[dpdk-dev] [PATCH v5 00/10] Crypto API and device framework
Declan Doherty
declan.doherty at intel.com
Mon Nov 9 21:34:09 CET 2015
his series of patches defines a set of application burst oriented APIs for
asynchronous symmetric cryptographic functions within DPDK. It also contains a
poll mode driver cryptographic device framework for the implementation of
crypto devices within DPDK.
In the patch set we also have included 2 reference implementations of crypto
PMDs. Currently both implementations support AES128-CBC with
HMAC_SHA1/SHA256/SHA512 authentication operations. The first device is a purely
software PMD based on Intel's multi-buffer library, which utilises both
AES-NI instructions and vector operations to accelerate crypto operations and
the second PMD utilises Intel's Quick Assist Technology (on DH895xxC) to provide
hardware accelerated crypto operations.
The API set supports two functional modes of operation:
1, A session oriented mode. In this mode the user creates a crypto session
which defines all the immutable data required to perform a particular crypto
operation in advance, including cipher/hash algorithms and operations to be
performed as well as the keys to used etc. The session is then referenced by
the crypto operation data structure which is a data structure specific to each
mbuf. It is contains all mutable data about the cryto operation to be
performed, such as data offsets and lengths into the mbuf's data payload for
cipher and hash operations to be performed.
2, A session-less mode. In this mode the user is able to provision crypto
operations on an mbuf without the need to have a cached session created in
advance, but at the cost of entailing the overhead of calculating
authentication pre-computes and preforming key expansions in-line with the
crypto operation. The crypto xform chain is directly attached to the op struct
in this mode, so the op struct now contains all of the immutable crypto operation
parameters that would be normally set within a session. Once all mutable and
immutable parameters are set the crypto operation data structure can be attached
to the specified mbuf and enqueued on a specified crypto device for processing.
The patch set contains the following features:
- Crypto device APIs and device framework
- Implementation of a software crypto PMD based on multi-buffer library
- Implementation of a hardware crypto PMD baed on Intel QAT(DH895xxC)
- Unit and performance test's which give and example of utilising the crypto API's.
- Sample application which performs crypto operations on the IP payload of the
packets being forwarded
Current Status:
There is no support for chained mbuf's and as mentioned above the PMD's
have currently implemented support for AES128-CBC/AES256-CBC/AES512-CBC
and HMAC_SHA1/SHA256/SHA512.
v5:
- Making ethdev marcos for function pointer and port id checking public and
available for use in by the cryptodev. The intialise to patches combine changes
from original cryptodev patch and discussion in
http://dpdk.org/ml/archives/dev/2015-November/027871.html
- Split out changes to create new __rte_packed and __rte_aligned macros
into seperate patches form the main cryptodev patch set for clairty
- further code cleaning, removal of currently unsupported gcm code from
aesni_mb pmd
v4:
- Some more EOF whitespace and checkpatch fixes
v3:
- Fixes a document build error, which I missed in the V2
- Fixes for remaining checkpatch errors
- Disables QAT and AESNI_MB PMD being build by default as they have external
library dependences
v2:
- Introduces a new library to support attaching offload operations to a mbuf
- Remove unused APIs from cryptodev
- PMD code refactor due to new rte_mbuf_offload structure
- General bug fixes and code tidy up
Declan Doherty (10):
ethdev: rename macros to have RTE_ prefix
ethdev: make error checking macros public
eal: add __rte_packed /__rte_aligned macros
mbuf: add new marcos to get the physical address of data
cryptodev: Initial DPDK Crypto APIs and device framework release
mbuf_offload: library to support attaching offloads to a mbuf
qat_crypto_pmd: Addition of a new QAT DPDK PMD.
aesni_mb_pmd: Initial implementation of multi buffer based crypto
device
app/test: add cryptodev unit and performance tests
l2fwd-crypto: crypto
MAINTAINERS | 14 +
app/test/Makefile | 4 +
app/test/test.c | 92 +-
app/test/test.h | 34 +-
app/test/test_cryptodev.c | 1986 +++++++++++++++++++
app/test/test_cryptodev.h | 68 +
app/test/test_cryptodev_perf.c | 2062 ++++++++++++++++++++
app/test/test_link_bonding.c | 6 +-
app/test/test_link_bonding_mode4.c | 7 +-
app/test/test_link_bonding_rssconf.c | 7 +-
config/common_bsdapp | 37 +-
config/common_linuxapp | 37 +-
doc/api/doxy-api-index.md | 1 +
doc/api/doxy-api.conf | 1 +
doc/guides/cryptodevs/aesni_mb.rst | 76 +
doc/guides/cryptodevs/index.rst | 43 +
doc/guides/cryptodevs/qat.rst | 194 ++
doc/guides/index.rst | 1 +
drivers/Makefile | 1 +
drivers/crypto/Makefile | 38 +
drivers/crypto/aesni_mb/Makefile | 63 +
drivers/crypto/aesni_mb/aesni_mb_ops.h | 210 ++
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 669 +++++++
drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 298 +++
drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h | 229 +++
drivers/crypto/aesni_mb/rte_pmd_aesni_version.map | 3 +
drivers/crypto/qat/Makefile | 63 +
.../qat/qat_adf/adf_transport_access_macros.h | 174 ++
drivers/crypto/qat/qat_adf/icp_qat_fw.h | 316 +++
drivers/crypto/qat/qat_adf/icp_qat_fw_la.h | 404 ++++
drivers/crypto/qat/qat_adf/icp_qat_hw.h | 306 +++
drivers/crypto/qat/qat_adf/qat_algs.h | 125 ++
drivers/crypto/qat/qat_adf/qat_algs_build_desc.c | 601 ++++++
drivers/crypto/qat/qat_crypto.c | 561 ++++++
drivers/crypto/qat/qat_crypto.h | 124 ++
drivers/crypto/qat/qat_logs.h | 78 +
drivers/crypto/qat/qat_qp.c | 429 ++++
drivers/crypto/qat/rte_pmd_qat_version.map | 3 +
drivers/crypto/qat/rte_qat_cryptodev.c | 137 ++
examples/l2fwd-crypto/Makefile | 50 +
examples/l2fwd-crypto/main.c | 1473 ++++++++++++++
lib/Makefile | 2 +
lib/librte_cryptodev/Makefile | 60 +
lib/librte_cryptodev/rte_crypto.h | 613 ++++++
lib/librte_cryptodev/rte_cryptodev.c | 1092 +++++++++++
lib/librte_cryptodev/rte_cryptodev.h | 649 ++++++
lib/librte_cryptodev/rte_cryptodev_pmd.h | 549 ++++++
lib/librte_cryptodev/rte_cryptodev_version.map | 41 +
lib/librte_eal/common/include/rte_dev.h | 52 +
lib/librte_eal/common/include/rte_log.h | 1 +
lib/librte_eal/common/include/rte_memory.h | 12 +-
lib/librte_ether/rte_ethdev.c | 607 +++---
lib/librte_ether/rte_ethdev.h | 26 +
lib/librte_mbuf/rte_mbuf.h | 29 +
lib/librte_mbuf_offload/Makefile | 52 +
lib/librte_mbuf_offload/rte_mbuf_offload.c | 100 +
lib/librte_mbuf_offload/rte_mbuf_offload.h | 284 +++
.../rte_mbuf_offload_version.map | 7 +
mk/rte.app.mk | 9 +
59 files changed, 14828 insertions(+), 382 deletions(-)
create mode 100644 app/test/test_cryptodev.c
create mode 100644 app/test/test_cryptodev.h
create mode 100644 app/test/test_cryptodev_perf.c
create mode 100644 doc/guides/cryptodevs/aesni_mb.rst
create mode 100644 doc/guides/cryptodevs/index.rst
create mode 100644 doc/guides/cryptodevs/qat.rst
create mode 100644 drivers/crypto/Makefile
create mode 100644 drivers/crypto/aesni_mb/Makefile
create mode 100644 drivers/crypto/aesni_mb/aesni_mb_ops.h
create mode 100644 drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
create mode 100644 drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
create mode 100644 drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
create mode 100644 drivers/crypto/aesni_mb/rte_pmd_aesni_version.map
create mode 100644 drivers/crypto/qat/Makefile
create mode 100644 drivers/crypto/qat/qat_adf/adf_transport_access_macros.h
create mode 100644 drivers/crypto/qat/qat_adf/icp_qat_fw.h
create mode 100644 drivers/crypto/qat/qat_adf/icp_qat_fw_la.h
create mode 100644 drivers/crypto/qat/qat_adf/icp_qat_hw.h
create mode 100644 drivers/crypto/qat/qat_adf/qat_algs.h
create mode 100644 drivers/crypto/qat/qat_adf/qat_algs_build_desc.c
create mode 100644 drivers/crypto/qat/qat_crypto.c
create mode 100644 drivers/crypto/qat/qat_crypto.h
create mode 100644 drivers/crypto/qat/qat_logs.h
create mode 100644 drivers/crypto/qat/qat_qp.c
create mode 100644 drivers/crypto/qat/rte_pmd_qat_version.map
create mode 100644 drivers/crypto/qat/rte_qat_cryptodev.c
create mode 100644 examples/l2fwd-crypto/Makefile
create mode 100644 examples/l2fwd-crypto/main.c
create mode 100644 lib/librte_cryptodev/Makefile
create mode 100644 lib/librte_cryptodev/rte_crypto.h
create mode 100644 lib/librte_cryptodev/rte_cryptodev.c
create mode 100644 lib/librte_cryptodev/rte_cryptodev.h
create mode 100644 lib/librte_cryptodev/rte_cryptodev_pmd.h
create mode 100644 lib/librte_cryptodev/rte_cryptodev_version.map
create mode 100644 lib/librte_mbuf_offload/Makefile
create mode 100644 lib/librte_mbuf_offload/rte_mbuf_offload.c
create mode 100644 lib/librte_mbuf_offload/rte_mbuf_offload.h
create mode 100644 lib/librte_mbuf_offload/rte_mbuf_offload_version.map
--
2.4.3
More information about the dev
mailing list