X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;ds=sidebyside;f=doc%2Fguides%2Fcryptodevs%2Fsnow3g.rst;h=8914e29c5a02996412985335dff6d8a184bb0c4a;hb=083de3eba72f99cbd564576652d7e1e4a62fad47;hp=7e38d203bb2d4ef2bdbdab9a0a2a4cb12dfe44fc;hpb=dab1e57ac82512d02fba2460b693481174dd0849;p=dpdk.git diff --git a/doc/guides/cryptodevs/snow3g.rst b/doc/guides/cryptodevs/snow3g.rst index 7e38d203bb..8914e29c5a 100644 --- a/doc/guides/cryptodevs/snow3g.rst +++ b/doc/guides/cryptodevs/snow3g.rst @@ -41,56 +41,75 @@ SNOW 3G PMD has support for: Cipher algorithm: -* RTE_CRYPTO_SYM_CIPHER_SNOW3G_UEA2 +* RTE_CRYPTO_CIPHER_SNOW3G_UEA2 Authentication algorithm: -* RTE_CRYPTO_SYM_AUTH_SNOW3G_UIA2 +* RTE_CRYPTO_AUTH_SNOW3G_UIA2 Limitations ----------- * Chained mbufs are not supported. -* Snow3g(UEA2) supported only if cipher length, cipher offset fields are byte-aligned. -* Snow3g(UIA2) supported only if hash length, hash offset fields are byte-aligned. +* SNOW 3G (UIA2) supported only if hash offset field is byte-aligned. +* In-place bit-level operations for SNOW 3G (UEA2) are not supported + (if length and/or offset of data to be ciphered is not byte-aligned). Installation ------------ To build DPDK with the SNOW3G_PMD the user is required to download -the export controlled ``libsso`` library, by requesting it from -``_, -and compiling it on their system before building DPDK:: +the export controlled ``libsso_snow3g`` library, by requesting it from +``_. +Once approval has been granted, the user needs to log in +``_ +and click on "Snow3G Bit Stream crypto library" link, to download the library. +After downloading the library, the user needs to unpack and compile it +on their system before building DPDK:: - make -f Makefile_snow3g + make snow3G -**Note**: If using a gcc version higher than 5.0, and compilation fails, apply the following patch: +**Note**: When encrypting with SNOW3G UEA2, by default the library +encrypts blocks of 4 bytes, regardless the number of bytes to +be encrypted provided (which leads to a possible buffer overflow). +To avoid this situation, it is necessary not to pass +3GPP_SAFE_BUFFERS as a compilation flag. +For this, in the Makefile of the library, make sure that this flag +is commented out.:: -.. code-block:: diff + #EXTRA_CFLAGS += -D_3GPP_SAFE_BUFFERS - /libsso/src/snow3g/sso_snow3g.c - static inline void ClockFSM_4(sso_snow3gKeyState4_t *pCtx, __m128i *data) - { - __m128i F, R; - - uint32_t K, L; - + uint32_t K; - + /* Declare unused if SNOW3G_WSM/SNB are defined */ - + uint32_t L __attribute__ ((unused)) = 0; +Initialization +-------------- - F = _mm_add_epi32(pCtx->LFSR_X[15], pCtx->FSM_X[0]); - R = _mm_xor_si128(pCtx->LFSR_X[5], pCtx->FSM_X[2]); +In order to enable this virtual crypto PMD, user must: - /libsso/include/sso_snow3g_internal.h +* Export the environmental variable LIBSSO_SNOW3G_PATH with the path where + the library was extracted (snow3g folder). - -inline void ClockFSM_1(sso_snow3gKeyState1_t *pCtx, uint32_t *data); - -inline void ClockLFSR_1(sso_snow3gKeyState1_t *pCtx); - -inline void sso_snow3gStateInitialize_1(sso_snow3gKeyState1_t * pCtx, sso_snow3g_key_schedule_t *pKeySched, uint8_t *pIV); - +void ClockFSM_1(sso_snow3gKeyState1_t *pCtx, uint32_t *data); - +void ClockLFSR_1(sso_snow3gKeyState1_t *pCtx); - +void sso_snow3gStateInitialize_1(sso_snow3gKeyState1_t * pCtx, sso_snow3g_key_schedule_t *pKeySched, uint8_t *pIV); +* Build the LIBSSO_SNOW3G library (explained in Installation section). +* Set CONFIG_RTE_LIBRTE_PMD_SNOW3G=y in config/common_base. -The environmental variable ``LIBSSO_PATH`` must be exported with the path -where you extracted and built the libsso library and finally set -``CONFIG_RTE_LIBRTE_PMD_SNOW3G=y`` in ``config/common_base``. +To use the PMD in an application, user must: + +* Call rte_vdev_init("crypto_snow3g") within the application. + +* Use --vdev="crypto_snow3g" in the EAL options, which will call rte_vdev_init() internally. + +The following parameters (all optional) can be provided in the previous two calls: + +* socket_id: Specify the socket where the memory for the device is going to be allocated + (by default, socket_id will be the socket where the core that is creating the PMD is running on). + +* max_nb_queue_pairs: Specify the maximum number of queue pairs in the device (8 by default). + +* max_nb_sessions: Specify the maximum number of sessions that can be created (2048 by default). + +Example: + +.. code-block:: console + + ./l2fwd-crypto -l 1 -n 4 --vdev="crypto_snow3g,socket_id=0,max_nb_sessions=128" \ + -- -p 1 --cdev SW --chain CIPHER_ONLY --cipher_algo "snow3g-uea2"