From patchwork Wed Oct 26 10:54:27 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zhangfei Gao X-Patchwork-Id: 618811 Delivered-To: patch@linaro.org Received: by 2002:a17:522:c983:b0:460:3032:e3c4 with SMTP id kr3csp317259pvb; Wed, 26 Oct 2022 04:01:45 -0700 (PDT) X-Google-Smtp-Source: AMsMyM5ICJdfFEMvv7fI4HnnUhtlfzaUXre9pPPc14fHh4//kH9BGDZXUlO0kYe/WQbjTFv3Ni2k X-Received: by 2002:a5d:4a41:0:b0:228:48c6:7386 with SMTP id v1-20020a5d4a41000000b0022848c67386mr28322552wrs.649.1666782105151; Wed, 26 Oct 2022 04:01:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666782105; cv=none; d=google.com; s=arc-20160816; b=AD+6JdeGhDFzzrn9fl73Lr9P0b78XUY99Xincroz9oWI52snq134ezKfpDYm50ZLhn ty+L5E/sU/bdgP1L0VPlh3SeI8MVa0h6sJ6ERdUg8m/vgwLklMMhmfLRfDdBxzaAxGtI x233PeGc4iJGZ0jnW1WcWprLzYHqU0dXCh3Ssj6e6j3S+MORDGo8mIYubXhYQjfbqPiH vELNMJ+P9CF0o3muTGz/KZRfWeikz56FyrX2gVSE+OcHMEzTYjTBjORmzC4dL4d0Zb5f Tymxufz4ubT4EyDWkWCxVit0qhGKiZEGnr7d7iQNTHkZmSIRNsCB7W21HyJD4oQothTD X/mQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=5LbadSr2F/V9e00/azLMh5kK2GK9h8fdx23Ph4AXK/Y=; b=LQ2SOIuz7n/N4JRmZlPrGNULe5ashjd2y4wHBhvZTXuNC0vMNL6CWD/Q6tgqE41byN Zuq9LGlRh+Qxt7bJsUW8MXWXfVSkWHrx9h0/WsGn28LTrPjkNsWWBgOyBtww6JnT1Der kS4vqp8Gd+Lkd3wO/Hurg32SsBe41qMDf/SPjCiICxpEo4TscxBksOXHLjeI6R5jGUJR OatAtR47bgQqAR8LwdASjAhqHYPyDzOsxaDs+iOjRKN4n5mSfgNDY1dBr74fic0z7RkL B2rICH7p5T6y3HFjZ45drD4q+txRnZHvjkM0uCMwpJUcAVKa111uruyjnvrm/c2AXncB 42Ag== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=UNMz+n9+; spf=pass (google.com: domain of dev-bounces@dpdk.org designates 217.70.189.124 as permitted sender) smtp.mailfrom=dev-bounces@dpdk.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from mails.dpdk.org (mails.dpdk.org. [217.70.189.124]) by mx.google.com with ESMTP id w7-20020adfbac7000000b002303b696937si3733199wrg.865.2022.10.26.04.01.44; Wed, 26 Oct 2022 04:01:45 -0700 (PDT) Received-SPF: pass (google.com: domain of dev-bounces@dpdk.org designates 217.70.189.124 as permitted sender) client-ip=217.70.189.124; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=UNMz+n9+; spf=pass (google.com: domain of dev-bounces@dpdk.org designates 217.70.189.124 as permitted sender) smtp.mailfrom=dev-bounces@dpdk.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id A7C7E42BB7; Wed, 26 Oct 2022 13:01:24 +0200 (CEST) Received: from mail-wm1-f48.google.com (mail-wm1-f48.google.com [209.85.128.48]) by mails.dpdk.org (Postfix) with ESMTP id 060C941611 for ; Wed, 26 Oct 2022 13:01:21 +0200 (CEST) Received: by mail-wm1-f48.google.com with SMTP id az22-20020a05600c601600b003c6b72797fdso1254502wmb.5 for ; Wed, 26 Oct 2022 04:01:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=5LbadSr2F/V9e00/azLMh5kK2GK9h8fdx23Ph4AXK/Y=; b=UNMz+n9+dNECinkd4qDfDrZIxSqfJfsTZwiXJZ0ASwVzo0uV/aherXHUjubrxnPHkr RErTNIy6CMU8yezI8l+KT+srnDlCzy0vpPMszzB1uVzpkInm2iQx5SHLuYkE7HRdisza fhzEMlDFT/olvXJV0xWG7HYVJjva0Th2Lt6bClm+RTud3nEMBEzQDr/BHBxSt1SGauGC X/IkcPlwcugmumvcwnWqfsXVYEClKE+Tm5QbgQp7pcxKaPW9O0mTSY/76loeEJUsT5Nl feD6YdgjNCnfyEGSOtbAvpILpJchQ6113wO93hCasWnoY4hdPpeeky38eec3P5XFhR3+ TdZg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5LbadSr2F/V9e00/azLMh5kK2GK9h8fdx23Ph4AXK/Y=; b=JGjtckWznkdofUC12k9iGQcCow8aPgbVFH/0gkHawrRluiCQJJfhgHeawHrw1GzM/I QDUgyiEwXzBPD2Ts82alI6XYV2jI5x7UFjdIBBi9Uf0xXRogqTZxYrUynyrHpCQ6iPtR i0nVDrnMDKyRSWAi3XKuolxrGfeXCqUZAhf/BpBRyPJJONtkVffMEenPgkA/ekd9kfa/ lOhIgha79y7qGzCqNEVMW6B9TNWMgucGIUARpGHUhWmN8d5kz3XIpeLnyYcrGnXqt8WL LA4asXXZoRrbA8eNYL+9GFZhwAX3/fN8dcefrCSM4aaoRCDEiD/YygbzxaXYpzKoJxIj 4DQw== X-Gm-Message-State: ACrzQf0uDFPP5Y8Pv1Asn4UE5iWD8WP8/Edhic4lcJy44E6Kj2hrNz5N RYRXuA+fgNHM3W2GoE6cfedNsg== X-Received: by 2002:a05:600c:3d10:b0:3c6:f1f9:b42 with SMTP id bh16-20020a05600c3d1000b003c6f1f90b42mr1907192wmb.15.1666782080729; Wed, 26 Oct 2022 04:01:20 -0700 (PDT) Received: from localhost.localdomain ([213.146.143.36]) by smtp.gmail.com with ESMTPSA id h14-20020a5d688e000000b0023660f6cecfsm4856094wru.80.2022.10.26.04.01.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Oct 2022 04:01:20 -0700 (PDT) From: Zhangfei Gao To: Akhil Goyal , Declan Doherty , Fan Zhang , Ashish Gupta , Ray Kinsella , "thomas@monjalon.net" Cc: dev@dpdk.org, acc@openeuler.org, Zhangfei Gao Subject: [PATCH v6 4/6] crypto/uadk: support cipher algorithms Date: Wed, 26 Oct 2022 18:54:27 +0800 Message-Id: <20221026105429.1899867-5-zhangfei.gao@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221026105429.1899867-1-zhangfei.gao@linaro.org> References: <20221026105429.1899867-1-zhangfei.gao@linaro.org> MIME-Version: 1.0 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Add support for cipher algorithms, including AES_ECB, AES_CBC, AES_XTS, and DES_CBC mode. Signed-off-by: Zhangfei Gao --- doc/guides/cryptodevs/features/uadk.ini | 10 + doc/guides/cryptodevs/uadk.rst | 6 + drivers/crypto/uadk/uadk_crypto_pmd.c | 303 +++++++++++++++++- drivers/crypto/uadk/uadk_crypto_pmd_private.h | 23 ++ 4 files changed, 337 insertions(+), 5 deletions(-) diff --git a/doc/guides/cryptodevs/features/uadk.ini b/doc/guides/cryptodevs/features/uadk.ini index df5ad40e3d..005e08ac8d 100644 --- a/doc/guides/cryptodevs/features/uadk.ini +++ b/doc/guides/cryptodevs/features/uadk.ini @@ -4,12 +4,22 @@ ; Refer to default.ini for the full list of available PMD features. ; [Features] +Symmetric crypto = Y HW Accelerated = Y ; ; Supported crypto algorithms of the 'uadk' crypto driver. ; [Cipher] +AES CBC (128) = Y +AES CBC (192) = Y +AES CBC (256) = Y +AES ECB (128) = Y +AES ECB (192) = Y +AES ECB (256) = Y +AES XTS (128) = Y +AES XTS (256) = Y +DES CBC = Y ; ; Supported authentication algorithms of the 'uadk' crypto driver. diff --git a/doc/guides/cryptodevs/uadk.rst b/doc/guides/cryptodevs/uadk.rst index 2a0cb300e9..e0ca097961 100644 --- a/doc/guides/cryptodevs/uadk.rst +++ b/doc/guides/cryptodevs/uadk.rst @@ -24,6 +24,12 @@ Features UADK crypto PMD has support for: +Cipher algorithms: + +* ``RTE_CRYPTO_CIPHER_AES_ECB`` +* ``RTE_CRYPTO_CIPHER_AES_CBC`` +* ``RTE_CRYPTO_CIPHER_AES_XTS`` +* ``RTE_CRYPTO_CIPHER_DES_CBC`` Test steps ---------- diff --git a/drivers/crypto/uadk/uadk_crypto_pmd.c b/drivers/crypto/uadk/uadk_crypto_pmd.c index b889dac8b0..f112a96033 100644 --- a/drivers/crypto/uadk/uadk_crypto_pmd.c +++ b/drivers/crypto/uadk/uadk_crypto_pmd.c @@ -18,6 +18,86 @@ static uint8_t uadk_cryptodev_driver_id; static const struct rte_cryptodev_capabilities uadk_crypto_v2_capabilities[] = { + { /* AES ECB */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher = { + .algo = RTE_CRYPTO_CIPHER_AES_ECB, + .block_size = 16, + .key_size = { + .min = 16, + .max = 32, + .increment = 8 + }, + .iv_size = { + .min = 0, + .max = 0, + .increment = 0 + } + }, } + }, } + }, + { /* AES CBC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher = { + .algo = RTE_CRYPTO_CIPHER_AES_CBC, + .block_size = 16, + .key_size = { + .min = 16, + .max = 32, + .increment = 8 + }, + .iv_size = { + .min = 16, + .max = 16, + .increment = 0 + } + }, } + }, } + }, + { /* AES XTS */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher = { + .algo = RTE_CRYPTO_CIPHER_AES_XTS, + .block_size = 1, + .key_size = { + .min = 32, + .max = 64, + .increment = 32 + }, + .iv_size = { + .min = 0, + .max = 0, + .increment = 0 + } + }, } + }, } + }, + { /* DES CBC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher = { + .algo = RTE_CRYPTO_CIPHER_DES_CBC, + .block_size = 8, + .key_size = { + .min = 8, + .max = 8, + .increment = 0 + }, + .iv_size = { + .min = 8, + .max = 8, + .increment = 0 + } + }, } + }, } + }, /* End of capabilities */ RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() }; @@ -45,8 +125,15 @@ uadk_crypto_pmd_stop(struct rte_cryptodev *dev __rte_unused) /* Close device */ static int -uadk_crypto_pmd_close(struct rte_cryptodev *dev __rte_unused) +uadk_crypto_pmd_close(struct rte_cryptodev *dev) { + struct uadk_crypto_priv *priv = dev->data->dev_private; + + if (priv->env_cipher_init) { + wd_cipher_env_uninit(); + priv->env_cipher_init = false; + } + return 0; } @@ -193,6 +280,159 @@ uadk_crypto_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id, return -EINVAL; } +static unsigned int +uadk_crypto_sym_session_get_size(struct rte_cryptodev *dev __rte_unused) +{ + return sizeof(struct uadk_crypto_session); +} + +static enum uadk_chain_order +uadk_get_chain_order(const struct rte_crypto_sym_xform *xform) +{ + enum uadk_chain_order res = UADK_CHAIN_NOT_SUPPORTED; + + if (xform != NULL) { + if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) { + if (xform->next == NULL) + res = UADK_CHAIN_ONLY_CIPHER; + } + } + + return res; +} + +static int +uadk_set_session_cipher_parameters(struct rte_cryptodev *dev, + struct uadk_crypto_session *sess, + struct rte_crypto_sym_xform *xform) +{ + struct uadk_crypto_priv *priv = dev->data->dev_private; + struct rte_crypto_cipher_xform *cipher = &xform->cipher; + struct wd_cipher_sess_setup setup = {0}; + struct sched_params params = {0}; + int ret; + + if (!priv->env_cipher_init) { + ret = wd_cipher_env_init(NULL); + if (ret < 0) + return -EINVAL; + priv->env_cipher_init = true; + } + + sess->cipher.direction = cipher->op; + sess->iv.offset = cipher->iv.offset; + sess->iv.length = cipher->iv.length; + + switch (cipher->algo) { + /* Cover supported cipher algorithms */ + case RTE_CRYPTO_CIPHER_AES_CTR: + setup.alg = WD_CIPHER_AES; + setup.mode = WD_CIPHER_CTR; + sess->cipher.req.out_bytes = 64; + break; + case RTE_CRYPTO_CIPHER_AES_ECB: + setup.alg = WD_CIPHER_AES; + setup.mode = WD_CIPHER_ECB; + sess->cipher.req.out_bytes = 16; + break; + case RTE_CRYPTO_CIPHER_AES_CBC: + setup.alg = WD_CIPHER_AES; + setup.mode = WD_CIPHER_CBC; + if (cipher->key.length == 16) + sess->cipher.req.out_bytes = 16; + else + sess->cipher.req.out_bytes = 64; + break; + case RTE_CRYPTO_CIPHER_AES_XTS: + setup.alg = WD_CIPHER_AES; + setup.mode = WD_CIPHER_XTS; + if (cipher->key.length == 16) + sess->cipher.req.out_bytes = 32; + else + sess->cipher.req.out_bytes = 512; + break; + default: + ret = -ENOTSUP; + goto env_uninit; + } + + params.numa_id = -1; /* choose nearby numa node */ + setup.sched_param = ¶ms; + sess->handle_cipher = wd_cipher_alloc_sess(&setup); + if (!sess->handle_cipher) { + UADK_LOG(ERR, "uadk failed to alloc session!\n"); + ret = -EINVAL; + goto env_uninit; + } + + ret = wd_cipher_set_key(sess->handle_cipher, cipher->key.data, cipher->key.length); + if (ret) { + wd_cipher_free_sess(sess->handle_cipher); + UADK_LOG(ERR, "uadk failed to set key!\n"); + ret = -EINVAL; + goto env_uninit; + } + + return 0; + +env_uninit: + wd_cipher_env_uninit(); + priv->env_cipher_init = false; + return ret; +} + +static int +uadk_crypto_sym_session_configure(struct rte_cryptodev *dev, + struct rte_crypto_sym_xform *xform, + struct rte_cryptodev_sym_session *session) +{ + struct rte_crypto_sym_xform *cipher_xform = NULL; + struct uadk_crypto_session *sess = CRYPTODEV_GET_SYM_SESS_PRIV(session); + int ret; + + if (unlikely(!sess)) { + UADK_LOG(ERR, "Session not available"); + return -EINVAL; + } + + sess->chain_order = uadk_get_chain_order(xform); + switch (sess->chain_order) { + case UADK_CHAIN_ONLY_CIPHER: + cipher_xform = xform; + break; + default: + return -ENOTSUP; + } + + if (cipher_xform) { + ret = uadk_set_session_cipher_parameters(dev, sess, cipher_xform); + if (ret != 0) { + UADK_LOG(ERR, + "Invalid/unsupported cipher parameters"); + return ret; + } + } + + return 0; +} + +static void +uadk_crypto_sym_session_clear(struct rte_cryptodev *dev __rte_unused, + struct rte_cryptodev_sym_session *session) +{ + struct uadk_crypto_session *sess = CRYPTODEV_GET_SYM_SESS_PRIV(session); + + if (unlikely(sess == NULL)) { + UADK_LOG(ERR, "Session not available"); + return; + } + + if (sess->handle_cipher) { + wd_cipher_free_sess(sess->handle_cipher); + sess->handle_cipher = 0; + } +} + static struct rte_cryptodev_ops uadk_crypto_pmd_ops = { .dev_configure = uadk_crypto_pmd_config, .dev_start = uadk_crypto_pmd_start, @@ -203,16 +443,51 @@ static struct rte_cryptodev_ops uadk_crypto_pmd_ops = { .dev_infos_get = uadk_crypto_pmd_info_get, .queue_pair_setup = uadk_crypto_pmd_qp_setup, .queue_pair_release = uadk_crypto_pmd_qp_release, - .sym_session_get_size = NULL, - .sym_session_configure = NULL, - .sym_session_clear = NULL, + .sym_session_get_size = uadk_crypto_sym_session_get_size, + .sym_session_configure = uadk_crypto_sym_session_configure, + .sym_session_clear = uadk_crypto_sym_session_clear, }; +static void +uadk_process_cipher_op(struct rte_crypto_op *op, + struct uadk_crypto_session *sess, + struct rte_mbuf *msrc, struct rte_mbuf *mdst) +{ + uint32_t off = op->sym->cipher.data.offset; + int ret; + + if (!sess) { + op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; + return; + } + + sess->cipher.req.src = rte_pktmbuf_mtod_offset(msrc, uint8_t *, off); + sess->cipher.req.in_bytes = op->sym->cipher.data.length; + sess->cipher.req.dst = rte_pktmbuf_mtod_offset(mdst, uint8_t *, off); + sess->cipher.req.out_buf_bytes = sess->cipher.req.in_bytes; + sess->cipher.req.iv_bytes = sess->iv.length; + sess->cipher.req.iv = rte_crypto_op_ctod_offset(op, uint8_t *, + sess->iv.offset); + if (sess->cipher.direction == RTE_CRYPTO_CIPHER_OP_ENCRYPT) + sess->cipher.req.op_type = WD_CIPHER_ENCRYPTION; + else + sess->cipher.req.op_type = WD_CIPHER_DECRYPTION; + + do { + ret = wd_do_cipher_sync(sess->handle_cipher, &sess->cipher.req); + } while (ret == -WD_EBUSY); + + if (ret) + op->status = RTE_CRYPTO_OP_STATUS_ERROR; +} + static uint16_t uadk_crypto_enqueue_burst(void *queue_pair, struct rte_crypto_op **ops, uint16_t nb_ops) { struct uadk_qp *qp = queue_pair; + struct uadk_crypto_session *sess = NULL; + struct rte_mbuf *msrc, *mdst; struct rte_crypto_op *op; uint16_t enqd = 0; int i, ret; @@ -220,6 +495,23 @@ uadk_crypto_enqueue_burst(void *queue_pair, struct rte_crypto_op **ops, for (i = 0; i < nb_ops; i++) { op = ops[i]; op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; + msrc = op->sym->m_src; + mdst = op->sym->m_dst ? op->sym->m_dst : op->sym->m_src; + + if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) { + if (likely(op->sym->session != NULL)) + sess = CRYPTODEV_GET_SYM_SESS_PRIV( + op->sym->session); + } + + switch (sess->chain_order) { + case UADK_CHAIN_ONLY_CIPHER: + uadk_process_cipher_op(op, sess, msrc, mdst); + break; + default: + op->status = RTE_CRYPTO_OP_STATUS_ERROR; + break; + } if (op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; @@ -295,7 +587,8 @@ uadk_cryptodev_probe(struct rte_vdev_device *vdev) dev->driver_id = uadk_cryptodev_driver_id; dev->dequeue_burst = uadk_crypto_dequeue_burst; dev->enqueue_burst = uadk_crypto_enqueue_burst; - dev->feature_flags = RTE_CRYPTODEV_FF_HW_ACCELERATED; + dev->feature_flags = RTE_CRYPTODEV_FF_HW_ACCELERATED | + RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO; priv = dev->data->dev_private; priv->version = version; diff --git a/drivers/crypto/uadk/uadk_crypto_pmd_private.h b/drivers/crypto/uadk/uadk_crypto_pmd_private.h index 3060583b54..e981420cef 100644 --- a/drivers/crypto/uadk/uadk_crypto_pmd_private.h +++ b/drivers/crypto/uadk/uadk_crypto_pmd_private.h @@ -25,12 +25,35 @@ struct uadk_qp { uint8_t temp_digest[DIGEST_LENGTH_MAX]; } __rte_cache_aligned; +enum uadk_chain_order { + UADK_CHAIN_ONLY_CIPHER, + UADK_CHAIN_NOT_SUPPORTED +}; + +struct uadk_crypto_session { + handle_t handle_cipher; + enum uadk_chain_order chain_order; + + /* IV parameters */ + struct { + uint16_t length; + uint16_t offset; + } iv; + + /* Cipher Parameters */ + struct { + enum rte_crypto_cipher_operation direction; + struct wd_cipher_req req; + } cipher; +} __rte_cache_aligned; + enum uadk_crypto_version { UADK_CRYPTO_V2, UADK_CRYPTO_V3, }; struct uadk_crypto_priv { + bool env_cipher_init; enum uadk_crypto_version version; } __rte_cache_aligned;