-/*-
- *
- * Copyright(c) 2015-2016 Intel Corporation. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- * * Neither the name of Intel Corporation nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2015-2020 Intel Corporation.
*/
#ifndef _RTE_CRYPTODEV_H_
*
* Defines RTE Crypto Device APIs for the provisioning of cipher and
* authentication operations.
- *
- * @warning
- * @b EXPERIMENTAL: this API may change without prior notice
*/
#ifdef __cplusplus
extern "C" {
#endif
-#include "stddef.h"
-
+#include "rte_kvargs.h"
#include "rte_crypto.h"
#include "rte_dev.h"
+#include <rte_common.h>
+#include <rte_config.h>
-#define CRYPTODEV_NAME_NULL_PMD ("cryptodev_null_pmd")
-/**< Null crypto PMD device name */
-#define CRYPTODEV_NAME_AESNI_MB_PMD ("cryptodev_aesni_mb_pmd")
-/**< AES-NI Multi buffer PMD device name */
-#define CRYPTODEV_NAME_QAT_SYM_PMD ("cryptodev_qat_sym_pmd")
-/**< Intel QAT Symmetric Crypto PMD device name */
-
-/** Crypto device type */
-enum rte_cryptodev_type {
- RTE_CRYPTODEV_NULL_PMD = 1, /**< Null crypto PMD */
- RTE_CRYPTODEV_AESNI_MB_PMD, /**< AES-NI multi buffer PMD */
- RTE_CRYPTODEV_QAT_SYM_PMD, /**< QAT PMD Symmetric Crypto */
-};
+#include "rte_cryptodev_trace_fp.h"
+
+extern const char **rte_cyptodev_names;
/* Logging Macros */
-#define CDEV_LOG_ERR(fmt, args...) \
- RTE_LOG(ERR, CRYPTODEV, "%s() line %u: " fmt "\n", \
- __func__, __LINE__, ## args)
+#define CDEV_LOG_ERR(...) \
+ RTE_LOG(ERR, CRYPTODEV, \
+ RTE_FMT("%s() line %u: " RTE_FMT_HEAD(__VA_ARGS__,) "\n", \
+ __func__, __LINE__, RTE_FMT_TAIL(__VA_ARGS__,)))
-#define CDEV_PMD_LOG_ERR(dev, fmt, args...) \
- RTE_LOG(ERR, CRYPTODEV, "[%s] %s() line %u: " fmt "\n", \
- dev, __func__, __LINE__, ## args)
+#define CDEV_LOG_INFO(...) \
+ RTE_LOG(INFO, CRYPTODEV, \
+ RTE_FMT(RTE_FMT_HEAD(__VA_ARGS__,) "\n", \
+ RTE_FMT_TAIL(__VA_ARGS__,)))
-#ifdef RTE_LIBRTE_CRYPTODEV_DEBUG
-#define CDEV_LOG_DEBUG(fmt, args...) \
- RTE_LOG(DEBUG, CRYPTODEV, "%s() line %u: " fmt "\n", \
- __func__, __LINE__, ## args) \
+#define CDEV_LOG_DEBUG(...) \
+ RTE_LOG(DEBUG, CRYPTODEV, \
+ RTE_FMT("%s() line %u: " RTE_FMT_HEAD(__VA_ARGS__,) "\n", \
+ __func__, __LINE__, RTE_FMT_TAIL(__VA_ARGS__,)))
-#define CDEV_PMD_TRACE(fmt, args...) \
- RTE_LOG(DEBUG, CRYPTODEV, "[%s] %s: " fmt "\n", \
- dev, __func__, ## args)
+#define CDEV_PMD_TRACE(...) \
+ RTE_LOG(DEBUG, CRYPTODEV, \
+ RTE_FMT("[%s] %s: " RTE_FMT_HEAD(__VA_ARGS__,) "\n", \
+ dev, __func__, RTE_FMT_TAIL(__VA_ARGS__,)))
-#else
-#define CDEV_LOG_DEBUG(fmt, args...)
-#define CDEV_PMD_TRACE(fmt, args...)
-#endif
+/**
+ * A macro that points to an offset from the start
+ * of the crypto operation structure (rte_crypto_op)
+ *
+ * The returned pointer is cast to type t.
+ *
+ * @param c
+ * The crypto operation.
+ * @param o
+ * The offset from the start of the crypto operation.
+ * @param t
+ * The type to cast the result into.
+ */
+#define rte_crypto_op_ctod_offset(c, t, o) \
+ ((t)((char *)(c) + (o)))
+
+/**
+ * A macro that returns the physical address that points
+ * to an offset from the start of the crypto operation
+ * (rte_crypto_op)
+ *
+ * @param c
+ * The crypto operation.
+ * @param o
+ * The offset from the start of the crypto operation
+ * to calculate address from.
+ */
+#define rte_crypto_op_ctophys_offset(c, o) \
+ (rte_iova_t)((c)->phys_addr + (o))
+
+/**
+ * Crypto parameters range description
+ */
+struct rte_crypto_param_range {
+ uint16_t min; /**< minimum size */
+ uint16_t max; /**< maximum size */
+ uint16_t increment;
+ /**< if a range of sizes are supported,
+ * this parameter is used to indicate
+ * increments in byte size that are supported
+ * between the minimum and maximum
+ */
+};
+
+/**
+ * Symmetric Crypto Capability
+ */
+struct rte_cryptodev_symmetric_capability {
+ enum rte_crypto_sym_xform_type xform_type;
+ /**< Transform type : Authentication / Cipher / AEAD */
+ RTE_STD_C11
+ union {
+ struct {
+ enum rte_crypto_auth_algorithm algo;
+ /**< authentication algorithm */
+ uint16_t block_size;
+ /**< algorithm block size */
+ struct rte_crypto_param_range key_size;
+ /**< auth key size range */
+ struct rte_crypto_param_range digest_size;
+ /**< digest size range */
+ struct rte_crypto_param_range aad_size;
+ /**< Additional authentication data size range */
+ struct rte_crypto_param_range iv_size;
+ /**< Initialisation vector data size range */
+ } auth;
+ /**< Symmetric Authentication transform capabilities */
+ struct {
+ enum rte_crypto_cipher_algorithm algo;
+ /**< cipher algorithm */
+ uint16_t block_size;
+ /**< algorithm block size */
+ struct rte_crypto_param_range key_size;
+ /**< cipher key size range */
+ struct rte_crypto_param_range iv_size;
+ /**< Initialisation vector data size range */
+ } cipher;
+ /**< Symmetric Cipher transform capabilities */
+ struct {
+ enum rte_crypto_aead_algorithm algo;
+ /**< AEAD algorithm */
+ uint16_t block_size;
+ /**< algorithm block size */
+ struct rte_crypto_param_range key_size;
+ /**< AEAD key size range */
+ struct rte_crypto_param_range digest_size;
+ /**< digest size range */
+ struct rte_crypto_param_range aad_size;
+ /**< Additional authentication data size range */
+ struct rte_crypto_param_range iv_size;
+ /**< Initialisation vector data size range */
+ } aead;
+ };
+};
+
+/**
+ * Asymmetric Xform Crypto Capability
+ *
+ */
+struct rte_cryptodev_asymmetric_xform_capability {
+ enum rte_crypto_asym_xform_type xform_type;
+ /**< Transform type: RSA/MODEXP/DH/DSA/MODINV */
+
+ uint32_t op_types;
+ /**< bitmask for supported rte_crypto_asym_op_type */
+
+ __extension__
+ union {
+ struct rte_crypto_param_range modlen;
+ /**< Range of modulus length supported by modulus based xform.
+ * Value 0 mean implementation default
+ */
+ };
+};
+
+/**
+ * Asymmetric Crypto Capability
+ *
+ */
+struct rte_cryptodev_asymmetric_capability {
+ struct rte_cryptodev_asymmetric_xform_capability xform_capa;
+};
+
+
+/** Structure used to capture a capability of a crypto device */
+struct rte_cryptodev_capabilities {
+ enum rte_crypto_op_type op;
+ /**< Operation type */
+
+ RTE_STD_C11
+ union {
+ struct rte_cryptodev_symmetric_capability sym;
+ /**< Symmetric operation capability parameters */
+ struct rte_cryptodev_asymmetric_capability asym;
+ /**< Asymmetric operation capability parameters */
+ };
+};
+
+/** Structure used to describe crypto algorithms */
+struct rte_cryptodev_sym_capability_idx {
+ enum rte_crypto_sym_xform_type type;
+ union {
+ enum rte_crypto_cipher_algorithm cipher;
+ enum rte_crypto_auth_algorithm auth;
+ enum rte_crypto_aead_algorithm aead;
+ } algo;
+};
+
+/**
+ * Structure used to describe asymmetric crypto xforms
+ * Each xform maps to one asym algorithm.
+ *
+ */
+struct rte_cryptodev_asym_capability_idx {
+ enum rte_crypto_asym_xform_type type;
+ /**< Asymmetric xform (algo) type */
+};
+
+/**
+ * Provide capabilities available for defined device and algorithm
+ *
+ * @param dev_id The identifier of the device.
+ * @param idx Description of crypto algorithms.
+ *
+ * @return
+ * - Return description of the symmetric crypto capability if exist.
+ * - Return NULL if the capability not exist.
+ */
+const struct rte_cryptodev_symmetric_capability *
+rte_cryptodev_sym_capability_get(uint8_t dev_id,
+ const struct rte_cryptodev_sym_capability_idx *idx);
+
+/**
+ * Provide capabilities available for defined device and xform
+ *
+ * @param dev_id The identifier of the device.
+ * @param idx Description of asym crypto xform.
+ *
+ * @return
+ * - Return description of the asymmetric crypto capability if exist.
+ * - Return NULL if the capability not exist.
+ */
+__rte_experimental
+const struct rte_cryptodev_asymmetric_xform_capability *
+rte_cryptodev_asym_capability_get(uint8_t dev_id,
+ const struct rte_cryptodev_asym_capability_idx *idx);
+
+/**
+ * Check if key size and initial vector are supported
+ * in crypto cipher capability
+ *
+ * @param capability Description of the symmetric crypto capability.
+ * @param key_size Cipher key size.
+ * @param iv_size Cipher initial vector size.
+ *
+ * @return
+ * - Return 0 if the parameters are in range of the capability.
+ * - Return -1 if the parameters are out of range of the capability.
+ */
+int
+rte_cryptodev_sym_capability_check_cipher(
+ const struct rte_cryptodev_symmetric_capability *capability,
+ uint16_t key_size, uint16_t iv_size);
+
+/**
+ * Check if key size and initial vector are supported
+ * in crypto auth capability
+ *
+ * @param capability Description of the symmetric crypto capability.
+ * @param key_size Auth key size.
+ * @param digest_size Auth digest size.
+ * @param iv_size Auth initial vector size.
+ *
+ * @return
+ * - Return 0 if the parameters are in range of the capability.
+ * - Return -1 if the parameters are out of range of the capability.
+ */
+int
+rte_cryptodev_sym_capability_check_auth(
+ const struct rte_cryptodev_symmetric_capability *capability,
+ uint16_t key_size, uint16_t digest_size, uint16_t iv_size);
+
+/**
+ * Check if key, digest, AAD and initial vector sizes are supported
+ * in crypto AEAD capability
+ *
+ * @param capability Description of the symmetric crypto capability.
+ * @param key_size AEAD key size.
+ * @param digest_size AEAD digest size.
+ * @param aad_size AEAD AAD size.
+ * @param iv_size AEAD IV size.
+ *
+ * @return
+ * - Return 0 if the parameters are in range of the capability.
+ * - Return -1 if the parameters are out of range of the capability.
+ */
+int
+rte_cryptodev_sym_capability_check_aead(
+ const struct rte_cryptodev_symmetric_capability *capability,
+ uint16_t key_size, uint16_t digest_size, uint16_t aad_size,
+ uint16_t iv_size);
+
+/**
+ * Check if op type is supported
+ *
+ * @param capability Description of the asymmetric crypto capability.
+ * @param op_type op type
+ *
+ * @return
+ * - Return 1 if the op type is supported
+ * - Return 0 if unsupported
+ */
+__rte_experimental
+int
+rte_cryptodev_asym_xform_capability_check_optype(
+ const struct rte_cryptodev_asymmetric_xform_capability *capability,
+ enum rte_crypto_asym_op_type op_type);
+
+/**
+ * Check if modulus length is in supported range
+ *
+ * @param capability Description of the asymmetric crypto capability.
+ * @param modlen modulus length.
+ *
+ * @return
+ * - Return 0 if the parameters are in range of the capability.
+ * - Return -1 if the parameters are out of range of the capability.
+ */
+__rte_experimental
+int
+rte_cryptodev_asym_xform_capability_check_modlen(
+ const struct rte_cryptodev_asymmetric_xform_capability *capability,
+ uint16_t modlen);
+
+/**
+ * Provide the cipher algorithm enum, given an algorithm string
+ *
+ * @param algo_enum A pointer to the cipher algorithm
+ * enum to be filled
+ * @param algo_string Authentication algo string
+ *
+ * @return
+ * - Return -1 if string is not valid
+ * - Return 0 is the string is valid
+ */
+int
+rte_cryptodev_get_cipher_algo_enum(enum rte_crypto_cipher_algorithm *algo_enum,
+ const char *algo_string);
+
+/**
+ * Provide the authentication algorithm enum, given an algorithm string
+ *
+ * @param algo_enum A pointer to the authentication algorithm
+ * enum to be filled
+ * @param algo_string Authentication algo string
+ *
+ * @return
+ * - Return -1 if string is not valid
+ * - Return 0 is the string is valid
+ */
+int
+rte_cryptodev_get_auth_algo_enum(enum rte_crypto_auth_algorithm *algo_enum,
+ const char *algo_string);
+
+/**
+ * Provide the AEAD algorithm enum, given an algorithm string
+ *
+ * @param algo_enum A pointer to the AEAD algorithm
+ * enum to be filled
+ * @param algo_string AEAD algorithm string
+ *
+ * @return
+ * - Return -1 if string is not valid
+ * - Return 0 is the string is valid
+ */
+int
+rte_cryptodev_get_aead_algo_enum(enum rte_crypto_aead_algorithm *algo_enum,
+ const char *algo_string);
+
+/**
+ * Provide the Asymmetric xform enum, given an xform string
+ *
+ * @param xform_enum A pointer to the xform type
+ * enum to be filled
+ * @param xform_string xform string
+ *
+ * @return
+ * - Return -1 if string is not valid
+ * - Return 0 if the string is valid
+ */
+__rte_experimental
+int
+rte_cryptodev_asym_get_xform_enum(enum rte_crypto_asym_xform_type *xform_enum,
+ const char *xform_string);
+
+
+/** Macro used at end of crypto PMD list */
+#define RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() \
+ { RTE_CRYPTO_OP_TYPE_UNDEFINED }
+
+
+/**
+ * Crypto device supported feature flags
+ *
+ * Note:
+ * New features flags should be added to the end of the list
+ *
+ * Keep these flags synchronised with rte_cryptodev_get_feature_name()
+ */
+#define RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO (1ULL << 0)
+/**< Symmetric crypto operations are supported */
+#define RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO (1ULL << 1)
+/**< Asymmetric crypto operations are supported */
+#define RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING (1ULL << 2)
+/**< Chaining symmetric crypto operations are supported */
+#define RTE_CRYPTODEV_FF_CPU_SSE (1ULL << 3)
+/**< Utilises CPU SIMD SSE instructions */
+#define RTE_CRYPTODEV_FF_CPU_AVX (1ULL << 4)
+/**< Utilises CPU SIMD AVX instructions */
+#define RTE_CRYPTODEV_FF_CPU_AVX2 (1ULL << 5)
+/**< Utilises CPU SIMD AVX2 instructions */
+#define RTE_CRYPTODEV_FF_CPU_AESNI (1ULL << 6)
+/**< Utilises CPU AES-NI instructions */
+#define RTE_CRYPTODEV_FF_HW_ACCELERATED (1ULL << 7)
+/**< Operations are off-loaded to an
+ * external hardware accelerator
+ */
+#define RTE_CRYPTODEV_FF_CPU_AVX512 (1ULL << 8)
+/**< Utilises CPU SIMD AVX512 instructions */
+#define RTE_CRYPTODEV_FF_IN_PLACE_SGL (1ULL << 9)
+/**< In-place Scatter-gather (SGL) buffers, with multiple segments,
+ * are supported
+ */
+#define RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT (1ULL << 10)
+/**< Out-of-place Scatter-gather (SGL) buffers are
+ * supported in input and output
+ */
+#define RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT (1ULL << 11)
+/**< Out-of-place Scatter-gather (SGL) buffers are supported
+ * in input, combined with linear buffers (LB), with a
+ * single segment in output
+ */
+#define RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT (1ULL << 12)
+/**< Out-of-place Scatter-gather (SGL) buffers are supported
+ * in output, combined with linear buffers (LB) in input
+ */
+#define RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT (1ULL << 13)
+/**< Out-of-place linear buffers (LB) are supported in input and output */
+#define RTE_CRYPTODEV_FF_CPU_NEON (1ULL << 14)
+/**< Utilises CPU NEON instructions */
+#define RTE_CRYPTODEV_FF_CPU_ARM_CE (1ULL << 15)
+/**< Utilises ARM CPU Cryptographic Extensions */
+#define RTE_CRYPTODEV_FF_SECURITY (1ULL << 16)
+/**< Support Security Protocol Processing */
+#define RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP (1ULL << 17)
+/**< Support RSA Private Key OP with exponent */
+#define RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT (1ULL << 18)
+/**< Support RSA Private Key OP with CRT (quintuple) Keys */
+#define RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED (1ULL << 19)
+/**< Support encrypted-digest operations where digest is appended to data */
+#define RTE_CRYPTODEV_FF_ASYM_SESSIONLESS (1ULL << 20)
+/**< Support asymmetric session-less operations */
+#define RTE_CRYPTODEV_FF_SYM_CPU_CRYPTO (1ULL << 21)
+/**< Support symmetric cpu-crypto processing */
+#define RTE_CRYPTODEV_FF_SYM_SESSIONLESS (1ULL << 22)
+/**< Support symmetric session-less operations */
+#define RTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA (1ULL << 23)
+/**< Support operations on data which is not byte aligned */
+#define RTE_CRYPTODEV_FF_SYM_RAW_DP (1ULL << 24)
+/**< Support accelerator specific symmetric raw data-path APIs */
+
+/**
+ * Get the name of a crypto device feature flag
+ *
+ * @param flag The mask describing the flag.
+ *
+ * @return
+ * The name of this flag, or NULL if it's not a valid feature flag.
+ */
+
+extern const char *
+rte_cryptodev_get_feature_name(uint64_t flag);
/** Crypto device information */
struct rte_cryptodev_info {
- const char *driver_name; /**< Driver name. */
- enum rte_cryptodev_type dev_type; /**< Device type */
- struct rte_pci_device *pci_dev; /**< PCI information. */
+ const char *driver_name; /**< Driver name. */
+ uint8_t driver_id; /**< Driver identifier */
+ struct rte_device *device; /**< Generic device information. */
+
+ uint64_t feature_flags;
+ /**< Feature flags exposes HW/SW features for the given device */
+
+ const struct rte_cryptodev_capabilities *capabilities;
+ /**< Array of devices supported capabilities */
unsigned max_nb_queue_pairs;
/**< Maximum number of queues pairs supported by device. */
+ uint16_t min_mbuf_headroom_req;
+ /**< Minimum mbuf headroom required by device */
+
+ uint16_t min_mbuf_tailroom_req;
+ /**< Minimum mbuf tailroom required by device */
+
struct {
unsigned max_nb_sessions;
- /**< Maximum number of sessions supported by device. */
+ /**< Maximum number of sessions supported by device.
+ * If 0, the device does not have any limitation in
+ * number of sessions that can be used.
+ */
} sym;
};
/** Crypto device queue pair configuration structure. */
struct rte_cryptodev_qp_conf {
uint32_t nb_descriptors; /**< Number of descriptors per queue pair */
+ struct rte_mempool *mp_session;
+ /**< The mempool for creating session in sessionless mode */
+ struct rte_mempool *mp_session_private;
+ /**< The mempool for creating sess private data in sessionless mode */
};
/**
/**< Total error count on operations dequeued */
};
+#define RTE_CRYPTODEV_NAME_MAX_LEN (64)
+/**< Max length of name of crypto PMD */
/**
- * Create a virtual crypto device
+ * Get the device identifier for the named crypto device.
*
- * @param name Cryptodev PMD name of device to be created.
- * @param args Options arguments for device.
+ * @param name device name to select the device structure.
*
* @return
- * - On successful creation of the cryptodev the device index is returned,
- * which will be between 0 and rte_cryptodev_count().
- * - In the case of a failure, returns -1.
+ * - Returns crypto device identifier on success.
+ * - Return -1 on failure to find named crypto device.
*/
extern int
-rte_cryptodev_create_vdev(const char *name, const char *args);
+rte_cryptodev_get_dev_id(const char *name);
/**
- * Get the device identifier for the named crypto device.
+ * Get the crypto device name given a device identifier.
*
- * @param name device name to select the device structure.
+ * @param dev_id
+ * The identifier of the device
*
* @return
- * - Returns crypto device identifier on success.
- * - Return -1 on failure to find named crypto device.
+ * - Returns crypto device name.
+ * - Returns NULL if crypto device is not present.
*/
-extern int
-rte_cryptodev_get_dev_id(const char *name);
+extern const char *
+rte_cryptodev_name_get(uint8_t dev_id);
/**
* Get the total number of crypto devices that have been successfully
extern uint8_t
rte_cryptodev_count(void);
+/**
+ * Get number of crypto device defined type.
+ *
+ * @param driver_id driver identifier.
+ *
+ * @return
+ * Returns number of crypto device.
+ */
extern uint8_t
-rte_cryptodev_count_devtype(enum rte_cryptodev_type type);
+rte_cryptodev_device_count_by_driver(uint8_t driver_id);
+
+/**
+ * Get number and identifiers of attached crypto devices that
+ * use the same crypto driver.
+ *
+ * @param driver_name driver name.
+ * @param devices output devices identifiers.
+ * @param nb_devices maximal number of devices.
+ *
+ * @return
+ * Returns number of attached crypto device.
+ */
+uint8_t
+rte_cryptodev_devices_get(const char *driver_name, uint8_t *devices,
+ uint8_t nb_devices);
/*
* Return the NUMA socket to which a device is connected
*
int socket_id; /**< Socket to allocate resources on */
uint16_t nb_queue_pairs;
/**< Number of queue pairs to configure on device */
-
- struct {
- uint32_t nb_objs; /**< Number of objects in mempool */
- uint32_t cache_size; /**< l-core object cache size */
- } session_mp; /**< Session mempool configuration */
+ uint64_t ff_disable;
+ /**< Feature flags to be disabled. Only the following features are
+ * allowed to be disabled,
+ * - RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO
+ * - RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO
+ * - RTE_CRYTPODEV_FF_SECURITY
+ */
};
/**
* Configure a device.
*
- * EXPERIMENTAL: this API file may change without prior notice
- *
* This function must be invoked first before any other function in the
* API. This function can also be re-invoked when a device is in the
* stopped state.
* - 1] previously supplied to
* rte_cryptodev_configure().
* @param qp_conf The pointer to the configuration data to be
- * used for the queue pair. NULL value is
- * allowed, in which case default configuration
- * will be used.
+ * used for the queue pair.
* @param socket_id The *socket_id* argument is the socket
* identifier in case of NUMA. The value can be
* *SOCKET_ID_ANY* if there is no NUMA constraint
const struct rte_cryptodev_qp_conf *qp_conf, int socket_id);
/**
- * Start a specified queue pair of a device. It is used
- * when deferred_start flag of the specified queue is true.
+ * Get the status of queue pairs setup on a specific crypto device
*
- * @param dev_id The identifier of the device
- * @param queue_pair_id The index of the queue pair to start. The value
- * must be in the range [0, nb_queue_pair - 1]
- * previously supplied to
- * rte_crypto_dev_configure().
- * @return
- * - 0: Success, the transmit queue is correctly set up.
- * - -EINVAL: The dev_id or the queue_id out of range.
- * - -ENOTSUP: The function not supported in PMD driver.
- */
-extern int
-rte_cryptodev_queue_pair_start(uint8_t dev_id, uint16_t queue_pair_id);
-
-/**
- * Stop specified queue pair of a device
- *
- * @param dev_id The identifier of the device
- * @param queue_pair_id The index of the queue pair to stop. The value
- * must be in the range [0, nb_queue_pair - 1]
- * previously supplied to
+ * @param dev_id Crypto device identifier.
+ * @param queue_pair_id The index of the queue pairs to set up. The
+ * value must be in the range [0, nb_queue_pair
+ * - 1] previously supplied to
* rte_cryptodev_configure().
* @return
- * - 0: Success, the transmit queue is correctly set up.
- * - -EINVAL: The dev_id or the queue_id out of range.
- * - -ENOTSUP: The function not supported in PMD driver.
+ * - 0: qp was not configured
+ * - 1: qp was configured
+ * - -EINVAL: device was not configured
*/
-extern int
-rte_cryptodev_queue_pair_stop(uint8_t dev_id, uint16_t queue_pair_id);
+__rte_experimental
+int
+rte_cryptodev_get_qp_status(uint8_t dev_id, uint16_t queue_pair_id);
/**
* Get the number of queue pairs on a specific crypto device
* @param dev_info A pointer to a structure of type
* *rte_cryptodev_info* to be filled with the
* contextual information of the device.
+ *
+ * @note The capabilities field of dev_info is set to point to the first
+ * element of an array of struct rte_cryptodev_capabilities. The element after
+ * the last valid element has it's op field set to
+ * RTE_CRYPTO_OP_TYPE_UNDEFINED.
*/
extern void
rte_cryptodev_info_get(uint8_t dev_id, struct rte_cryptodev_info *dev_info);
rte_cryptodev_cb_fn cb_fn, void *cb_arg);
-typedef uint16_t (*dequeue_pkt_burst_t)(void *qp, struct rte_mbuf **pkts,
- uint16_t nb_pkts);
+typedef uint16_t (*dequeue_pkt_burst_t)(void *qp,
+ struct rte_crypto_op **ops, uint16_t nb_ops);
/**< Dequeue processed packets from queue pair of a device. */
-typedef uint16_t (*enqueue_pkt_burst_t)(void *qp, struct rte_mbuf **pkts,
- uint16_t nb_pkts);
+typedef uint16_t (*enqueue_pkt_burst_t)(void *qp,
+ struct rte_crypto_op **ops, uint16_t nb_ops);
/**< Enqueue packets for processing on queue pair of a device. */
+
+
struct rte_cryptodev_callback;
/** Structure to keep track of registered callbacks */
enqueue_pkt_burst_t enqueue_burst;
/**< Pointer to PMD transmit function. */
- const struct rte_cryptodev_driver *driver;
- /**< Driver for this device */
struct rte_cryptodev_data *data;
/**< Pointer to device data */
struct rte_cryptodev_ops *dev_ops;
/**< Functions exported by PMD */
- struct rte_pci_device *pci_dev;
- /**< PCI info. supplied by probing */
+ uint64_t feature_flags;
+ /**< Feature flags exposes HW/SW features for the given device */
+ struct rte_device *device;
+ /**< Backing device */
- enum rte_cryptodev_type dev_type;
- /**< Crypto device type */
- enum pmd_type pmd_type;
- /**< PMD type - PDEV / VDEV */
+ uint8_t driver_id;
+ /**< Crypto driver identifier*/
struct rte_cryptodev_cb_list link_intr_cbs;
/**< User application callback for interrupts if present */
+ void *security_ctx;
+ /**< Context for security ops */
+
+ __extension__
uint8_t attached : 1;
/**< Flag indicating the device is attached */
} __rte_cache_aligned;
-
-#define RTE_CRYPTODEV_NAME_MAX_LEN (64)
-/**< Max length of name of crypto PMD */
+void *
+rte_cryptodev_get_sec_ctx(uint8_t dev_id);
/**
*
char name[RTE_CRYPTODEV_NAME_MAX_LEN];
/**< Unique identifier name */
+ __extension__
uint8_t dev_started : 1;
/**< Device state: STARTED(1)/STOPPED(0) */
extern struct rte_cryptodev *rte_cryptodevs;
/**
*
- * Dequeue a burst of processed packets from a queue of the crypto device.
- * The dequeued packets are stored in *rte_mbuf* structures whose pointers are
- * supplied in the *pkts* array.
+ * Dequeue a burst of processed crypto operations from a queue on the crypto
+ * device. The dequeued operation are stored in *rte_crypto_op* structures
+ * whose pointers are supplied in the *ops* array.
*
- * The rte_crypto_dequeue_burst() function returns the number of packets
- * actually dequeued, which is the number of *rte_mbuf* data structures
- * effectively supplied into the *pkts* array.
+ * The rte_cryptodev_dequeue_burst() function returns the number of ops
+ * actually dequeued, which is the number of *rte_crypto_op* data structures
+ * effectively supplied into the *ops* array.
*
- * A return value equal to *nb_pkts* indicates that the queue contained
- * at least *rx_pkts* packets, and this is likely to signify that other
- * received packets remain in the input queue. Applications implementing
- * a "retrieve as much received packets as possible" policy can check this
- * specific case and keep invoking the rte_crypto_dequeue_burst() function
- * until a value less than *nb_pkts* is returned.
+ * A return value equal to *nb_ops* indicates that the queue contained
+ * at least *nb_ops* operations, and this is likely to signify that other
+ * processed operations remain in the devices output queue. Applications
+ * implementing a "retrieve as many processed operations as possible" policy
+ * can check this specific case and keep invoking the
+ * rte_cryptodev_dequeue_burst() function until a value less than
+ * *nb_ops* is returned.
*
- * The rte_crypto_dequeue_burst() function does not provide any error
+ * The rte_cryptodev_dequeue_burst() function does not provide any error
* notification to avoid the corresponding overhead.
*
- * @param dev_id The identifier of the device.
+ * @param dev_id The symmetric crypto device identifier
* @param qp_id The index of the queue pair from which to
* retrieve processed packets. The value must be
* in the range [0, nb_queue_pair - 1] previously
* supplied to rte_cryptodev_configure().
- * @param pkts The address of an array of pointers to
- * *rte_mbuf* structures that must be large enough
- * to store *nb_pkts* pointers in it.
- * @param nb_pkts The maximum number of packets to dequeue.
+ * @param ops The address of an array of pointers to
+ * *rte_crypto_op* structures that must be
+ * large enough to store *nb_ops* pointers in it.
+ * @param nb_ops The maximum number of operations to dequeue.
*
* @return
- * - The number of packets actually dequeued, which is the number
- * of pointers to *rte_mbuf* structures effectively supplied to the
- * *pkts* array.
+ * - The number of operations actually dequeued, which is the number
+ * of pointers to *rte_crypto_op* structures effectively supplied to the
+ * *ops* array.
*/
static inline uint16_t
rte_cryptodev_dequeue_burst(uint8_t dev_id, uint16_t qp_id,
- struct rte_mbuf **pkts, uint16_t nb_pkts)
+ struct rte_crypto_op **ops, uint16_t nb_ops)
{
struct rte_cryptodev *dev = &rte_cryptodevs[dev_id];
- nb_pkts = (*dev->dequeue_burst)
- (dev->data->queue_pairs[qp_id], pkts, nb_pkts);
+ nb_ops = (*dev->dequeue_burst)
+ (dev->data->queue_pairs[qp_id], ops, nb_ops);
- return nb_pkts;
+ rte_cryptodev_trace_dequeue_burst(dev_id, qp_id, (void **)ops, nb_ops);
+ return nb_ops;
}
/**
- * Enqueue a burst of packets for processing on a crypto device.
+ * Enqueue a burst of operations for processing on a crypto device.
*
- * The rte_crypto_enqueue_burst() function is invoked to place packets
- * on the queue *queue_id* of the device designated by its *dev_id*.
+ * The rte_cryptodev_enqueue_burst() function is invoked to place
+ * crypto operations on the queue *qp_id* of the device designated by
+ * its *dev_id*.
*
- * The *nb_pkts* parameter is the number of packets to process which are
- * supplied in the *pkts* array of *rte_mbuf* structures.
+ * The *nb_ops* parameter is the number of operations to process which are
+ * supplied in the *ops* array of *rte_crypto_op* structures.
*
- * The rte_crypto_enqueue_burst() function returns the number of packets it
- * actually sent. A return value equal to *nb_pkts* means that all packets
- * have been sent.
- *
- * Each mbuf in the *pkts* array must have a valid *rte_mbuf_offload* structure
- * attached which contains a valid crypto operation.
+ * The rte_cryptodev_enqueue_burst() function returns the number of
+ * operations it actually enqueued for processing. A return value equal to
+ * *nb_ops* means that all packets have been enqueued.
*
* @param dev_id The identifier of the device.
* @param qp_id The index of the queue pair which packets are
* must be in the range [0, nb_queue_pairs - 1]
* previously supplied to
* *rte_cryptodev_configure*.
- * @param pkts The address of an array of *nb_pkts* pointers
- * to *rte_mbuf* structures which contain the
- * output packets.
- * @param nb_pkts The number of packets to transmit.
+ * @param ops The address of an array of *nb_ops* pointers
+ * to *rte_crypto_op* structures which contain
+ * the crypto operations to be processed.
+ * @param nb_ops The number of operations to process.
*
* @return
- * The number of packets actually enqueued on the crypto device. The return
- * value can be less than the value of the *nb_pkts* parameter when the
- * crypto devices queue is full or has been filled up.
- * The number of packets is 0 if the device hasn't been started.
+ * The number of operations actually enqueued on the crypto device. The return
+ * value can be less than the value of the *nb_ops* parameter when the
+ * crypto devices queue is full or if invalid parameters are specified in
+ * a *rte_crypto_op*.
*/
static inline uint16_t
rte_cryptodev_enqueue_burst(uint8_t dev_id, uint16_t qp_id,
- struct rte_mbuf **pkts, uint16_t nb_pkts)
+ struct rte_crypto_op **ops, uint16_t nb_ops)
{
struct rte_cryptodev *dev = &rte_cryptodevs[dev_id];
+ rte_cryptodev_trace_enqueue_burst(dev_id, qp_id, (void **)ops, nb_ops);
return (*dev->enqueue_burst)(
- dev->data->queue_pairs[qp_id], pkts, nb_pkts);
+ dev->data->queue_pairs[qp_id], ops, nb_ops);
}
-/** Cryptodev symmetric crypto session */
+/** Cryptodev symmetric crypto session
+ * Each session is derived from a fixed xform chain. Therefore each session
+ * has a fixed algo, key, op-type, digest_len etc.
+ */
struct rte_cryptodev_sym_session {
- struct {
- uint8_t dev_id;
- /**< Device Id */
- enum rte_cryptodev_type type;
- /** Crypto Device type session created on */
- struct rte_mempool *mp;
- /**< Mempool session allocated from */
- } __rte_aligned(8);
- /**< Public symmetric session details */
-
- char _private[0];
- /**< Private session material */
+ uint64_t opaque_data;
+ /**< Can be used for external metadata */
+ uint16_t nb_drivers;
+ /**< number of elements in sess_data array */
+ uint16_t user_data_sz;
+ /**< session user data will be placed after sess_data */
+ __extension__ struct {
+ void *data;
+ uint16_t refcnt;
+ } sess_data[0];
+ /**< Driver specific session material, variable size */
+};
+
+/** Cryptodev asymmetric crypto session */
+struct rte_cryptodev_asym_session {
+ __extension__ void *sess_private_data[0];
+ /**< Private asymmetric session material */
};
+/**
+ * Create a symmetric session mempool.
+ *
+ * @param name
+ * The unique mempool name.
+ * @param nb_elts
+ * The number of elements in the mempool.
+ * @param elt_size
+ * The size of the element. This value will be ignored if it is smaller than
+ * the minimum session header size required for the system. For the user who
+ * want to use the same mempool for sym session and session private data it
+ * can be the maximum value of all existing devices' private data and session
+ * header sizes.
+ * @param cache_size
+ * The number of per-lcore cache elements
+ * @param priv_size
+ * The private data size of each session.
+ * @param socket_id
+ * The *socket_id* argument is the socket identifier in the case of
+ * NUMA. The value can be *SOCKET_ID_ANY* if there is no NUMA
+ * constraint for the reserved zone.
+ *
+ * @return
+ * - On success return size of the session
+ * - On failure returns 0
+ */
+__rte_experimental
+struct rte_mempool *
+rte_cryptodev_sym_session_pool_create(const char *name, uint32_t nb_elts,
+ uint32_t elt_size, uint32_t cache_size, uint16_t priv_size,
+ int socket_id);
+
+/**
+ * Create symmetric crypto session header (generic with no private data)
+ *
+ * @param mempool Symmetric session mempool to allocate session
+ * objects from
+ * @return
+ * - On success return pointer to sym-session
+ * - On failure returns NULL
+ */
+struct rte_cryptodev_sym_session *
+rte_cryptodev_sym_session_create(struct rte_mempool *mempool);
+
+/**
+ * Create asymmetric crypto session header (generic with no private data)
+ *
+ * @param mempool mempool to allocate asymmetric session
+ * objects from
+ * @return
+ * - On success return pointer to asym-session
+ * - On failure returns NULL
+ */
+__rte_experimental
+struct rte_cryptodev_asym_session *
+rte_cryptodev_asym_session_create(struct rte_mempool *mempool);
/**
- * Initialise a session for symmetric cryptographic operations.
+ * Frees symmetric crypto session header, after checking that all
+ * the device private data has been freed, returning it
+ * to its original mempool.
*
- * This function is used by the client to initialize immutable
- * parameters of symmetric cryptographic operation.
- * To perform the operation the rte_cryptodev_enqueue_burst function is
- * used. Each mbuf should contain a reference to the session
- * pointer returned from this function contained within it's crypto_op if a
- * session-based operation is being provisioned. Memory to contain the session
- * information is allocated from within mempool managed by the cryptodev.
+ * @param sess Session header to be freed.
+ *
+ * @return
+ * - 0 if successful.
+ * - -EINVAL if session is NULL.
+ * - -EBUSY if not all device private data has been freed.
+ */
+int
+rte_cryptodev_sym_session_free(struct rte_cryptodev_sym_session *sess);
+
+/**
+ * Frees asymmetric crypto session header, after checking that all
+ * the device private data has been freed, returning it
+ * to its original mempool.
*
- * The rte_cryptodev_session_free must be called to free allocated
- * memory when the session is no longer required.
+ * @param sess Session header to be freed.
*
- * @param dev_id The device identifier.
- * @param xform Crypto transform chain.
+ * @return
+ * - 0 if successful.
+ * - -EINVAL if session is NULL.
+ * - -EBUSY if not all device private data has been freed.
+ */
+__rte_experimental
+int
+rte_cryptodev_asym_session_free(struct rte_cryptodev_asym_session *sess);
+
+/**
+ * Fill out private data for the device id, based on its device type.
+ *
+ * @param dev_id ID of device that we want the session to be used on
+ * @param sess Session where the private data will be attached to
+ * @param xforms Symmetric crypto transform operations to apply on flow
+ * processed with this session
+ * @param mempool Mempool where the private data is allocated.
+ *
+ * @return
+ * - On success, zero.
+ * - -EINVAL if input parameters are invalid.
+ * - -ENOTSUP if crypto device does not support the crypto transform or
+ * does not support symmetric operations.
+ * - -ENOMEM if the private session could not be allocated.
+ */
+int
+rte_cryptodev_sym_session_init(uint8_t dev_id,
+ struct rte_cryptodev_sym_session *sess,
+ struct rte_crypto_sym_xform *xforms,
+ struct rte_mempool *mempool);
+
+/**
+ * Initialize asymmetric session on a device with specific asymmetric xform
+ *
+ * @param dev_id ID of device that we want the session to be used on
+ * @param sess Session to be set up on a device
+ * @param xforms Asymmetric crypto transform operations to apply on flow
+ * processed with this session
+ * @param mempool Mempool to be used for internal allocation.
+ *
+ * @return
+ * - On success, zero.
+ * - -EINVAL if input parameters are invalid.
+ * - -ENOTSUP if crypto device does not support the crypto transform.
+ * - -ENOMEM if the private session could not be allocated.
+ */
+__rte_experimental
+int
+rte_cryptodev_asym_session_init(uint8_t dev_id,
+ struct rte_cryptodev_asym_session *sess,
+ struct rte_crypto_asym_xform *xforms,
+ struct rte_mempool *mempool);
+
+/**
+ * Frees private data for the device id, based on its device type,
+ * returning it to its mempool. It is the application's responsibility
+ * to ensure that private session data is not cleared while there are
+ * still in-flight operations using it.
+ *
+ * @param dev_id ID of device that uses the session.
+ * @param sess Session containing the reference to the private data
+ *
+ * @return
+ * - 0 if successful.
+ * - -EINVAL if device is invalid or session is NULL.
+ * - -ENOTSUP if crypto device does not support symmetric operations.
+ */
+int
+rte_cryptodev_sym_session_clear(uint8_t dev_id,
+ struct rte_cryptodev_sym_session *sess);
+/**
+ * Frees resources held by asymmetric session during rte_cryptodev_session_init
*
+ * @param dev_id ID of device that uses the asymmetric session.
+ * @param sess Asymmetric session setup on device using
+ * rte_cryptodev_session_init
* @return
- * Pointer to the created session or NULL
+ * - 0 if successful.
+ * - -EINVAL if device is invalid or session is NULL.
*/
-extern struct rte_cryptodev_sym_session *
-rte_cryptodev_sym_session_create(uint8_t dev_id,
- struct rte_crypto_sym_xform *xform);
+__rte_experimental
+int
+rte_cryptodev_asym_session_clear(uint8_t dev_id,
+ struct rte_cryptodev_asym_session *sess);
/**
- * Free the memory associated with a previously allocated session.
+ * Get the size of the header session, for all registered drivers excluding
+ * the user data size.
+ *
+ * @return
+ * Size of the symmetric header session.
+ */
+unsigned int
+rte_cryptodev_sym_get_header_session_size(void);
+
+/**
+ * Get the size of the header session from created session.
+ *
+ * @param sess
+ * The sym cryptodev session pointer
+ *
+ * @return
+ * - If sess is not NULL, return the size of the header session including
+ * the private data size defined within sess.
+ * - If sess is NULL, return 0.
+ */
+__rte_experimental
+unsigned int
+rte_cryptodev_sym_get_existing_header_session_size(
+ struct rte_cryptodev_sym_session *sess);
+
+/**
+ * Get the size of the asymmetric session header, for all registered drivers.
+ *
+ * @return
+ * Size of the asymmetric header session.
+ */
+__rte_experimental
+unsigned int
+rte_cryptodev_asym_get_header_session_size(void);
+
+/**
+ * Get the size of the private symmetric session data
+ * for a device.
*
* @param dev_id The device identifier.
- * @param session Session pointer previously allocated by
+ *
+ * @return
+ * - Size of the private data, if successful
+ * - 0 if device is invalid or does not have private
+ * symmetric session
+ */
+unsigned int
+rte_cryptodev_sym_get_private_session_size(uint8_t dev_id);
+
+/**
+ * Get the size of the private data for asymmetric session
+ * on device
+ *
+ * @param dev_id The device identifier.
+ *
+ * @return
+ * - Size of the asymmetric private data, if successful
+ * - 0 if device is invalid or does not have private session
+ */
+__rte_experimental
+unsigned int
+rte_cryptodev_asym_get_private_session_size(uint8_t dev_id);
+
+/**
+ * Provide driver identifier.
+ *
+ * @param name
+ * The pointer to a driver name.
+ * @return
+ * The driver type identifier or -1 if no driver found
+ */
+int rte_cryptodev_driver_id_get(const char *name);
+
+/**
+ * Provide driver name.
+ *
+ * @param driver_id
+ * The driver identifier.
+ * @return
+ * The driver name or null if no driver found
+ */
+const char *rte_cryptodev_driver_name_get(uint8_t driver_id);
+
+/**
+ * Store user data in a session.
+ *
+ * @param sess Session pointer allocated by
* *rte_cryptodev_sym_session_create*.
+ * @param data Pointer to the user data.
+ * @param size Size of the user data.
*
* @return
- * NULL on successful freeing of session.
- * Session pointer on failure to free session.
+ * - On success, zero.
+ * - On failure, a negative value.
*/
-extern struct rte_cryptodev_sym_session *
-rte_cryptodev_sym_session_free(uint8_t dev_id,
- struct rte_cryptodev_sym_session *session);
+__rte_experimental
+int
+rte_cryptodev_sym_session_set_user_data(
+ struct rte_cryptodev_sym_session *sess,
+ void *data,
+ uint16_t size);
+/**
+ * Get user data stored in a session.
+ *
+ * @param sess Session pointer allocated by
+ * *rte_cryptodev_sym_session_create*.
+ *
+ * @return
+ * - On success return pointer to user data.
+ * - On failure returns NULL.
+ */
+__rte_experimental
+void *
+rte_cryptodev_sym_session_get_user_data(
+ struct rte_cryptodev_sym_session *sess);
+
+/**
+ * Perform actual crypto processing (encrypt/digest or auth/decrypt)
+ * on user provided data.
+ *
+ * @param dev_id The device identifier.
+ * @param sess Cryptodev session structure
+ * @param ofs Start and stop offsets for auth and cipher operations
+ * @param vec Vectorized operation descriptor
+ *
+ * @return
+ * - Returns number of successfully processed packets.
+ */
+__rte_experimental
+uint32_t
+rte_cryptodev_sym_cpu_crypto_process(uint8_t dev_id,
+ struct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs ofs,
+ struct rte_crypto_sym_vec *vec);
+
+/**
+ * Get the size of the raw data-path context buffer.
+ *
+ * @param dev_id The device identifier.
+ *
+ * @return
+ * - If the device supports raw data-path APIs, return the context size.
+ * - If the device does not support the APIs, return -1.
+ */
+__rte_experimental
+int
+rte_cryptodev_get_raw_dp_ctx_size(uint8_t dev_id);
+
+/**
+ * Union of different crypto session types, including session-less xform
+ * pointer.
+ */
+union rte_cryptodev_session_ctx {
+ struct rte_cryptodev_sym_session *crypto_sess;
+ struct rte_crypto_sym_xform *xform;
+ struct rte_security_session *sec_sess;
+};
+
+/**
+ * Enqueue a vectorized operation descriptor into the device queue but the
+ * driver may or may not start processing until rte_cryptodev_raw_enqueue_done()
+ * is called.
+ *
+ * @param qp Driver specific queue pair data.
+ * @param drv_ctx Driver specific context data.
+ * @param vec Vectorized operation descriptor.
+ * @param ofs Start and stop offsets for auth and cipher
+ * operations.
+ * @param user_data The array of user data for dequeue later.
+ * @param enqueue_status Driver written value to specify the
+ * enqueue status. Possible values:
+ * - 1: The number of operations returned are
+ * enqueued successfully.
+ * - 0: The number of operations returned are
+ * cached into the queue but are not processed
+ * until rte_cryptodev_raw_enqueue_done() is
+ * called.
+ * - negative integer: Error occurred.
+ * @return
+ * - The number of operations in the descriptor successfully enqueued or
+ * cached into the queue but not enqueued yet, depends on the
+ * "enqueue_status" value.
+ */
+typedef uint32_t (*cryptodev_sym_raw_enqueue_burst_t)(
+ void *qp, uint8_t *drv_ctx, struct rte_crypto_sym_vec *vec,
+ union rte_crypto_sym_ofs ofs, void *user_data[], int *enqueue_status);
+
+/**
+ * Enqueue single raw data vector into the device queue but the driver may or
+ * may not start processing until rte_cryptodev_raw_enqueue_done() is called.
+ *
+ * @param qp Driver specific queue pair data.
+ * @param drv_ctx Driver specific context data.
+ * @param data_vec The buffer data vector.
+ * @param n_data_vecs Number of buffer data vectors.
+ * @param ofs Start and stop offsets for auth and cipher
+ * operations.
+ * @param iv IV virtual and IOVA addresses
+ * @param digest digest virtual and IOVA addresses
+ * @param aad_or_auth_iv AAD or auth IV virtual and IOVA addresses,
+ * depends on the algorithm used.
+ * @param user_data The user data.
+ * @return
+ * - 1: The data vector is enqueued successfully.
+ * - 0: The data vector is cached into the queue but is not processed
+ * until rte_cryptodev_raw_enqueue_done() is called.
+ * - negative integer: failure.
+ */
+typedef int (*cryptodev_sym_raw_enqueue_t)(
+ void *qp, uint8_t *drv_ctx, struct rte_crypto_vec *data_vec,
+ uint16_t n_data_vecs, union rte_crypto_sym_ofs ofs,
+ struct rte_crypto_va_iova_ptr *iv,
+ struct rte_crypto_va_iova_ptr *digest,
+ struct rte_crypto_va_iova_ptr *aad_or_auth_iv,
+ void *user_data);
+
+/**
+ * Inform the cryptodev queue pair to start processing or finish dequeuing all
+ * enqueued/dequeued operations.
+ *
+ * @param qp Driver specific queue pair data.
+ * @param drv_ctx Driver specific context data.
+ * @param n The total number of processed operations.
+ * @return
+ * - On success return 0.
+ * - On failure return negative integer.
+ */
+typedef int (*cryptodev_sym_raw_operation_done_t)(void *qp, uint8_t *drv_ctx,
+ uint32_t n);
+
+/**
+ * Typedef that the user provided for the driver to get the dequeue count.
+ * The function may return a fixed number or the number parsed from the user
+ * data stored in the first processed operation.
+ *
+ * @param user_data Dequeued user data.
+ * @return
+ * - The number of operations to be dequeued.
+ **/
+typedef uint32_t (*rte_cryptodev_raw_get_dequeue_count_t)(void *user_data);
+
+/**
+ * Typedef that the user provided to deal with post dequeue operation, such
+ * as filling status.
+ *
+ * @param user_data Dequeued user data.
+ * @param index Index number of the processed descriptor.
+ * @param is_op_success Operation status provided by the driver.
+ **/
+typedef void (*rte_cryptodev_raw_post_dequeue_t)(void *user_data,
+ uint32_t index, uint8_t is_op_success);
+
+/**
+ * Dequeue a burst of symmetric crypto processing.
+ *
+ * @param qp Driver specific queue pair data.
+ * @param drv_ctx Driver specific context data.
+ * @param get_dequeue_count User provided callback function to
+ * obtain dequeue operation count.
+ * @param post_dequeue User provided callback function to
+ * post-process a dequeued operation.
+ * @param out_user_data User data pointer array to be retrieve
+ * from device queue. In case of
+ * *is_user_data_array* is set there
+ * should be enough room to store all
+ * user data.
+ * @param is_user_data_array Set 1 if every dequeued user data will
+ * be written into out_user_data array.
+ * Set 0 if only the first user data will
+ * be written into out_user_data array.
+ * @param n_success Driver written value to specific the
+ * total successful operations count.
+ * @param dequeue_status Driver written value to specify the
+ * dequeue status. Possible values:
+ * - 1: Successfully dequeued the number
+ * of operations returned. The user
+ * data previously set during enqueue
+ * is stored in the "out_user_data".
+ * - 0: The number of operations returned
+ * are completed and the user data is
+ * stored in the "out_user_data", but
+ * they are not freed from the queue
+ * until
+ * rte_cryptodev_raw_dequeue_done()
+ * is called.
+ * - negative integer: Error occurred.
+ * @return
+ * - The number of operations dequeued or completed but not freed from the
+ * queue, depends on "dequeue_status" value.
+ */
+typedef uint32_t (*cryptodev_sym_raw_dequeue_burst_t)(void *qp,
+ uint8_t *drv_ctx,
+ rte_cryptodev_raw_get_dequeue_count_t get_dequeue_count,
+ rte_cryptodev_raw_post_dequeue_t post_dequeue,
+ void **out_user_data, uint8_t is_user_data_array,
+ uint32_t *n_success, int *dequeue_status);
+
+/**
+ * Dequeue a symmetric crypto processing.
+ *
+ * @param qp Driver specific queue pair data.
+ * @param drv_ctx Driver specific context data.
+ * @param dequeue_status Driver written value to specify the
+ * dequeue status. Possible values:
+ * - 1: Successfully dequeued a operation.
+ * The user data is returned.
+ * - 0: The first operation in the queue
+ * is completed and the user data
+ * previously set during enqueue is
+ * returned, but it is not freed from
+ * the queue until
+ * rte_cryptodev_raw_dequeue_done() is
+ * called.
+ * - negative integer: Error occurred.
+ * @param op_status Driver written value to specify
+ * operation status.
+ * @return
+ * - The user data pointer retrieved from device queue or NULL if no
+ * operation is ready for dequeue.
+ */
+typedef void * (*cryptodev_sym_raw_dequeue_t)(
+ void *qp, uint8_t *drv_ctx, int *dequeue_status,
+ enum rte_crypto_op_status *op_status);
+
+/**
+ * Context data for raw data-path API crypto process. The buffer of this
+ * structure is to be allocated by the user application with the size equal
+ * or bigger than rte_cryptodev_get_raw_dp_ctx_size() returned value.
+ */
+struct rte_crypto_raw_dp_ctx {
+ void *qp_data;
+
+ cryptodev_sym_raw_enqueue_t enqueue;
+ cryptodev_sym_raw_enqueue_burst_t enqueue_burst;
+ cryptodev_sym_raw_operation_done_t enqueue_done;
+ cryptodev_sym_raw_dequeue_t dequeue;
+ cryptodev_sym_raw_dequeue_burst_t dequeue_burst;
+ cryptodev_sym_raw_operation_done_t dequeue_done;
+
+ /* Driver specific context data */
+ __extension__ uint8_t drv_ctx_data[];
+};
+
+/**
+ * Configure raw data-path context data.
+ *
+ * NOTE:
+ * After the context data is configured, the user should call
+ * rte_cryptodev_raw_attach_session() before using it in
+ * rte_cryptodev_raw_enqueue/dequeue function call.
+ *
+ * @param dev_id The device identifier.
+ * @param qp_id The index of the queue pair from which to
+ * retrieve processed packets. The value must be
+ * in the range [0, nb_queue_pair - 1] previously
+ * supplied to rte_cryptodev_configure().
+ * @param ctx The raw data-path context data.
+ * @param sess_type session type.
+ * @param session_ctx Session context data.
+ * @param is_update Set 0 if it is to initialize the ctx.
+ * Set 1 if ctx is initialized and only to update
+ * session context data.
+ * @return
+ * - On success return 0.
+ * - On failure return negative integer.
+ */
+__rte_experimental
+int
+rte_cryptodev_configure_raw_dp_ctx(uint8_t dev_id, uint16_t qp_id,
+ struct rte_crypto_raw_dp_ctx *ctx,
+ enum rte_crypto_op_sess_type sess_type,
+ union rte_cryptodev_session_ctx session_ctx,
+ uint8_t is_update);
+
+/**
+ * Enqueue a vectorized operation descriptor into the device queue but the
+ * driver may or may not start processing until rte_cryptodev_raw_enqueue_done()
+ * is called.
+ *
+ * @param ctx The initialized raw data-path context data.
+ * @param vec Vectorized operation descriptor.
+ * @param ofs Start and stop offsets for auth and cipher
+ * operations.
+ * @param user_data The array of user data for dequeue later.
+ * @param enqueue_status Driver written value to specify the
+ * enqueue status. Possible values:
+ * - 1: The number of operations returned are
+ * enqueued successfully.
+ * - 0: The number of operations returned are
+ * cached into the queue but are not processed
+ * until rte_cryptodev_raw_enqueue_done() is
+ * called.
+ * - negative integer: Error occurred.
+ * @return
+ * - The number of operations in the descriptor successfully enqueued or
+ * cached into the queue but not enqueued yet, depends on the
+ * "enqueue_status" value.
+ */
+__rte_experimental
+uint32_t
+rte_cryptodev_raw_enqueue_burst(struct rte_crypto_raw_dp_ctx *ctx,
+ struct rte_crypto_sym_vec *vec, union rte_crypto_sym_ofs ofs,
+ void **user_data, int *enqueue_status);
+
+/**
+ * Enqueue single raw data vector into the device queue but the driver may or
+ * may not start processing until rte_cryptodev_raw_enqueue_done() is called.
+ *
+ * @param ctx The initialized raw data-path context data.
+ * @param data_vec The buffer data vector.
+ * @param n_data_vecs Number of buffer data vectors.
+ * @param ofs Start and stop offsets for auth and cipher
+ * operations.
+ * @param iv IV virtual and IOVA addresses
+ * @param digest digest virtual and IOVA addresses
+ * @param aad_or_auth_iv AAD or auth IV virtual and IOVA addresses,
+ * depends on the algorithm used.
+ * @param user_data The user data.
+ * @return
+ * - 1: The data vector is enqueued successfully.
+ * - 0: The data vector is cached into the queue but is not processed
+ * until rte_cryptodev_raw_enqueue_done() is called.
+ * - negative integer: failure.
+ */
+__rte_experimental
+static __rte_always_inline int
+rte_cryptodev_raw_enqueue(struct rte_crypto_raw_dp_ctx *ctx,
+ struct rte_crypto_vec *data_vec, uint16_t n_data_vecs,
+ union rte_crypto_sym_ofs ofs,
+ struct rte_crypto_va_iova_ptr *iv,
+ struct rte_crypto_va_iova_ptr *digest,
+ struct rte_crypto_va_iova_ptr *aad_or_auth_iv,
+ void *user_data)
+{
+ return (*ctx->enqueue)(ctx->qp_data, ctx->drv_ctx_data, data_vec,
+ n_data_vecs, ofs, iv, digest, aad_or_auth_iv, user_data);
+}
+
+/**
+ * Start processing all enqueued operations from last
+ * rte_cryptodev_configure_raw_dp_ctx() call.
+ *
+ * @param ctx The initialized raw data-path context data.
+ * @param n The number of operations cached.
+ * @return
+ * - On success return 0.
+ * - On failure return negative integer.
+ */
+__rte_experimental
+int
+rte_cryptodev_raw_enqueue_done(struct rte_crypto_raw_dp_ctx *ctx,
+ uint32_t n);
+
+/**
+ * Dequeue a burst of symmetric crypto processing.
+ *
+ * @param ctx The initialized raw data-path context
+ * data.
+ * @param get_dequeue_count User provided callback function to
+ * obtain dequeue operation count.
+ * @param post_dequeue User provided callback function to
+ * post-process a dequeued operation.
+ * @param out_user_data User data pointer array to be retrieve
+ * from device queue. In case of
+ * *is_user_data_array* is set there
+ * should be enough room to store all
+ * user data.
+ * @param is_user_data_array Set 1 if every dequeued user data will
+ * be written into out_user_data array.
+ * Set 0 if only the first user data will
+ * be written into out_user_data array.
+ * @param n_success Driver written value to specific the
+ * total successful operations count.
+ * @param dequeue_status Driver written value to specify the
+ * dequeue status. Possible values:
+ * - 1: Successfully dequeued the number
+ * of operations returned. The user
+ * data previously set during enqueue
+ * is stored in the "out_user_data".
+ * - 0: The number of operations returned
+ * are completed and the user data is
+ * stored in the "out_user_data", but
+ * they are not freed from the queue
+ * until
+ * rte_cryptodev_raw_dequeue_done()
+ * is called.
+ * - negative integer: Error occurred.
+ * @return
+ * - The number of operations dequeued or completed but not freed from the
+ * queue, depends on "dequeue_status" value.
+ */
+__rte_experimental
+uint32_t
+rte_cryptodev_raw_dequeue_burst(struct rte_crypto_raw_dp_ctx *ctx,
+ rte_cryptodev_raw_get_dequeue_count_t get_dequeue_count,
+ rte_cryptodev_raw_post_dequeue_t post_dequeue,
+ void **out_user_data, uint8_t is_user_data_array,
+ uint32_t *n_success, int *dequeue_status);
+
+/**
+ * Dequeue a symmetric crypto processing.
+ *
+ * @param ctx The initialized raw data-path context
+ * data.
+ * @param dequeue_status Driver written value to specify the
+ * dequeue status. Possible values:
+ * - 1: Successfully dequeued a operation.
+ * The user data is returned.
+ * - 0: The first operation in the queue
+ * is completed and the user data
+ * previously set during enqueue is
+ * returned, but it is not freed from
+ * the queue until
+ * rte_cryptodev_raw_dequeue_done() is
+ * called.
+ * - negative integer: Error occurred.
+ * @param op_status Driver written value to specify
+ * operation status.
+ * @return
+ * - The user data pointer retrieved from device queue or NULL if no
+ * operation is ready for dequeue.
+ */
+__rte_experimental
+static __rte_always_inline void *
+rte_cryptodev_raw_dequeue(struct rte_crypto_raw_dp_ctx *ctx,
+ int *dequeue_status, enum rte_crypto_op_status *op_status)
+{
+ return (*ctx->dequeue)(ctx->qp_data, ctx->drv_ctx_data, dequeue_status,
+ op_status);
+}
+
+/**
+ * Inform the queue pair dequeue operations is finished.
+ *
+ * @param ctx The initialized raw data-path context data.
+ * @param n The number of operations.
+ * @return
+ * - On success return 0.
+ * - On failure return negative integer.
+ */
+__rte_experimental
+int
+rte_cryptodev_raw_dequeue_done(struct rte_crypto_raw_dp_ctx *ctx,
+ uint32_t n);
#ifdef __cplusplus
}