#include "cperf_ops.h"
#include "cperf_test_vectors.h"
+#ifdef RTE_LIBRTE_SECURITY
+static int
+cperf_set_ops_security(struct rte_crypto_op **ops,
+ uint32_t src_buf_offset __rte_unused,
+ uint32_t dst_buf_offset __rte_unused,
+ uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+ const struct cperf_options *options __rte_unused,
+ const struct cperf_test_vector *test_vector __rte_unused,
+ uint16_t iv_offset __rte_unused,
+ uint32_t *imix_idx __rte_unused)
+{
+ uint16_t i;
+
+ for (i = 0; i < nb_ops; i++) {
+ struct rte_crypto_sym_op *sym_op = ops[i]->sym;
+ struct rte_security_session *sec_sess =
+ (struct rte_security_session *)sess;
+
+ ops[i]->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
+ rte_security_attach_session(ops[i], sec_sess);
+ sym_op->m_src = (struct rte_mbuf *)((uint8_t *)ops[i] +
+ src_buf_offset);
+ sym_op->m_src->buf_len = options->segment_sz;
+ sym_op->m_src->data_len = options->test_buffer_size;
+ sym_op->m_src->pkt_len = sym_op->m_src->data_len;
+
+ /* Set dest mbuf to NULL if out-of-place (dst_buf_offset = 0) */
+ if (dst_buf_offset == 0)
+ sym_op->m_dst = NULL;
+ else
+ sym_op->m_dst = (struct rte_mbuf *)((uint8_t *)ops[i] +
+ dst_buf_offset);
+ }
+
+ return 0;
+}
+#endif
+
static int
cperf_set_ops_null_cipher(struct rte_crypto_op **ops,
uint32_t src_buf_offset, uint32_t dst_buf_offset,
struct rte_crypto_sym_xform aead_xform;
struct rte_cryptodev_sym_session *sess = NULL;
+#ifdef RTE_LIBRTE_SECURITY
+ /*
+ * security only
+ */
+ if (options->op_type == CPERF_PDCP) {
+ /* Setup Cipher Parameters */
+ cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+ cipher_xform.next = NULL;
+ cipher_xform.cipher.algo = options->cipher_algo;
+ cipher_xform.cipher.op = options->cipher_op;
+ cipher_xform.cipher.iv.offset = iv_offset;
+
+ /* cipher different than null */
+ if (options->cipher_algo != RTE_CRYPTO_CIPHER_NULL) {
+ cipher_xform.cipher.key.data = test_vector->cipher_key.data;
+ cipher_xform.cipher.key.length = test_vector->cipher_key.length;
+ cipher_xform.cipher.iv.length = test_vector->cipher_iv.length;
+ } else {
+ cipher_xform.cipher.key.data = NULL;
+ cipher_xform.cipher.key.length = 0;
+ cipher_xform.cipher.iv.length = 0;
+ }
+
+ /* Setup Auth Parameters */
+ if (options->auth_algo != 0) {
+ auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+ auth_xform.next = NULL;
+ auth_xform.auth.algo = options->auth_algo;
+ auth_xform.auth.op = options->auth_op;
+ auth_xform.auth.iv.offset = iv_offset +
+ cipher_xform.cipher.iv.length;
+
+ /* auth different than null */
+ if (options->auth_algo != RTE_CRYPTO_AUTH_NULL) {
+ auth_xform.auth.digest_length = options->digest_sz;
+ auth_xform.auth.key.length = test_vector->auth_key.length;
+ auth_xform.auth.key.data = test_vector->auth_key.data;
+ auth_xform.auth.iv.length = test_vector->auth_iv.length;
+ } else {
+ auth_xform.auth.digest_length = 0;
+ auth_xform.auth.key.length = 0;
+ auth_xform.auth.key.data = NULL;
+ auth_xform.auth.iv.length = 0;
+ }
+
+ cipher_xform.next = &auth_xform;
+ } else {
+ cipher_xform.next = NULL;
+ }
+
+ struct rte_security_session_conf sess_conf = {
+ .action_type = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_PDCP,
+ {.pdcp = {
+ .bearer = 0x16,
+ .domain = options->pdcp_domain,
+ .pkt_dir = 0,
+ .sn_size = options->pdcp_sn_sz,
+ .hfn = 0x1,
+ .hfn_threshold = 0x70C0A,
+ } },
+ .crypto_xform = &cipher_xform
+ };
+
+ struct rte_security_ctx *ctx = (struct rte_security_ctx *)
+ rte_cryptodev_get_sec_ctx(dev_id);
+
+ /* Create security session */
+ return (void *)rte_security_session_create(ctx,
+ &sess_conf, sess_mp);
+ }
+#endif
sess = rte_cryptodev_sym_session_create(sess_mp);
/*
* cipher only
op_fns->populate_ops = cperf_set_ops_cipher;
return 0;
}
-
+#ifdef RTE_LIBRTE_SECURITY
+ if (options->op_type == CPERF_PDCP) {
+ op_fns->populate_ops = cperf_set_ops_security;
+ return 0;
+ }
+#endif
return -1;
}
#include <rte_crypto.h>
#include <rte_cryptodev.h>
+#ifdef RTE_LIBRTE_SECURITY
+#include <rte_security.h>
+#endif
#define CPERF_PTEST_TYPE ("ptest")
#define CPERF_SILENT ("silent")
#define CPERF_DIGEST_SZ ("digest-sz")
+#ifdef RTE_LIBRTE_SECURITY
+#define CPERF_PDCP_SN_SZ ("pdcp-sn-sz")
+#define CPERF_PDCP_DOMAIN ("pdcp-domain")
+#endif
+
#define CPERF_CSV ("csv-friendly")
/* benchmark-specific options */
CPERF_AUTH_ONLY,
CPERF_CIPHER_THEN_AUTH,
CPERF_AUTH_THEN_CIPHER,
- CPERF_AEAD
+ CPERF_AEAD,
+ CPERF_PDCP
};
extern const char *cperf_op_type_strs[];
uint16_t digest_sz;
+#ifdef RTE_LIBRTE_SECURITY
+ uint16_t pdcp_sn_sz;
+ enum rte_security_pdcp_domain pdcp_domain;
+#endif
char device_type[RTE_CRYPTODEV_NAME_MAX_LEN];
enum cperf_op_type op_type;
{
cperf_op_type_strs[CPERF_AEAD],
CPERF_AEAD
+ },
+ {
+ cperf_op_type_strs[CPERF_PDCP],
+ CPERF_PDCP
}
};
return parse_uint16_t(&opts->digest_sz, arg);
}
+#ifdef RTE_LIBRTE_SECURITY
+static int
+parse_pdcp_sn_sz(struct cperf_options *opts, const char *arg)
+{
+ uint32_t val = 0;
+ int ret = parse_uint32_t(&val, arg);
+
+ if (ret < 0)
+ return ret;
+
+ if (val != RTE_SECURITY_PDCP_SN_SIZE_5 &&
+ val != RTE_SECURITY_PDCP_SN_SIZE_7 &&
+ val != RTE_SECURITY_PDCP_SN_SIZE_12 &&
+ val != RTE_SECURITY_PDCP_SN_SIZE_15 &&
+ val != RTE_SECURITY_PDCP_SN_SIZE_18) {
+ printf("\nInvalid pdcp SN size: %u\n", val);
+ return -ERANGE;
+ }
+ opts->pdcp_sn_sz = val;
+
+ return 0;
+}
+
+const char *cperf_pdcp_domain_strs[] = {
+ [RTE_SECURITY_PDCP_MODE_CONTROL] = "control",
+ [RTE_SECURITY_PDCP_MODE_DATA] = "data"
+};
+
+static int
+parse_pdcp_domain(struct cperf_options *opts, const char *arg)
+{
+ struct name_id_map pdcp_domain_namemap[] = {
+ {
+ cperf_pdcp_domain_strs
+ [RTE_SECURITY_PDCP_MODE_CONTROL],
+ RTE_SECURITY_PDCP_MODE_CONTROL },
+ {
+ cperf_pdcp_domain_strs
+ [RTE_SECURITY_PDCP_MODE_DATA],
+ RTE_SECURITY_PDCP_MODE_DATA
+ }
+ };
+
+ int id = get_str_key_id_mapping(pdcp_domain_namemap,
+ RTE_DIM(pdcp_domain_namemap), arg);
+ if (id < 0) {
+ RTE_LOG(ERR, USER1, "invalid pdcp domain specified"
+ "\n");
+ return -1;
+ }
+
+ opts->pdcp_domain = (enum rte_security_pdcp_domain)id;
+
+ return 0;
+}
+#endif
+
static int
parse_auth_iv_sz(struct cperf_options *opts, const char *arg)
{
{ CPERF_DIGEST_SZ, required_argument, 0, 0 },
+#ifdef RTE_LIBRTE_SECURITY
+ { CPERF_PDCP_SN_SZ, required_argument, 0, 0 },
+ { CPERF_PDCP_DOMAIN, required_argument, 0, 0 },
+#endif
{ CPERF_CSV, no_argument, 0, 0},
{ CPERF_PMDCC_DELAY_MS, required_argument, 0, 0 },
opts->digest_sz = 12;
opts->pmdcc_delay = 0;
+#ifdef RTE_LIBRTE_SECURITY
+ opts->pdcp_sn_sz = 12;
+ opts->pdcp_domain = RTE_SECURITY_PDCP_MODE_CONTROL;
+#endif
}
static int
{ CPERF_AEAD_IV_SZ, parse_aead_iv_sz },
{ CPERF_AEAD_AAD_SZ, parse_aead_aad_sz },
{ CPERF_DIGEST_SZ, parse_digest_sz },
+#ifdef RTE_LIBRTE_SECURITY
+ { CPERF_PDCP_SN_SZ, parse_pdcp_sn_sz },
+ { CPERF_PDCP_DOMAIN, parse_pdcp_domain },
+#endif
{ CPERF_CSV, parse_csv_friendly},
{ CPERF_PMDCC_DELAY_MS, parse_pmd_cyclecount_delay_ms},
};
mbuf_offset + mbuf_hdr_size;
m->buf_len = segment_sz;
m->data_len = data_len;
+ m->pkt_len = data_len;
/* Use headroom specified for the buffer */
m->data_off = headroom;
static void
cperf_throughput_test_free(struct cperf_throughput_ctx *ctx)
{
- if (ctx) {
- if (ctx->sess) {
+ if (!ctx)
+ return;
+ if (ctx->sess) {
+#ifdef RTE_LIBRTE_SECURITY
+ if (ctx->options->op_type == CPERF_PDCP) {
+ struct rte_security_ctx *sec_ctx =
+ (struct rte_security_ctx *)
+ rte_cryptodev_get_sec_ctx(ctx->dev_id);
+ rte_security_session_destroy(sec_ctx,
+ (struct rte_security_session *)ctx->sess);
+ } else
+#endif
+ {
rte_cryptodev_sym_session_clear(ctx->dev_id, ctx->sess);
rte_cryptodev_sym_session_free(ctx->sess);
}
-
- if (ctx->pool)
- rte_mempool_free(ctx->pool);
-
- rte_free(ctx);
}
+ if (ctx->pool)
+ rte_mempool_free(ctx->pool);
+
+ rte_free(ctx);
}
void *
t_vec->plaintext.data = plaintext;
t_vec->plaintext.length = options->max_buffer_size;
+ if (options->op_type == CPERF_PDCP) {
+ if (options->cipher_algo == RTE_CRYPTO_CIPHER_NULL) {
+ t_vec->cipher_key.length = 0;
+ t_vec->ciphertext.data = plaintext;
+ t_vec->cipher_key.data = NULL;
+ } else {
+ t_vec->cipher_key.length = options->cipher_key_sz;
+ t_vec->ciphertext.data = ciphertext;
+ t_vec->cipher_key.data = cipher_key;
+ }
+
+ /* Init IV data ptr */
+ t_vec->cipher_iv.data = NULL;
+
+ if (options->cipher_iv_sz != 0) {
+ /* Set IV parameters */
+ t_vec->cipher_iv.data = rte_malloc(NULL,
+ options->cipher_iv_sz, 16);
+ if (t_vec->cipher_iv.data == NULL) {
+ rte_free(t_vec);
+ return NULL;
+ }
+ memcpy(t_vec->cipher_iv.data, iv, options->cipher_iv_sz);
+ }
+ t_vec->ciphertext.length = options->max_buffer_size;
+ t_vec->cipher_iv.length = options->cipher_iv_sz;
+ t_vec->data.cipher_offset = 0;
+ t_vec->data.cipher_length = options->max_buffer_size;
+ if (options->auth_algo == RTE_CRYPTO_AUTH_NULL) {
+ t_vec->auth_key.length = 0;
+ t_vec->auth_key.data = NULL;
+ t_vec->digest.data = NULL;
+ t_vec->digest.length = 0;
+ } else {
+ t_vec->auth_key.length = options->auth_key_sz;
+ t_vec->auth_key.data = auth_key;
+
+ t_vec->digest.data = rte_malloc(NULL,
+ options->digest_sz,
+ 16);
+ if (t_vec->digest.data == NULL) {
+ rte_free(t_vec->cipher_iv.data);
+ rte_free(t_vec);
+ return NULL;
+ }
+ t_vec->digest.phys_addr =
+ rte_malloc_virt2iova(t_vec->digest.data);
+ t_vec->digest.length = options->digest_sz;
+ memcpy(t_vec->digest.data, digest,
+ options->digest_sz);
+ }
+ t_vec->data.auth_offset = 0;
+ t_vec->data.auth_length = options->max_buffer_size;
+ }
+
if (options->op_type == CPERF_CIPHER_ONLY ||
options->op_type == CPERF_CIPHER_THEN_AUTH ||
options->op_type == CPERF_AUTH_THEN_CIPHER) {
[CPERF_AUTH_ONLY] = "auth-only",
[CPERF_CIPHER_THEN_AUTH] = "cipher-then-auth",
[CPERF_AUTH_THEN_CIPHER] = "auth-then-cipher",
- [CPERF_AEAD] = "aead"
+ [CPERF_AEAD] = "aead",
+ [CPERF_PDCP] = "pdcp"
};
const struct cperf_test cperf_testmap[] = {
'cperf_test_vectors.c',
'cperf_test_verify.c',
'main.c')
-deps += ['cryptodev']
+deps += ['cryptodev', 'security']
PDCP support is added to DPAA_SEC and DPAA2_SEC PMDs using rte_security APIs.
Support is added for all sequence number sizes for control and user plane.
- Test application is updated for unit testing.
+ Test and test-crypto-perf applications are updated for unit testing.
* **Updated the AESNI-MB PMD.**
cipher-then-auth
auth-then-cipher
aead
+ pdcp
For GCM/CCM algorithms you should use aead flag.
Enable test result output CSV friendly rather than human friendly.
+* ``--pdcp-sn-sz <n>``
+
+ Set PDCP sequence number size(n) in bits. Valid values of n will
+ be 5/7/12/15/18.
+
+* ``--pdcp-domain <control/user>``
+
+ Set PDCP domain to specify Control/user plane.
+
Test Vector File
~~~~~~~~~~~~~~~~
git.droids-corp.org / dpdk.git / commitdiff