git.droids-corp.org / dpdk.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
drivers: use SPDX tag for Intel copyright files
[dpdk.git] / drivers / crypto / aesni_mb / rte_aesni_mb_pmd.c
1 /* SPDX-License-Identifier: BSD-3-Clause
2  * Copyright(c) 2015-2017 Intel Corporation
3  */
4
5 #include <des.h>
6
7 #include <rte_common.h>
8 #include <rte_hexdump.h>
9 #include <rte_cryptodev.h>
10 #include <rte_cryptodev_pmd.h>
11 #include <rte_bus_vdev.h>
12 #include <rte_malloc.h>
13 #include <rte_cpuflags.h>
14
15 #include "rte_aesni_mb_pmd_private.h"
16
17 static uint8_t cryptodev_driver_id;
18
19 typedef void (*hash_one_block_t)(const void *data, void *digest);
20 typedef void (*aes_keyexp_t)(const void *key, void *enc_exp_keys, void *dec_exp_keys);
21
22 /**
23  * Calculate the authentication pre-computes
24  *
25  * @param one_block_hash        Function pointer to calculate digest on ipad/opad
26  * @param ipad                  Inner pad output byte array
27  * @param opad                  Outer pad output byte array
28  * @param hkey                  Authentication key
29  * @param hkey_len              Authentication key length
30  * @param blocksize             Block size of selected hash algo
31  */
32 static void
33 calculate_auth_precomputes(hash_one_block_t one_block_hash,
34                 uint8_t *ipad, uint8_t *opad,
35                 uint8_t *hkey, uint16_t hkey_len,
36                 uint16_t blocksize)
37 {
38         unsigned i, length;
39
40         uint8_t ipad_buf[blocksize] __rte_aligned(16);
41         uint8_t opad_buf[blocksize] __rte_aligned(16);
42
43         /* Setup inner and outer pads */
44         memset(ipad_buf, HMAC_IPAD_VALUE, blocksize);
45         memset(opad_buf, HMAC_OPAD_VALUE, blocksize);
46
47         /* XOR hash key with inner and outer pads */
48         length = hkey_len > blocksize ? blocksize : hkey_len;
49
50         for (i = 0; i < length; i++) {
51                 ipad_buf[i] ^= hkey[i];
52                 opad_buf[i] ^= hkey[i];
53         }
54
55         /* Compute partial hashes */
56         (*one_block_hash)(ipad_buf, ipad);
57         (*one_block_hash)(opad_buf, opad);
58
59         /* Clean up stack */
60         memset(ipad_buf, 0, blocksize);
61         memset(opad_buf, 0, blocksize);
62 }
63
64 /** Get xform chain order */
65 static enum aesni_mb_operation
66 aesni_mb_get_chain_order(const struct rte_crypto_sym_xform *xform)
67 {
68         if (xform == NULL)
69                 return AESNI_MB_OP_NOT_SUPPORTED;
70
71         if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
72                 if (xform->next == NULL)
73                         return AESNI_MB_OP_CIPHER_ONLY;
74                 if (xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH)
75                         return AESNI_MB_OP_CIPHER_HASH;
76         }
77
78         if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
79                 if (xform->next == NULL)
80                         return AESNI_MB_OP_HASH_ONLY;
81                 if (xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER)
82                         return AESNI_MB_OP_HASH_CIPHER;
83         }
84
85         return AESNI_MB_OP_NOT_SUPPORTED;
86 }
87
88 /** Set session authentication parameters */
89 static int
90 aesni_mb_set_session_auth_parameters(const struct aesni_mb_op_fns *mb_ops,
91                 struct aesni_mb_session *sess,
92                 const struct rte_crypto_sym_xform *xform)
93 {
94         hash_one_block_t hash_oneblock_fn;
95
96         if (xform == NULL) {
97                 sess->auth.algo = NULL_HASH;
98                 return 0;
99         }
100
101         if (xform->type != RTE_CRYPTO_SYM_XFORM_AUTH) {
102                 MB_LOG_ERR("Crypto xform struct not of type auth");
103                 return -1;
104         }
105
106         /* Select auth generate/verify */
107         sess->auth.operation = xform->auth.op;
108
109         /* Set Authentication Parameters */
110         if (xform->auth.algo == RTE_CRYPTO_AUTH_AES_XCBC_MAC) {
111                 sess->auth.algo = AES_XCBC;
112                 (*mb_ops->aux.keyexp.aes_xcbc)(xform->auth.key.data,
113                                 sess->auth.xcbc.k1_expanded,
114                                 sess->auth.xcbc.k2, sess->auth.xcbc.k3);
115                 return 0;
116         }
117
118         switch (xform->auth.algo) {
119         case RTE_CRYPTO_AUTH_MD5_HMAC:
120                 sess->auth.algo = MD5;
121                 hash_oneblock_fn = mb_ops->aux.one_block.md5;
122                 break;
123         case RTE_CRYPTO_AUTH_SHA1_HMAC:
124                 sess->auth.algo = SHA1;
125                 hash_oneblock_fn = mb_ops->aux.one_block.sha1;
126                 break;
127         case RTE_CRYPTO_AUTH_SHA224_HMAC:
128                 sess->auth.algo = SHA_224;
129                 hash_oneblock_fn = mb_ops->aux.one_block.sha224;
130                 break;
131         case RTE_CRYPTO_AUTH_SHA256_HMAC:
132                 sess->auth.algo = SHA_256;
133                 hash_oneblock_fn = mb_ops->aux.one_block.sha256;
134                 break;
135         case RTE_CRYPTO_AUTH_SHA384_HMAC:
136                 sess->auth.algo = SHA_384;
137                 hash_oneblock_fn = mb_ops->aux.one_block.sha384;
138                 break;
139         case RTE_CRYPTO_AUTH_SHA512_HMAC:
140                 sess->auth.algo = SHA_512;
141                 hash_oneblock_fn = mb_ops->aux.one_block.sha512;
142                 break;
143         default:
144                 MB_LOG_ERR("Unsupported authentication algorithm selection");
145                 return -ENOTSUP;
146         }
147
148         /* Calculate Authentication precomputes */
149         calculate_auth_precomputes(hash_oneblock_fn,
150                         sess->auth.pads.inner, sess->auth.pads.outer,
151                         xform->auth.key.data,
152                         xform->auth.key.length,
153                         get_auth_algo_blocksize(sess->auth.algo));
154
155         return 0;
156 }
157
158 /** Set session cipher parameters */
159 static int
160 aesni_mb_set_session_cipher_parameters(const struct aesni_mb_op_fns *mb_ops,
161                 struct aesni_mb_session *sess,
162                 const struct rte_crypto_sym_xform *xform)
163 {
164         uint8_t is_aes = 0;
165         aes_keyexp_t aes_keyexp_fn;
166
167         if (xform == NULL) {
168                 sess->cipher.mode = NULL_CIPHER;
169                 return 0;
170         }
171
172         if (xform->type != RTE_CRYPTO_SYM_XFORM_CIPHER) {
173                 MB_LOG_ERR("Crypto xform struct not of type cipher");
174                 return -EINVAL;
175         }
176
177         /* Select cipher direction */
178         switch (xform->cipher.op) {
179         case RTE_CRYPTO_CIPHER_OP_ENCRYPT:
180                 sess->cipher.direction = ENCRYPT;
181                 break;
182         case RTE_CRYPTO_CIPHER_OP_DECRYPT:
183                 sess->cipher.direction = DECRYPT;
184                 break;
185         default:
186                 MB_LOG_ERR("Invalid cipher operation parameter");
187                 return -EINVAL;
188         }
189
190         /* Select cipher mode */
191         switch (xform->cipher.algo) {
192         case RTE_CRYPTO_CIPHER_AES_CBC:
193                 sess->cipher.mode = CBC;
194                 is_aes = 1;
195                 break;
196         case RTE_CRYPTO_CIPHER_AES_CTR:
197                 sess->cipher.mode = CNTR;
198                 is_aes = 1;
199                 break;
200         case RTE_CRYPTO_CIPHER_AES_DOCSISBPI:
201                 sess->cipher.mode = DOCSIS_SEC_BPI;
202                 is_aes = 1;
203                 break;
204         case RTE_CRYPTO_CIPHER_DES_CBC:
205                 sess->cipher.mode = DES;
206                 break;
207         case RTE_CRYPTO_CIPHER_DES_DOCSISBPI:
208                 sess->cipher.mode = DOCSIS_DES;
209                 break;
210         default:
211                 MB_LOG_ERR("Unsupported cipher mode parameter");
212                 return -ENOTSUP;
213         }
214
215         /* Set IV parameters */
216         sess->iv.offset = xform->cipher.iv.offset;
217         sess->iv.length = xform->cipher.iv.length;
218
219         /* Check key length and choose key expansion function for AES */
220         if (is_aes) {
221                 switch (xform->cipher.key.length) {
222                 case AES_128_BYTES:
223                         sess->cipher.key_length_in_bytes = AES_128_BYTES;
224                         aes_keyexp_fn = mb_ops->aux.keyexp.aes128;
225                         break;
226                 case AES_192_BYTES:
227                         sess->cipher.key_length_in_bytes = AES_192_BYTES;
228                         aes_keyexp_fn = mb_ops->aux.keyexp.aes192;
229                         break;
230                 case AES_256_BYTES:
231                         sess->cipher.key_length_in_bytes = AES_256_BYTES;
232                         aes_keyexp_fn = mb_ops->aux.keyexp.aes256;
233                         break;
234                 default:
235                         MB_LOG_ERR("Invalid cipher key length");
236                         return -EINVAL;
237                 }
238
239                 /* Expanded cipher keys */
240                 (*aes_keyexp_fn)(xform->cipher.key.data,
241                                 sess->cipher.expanded_aes_keys.encode,
242                                 sess->cipher.expanded_aes_keys.decode);
243
244         } else {
245                 if (xform->cipher.key.length != 8) {
246                         MB_LOG_ERR("Invalid cipher key length");
247                         return -EINVAL;
248                 }
249                 sess->cipher.key_length_in_bytes = 8;
250
251                 des_key_schedule((uint64_t *)sess->cipher.expanded_aes_keys.encode,
252                                 xform->cipher.key.data);
253                 des_key_schedule((uint64_t *)sess->cipher.expanded_aes_keys.decode,
254                                 xform->cipher.key.data);
255         }
256
257         return 0;
258 }
259
260 /** Parse crypto xform chain and set private session parameters */
261 int
262 aesni_mb_set_session_parameters(const struct aesni_mb_op_fns *mb_ops,
263                 struct aesni_mb_session *sess,
264                 const struct rte_crypto_sym_xform *xform)
265 {
266         const struct rte_crypto_sym_xform *auth_xform = NULL;
267         const struct rte_crypto_sym_xform *cipher_xform = NULL;
268         int ret;
269
270         /* Select Crypto operation - hash then cipher / cipher then hash */
271         switch (aesni_mb_get_chain_order(xform)) {
272         case AESNI_MB_OP_HASH_CIPHER:
273                 sess->chain_order = HASH_CIPHER;
274                 auth_xform = xform;
275                 cipher_xform = xform->next;
276                 break;
277         case AESNI_MB_OP_CIPHER_HASH:
278                 sess->chain_order = CIPHER_HASH;
279                 auth_xform = xform->next;
280                 cipher_xform = xform;
281                 break;
282         case AESNI_MB_OP_HASH_ONLY:
283                 sess->chain_order = HASH_CIPHER;
284                 auth_xform = xform;
285                 cipher_xform = NULL;
286                 break;
287         case AESNI_MB_OP_CIPHER_ONLY:
288                 /*
289                  * Multi buffer library operates only at two modes,
290                  * CIPHER_HASH and HASH_CIPHER. When doing ciphering only,
291                  * chain order depends on cipher operation: encryption is always
292                  * the first operation and decryption the last one.
293                  */
294                 if (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
295                         sess->chain_order = CIPHER_HASH;
296                 else
297                         sess->chain_order = HASH_CIPHER;
298                 auth_xform = NULL;
299                 cipher_xform = xform;
300                 break;
301         case AESNI_MB_OP_NOT_SUPPORTED:
302         default:
303                 MB_LOG_ERR("Unsupported operation chain order parameter");
304                 return -ENOTSUP;
305         }
306
307         /* Default IV length = 0 */
308         sess->iv.length = 0;
309
310         ret = aesni_mb_set_session_auth_parameters(mb_ops, sess, auth_xform);
311         if (ret != 0) {
312                 MB_LOG_ERR("Invalid/unsupported authentication parameters");
313                 return ret;
314         }
315
316         ret = aesni_mb_set_session_cipher_parameters(mb_ops, sess,
317                         cipher_xform);
318         if (ret != 0) {
319                 MB_LOG_ERR("Invalid/unsupported cipher parameters");
320                 return ret;
321         }
322
323         return 0;
324 }
325
326 /**
327  * burst enqueue, place crypto operations on ingress queue for processing.
328  *
329  * @param __qp         Queue Pair to process
330  * @param ops          Crypto operations for processing
331  * @param nb_ops       Number of crypto operations for processing
332  *
333  * @return
334  * - Number of crypto operations enqueued
335  */
336 static uint16_t
337 aesni_mb_pmd_enqueue_burst(void *__qp, struct rte_crypto_op **ops,
338                 uint16_t nb_ops)
339 {
340         struct aesni_mb_qp *qp = __qp;
341
342         unsigned int nb_enqueued;
343
344         nb_enqueued = rte_ring_enqueue_burst(qp->ingress_queue,
345                         (void **)ops, nb_ops, NULL);
346
347         qp->stats.enqueued_count += nb_enqueued;
348
349         return nb_enqueued;
350 }
351
352 /** Get multi buffer session */
353 static inline struct aesni_mb_session *
354 get_session(struct aesni_mb_qp *qp, struct rte_crypto_op *op)
355 {
356         struct aesni_mb_session *sess = NULL;
357
358         if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
359                 if (likely(op->sym->session != NULL))
360                         sess = (struct aesni_mb_session *)
361                                         get_session_private_data(
362                                         op->sym->session,
363                                         cryptodev_driver_id);
364         } else {
365                 void *_sess = NULL;
366                 void *_sess_private_data = NULL;
367
368                 if (rte_mempool_get(qp->sess_mp, (void **)&_sess))
369                         return NULL;
370
371                 if (rte_mempool_get(qp->sess_mp, (void **)&_sess_private_data))
372                         return NULL;
373
374                 sess = (struct aesni_mb_session *)_sess_private_data;
375
376                 if (unlikely(aesni_mb_set_session_parameters(qp->op_fns,
377                                 sess, op->sym->xform) != 0)) {
378                         rte_mempool_put(qp->sess_mp, _sess);
379                         rte_mempool_put(qp->sess_mp, _sess_private_data);
380                         sess = NULL;
381                 }
382                 op->sym->session = (struct rte_cryptodev_sym_session *)_sess;
383                 set_session_private_data(op->sym->session, cryptodev_driver_id,
384                         _sess_private_data);
385         }
386
387         if (unlikely(sess == NULL))
388                 op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
389
390         return sess;
391 }
392
393 /**
394  * Process a crypto operation and complete a JOB_AES_HMAC job structure for
395  * submission to the multi buffer library for processing.
396  *
397  * @param       qp      queue pair
398  * @param       job     JOB_AES_HMAC structure to fill
399  * @param       m       mbuf to process
400  *
401  * @return
402  * - Completed JOB_AES_HMAC structure pointer on success
403  * - NULL pointer if completion of JOB_AES_HMAC structure isn't possible
404  */
405 static inline int
406 set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
407                 struct rte_crypto_op *op, uint8_t *digest_idx)
408 {
409         struct rte_mbuf *m_src = op->sym->m_src, *m_dst;
410         struct aesni_mb_session *session;
411         uint16_t m_offset = 0;
412
413         session = get_session(qp, op);
414         if (session == NULL) {
415                 op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
416                 return -1;
417         }
418
419         /* Set crypto operation */
420         job->chain_order = session->chain_order;
421
422         /* Set cipher parameters */
423         job->cipher_direction = session->cipher.direction;
424         job->cipher_mode = session->cipher.mode;
425
426         job->aes_key_len_in_bytes = session->cipher.key_length_in_bytes;
427         job->aes_enc_key_expanded = session->cipher.expanded_aes_keys.encode;
428         job->aes_dec_key_expanded = session->cipher.expanded_aes_keys.decode;
429
430
431         /* Set authentication parameters */
432         job->hash_alg = session->auth.algo;
433         if (job->hash_alg == AES_XCBC) {
434                 job->_k1_expanded = session->auth.xcbc.k1_expanded;
435                 job->_k2 = session->auth.xcbc.k2;
436                 job->_k3 = session->auth.xcbc.k3;
437         } else {
438                 job->hashed_auth_key_xor_ipad = session->auth.pads.inner;
439                 job->hashed_auth_key_xor_opad = session->auth.pads.outer;
440         }
441
442         /* Mutable crypto operation parameters */
443         if (op->sym->m_dst) {
444                 m_src = m_dst = op->sym->m_dst;
445
446                 /* append space for output data to mbuf */
447                 char *odata = rte_pktmbuf_append(m_dst,
448                                 rte_pktmbuf_data_len(op->sym->m_src));
449                 if (odata == NULL) {
450                         MB_LOG_ERR("failed to allocate space in destination "
451                                         "mbuf for source data");
452                         op->status = RTE_CRYPTO_OP_STATUS_ERROR;
453                         return -1;
454                 }
455
456                 memcpy(odata, rte_pktmbuf_mtod(op->sym->m_src, void*),
457                                 rte_pktmbuf_data_len(op->sym->m_src));
458         } else {
459                 m_dst = m_src;
460                 m_offset = op->sym->cipher.data.offset;
461         }
462
463         /* Set digest output location */
464         if (job->hash_alg != NULL_HASH &&
465                         session->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {
466                 job->auth_tag_output = qp->temp_digests[*digest_idx];
467                 *digest_idx = (*digest_idx + 1) % MAX_JOBS;
468         } else {
469                 job->auth_tag_output = op->sym->auth.digest.data;
470         }
471
472         /*
473          * Multi-buffer library current only support returning a truncated
474          * digest length as specified in the relevant IPsec RFCs
475          */
476         job->auth_tag_output_len_in_bytes =
477                         get_truncated_digest_byte_length(job->hash_alg);
478
479         /* Set IV parameters */
480         job->iv = rte_crypto_op_ctod_offset(op, uint8_t *,
481                         session->iv.offset);
482         job->iv_len_in_bytes = session->iv.length;
483
484         /* Data  Parameter */
485         job->src = rte_pktmbuf_mtod(m_src, uint8_t *);
486         job->dst = rte_pktmbuf_mtod_offset(m_dst, uint8_t *, m_offset);
487
488         job->cipher_start_src_offset_in_bytes = op->sym->cipher.data.offset;
489         job->msg_len_to_cipher_in_bytes = op->sym->cipher.data.length;
490
491         job->hash_start_src_offset_in_bytes = op->sym->auth.data.offset;
492         job->msg_len_to_hash_in_bytes = op->sym->auth.data.length;
493
494         /* Set user data to be crypto operation data struct */
495         job->user_data = op;
496
497         return 0;
498 }
499
500 static inline void
501 verify_digest(struct aesni_mb_qp *qp __rte_unused, JOB_AES_HMAC *job,
502                 struct rte_crypto_op *op) {
503         /* Verify digest if required */
504         if (memcmp(job->auth_tag_output, op->sym->auth.digest.data,
505                         job->auth_tag_output_len_in_bytes) != 0)
506                 op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
507 }
508
509 /**
510  * Process a completed job and return rte_mbuf which job processed
511  *
512  * @param qp            Queue Pair to process
513  * @param job   JOB_AES_HMAC job to process
514  *
515  * @return
516  * - Returns processed crypto operation.
517  * - Returns NULL on invalid job
518  */
519 static inline struct rte_crypto_op *
520 post_process_mb_job(struct aesni_mb_qp *qp, JOB_AES_HMAC *job)
521 {
522         struct rte_crypto_op *op = (struct rte_crypto_op *)job->user_data;
523         struct aesni_mb_session *sess = get_session_private_data(
524                                                         op->sym->session,
525                                                         cryptodev_driver_id);
526
527         if (likely(op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)) {
528                 switch (job->status) {
529                 case STS_COMPLETED:
530                         op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
531
532                         if (job->hash_alg != NULL_HASH) {
533                                 if (sess->auth.operation ==
534                                                 RTE_CRYPTO_AUTH_OP_VERIFY)
535                                         verify_digest(qp, job, op);
536                         }
537                         break;
538                 default:
539                         op->status = RTE_CRYPTO_OP_STATUS_ERROR;
540                 }
541         }
542
543         /* Free session if a session-less crypto op */
544         if (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {
545                 memset(sess, 0, sizeof(struct aesni_mb_session));
546                 memset(op->sym->session, 0,
547                                 rte_cryptodev_get_header_session_size());
548                 rte_mempool_put(qp->sess_mp, sess);
549                 rte_mempool_put(qp->sess_mp, op->sym->session);
550                 op->sym->session = NULL;
551         }
552
553         return op;
554 }
555
556 /**
557  * Process a completed JOB_AES_HMAC job and keep processing jobs until
558  * get_completed_job return NULL
559  *
560  * @param qp            Queue Pair to process
561  * @param job           JOB_AES_HMAC job
562  *
563  * @return
564  * - Number of processed jobs
565  */
566 static unsigned
567 handle_completed_jobs(struct aesni_mb_qp *qp, JOB_AES_HMAC *job,
568                 struct rte_crypto_op **ops, uint16_t nb_ops)
569 {
570         struct rte_crypto_op *op = NULL;
571         unsigned processed_jobs = 0;
572
573         while (job != NULL) {
574                 op = post_process_mb_job(qp, job);
575
576                 if (op) {
577                         ops[processed_jobs++] = op;
578                         qp->stats.dequeued_count++;
579                 } else {
580                         qp->stats.dequeue_err_count++;
581                         break;
582                 }
583                 if (processed_jobs == nb_ops)
584                         break;
585
586                 job = (*qp->op_fns->job.get_completed_job)(&qp->mb_mgr);
587         }
588
589         return processed_jobs;
590 }
591
592 static inline uint16_t
593 flush_mb_mgr(struct aesni_mb_qp *qp, struct rte_crypto_op **ops,
594                 uint16_t nb_ops)
595 {
596         int processed_ops = 0;
597
598         /* Flush the remaining jobs */
599         JOB_AES_HMAC *job = (*qp->op_fns->job.flush_job)(&qp->mb_mgr);
600
601         if (job)
602                 processed_ops += handle_completed_jobs(qp, job,
603                                 &ops[processed_ops], nb_ops - processed_ops);
604
605         return processed_ops;
606 }
607
608 static inline JOB_AES_HMAC *
609 set_job_null_op(JOB_AES_HMAC *job, struct rte_crypto_op *op)
610 {
611         job->chain_order = HASH_CIPHER;
612         job->cipher_mode = NULL_CIPHER;
613         job->hash_alg = NULL_HASH;
614         job->cipher_direction = DECRYPT;
615
616         /* Set user data to be crypto operation data struct */
617         job->user_data = op;
618
619         return job;
620 }
621
622 static uint16_t
623 aesni_mb_pmd_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops,
624                 uint16_t nb_ops)
625 {
626         struct aesni_mb_qp *qp = queue_pair;
627
628         struct rte_crypto_op *op;
629         JOB_AES_HMAC *job;
630
631         int retval, processed_jobs = 0;
632
633         if (unlikely(nb_ops == 0))
634                 return 0;
635
636         uint8_t digest_idx = qp->digest_idx;
637         do {
638                 /* Get next operation to process from ingress queue */
639                 retval = rte_ring_dequeue(qp->ingress_queue, (void **)&op);
640                 if (retval < 0)
641                         break;
642
643                 /* Get next free mb job struct from mb manager */
644                 job = (*qp->op_fns->job.get_next)(&qp->mb_mgr);
645                 if (unlikely(job == NULL)) {
646                         /* if no free mb job structs we need to flush mb_mgr */
647                         processed_jobs += flush_mb_mgr(qp,
648                                         &ops[processed_jobs],
649                                         (nb_ops - processed_jobs) - 1);
650
651                         job = (*qp->op_fns->job.get_next)(&qp->mb_mgr);
652                 }
653
654                 retval = set_mb_job_params(job, qp, op, &digest_idx);
655                 if (unlikely(retval != 0)) {
656                         qp->stats.dequeue_err_count++;
657                         set_job_null_op(job, op);
658                 }
659
660                 /* Submit job to multi-buffer for processing */
661                 job = (*qp->op_fns->job.submit)(&qp->mb_mgr);
662
663                 /*
664                  * If submit returns a processed job then handle it,
665                  * before submitting subsequent jobs
666                  */
667                 if (job)
668                         processed_jobs += handle_completed_jobs(qp, job,
669                                         &ops[processed_jobs],
670                                         nb_ops - processed_jobs);
671
672         } while (processed_jobs < nb_ops);
673
674         qp->digest_idx = digest_idx;
675
676         if (processed_jobs < 1)
677                 processed_jobs += flush_mb_mgr(qp,
678                                 &ops[processed_jobs],
679                                 nb_ops - processed_jobs);
680
681         return processed_jobs;
682 }
683
684 static int cryptodev_aesni_mb_remove(struct rte_vdev_device *vdev);
685
686 static int
687 cryptodev_aesni_mb_create(const char *name,
688                         struct rte_vdev_device *vdev,
689                         struct rte_cryptodev_pmd_init_params *init_params)
690 {
691         struct rte_cryptodev *dev;
692         struct aesni_mb_private *internals;
693         enum aesni_mb_vector_mode vector_mode;
694
695         /* Check CPU for support for AES instruction set */
696         if (!rte_cpu_get_flag_enabled(RTE_CPUFLAG_AES)) {
697                 MB_LOG_ERR("AES instructions not supported by CPU");
698                 return -EFAULT;
699         }
700
701         dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
702         if (dev == NULL) {
703                 MB_LOG_ERR("failed to create cryptodev vdev");
704                 return -ENODEV;
705         }
706
707         /* Check CPU for supported vector instruction set */
708         if (rte_cpu_get_flag_enabled(RTE_CPUFLAG_AVX512F))
709                 vector_mode = RTE_AESNI_MB_AVX512;
710         else if (rte_cpu_get_flag_enabled(RTE_CPUFLAG_AVX2))
711                 vector_mode = RTE_AESNI_MB_AVX2;
712         else if (rte_cpu_get_flag_enabled(RTE_CPUFLAG_AVX))
713                 vector_mode = RTE_AESNI_MB_AVX;
714         else
715                 vector_mode = RTE_AESNI_MB_SSE;
716
717         dev->driver_id = cryptodev_driver_id;
718         dev->dev_ops = rte_aesni_mb_pmd_ops;
719
720         /* register rx/tx burst functions for data path */
721         dev->dequeue_burst = aesni_mb_pmd_dequeue_burst;
722         dev->enqueue_burst = aesni_mb_pmd_enqueue_burst;
723
724         dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
725                         RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
726                         RTE_CRYPTODEV_FF_CPU_AESNI;
727
728         switch (vector_mode) {
729         case RTE_AESNI_MB_SSE:
730                 dev->feature_flags |= RTE_CRYPTODEV_FF_CPU_SSE;
731                 break;
732         case RTE_AESNI_MB_AVX:
733                 dev->feature_flags |= RTE_CRYPTODEV_FF_CPU_AVX;
734                 break;
735         case RTE_AESNI_MB_AVX2:
736                 dev->feature_flags |= RTE_CRYPTODEV_FF_CPU_AVX2;
737                 break;
738         case RTE_AESNI_MB_AVX512:
739                 dev->feature_flags |= RTE_CRYPTODEV_FF_CPU_AVX512;
740                 break;
741         default:
742                 break;
743         }
744
745         /* Set vector instructions mode supported */
746         internals = dev->data->dev_private;
747
748         internals->vector_mode = vector_mode;
749         internals->max_nb_queue_pairs = init_params->max_nb_queue_pairs;
750         internals->max_nb_sessions = init_params->max_nb_sessions;
751
752         return 0;
753 }
754
755 static int
756 cryptodev_aesni_mb_probe(struct rte_vdev_device *vdev)
757 {
758         struct rte_cryptodev_pmd_init_params init_params = {
759                 "",
760                 sizeof(struct aesni_mb_private),
761                 rte_socket_id(),
762                 RTE_CRYPTODEV_PMD_DEFAULT_MAX_NB_QUEUE_PAIRS,
763                 RTE_CRYPTODEV_PMD_DEFAULT_MAX_NB_SESSIONS
764         };
765         const char *name, *args;
766         int retval;
767
768         name = rte_vdev_device_name(vdev);
769         if (name == NULL)
770                 return -EINVAL;
771
772         args = rte_vdev_device_args(vdev);
773
774         retval = rte_cryptodev_pmd_parse_input_args(&init_params, args);
775         if (retval) {
776                 MB_LOG_ERR("Failed to parse initialisation arguments[%s]\n",
777                                 args);
778                 return -EINVAL;
779         }
780
781         return cryptodev_aesni_mb_create(name, vdev, &init_params);
782 }
783
784 static int
785 cryptodev_aesni_mb_remove(struct rte_vdev_device *vdev)
786 {
787         struct rte_cryptodev *cryptodev;
788         const char *name;
789
790         name = rte_vdev_device_name(vdev);
791         if (name == NULL)
792                 return -EINVAL;
793
794         cryptodev = rte_cryptodev_pmd_get_named_dev(name);
795         if (cryptodev == NULL)
796                 return -ENODEV;
797
798         return rte_cryptodev_pmd_destroy(cryptodev);
799 }
800
801 static struct rte_vdev_driver cryptodev_aesni_mb_pmd_drv = {
802         .probe = cryptodev_aesni_mb_probe,
803         .remove = cryptodev_aesni_mb_remove
804 };
805
806 static struct cryptodev_driver aesni_mb_crypto_drv;
807
808 RTE_PMD_REGISTER_VDEV(CRYPTODEV_NAME_AESNI_MB_PMD, cryptodev_aesni_mb_pmd_drv);
809 RTE_PMD_REGISTER_ALIAS(CRYPTODEV_NAME_AESNI_MB_PMD, cryptodev_aesni_mb_pmd);
810 RTE_PMD_REGISTER_PARAM_STRING(CRYPTODEV_NAME_AESNI_MB_PMD,
811         "max_nb_queue_pairs=<int> "
812         "max_nb_sessions=<int> "
813         "socket_id=<int>");
814 RTE_PMD_REGISTER_CRYPTO_DRIVER(aesni_mb_crypto_drv,
815                 cryptodev_aesni_mb_pmd_drv,
816                 cryptodev_driver_id);
DPDK repo used for reviews