4 * Copyright(c) 2010-2014 Intel Corporation. All rights reserved.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * * Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * * Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
17 * * Neither the name of Intel Corporation nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
24 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
25 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
26 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
27 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
40 #include <sys/queue.h>
43 #include <rte_common.h>
45 #include <rte_debug.h>
46 #include <rte_memory.h>
47 #include <rte_memzone.h>
48 #include <rte_tailq.h>
49 #include <rte_ether.h>
50 #include <rte_malloc.h>
51 #include <rte_launch.h>
53 #include <rte_per_lcore.h>
54 #include <rte_lcore.h>
55 #include <rte_atomic.h>
56 #include <rte_branch_prediction.h>
58 #include <rte_mempool.h>
60 #include <rte_string_fns.h>
62 #define CPA_CY_SYM_DP_TMP_WORKAROUND 1
65 #include "cpa_types.h"
66 #include "cpa_cy_sym_dp.h"
67 #include "cpa_cy_common.h"
68 #include "cpa_cy_im.h"
69 #include "icp_sal_user.h"
70 #include "icp_sal_poll.h"
74 /* CIPHER KEY LENGTHS */
75 #define KEY_SIZE_64_IN_BYTES (64 / 8)
76 #define KEY_SIZE_56_IN_BYTES (56 / 8)
77 #define KEY_SIZE_128_IN_BYTES (128 / 8)
78 #define KEY_SIZE_168_IN_BYTES (168 / 8)
79 #define KEY_SIZE_192_IN_BYTES (192 / 8)
80 #define KEY_SIZE_256_IN_BYTES (256 / 8)
82 /* HMAC AUTH KEY LENGTHS */
83 #define AES_XCBC_AUTH_KEY_LENGTH_IN_BYTES (128 / 8)
84 #define SHA1_AUTH_KEY_LENGTH_IN_BYTES (160 / 8)
85 #define SHA224_AUTH_KEY_LENGTH_IN_BYTES (224 / 8)
86 #define SHA256_AUTH_KEY_LENGTH_IN_BYTES (256 / 8)
87 #define SHA384_AUTH_KEY_LENGTH_IN_BYTES (384 / 8)
88 #define SHA512_AUTH_KEY_LENGTH_IN_BYTES (512 / 8)
89 #define MD5_AUTH_KEY_LENGTH_IN_BYTES (128 / 8)
90 #define KASUMI_AUTH_KEY_LENGTH_IN_BYTES (128 / 8)
92 /* HASH DIGEST LENGHTS */
93 #define AES_XCBC_DIGEST_LENGTH_IN_BYTES (128 / 8)
94 #define AES_XCBC_96_DIGEST_LENGTH_IN_BYTES (96 / 8)
95 #define MD5_DIGEST_LENGTH_IN_BYTES (128 / 8)
96 #define SHA1_DIGEST_LENGTH_IN_BYTES (160 / 8)
97 #define SHA1_96_DIGEST_LENGTH_IN_BYTES (96 / 8)
98 #define SHA224_DIGEST_LENGTH_IN_BYTES (224 / 8)
99 #define SHA256_DIGEST_LENGTH_IN_BYTES (256 / 8)
100 #define SHA384_DIGEST_LENGTH_IN_BYTES (384 / 8)
101 #define SHA512_DIGEST_LENGTH_IN_BYTES (512 / 8)
102 #define KASUMI_DIGEST_LENGTH_IN_BYTES (32 / 8)
104 #define IV_LENGTH_16_BYTES (16)
105 #define IV_LENGTH_8_BYTES (8)
109 * rte_memzone is used to allocate physically contiguous virtual memory.
110 * In this application we allocate a single block and divide between variables
111 * which require a virtual to physical mapping for use by the QAT driver.
112 * Virt2phys is only performed during initialisation and not on the data-path.
115 #define LCORE_MEMZONE_SIZE (1 << 22)
119 const struct rte_memzone *memzone;
120 void *next_free_address;
124 * Size the qa software response queue.
125 * Note: Head and Tail are 8 bit, therefore, the queue is
126 * fixed to 256 entries.
128 #define CRYPTO_SOFTWARE_QUEUE_SIZE 256
130 struct qa_callbackQueue {
134 struct rte_mbuf *qaCallbackRing[CRYPTO_SOFTWARE_QUEUE_SIZE];
137 struct qa_core_conf {
138 CpaCySymDpSessionCtx *encryptSessionHandleTbl[NUM_CRYPTO][NUM_HMAC];
139 CpaCySymDpSessionCtx *decryptSessionHandleTbl[NUM_CRYPTO][NUM_HMAC];
140 CpaInstanceHandle instanceHandle;
141 struct qa_callbackQueue callbackQueue;
142 uint64_t qaOutstandingRequests;
143 uint64_t numResponseAttempts;
146 CpaPhysicalAddr packetIVPhy;
147 struct lcore_memzone lcoreMemzone;
148 } __rte_cache_aligned;
150 #define MAX_CORES (RTE_MAX_LCORE)
152 static struct qa_core_conf qaCoreConf[MAX_CORES];
155 *Create maximum possible key size,
156 *One for cipher and one for hash
159 uint8_t cipher_key[32];
160 uint8_t hash_key[64];
164 struct glob_keys g_crypto_hash_keys = {
165 .cipher_key = {0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
166 0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10,
167 0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,
168 0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f,0x20},
169 .hash_key = {0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
170 0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10,
171 0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,
172 0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f,0x20,
173 0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,
174 0x29,0x2a,0x2b,0x2c,0x2d,0x2e,0x2f,0x30,
175 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
176 0x39,0x4a,0x4b,0x4c,0x4d,0x4e,0x4f,0x50},
177 .iv = {0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
178 0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10}
182 * Offsets from the start of the packet.
185 #define PACKET_DATA_START_PHYS(p) \
186 ((p)->buf_physaddr + (p)->data_off)
189 * A fixed offset to where the crypto is to be performed, which is the first
190 * byte after the Ethernet(14 bytes) and IPv4 headers(20 bytes)
192 #define CRYPTO_START_OFFSET (14+20)
193 #define HASH_START_OFFSET (14+20)
194 #define CIPHER_BLOCK_DEFAULT_SIZE (16)
195 #define HASH_BLOCK_DEFAULT_SIZE (16)
198 * Offset to the opdata from the start of the data portion of packet.
199 * Assumption: The buffer is physically contiguous.
200 * +18 takes this to the next cache line.
203 #define CRYPTO_OFFSET_TO_OPDATA (ETHER_MAX_LEN+18)
206 * Default number of requests to place on the hardware ring before kicking the
209 #define CRYPTO_BURST_TX (16)
212 * Only call the qa poll function when the number responses in the software
213 * queue drops below this number.
215 #define CRYPTO_QUEUED_RESP_POLL_THRESHOLD (32)
218 * Limit the number of polls per call to get_next_response.
220 #define GET_NEXT_RESPONSE_FREQ (32)
223 * Max number of responses to pull from the qa in one poll.
225 #define CRYPTO_MAX_RESPONSE_QUOTA \
226 (CRYPTO_SOFTWARE_QUEUE_SIZE-CRYPTO_QUEUED_RESP_POLL_THRESHOLD-1)
228 #if (CRYPTO_QUEUED_RESP_POLL_THRESHOLD + CRYPTO_MAX_RESPONSE_QUOTA >= \
229 CRYPTO_SOFTWARE_QUEUE_SIZE)
230 #error Its possible to overflow the qa response Q with current poll and \
235 crypto_callback(CpaCySymDpOpData *pOpData,
236 __rte_unused CpaStatus status,
237 __rte_unused CpaBoolean verifyResult)
240 lcore_id = rte_lcore_id();
241 struct qa_callbackQueue *callbackQ = &(qaCoreConf[lcore_id].callbackQueue);
244 * Received a completion from the QA hardware.
245 * Place the response on the return queue.
247 callbackQ->qaCallbackRing[callbackQ->head] = pOpData->pCallbackTag;
249 callbackQ->numEntries++;
250 qaCoreConf[lcore_id].qaOutstandingRequests--;
254 qa_crypto_callback(CpaCySymDpOpData *pOpData, CpaStatus status,
255 CpaBoolean verifyResult)
257 crypto_callback(pOpData, status, verifyResult);
261 * Each allocation from a particular memzone lasts for the life-time of
262 * the application. No freeing of previous allocations will occur.
265 alloc_memzone_region(uint32_t length, uint32_t lcore_id)
267 char *current_free_addr_ptr = NULL;
268 struct lcore_memzone *lcore_memzone = &(qaCoreConf[lcore_id].lcoreMemzone);
270 current_free_addr_ptr = lcore_memzone->next_free_address;
272 if (current_free_addr_ptr + length >=
273 (char *)lcore_memzone->memzone->addr + lcore_memzone->memzone->len) {
274 printf("Crypto: No memory available in memzone\n");
277 lcore_memzone->next_free_address = current_free_addr_ptr + length;
279 return (void *)current_free_addr_ptr;
283 * Virtual to Physical Address translation is only executed during initialization
284 * and not on the data-path.
286 static CpaPhysicalAddr
289 const struct rte_memzone *memzone = NULL;
290 uint32_t lcore_id = 0;
291 RTE_LCORE_FOREACH(lcore_id) {
292 memzone = qaCoreConf[lcore_id].lcoreMemzone.memzone;
294 if ((char*) ptr >= (char *) memzone->addr &&
295 (char*) ptr < ((char*) memzone->addr + memzone->len)) {
296 return (CpaPhysicalAddr)
297 (memzone->phys_addr + ((char *) ptr - (char*) memzone->addr));
300 printf("Crypto: Corresponding physical address not found in memzone\n");
301 return (CpaPhysicalAddr) 0;
305 getCoreAffinity(Cpa32U *coreAffinity, const CpaInstanceHandle instanceHandle)
307 CpaInstanceInfo2 info;
309 CpaStatus status = CPA_STATUS_SUCCESS;
311 bzero(&info, sizeof(CpaInstanceInfo2));
313 status = cpaCyInstanceGetInfo2(instanceHandle, &info);
314 if (CPA_STATUS_SUCCESS != status) {
315 printf("Crypto: Error getting instance info\n");
316 return CPA_STATUS_FAIL;
318 for (i = 0; i < MAX_CORES; i++) {
319 if (CPA_BITMAP_BIT_TEST(info.coreAffinity, i)) {
321 return CPA_STATUS_SUCCESS;
324 return CPA_STATUS_FAIL;
328 get_crypto_instance_on_core(CpaInstanceHandle *pInstanceHandle,
331 Cpa16U numInstances = 0, i = 0;
332 CpaStatus status = CPA_STATUS_FAIL;
333 CpaInstanceHandle *pLocalInstanceHandles = NULL;
334 Cpa32U coreAffinity = 0;
336 status = cpaCyGetNumInstances(&numInstances);
337 if (CPA_STATUS_SUCCESS != status || numInstances == 0) {
338 return CPA_STATUS_FAIL;
341 pLocalInstanceHandles = rte_malloc("pLocalInstanceHandles",
342 sizeof(CpaInstanceHandle) * numInstances, RTE_CACHE_LINE_SIZE);
344 if (NULL == pLocalInstanceHandles) {
345 return CPA_STATUS_FAIL;
347 status = cpaCyGetInstances(numInstances, pLocalInstanceHandles);
348 if (CPA_STATUS_SUCCESS != status) {
349 printf("Crypto: cpaCyGetInstances failed with status: %"PRId32"\n", status);
350 rte_free((void *) pLocalInstanceHandles);
351 return CPA_STATUS_FAIL;
354 for (i = 0; i < numInstances; i++) {
355 status = getCoreAffinity(&coreAffinity, pLocalInstanceHandles[i]);
356 if (CPA_STATUS_SUCCESS != status) {
357 rte_free((void *) pLocalInstanceHandles);
358 return CPA_STATUS_FAIL;
360 if (coreAffinity == lcore_id) {
361 printf("Crypto: instance found on core %d\n", i);
362 *pInstanceHandle = pLocalInstanceHandles[i];
363 return CPA_STATUS_SUCCESS;
366 /* core affinity not found */
367 rte_free((void *) pLocalInstanceHandles);
368 return CPA_STATUS_FAIL;
372 initCySymSession(const int pkt_cipher_alg,
373 const int pkt_hash_alg, const CpaCySymHashMode hashMode,
374 const CpaCySymCipherDirection crypto_direction,
375 CpaCySymSessionCtx **ppSessionCtx,
376 const CpaInstanceHandle cyInstanceHandle,
377 const uint32_t lcore_id)
379 Cpa32U sessionCtxSizeInBytes = 0;
380 CpaStatus status = CPA_STATUS_FAIL;
381 CpaBoolean isCrypto = CPA_TRUE, isHmac = CPA_TRUE;
382 CpaCySymSessionSetupData sessionSetupData;
384 bzero(&sessionSetupData, sizeof(CpaCySymSessionSetupData));
386 /* Assumption: key length is set to each algorithm's max length */
387 switch (pkt_cipher_alg) {
389 isCrypto = CPA_FALSE;
392 sessionSetupData.cipherSetupData.cipherAlgorithm =
393 CPA_CY_SYM_CIPHER_DES_ECB;
394 sessionSetupData.cipherSetupData.cipherKeyLenInBytes =
395 KEY_SIZE_64_IN_BYTES;
398 sessionSetupData.cipherSetupData.cipherAlgorithm =
399 CPA_CY_SYM_CIPHER_DES_CBC;
400 sessionSetupData.cipherSetupData.cipherKeyLenInBytes =
401 KEY_SIZE_64_IN_BYTES;
404 sessionSetupData.cipherSetupData.cipherAlgorithm =
405 CPA_CY_SYM_CIPHER_3DES_ECB;
406 sessionSetupData.cipherSetupData.cipherKeyLenInBytes =
407 KEY_SIZE_192_IN_BYTES;
409 case CIPHER_DES3_CBC:
410 sessionSetupData.cipherSetupData.cipherAlgorithm =
411 CPA_CY_SYM_CIPHER_3DES_CBC;
412 sessionSetupData.cipherSetupData.cipherKeyLenInBytes =
413 KEY_SIZE_192_IN_BYTES;
416 sessionSetupData.cipherSetupData.cipherAlgorithm =
417 CPA_CY_SYM_CIPHER_AES_ECB;
418 sessionSetupData.cipherSetupData.cipherKeyLenInBytes =
419 KEY_SIZE_128_IN_BYTES;
421 case CIPHER_AES_CBC_128:
422 sessionSetupData.cipherSetupData.cipherAlgorithm =
423 CPA_CY_SYM_CIPHER_AES_CBC;
424 sessionSetupData.cipherSetupData.cipherKeyLenInBytes =
425 KEY_SIZE_128_IN_BYTES;
427 case CIPHER_KASUMI_F8:
428 sessionSetupData.cipherSetupData.cipherAlgorithm =
429 CPA_CY_SYM_CIPHER_KASUMI_F8;
430 sessionSetupData.cipherSetupData.cipherKeyLenInBytes =
431 KEY_SIZE_128_IN_BYTES;
434 printf("Crypto: Undefined Cipher specified\n");
437 /* Set the cipher direction */
439 sessionSetupData.cipherSetupData.cipherDirection = crypto_direction;
440 sessionSetupData.cipherSetupData.pCipherKey =
441 g_crypto_hash_keys.cipher_key;
442 sessionSetupData.symOperation = CPA_CY_SYM_OP_CIPHER;
445 /* Setup Hash common fields */
446 switch (pkt_hash_alg) {
451 sessionSetupData.hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_AES_XCBC;
452 sessionSetupData.hashSetupData.digestResultLenInBytes =
453 AES_XCBC_DIGEST_LENGTH_IN_BYTES;
455 case HASH_AES_XCBC_96:
456 sessionSetupData.hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_AES_XCBC;
457 sessionSetupData.hashSetupData.digestResultLenInBytes =
458 AES_XCBC_96_DIGEST_LENGTH_IN_BYTES;
461 sessionSetupData.hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_MD5;
462 sessionSetupData.hashSetupData.digestResultLenInBytes =
463 MD5_DIGEST_LENGTH_IN_BYTES;
466 sessionSetupData.hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_SHA1;
467 sessionSetupData.hashSetupData.digestResultLenInBytes =
468 SHA1_DIGEST_LENGTH_IN_BYTES;
471 sessionSetupData.hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_SHA1;
472 sessionSetupData.hashSetupData.digestResultLenInBytes =
473 SHA1_96_DIGEST_LENGTH_IN_BYTES;
476 sessionSetupData.hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_SHA224;
477 sessionSetupData.hashSetupData.digestResultLenInBytes =
478 SHA224_DIGEST_LENGTH_IN_BYTES;
481 sessionSetupData.hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_SHA256;
482 sessionSetupData.hashSetupData.digestResultLenInBytes =
483 SHA256_DIGEST_LENGTH_IN_BYTES;
486 sessionSetupData.hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_SHA384;
487 sessionSetupData.hashSetupData.digestResultLenInBytes =
488 SHA384_DIGEST_LENGTH_IN_BYTES;
491 sessionSetupData.hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_SHA512;
492 sessionSetupData.hashSetupData.digestResultLenInBytes =
493 SHA512_DIGEST_LENGTH_IN_BYTES;
496 sessionSetupData.hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_KASUMI_F9;
497 sessionSetupData.hashSetupData.digestResultLenInBytes =
498 KASUMI_DIGEST_LENGTH_IN_BYTES;
501 printf("Crypto: Undefined Hash specified\n");
505 sessionSetupData.hashSetupData.hashMode = hashMode;
506 sessionSetupData.symOperation = CPA_CY_SYM_OP_HASH;
507 /* If using authenticated hash setup key lengths */
508 if (CPA_CY_SYM_HASH_MODE_AUTH == hashMode) {
509 /* Use a common max length key */
510 sessionSetupData.hashSetupData.authModeSetupData.authKey =
511 g_crypto_hash_keys.hash_key;
512 switch (pkt_hash_alg) {
514 case HASH_AES_XCBC_96:
515 sessionSetupData.hashSetupData.authModeSetupData.authKeyLenInBytes =
516 AES_XCBC_AUTH_KEY_LENGTH_IN_BYTES;
519 sessionSetupData.hashSetupData.authModeSetupData.authKeyLenInBytes =
520 SHA1_AUTH_KEY_LENGTH_IN_BYTES;
524 sessionSetupData.hashSetupData.authModeSetupData.authKeyLenInBytes =
525 SHA1_AUTH_KEY_LENGTH_IN_BYTES;
528 sessionSetupData.hashSetupData.authModeSetupData.authKeyLenInBytes =
529 SHA224_AUTH_KEY_LENGTH_IN_BYTES;
532 sessionSetupData.hashSetupData.authModeSetupData.authKeyLenInBytes =
533 SHA256_AUTH_KEY_LENGTH_IN_BYTES;
536 sessionSetupData.hashSetupData.authModeSetupData.authKeyLenInBytes =
537 SHA384_AUTH_KEY_LENGTH_IN_BYTES;
540 sessionSetupData.hashSetupData.authModeSetupData.authKeyLenInBytes =
541 SHA512_AUTH_KEY_LENGTH_IN_BYTES;
544 sessionSetupData.hashSetupData.authModeSetupData.authKeyLenInBytes =
545 KASUMI_AUTH_KEY_LENGTH_IN_BYTES;
548 printf("Crypto: Undefined Hash specified\n");
549 return CPA_STATUS_FAIL;
554 /* Only high priority supported */
555 sessionSetupData.sessionPriority = CPA_CY_PRIORITY_HIGH;
557 /* If chaining algorithms */
558 if (isCrypto && isHmac) {
559 sessionSetupData.symOperation = CPA_CY_SYM_OP_ALGORITHM_CHAINING;
560 /* @assumption Alg Chain order is cipher then hash for encrypt
561 * and hash then cipher then has for decrypt*/
562 if (CPA_CY_SYM_CIPHER_DIRECTION_ENCRYPT == crypto_direction) {
563 sessionSetupData.algChainOrder =
564 CPA_CY_SYM_ALG_CHAIN_ORDER_CIPHER_THEN_HASH;
566 sessionSetupData.algChainOrder =
567 CPA_CY_SYM_ALG_CHAIN_ORDER_HASH_THEN_CIPHER;
570 if (!isCrypto && !isHmac) {
571 *ppSessionCtx = NULL;
572 return CPA_STATUS_SUCCESS;
575 /* Set flags for digest operations */
576 sessionSetupData.digestIsAppended = CPA_FALSE;
577 sessionSetupData.verifyDigest = CPA_TRUE;
579 /* Get the session context size based on the crypto and/or hash operations*/
580 status = cpaCySymDpSessionCtxGetSize(cyInstanceHandle, &sessionSetupData,
581 &sessionCtxSizeInBytes);
582 if (CPA_STATUS_SUCCESS != status) {
583 printf("Crypto: cpaCySymDpSessionCtxGetSize error, status: %"PRId32"\n",
585 return CPA_STATUS_FAIL;
588 *ppSessionCtx = alloc_memzone_region(sessionCtxSizeInBytes, lcore_id);
589 if (NULL == *ppSessionCtx) {
590 printf("Crypto: Failed to allocate memory for Session Context\n");
591 return CPA_STATUS_FAIL;
594 status = cpaCySymDpInitSession(cyInstanceHandle, &sessionSetupData,
596 if (CPA_STATUS_SUCCESS != status) {
597 printf("Crypto: cpaCySymDpInitSession failed with status %"PRId32"\n", status);
598 return CPA_STATUS_FAIL;
600 return CPA_STATUS_SUCCESS;
604 initSessionDataTables(struct qa_core_conf *qaCoreConf,uint32_t lcore_id)
607 CpaStatus status = CPA_STATUS_FAIL;
608 for (i = 0; i < NUM_CRYPTO; i++) {
609 for (j = 0; j < NUM_HMAC; j++) {
610 if (((i == CIPHER_KASUMI_F8) && (j != NO_HASH) && (j != HASH_KASUMI_F9)) ||
611 ((i != NO_CIPHER) && (i != CIPHER_KASUMI_F8) && (j == HASH_KASUMI_F9)))
613 status = initCySymSession(i, j, CPA_CY_SYM_HASH_MODE_AUTH,
614 CPA_CY_SYM_CIPHER_DIRECTION_ENCRYPT,
615 &qaCoreConf->encryptSessionHandleTbl[i][j],
616 qaCoreConf->instanceHandle,
618 if (CPA_STATUS_SUCCESS != status) {
619 printf("Crypto: Failed to initialize Encrypt sessions\n");
620 return CPA_STATUS_FAIL;
622 status = initCySymSession(i, j, CPA_CY_SYM_HASH_MODE_AUTH,
623 CPA_CY_SYM_CIPHER_DIRECTION_DECRYPT,
624 &qaCoreConf->decryptSessionHandleTbl[i][j],
625 qaCoreConf->instanceHandle,
627 if (CPA_STATUS_SUCCESS != status) {
628 printf("Crypto: Failed to initialize Decrypt sessions\n");
629 return CPA_STATUS_FAIL;
633 return CPA_STATUS_SUCCESS;
639 if (CPA_STATUS_SUCCESS != icp_sal_userStartMultiProcess("SSL",CPA_FALSE)) {
640 printf("Crypto: Could not start sal for user space\n");
641 return CPA_STATUS_FAIL;
643 printf("Crypto: icp_sal_userStartMultiProcess(\"SSL\",CPA_FALSE)\n");
648 * Per core initialisation
651 per_core_crypto_init(uint32_t lcore_id)
653 CpaStatus status = CPA_STATUS_FAIL;
654 char memzone_name[RTE_MEMZONE_NAMESIZE];
656 int socketID = rte_lcore_to_socket_id(lcore_id);
658 /* Allocate software ring for response messages. */
660 qaCoreConf[lcore_id].callbackQueue.head = 0;
661 qaCoreConf[lcore_id].callbackQueue.tail = 0;
662 qaCoreConf[lcore_id].callbackQueue.numEntries = 0;
663 qaCoreConf[lcore_id].kickFreq = 0;
664 qaCoreConf[lcore_id].qaOutstandingRequests = 0;
665 qaCoreConf[lcore_id].numResponseAttempts = 0;
667 /* Initialise and reserve lcore memzone for virt2phys translation */
668 snprintf(memzone_name,
669 RTE_MEMZONE_NAMESIZE,
673 qaCoreConf[lcore_id].lcoreMemzone.memzone = rte_memzone_reserve(
678 if (NULL == qaCoreConf[lcore_id].lcoreMemzone.memzone) {
679 printf("Crypto: Error allocating memzone on lcore %u\n",lcore_id);
682 qaCoreConf[lcore_id].lcoreMemzone.next_free_address =
683 qaCoreConf[lcore_id].lcoreMemzone.memzone->addr;
685 qaCoreConf[lcore_id].pPacketIV = alloc_memzone_region(IV_LENGTH_16_BYTES,
688 if (NULL == qaCoreConf[lcore_id].pPacketIV ) {
689 printf("Crypto: Failed to allocate memory for Initialization Vector\n");
693 memcpy(qaCoreConf[lcore_id].pPacketIV, &g_crypto_hash_keys.iv,
696 qaCoreConf[lcore_id].packetIVPhy = qa_v2p(qaCoreConf[lcore_id].pPacketIV);
697 if (0 == qaCoreConf[lcore_id].packetIVPhy) {
698 printf("Crypto: Invalid physical address for Initialization Vector\n");
703 * Obtain the instance handle that is mapped to the current lcore.
704 * This can fail if an instance is not mapped to a bank which has been
705 * affinitized to the current lcore.
707 status = get_crypto_instance_on_core(&(qaCoreConf[lcore_id].instanceHandle),
709 if (CPA_STATUS_SUCCESS != status) {
710 printf("Crypto: get_crypto_instance_on_core failed with status: %"PRId32"\n",
715 status = cpaCySymDpRegCbFunc(qaCoreConf[lcore_id].instanceHandle,
716 (CpaCySymDpCbFunc) qa_crypto_callback);
717 if (CPA_STATUS_SUCCESS != status) {
718 printf("Crypto: cpaCySymDpRegCbFunc failed with status: %"PRId32"\n", status);
723 * Set the address translation callback for virtual to physcial address
724 * mapping. This will be called by the QAT driver during initialisation only.
726 status = cpaCySetAddressTranslation(qaCoreConf[lcore_id].instanceHandle,
727 (CpaVirtualToPhysical) qa_v2p);
728 if (CPA_STATUS_SUCCESS != status) {
729 printf("Crypto: cpaCySetAddressTranslation failed with status: %"PRId32"\n",
734 status = initSessionDataTables(&qaCoreConf[lcore_id],lcore_id);
735 if (CPA_STATUS_SUCCESS != status) {
736 printf("Crypto: Failed to allocate all session tables.");
743 enqueueOp(CpaCySymDpOpData *opData, uint32_t lcore_id)
749 * Assumption is there is no requirement to do load balancing between
750 * acceleration units - that is one acceleration unit is tied to a core.
752 opData->instanceHandle = qaCoreConf[lcore_id].instanceHandle;
754 if ((++qaCoreConf[lcore_id].kickFreq) % CRYPTO_BURST_TX == 0) {
755 status = cpaCySymDpEnqueueOp(opData, CPA_TRUE);
757 status = cpaCySymDpEnqueueOp(opData, CPA_FALSE);
760 qaCoreConf[lcore_id].qaOutstandingRequests++;
766 crypto_flush_tx_queue(uint32_t lcore_id)
769 cpaCySymDpPerformOpNow(qaCoreConf[lcore_id].instanceHandle);
773 crypto_encrypt(struct rte_mbuf *rte_buff, enum cipher_alg c, enum hash_alg h)
775 CpaCySymDpOpData *opData =
776 (CpaCySymDpOpData *) (rte_pktmbuf_mtod(rte_buff, char *)
777 + CRYPTO_OFFSET_TO_OPDATA);
780 if (unlikely(c >= NUM_CRYPTO || h >= NUM_HMAC))
781 return CRYPTO_RESULT_FAIL;
783 lcore_id = rte_lcore_id();
785 bzero(opData, sizeof(CpaCySymDpOpData));
787 opData->srcBuffer = opData->dstBuffer = PACKET_DATA_START_PHYS(rte_buff);
788 opData->srcBufferLen = opData->dstBufferLen = rte_buff->data_len;
789 opData->sessionCtx = qaCoreConf[lcore_id].encryptSessionHandleTbl[c][h];
790 opData->thisPhys = PACKET_DATA_START_PHYS(rte_buff)
791 + CRYPTO_OFFSET_TO_OPDATA;
792 opData->pCallbackTag = rte_buff;
794 /* if no crypto or hash operations are specified return fail */
795 if (NO_CIPHER == c && NO_HASH == h)
796 return CRYPTO_RESULT_FAIL;
798 if (NO_CIPHER != c) {
799 opData->pIv = qaCoreConf[lcore_id].pPacketIV;
800 opData->iv = qaCoreConf[lcore_id].packetIVPhy;
802 if (CIPHER_AES_CBC_128 == c)
803 opData->ivLenInBytes = IV_LENGTH_16_BYTES;
805 opData->ivLenInBytes = IV_LENGTH_8_BYTES;
807 opData->cryptoStartSrcOffsetInBytes = CRYPTO_START_OFFSET;
808 opData->messageLenToCipherInBytes = rte_buff->data_len
809 - CRYPTO_START_OFFSET;
811 * Work around for padding, message length has to be a multiple of
814 opData->messageLenToCipherInBytes -= opData->messageLenToCipherInBytes
815 % CIPHER_BLOCK_DEFAULT_SIZE;
820 opData->hashStartSrcOffsetInBytes = HASH_START_OFFSET;
821 opData->messageLenToHashInBytes = rte_buff->data_len
824 * Work around for padding, message length has to be a multiple of block
827 opData->messageLenToHashInBytes -= opData->messageLenToHashInBytes
828 % HASH_BLOCK_DEFAULT_SIZE;
831 * Assumption: Ok ignore the passed digest pointer and place HMAC at end
834 opData->digestResult = rte_buff->buf_physaddr + rte_buff->data_len;
837 if (CPA_STATUS_SUCCESS != enqueueOp(opData, lcore_id)) {
839 * Failed to place a packet on the hardware queue.
840 * Most likely because the QA hardware is busy.
842 return CRYPTO_RESULT_FAIL;
844 return CRYPTO_RESULT_IN_PROGRESS;
848 crypto_decrypt(struct rte_mbuf *rte_buff, enum cipher_alg c, enum hash_alg h)
851 CpaCySymDpOpData *opData = (void*) (rte_pktmbuf_mtod(rte_buff, char *)
852 + CRYPTO_OFFSET_TO_OPDATA);
855 if (unlikely(c >= NUM_CRYPTO || h >= NUM_HMAC))
856 return CRYPTO_RESULT_FAIL;
858 lcore_id = rte_lcore_id();
860 bzero(opData, sizeof(CpaCySymDpOpData));
862 opData->dstBuffer = opData->srcBuffer = PACKET_DATA_START_PHYS(rte_buff);
863 opData->dstBufferLen = opData->srcBufferLen = rte_buff->data_len;
864 opData->thisPhys = PACKET_DATA_START_PHYS(rte_buff)
865 + CRYPTO_OFFSET_TO_OPDATA;
866 opData->sessionCtx = qaCoreConf[lcore_id].decryptSessionHandleTbl[c][h];
867 opData->pCallbackTag = rte_buff;
869 /* if no crypto or hmac operations are specified return fail */
870 if (NO_CIPHER == c && NO_HASH == h)
871 return CRYPTO_RESULT_FAIL;
873 if (NO_CIPHER != c) {
874 opData->pIv = qaCoreConf[lcore_id].pPacketIV;
875 opData->iv = qaCoreConf[lcore_id].packetIVPhy;
877 if (CIPHER_AES_CBC_128 == c)
878 opData->ivLenInBytes = IV_LENGTH_16_BYTES;
880 opData->ivLenInBytes = IV_LENGTH_8_BYTES;
882 opData->cryptoStartSrcOffsetInBytes = CRYPTO_START_OFFSET;
883 opData->messageLenToCipherInBytes = rte_buff->data_len
884 - CRYPTO_START_OFFSET;
887 * Work around for padding, message length has to be a multiple of block
890 opData->messageLenToCipherInBytes -= opData->messageLenToCipherInBytes
891 % CIPHER_BLOCK_DEFAULT_SIZE;
894 opData->hashStartSrcOffsetInBytes = HASH_START_OFFSET;
895 opData->messageLenToHashInBytes = rte_buff->data_len
898 * Work around for padding, message length has to be a multiple of block
901 opData->messageLenToHashInBytes -= opData->messageLenToHashInBytes
902 % HASH_BLOCK_DEFAULT_SIZE;
903 opData->digestResult = rte_buff->buf_physaddr + rte_buff->data_len;
906 if (CPA_STATUS_SUCCESS != enqueueOp(opData, lcore_id)) {
908 * Failed to place a packet on the hardware queue.
909 * Most likely because the QA hardware is busy.
911 return CRYPTO_RESULT_FAIL;
913 return CRYPTO_RESULT_IN_PROGRESS;
917 crypto_get_next_response(void)
920 lcore_id = rte_lcore_id();
921 struct qa_callbackQueue *callbackQ = &(qaCoreConf[lcore_id].callbackQueue);
924 if (callbackQ->numEntries) {
925 entry = callbackQ->qaCallbackRing[callbackQ->tail];
927 callbackQ->numEntries--;
930 /* If there are no outstanding requests no need to poll, return entry */
931 if (qaCoreConf[lcore_id].qaOutstandingRequests == 0)
934 if (callbackQ->numEntries < CRYPTO_QUEUED_RESP_POLL_THRESHOLD
935 && qaCoreConf[lcore_id].numResponseAttempts++
936 % GET_NEXT_RESPONSE_FREQ == 0) {
938 * Only poll the hardware when there is less than
939 * CRYPTO_QUEUED_RESP_POLL_THRESHOLD elements in the software queue
941 icp_sal_CyPollDpInstance(qaCoreConf[lcore_id].instanceHandle,
942 CRYPTO_MAX_RESPONSE_QUOTA);
git.droids-corp.org / dpdk.git / blob