) { - op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; - return; + sess->auth.digest_length); } - arg.cipher.iv = op->sym->cipher.iv.data; + arg.cipher.iv = rte_crypto_op_ctod_offset(op, uint8_t *, + sess->cipher.iv.offset); arg.cipher.key = sess->cipher.key.data; /* Acquire combined mode function */ crypto_func = sess->crypto_func; @@ -667,12 +652,12 @@ process_armv8_chained_op op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; if (sess->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) { if (memcmp(adst, op->sym->auth.digest.data, - op->sym->auth.digest.length) != 0) { + sess->auth.digest_length) != 0) { op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED; } /* Trim area used for digest from mbuf. */ rte_pktmbuf_trim(m_asrc, - op->sym->auth.digest.length); + sess->auth.digest_length); } } @@ -699,8 +684,11 @@ process_op(const struct armv8_crypto_qp *qp, struct rte_crypto_op *op, } /* Free session if a session-less crypto op */ - if (op->sym->sess_type == RTE_CRYPTO_SYM_OP_SESSIONLESS) { + if (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) { memset(sess, 0, sizeof(struct armv8_crypto_session)); + memset(op->sym->session, 0, + rte_cryptodev_get_header_session_size()); + rte_mempool_put(qp->sess_mp, sess); rte_mempool_put(qp->sess_mp, op->sym->session); op->sym->session = NULL; } @@ -806,15 +794,16 @@ cryptodev_armv8_crypto_create(const char *name, snprintf(init_params->name, sizeof(init_params->name), "%s", name); - dev = rte_cryptodev_pmd_virtual_dev_init(init_params->name, + dev = rte_cryptodev_vdev_pmd_init(init_params->name, sizeof(struct armv8_crypto_private), - init_params->socket_id); + init_params->socket_id, + vdev); if (dev == NULL) { ARMV8_CRYPTO_LOG_ERR("failed to create cryptodev vdev"); goto init_error; } - dev->dev_type = RTE_CRYPTODEV_ARMV8_PMD; + dev->driver_id = cryptodev_driver_id; dev->dev_ops = rte_armv8_crypto_pmd_ops; /* register rx/tx burst functions for data path */ @@ -860,7 +849,7 @@ cryptodev_armv8_crypto_init(struct rte_vdev_device *vdev) if (name == NULL) return -EINVAL; input_args = rte_vdev_device_args(vdev); - rte_cryptodev_parse_vdev_init_params(&init_params, input_args); + rte_cryptodev_vdev_parse_init_params(&init_params, input_args); RTE_LOG(INFO, PMD, "Initialising %s on NUMA node %d\n", name, init_params.socket_id); @@ -904,3 +893,4 @@ RTE_PMD_REGISTER_PARAM_STRING(CRYPTODEV_NAME_ARMV8_PMD, "max_nb_queue_pairs= " "max_nb_sessions= " "socket_id="); +RTE_PMD_REGISTER_CRYPTO_DRIVER(armv8_crypto_drv, cryptodev_driver_id); diff --git a/drivers/crypto/armv8/rte_armv8_pmd_ops.c b/drivers/crypto/armv8/rte_armv8_pmd_ops.c index 4d9ccbfb..00297beb 100644 --- a/drivers/crypto/armv8/rte_armv8_pmd_ops.c +++ b/drivers/crypto/armv8/rte_armv8_pmd_ops.c @@ -1,7 +1,7 @@ /* * BSD LICENSE * - * Copyright (C) Cavium networks Ltd. 2017. + * Copyright (C) Cavium, Inc. 2017. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -13,7 +13,7 @@ * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. - * * Neither the name of Cavium networks nor the names of its + * * Neither the name of Cavium, Inc nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. * @@ -50,16 +50,16 @@ static const struct rte_cryptodev_capabilities .algo = RTE_CRYPTO_AUTH_SHA1_HMAC, .block_size = 64, .key_size = { - .min = 16, - .max = 128, - .increment = 0 + .min = 1, + .max = 64, + .increment = 1 }, .digest_size = { .min = 20, .max = 20, .increment = 0 }, - .aad_size = { 0 } + .iv_size = { 0 } }, } }, } }, @@ -71,16 +71,16 @@ static const struct rte_cryptodev_capabilities .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, .block_size = 64, .key_size = { - .min = 16, - .max = 128, - .increment = 0 + .min = 1, + .max = 64, + .increment = 1 }, .digest_size = { .min = 32, .max = 32, .increment = 0 }, - .aad_size = { 0 } + .iv_size = { 0 } }, } }, } }, @@ -178,7 +178,7 @@ armv8_crypto_pmd_info_get(struct rte_cryptodev *dev, struct armv8_crypto_private *internals = dev->data->dev_private; if (dev_info != NULL) { - dev_info->dev_type = dev->dev_type; + dev_info->driver_id = dev->driver_id; dev_info->feature_flags = dev->feature_flags; dev_info->capabilities = armv8_crypto_pmd_capabilities; dev_info->max_nb_queue_pairs = internals->max_nb_qpairs; @@ -247,7 +247,7 @@ armv8_crypto_pmd_qp_create_processed_ops_ring(struct armv8_crypto_qp *qp, static int armv8_crypto_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id, const struct rte_cryptodev_qp_conf *qp_conf, - int socket_id) + int socket_id, struct rte_mempool *session_pool) { struct armv8_crypto_qp *qp = NULL; @@ -272,7 +272,7 @@ armv8_crypto_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id, if (qp->processed_ops == NULL) goto qp_setup_cleanup; - qp->sess_mp = dev->data->session_pool; + qp->sess_mp = session_pool; memset(&qp->stats, 0, sizeof(qp->stats)); @@ -316,33 +316,56 @@ armv8_crypto_pmd_session_get_size(struct rte_cryptodev *dev __rte_unused) } /** Configure the session from a crypto xform chain */ -static void * -armv8_crypto_pmd_session_configure(struct rte_cryptodev *dev __rte_unused, - struct rte_crypto_sym_xform *xform, void *sess) +static int +armv8_crypto_pmd_session_configure(struct rte_cryptodev *dev, + struct rte_crypto_sym_xform *xform, + struct rte_cryptodev_sym_session *sess, + struct rte_mempool *mempool) { + void *sess_private_data; + int ret; + if (unlikely(sess == NULL)) { ARMV8_CRYPTO_LOG_ERR("invalid session struct"); - return NULL; + return -EINVAL; } - if (armv8_crypto_set_session_parameters( - sess, xform) != 0) { + if (rte_mempool_get(mempool, &sess_private_data)) { + CDEV_LOG_ERR( + "Couldn't get object from session mempool"); + return -ENOMEM; + } + + ret = armv8_crypto_set_session_parameters(sess_private_data, xform); + if (ret != 0) { ARMV8_CRYPTO_LOG_ERR("failed configure session parameters"); - return NULL; + + /* Return session to mempool */ + rte_mempool_put(mempool, sess_private_data); + return ret; } - return sess; + set_session_private_data(sess, dev->driver_id, + sess_private_data); + + return 0; } /** Clear the memory of session so it doesn't leave key material behind */ static void -armv8_crypto_pmd_session_clear(struct rte_cryptodev *dev __rte_unused, - void *sess) +armv8_crypto_pmd_session_clear(struct rte_cryptodev *dev, + struct rte_cryptodev_sym_session *sess) { + uint8_t index = dev->driver_id; + void *sess_priv = get_session_private_data(sess, index); /* Zero out the whole structure */ - if (sess) - memset(sess, 0, sizeof(struct armv8_crypto_session)); + if (sess_priv) { + memset(sess_priv, 0, sizeof(struct armv8_crypto_session)); + struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv); + set_session_private_data(sess, index, NULL); + rte_mempool_put(sess_mp, sess_priv); + } } struct rte_cryptodev_ops armv8_crypto_pmd_ops = { diff --git a/drivers/crypto/armv8/rte_armv8_pmd_private.h b/drivers/crypto/armv8/rte_armv8_pmd_private.h index b75107f2..d02992a6 100644 --- a/drivers/crypto/armv8/rte_armv8_pmd_private.h +++ b/drivers/crypto/armv8/rte_armv8_pmd_private.h @@ -1,7 +1,7 @@ /* * BSD LICENSE * - * Copyright (C) Cavium networks Ltd. 2017. + * Copyright (C) Cavium, Inc. 2017. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -13,7 +13,7 @@ * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. - * * Neither the name of Cavium networks nor the names of its + * * Neither the name of Cavium, Inc nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. * @@ -33,6 +33,9 @@ #ifndef _RTE_ARMV8_PMD_PRIVATE_H_ #define _RTE_ARMV8_PMD_PRIVATE_H_ +#define CRYPTODEV_NAME_ARMV8_PMD crypto_armv8 +/**< ARMv8 Crypto PMD device name */ + #define ARMV8_CRYPTO_LOG_ERR(fmt, args...) \ RTE_LOG(ERR, CRYPTODEV, "[%s] %s() line %u: " fmt "\n", \ RTE_STR(CRYPTODEV_NAME_ARMV8_CRYPTO_PMD), \ @@ -159,8 +162,11 @@ struct armv8_crypto_session { /**< cipher operation direction */ enum rte_crypto_cipher_algorithm algo; /**< cipher algorithm */ - int iv_len; - /**< IV length */ + struct { + uint16_t length; + uint16_t offset; + } iv; + /**< IV parameters */ struct { uint8_t data[256]; @@ -192,10 +198,12 @@ struct armv8_crypto_session { uint8_t o_key_pad[SHA_BLOCK_MAX] __rte_cache_aligned; /**< outer pad (max supported block length) */ - uint8_t key[SHA_AUTH_KEY_MAX]; - /**< HMAC key (max supported length)*/ + uint8_t key[SHA_BLOCK_MAX]; + /**< HMAC key (max supported block length)*/ } hmac; }; + uint16_t digest_length; + /* Digest length */ } auth; } __rte_cache_aligned; -- cgit 1.2.3-korg