1 /* SPDX-License-Identifier: BSD-3-Clause
2 * Copyright(c) 2015-2017 Intel Corporation
7 #include <rte_string_fns.h>
8 #include <rte_common.h>
9 #include <rte_malloc.h>
10 #include <rte_ether.h>
11 #include <rte_cryptodev_pmd.h>
13 #include "aesni_mb_pmd_private.h"
16 static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
18 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
20 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
22 .algo = RTE_CRYPTO_AUTH_MD5_HMAC,
39 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
41 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
43 .algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
60 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
62 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
64 .algo = RTE_CRYPTO_AUTH_SHA1,
81 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
83 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
85 .algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
102 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
104 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
106 .algo = RTE_CRYPTO_AUTH_SHA224,
123 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
125 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
127 .algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
144 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
146 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
148 .algo = RTE_CRYPTO_AUTH_SHA256,
165 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
167 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
169 .algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
186 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
188 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
190 .algo = RTE_CRYPTO_AUTH_SHA384,
207 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
209 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
211 .algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
228 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
230 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
232 .algo = RTE_CRYPTO_AUTH_SHA512,
248 { /* AES XCBC HMAC */
249 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
251 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
253 .algo = RTE_CRYPTO_AUTH_AES_XCBC_MAC,
270 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
272 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
274 .algo = RTE_CRYPTO_CIPHER_AES_CBC,
290 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
292 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
294 .algo = RTE_CRYPTO_CIPHER_AES_CTR,
309 { /* AES DOCSIS BPI */
310 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
312 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
314 .algo = RTE_CRYPTO_CIPHER_AES_DOCSISBPI,
318 #if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
335 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
337 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
339 .algo = RTE_CRYPTO_CIPHER_DES_CBC,
355 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
357 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
359 .algo = RTE_CRYPTO_CIPHER_3DES_CBC,
374 { /* DES DOCSIS BPI */
375 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
377 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
379 .algo = RTE_CRYPTO_CIPHER_DES_DOCSISBPI,
395 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
397 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
399 .algo = RTE_CRYPTO_AEAD_AES_CCM,
425 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
427 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
429 .algo = RTE_CRYPTO_AUTH_AES_CMAC,
446 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
448 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
450 .algo = RTE_CRYPTO_AEAD_AES_GCM,
475 { /* AES GMAC (AUTH) */
476 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
478 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
480 .algo = RTE_CRYPTO_AUTH_AES_GMAC,
500 RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
503 #ifdef AESNI_MB_DOCSIS_SEC_ENABLED
504 static const struct rte_cryptodev_capabilities
505 aesni_mb_pmd_security_crypto_cap[] = {
506 { /* AES DOCSIS BPI */
507 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
509 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
511 .algo = RTE_CRYPTO_CIPHER_AES_DOCSISBPI,
527 RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
530 static const struct rte_security_capability aesni_mb_pmd_security_cap[] = {
531 { /* DOCSIS Uplink */
532 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
533 .protocol = RTE_SECURITY_PROTOCOL_DOCSIS,
535 .direction = RTE_SECURITY_DOCSIS_UPLINK
537 .crypto_capabilities = aesni_mb_pmd_security_crypto_cap
539 { /* DOCSIS Downlink */
540 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
541 .protocol = RTE_SECURITY_PROTOCOL_DOCSIS,
543 .direction = RTE_SECURITY_DOCSIS_DOWNLINK
545 .crypto_capabilities = aesni_mb_pmd_security_crypto_cap
548 .action = RTE_SECURITY_ACTION_TYPE_NONE
553 /** Configure device */
555 aesni_mb_pmd_config(__rte_unused struct rte_cryptodev *dev,
556 __rte_unused struct rte_cryptodev_config *config)
563 aesni_mb_pmd_start(__rte_unused struct rte_cryptodev *dev)
570 aesni_mb_pmd_stop(__rte_unused struct rte_cryptodev *dev)
576 aesni_mb_pmd_close(__rte_unused struct rte_cryptodev *dev)
582 /** Get device statistics */
584 aesni_mb_pmd_stats_get(struct rte_cryptodev *dev,
585 struct rte_cryptodev_stats *stats)
589 for (qp_id = 0; qp_id < dev->data->nb_queue_pairs; qp_id++) {
590 struct aesni_mb_qp *qp = dev->data->queue_pairs[qp_id];
592 stats->enqueued_count += qp->stats.enqueued_count;
593 stats->dequeued_count += qp->stats.dequeued_count;
595 stats->enqueue_err_count += qp->stats.enqueue_err_count;
596 stats->dequeue_err_count += qp->stats.dequeue_err_count;
600 /** Reset device statistics */
602 aesni_mb_pmd_stats_reset(struct rte_cryptodev *dev)
606 for (qp_id = 0; qp_id < dev->data->nb_queue_pairs; qp_id++) {
607 struct aesni_mb_qp *qp = dev->data->queue_pairs[qp_id];
609 memset(&qp->stats, 0, sizeof(qp->stats));
614 /** Get device info */
616 aesni_mb_pmd_info_get(struct rte_cryptodev *dev,
617 struct rte_cryptodev_info *dev_info)
619 struct aesni_mb_private *internals = dev->data->dev_private;
621 if (dev_info != NULL) {
622 dev_info->driver_id = dev->driver_id;
623 dev_info->feature_flags = dev->feature_flags;
624 dev_info->capabilities = aesni_mb_pmd_capabilities;
625 dev_info->max_nb_queue_pairs = internals->max_nb_queue_pairs;
626 /* No limit of number of sessions */
627 dev_info->sym.max_nb_sessions = 0;
631 /** Release queue pair */
633 aesni_mb_pmd_qp_release(struct rte_cryptodev *dev, uint16_t qp_id)
635 struct aesni_mb_qp *qp = dev->data->queue_pairs[qp_id];
636 struct rte_ring *r = NULL;
639 r = rte_ring_lookup(qp->name);
643 free_mb_mgr(qp->mb_mgr);
645 dev->data->queue_pairs[qp_id] = NULL;
650 /** set a unique name for the queue pair based on it's name, dev_id and qp_id */
652 aesni_mb_pmd_qp_set_unique_name(struct rte_cryptodev *dev,
653 struct aesni_mb_qp *qp)
655 unsigned n = snprintf(qp->name, sizeof(qp->name),
656 "aesni_mb_pmd_%u_qp_%u",
657 dev->data->dev_id, qp->id);
659 if (n >= sizeof(qp->name))
665 /** Create a ring to place processed operations on */
666 static struct rte_ring *
667 aesni_mb_pmd_qp_create_processed_ops_ring(struct aesni_mb_qp *qp,
668 unsigned int ring_size, int socket_id)
671 char ring_name[RTE_CRYPTODEV_NAME_MAX_LEN];
673 unsigned int n = strlcpy(ring_name, qp->name, sizeof(ring_name));
675 if (n >= sizeof(ring_name))
678 r = rte_ring_lookup(ring_name);
680 if (rte_ring_get_size(r) >= ring_size) {
681 AESNI_MB_LOG(INFO, "Reusing existing ring %s for processed ops",
686 AESNI_MB_LOG(ERR, "Unable to reuse existing ring %s for processed ops",
691 return rte_ring_create(ring_name, ring_size, socket_id,
692 RING_F_SP_ENQ | RING_F_SC_DEQ);
695 /** Setup a queue pair */
697 aesni_mb_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
698 const struct rte_cryptodev_qp_conf *qp_conf,
701 struct aesni_mb_qp *qp = NULL;
702 struct aesni_mb_private *internals = dev->data->dev_private;
705 /* Free memory prior to re-allocation if needed. */
706 if (dev->data->queue_pairs[qp_id] != NULL)
707 aesni_mb_pmd_qp_release(dev, qp_id);
709 /* Allocate the queue pair data structure. */
710 qp = rte_zmalloc_socket("AES-NI PMD Queue Pair", sizeof(*qp),
711 RTE_CACHE_LINE_SIZE, socket_id);
716 dev->data->queue_pairs[qp_id] = qp;
718 if (aesni_mb_pmd_qp_set_unique_name(dev, qp))
719 goto qp_setup_cleanup;
722 qp->mb_mgr = alloc_mb_mgr(0);
723 if (qp->mb_mgr == NULL) {
725 goto qp_setup_cleanup;
728 switch (internals->vector_mode) {
729 case RTE_AESNI_MB_SSE:
730 dev->feature_flags |= RTE_CRYPTODEV_FF_CPU_SSE;
731 init_mb_mgr_sse(qp->mb_mgr);
733 case RTE_AESNI_MB_AVX:
734 dev->feature_flags |= RTE_CRYPTODEV_FF_CPU_AVX;
735 init_mb_mgr_avx(qp->mb_mgr);
737 case RTE_AESNI_MB_AVX2:
738 dev->feature_flags |= RTE_CRYPTODEV_FF_CPU_AVX2;
739 init_mb_mgr_avx2(qp->mb_mgr);
741 case RTE_AESNI_MB_AVX512:
742 dev->feature_flags |= RTE_CRYPTODEV_FF_CPU_AVX512;
743 init_mb_mgr_avx512(qp->mb_mgr);
746 AESNI_MB_LOG(ERR, "Unsupported vector mode %u\n",
747 internals->vector_mode);
748 goto qp_setup_cleanup;
751 qp->ingress_queue = aesni_mb_pmd_qp_create_processed_ops_ring(qp,
752 qp_conf->nb_descriptors, socket_id);
753 if (qp->ingress_queue == NULL) {
755 goto qp_setup_cleanup;
758 qp->sess_mp = qp_conf->mp_session;
759 qp->sess_mp_priv = qp_conf->mp_session_private;
761 memset(&qp->stats, 0, sizeof(qp->stats));
763 char mp_name[RTE_MEMPOOL_NAMESIZE];
765 snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
766 "digest_mp_%u_%u", dev->data->dev_id, qp_id);
772 free_mb_mgr(qp->mb_mgr);
779 /** Returns the size of the aesni multi-buffer session structure */
781 aesni_mb_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
783 return sizeof(struct aesni_mb_session);
786 /** Configure a aesni multi-buffer session from a crypto xform chain */
788 aesni_mb_pmd_sym_session_configure(struct rte_cryptodev *dev,
789 struct rte_crypto_sym_xform *xform,
790 struct rte_cryptodev_sym_session *sess,
791 struct rte_mempool *mempool)
793 void *sess_private_data;
794 struct aesni_mb_private *internals = dev->data->dev_private;
797 if (unlikely(sess == NULL)) {
798 AESNI_MB_LOG(ERR, "invalid session struct");
802 if (rte_mempool_get(mempool, &sess_private_data)) {
804 "Couldn't get object from session mempool");
808 ret = aesni_mb_set_session_parameters(internals->mb_mgr,
809 sess_private_data, xform);
811 AESNI_MB_LOG(ERR, "failed configure session parameters");
813 /* Return session to mempool */
814 rte_mempool_put(mempool, sess_private_data);
818 set_sym_session_private_data(sess, dev->driver_id,
824 /** Clear the memory of session so it doesn't leave key material behind */
826 aesni_mb_pmd_sym_session_clear(struct rte_cryptodev *dev,
827 struct rte_cryptodev_sym_session *sess)
829 uint8_t index = dev->driver_id;
830 void *sess_priv = get_sym_session_private_data(sess, index);
832 /* Zero out the whole structure */
834 memset(sess_priv, 0, sizeof(struct aesni_mb_session));
835 struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
836 set_sym_session_private_data(sess, index, NULL);
837 rte_mempool_put(sess_mp, sess_priv);
841 struct rte_cryptodev_ops aesni_mb_pmd_ops = {
842 .dev_configure = aesni_mb_pmd_config,
843 .dev_start = aesni_mb_pmd_start,
844 .dev_stop = aesni_mb_pmd_stop,
845 .dev_close = aesni_mb_pmd_close,
847 .stats_get = aesni_mb_pmd_stats_get,
848 .stats_reset = aesni_mb_pmd_stats_reset,
850 .dev_infos_get = aesni_mb_pmd_info_get,
852 .queue_pair_setup = aesni_mb_pmd_qp_setup,
853 .queue_pair_release = aesni_mb_pmd_qp_release,
855 .sym_cpu_process = aesni_mb_cpu_crypto_process_bulk,
857 .sym_session_get_size = aesni_mb_pmd_sym_session_get_size,
858 .sym_session_configure = aesni_mb_pmd_sym_session_configure,
859 .sym_session_clear = aesni_mb_pmd_sym_session_clear
862 struct rte_cryptodev_ops *rte_aesni_mb_pmd_ops = &aesni_mb_pmd_ops;
864 #ifdef AESNI_MB_DOCSIS_SEC_ENABLED
866 * Configure a aesni multi-buffer session from a security session
870 aesni_mb_pmd_sec_sess_create(void *dev, struct rte_security_session_conf *conf,
871 struct rte_security_session *sess,
872 struct rte_mempool *mempool)
874 void *sess_private_data;
875 struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
878 if (rte_mempool_get(mempool, &sess_private_data)) {
879 AESNI_MB_LOG(ERR, "Couldn't get object from session mempool");
883 if (conf->protocol != RTE_SECURITY_PROTOCOL_DOCSIS) {
884 AESNI_MB_LOG(ERR, "Invalid security protocol");
888 ret = aesni_mb_set_docsis_sec_session_parameters(cdev, conf,
892 AESNI_MB_LOG(ERR, "Failed to configure session parameters");
894 /* Return session to mempool */
895 rte_mempool_put(mempool, sess_private_data);
899 set_sec_session_private_data(sess, sess_private_data);
904 /** Clear the memory of session so it doesn't leave key material behind */
906 aesni_mb_pmd_sec_sess_destroy(void *dev __rte_unused,
907 struct rte_security_session *sess)
909 void *sess_priv = get_sec_session_private_data(sess);
912 struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
913 memset(sess, 0, sizeof(struct aesni_mb_session));
914 set_sec_session_private_data(sess, NULL);
915 rte_mempool_put(sess_mp, sess_priv);
920 /** Get security capabilities for aesni multi-buffer */
921 static const struct rte_security_capability *
922 aesni_mb_pmd_sec_capa_get(void *device __rte_unused)
924 return aesni_mb_pmd_security_cap;
927 static struct rte_security_ops aesni_mb_pmd_sec_ops = {
928 .session_create = aesni_mb_pmd_sec_sess_create,
929 .session_update = NULL,
930 .session_stats_get = NULL,
931 .session_destroy = aesni_mb_pmd_sec_sess_destroy,
932 .set_pkt_metadata = NULL,
933 .capabilities_get = aesni_mb_pmd_sec_capa_get
936 struct rte_security_ops *rte_aesni_mb_pmd_sec_ops = &aesni_mb_pmd_sec_ops;