#include <rte_malloc.h>
#include <rte_pci.h>
#include <rte_cryptodev_pmd.h>
+#ifdef RTE_LIBRTE_SECURITY
+#include <rte_security_driver.h>
+#endif
#include "qat_logs.h"
#include "qat_sym.h"
#include "qat_sym_session.h"
#include "qat_sym_pmd.h"
-uint8_t cryptodev_qat_driver_id;
+#define MIXED_CRYPTO_MIN_FW_VER 0x04090000
+
+uint8_t qat_sym_driver_id;
static const struct rte_cryptodev_capabilities qat_gen1_sym_capabilities[] = {
QAT_BASE_GEN1_SYM_CAPABILITIES,
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
+#ifdef RTE_LIBRTE_SECURITY
+static const struct rte_cryptodev_capabilities
+ qat_security_sym_capabilities[] = {
+ QAT_SECURITY_SYM_CAPABILITIES,
+ RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
+};
+
+static const struct rte_security_capability qat_security_capabilities[] = {
+ QAT_SECURITY_CAPABILITIES(qat_security_sym_capabilities),
+ {
+ .action = RTE_SECURITY_ACTION_TYPE_NONE
+ }
+};
+#endif
+
static int qat_sym_qp_release(struct rte_cryptodev *dev,
uint16_t queue_pair_id);
qat_qps_per_service(sym_hw_qps, QAT_SERVICE_SYMMETRIC);
info->feature_flags = dev->feature_flags;
info->capabilities = internals->qat_dev_capabilities;
- info->driver_id = cryptodev_qat_driver_id;
+ info->driver_id = qat_sym_driver_id;
/* No limit of number of sessions */
info->sym.max_nb_sessions = 0;
}
qat_sgl_dst);
}
+ /* Get fw version from QAT (GEN2), skip if we've got it already */
+ if (qp->qat_dev_gen == QAT_GEN2 && !(qat_private->internal_capabilities
+ & QAT_SYM_CAP_VALID)) {
+ ret = qat_cq_get_fw_version(qp);
+
+ if (ret < 0) {
+ qat_sym_qp_release(dev, qp_id);
+ return ret;
+ }
+
+ if (ret != 0)
+ QAT_LOG(DEBUG, "QAT firmware version: %d.%d.%d",
+ (ret >> 24) & 0xff,
+ (ret >> 16) & 0xff,
+ (ret >> 8) & 0xff);
+ else
+ QAT_LOG(DEBUG, "unknown QAT firmware version");
+
+ /* set capabilities based on the fw version */
+ qat_private->internal_capabilities = QAT_SYM_CAP_VALID |
+ ((ret >= MIXED_CRYPTO_MIN_FW_VER) ?
+ QAT_SYM_CAP_MIXED_CRYPTO : 0);
+ ret = 0;
+ }
+
return ret;
}
.sym_session_clear = qat_sym_session_clear
};
+#ifdef RTE_LIBRTE_SECURITY
+static const struct rte_security_capability *
+qat_security_cap_get(void *device __rte_unused)
+{
+ return qat_security_capabilities;
+}
+
+static struct rte_security_ops security_qat_ops = {
+
+ .session_create = qat_security_session_create,
+ .session_update = NULL,
+ .session_stats_get = NULL,
+ .session_destroy = qat_security_session_destroy,
+ .set_pkt_metadata = NULL,
+ .capabilities_get = qat_security_cap_get
+};
+#endif
+
static uint16_t
qat_sym_pmd_enqueue_op_burst(void *qp, struct rte_crypto_op **ops,
uint16_t nb_ops)
struct qat_dev_cmd_param *qat_dev_cmd_param __rte_unused)
{
int i = 0;
+ struct qat_device_info *qat_dev_instance =
+ &qat_pci_devs[qat_pci_dev->qat_dev_id];
+
struct rte_cryptodev_pmd_init_params init_params = {
.name = "",
- .socket_id = qat_pci_dev->pci_dev->device.numa_node,
+ .socket_id =
+ qat_dev_instance->pci_dev->device.numa_node,
.private_data_size = sizeof(struct qat_sym_dev_private)
};
char name[RTE_CRYPTODEV_NAME_MAX_LEN];
struct rte_cryptodev *cryptodev;
struct qat_sym_dev_private *internals;
+ /*
+ * All processes must use same driver id so they can share sessions.
+ * Store driver_id so we can validate that all processes have the same
+ * value, typically they have, but could differ if binaries built
+ * separately.
+ */
+ if (rte_eal_process_type() == RTE_PROC_PRIMARY) {
+ qat_pci_dev->qat_sym_driver_id =
+ qat_sym_driver_id;
+ } else if (rte_eal_process_type() == RTE_PROC_SECONDARY) {
+ if (qat_pci_dev->qat_sym_driver_id !=
+ qat_sym_driver_id) {
+ QAT_LOG(ERR,
+ "Device %s have different driver id than corresponding device in primary process",
+ name);
+ return -(EFAULT);
+ }
+ }
+
+#ifdef RTE_LIBRTE_SECURITY
+ struct rte_security_ctx *security_instance;
+#endif
+
snprintf(name, RTE_CRYPTODEV_NAME_MAX_LEN, "%s_%s",
qat_pci_dev->name, "sym");
QAT_LOG(DEBUG, "Creating QAT SYM device %s", name);
/* Populate subset device to use in cryptodev device creation */
- qat_pci_dev->sym_rte_dev.driver = &cryptodev_qat_sym_driver;
- qat_pci_dev->sym_rte_dev.numa_node =
- qat_pci_dev->pci_dev->device.numa_node;
- qat_pci_dev->sym_rte_dev.devargs = NULL;
+ qat_dev_instance->sym_rte_dev.driver = &cryptodev_qat_sym_driver;
+ qat_dev_instance->sym_rte_dev.numa_node =
+ qat_dev_instance->pci_dev->device.numa_node;
+ qat_dev_instance->sym_rte_dev.devargs = NULL;
cryptodev = rte_cryptodev_pmd_create(name,
- &(qat_pci_dev->sym_rte_dev), &init_params);
+ &(qat_dev_instance->sym_rte_dev), &init_params);
if (cryptodev == NULL)
return -ENODEV;
- qat_pci_dev->sym_rte_dev.name = cryptodev->data->name;
- cryptodev->driver_id = cryptodev_qat_driver_id;
+ qat_dev_instance->sym_rte_dev.name = cryptodev->data->name;
+ cryptodev->driver_id = qat_sym_driver_id;
cryptodev->dev_ops = &crypto_qat_ops;
cryptodev->enqueue_burst = qat_sym_pmd_enqueue_op_burst;
RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT |
RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT |
- RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED;
+ RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED |
+ RTE_CRYPTODEV_FF_SECURITY;
+
+ if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+ return 0;
+
+#ifdef RTE_LIBRTE_SECURITY
+ security_instance = rte_malloc("qat_sec",
+ sizeof(struct rte_security_ctx),
+ RTE_CACHE_LINE_SIZE);
+ if (security_instance == NULL) {
+ QAT_LOG(ERR, "rte_security_ctx memory alloc failed");
+ rte_cryptodev_pmd_destroy(cryptodev);
+ return -ENOMEM;
+ }
+
+ security_instance->device = (void *)cryptodev;
+ security_instance->ops = &security_qat_ops;
+ security_instance->sess_cnt = 0;
+ cryptodev->security_ctx = security_instance;
+#endif
internals = cryptodev->data->dev_private;
internals->qat_dev = qat_pci_dev;
- qat_pci_dev->sym_dev = internals;
internals->sym_dev_id = cryptodev->data->dev_id;
switch (qat_pci_dev->qat_dev_gen) {
internals->qat_dev_capabilities = qat_gen2_sym_capabilities;
break;
default:
- internals->qat_dev_capabilities = qat_gen2_sym_capabilities;
QAT_LOG(DEBUG,
"QAT gen %d capabilities unknown, default to GEN2",
qat_pci_dev->qat_dev_gen);
i++;
}
+ qat_pci_dev->sym_dev = internals;
QAT_LOG(DEBUG, "Created QAT SYM device %s as cryptodev instance %d",
cryptodev->data->name, internals->sym_dev_id);
+
return 0;
}
/* free crypto device */
cryptodev = rte_cryptodev_pmd_get_dev(qat_pci_dev->sym_dev->sym_dev_id);
+#ifdef RTE_LIBRTE_SECURITY
+ rte_free(cryptodev->security_ctx);
+#endif
rte_cryptodev_pmd_destroy(cryptodev);
- qat_pci_dev->sym_rte_dev.name = NULL;
+ qat_pci_devs[qat_pci_dev->qat_dev_id].sym_rte_dev.name = NULL;
qat_pci_dev->sym_dev = NULL;
return 0;
static struct cryptodev_driver qat_crypto_drv;
RTE_PMD_REGISTER_CRYPTO_DRIVER(qat_crypto_drv,
cryptodev_qat_sym_driver,
- cryptodev_qat_driver_id);
+ qat_sym_driver_id);