4 * Copyright(c) 2015-2016 Intel Corporation. All rights reserved.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * * Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * * Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
17 * * Neither the name of Intel Corporation nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
24 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
25 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
26 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
27 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
40 #include <sys/queue.h>
43 #include <rte_common.h>
45 #include <rte_debug.h>
46 #include <rte_memory.h>
47 #include <rte_memzone.h>
48 #include <rte_tailq.h>
49 #include <rte_ether.h>
50 #include <rte_malloc.h>
51 #include <rte_launch.h>
53 #include <rte_per_lcore.h>
54 #include <rte_lcore.h>
55 #include <rte_atomic.h>
56 #include <rte_branch_prediction.h>
58 #include <rte_mempool.h>
60 #include <rte_string_fns.h>
61 #include <rte_spinlock.h>
62 #include <rte_mbuf_offload.h>
63 #include <rte_hexdump.h>
67 #include "qat_crypto.h"
68 #include "adf_transport_access_macros.h"
71 static inline uint32_t
72 adf_modulo(uint32_t data, uint32_t shift);
75 qat_alg_write_mbuf_entry(struct rte_mbuf *mbuf, uint8_t *out_msg);
77 void qat_crypto_sym_clear_session(struct rte_cryptodev *dev,
80 struct qat_session *sess = session;
81 phys_addr_t cd_paddr = sess->cd_paddr;
83 PMD_INIT_FUNC_TRACE();
85 memset(sess, 0, qat_crypto_sym_get_session_private_size(dev));
87 sess->cd_paddr = cd_paddr;
92 qat_get_cmd_id(const struct rte_crypto_sym_xform *xform)
94 if (xform->next == NULL)
98 if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next == NULL)
99 return -1; /* return ICP_QAT_FW_LA_CMD_CIPHER; */
101 /* Authentication Only */
102 if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH && xform->next == NULL)
103 return -1; /* return ICP_QAT_FW_LA_CMD_AUTH; */
105 /* Cipher then Authenticate */
106 if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
107 xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH)
108 return ICP_QAT_FW_LA_CMD_CIPHER_HASH;
110 /* Authenticate then Cipher */
111 if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
112 xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER)
113 return ICP_QAT_FW_LA_CMD_HASH_CIPHER;
118 static struct rte_crypto_auth_xform *
119 qat_get_auth_xform(struct rte_crypto_sym_xform *xform)
122 if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH)
131 static struct rte_crypto_cipher_xform *
132 qat_get_cipher_xform(struct rte_crypto_sym_xform *xform)
135 if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER)
136 return &xform->cipher;
146 qat_crypto_sym_configure_session(struct rte_cryptodev *dev,
147 struct rte_crypto_sym_xform *xform, void *session_private)
149 struct qat_pmd_private *internals = dev->data->dev_private;
151 struct qat_session *session = session_private;
153 struct rte_crypto_auth_xform *auth_xform = NULL;
154 struct rte_crypto_cipher_xform *cipher_xform = NULL;
158 PMD_INIT_FUNC_TRACE();
160 /* Get requested QAT command id */
161 qat_cmd_id = qat_get_cmd_id(xform);
162 if (qat_cmd_id < 0 || qat_cmd_id >= ICP_QAT_FW_LA_CMD_DELIMITER) {
163 PMD_DRV_LOG(ERR, "Unsupported xform chain requested");
166 session->qat_cmd = (enum icp_qat_fw_la_cmd_id)qat_cmd_id;
168 /* Get cipher xform from crypto xform chain */
169 cipher_xform = qat_get_cipher_xform(xform);
171 switch (cipher_xform->algo) {
172 case RTE_CRYPTO_CIPHER_AES_CBC:
173 if (qat_alg_validate_aes_key(cipher_xform->key.length,
174 &session->qat_cipher_alg) != 0) {
175 PMD_DRV_LOG(ERR, "Invalid AES cipher key size");
178 session->qat_mode = ICP_QAT_HW_CIPHER_CBC_MODE;
180 case RTE_CRYPTO_CIPHER_AES_GCM:
181 if (qat_alg_validate_aes_key(cipher_xform->key.length,
182 &session->qat_cipher_alg) != 0) {
183 PMD_DRV_LOG(ERR, "Invalid AES cipher key size");
186 session->qat_mode = ICP_QAT_HW_CIPHER_CTR_MODE;
188 case RTE_CRYPTO_CIPHER_NULL:
189 case RTE_CRYPTO_CIPHER_3DES_ECB:
190 case RTE_CRYPTO_CIPHER_3DES_CBC:
191 case RTE_CRYPTO_CIPHER_AES_ECB:
192 case RTE_CRYPTO_CIPHER_AES_CTR:
193 case RTE_CRYPTO_CIPHER_AES_CCM:
194 case RTE_CRYPTO_CIPHER_KASUMI_F8:
195 PMD_DRV_LOG(ERR, "Crypto: Unsupported Cipher alg %u",
199 PMD_DRV_LOG(ERR, "Crypto: Undefined Cipher specified %u\n",
204 if (cipher_xform->op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
205 session->qat_dir = ICP_QAT_HW_CIPHER_ENCRYPT;
207 session->qat_dir = ICP_QAT_HW_CIPHER_DECRYPT;
210 /* Get authentication xform from Crypto xform chain */
211 auth_xform = qat_get_auth_xform(xform);
213 switch (auth_xform->algo) {
214 case RTE_CRYPTO_AUTH_SHA1_HMAC:
215 session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA1;
217 case RTE_CRYPTO_AUTH_SHA256_HMAC:
218 session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA256;
220 case RTE_CRYPTO_AUTH_SHA512_HMAC:
221 session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA512;
223 case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
224 session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC;
226 case RTE_CRYPTO_AUTH_AES_GCM:
227 case RTE_CRYPTO_AUTH_AES_GMAC:
228 session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_GALOIS_128;
230 case RTE_CRYPTO_AUTH_NULL:
231 case RTE_CRYPTO_AUTH_SHA1:
232 case RTE_CRYPTO_AUTH_SHA256:
233 case RTE_CRYPTO_AUTH_SHA512:
234 case RTE_CRYPTO_AUTH_SHA224:
235 case RTE_CRYPTO_AUTH_SHA224_HMAC:
236 case RTE_CRYPTO_AUTH_SHA384:
237 case RTE_CRYPTO_AUTH_SHA384_HMAC:
238 case RTE_CRYPTO_AUTH_MD5:
239 case RTE_CRYPTO_AUTH_MD5_HMAC:
240 case RTE_CRYPTO_AUTH_AES_CCM:
241 case RTE_CRYPTO_AUTH_KASUMI_F9:
242 case RTE_CRYPTO_AUTH_SNOW3G_UIA2:
243 case RTE_CRYPTO_AUTH_AES_CMAC:
244 case RTE_CRYPTO_AUTH_AES_CBC_MAC:
245 case RTE_CRYPTO_AUTH_ZUC_EIA3:
246 PMD_DRV_LOG(ERR, "Crypto: Unsupported hash alg %u",
250 PMD_DRV_LOG(ERR, "Crypto: Undefined Hash algo %u specified",
255 if (qat_alg_aead_session_create_content_desc(session,
256 cipher_xform->key.data,
257 cipher_xform->key.length,
258 auth_xform->key.data,
259 auth_xform->key.length,
260 auth_xform->add_auth_data_length,
261 auth_xform->digest_length))
264 return (struct rte_crypto_sym_session *)session;
267 rte_mempool_put(internals->sess_mp, session);
271 unsigned qat_crypto_sym_get_session_private_size(
272 struct rte_cryptodev *dev __rte_unused)
274 return RTE_ALIGN_CEIL(sizeof(struct qat_session), 8);
278 uint16_t qat_sym_crypto_pkt_tx_burst(void *qp, struct rte_mbuf **tx_pkts,
281 register struct qat_queue *queue;
282 struct qat_qp *tmp_qp = (struct qat_qp *)qp;
283 register uint32_t nb_pkts_sent = 0;
284 register struct rte_mbuf **cur_tx_pkt = tx_pkts;
286 uint16_t nb_pkts_possible = nb_pkts;
287 register uint8_t *base_addr;
288 register uint32_t tail;
291 /* read params used a lot in main loop into registers */
292 queue = &(tmp_qp->tx_q);
293 base_addr = (uint8_t *)queue->base_addr;
296 /* Find how many can actually fit on the ring */
297 overflow = rte_atomic16_add_return(&tmp_qp->inflights16, nb_pkts)
298 - queue->max_inflights;
300 rte_atomic16_sub(&tmp_qp->inflights16, overflow);
301 nb_pkts_possible = nb_pkts - overflow;
302 if (nb_pkts_possible == 0)
306 while (nb_pkts_sent != nb_pkts_possible) {
308 ret = qat_alg_write_mbuf_entry(*cur_tx_pkt,
311 tmp_qp->stats.enqueue_err_count++;
312 if (nb_pkts_sent == 0)
317 tail = adf_modulo(tail + queue->msg_size, queue->modulo);
322 WRITE_CSR_RING_TAIL(tmp_qp->mmap_bar_addr, queue->hw_bundle_number,
323 queue->hw_queue_number, tail);
325 tmp_qp->stats.enqueued_count += nb_pkts_sent;
330 qat_sym_crypto_pkt_rx_burst(void *qp, struct rte_mbuf **rx_pkts,
333 struct rte_mbuf_offload *ol;
334 struct qat_queue *queue;
335 struct qat_qp *tmp_qp = (struct qat_qp *)qp;
336 uint32_t msg_counter = 0;
337 struct rte_mbuf *rx_mbuf;
338 struct icp_qat_fw_comn_resp *resp_msg;
340 queue = &(tmp_qp->rx_q);
341 resp_msg = (struct icp_qat_fw_comn_resp *)
342 ((uint8_t *)queue->base_addr + queue->head);
344 while (*(uint32_t *)resp_msg != ADF_RING_EMPTY_SIG &&
345 msg_counter != nb_pkts) {
346 rx_mbuf = (struct rte_mbuf *)(uintptr_t)(resp_msg->opaque_data);
347 ol = rte_pktmbuf_offload_get(rx_mbuf,
348 RTE_PKTMBUF_OL_CRYPTO_SYM);
349 if (ICP_QAT_FW_COMN_STATUS_FLAG_OK !=
350 ICP_QAT_FW_COMN_RESP_CRYPTO_STAT_GET(
351 resp_msg->comn_hdr.comn_status)) {
352 ol->op.crypto.status =
353 RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
355 ol->op.crypto.status = RTE_CRYPTO_OP_STATUS_SUCCESS;
357 *(uint32_t *)resp_msg = ADF_RING_EMPTY_SIG;
358 queue->head = adf_modulo(queue->head +
360 ADF_RING_SIZE_MODULO(queue->queue_size));
361 resp_msg = (struct icp_qat_fw_comn_resp *)
362 ((uint8_t *)queue->base_addr +
369 if (msg_counter > 0) {
370 WRITE_CSR_RING_HEAD(tmp_qp->mmap_bar_addr,
371 queue->hw_bundle_number,
372 queue->hw_queue_number, queue->head);
373 rte_atomic16_sub(&tmp_qp->inflights16, msg_counter);
374 tmp_qp->stats.dequeued_count += msg_counter;
380 qat_alg_write_mbuf_entry(struct rte_mbuf *mbuf, uint8_t *out_msg)
382 struct rte_mbuf_offload *ol;
384 struct qat_session *ctx;
385 struct icp_qat_fw_la_cipher_req_params *cipher_param;
386 struct icp_qat_fw_la_auth_req_params *auth_param;
387 register struct icp_qat_fw_la_bulk_req *qat_req;
389 ol = rte_pktmbuf_offload_get(mbuf, RTE_PKTMBUF_OL_CRYPTO_SYM);
390 if (unlikely(ol == NULL)) {
391 PMD_DRV_LOG(ERR, "No valid crypto off-load operation attached "
392 "to (%p) mbuf.", mbuf);
396 if (unlikely(ol->op.crypto.type == RTE_CRYPTO_SYM_OP_SESSIONLESS)) {
397 PMD_DRV_LOG(ERR, "QAT PMD only supports session oriented"
398 " requests mbuf (%p) is sessionless.", mbuf);
402 if (unlikely(ol->op.crypto.session->type
403 != RTE_CRYPTODEV_QAT_SYM_PMD)) {
404 PMD_DRV_LOG(ERR, "Session was not created for this device");
408 ctx = (struct qat_session *)ol->op.crypto.session->_private;
409 qat_req = (struct icp_qat_fw_la_bulk_req *)out_msg;
410 *qat_req = ctx->fw_req;
411 qat_req->comn_mid.opaque_data = (uint64_t)(uintptr_t)mbuf;
414 * The following code assumes:
415 * - single entry buffer.
418 qat_req->comn_mid.dst_length =
419 qat_req->comn_mid.src_length = mbuf->data_len;
420 qat_req->comn_mid.dest_data_addr =
421 qat_req->comn_mid.src_data_addr =
422 rte_pktmbuf_mtophys(mbuf);
424 cipher_param = (void *)&qat_req->serv_specif_rqpars;
425 auth_param = (void *)((uint8_t *)cipher_param + sizeof(*cipher_param));
427 cipher_param->cipher_length = ol->op.crypto.data.to_cipher.length;
428 cipher_param->cipher_offset = ol->op.crypto.data.to_cipher.offset;
429 if (ol->op.crypto.iv.length &&
430 (ol->op.crypto.iv.length <=
431 sizeof(cipher_param->u.cipher_IV_array))) {
432 rte_memcpy(cipher_param->u.cipher_IV_array,
433 ol->op.crypto.iv.data, ol->op.crypto.iv.length);
435 ICP_QAT_FW_LA_CIPH_IV_FLD_FLAG_SET(
436 qat_req->comn_hdr.serv_specif_flags,
437 ICP_QAT_FW_CIPH_IV_64BIT_PTR);
438 cipher_param->u.s.cipher_IV_ptr = ol->op.crypto.iv.phys_addr;
440 if (ol->op.crypto.digest.phys_addr) {
441 ICP_QAT_FW_LA_DIGEST_IN_BUFFER_SET(
442 qat_req->comn_hdr.serv_specif_flags,
443 ICP_QAT_FW_LA_NO_DIGEST_IN_BUFFER);
444 auth_param->auth_res_addr = ol->op.crypto.digest.phys_addr;
446 auth_param->auth_off = ol->op.crypto.data.to_hash.offset;
447 auth_param->auth_len = ol->op.crypto.data.to_hash.length;
448 auth_param->u1.aad_adr = ol->op.crypto.additional_auth.phys_addr;
450 /* (GCM) aad length(240 max) will be at this location after precompute */
451 if (ctx->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_GALOIS_128 ||
452 ctx->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_GALOIS_64) {
453 auth_param->u2.aad_sz =
454 ALIGN_POW2_ROUNDUP(ctx->cd.hash.sha.state1[
455 ICP_QAT_HW_GALOIS_128_STATE1_SZ +
456 ICP_QAT_HW_GALOIS_H_SZ + 3], 16);
458 auth_param->hash_state_sz = (auth_param->u2.aad_sz) >> 3;
460 #ifdef RTE_LIBRTE_PMD_QAT_DEBUG_DRIVER
461 rte_hexdump(stdout, "qat_req:", qat_req,
462 sizeof(struct icp_qat_fw_la_bulk_req));
467 static inline uint32_t adf_modulo(uint32_t data, uint32_t shift)
469 uint32_t div = data >> shift;
470 uint32_t mult = div << shift;
475 void qat_crypto_sym_session_init(struct rte_mempool *mp, void *priv_sess)
477 struct qat_session *s = priv_sess;
479 PMD_INIT_FUNC_TRACE();
480 s->cd_paddr = rte_mempool_virt2phy(mp, &s->cd);
483 int qat_dev_config(__rte_unused struct rte_cryptodev *dev)
485 PMD_INIT_FUNC_TRACE();
489 int qat_dev_start(__rte_unused struct rte_cryptodev *dev)
491 PMD_INIT_FUNC_TRACE();
495 void qat_dev_stop(__rte_unused struct rte_cryptodev *dev)
497 PMD_INIT_FUNC_TRACE();
500 int qat_dev_close(struct rte_cryptodev *dev)
504 PMD_INIT_FUNC_TRACE();
506 for (i = 0; i < dev->data->nb_queue_pairs; i++) {
507 ret = qat_crypto_sym_qp_release(dev, i);
515 void qat_dev_info_get(__rte_unused struct rte_cryptodev *dev,
516 struct rte_cryptodev_info *info)
518 struct qat_pmd_private *internals = dev->data->dev_private;
520 PMD_INIT_FUNC_TRACE();
522 info->max_nb_queue_pairs =
523 ADF_NUM_SYM_QPS_PER_BUNDLE *
524 ADF_NUM_BUNDLES_PER_DEV;
526 info->sym.max_nb_sessions = internals->max_nb_sessions;
527 info->dev_type = RTE_CRYPTODEV_QAT_SYM_PMD;
531 void qat_crypto_sym_stats_get(struct rte_cryptodev *dev,
532 struct rte_cryptodev_stats *stats)
535 struct qat_qp **qp = (struct qat_qp **)(dev->data->queue_pairs);
537 PMD_INIT_FUNC_TRACE();
539 PMD_DRV_LOG(ERR, "invalid stats ptr NULL");
542 for (i = 0; i < dev->data->nb_queue_pairs; i++) {
544 PMD_DRV_LOG(DEBUG, "Uninitialised queue pair");
548 stats->enqueued_count += qp[i]->stats.enqueued_count;
549 stats->dequeued_count += qp[i]->stats.enqueued_count;
550 stats->enqueue_err_count += qp[i]->stats.enqueue_err_count;
551 stats->dequeue_err_count += qp[i]->stats.enqueue_err_count;
555 void qat_crypto_sym_stats_reset(struct rte_cryptodev *dev)
558 struct qat_qp **qp = (struct qat_qp **)(dev->data->queue_pairs);
560 PMD_INIT_FUNC_TRACE();
561 for (i = 0; i < dev->data->nb_queue_pairs; i++)
562 memset(&(qp[i]->stats), 0, sizeof(qp[i]->stats));
563 PMD_DRV_LOG(DEBUG, "QAT crypto: stats cleared");