#include <fcntl.h>
#include <unistd.h>
+#include <rte_string_fns.h>
#include <rte_atomic.h>
#include <rte_branch_prediction.h>
#include <rte_common.h>
#include <rte_prefetch.h>
#include <rte_random.h>
#include <rte_hexdump.h>
-#ifdef RTE_LIBRTE_PMD_CRYPTO_SCHEDULER
+#ifdef RTE_CRYPTO_SCHEDULER
#include <rte_cryptodev_scheduler.h>
#endif
static uint16_t nb_txd = RTE_TEST_TX_DESC_DEFAULT;
/* ethernet addresses of ports */
-static struct ether_addr l2fwd_ports_eth_addr[RTE_MAX_ETHPORTS];
+static struct rte_ether_addr l2fwd_ports_eth_addr[RTE_MAX_ETHPORTS];
/* mask of enabled ports */
static uint64_t l2fwd_enabled_port_mask;
struct rte_crypto_sym_xform cipher_xform;
unsigned ckey_param;
int ckey_random_size;
+ uint8_t cipher_key[MAX_KEY_SIZE];
struct l2fwd_iv cipher_iv;
unsigned int cipher_iv_param;
struct rte_crypto_sym_xform auth_xform;
uint8_t akey_param;
int akey_random_size;
+ uint8_t auth_key[MAX_KEY_SIZE];
struct l2fwd_iv auth_iv;
unsigned int auth_iv_param;
struct rte_crypto_sym_xform aead_xform;
unsigned int aead_key_param;
int aead_key_random_size;
+ uint8_t aead_key[MAX_KEY_SIZE];
struct l2fwd_iv aead_iv;
unsigned int aead_iv_param;
static struct rte_eth_conf port_conf = {
.rxmode = {
.mq_mode = ETH_MQ_RX_NONE,
- .max_rx_pkt_len = ETHER_MAX_LEN,
+ .max_rx_pkt_len = RTE_ETHER_MAX_LEN,
.split_hdr_size = 0,
},
.txmode = {
struct rte_mempool *l2fwd_pktmbuf_pool;
struct rte_mempool *l2fwd_crypto_op_pool;
-struct rte_mempool *session_pool_socket[RTE_MAX_NUMA_NODES] = { 0 };
+static struct {
+ struct rte_mempool *sess_mp;
+ struct rte_mempool *priv_mp;
+} session_pool_socket[RTE_MAX_NUMA_NODES];
/* Per-port statistics struct */
struct l2fwd_port_statistics {
total_packets_dropped,
total_packets_errors);
printf("\n====================================================\n");
+
+ fflush(stdout);
}
static int
struct rte_crypto_op *op,
struct l2fwd_crypto_params *cparams)
{
- struct ether_hdr *eth_hdr;
- struct ipv4_hdr *ip_hdr;
+ struct rte_ether_hdr *eth_hdr;
+ struct rte_ipv4_hdr *ip_hdr;
uint32_t ipdata_offset, data_len;
uint32_t pad_len = 0;
char *padding;
- eth_hdr = rte_pktmbuf_mtod(m, struct ether_hdr *);
+ eth_hdr = rte_pktmbuf_mtod(m, struct rte_ether_hdr *);
- if (eth_hdr->ether_type != rte_cpu_to_be_16(ETHER_TYPE_IPv4))
+ if (eth_hdr->ether_type != rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV4))
return -1;
- ipdata_offset = sizeof(struct ether_hdr);
+ ipdata_offset = sizeof(struct rte_ether_hdr);
- ip_hdr = (struct ipv4_hdr *)(rte_pktmbuf_mtod(m, char *) +
+ ip_hdr = (struct rte_ipv4_hdr *)(rte_pktmbuf_mtod(m, char *) +
ipdata_offset);
- ipdata_offset += (ip_hdr->version_ihl & IPV4_HDR_IHL_MASK)
- * IPV4_IHL_MULTIPLIER;
+ ipdata_offset += (ip_hdr->version_ihl & RTE_IPV4_HDR_IHL_MASK)
+ * RTE_IPV4_IHL_MULTIPLIER;
/* Zero pad data to be crypto'd so it is block aligned */
static void
l2fwd_mac_updating(struct rte_mbuf *m, uint16_t dest_portid)
{
- struct ether_hdr *eth;
+ struct rte_ether_hdr *eth;
void *tmp;
- eth = rte_pktmbuf_mtod(m, struct ether_hdr *);
+ eth = rte_pktmbuf_mtod(m, struct rte_ether_hdr *);
/* 02:00:00:00:00:xx */
tmp = ð->d_addr.addr_bytes[0];
*((uint64_t *)tmp) = 0x000000000002 + ((uint64_t)dest_portid << 40);
/* src addr */
- ether_addr_copy(&l2fwd_ports_eth_addr[dest_portid], ð->s_addr);
+ rte_ether_addr_copy(&l2fwd_ports_eth_addr[dest_portid], ð->s_addr);
}
static void
struct l2fwd_crypto_options *options)
{
uint16_t dst_port;
+ uint32_t pad_len;
+ struct rte_ipv4_hdr *ip_hdr;
+ uint32_t ipdata_offset = sizeof(struct rte_ether_hdr);
+ ip_hdr = (struct rte_ipv4_hdr *)(rte_pktmbuf_mtod(m, char *) +
+ ipdata_offset);
dst_port = l2fwd_dst_ports[portid];
if (options->mac_updating)
l2fwd_mac_updating(m, dst_port);
+ if (options->auth_xform.auth.op == RTE_CRYPTO_AUTH_OP_VERIFY)
+ rte_pktmbuf_trim(m, options->auth_xform.auth.digest_length);
+
+ if (options->cipher_xform.cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT) {
+ pad_len = m->pkt_len - rte_be_to_cpu_16(ip_hdr->total_length) -
+ ipdata_offset;
+ rte_pktmbuf_trim(m, pad_len);
+ }
+
l2fwd_send_packet(m, dst_port);
}
return NULL;
uint8_t socket_id = (uint8_t) retval;
- struct rte_mempool *sess_mp = session_pool_socket[socket_id];
if (options->xform_chain == L2FWD_CRYPTO_AEAD) {
first_xform = &options->aead_xform;
first_xform = &options->auth_xform;
}
- session = rte_cryptodev_sym_session_create(sess_mp);
-
+ session = rte_cryptodev_sym_session_create(
+ session_pool_socket[socket_id].sess_mp);
if (session == NULL)
return NULL;
if (rte_cryptodev_sym_session_init(cdev_id, session,
- first_xform, sess_mp) < 0)
+ first_xform,
+ session_pool_socket[socket_id].priv_mp) < 0)
return NULL;
return session;
if (unlikely(timer_tsc >=
(uint64_t)timer_period)) {
- /* do this only on master core */
- if (lcore_id == rte_get_master_lcore()
+ /* do this only on main core */
+ if (lcore_id == rte_get_main_lcore()
&& options->refresh_period) {
print_stats();
timer_tsc = 0;
if (strcmp(lgopts[option_index].name, "cdev_type") == 0) {
retval = parse_cryptodev_type(&options->type, optarg);
if (retval == 0)
- snprintf(options->string_type, MAX_STR_LEN,
- "%s", optarg);
+ strlcpy(options->string_type, optarg, MAX_STR_LEN);
return retval;
}
else if (strcmp(lgopts[option_index].name, "cipher_key") == 0) {
options->ckey_param = 1;
options->cipher_xform.cipher.key.length =
- parse_bytes(options->cipher_xform.cipher.key.data, optarg,
- MAX_KEY_SIZE);
+ parse_bytes(options->cipher_key, optarg, MAX_KEY_SIZE);
if (options->cipher_xform.cipher.key.length > 0)
return 0;
else
else if (strcmp(lgopts[option_index].name, "auth_key") == 0) {
options->akey_param = 1;
options->auth_xform.auth.key.length =
- parse_bytes(options->auth_xform.auth.key.data, optarg,
- MAX_KEY_SIZE);
+ parse_bytes(options->auth_key, optarg, MAX_KEY_SIZE);
if (options->auth_xform.auth.key.length > 0)
return 0;
else
else if (strcmp(lgopts[option_index].name, "aead_key") == 0) {
options->aead_key_param = 1;
options->aead_xform.aead.key.length =
- parse_bytes(options->aead_xform.aead.key.data, optarg,
- MAX_KEY_SIZE);
+ parse_bytes(options->aead_key, optarg, MAX_KEY_SIZE);
if (options->aead_xform.aead.key.length > 0)
return 0;
else
uint16_t portid;
uint8_t count, all_ports_up, print_flag = 0;
struct rte_eth_link link;
+ int ret;
+ char link_status_text[RTE_ETH_LINK_MAX_STR_LEN];
printf("\nChecking link status");
fflush(stdout);
if ((port_mask & (1 << portid)) == 0)
continue;
memset(&link, 0, sizeof(link));
- rte_eth_link_get_nowait(portid, &link);
+ ret = rte_eth_link_get_nowait(portid, &link);
+ if (ret < 0) {
+ all_ports_up = 0;
+ if (print_flag == 1)
+ printf("Port %u link get failed: %s\n",
+ portid, rte_strerror(-ret));
+ continue;
+ }
/* print link status if flag set */
if (print_flag == 1) {
- if (link.link_status)
- printf(
- "Port%d Link Up. Speed %u Mbps - %s\n",
- portid, link.link_speed,
- (link.link_duplex == ETH_LINK_FULL_DUPLEX) ?
- ("full-duplex") : ("half-duplex\n"));
- else
- printf("Port %d Link Down\n", portid);
+ rte_eth_link_to_str(link_status_text,
+ sizeof(link_status_text), &link);
+ printf("Port %d %s\n", portid,
+ link_status_text);
continue;
}
/* clear all_ports_up flag if any link down */
cap->sym.cipher.key_size.max,
cap->sym.cipher.key_size.increment)
!= 0) {
- RTE_LOG(DEBUG, USER1,
- "Device %u does not support cipher "
- "key length\n",
+ if (dev_info.feature_flags &
+ RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY) {
+ RTE_LOG(DEBUG, USER1,
+ "Key length does not match the device "
+ "%u capability. Key may be wrapped\n",
cdev_id);
- return -1;
+ } else {
+ RTE_LOG(DEBUG, USER1,
+ "Key length does not match the device "
+ "%u capability\n",
+ cdev_id);
+ return -1;
+ }
}
+
/*
* Check if length of the cipher key to be randomly generated
* is supported by the algorithm chosen.
if (enabled_cdevs[cdev_id] == 0)
continue;
+ if (check_cryptodev_mask(options, cdev_id) < 0)
+ continue;
+
+ if (check_capabilities(options, cdev_id) < 0)
+ continue;
+
retval = rte_cryptodev_socket_id(cdev_id);
if (retval < 0) {
struct rte_cryptodev_config conf = {
.nb_queue_pairs = 1,
.socket_id = socket_id,
+ .ff_disable = RTE_CRYPTODEV_FF_SECURITY,
};
rte_cryptodev_info_get(cdev_id, &dev_info);
* (one for the header, one for the private data)
*/
if (!strcmp(dev_info.driver_name, "crypto_scheduler")) {
-#ifdef RTE_LIBRTE_PMD_CRYPTO_SCHEDULER
- uint32_t nb_slaves =
- rte_cryptodev_scheduler_slaves_get(cdev_id,
+#ifdef RTE_CRYPTO_SCHEDULER
+ uint32_t nb_workers =
+ rte_cryptodev_scheduler_workers_get(cdev_id,
NULL);
- sessions_needed = 2 * enabled_cdev_count * nb_slaves;
+ sessions_needed = enabled_cdev_count * nb_workers;
#endif
} else
- sessions_needed = 2 * enabled_cdev_count;
+ sessions_needed = enabled_cdev_count;
- if (session_pool_socket[socket_id] == NULL) {
+ if (session_pool_socket[socket_id].priv_mp == NULL) {
char mp_name[RTE_MEMPOOL_NAMESIZE];
- struct rte_mempool *sess_mp;
snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
- "sess_mp_%u", socket_id);
+ "priv_sess_mp_%u", socket_id);
- /*
- * Create enough objects for session headers and
- * device private data
- */
- sess_mp = rte_mempool_create(mp_name,
+ session_pool_socket[socket_id].priv_mp =
+ rte_mempool_create(mp_name,
sessions_needed,
max_sess_sz,
- SESSION_POOL_CACHE_SIZE,
- 0, NULL, NULL, NULL,
+ 0, 0, NULL, NULL, NULL,
NULL, socket_id,
0);
- if (sess_mp == NULL) {
- printf("Cannot create session pool on socket %d\n",
+ if (session_pool_socket[socket_id].priv_mp == NULL) {
+ printf("Cannot create pool on socket %d\n",
+ socket_id);
+ return -ENOMEM;
+ }
+
+ printf("Allocated pool \"%s\" on socket %d\n",
+ mp_name, socket_id);
+ }
+
+ if (session_pool_socket[socket_id].sess_mp == NULL) {
+ char mp_name[RTE_MEMPOOL_NAMESIZE];
+ snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
+ "sess_mp_%u", socket_id);
+
+ session_pool_socket[socket_id].sess_mp =
+ rte_cryptodev_sym_session_pool_create(
+ mp_name,
+ sessions_needed,
+ 0, 0, 0, socket_id);
+
+ if (session_pool_socket[socket_id].sess_mp == NULL) {
+ printf("Cannot create pool on socket %d\n",
socket_id);
return -ENOMEM;
}
- printf("Allocated session pool on socket %d\n", socket_id);
- session_pool_socket[socket_id] = sess_mp;
+ printf("Allocated pool \"%s\" on socket %d\n",
+ mp_name, socket_id);
}
/* Set AEAD parameters */
options->aead_xform.aead.key.length =
cap->sym.aead.key_size.min;
- generate_random_key(
- options->aead_xform.aead.key.data,
+ generate_random_key(options->aead_key,
options->aead_xform.aead.key.length);
}
options->cipher_xform.cipher.key.length =
cap->sym.cipher.key_size.min;
- generate_random_key(
- options->cipher_xform.cipher.key.data,
+ generate_random_key(options->cipher_key,
options->cipher_xform.cipher.key.length);
}
}
options->auth_xform.auth.key.length =
cap->sym.auth.key_size.min;
- generate_random_key(
- options->auth_xform.auth.key.data,
+ generate_random_key(options->auth_key,
options->auth_xform.auth.key.length);
}
}
qp_conf.nb_descriptors = 2048;
- qp_conf.mp_session = session_pool_socket[socket_id];
- qp_conf.mp_session_private = session_pool_socket[socket_id];
+ qp_conf.mp_session = session_pool_socket[socket_id].sess_mp;
+ qp_conf.mp_session_private =
+ session_pool_socket[socket_id].priv_mp;
retval = rte_cryptodev_queue_pair_setup(cdev_id, 0, &qp_conf,
socket_id);
/* init port */
printf("Initializing port %u... ", portid);
fflush(stdout);
- rte_eth_dev_info_get(portid, &dev_info);
+
+ retval = rte_eth_dev_info_get(portid, &dev_info);
+ if (retval != 0) {
+ printf("Error during getting device (port %u) info: %s\n",
+ portid, strerror(-retval));
+ return retval;
+ }
+
if (dev_info.tx_offload_capa & DEV_TX_OFFLOAD_MBUF_FAST_FREE)
local_port_conf.txmode.offloads |=
DEV_TX_OFFLOAD_MBUF_FAST_FREE;
return -1;
}
- rte_eth_promiscuous_enable(portid);
+ retval = rte_eth_promiscuous_enable(portid);
+ if (retval != 0) {
+ printf("rte_eth_promiscuous_enable:err=%s, port=%u\n",
+ rte_strerror(-retval), portid);
+ return -1;
+ }
- rte_eth_macaddr_get(portid, &l2fwd_ports_eth_addr[portid]);
+ retval = rte_eth_macaddr_get(portid,
+ &l2fwd_ports_eth_addr[portid]);
+ if (retval < 0) {
+ printf("rte_eth_macaddr_get :err=%d, port=%u\n",
+ retval, portid);
+ return -1;
+ }
printf("Port %u, MAC address: %02X:%02X:%02X:%02X:%02X:%02X\n\n",
portid,
static void
reserve_key_memory(struct l2fwd_crypto_options *options)
{
- options->cipher_xform.cipher.key.data = rte_malloc("crypto key",
- MAX_KEY_SIZE, 0);
- if (options->cipher_xform.cipher.key.data == NULL)
- rte_exit(EXIT_FAILURE, "Failed to allocate memory for cipher key");
+ options->cipher_xform.cipher.key.data = options->cipher_key;
- options->auth_xform.auth.key.data = rte_malloc("auth key",
- MAX_KEY_SIZE, 0);
- if (options->auth_xform.auth.key.data == NULL)
- rte_exit(EXIT_FAILURE, "Failed to allocate memory for auth key");
+ options->auth_xform.auth.key.data = options->auth_key;
- options->aead_xform.aead.key.data = rte_malloc("aead key",
- MAX_KEY_SIZE, 0);
- if (options->aead_xform.aead.key.data == NULL)
- rte_exit(EXIT_FAILURE, "Failed to allocate memory for AEAD key");
+ options->aead_xform.aead.key.data = options->aead_key;
options->cipher_iv.data = rte_malloc("cipher iv", MAX_KEY_SIZE, 0);
if (options->cipher_iv.data == NULL)
/* create the mbuf pool */
l2fwd_pktmbuf_pool = rte_pktmbuf_pool_create("mbuf_pool", NB_MBUF, 512,
- sizeof(struct rte_crypto_op),
+ RTE_ALIGN(sizeof(struct rte_crypto_op),
+ RTE_CACHE_LINE_SIZE),
RTE_MBUF_DEFAULT_BUF_SIZE, rte_socket_id());
if (l2fwd_pktmbuf_pool == NULL)
rte_exit(EXIT_FAILURE, "Cannot create mbuf pool\n");
/* launch per-lcore init on every lcore */
rte_eal_mp_remote_launch(l2fwd_launch_one_lcore, (void *)&options,
- CALL_MASTER);
- RTE_LCORE_FOREACH_SLAVE(lcore_id) {
+ CALL_MAIN);
+ RTE_LCORE_FOREACH_WORKER(lcore_id) {
if (rte_eal_wait_lcore(lcore_id) < 0)
return -1;
}
+ /* clean up the EAL */
+ rte_eal_cleanup();
+
return 0;
}