[dpdk-dev] [PATCH v6 0/8] vhost: introduce vhost crypto backend

Maxime Coquelin maxime.coquelin at redhat.com
Wed Apr 4 21:32:03 CEST 2018
Previous message: [dpdk-dev] [PATCH v6 0/8] vhost: introduce vhost crypto backend
Next message: [dpdk-dev] [PATCH v6 0/8] vhost: introduce vhost crypto backend
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 04/04/2018 06:50 PM, Zhoujian (jay) wrote:
> Hi Maxime,
> 
>> -----Original Message-----
>> From: Maxime Coquelin [mailto:maxime.coquelin at redhat.com]
>> Sent: Wednesday, April 04, 2018 11:37 PM
>> To: Fan Zhang <roy.fan.zhang at intel.com>; dev at dpdk.org; Zhoujian (jay)
>> <jianjay.zhou at huawei.com>
>> Cc: jianfeng.tan at intel.com; pawelx.wodkowski at intel.com
>> Subject: Re: [PATCH v6 0/8] vhost: introduce vhost crypto backend
>>
>> Hi Fan,
>>
>> On 04/04/2018 04:24 PM, Fan Zhang wrote:
>>> This patchset adds crypto backend suppport to vhost library including
>>> a proof-of-concept sample application. The implementation follows the
>>> virtio-crypto specification and have been tested with qemu 2.11.50
>>> (with several patches applied, detailed later) with Fedora 24 running
>>> in the frontend.
>>>
>>> The vhost_crypto library acts as a "bridge" method that translate the
>>> virtio-crypto crypto requests to DPDK crypto operations, so it is
>>> purely software implementation. However it does require the user to
>>> provide the DPDK Cryptodev ID so it knows how to handle the
>>> virtio-crypto session creation and deletion mesages.
>>>
>>> Currently the implementation supports AES-CBC-128 and HMAC-SHA1 cipher
>>> only/chaining modes and does not support sessionless mode yet. The
>>> guest can use standard virtio-crypto driver to set up session and
>>> sends encryption/decryption requests to backend. The vhost-crypto
>>> sample application provided in this patchset will do the actual crypto
>>> work.
>>>
>>> The following steps are involved to enable vhost-crypto support.
>>>
>>> In the host:
>>> 1. Download the qemu source code.
>>>
>>> 2. Recompile your qemu with vhost-crypto option enabled.
>>>
>>> 3. Apply this patchset to latest DPDK code and recompile DPDK.
>>>
>>> 4. Compile and run vhost-crypto sample application.
>>>
>>> ./examples/vhost_crypto/build/vhost-crypto -l 11,12 -w 0000:86:01.0 \
>>>    --socket-mem 2048,2048
>>>
>>> Where 0000:86:01.0 is the QAT PCI address. You may use AES-NI-MB if it
>>> is not available. The sample application requires 2 lcores: 1 master
>>> and 1 worker. The application will create a UNIX socket file
>>> /tmp/vhost_crypto1.socket.
>>>
>>> 5. Start your qemu application. Here is my command:
>>>
>>> qemu/x86_64-softmmu/qemu-system-x86_64 -machine accel=kvm -cpu host \
>>> -smp 2 -m 1G -hda ~/path-to-your/image.qcow \ -object
>>> memory-backend-file,id=mem,size=1G,mem-path=/dev/hugepages,share=on \
>>> -mem-prealloc -numa node,memdev=mem -chardev \
>>> socket,id=charcrypto0,path=/tmp/vhost_crypto1.socket \ -object
>>> cryptodev-vhost-user,id=cryptodev0,chardev=charcrypto0 \ -device
>>> virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0
>>>
>>> 6. Once guest is booted. The Linux virtio_crypto kernel module is
>>> loaded by default. You shall see the following logs in your demsg:
>>>
>>> [   17.611044] virtio_crypto: loading out-of-tree module taints kernel.
>>> [   17.611083] virtio_crypto: module verification failed: signature
>> and/or ...
>>> [   17.611723] virtio_crypto virtio0: max_queues: 1, max_cipher_key_len: ...
>>> [   17.612156] virtio_crypto virtio0: will run requests pump with
>> realtime ...
>>> [   18.376100] virtio_crypto virtio0: Accelerator is ready
>>>
>>> The virtio_crypto driver in the guest is now up and running.
>>>
>>> 7. The rest steps can be as same as the Testing section in
>>> https://wiki.qemu.org/Features/VirtioCrypto
>>>
>>> 8. It is possible to use DPDK Virtio Crypto PMD
>>> (https://dpdk.org/dev/patchwork/patch/36921/) in the guest to work
>>> with this patchset to achieve optimal performance.
>>>
>>> v6:
>>> - Changed commit message
>>> - removed rte prefix in handler prototype
>>>
>>> v5:
>>> - removed external ops register API.
>>> - patch cleaned.
>>>
>>> v4:
>>> - Changed external vhost backend ops register API.
>>> - Fixed a bug.
>>>
>>> v3:
>>> - Changed external vhost backend private data and message handling
>>> - Added experimental tag to rte_vhost_crypto_set_zero_copy()
>>>
>>> v2:
>>> - Moved vhost_crypto_data_req data from crypto op to source mbuf.
>>> - Removed ZERO-COPY flag from config option and make it run-timely
>> changeable.
>>> - Guest-polling mode possible.
>>> - Simplified vring descriptor access procedure.
>>> - Work with both LKCF and DPDK Virtio-Crypto PMD guest drivers.
>>>
>>> Fan Zhang (8):
>>>     lib/librte_vhost: add vhost user message handlers
>>>     lib/librte_vhost: add virtio-crypto user message structure
>>>     lib/librte_vhost: add session message handler
>>>     lib/librte_vhost: add request handler
>>>     lib/librte_vhost: add public function implementation
>>>     lib/librte_vhost: update makefile
>>>     examples/vhost_crypto: add vhost crypto sample application
>>>     doc: update for vhost crypto support
>>>
>>>    doc/guides/prog_guide/vhost_lib.rst       |   25 +
>>>    doc/guides/rel_notes/release_18_05.rst    |    5 +
>>>    doc/guides/sample_app_ug/index.rst        |    1 +
>>>    doc/guides/sample_app_ug/vhost_crypto.rst |   82 ++
>>>    examples/vhost_crypto/Makefile            |   32 +
>>>    examples/vhost_crypto/main.c              |  541 ++++++++++++
>>>    examples/vhost_crypto/meson.build         |   14 +
>>>    lib/librte_vhost/Makefile                 |    6 +-
>>>    lib/librte_vhost/meson.build              |    8 +-
>>>    lib/librte_vhost/rte_vhost_crypto.h       |  109 +++
>>>    lib/librte_vhost/rte_vhost_version.map    |   11 +
>>>    lib/librte_vhost/vhost.c                  |    2 +-
>>>    lib/librte_vhost/vhost.h                  |   53 +-
>>>    lib/librte_vhost/vhost_crypto.c           | 1312
>> +++++++++++++++++++++++++++++
>>>    lib/librte_vhost/vhost_user.c             |   33 +-
>>>    lib/librte_vhost/vhost_user.h             |   35 +-
>>>    16 files changed, 2256 insertions(+), 13 deletions(-)
>>>    create mode 100644 doc/guides/sample_app_ug/vhost_crypto.rst
>>>    create mode 100644 examples/vhost_crypto/Makefile
>>>    create mode 100644 examples/vhost_crypto/main.c
>>>    create mode 100644 examples/vhost_crypto/meson.build
>>>    create mode 100644 lib/librte_vhost/rte_vhost_crypto.h
>>>    create mode 100644 lib/librte_vhost/vhost_crypto.c
>>>
>>
>> For the series:
>> Reviewed-by: Maxime Coquelin <maxime.coquelin at redhat.com>
>>
>> Ideally, I would like to have it reviewed/acked by people having knowledge of
>> crypto.
>> Jianjay, is the series good for you?
> 
> With the typo of 8/8 fixed, this series looks good to me, so:
> Acked-by: Jay Zhou <jianjay.zhou at huawei.com>

Thanks Jay. can you point me to the typo you are referring to?

I can handle the change while applying.

Cheers,
Maxime

>>
>> Thanks,
>> Maxime
>
Previous message: [dpdk-dev] [PATCH v6 0/8] vhost: introduce vhost crypto backend
Next message: [dpdk-dev] [PATCH v6 0/8] vhost: introduce vhost crypto backend
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the dev mailing list