-/*-
- *
- * Copyright(c) 2015-2017 Intel Corporation. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- * * Neither the name of Intel Corporation nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2015-2017 Intel Corporation.
*/
#ifndef _RTE_CRYPTODEV_H_
#include "rte_crypto.h"
#include "rte_dev.h"
#include <rte_common.h>
-#include <rte_vdev.h>
-
-#define CRYPTODEV_NAME_NULL_PMD crypto_null
-/**< Null crypto PMD device name */
-#define CRYPTODEV_NAME_AESNI_MB_PMD crypto_aesni_mb
-/**< AES-NI Multi buffer PMD device name */
-#define CRYPTODEV_NAME_AESNI_GCM_PMD crypto_aesni_gcm
-/**< AES-NI GCM PMD device name */
-#define CRYPTODEV_NAME_OPENSSL_PMD crypto_openssl
-/**< Open SSL Crypto PMD device name */
-#define CRYPTODEV_NAME_QAT_SYM_PMD crypto_qat
-/**< Intel QAT Symmetric Crypto PMD device name */
-#define CRYPTODEV_NAME_SNOW3G_PMD crypto_snow3g
-/**< SNOW 3G PMD device name */
-#define CRYPTODEV_NAME_KASUMI_PMD crypto_kasumi
-/**< KASUMI PMD device name */
-#define CRYPTODEV_NAME_ZUC_PMD crypto_zuc
-/**< KASUMI PMD device name */
-#define CRYPTODEV_NAME_ARMV8_PMD crypto_armv8
-/**< ARMv8 Crypto PMD device name */
-#define CRYPTODEV_NAME_SCHEDULER_PMD crypto_scheduler
-/**< Scheduler Crypto PMD device name */
-#define CRYPTODEV_NAME_DPAA2_SEC_PMD crypto_dpaa2_sec
-/**< NXP DPAA2 - SEC PMD device name */
+#include <rte_config.h>
extern const char **rte_cyptodev_names;
RTE_FMT("%s() line %u: " RTE_FMT_HEAD(__VA_ARGS__,) "\n", \
__func__, __LINE__, RTE_FMT_TAIL(__VA_ARGS__,)))
-#define CDEV_PMD_LOG_ERR(dev, ...) \
- RTE_LOG(ERR, CRYPTODEV, \
- RTE_FMT("[%s] %s() line %u: " RTE_FMT_HEAD(__VA_ARGS__,) "\n", \
- dev, __func__, __LINE__, RTE_FMT_TAIL(__VA_ARGS__,)))
+#define CDEV_LOG_INFO(...) \
+ RTE_LOG(INFO, CRYPTODEV, \
+ RTE_FMT(RTE_FMT_HEAD(__VA_ARGS__,) "\n", \
+ RTE_FMT_TAIL(__VA_ARGS__,)))
-#ifdef RTE_LIBRTE_CRYPTODEV_DEBUG
#define CDEV_LOG_DEBUG(...) \
RTE_LOG(DEBUG, CRYPTODEV, \
RTE_FMT("%s() line %u: " RTE_FMT_HEAD(__VA_ARGS__,) "\n", \
RTE_FMT("[%s] %s: " RTE_FMT_HEAD(__VA_ARGS__,) "\n", \
dev, __func__, RTE_FMT_TAIL(__VA_ARGS__,)))
-#else
-#define CDEV_LOG_DEBUG(...) (void)0
-#define CDEV_PMD_TRACE(...) (void)0
-#endif
-
-
-
/**
* A macro that points to an offset from the start
* of the crypto operation structure (rte_crypto_op)
* to calculate address from.
*/
#define rte_crypto_op_ctophys_offset(c, o) \
- (phys_addr_t)((c)->phys_addr + (o))
+ (rte_iova_t)((c)->phys_addr + (o))
/**
* Crypto parameters range description
* @param capability Description of the symmetric crypto capability.
* @param key_size Auth key size.
* @param digest_size Auth digest size.
- * @param aad_size Auth aad size.
* @param iv_size Auth initial vector size.
*
* @return
int
rte_cryptodev_sym_capability_check_auth(
const struct rte_cryptodev_symmetric_capability *capability,
- uint16_t key_size, uint16_t digest_size, uint16_t aad_size,
- uint16_t iv_size);
+ uint16_t key_size, uint16_t digest_size, uint16_t iv_size);
/**
* Check if key, digest, AAD and initial vector sizes are supported
*
* Keep these flags synchronised with rte_cryptodev_get_feature_name()
*/
-#define RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO (1ULL << 0)
+#define RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO (1ULL << 0)
/**< Symmetric crypto operations are supported */
-#define RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO (1ULL << 1)
+#define RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO (1ULL << 1)
/**< Asymmetric crypto operations are supported */
-#define RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING (1ULL << 2)
+#define RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING (1ULL << 2)
/**< Chaining symmetric crypto operations are supported */
-#define RTE_CRYPTODEV_FF_CPU_SSE (1ULL << 3)
+#define RTE_CRYPTODEV_FF_CPU_SSE (1ULL << 3)
/**< Utilises CPU SIMD SSE instructions */
-#define RTE_CRYPTODEV_FF_CPU_AVX (1ULL << 4)
+#define RTE_CRYPTODEV_FF_CPU_AVX (1ULL << 4)
/**< Utilises CPU SIMD AVX instructions */
-#define RTE_CRYPTODEV_FF_CPU_AVX2 (1ULL << 5)
+#define RTE_CRYPTODEV_FF_CPU_AVX2 (1ULL << 5)
/**< Utilises CPU SIMD AVX2 instructions */
-#define RTE_CRYPTODEV_FF_CPU_AESNI (1ULL << 6)
+#define RTE_CRYPTODEV_FF_CPU_AESNI (1ULL << 6)
/**< Utilises CPU AES-NI instructions */
-#define RTE_CRYPTODEV_FF_HW_ACCELERATED (1ULL << 7)
-/**< Operations are off-loaded to an external hardware accelerator */
-#define RTE_CRYPTODEV_FF_CPU_AVX512 (1ULL << 8)
+#define RTE_CRYPTODEV_FF_HW_ACCELERATED (1ULL << 7)
+/**< Operations are off-loaded to an
+ * external hardware accelerator
+ */
+#define RTE_CRYPTODEV_FF_CPU_AVX512 (1ULL << 8)
/**< Utilises CPU SIMD AVX512 instructions */
-#define RTE_CRYPTODEV_FF_MBUF_SCATTER_GATHER (1ULL << 9)
-/**< Scatter-gather mbufs are supported */
-#define RTE_CRYPTODEV_FF_CPU_NEON (1ULL << 10)
+#define RTE_CRYPTODEV_FF_IN_PLACE_SGL (1ULL << 9)
+/**< In-place Scatter-gather (SGL) buffers, with multiple segments,
+ * are supported
+ */
+#define RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT (1ULL << 10)
+/**< Out-of-place Scatter-gather (SGL) buffers are
+ * supported in input and output
+ */
+#define RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT (1ULL << 11)
+/**< Out-of-place Scatter-gather (SGL) buffers are supported
+ * in input, combined with linear buffers (LB), with a
+ * single segment in output
+ */
+#define RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT (1ULL << 12)
+/**< Out-of-place Scatter-gather (SGL) buffers are supported
+ * in output, combined with linear buffers (LB) in input
+ */
+#define RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT (1ULL << 13)
+/**< Out-of-place linear buffers (LB) are supported in input and output */
+#define RTE_CRYPTODEV_FF_CPU_NEON (1ULL << 14)
/**< Utilises CPU NEON instructions */
-#define RTE_CRYPTODEV_FF_CPU_ARM_CE (1ULL << 11)
+#define RTE_CRYPTODEV_FF_CPU_ARM_CE (1ULL << 15)
/**< Utilises ARM CPU Cryptographic Extensions */
+#define RTE_CRYPTODEV_FF_SECURITY (1ULL << 16)
+/**< Support Security Protocol Processing */
/**
/** Crypto device information */
struct rte_cryptodev_info {
- const char *driver_name; /**< Driver name. */
- uint8_t driver_id; /**< Driver identifier */
- struct rte_pci_device *pci_dev; /**< PCI information. */
+ const char *driver_name; /**< Driver name. */
+ uint8_t driver_id; /**< Driver identifier */
+ struct rte_device *device; /**< Generic device information. */
- uint64_t feature_flags; /**< Feature flags */
+ uint64_t feature_flags;
+ /**< Feature flags exposes HW/SW features for the given device */
const struct rte_cryptodev_capabilities *capabilities;
/**< Array of devices supported capabilities */
struct {
unsigned max_nb_sessions;
- /**< Maximum number of sessions supported by device. */
- unsigned int max_nb_sessions_per_qp;
- /**< Maximum number of sessions per queue pair.
- * Default 0 for infinite sessions
+ /**< Maximum number of sessions supported by device.
+ * If 0, the device does not have any limitation in
+ * number of sessions that can be used.
*/
} sym;
};
/**< Max length of name of crypto PMD */
/**
- * Create a virtual crypto device
+ * Get the device identifier for the named crypto device.
*
- * @param name Cryptodev PMD name of device to be created.
- * @param args Options arguments for device.
+ * @param name device name to select the device structure.
*
* @return
- * - On successful creation of the cryptodev the device index is returned,
- * which will be between 0 and rte_cryptodev_count().
- * - In the case of a failure, returns -1.
+ * - Returns crypto device identifier on success.
+ * - Return -1 on failure to find named crypto device.
*/
extern int
-rte_cryptodev_create_vdev(const char *name, const char *args);
+rte_cryptodev_get_dev_id(const char *name);
/**
- * Get the device identifier for the named crypto device.
+ * Get the crypto device name given a device identifier.
*
- * @param name device name to select the device structure.
+ * @param dev_id
+ * The identifier of the device
*
* @return
- * - Returns crypto device identifier on success.
- * - Return -1 on failure to find named crypto device.
+ * - Returns crypto device name.
+ * - Returns NULL if crypto device is not present.
*/
-extern int
-rte_cryptodev_get_dev_id(const char *name);
+extern const char *
+rte_cryptodev_name_get(uint8_t dev_id);
/**
* Get the total number of crypto devices that have been successfully
int socket_id; /**< Socket to allocate resources on */
uint16_t nb_queue_pairs;
/**< Number of queue pairs to configure on device */
-
- struct {
- uint32_t nb_objs; /**< Number of objects in mempool */
- uint32_t cache_size; /**< l-core object cache size */
- } session_mp; /**< Session mempool configuration */
};
/**
* *SOCKET_ID_ANY* if there is no NUMA constraint
* for the DMA memory allocated for the receive
* queue pair.
+ * @param session_pool Pointer to device session mempool, used
+ * for session-less operations.
*
* @return
* - 0: Success, queue pair correctly set up.
*/
extern int
rte_cryptodev_queue_pair_setup(uint8_t dev_id, uint16_t queue_pair_id,
- const struct rte_cryptodev_qp_conf *qp_conf, int socket_id);
-
-/**
- * Start a specified queue pair of a device. It is used
- * when deferred_start flag of the specified queue is true.
- *
- * @param dev_id The identifier of the device
- * @param queue_pair_id The index of the queue pair to start. The value
- * must be in the range [0, nb_queue_pair - 1]
- * previously supplied to
- * rte_crypto_dev_configure().
- * @return
- * - 0: Success, the transmit queue is correctly set up.
- * - -EINVAL: The dev_id or the queue_id out of range.
- * - -ENOTSUP: The function not supported in PMD driver.
- */
-extern int
-rte_cryptodev_queue_pair_start(uint8_t dev_id, uint16_t queue_pair_id);
-
-/**
- * Stop specified queue pair of a device
- *
- * @param dev_id The identifier of the device
- * @param queue_pair_id The index of the queue pair to stop. The value
- * must be in the range [0, nb_queue_pair - 1]
- * previously supplied to
- * rte_cryptodev_configure().
- * @return
- * - 0: Success, the transmit queue is correctly set up.
- * - -EINVAL: The dev_id or the queue_id out of range.
- * - -ENOTSUP: The function not supported in PMD driver.
- */
-extern int
-rte_cryptodev_queue_pair_stop(uint8_t dev_id, uint16_t queue_pair_id);
+ const struct rte_cryptodev_qp_conf *qp_conf, int socket_id,
+ struct rte_mempool *session_pool);
/**
* Get the number of queue pairs on a specific crypto device
* @param dev_info A pointer to a structure of type
* *rte_cryptodev_info* to be filled with the
* contextual information of the device.
+ *
+ * @note The capabilities field of dev_info is set to point to the first
+ * element of an array of struct rte_cryptodev_capabilities. The element after
+ * the last valid element has it's op field set to
+ * RTE_CRYPTO_OP_TYPE_UNDEFINED.
*/
extern void
rte_cryptodev_info_get(uint8_t dev_id, struct rte_cryptodev_info *dev_info);
struct rte_cryptodev_ops *dev_ops;
/**< Functions exported by PMD */
uint64_t feature_flags;
- /**< Supported features */
+ /**< Feature flags exposes HW/SW features for the given device */
struct rte_device *device;
/**< Backing device */
struct rte_cryptodev_cb_list link_intr_cbs;
/**< User application callback for interrupts if present */
+ void *security_ctx;
+ /**< Context for security ops */
+
__extension__
uint8_t attached : 1;
/**< Flag indicating the device is attached */
} __rte_cache_aligned;
+void *
+rte_cryptodev_get_sec_ctx(uint8_t dev_id);
+
/**
*
* The data part, with no function pointers, associated with each device.
}
-/** Cryptodev symmetric crypto session */
+/** Cryptodev symmetric crypto session
+ * Each session is derived from a fixed xform chain. Therefore each session
+ * has a fixed algo, key, op-type, digest_len etc.
+ */
struct rte_cryptodev_sym_session {
- RTE_STD_C11
- struct {
- uint8_t dev_id;
- /**< Device Id */
- uint8_t driver_id;
- /** Crypto driver identifier session created on */
- struct rte_mempool *mp;
- /**< Mempool session allocated from */
- } __rte_aligned(8);
- /**< Public symmetric session details */
-
- __extension__ char _private[0];
+ __extension__ void *sess_private_data[0];
/**< Private session material */
};
/**
- * Initialise a session for symmetric cryptographic operations.
- *
- * This function is used by the client to initialize immutable
- * parameters of symmetric cryptographic operation.
- * To perform the operation the rte_cryptodev_enqueue_burst function is
- * used. Each mbuf should contain a reference to the session
- * pointer returned from this function contained within it's crypto_op if a
- * session-based operation is being provisioned. Memory to contain the session
- * information is allocated from within mempool managed by the cryptodev.
- *
- * The rte_cryptodev_session_free must be called to free allocated
- * memory when the session is no longer required.
- *
- * @param dev_id The device identifier.
- * @param xform Crypto transform chain.
-
+ * Create symmetric crypto session header (generic with no private data)
*
+ * @param mempool Symmetric session mempool to allocate session
+ * objects from
* @return
- * Pointer to the created session or NULL
+ * - On success return pointer to sym-session
+ * - On failure returns NULL
*/
-extern struct rte_cryptodev_sym_session *
-rte_cryptodev_sym_session_create(uint8_t dev_id,
- struct rte_crypto_sym_xform *xform);
+struct rte_cryptodev_sym_session *
+rte_cryptodev_sym_session_create(struct rte_mempool *mempool);
/**
- * Free the memory associated with a previously allocated session.
+ * Frees symmetric crypto session header, after checking that all
+ * the device private data has been freed, returning it
+ * to its original mempool.
*
- * @param dev_id The device identifier.
- * @param session Session pointer previously allocated by
- * *rte_cryptodev_sym_session_create*.
+ * @param sess Session header to be freed.
*
* @return
- * NULL on successful freeing of session.
- * Session pointer on failure to free session.
+ * - 0 if successful.
+ * - -EINVAL if session is NULL.
+ * - -EBUSY if not all device private data has been freed.
*/
-extern struct rte_cryptodev_sym_session *
-rte_cryptodev_sym_session_free(uint8_t dev_id,
- struct rte_cryptodev_sym_session *session);
+int
+rte_cryptodev_sym_session_free(struct rte_cryptodev_sym_session *sess);
/**
- * Attach queue pair with sym session.
+ * Fill out private data for the device id, based on its device type.
*
- * @param qp_id Queue pair to which session will be attached.
- * @param session Session pointer previously allocated by
- * *rte_cryptodev_sym_session_create*.
+ * @param dev_id ID of device that we want the session to be used on
+ * @param sess Session where the private data will be attached to
+ * @param xforms Symmetric crypto transform operations to apply on flow
+ * processed with this session
+ * @param mempool Mempool where the private data is allocated.
*
* @return
* - On success, zero.
- * - On failure, a negative value.
+ * - -EINVAL if input parameters are invalid.
+ * - -ENOTSUP if crypto device does not support the crypto transform.
+ * - -ENOMEM if the private session could not be allocated.
*/
int
-rte_cryptodev_queue_pair_attach_sym_session(uint16_t qp_id,
- struct rte_cryptodev_sym_session *session);
+rte_cryptodev_sym_session_init(uint8_t dev_id,
+ struct rte_cryptodev_sym_session *sess,
+ struct rte_crypto_sym_xform *xforms,
+ struct rte_mempool *mempool);
/**
- * Detach queue pair with sym session.
+ * Frees private data for the device id, based on its device type,
+ * returning it to its mempool. It is the application's responsibility
+ * to ensure that private session data is not cleared while there are
+ * still in-flight operations using it.
*
- * @param qp_id Queue pair to which session is attached.
- * @param session Session pointer previously allocated by
- * *rte_cryptodev_sym_session_create*.
+ * @param dev_id ID of device that uses the session.
+ * @param sess Session containing the reference to the private data
*
* @return
- * - On success, zero.
- * - On failure, a negative value.
+ * - 0 if successful.
+ * - -EINVAL if device is invalid or session is NULL.
*/
int
-rte_cryptodev_queue_pair_detach_sym_session(uint16_t qp_id,
- struct rte_cryptodev_sym_session *session);
+rte_cryptodev_sym_session_clear(uint8_t dev_id,
+ struct rte_cryptodev_sym_session *sess);
+
+/**
+ * Get the size of the header session, for all registered drivers.
+ *
+ * @return
+ * Size of the symmetric eader session.
+ */
+unsigned int
+rte_cryptodev_sym_get_header_session_size(void);
+
+/**
+ * Get the size of the private symmetric session data
+ * for a device.
+ *
+ * @param dev_id The device identifier.
+ *
+ * @return
+ * - Size of the private data, if successful
+ * - 0 if device is invalid or does not have private
+ * symmetric session
+ */
+unsigned int
+rte_cryptodev_sym_get_private_session_size(uint8_t dev_id);
/**
* Provide driver identifier.
const char *rte_cryptodev_driver_name_get(uint8_t driver_id);
/**
- * @internal
- * Allocate Cryptodev driver.
+ * Set private data for a session.
+ *
+ * @param sess Session pointer allocated by
+ * *rte_cryptodev_sym_session_create*.
+ * @param data Pointer to the private data.
+ * @param size Size of the private data.
*
- * @param driver
- * Pointer to rte_driver.
* @return
- * The driver type identifier
+ * - On success, zero.
+ * - On failure, a negative value.
*/
-uint8_t rte_cryptodev_allocate_driver(const struct rte_driver *driver);
-
-
-#define RTE_PMD_REGISTER_CRYPTO_DRIVER(drv, driver_id)\
-RTE_INIT(init_ ##driver_id);\
-static void init_ ##driver_id(void)\
-{\
- driver_id = rte_cryptodev_allocate_driver(&(drv).driver);\
-}
+int __rte_experimental
+rte_cryptodev_sym_session_set_private_data(
+ struct rte_cryptodev_sym_session *sess,
+ void *data,
+ uint16_t size);
+/**
+ * Get private data of a session.
+ *
+ * @param sess Session pointer allocated by
+ * *rte_cryptodev_sym_session_create*.
+ *
+ * @return
+ * - On success return pointer to private data.
+ * - On failure returns NULL.
+ */
+void * __rte_experimental
+rte_cryptodev_sym_session_get_private_data(
+ struct rte_cryptodev_sym_session *sess);
#ifdef __cplusplus
}