[v5,1/8] cryptodev: introduce cpu crypto support API
Checks
Commit Message
Add new API allowing to process crypto operations in a synchronous
manner. Operations are performed on a set of SG arrays.
Sync mode is selected by setting appropriate flag in an xform
type number. Cryptodevs which allows CPU crypto operation mode have to
use RTE_CRYPTODEV_FF_SYM_CPU_CRYPTO capability.
Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Signed-off-by: Marcin Smoczynski <marcinx.smoczynski@intel.com>
---
lib/librte_cryptodev/rte_crypto_sym.h | 63 ++++++++++++++++++-
lib/librte_cryptodev/rte_cryptodev.c | 35 ++++++++++-
lib/librte_cryptodev/rte_cryptodev.h | 22 ++++++-
lib/librte_cryptodev/rte_cryptodev_pmd.h | 21 ++++++-
.../rte_cryptodev_version.map | 1 +
5 files changed, 138 insertions(+), 4 deletions(-)
Comments
Hi Marcin/Konstantin,
>
> Add new API allowing to process crypto operations in a synchronous
> manner. Operations are performed on a set of SG arrays.
>
> Sync mode is selected by setting appropriate flag in an xform
> type number. Cryptodevs which allows CPU crypto operation mode have to
> use RTE_CRYPTODEV_FF_SYM_CPU_CRYPTO capability.
There is no change in xform. This description need to be updated. I think
It was not edited while you removed that xform changes.
Documentation missing in this patch.
>
> Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
> Signed-off-by: Marcin Smoczynski <marcinx.smoczynski@intel.com>
> ---
> lib/librte_cryptodev/rte_crypto_sym.h | 63 ++++++++++++++++++-
> lib/librte_cryptodev/rte_cryptodev.c | 35 ++++++++++-
> lib/librte_cryptodev/rte_cryptodev.h | 22 ++++++-
> lib/librte_cryptodev/rte_cryptodev_pmd.h | 21 ++++++-
> .../rte_cryptodev_version.map | 1 +
> 5 files changed, 138 insertions(+), 4 deletions(-)
>
> diff --git a/lib/librte_cryptodev/rte_crypto_sym.h
> b/lib/librte_cryptodev/rte_crypto_sym.h
> index bc356f6ff..d6f3105fe 100644
> --- a/lib/librte_cryptodev/rte_crypto_sym.h
> +++ b/lib/librte_cryptodev/rte_crypto_sym.h
> @@ -1,5 +1,5 @@
> /* SPDX-License-Identifier: BSD-3-Clause
> - * Copyright(c) 2016-2019 Intel Corporation
> + * Copyright(c) 2016-2020 Intel Corporation
> */
>
> #ifndef _RTE_CRYPTO_SYM_H_
> @@ -25,6 +25,67 @@ extern "C" {
> #include <rte_mempool.h>
> #include <rte_common.h>
>
> +/**
> + * Crypto IO Vector (in analogy with struct iovec)
> + * Supposed be used to pass input/output data buffers for crypto data-path
> + * functions.
> + */
> +struct rte_crypto_vec {
> + /** virtual address of the data buffer */
> + void *base;
> + /** IOVA of the data buffer */
> + rte_iova_t *iova;
> + /** length of the data buffer */
> + uint32_t len;
> +};
> +
> +/**
> + * Crypto scatter-gather list descriptor. Consists of a pointer to an array
> + * of Crypto IO vectors with its size.
> + */
> +struct rte_crypto_sgl {
> + /** start of an array of vectors */
> + struct rte_crypto_vec *vec;
> + /** size of an array of vectors */
> + uint32_t num;
> +};
> +
> +/**
> + * Synchronous operation descriptor.
> + * Supposed to be used with CPU crypto API call.
> + */
> +struct rte_crypto_sym_vec {
> + /** array of SGL vectors */
> + struct rte_crypto_sgl *sgl;
> + /** array of pointers to IV */
> + void **iv;
> + /** array of pointers to AAD */
> + void **aad;
> + /** array of pointers to digest */
> + void **digest;
> + /**
> + * array of statuses for each operation:
> + * - 0 on success
> + * - errno on error
> + */
> + int32_t *status;
> + /** number of operations to perform */
> + uint32_t num;
> +};
> +
> +/**
> + * used for cpu_crypto_process_bulk() to specify head/tail offsets
> + * for auth/cipher processing.
> + */
> +union rte_crypto_sym_ofs {
> + uint64_t raw;
> + struct {
> + struct {
> + uint16_t head;
> + uint16_t tail;
> + } auth, cipher;
> + } ofs;
> +};
>
> /** Symmetric Cipher Algorithms */
> enum rte_crypto_cipher_algorithm {
> diff --git a/lib/librte_cryptodev/rte_cryptodev.c
> b/lib/librte_cryptodev/rte_cryptodev.c
> index 5c6359b5c..889d61319 100644
> --- a/lib/librte_cryptodev/rte_cryptodev.c
> +++ b/lib/librte_cryptodev/rte_cryptodev.c
> @@ -1,5 +1,5 @@
> /* SPDX-License-Identifier: BSD-3-Clause
> - * Copyright(c) 2015-2017 Intel Corporation
> + * Copyright(c) 2015-2020 Intel Corporation
> */
>
> #include <sys/types.h>
> @@ -494,6 +494,8 @@ rte_cryptodev_get_feature_name(uint64_t flag)
> return "RSA_PRIV_OP_KEY_QT";
> case RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED:
> return "DIGEST_ENCRYPTED";
> + case RTE_CRYPTODEV_FF_SYM_CPU_CRYPTO:
> + return "SYM_CPU_CRYPTO";
Update needed in the doc/guides/cryptodevs/features/default.ini
@@ -1,5 +1,5 @@
/* SPDX-License-Identifier: BSD-3-Clause
- * Copyright(c) 2016-2019 Intel Corporation
+ * Copyright(c) 2016-2020 Intel Corporation
*/
#ifndef _RTE_CRYPTO_SYM_H_
@@ -25,6 +25,67 @@ extern "C" {
#include <rte_mempool.h>
#include <rte_common.h>
+/**
+ * Crypto IO Vector (in analogy with struct iovec)
+ * Supposed be used to pass input/output data buffers for crypto data-path
+ * functions.
+ */
+struct rte_crypto_vec {
+ /** virtual address of the data buffer */
+ void *base;
+ /** IOVA of the data buffer */
+ rte_iova_t *iova;
+ /** length of the data buffer */
+ uint32_t len;
+};
+
+/**
+ * Crypto scatter-gather list descriptor. Consists of a pointer to an array
+ * of Crypto IO vectors with its size.
+ */
+struct rte_crypto_sgl {
+ /** start of an array of vectors */
+ struct rte_crypto_vec *vec;
+ /** size of an array of vectors */
+ uint32_t num;
+};
+
+/**
+ * Synchronous operation descriptor.
+ * Supposed to be used with CPU crypto API call.
+ */
+struct rte_crypto_sym_vec {
+ /** array of SGL vectors */
+ struct rte_crypto_sgl *sgl;
+ /** array of pointers to IV */
+ void **iv;
+ /** array of pointers to AAD */
+ void **aad;
+ /** array of pointers to digest */
+ void **digest;
+ /**
+ * array of statuses for each operation:
+ * - 0 on success
+ * - errno on error
+ */
+ int32_t *status;
+ /** number of operations to perform */
+ uint32_t num;
+};
+
+/**
+ * used for cpu_crypto_process_bulk() to specify head/tail offsets
+ * for auth/cipher processing.
+ */
+union rte_crypto_sym_ofs {
+ uint64_t raw;
+ struct {
+ struct {
+ uint16_t head;
+ uint16_t tail;
+ } auth, cipher;
+ } ofs;
+};
/** Symmetric Cipher Algorithms */
enum rte_crypto_cipher_algorithm {
@@ -1,5 +1,5 @@
/* SPDX-License-Identifier: BSD-3-Clause
- * Copyright(c) 2015-2017 Intel Corporation
+ * Copyright(c) 2015-2020 Intel Corporation
*/
#include <sys/types.h>
@@ -494,6 +494,8 @@ rte_cryptodev_get_feature_name(uint64_t flag)
return "RSA_PRIV_OP_KEY_QT";
case RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED:
return "DIGEST_ENCRYPTED";
+ case RTE_CRYPTODEV_FF_SYM_CPU_CRYPTO:
+ return "SYM_CPU_CRYPTO";
default:
return NULL;
}
@@ -1619,6 +1621,37 @@ rte_cryptodev_sym_session_get_user_data(
return (void *)(sess->sess_data + sess->nb_drivers);
}
+static inline void
+sym_crypto_fill_status(struct rte_crypto_sym_vec *vec, int32_t errnum)
+{
+ uint32_t i;
+ for (i = 0; i < vec->num; i++)
+ vec->status[i] = errnum;
+}
+
+uint32_t
+rte_cryptodev_sym_cpu_crypto_process(uint8_t dev_id,
+ struct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs ofs,
+ struct rte_crypto_sym_vec *vec)
+{
+ struct rte_cryptodev *dev;
+
+ if (!rte_cryptodev_pmd_is_valid_dev(dev_id)) {
+ sym_crypto_fill_status(vec, EINVAL);
+ return 0;
+ }
+
+ dev = rte_cryptodev_pmd_get_dev(dev_id);
+
+ if (*dev->dev_ops->sym_cpu_process == NULL ||
+ !(dev->feature_flags & RTE_CRYPTODEV_FF_SYM_CPU_CRYPTO)) {
+ sym_crypto_fill_status(vec, ENOTSUP);
+ return 0;
+ }
+
+ return dev->dev_ops->sym_cpu_process(dev, sess, ofs, vec);
+}
+
/** Initialise rte_crypto_op mempool element */
static void
rte_crypto_op_init(struct rte_mempool *mempool,
@@ -1,5 +1,5 @@
/* SPDX-License-Identifier: BSD-3-Clause
- * Copyright(c) 2015-2017 Intel Corporation.
+ * Copyright(c) 2015-2020 Intel Corporation.
*/
#ifndef _RTE_CRYPTODEV_H_
@@ -450,6 +450,8 @@ rte_cryptodev_asym_get_xform_enum(enum rte_crypto_asym_xform_type *xform_enum,
/**< Support encrypted-digest operations where digest is appended to data */
#define RTE_CRYPTODEV_FF_ASYM_SESSIONLESS (1ULL << 20)
/**< Support asymmetric session-less operations */
+#define RTE_CRYPTODEV_FF_SYM_CPU_CRYPTO (1ULL << 21)
+/**< Support symmeteric cpu-crypto processing */
/**
@@ -1274,6 +1276,24 @@ void *
rte_cryptodev_sym_session_get_user_data(
struct rte_cryptodev_sym_session *sess);
+/**
+ * Perform actual crypto processing (encrypt/digest or auth/decrypt)
+ * on user provided data.
+ *
+ * @param dev_id The device identifier.
+ * @param sess Cryptodev session structure
+ * @param ofs Start and stop offsets for auth and cipher operations
+ * @param vec Vectorized operation descriptor
+ *
+ * @return
+ * - Returns number of successfully processed packets.
+ */
+__rte_experimental
+uint32_t
+rte_cryptodev_sym_cpu_crypto_process(uint8_t dev_id,
+ struct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs ofs,
+ struct rte_crypto_sym_vec *vec);
+
#ifdef __cplusplus
}
#endif
@@ -1,5 +1,5 @@
/* SPDX-License-Identifier: BSD-3-Clause
- * Copyright(c) 2015-2016 Intel Corporation.
+ * Copyright(c) 2015-2020 Intel Corporation.
*/
#ifndef _RTE_CRYPTODEV_PMD_H_
@@ -308,6 +308,23 @@ typedef void (*cryptodev_sym_free_session_t)(struct rte_cryptodev *dev,
*/
typedef void (*cryptodev_asym_free_session_t)(struct rte_cryptodev *dev,
struct rte_cryptodev_asym_session *sess);
+/**
+ * Perform actual crypto processing (encrypt/digest or auth/decrypt)
+ * on user provided data.
+ *
+ * @param dev Crypto device pointer
+ * @param sess Cryptodev session structure
+ * @param ofs Start and stop offsets for auth and cipher operations
+ * @param vec Vectorized operation descriptor
+ *
+ * @return
+ * - Returns number of successfully processed packets.
+ *
+ */
+typedef uint32_t (*cryptodev_sym_cpu_crypto_process_t)
+ (struct rte_cryptodev *dev, struct rte_cryptodev_sym_session *sess,
+ union rte_crypto_sym_ofs ofs, struct rte_crypto_sym_vec *vec);
+
/** Crypto device operations function pointer table */
struct rte_cryptodev_ops {
@@ -342,6 +359,8 @@ struct rte_cryptodev_ops {
/**< Clear a Crypto sessions private data. */
cryptodev_asym_free_session_t asym_session_clear;
/**< Clear a Crypto sessions private data. */
+ cryptodev_sym_cpu_crypto_process_t sym_cpu_process;
+ /**< process input data synchronously (cpu-crypto). */
};
@@ -71,6 +71,7 @@ EXPERIMENTAL {
rte_cryptodev_asym_session_init;
rte_cryptodev_asym_xform_capability_check_modlen;
rte_cryptodev_asym_xform_capability_check_optype;
+ rte_cryptodev_sym_cpu_crypto_process;
rte_cryptodev_sym_get_existing_header_session_size;
rte_cryptodev_sym_session_get_user_data;
rte_cryptodev_sym_session_pool_create;