/*-
*
- * Copyright(c) 2015 Intel Corporation. All rights reserved.
+ * Copyright(c) 2015-2016 Intel Corporation. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
*
* Defines RTE Crypto Device APIs for the provisioning of cipher and
* authentication operations.
+ *
+ * @b EXPERIMENTAL: this API may change without prior notice
+ *
*/
#ifdef __cplusplus
extern "C" {
#endif
-#include "stddef.h"
-
+#include "rte_kvargs.h"
#include "rte_crypto.h"
#include "rte_dev.h"
/**< Null crypto PMD device name */
#define CRYPTODEV_NAME_AESNI_MB_PMD ("cryptodev_aesni_mb_pmd")
/**< AES-NI Multi buffer PMD device name */
-#define CRYPTODEV_NAME_QAT_PMD ("cryptodev_qat_pmd")
-/**< Intel QAT PMD device name */
+#define CRYPTODEV_NAME_AESNI_GCM_PMD ("cryptodev_aesni_gcm_pmd")
+/**< AES-NI GCM PMD device name */
+#define CRYPTODEV_NAME_QAT_SYM_PMD ("cryptodev_qat_sym_pmd")
+/**< Intel QAT Symmetric Crypto PMD device name */
+#define CRYPTODEV_NAME_SNOW3G_PMD ("cryptodev_snow3g_pmd")
+/**< SNOW 3G PMD device name */
/** Crypto device type */
enum rte_cryptodev_type {
RTE_CRYPTODEV_NULL_PMD = 1, /**< Null crypto PMD */
+ RTE_CRYPTODEV_AESNI_GCM_PMD, /**< AES-NI GCM PMD */
RTE_CRYPTODEV_AESNI_MB_PMD, /**< AES-NI multi buffer PMD */
- RTE_CRYPTODEV_QAT_PMD, /**< QAT PMD */
+ RTE_CRYPTODEV_QAT_SYM_PMD, /**< QAT PMD Symmetric Crypto */
+ RTE_CRYPTODEV_SNOW3G_PMD, /**< SNOW 3G PMD */
};
+extern const char **rte_cyptodev_names;
+
/* Logging Macros */
#define CDEV_LOG_ERR(fmt, args...) \
unsigned max_nb_queue_pairs;
/**< Maximum number of queues pairs supported by device. */
- unsigned max_nb_sessions;
- /**< Maximum number of sessions supported by device. */
+
+ struct {
+ unsigned max_nb_sessions;
+ /**< Maximum number of sessions supported by device. */
+ } sym;
};
#define RTE_CRYPTODEV_DETACHED (0)
typedef void (*rte_cryptodev_cb_fn)(uint8_t dev_id,
enum rte_cryptodev_event_type event, void *cb_arg);
-#ifdef RTE_CRYPTODEV_PERF
-/**
- * Crypto Device performance counter statistics structure. This structure is
- * used for RDTSC counters for measuring crypto operations.
- */
-struct rte_cryptodev_perf_stats {
- uint64_t t_accumlated; /**< Accumulated time processing operation */
- uint64_t t_min; /**< Max time */
- uint64_t t_max; /**< Min time */
-};
-#endif
/** Crypto Device statistics */
struct rte_cryptodev_stats {
/**< Total error count on operations enqueued */
uint64_t dequeue_err_count;
/**< Total error count on operations dequeued */
+};
-#ifdef RTE_CRYPTODEV_DETAILED_STATS
- struct {
- uint64_t encrypt_ops; /**< Count of encrypt operations */
- uint64_t encrypt_bytes; /**< Number of bytes encrypted */
+#define RTE_CRYPTODEV_VDEV_DEFAULT_MAX_NB_QUEUE_PAIRS 8
+#define RTE_CRYPTODEV_VDEV_DEFAULT_MAX_NB_SESSIONS 2048
- uint64_t decrypt_ops; /**< Count of decrypt operations */
- uint64_t decrypt_bytes; /**< Number of bytes decrypted */
- } cipher; /**< Cipher operations stats */
+/**
+ * @internal
+ * Initialisation parameters for virtual crypto devices
+ */
+struct rte_crypto_vdev_init_params {
+ unsigned max_nb_queue_pairs;
+ unsigned max_nb_sessions;
+ uint8_t socket_id;
+};
- struct {
- uint64_t generate_ops; /**< Count of generate operations */
- uint64_t bytes_hashed; /**< Number of bytes hashed */
+#define RTE_CRYPTODEV_VDEV_MAX_NB_QP_ARG ("max_nb_queue_pairs")
+#define RTE_CRYPTODEV_VDEV_MAX_NB_SESS_ARG ("max_nb_sessions")
+#define RTE_CRYPTODEV_VDEV_SOCKET_ID ("socket_id")
- uint64_t verify_ops; /**< Count of verify operations */
- uint64_t bytes_verified;/**< Number of bytes verified */
- } hash; /**< Hash operations stats */
-#endif
+static const char *cryptodev_vdev_valid_params[] = {
+ RTE_CRYPTODEV_VDEV_MAX_NB_QP_ARG,
+ RTE_CRYPTODEV_VDEV_MAX_NB_SESS_ARG,
+ RTE_CRYPTODEV_VDEV_SOCKET_ID
+};
-#ifdef RTE_CRYPTODEV_PERF
- struct rte_cryptodev_perf_stats op_perf; /**< Operations stats */
-#endif
-} __rte_cache_aligned;
+static inline uint8_t
+number_of_sockets(void)
+{
+ int sockets = 0;
+ int i;
+ const struct rte_memseg *ms = rte_eal_get_physmem_layout();
+
+ for (i = 0; ((i < RTE_MAX_MEMSEG) && (ms[i].addr != NULL)); i++) {
+ if (sockets < ms[i].socket_id)
+ sockets = ms[i].socket_id;
+ }
+
+ /* Number of sockets = maximum socket_id + 1 */
+ return ++sockets;
+}
+
+/** Parse integer from integer argument */
+static inline int
+__rte_cryptodev_parse_integer_arg(const char *key __rte_unused,
+ const char *value, void *extra_args)
+{
+ int *i = (int *) extra_args;
+
+ *i = atoi(value);
+ if (*i < 0) {
+ CDEV_LOG_ERR("Argument has to be positive.");
+ return -1;
+ }
+
+ return 0;
+}
+
+/**
+ * Parse virtual device initialisation parameters input arguments
+ * @internal
+ *
+ * @params params Initialisation parameters with defaults set.
+ * @params input_args Command line arguments
+ *
+ * @return
+ * 0 on successful parse
+ * <0 on failure to parse
+ */
+static inline int
+rte_cryptodev_parse_vdev_init_params(struct rte_crypto_vdev_init_params *params,
+ const char *input_args)
+{
+ struct rte_kvargs *kvlist;
+ int ret;
+
+ if (params == NULL)
+ return -EINVAL;
+
+ if (input_args) {
+ kvlist = rte_kvargs_parse(input_args,
+ cryptodev_vdev_valid_params);
+ if (kvlist == NULL)
+ return -1;
+
+ ret = rte_kvargs_process(kvlist,
+ RTE_CRYPTODEV_VDEV_MAX_NB_QP_ARG,
+ &__rte_cryptodev_parse_integer_arg,
+ ¶ms->max_nb_queue_pairs);
+ if (ret < 0)
+ goto free_kvlist;
+
+ ret = rte_kvargs_process(kvlist,
+ RTE_CRYPTODEV_VDEV_MAX_NB_SESS_ARG,
+ &__rte_cryptodev_parse_integer_arg,
+ ¶ms->max_nb_sessions);
+ if (ret < 0)
+ goto free_kvlist;
+
+ ret = rte_kvargs_process(kvlist, RTE_CRYPTODEV_VDEV_SOCKET_ID,
+ &__rte_cryptodev_parse_integer_arg,
+ ¶ms->socket_id);
+ if (ret < 0)
+ goto free_kvlist;
+
+ if (params->socket_id >= number_of_sockets()) {
+ CDEV_LOG_ERR("Invalid socket id specified to create "
+ "the virtual crypto device on");
+ goto free_kvlist;
+ }
+ }
+
+ return 0;
+
+free_kvlist:
+ rte_kvargs_free(kvlist);
+ return ret;
+}
/**
* Create a virtual crypto device
rte_cryptodev_cb_fn cb_fn, void *cb_arg);
-typedef uint16_t (*dequeue_pkt_burst_t)(void *qp, struct rte_mbuf **pkts,
- uint16_t nb_pkts);
+typedef uint16_t (*dequeue_pkt_burst_t)(void *qp,
+ struct rte_crypto_op **ops, uint16_t nb_ops);
/**< Dequeue processed packets from queue pair of a device. */
-typedef uint16_t (*enqueue_pkt_burst_t)(void *qp, struct rte_mbuf **pkts,
- uint16_t nb_pkts);
+typedef uint16_t (*enqueue_pkt_burst_t)(void *qp,
+ struct rte_crypto_op **ops, uint16_t nb_ops);
/**< Enqueue packets for processing on queue pair of a device. */
extern struct rte_cryptodev *rte_cryptodevs;
/**
*
- * Dequeue a burst of processed packets from a queue of the crypto device.
- * The dequeued packets are stored in *rte_mbuf* structures whose pointers are
- * supplied in the *pkts* array.
+ * Dequeue a burst of processed crypto operations from a queue on the crypto
+ * device. The dequeued operation are stored in *rte_crypto_op* structures
+ * whose pointers are supplied in the *ops* array.
*
- * The rte_crypto_dequeue_burst() function returns the number of packets
- * actually dequeued, which is the number of *rte_mbuf* data structures
- * effectively supplied into the *pkts* array.
+ * The rte_cryptodev_dequeue_burst() function returns the number of ops
+ * actually dequeued, which is the number of *rte_crypto_op* data structures
+ * effectively supplied into the *ops* array.
*
- * A return value equal to *nb_pkts* indicates that the queue contained
- * at least *rx_pkts* packets, and this is likely to signify that other
- * received packets remain in the input queue. Applications implementing
- * a "retrieve as much received packets as possible" policy can check this
- * specific case and keep invoking the rte_crypto_dequeue_burst() function
- * until a value less than *nb_pkts* is returned.
+ * A return value equal to *nb_ops* indicates that the queue contained
+ * at least *nb_ops* operations, and this is likely to signify that other
+ * processed operations remain in the devices output queue. Applications
+ * implementing a "retrieve as many processed operations as possible" policy
+ * can check this specific case and keep invoking the
+ * rte_cryptodev_dequeue_burst() function until a value less than
+ * *nb_ops* is returned.
*
- * The rte_crypto_dequeue_burst() function does not provide any error
+ * The rte_cryptodev_dequeue_burst() function does not provide any error
* notification to avoid the corresponding overhead.
*
- * @param dev_id The identifier of the device.
+ * @param dev_id The symmetric crypto device identifier
* @param qp_id The index of the queue pair from which to
* retrieve processed packets. The value must be
* in the range [0, nb_queue_pair - 1] previously
* supplied to rte_cryptodev_configure().
- * @param pkts The address of an array of pointers to
- * *rte_mbuf* structures that must be large enough
- * to store *nb_pkts* pointers in it.
- * @param nb_pkts The maximum number of packets to dequeue.
+ * @param ops The address of an array of pointers to
+ * *rte_crypto_op* structures that must be
+ * large enough to store *nb_ops* pointers in it.
+ * @param nb_ops The maximum number of operations to dequeue.
*
* @return
- * - The number of packets actually dequeued, which is the number
- * of pointers to *rte_mbuf* structures effectively supplied to the
- * *pkts* array.
+ * - The number of operations actually dequeued, which is the number
+ * of pointers to *rte_crypto_op* structures effectively supplied to the
+ * *ops* array.
*/
static inline uint16_t
rte_cryptodev_dequeue_burst(uint8_t dev_id, uint16_t qp_id,
- struct rte_mbuf **pkts, uint16_t nb_pkts)
+ struct rte_crypto_op **ops, uint16_t nb_ops)
{
struct rte_cryptodev *dev = &rte_cryptodevs[dev_id];
- nb_pkts = (*dev->dequeue_burst)
- (dev->data->queue_pairs[qp_id], pkts, nb_pkts);
+ nb_ops = (*dev->dequeue_burst)
+ (dev->data->queue_pairs[qp_id], ops, nb_ops);
- return nb_pkts;
+ return nb_ops;
}
/**
- * Enqueue a burst of packets for processing on a crypto device.
+ * Enqueue a burst of operations for processing on a crypto device.
*
- * The rte_crypto_enqueue_burst() function is invoked to place packets
- * on the queue *queue_id* of the device designated by its *dev_id*.
+ * The rte_cryptodev_enqueue_burst() function is invoked to place
+ * crypto operations on the queue *qp_id* of the device designated by
+ * its *dev_id*.
*
- * The *nb_pkts* parameter is the number of packets to process which are
- * supplied in the *pkts* array of *rte_mbuf* structures.
+ * The *nb_ops* parameter is the number of operations to process which are
+ * supplied in the *ops* array of *rte_crypto_op* structures.
*
- * The rte_crypto_enqueue_burst() function returns the number of packets it
- * actually sent. A return value equal to *nb_pkts* means that all packets
- * have been sent.
- *
- * Each mbuf in the *pkts* array must have a valid *rte_mbuf_offload* structure
- * attached which contains a valid crypto operation.
+ * The rte_cryptodev_enqueue_burst() function returns the number of
+ * operations it actually enqueued for processing. A return value equal to
+ * *nb_ops* means that all packets have been enqueued.
*
* @param dev_id The identifier of the device.
* @param qp_id The index of the queue pair which packets are
* must be in the range [0, nb_queue_pairs - 1]
* previously supplied to
* *rte_cryptodev_configure*.
- * @param pkts The address of an array of *nb_pkts* pointers
- * to *rte_mbuf* structures which contain the
- * output packets.
- * @param nb_pkts The number of packets to transmit.
+ * @param ops The address of an array of *nb_ops* pointers
+ * to *rte_crypto_op* structures which contain
+ * the crypto operations to be processed.
+ * @param nb_ops The number of operations to process.
*
* @return
- * The number of packets actually enqueued on the crypto device. The return
- * value can be less than the value of the *nb_pkts* parameter when the
- * crypto devices queue is full or has been filled up.
- * The number of packets is 0 if the device hasn't been started.
+ * The number of operations actually enqueued on the crypto device. The return
+ * value can be less than the value of the *nb_ops* parameter when the
+ * crypto devices queue is full or if invalid parameters are specified in
+ * a *rte_crypto_op*.
*/
static inline uint16_t
rte_cryptodev_enqueue_burst(uint8_t dev_id, uint16_t qp_id,
- struct rte_mbuf **pkts, uint16_t nb_pkts)
+ struct rte_crypto_op **ops, uint16_t nb_ops)
{
struct rte_cryptodev *dev = &rte_cryptodevs[dev_id];
return (*dev->enqueue_burst)(
- dev->data->queue_pairs[qp_id], pkts, nb_pkts);
+ dev->data->queue_pairs[qp_id], ops, nb_ops);
}
+/** Cryptodev symmetric crypto session */
+struct rte_cryptodev_sym_session {
+ struct {
+ uint8_t dev_id;
+ /**< Device Id */
+ enum rte_cryptodev_type type;
+ /** Crypto Device type session created on */
+ struct rte_mempool *mp;
+ /**< Mempool session allocated from */
+ } __rte_aligned(8);
+ /**< Public symmetric session details */
+
+ char _private[0];
+ /**< Private session material */
+};
+
+
/**
* Initialise a session for symmetric cryptographic operations.
*
* @return
* Pointer to the created session or NULL
*/
-extern struct rte_cryptodev_session *
-rte_cryptodev_session_create(uint8_t dev_id,
- struct rte_crypto_xform *xform);
-
+extern struct rte_cryptodev_sym_session *
+rte_cryptodev_sym_session_create(uint8_t dev_id,
+ struct rte_crypto_sym_xform *xform);
/**
* Free the memory associated with a previously allocated session.
*
* @param dev_id The device identifier.
* @param session Session pointer previously allocated by
- * *rte_cryptodev_session_create*.
+ * *rte_cryptodev_sym_session_create*.
*
* @return
* NULL on successful freeing of session.
* Session pointer on failure to free session.
*/
-extern struct rte_cryptodev_session *
-rte_cryptodev_session_free(uint8_t dev_id,
- struct rte_cryptodev_session *session);
+extern struct rte_cryptodev_sym_session *
+rte_cryptodev_sym_session_free(uint8_t dev_id,
+ struct rte_cryptodev_sym_session *session);
#ifdef __cplusplus