-.. BSD LICENSE
- Copyright(c) 2015-2016 Intel Corporation. All rights reserved.
-
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions
- are met:
-
- * Redistributions of source code must retain the above copyright
- notice, this list of conditions and the following disclaimer.
- * Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in
- the documentation and/or other materials provided with the
- distribution.
- * Neither the name of Intel Corporation nor the names of its
- contributors may be used to endorse or promote products derived
- from this software without specific prior written permission.
-
- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+.. SPDX-License-Identifier: BSD-3-Clause
+ Copyright(c) 2015-2016 Intel Corporation.
Intel(R) QuickAssist (QAT) Crypto Poll Mode Driver
==================================================
* ``RTE_CRYPTO_AUTH_ZUC_EIA3``
Supported AEAD algorithms:
+
* ``RTE_CRYPTO_AEAD_AES_GCM``
* Only supports the session-oriented API implementation (session-less APIs are not supported).
* SNOW 3G (UEA2), KASUMI (F8) and ZUC (EEA3) supported only if cipher length and offset fields are byte-multiple.
-* SNOW 3G (UIA2), KASUMI (F9) and ZUC (EIA3) supported only if hash length and offset fields are byte-multiple.
+* SNOW 3G (UIA2) and ZUC (EIA3) supported only if hash length and offset fields are byte-multiple.
* No BSD support as BSD QAT kernel driver not available.
* ZUC EEA3/EIA3 is not supported by dh895xcc devices
* Maximum additional authenticated data (AAD) for GCM is 240 bytes long.
+* Queue pairs are not thread-safe (that is, within a single queue pair, RX and TX from different lcores is not supported).
Installation
.. _table_qat_pmds_drivers:
-.. table:: QAT devices and drivers
+.. table:: QAT device generations, devices and drivers
- +----------+--------+---------------+------------+--------+---------+--------+------------+
- | Device | Driver | Kernel Module | Pci Driver | PF Did | Num PFs | Vf Did | VFs per PF |
- +==========+========+===============+============+========+=========+========+============+
- | DH895xCC | 01.org | icp_qa_al | n/a | 435 | 1 | 443 | 32 |
- +----------+--------+---------------+------------+--------+---------+--------+------------+
- | DH895xCC | 4.4+ | qat_dh895xcc | dh895xcc | 435 | 1 | 443 | 32 |
- +----------+--------+---------------+------------+--------+---------+--------+------------+
- | C62x | 4.5+ | qat_c62x | c6xx | 37c8 | 3 | 37c9 | 16 |
- +----------+--------+---------------+------------+--------+---------+--------+------------+
- | C3xxx | 4.5+ | qat_c3xxx | c3xxx | 19e2 | 1 | 19e3 | 16 |
- +----------+--------+---------------+------------+--------+---------+--------+------------+
- | D15xx | p | qat_d15xx | d15xx | 6f54 | 1 | 6f55 | 16 |
- +----------+--------+---------------+------------+--------+---------+--------+------------+
+ +-----+----------+--------+---------------+------------+--------+------+--------+--------+
+ | Gen | Device | Driver | Kernel Module | Pci Driver | PF Did | #PFs | Vf Did | VFs/PF |
+ +=====+==========+========+===============+============+========+======+========+========+
+ | 1 | DH895xCC | 01.org | icp_qa_al | n/a | 435 | 1 | 443 | 32 |
+ +-----+----------+--------+---------------+------------+--------+------+--------+--------+
+ | 1 | DH895xCC | 4.4+ | qat_dh895xcc | dh895xcc | 435 | 1 | 443 | 32 |
+ +-----+----------+--------+---------------+------------+--------+------+--------+--------+
+ | 2 | C62x | 4.5+ | qat_c62x | c6xx | 37c8 | 3 | 37c9 | 16 |
+ +-----+----------+--------+---------------+------------+--------+------+--------+--------+
+ | 2 | C3xxx | 4.5+ | qat_c3xxx | c3xxx | 19e2 | 1 | 19e3 | 16 |
+ +-----+----------+--------+---------------+------------+--------+------+--------+--------+
+ | 2 | D15xx | p | qat_d15xx | d15xx | 6f54 | 1 | 6f55 | 16 |
+ +-----+----------+--------+---------------+------------+--------+------+--------+--------+
The ``Driver`` column indicates either the Linux kernel version in which
First find the BDFs (Bus-Device-Function) of the physical functions (PFs) of
your device, e.g.::
- lspci -d : 37c8
+ lspci -d:37c8
You should see output similar to::
cd to the top-level DPDK directory
./usertools/dpdk-devbind.py -b igb_uio 0000:03:01.1
+
+
+Extra notes on KASUMI F9
+------------------------
+
+When using KASUMI F9 authentication algorithm, the input buffer must be
+constructed according to the 3GPP KASUMI specifications (section 4.4, page 13):
+`<http://cryptome.org/3gpp/35201-900.pdf>`_.
+Input buffer has to have COUNT (4 bytes), FRESH (4 bytes), MESSAGE and DIRECTION (1 bit)
+concatenated. After the DIRECTION bit, a single '1' bit is appended, followed by
+between 0 and 7 '0' bits, so that the total length of the buffer is multiple of 8 bits.
+Note that the actual message can be any length, specified in bits.
+
+Once this buffer is passed this way, when creating the crypto operation,
+length of data to authenticate (op.sym.auth.data.length) must be the length
+of all the items described above, including the padding at the end.
+Also, offset of data to authenticate (op.sym.auth.data.offset)
+must be such that points at the start of the COUNT bytes.
+
+Device and driver naming
+------------------------
+
+The qat crypto driver name is "crypto_qat".
+This name is passed to the dpdk-test-crypto-perf tool in the -devtype parameter.
+The rte_cryptodev_devices_get() can return the devices exposed by a driver.
+
+Each qat crypto device has a unique name, in format
+<pci bdf>_<service>, e.g. "0000:41:01.0_qat_sym".
+This name can be passed to rte_cryptodev_get_dev_id() to get the device_id.
+This is also the format of the slave parameter passed to the crypto scheduler.
+
+Debugging
+----------------------------------------
+
+There are 2 sets of trace available via the dynamic logging feature:
+
+* pmd.qat_dp exposes trace on the data-path.
+* pmd.qat_general exposes all other trace.
+
+pmd.qat exposes both sets of traces.
+They can be enabled using the log-level option (where 8=maximum log level) on
+the process cmdline, e.g. using any of the following::
+
+ --log-level="pmd.qat_general,8"
+ --log-level="pmd.qat_dp,8"
+ --log-level="pmd.qat,8"
+
+.. Note::
+
+ The global RTE_LOG_DP_LEVEL overrides data-path trace so must be set to
+ RTE_LOG_DEBUG to see all the trace. This variable is in config/rte_config.h
+ for meson build and config/common_base for gnu make.
+ Also the dynamic global log level overrides both sets of trace, so e.g. no
+ QAT trace would display in this case::
+
+ --log-level="7" --log-level="pmd.qat_general,8"