2 Copyright(c) 2016 Intel Corporation. All rights reserved.
5 Redistribution and use in source and binary forms, with or without
6 modification, are permitted provided that the following conditions
9 * Redistributions of source code must retain the above copyright
10 notice, this list of conditions and the following disclaimer.
11 * Redistributions in binary form must reproduce the above copyright
12 notice, this list of conditions and the following disclaimer in
13 the documentation and/or other materials provided with the
15 * Neither the name of Intel Corporation nor the names of its
16 contributors may be used to endorse or promote products derived
17 from this software without specific prior written permission.
19 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20 "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21 LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
22 A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
23 OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
24 SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
25 LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
26 DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
27 THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
29 OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 dpdk-test-crypto-perf Application
32 =================================
34 The ``dpdk-test-crypto-perf`` tool is a Data Plane Development Kit (DPDK)
35 utility that allows measuring performance parameters of PMDs available in the
36 crypto tree. There are available two measurement types: throughput and latency.
37 User can use multiply cores to run tests on but only
38 one type of crypto PMD can be measured during single application
39 execution. Cipher parameters, type of device, type of operation and
40 chain mode have to be specified in the command line as application
41 parameters. These parameters are checked using device capabilities
46 On hardware devices the cycle-count doesn't always represent the actual offload
47 cost. The cycle-count only represents the offload cost when the hardware
48 accelerator is not fully loaded, when loaded the cpu cycles freed up by the
49 offload are still consumed by the test tool and included in the cycle-count.
50 These cycles are consumed by retries and inefficient API calls enqueuing and
51 dequeuing smaller bursts than specified by the cmdline parameter. This results
52 in a larger cycle-count measurement and should not be interpreted as an offload
53 cost measurement. Using "pmd-cyclecount" mode will give a better idea of
54 actual costs of hardware acceleration.
56 On hardware devices the throughput measurement is not necessarily the maximum
57 possible for the device, e.g. it may be necessary to use multiple cores to keep
58 the hardware accelerator fully loaded and so measure maximum throughput.
60 Compiling the Application
61 -------------------------
63 **Step 1: PMD setting**
65 The ``dpdk-test-crypto-perf`` tool depends on crypto device drivers PMD which
66 are disabled by default in the build configuration file ``common_base``.
67 The crypto device drivers PMD which should be tested can be enabled by setting::
69 CONFIG_RTE_LIBRTE_PMD_<name>=y
71 Setting example for open ssl PMD::
73 CONFIG_RTE_LIBRTE_PMD_OPENSSL=y
75 **Step 2: Linearization setting**
77 It is possible linearized input segmented packets just before crypto operation
78 for devices which doesn't support scatter-gather, and allows to measure
79 performance also for this use case.
81 To set on the linearization options add below definition to the
82 ``cperf_ops.h`` file::
84 #define CPERF_LINEARIZATION_ENABLE
86 **Step 3: Build the application**
88 Execute the ``dpdk-setup.sh`` script to build the DPDK library together with the
89 ``dpdk-test-crypto-perf`` applcation.
91 Initially, the user must select a DPDK target to choose the correct target type
92 and compiler options to use when building the libraries.
93 The user must have all libraries, modules, updates and compilers installed
94 in the system prior to this,
95 as described in the earlier chapters in this Getting Started Guide.
97 Running the Application
98 -----------------------
100 The tool application has a number of command line options:
102 .. code-block:: console
104 dpdk-test-crypto-perf [EAL Options] -- [Application Options]
109 The following are the EAL command-line options that can be used in conjunction
110 with the ``dpdk-test-crypto-perf`` applcation.
111 See the DPDK Getting Started Guides for more information on these options.
113 * ``-c <COREMASK>`` or ``-l <CORELIST>``
115 Set the hexadecimal bitmask of the cores to run on. The corelist is a
120 Add a PCI device in white list.
122 * ``--vdev <driver><id>``
124 Add a virtual device.
129 The following are the appication command-line options:
133 Set test type, where ``type`` is one of the following::
142 Disable options dump.
146 Set the number of mbufs to be allocated in the mbuf pool.
148 * ``--total-ops <n>``
150 Set the number of total operations performed.
154 Set the number of packets per burst.
157 * Single value (i.e. ``--burst-sz 16``)
158 * Range of values, using the following structure ``min:inc:max``,
159 where ``min`` is minimum size, ``inc`` is the increment size and ``max``
160 is the maximum size (i.e. ``--burst-sz 16:2:32``)
161 * List of values, up to 32 values, separated in commas (i.e. ``--burst-sz 16,24,32``)
163 * ``--buffer-sz <n>``
165 Set the size of single packet (plaintext or ciphertext in it).
168 * Single value (i.e. ``--buffer-sz 16``)
169 * Range of values, using the following structure ``min:inc:max``,
170 where ``min`` is minimum size, ``inc`` is the increment size and ``max``
171 is the maximum size (i.e. ``--buffer-sz 16:2:32``)
172 * List of values, up to 32 values, separated in commas (i.e. ``--buffer-sz 32,64,128``)
176 Set the distribution of packet sizes.
178 A list of weights must be passed, containing the same number of items than buffer-sz,
179 so each item in this list will be the weight of the packet size on the same position
180 in the buffer-sz parameter (a list have to be passed in that parameter).
184 To test a distribution of 20% packets of 64 bytes, 40% packets of 100 bytes and 40% packets
185 of 256 bytes, the command line would be: ``--buffer-sz 64,100,256 --imix 20,40,40``.
186 Note that the weights do not have to be percentages, so using ``--imix 1,2,2`` would result
187 in the same distribution
189 * ``--segment-sz <n>``
191 Set the size of the segment to use, for Scatter Gather List testing.
192 By default, it is set to the size of the maximum buffer size, including the digest size,
193 so a single segment is created.
195 * ``--devtype <name>``
197 Set device type, where ``name`` is one of the following::
213 * ``--optype <name>``
215 Set operation type, where ``name`` is one of the following::
223 For GCM/CCM algorithms you should use aead flag.
227 Enable session-less crypto operations mode.
231 Enable out-of-place crypto operations mode.
233 * ``--test-file <name>``
235 Set test vector file path. See the Test Vector File chapter.
237 * ``--test-name <name>``
239 Set specific test name section in the test vector file.
241 * ``--cipher-algo <name>``
243 Set cipher algorithm name, where ``name`` is one of the following::
259 * ``--cipher-op <mode>``
261 Set cipher operation mode, where ``mode`` is one of the following::
266 * ``--cipher-key-sz <n>``
268 Set the size of cipher key.
270 * ``--cipher-iv-sz <n>``
272 Set the size of cipher iv.
274 * ``--auth-algo <name>``
276 Set authentication algorithm name, where ``name`` is one
300 * ``--auth-op <mode>``
302 Set authentication operation mode, where ``mode`` is one of
308 * ``--auth-key-sz <n>``
310 Set the size of authentication key.
312 * ``--auth-iv-sz <n>``
314 Set the size of auth iv.
316 * ``--aead-algo <name>``
318 Set AEAD algorithm name, where ``name`` is one
324 * ``--aead-op <mode>``
326 Set AEAD operation mode, where ``mode`` is one of
332 * ``--aead-key-sz <n>``
334 Set the size of AEAD key.
336 * ``--aead-iv-sz <n>``
338 Set the size of AEAD iv.
340 * ``--aead-aad-sz <n>``
342 Set the size of AEAD aad.
344 * ``--digest-sz <n>``
346 Set the size of digest.
350 Set number of descriptors for each crypto device.
352 * ``--pmd-cyclecount-delay-ms <n>``
354 Add a delay (in milliseconds) between enqueue and dequeue in
355 pmd-cyclecount benchmarking mode (useful when benchmarking
356 hardware acceleration).
360 Enable test result output CSV friendly rather than human friendly.
365 The test vector file is a text file contain information about test vectors.
366 The file is made of the sections. The first section doesn't have header.
367 It contain global information used in each test variant vectors -
368 typically information about plaintext, ciphertext, cipher key, aut key,
369 initial vector. All other sections begin header.
370 The sections contain particular information typically digest.
372 **Format of the file:**
374 Each line beginig with sign '#' contain comment and it is ignored by parser::
378 Header line is just name in square bracket::
382 Data line contain information tocken then sign '=' and
383 a string of bytes in C byte array format::
385 <tocken> = <C byte array>
391 Original plaintext to be crypted.
395 Encrypted plaintext string.
399 Key used in cipher operation.
403 Key used in auth operation.
407 Cipher Initial Vector.
424 Call application for performance throughput test of single Aesni MB PMD
425 for cipher encryption aes-cbc and auth generation sha1-hmac,
426 one million operations, burst size 32, packet size 64::
428 dpdk-test-crypto-perf -l 6-7 --vdev crypto_aesni_mb -w 0000:00:00.0 --
429 --ptest throughput --devtype crypto_aesni_mb --optype cipher-then-auth
430 --cipher-algo aes-cbc --cipher-op encrypt --cipher-key-sz 16 --auth-algo
431 sha1-hmac --auth-op generate --auth-key-sz 64 --digest-sz 12
432 --total-ops 10000000 --burst-sz 32 --buffer-sz 64
434 Call application for performance latency test of two Aesni MB PMD executed
435 on two cores for cipher encryption aes-cbc, ten operations in silent mode::
437 dpdk-test-crypto-perf -l 4-7 --vdev crypto_aesni_mb1
438 --vdev crypto_aesni_mb2 -w 0000:00:00.0 -- --devtype crypto_aesni_mb
439 --cipher-algo aes-cbc --cipher-key-sz 16 --cipher-iv-sz 16
440 --cipher-op encrypt --optype cipher-only --silent
441 --ptest latency --total-ops 10
443 Call application for verification test of single open ssl PMD
444 for cipher encryption aes-gcm and auth generation aes-gcm,ten operations
445 in silent mode, test vector provide in file "test_aes_gcm.data"
446 with packet verification::
448 dpdk-test-crypto-perf -l 4-7 --vdev crypto_openssl -w 0000:00:00.0 --
449 --devtype crypto_openssl --aead-algo aes-gcm --aead-key-sz 16
450 --aead-iv-sz 16 --aead-op encrypt --aead-aad-sz 16 --digest-sz 16
451 --optype aead --silent --ptest verify --total-ops 10
452 --test-file test_aes_gcm.data
454 Test vector file for cipher algorithm aes cbc 256 with authorization sha::
458 0xff, 0xca, 0xfb, 0xf1, 0x38, 0x20, 0x2f, 0x7b, 0x24, 0x98, 0x26, 0x7d, 0x1d, 0x9f, 0xb3, 0x93,
459 0xd9, 0xef, 0xbd, 0xad, 0x4e, 0x40, 0xbd, 0x60, 0xe9, 0x48, 0x59, 0x90, 0x67, 0xd7, 0x2b, 0x7b,
460 0x8a, 0xe0, 0x4d, 0xb0, 0x70, 0x38, 0xcc, 0x48, 0x61, 0x7d, 0xee, 0xd6, 0x35, 0x49, 0xae, 0xb4,
461 0xaf, 0x6b, 0xdd, 0xe6, 0x21, 0xc0, 0x60, 0xce, 0x0a, 0xf4, 0x1c, 0x2e, 0x1c, 0x8d, 0xe8, 0x7b
463 0x77, 0xF9, 0xF7, 0x7A, 0xA3, 0xCB, 0x68, 0x1A, 0x11, 0x70, 0xD8, 0x7A, 0xB6, 0xE2, 0x37, 0x7E,
464 0xD1, 0x57, 0x1C, 0x8E, 0x85, 0xD8, 0x08, 0xBF, 0x57, 0x1F, 0x21, 0x6C, 0xAD, 0xAD, 0x47, 0x1E,
465 0x0D, 0x6B, 0x79, 0x39, 0x15, 0x4E, 0x5B, 0x59, 0x2D, 0x76, 0x87, 0xA6, 0xD6, 0x47, 0x8F, 0x82,
466 0xB8, 0x51, 0x91, 0x32, 0x60, 0xCB, 0x97, 0xDE, 0xBE, 0xF0, 0xAD, 0xFC, 0x23, 0x2E, 0x22, 0x02
468 0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2, 0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A,
469 0xd0, 0xe7, 0x4b, 0xfb, 0x5d, 0xe5, 0x0c, 0xe7, 0x6f, 0x21, 0xb5, 0x52, 0x2a, 0xbb, 0xc7, 0xf7
471 0xaf, 0x96, 0x42, 0xf1, 0x8c, 0x50, 0xdc, 0x67, 0x1a, 0x43, 0x47, 0x62, 0xc7, 0x04, 0xab, 0x05,
472 0xf5, 0x0c, 0xe7, 0xa2, 0xa6, 0x23, 0xd5, 0x3d, 0x95, 0xd8, 0xcd, 0x86, 0x79, 0xf5, 0x01, 0x47,
473 0x4f, 0xf9, 0x1d, 0x9d, 0x36, 0xf7, 0x68, 0x1a, 0x64, 0x44, 0x58, 0x5d, 0xe5, 0x81, 0x15, 0x2a,
474 0x41, 0xe4, 0x0e, 0xaa, 0x1f, 0x04, 0x21, 0xff, 0x2c, 0xf3, 0x73, 0x2b, 0x48, 0x1e, 0xd2, 0xf7
476 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
477 # Section sha 1 hmac buff 32
480 0x36, 0xCA, 0x49, 0x6A, 0xE3, 0x54, 0xD8, 0x4F, 0x0B, 0x76, 0xD8, 0xAA, 0x78, 0xEB, 0x9D, 0x65,
481 0x2C, 0xCA, 0x1F, 0x97
482 # Section sha 256 hmac buff 32
483 [sha256_hmac_buff_32]
485 0x1C, 0xB2, 0x3D, 0xD1, 0xF9, 0xC7, 0x6C, 0x49, 0x2E, 0xDA, 0x94, 0x8B, 0xF1, 0xCF, 0x96, 0x43,
486 0x67, 0x50, 0x39, 0x76, 0xB5, 0xA1, 0xCE, 0xA1, 0xD7, 0x77, 0x10, 0x07, 0x43, 0x37, 0x05, 0xB4