X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=doc%2Fguides%2Fcryptodevs%2Fccp.rst;h=034d20367e441299838bfaf0c94ee656ce82f523;hb=a1bed38381502f4522950a5b9b29f555f5c901cd;hp=1fcd46220847e6194e5bf7c9726df9efc3ed0b43;hpb=4433ced9aa4b800e36bbc2509d850f98c4e92346;p=dpdk.git diff --git a/doc/guides/cryptodevs/ccp.rst b/doc/guides/cryptodevs/ccp.rst index 1fcd462208..034d20367e 100644 --- a/doc/guides/cryptodevs/ccp.rst +++ b/doc/guides/cryptodevs/ccp.rst @@ -56,12 +56,16 @@ AEAD algorithms: Installation ------------ -To compile CCP PMD, it has to be enabled in the config/common_base file. +To compile ccp PMD, it has to be enabled in the config/common_base file and openssl +packages have to be installed in the build environment. + * ``CONFIG_RTE_LIBRTE_PMD_CCP=y`` -The CCP PMD also supports computing authentication over CPU with cipher offloaded -to CCP. To enable this feature, enable following in the configuration. -* ``CONFIG_RTE_LIBRTE_PMD_CCP_CPU_AUTH=y`` +For Ubuntu 16.04 LTS use below to install openssl in the build system: + +.. code-block:: console + + sudo apt-get install openssl This code was verified on Ubuntu 16.04. @@ -77,12 +81,31 @@ e.g. for the 0x1456 device:: echo "1022 1456" > /sys/bus/pci/drivers/igb_uio/new_id Another way to bind the CCP devices to DPDK UIO driver is by using the ``dpdk-devbind.py`` script. -The following command assumes ``BFD`` of ``0000:09:00.2``:: +The following command assumes ``BFD`` as ``0000:09:00.2``:: cd to the top-level DPDK directory ./usertools/dpdk-devbind.py -b igb_uio 0000:09:00.2 -To verify real traffic l2fwd-crypto example can be used with following command: +In order to enable the ccp crypto PMD, user must set CONFIG_RTE_LIBRTE_PMD_CCP=y in config/common_base. + +To use the PMD in an application, user must: + +* Call rte_vdev_init("crypto_ccp") within the application. + +* Use --vdev="crypto_ccp" in the EAL options, which will call rte_vdev_init() internally. + +The following parameters (all optional) can be provided in the previous two calls: + +* socket_id: Specify the socket where the memory for the device is going to be allocated. + (by default, socket_id will be the socket where the core that is creating the PMD is running on). + +* max_nb_queue_pairs: Specify the maximum number of queue pairs in the device. + +* max_nb_sessions: Specify the maximum number of sessions that can be created (2048 by default). + +* ccp_auth_opt: Specify authentication operations to perform on CPU using openssl APIs. + +To validate ccp pmd, l2fwd-crypto example can be used with following command: .. code-block:: console @@ -95,8 +118,23 @@ To verify real traffic l2fwd-crypto example can be used with following command: :11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11 :11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11 +The CCP PMD also supports computing authentication over CPU with cipher offloaded to CCP. +To enable this feature, pass an additional argument as ccp_auth_opt=1 to --vdev parameters as +following: + +.. code-block:: console + + sudo ./build/l2fwd-crypto -l 1 -n 4 --vdev "crypto_ccp,ccp_auth_opt=1" -- -p 0x1 + --chain CIPHER_HASH --cipher_op ENCRYPT --cipher_algo AES_CBC + --cipher_key 00:01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:0f + --iv 00:01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:ff + --auth_op GENERATE --auth_algo SHA1_HMAC + --auth_key 11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11 + :11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11 + :11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11 + Limitations ----------- -* Chained mbufs are not supported -* MD5_HMAC is supported only if ``CONFIG_RTE_LIBRTE_PMD_CCP_CPU_AUTH=y`` is enabled in configuration +* Chained mbufs are not supported. +* MD5_HMAC is supported only for CPU based authentication.