1 /* SPDX-License-Identifier: BSD-3-Clause
2 * Copyright(c) 2015-2017 Intel Corporation
7 #include <rte_string_fns.h>
8 #include <rte_common.h>
9 #include <rte_malloc.h>
10 #include <rte_ether.h>
11 #include <rte_cryptodev_pmd.h>
13 #include "aesni_mb_pmd_private.h"
16 static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
18 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
20 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
22 .algo = RTE_CRYPTO_AUTH_MD5_HMAC,
39 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
41 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
43 .algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
60 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
62 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
64 .algo = RTE_CRYPTO_AUTH_SHA1,
81 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
83 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
85 .algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
102 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
104 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
106 .algo = RTE_CRYPTO_AUTH_SHA224,
123 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
125 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
127 .algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
144 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
146 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
148 .algo = RTE_CRYPTO_AUTH_SHA256,
165 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
167 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
169 .algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
186 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
188 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
190 .algo = RTE_CRYPTO_AUTH_SHA384,
207 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
209 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
211 .algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
228 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
230 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
232 .algo = RTE_CRYPTO_AUTH_SHA512,
248 { /* AES XCBC HMAC */
249 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
251 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
253 .algo = RTE_CRYPTO_AUTH_AES_XCBC_MAC,
270 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
272 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
274 .algo = RTE_CRYPTO_CIPHER_AES_CBC,
290 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
292 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
294 .algo = RTE_CRYPTO_CIPHER_AES_CTR,
309 { /* AES DOCSIS BPI */
310 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
312 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
314 .algo = RTE_CRYPTO_CIPHER_AES_DOCSISBPI,
318 #if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
335 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
337 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
339 .algo = RTE_CRYPTO_CIPHER_DES_CBC,
355 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
357 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
359 .algo = RTE_CRYPTO_CIPHER_3DES_CBC,
374 { /* DES DOCSIS BPI */
375 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
377 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
379 .algo = RTE_CRYPTO_CIPHER_DES_DOCSISBPI,
395 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
397 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
399 .algo = RTE_CRYPTO_AEAD_AES_CCM,
403 #if IMB_VERSION(0, 54, 2) <= IMB_VERSION_NUM
430 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
432 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
434 .algo = RTE_CRYPTO_AUTH_AES_CMAC,
451 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
453 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
455 .algo = RTE_CRYPTO_AEAD_AES_GCM,
480 { /* AES GMAC (AUTH) */
481 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
483 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
485 .algo = RTE_CRYPTO_AUTH_AES_GMAC,
505 #if IMB_VERSION(0, 53, 0) <= IMB_VERSION_NUM
507 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
509 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
511 .algo = RTE_CRYPTO_CIPHER_AES_ECB,
523 #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
525 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
527 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
529 .algo = RTE_CRYPTO_AUTH_ZUC_EIA3,
550 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
552 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
554 .algo = RTE_CRYPTO_CIPHER_ZUC_EEA3,
569 { /* SNOW 3G (UIA2) */
570 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
572 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
574 .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,
594 { /* SNOW 3G (UEA2) */
595 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
597 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
599 .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
615 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
617 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
619 .algo = RTE_CRYPTO_AUTH_KASUMI_F9,
636 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
638 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
640 .algo = RTE_CRYPTO_CIPHER_KASUMI_F8,
656 #if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
657 { /* CHACHA20-POLY1305 */
658 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
660 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
662 .algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305,
688 RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
691 #ifdef AESNI_MB_DOCSIS_SEC_ENABLED
692 static const struct rte_cryptodev_capabilities
693 aesni_mb_pmd_security_crypto_cap[] = {
694 { /* AES DOCSIS BPI */
695 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
697 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
699 .algo = RTE_CRYPTO_CIPHER_AES_DOCSISBPI,
715 RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
718 static const struct rte_security_capability aesni_mb_pmd_security_cap[] = {
719 { /* DOCSIS Uplink */
720 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
721 .protocol = RTE_SECURITY_PROTOCOL_DOCSIS,
723 .direction = RTE_SECURITY_DOCSIS_UPLINK
725 .crypto_capabilities = aesni_mb_pmd_security_crypto_cap
727 { /* DOCSIS Downlink */
728 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
729 .protocol = RTE_SECURITY_PROTOCOL_DOCSIS,
731 .direction = RTE_SECURITY_DOCSIS_DOWNLINK
733 .crypto_capabilities = aesni_mb_pmd_security_crypto_cap
736 .action = RTE_SECURITY_ACTION_TYPE_NONE
741 /** Configure device */
743 aesni_mb_pmd_config(__rte_unused struct rte_cryptodev *dev,
744 __rte_unused struct rte_cryptodev_config *config)
751 aesni_mb_pmd_start(__rte_unused struct rte_cryptodev *dev)
758 aesni_mb_pmd_stop(__rte_unused struct rte_cryptodev *dev)
764 aesni_mb_pmd_close(__rte_unused struct rte_cryptodev *dev)
770 /** Get device statistics */
772 aesni_mb_pmd_stats_get(struct rte_cryptodev *dev,
773 struct rte_cryptodev_stats *stats)
777 for (qp_id = 0; qp_id < dev->data->nb_queue_pairs; qp_id++) {
778 struct aesni_mb_qp *qp = dev->data->queue_pairs[qp_id];
780 stats->enqueued_count += qp->stats.enqueued_count;
781 stats->dequeued_count += qp->stats.dequeued_count;
783 stats->enqueue_err_count += qp->stats.enqueue_err_count;
784 stats->dequeue_err_count += qp->stats.dequeue_err_count;
788 /** Reset device statistics */
790 aesni_mb_pmd_stats_reset(struct rte_cryptodev *dev)
794 for (qp_id = 0; qp_id < dev->data->nb_queue_pairs; qp_id++) {
795 struct aesni_mb_qp *qp = dev->data->queue_pairs[qp_id];
797 memset(&qp->stats, 0, sizeof(qp->stats));
802 /** Get device info */
804 aesni_mb_pmd_info_get(struct rte_cryptodev *dev,
805 struct rte_cryptodev_info *dev_info)
807 struct aesni_mb_private *internals = dev->data->dev_private;
809 if (dev_info != NULL) {
810 dev_info->driver_id = dev->driver_id;
811 dev_info->feature_flags = dev->feature_flags;
812 dev_info->capabilities = aesni_mb_pmd_capabilities;
813 dev_info->max_nb_queue_pairs = internals->max_nb_queue_pairs;
814 /* No limit of number of sessions */
815 dev_info->sym.max_nb_sessions = 0;
819 /** Release queue pair */
821 aesni_mb_pmd_qp_release(struct rte_cryptodev *dev, uint16_t qp_id)
823 struct aesni_mb_qp *qp = dev->data->queue_pairs[qp_id];
824 struct rte_ring *r = NULL;
827 r = rte_ring_lookup(qp->name);
831 free_mb_mgr(qp->mb_mgr);
833 dev->data->queue_pairs[qp_id] = NULL;
838 /** set a unique name for the queue pair based on it's name, dev_id and qp_id */
840 aesni_mb_pmd_qp_set_unique_name(struct rte_cryptodev *dev,
841 struct aesni_mb_qp *qp)
843 unsigned n = snprintf(qp->name, sizeof(qp->name),
844 "aesni_mb_pmd_%u_qp_%u",
845 dev->data->dev_id, qp->id);
847 if (n >= sizeof(qp->name))
853 /** Create a ring to place processed operations on */
854 static struct rte_ring *
855 aesni_mb_pmd_qp_create_processed_ops_ring(struct aesni_mb_qp *qp,
856 unsigned int ring_size, int socket_id)
859 char ring_name[RTE_CRYPTODEV_NAME_MAX_LEN];
861 unsigned int n = strlcpy(ring_name, qp->name, sizeof(ring_name));
863 if (n >= sizeof(ring_name))
866 r = rte_ring_lookup(ring_name);
868 if (rte_ring_get_size(r) >= ring_size) {
869 AESNI_MB_LOG(INFO, "Reusing existing ring %s for processed ops",
874 AESNI_MB_LOG(ERR, "Unable to reuse existing ring %s for processed ops",
879 return rte_ring_create(ring_name, ring_size, socket_id,
880 RING_F_SP_ENQ | RING_F_SC_DEQ);
883 /** Setup a queue pair */
885 aesni_mb_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
886 const struct rte_cryptodev_qp_conf *qp_conf,
889 struct aesni_mb_qp *qp = NULL;
890 struct aesni_mb_private *internals = dev->data->dev_private;
893 /* Free memory prior to re-allocation if needed. */
894 if (dev->data->queue_pairs[qp_id] != NULL)
895 aesni_mb_pmd_qp_release(dev, qp_id);
897 /* Allocate the queue pair data structure. */
898 qp = rte_zmalloc_socket("AES-NI PMD Queue Pair", sizeof(*qp),
899 RTE_CACHE_LINE_SIZE, socket_id);
904 dev->data->queue_pairs[qp_id] = qp;
906 if (aesni_mb_pmd_qp_set_unique_name(dev, qp))
907 goto qp_setup_cleanup;
910 qp->mb_mgr = alloc_mb_mgr(0);
911 if (qp->mb_mgr == NULL) {
913 goto qp_setup_cleanup;
916 switch (internals->vector_mode) {
917 case RTE_AESNI_MB_SSE:
918 dev->feature_flags |= RTE_CRYPTODEV_FF_CPU_SSE;
919 init_mb_mgr_sse(qp->mb_mgr);
921 case RTE_AESNI_MB_AVX:
922 dev->feature_flags |= RTE_CRYPTODEV_FF_CPU_AVX;
923 init_mb_mgr_avx(qp->mb_mgr);
925 case RTE_AESNI_MB_AVX2:
926 dev->feature_flags |= RTE_CRYPTODEV_FF_CPU_AVX2;
927 init_mb_mgr_avx2(qp->mb_mgr);
929 case RTE_AESNI_MB_AVX512:
930 dev->feature_flags |= RTE_CRYPTODEV_FF_CPU_AVX512;
931 init_mb_mgr_avx512(qp->mb_mgr);
934 AESNI_MB_LOG(ERR, "Unsupported vector mode %u\n",
935 internals->vector_mode);
936 goto qp_setup_cleanup;
939 qp->ingress_queue = aesni_mb_pmd_qp_create_processed_ops_ring(qp,
940 qp_conf->nb_descriptors, socket_id);
941 if (qp->ingress_queue == NULL) {
943 goto qp_setup_cleanup;
946 qp->sess_mp = qp_conf->mp_session;
947 qp->sess_mp_priv = qp_conf->mp_session_private;
949 memset(&qp->stats, 0, sizeof(qp->stats));
951 char mp_name[RTE_MEMPOOL_NAMESIZE];
953 snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
954 "digest_mp_%u_%u", dev->data->dev_id, qp_id);
960 free_mb_mgr(qp->mb_mgr);
967 /** Returns the size of the aesni multi-buffer session structure */
969 aesni_mb_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
971 return sizeof(struct aesni_mb_session);
974 /** Configure a aesni multi-buffer session from a crypto xform chain */
976 aesni_mb_pmd_sym_session_configure(struct rte_cryptodev *dev,
977 struct rte_crypto_sym_xform *xform,
978 struct rte_cryptodev_sym_session *sess,
979 struct rte_mempool *mempool)
981 void *sess_private_data;
982 struct aesni_mb_private *internals = dev->data->dev_private;
985 if (unlikely(sess == NULL)) {
986 AESNI_MB_LOG(ERR, "invalid session struct");
990 if (rte_mempool_get(mempool, &sess_private_data)) {
992 "Couldn't get object from session mempool");
996 ret = aesni_mb_set_session_parameters(internals->mb_mgr,
997 sess_private_data, xform);
999 AESNI_MB_LOG(ERR, "failed configure session parameters");
1001 /* Return session to mempool */
1002 rte_mempool_put(mempool, sess_private_data);
1006 set_sym_session_private_data(sess, dev->driver_id,
1012 /** Clear the memory of session so it doesn't leave key material behind */
1014 aesni_mb_pmd_sym_session_clear(struct rte_cryptodev *dev,
1015 struct rte_cryptodev_sym_session *sess)
1017 uint8_t index = dev->driver_id;
1018 void *sess_priv = get_sym_session_private_data(sess, index);
1020 /* Zero out the whole structure */
1022 memset(sess_priv, 0, sizeof(struct aesni_mb_session));
1023 struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
1024 set_sym_session_private_data(sess, index, NULL);
1025 rte_mempool_put(sess_mp, sess_priv);
1029 struct rte_cryptodev_ops aesni_mb_pmd_ops = {
1030 .dev_configure = aesni_mb_pmd_config,
1031 .dev_start = aesni_mb_pmd_start,
1032 .dev_stop = aesni_mb_pmd_stop,
1033 .dev_close = aesni_mb_pmd_close,
1035 .stats_get = aesni_mb_pmd_stats_get,
1036 .stats_reset = aesni_mb_pmd_stats_reset,
1038 .dev_infos_get = aesni_mb_pmd_info_get,
1040 .queue_pair_setup = aesni_mb_pmd_qp_setup,
1041 .queue_pair_release = aesni_mb_pmd_qp_release,
1043 .sym_cpu_process = aesni_mb_cpu_crypto_process_bulk,
1045 .sym_session_get_size = aesni_mb_pmd_sym_session_get_size,
1046 .sym_session_configure = aesni_mb_pmd_sym_session_configure,
1047 .sym_session_clear = aesni_mb_pmd_sym_session_clear
1050 struct rte_cryptodev_ops *rte_aesni_mb_pmd_ops = &aesni_mb_pmd_ops;
1052 #ifdef AESNI_MB_DOCSIS_SEC_ENABLED
1054 * Configure a aesni multi-buffer session from a security session
1058 aesni_mb_pmd_sec_sess_create(void *dev, struct rte_security_session_conf *conf,
1059 struct rte_security_session *sess,
1060 struct rte_mempool *mempool)
1062 void *sess_private_data;
1063 struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
1066 if (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL ||
1067 conf->protocol != RTE_SECURITY_PROTOCOL_DOCSIS) {
1068 AESNI_MB_LOG(ERR, "Invalid security protocol");
1072 if (rte_mempool_get(mempool, &sess_private_data)) {
1073 AESNI_MB_LOG(ERR, "Couldn't get object from session mempool");
1077 ret = aesni_mb_set_docsis_sec_session_parameters(cdev, conf,
1081 AESNI_MB_LOG(ERR, "Failed to configure session parameters");
1083 /* Return session to mempool */
1084 rte_mempool_put(mempool, sess_private_data);
1088 set_sec_session_private_data(sess, sess_private_data);
1093 /** Clear the memory of session so it doesn't leave key material behind */
1095 aesni_mb_pmd_sec_sess_destroy(void *dev __rte_unused,
1096 struct rte_security_session *sess)
1098 void *sess_priv = get_sec_session_private_data(sess);
1101 struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
1102 memset(sess_priv, 0, sizeof(struct aesni_mb_session));
1103 set_sec_session_private_data(sess, NULL);
1104 rte_mempool_put(sess_mp, sess_priv);
1109 /** Get security capabilities for aesni multi-buffer */
1110 static const struct rte_security_capability *
1111 aesni_mb_pmd_sec_capa_get(void *device __rte_unused)
1113 return aesni_mb_pmd_security_cap;
1116 static struct rte_security_ops aesni_mb_pmd_sec_ops = {
1117 .session_create = aesni_mb_pmd_sec_sess_create,
1118 .session_update = NULL,
1119 .session_stats_get = NULL,
1120 .session_destroy = aesni_mb_pmd_sec_sess_destroy,
1121 .set_pkt_metadata = NULL,
1122 .capabilities_get = aesni_mb_pmd_sec_capa_get
1125 struct rte_security_ops *rte_aesni_mb_pmd_sec_ops = &aesni_mb_pmd_sec_ops;