#include <rte_cryptodev.h>
#include <rte_ether.h>
+#include <rte_ip.h>
#include "cperf_ops.h"
#include "cperf_test_vectors.h"
+static int
+cperf_set_ops_asym(struct rte_crypto_op **ops,
+ uint32_t src_buf_offset __rte_unused,
+ uint32_t dst_buf_offset __rte_unused, uint16_t nb_ops,
+ struct rte_cryptodev_sym_session *sess,
+ const struct cperf_options *options,
+ const struct cperf_test_vector *test_vector __rte_unused,
+ uint16_t iv_offset __rte_unused,
+ uint32_t *imix_idx __rte_unused,
+ uint64_t *tsc_start __rte_unused)
+{
+ uint16_t i;
+ void *asym_sess = (void *)sess;
+
+ for (i = 0; i < nb_ops; i++) {
+ struct rte_crypto_asym_op *asym_op = ops[i]->asym;
+
+ ops[i]->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
+ asym_op->modex.base.data = options->modex_data->base.data;
+ asym_op->modex.base.length = options->modex_data->base.len;
+ asym_op->modex.result.data = options->modex_data->result.data;
+ asym_op->modex.result.length = options->modex_data->result.len;
+ rte_crypto_op_attach_asym_session(ops[i], asym_sess);
+ }
+ return 0;
+}
+
#ifdef RTE_LIB_SECURITY
+static void
+test_ipsec_vec_populate(struct rte_mbuf *m, const struct cperf_options *options,
+ const struct cperf_test_vector *test_vector)
+{
+ struct rte_ipv4_hdr *ip = rte_pktmbuf_mtod(m, struct rte_ipv4_hdr *);
+
+ if ((options->aead_op == RTE_CRYPTO_AEAD_OP_ENCRYPT) ||
+ (options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)) {
+ memcpy(ip, test_vector->plaintext.data,
+ sizeof(struct rte_ipv4_hdr));
+
+ ip->total_length = rte_cpu_to_be_16(m->data_len);
+ }
+}
+
static int
cperf_set_ops_security(struct rte_crypto_op **ops,
uint32_t src_buf_offset __rte_unused,
uint32_t dst_buf_offset __rte_unused,
uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
- const struct cperf_options *options __rte_unused,
- const struct cperf_test_vector *test_vector __rte_unused,
- uint16_t iv_offset __rte_unused, uint32_t *imix_idx)
+ const struct cperf_options *options,
+ const struct cperf_test_vector *test_vector,
+ uint16_t iv_offset __rte_unused, uint32_t *imix_idx,
+ uint64_t *tsc_start)
{
uint16_t i;
dst_buf_offset);
}
+ RTE_SET_USED(tsc_start);
+ RTE_SET_USED(test_vector);
+
+ return 0;
+}
+
+static int
+cperf_set_ops_security_ipsec(struct rte_crypto_op **ops,
+ uint32_t src_buf_offset __rte_unused,
+ uint32_t dst_buf_offset __rte_unused,
+ uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
+ const struct cperf_options *options,
+ const struct cperf_test_vector *test_vector,
+ uint16_t iv_offset __rte_unused, uint32_t *imix_idx,
+ uint64_t *tsc_start)
+{
+ struct rte_security_session *sec_sess =
+ (struct rte_security_session *)sess;
+ const uint32_t test_buffer_size = options->test_buffer_size;
+ const uint32_t headroom_sz = options->headroom_sz;
+ const uint32_t segment_sz = options->segment_sz;
+ uint64_t tsc_start_temp, tsc_end_temp;
+ uint16_t i = 0;
+
+ RTE_SET_USED(imix_idx);
+
+ for (i = 0; i < nb_ops; i++) {
+ struct rte_crypto_sym_op *sym_op = ops[i]->sym;
+ struct rte_mbuf *m = sym_op->m_src;
+
+ ops[i]->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
+ rte_security_attach_session(ops[i], sec_sess);
+ sym_op->m_src = (struct rte_mbuf *)((uint8_t *)ops[i] +
+ src_buf_offset);
+
+ /* In case of IPsec, headroom is consumed by PMD,
+ * hence resetting it.
+ */
+ m->data_off = headroom_sz;
+
+ m->buf_len = segment_sz;
+ m->data_len = test_buffer_size;
+ m->pkt_len = test_buffer_size;
+
+ sym_op->m_dst = NULL;
+ }
+
+ if (options->test_file != NULL)
+ return 0;
+
+ tsc_start_temp = rte_rdtsc_precise();
+
+ for (i = 0; i < nb_ops; i++) {
+ struct rte_crypto_sym_op *sym_op = ops[i]->sym;
+ struct rte_mbuf *m = sym_op->m_src;
+
+ test_ipsec_vec_populate(m, options, test_vector);
+ }
+
+ tsc_end_temp = rte_rdtsc_precise();
+ *tsc_start += tsc_end_temp - tsc_start_temp;
+
return 0;
}
+
#endif
static int
uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
const struct cperf_options *options,
const struct cperf_test_vector *test_vector __rte_unused,
- uint16_t iv_offset __rte_unused, uint32_t *imix_idx)
+ uint16_t iv_offset __rte_unused, uint32_t *imix_idx,
+ uint64_t *tsc_start __rte_unused)
{
uint16_t i;
uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
const struct cperf_options *options,
const struct cperf_test_vector *test_vector __rte_unused,
- uint16_t iv_offset __rte_unused, uint32_t *imix_idx)
+ uint16_t iv_offset __rte_unused, uint32_t *imix_idx,
+ uint64_t *tsc_start __rte_unused)
{
uint16_t i;
uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
const struct cperf_options *options,
const struct cperf_test_vector *test_vector,
- uint16_t iv_offset, uint32_t *imix_idx)
+ uint16_t iv_offset, uint32_t *imix_idx,
+ uint64_t *tsc_start __rte_unused)
{
uint16_t i;
uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
const struct cperf_options *options,
const struct cperf_test_vector *test_vector,
- uint16_t iv_offset, uint32_t *imix_idx)
+ uint16_t iv_offset, uint32_t *imix_idx,
+ uint64_t *tsc_start __rte_unused)
{
uint16_t i;
uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
const struct cperf_options *options,
const struct cperf_test_vector *test_vector,
- uint16_t iv_offset, uint32_t *imix_idx)
+ uint16_t iv_offset, uint32_t *imix_idx,
+ uint64_t *tsc_start __rte_unused)
{
uint16_t i;
} else
sym_op->cipher.data.length = options->test_buffer_size;
+ if ((options->auth_op == RTE_CRYPTO_AUTH_OP_GENERATE) &&
+ (options->op_type == CPERF_AUTH_THEN_CIPHER))
+ sym_op->cipher.data.length += options->digest_sz;
+
if (options->cipher_algo == RTE_CRYPTO_CIPHER_SNOW3G_UEA2 ||
options->cipher_algo == RTE_CRYPTO_CIPHER_KASUMI_F8 ||
options->cipher_algo == RTE_CRYPTO_CIPHER_ZUC_EEA3)
uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
const struct cperf_options *options,
const struct cperf_test_vector *test_vector,
- uint16_t iv_offset, uint32_t *imix_idx)
+ uint16_t iv_offset, uint32_t *imix_idx,
+ uint64_t *tsc_start __rte_unused)
{
uint16_t i;
/* AAD is placed after the IV */
}
}
- if (options->test == CPERF_TEST_TYPE_VERIFY) {
+ if ((options->test == CPERF_TEST_TYPE_VERIFY) ||
+ (options->test == CPERF_TEST_TYPE_LATENCY)) {
for (i = 0; i < nb_ops; i++) {
uint8_t *iv_ptr = rte_crypto_op_ctod_offset(ops[i],
uint8_t *, iv_offset);
return 0;
}
+static struct rte_cryptodev_sym_session *
+create_ipsec_session(struct rte_mempool *sess_mp,
+ struct rte_mempool *priv_mp,
+ uint8_t dev_id,
+ const struct cperf_options *options,
+ const struct cperf_test_vector *test_vector,
+ uint16_t iv_offset)
+{
+ struct rte_crypto_sym_xform xform = {0};
+ struct rte_crypto_sym_xform auth_xform = {0};
+
+ if (options->aead_algo != 0) {
+ /* Setup AEAD Parameters */
+ xform.type = RTE_CRYPTO_SYM_XFORM_AEAD;
+ xform.next = NULL;
+ xform.aead.algo = options->aead_algo;
+ xform.aead.op = options->aead_op;
+ xform.aead.iv.offset = iv_offset;
+ xform.aead.key.data = test_vector->aead_key.data;
+ xform.aead.key.length = test_vector->aead_key.length;
+ xform.aead.iv.length = test_vector->aead_iv.length;
+ xform.aead.digest_length = options->digest_sz;
+ xform.aead.aad_length = options->aead_aad_sz;
+ } else if (options->cipher_algo != 0 && options->auth_algo != 0) {
+ /* Setup Cipher Parameters */
+ xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+ xform.next = NULL;
+ xform.cipher.algo = options->cipher_algo;
+ xform.cipher.op = options->cipher_op;
+ xform.cipher.iv.offset = iv_offset;
+ xform.cipher.iv.length = test_vector->cipher_iv.length;
+ /* cipher different than null */
+ if (options->cipher_algo != RTE_CRYPTO_CIPHER_NULL) {
+ xform.cipher.key.data = test_vector->cipher_key.data;
+ xform.cipher.key.length =
+ test_vector->cipher_key.length;
+ } else {
+ xform.cipher.key.data = NULL;
+ xform.cipher.key.length = 0;
+ }
+
+ /* Setup Auth Parameters */
+ auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+ auth_xform.next = NULL;
+ auth_xform.auth.algo = options->auth_algo;
+ auth_xform.auth.op = options->auth_op;
+ auth_xform.auth.iv.offset = iv_offset +
+ xform.cipher.iv.length;
+ /* auth different than null */
+ if (options->auth_algo != RTE_CRYPTO_AUTH_NULL) {
+ auth_xform.auth.digest_length = options->digest_sz;
+ auth_xform.auth.key.length =
+ test_vector->auth_key.length;
+ auth_xform.auth.key.data = test_vector->auth_key.data;
+ auth_xform.auth.iv.length = test_vector->auth_iv.length;
+ } else {
+ auth_xform.auth.digest_length = 0;
+ auth_xform.auth.key.length = 0;
+ auth_xform.auth.key.data = NULL;
+ auth_xform.auth.iv.length = 0;
+ }
+
+ xform.next = &auth_xform;
+ } else {
+ return NULL;
+ }
+
+#define CPERF_IPSEC_SRC_IP 0x01010101
+#define CPERF_IPSEC_DST_IP 0x02020202
+#define CPERF_IPSEC_SALT 0x0
+#define CPERF_IPSEC_DEFTTL 64
+ struct rte_security_ipsec_tunnel_param tunnel = {
+ .type = RTE_SECURITY_IPSEC_TUNNEL_IPV4,
+ {.ipv4 = {
+ .src_ip = { .s_addr = CPERF_IPSEC_SRC_IP},
+ .dst_ip = { .s_addr = CPERF_IPSEC_DST_IP},
+ .dscp = 0,
+ .df = 0,
+ .ttl = CPERF_IPSEC_DEFTTL,
+ } },
+ };
+ struct rte_security_session_conf sess_conf = {
+ .action_type = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
+ {.ipsec = {
+ .spi = rte_lcore_id(),
+ /**< For testing sake, lcore_id is taken as SPI so that
+ * for every core a different session is created.
+ */
+ .salt = CPERF_IPSEC_SALT,
+ .options = { 0 },
+ .replay_win_sz = 0,
+ .direction =
+ ((options->cipher_op ==
+ RTE_CRYPTO_CIPHER_OP_ENCRYPT) &&
+ (options->auth_op ==
+ RTE_CRYPTO_AUTH_OP_GENERATE)) ||
+ (options->aead_op ==
+ RTE_CRYPTO_AEAD_OP_ENCRYPT) ?
+ RTE_SECURITY_IPSEC_SA_DIR_EGRESS :
+ RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
+ .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+ .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+ .tunnel = tunnel,
+ } },
+ .userdata = NULL,
+ .crypto_xform = &xform
+ };
+
+ struct rte_security_ctx *ctx = (struct rte_security_ctx *)
+ rte_cryptodev_get_sec_ctx(dev_id);
+
+ /* Create security session */
+ return (void *)rte_security_session_create(ctx,
+ &sess_conf, sess_mp, priv_mp);
+}
+
static struct rte_cryptodev_sym_session *
cperf_create_session(struct rte_mempool *sess_mp,
struct rte_mempool *priv_mp,
struct rte_crypto_sym_xform auth_xform;
struct rte_crypto_sym_xform aead_xform;
struct rte_cryptodev_sym_session *sess = NULL;
-
+ void *asym_sess = NULL;
+ struct rte_crypto_asym_xform xform = {0};
+ int ret;
+
+ if (options->op_type == CPERF_ASYM_MODEX) {
+ xform.next = NULL;
+ xform.xform_type = RTE_CRYPTO_ASYM_XFORM_MODEX;
+ xform.modex.modulus.data = options->modex_data->modulus.data;
+ xform.modex.modulus.length = options->modex_data->modulus.len;
+ xform.modex.exponent.data = options->modex_data->exponent.data;
+ xform.modex.exponent.length = options->modex_data->exponent.len;
+
+ ret = rte_cryptodev_asym_session_create(dev_id, &xform,
+ sess_mp, &asym_sess);
+ if (ret < 0) {
+ RTE_LOG(ERR, USER1, "Asym session create failed\n");
+ return NULL;
+ }
+ return asym_sess;
+ }
#ifdef RTE_LIB_SECURITY
/*
* security only
.hfn = options->pdcp_ses_hfn_en ?
PDCP_DEFAULT_HFN : 0,
.hfn_threshold = 0x70C0A,
+ .sdap_enabled = options->pdcp_sdap,
.hfn_ovrd = !(options->pdcp_ses_hfn_en),
} },
.crypto_xform = &cipher_xform
return (void *)rte_security_session_create(ctx,
&sess_conf, sess_mp, priv_mp);
}
+
+ if (options->op_type == CPERF_IPSEC) {
+ return create_ipsec_session(sess_mp, priv_mp, dev_id,
+ options, test_vector, iv_offset);
+ }
+
if (options->op_type == CPERF_DOCSIS) {
enum rte_security_docsis_direction direction;
op_fns->sess_create = cperf_create_session;
- if (options->op_type == CPERF_AEAD) {
+ switch (options->op_type) {
+ case CPERF_AEAD:
op_fns->populate_ops = cperf_set_ops_aead;
- return 0;
- }
+ break;
- if (options->op_type == CPERF_AUTH_THEN_CIPHER
- || options->op_type == CPERF_CIPHER_THEN_AUTH) {
+ case CPERF_AUTH_THEN_CIPHER:
+ case CPERF_CIPHER_THEN_AUTH:
op_fns->populate_ops = cperf_set_ops_cipher_auth;
- return 0;
- }
- if (options->op_type == CPERF_AUTH_ONLY) {
+ break;
+ case CPERF_AUTH_ONLY:
if (options->auth_algo == RTE_CRYPTO_AUTH_NULL)
op_fns->populate_ops = cperf_set_ops_null_auth;
else
op_fns->populate_ops = cperf_set_ops_auth;
- return 0;
- }
- if (options->op_type == CPERF_CIPHER_ONLY) {
+ break;
+ case CPERF_CIPHER_ONLY:
if (options->cipher_algo == RTE_CRYPTO_CIPHER_NULL)
op_fns->populate_ops = cperf_set_ops_null_cipher;
else
op_fns->populate_ops = cperf_set_ops_cipher;
- return 0;
- }
+ break;
+ case CPERF_ASYM_MODEX:
+ op_fns->populate_ops = cperf_set_ops_asym;
+ break;
#ifdef RTE_LIB_SECURITY
- if (options->op_type == CPERF_PDCP) {
- op_fns->populate_ops = cperf_set_ops_security;
- return 0;
- }
- if (options->op_type == CPERF_DOCSIS) {
+ case CPERF_PDCP:
+ case CPERF_DOCSIS:
op_fns->populate_ops = cperf_set_ops_security;
- return 0;
- }
+ break;
+ case CPERF_IPSEC:
+ op_fns->populate_ops = cperf_set_ops_security_ipsec;
+ break;
#endif
- return -1;
+ default:
+ return -1;
+ }
+
+ return 0;
}
git.droids-corp.org / dpdk.git / blobdiff