X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=drivers%2Fcrypto%2Faesni_mb%2Frte_aesni_mb_pmd.c;h=49242fc5575d770490112146eb5f5a516c1cbfe3;hb=ade02f0f3e7fbb5acd98b2fdf5fce0945ad9554a;hp=16e145126f02ed5b7aca6a4ea577e0bf3387ad05;hpb=27391b53b3fceb84e21173fa663650c3912dffca;p=dpdk.git diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c index 16e145126f..49242fc557 100644 --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c @@ -30,6 +30,8 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#include + #include #include #include @@ -188,6 +190,7 @@ aesni_mb_set_session_cipher_parameters(const struct aesni_mb_op_fns *mb_ops, struct aesni_mb_session *sess, const struct rte_crypto_sym_xform *xform) { + uint8_t is_aes = 0; aes_keyexp_t aes_keyexp_fn; if (xform == NULL) { @@ -217,45 +220,68 @@ aesni_mb_set_session_cipher_parameters(const struct aesni_mb_op_fns *mb_ops, switch (xform->cipher.algo) { case RTE_CRYPTO_CIPHER_AES_CBC: sess->cipher.mode = CBC; + is_aes = 1; break; case RTE_CRYPTO_CIPHER_AES_CTR: sess->cipher.mode = CNTR; + is_aes = 1; break; case RTE_CRYPTO_CIPHER_AES_DOCSISBPI: sess->cipher.mode = DOCSIS_SEC_BPI; + is_aes = 1; break; - default: - MB_LOG_ERR("Unsupported cipher mode parameter"); - return -ENOTSUP; - } - - /* Check key length and choose key expansion function */ - switch (xform->cipher.key.length) { - case AES_128_BYTES: - sess->cipher.key_length_in_bytes = AES_128_BYTES; - aes_keyexp_fn = mb_ops->aux.keyexp.aes128; - break; - case AES_192_BYTES: - sess->cipher.key_length_in_bytes = AES_192_BYTES; - aes_keyexp_fn = mb_ops->aux.keyexp.aes192; + case RTE_CRYPTO_CIPHER_DES_CBC: + sess->cipher.mode = DES; break; - case AES_256_BYTES: - sess->cipher.key_length_in_bytes = AES_256_BYTES; - aes_keyexp_fn = mb_ops->aux.keyexp.aes256; + case RTE_CRYPTO_CIPHER_DES_DOCSISBPI: + sess->cipher.mode = DOCSIS_DES; break; default: - MB_LOG_ERR("Invalid cipher key length"); - return -EINVAL; + MB_LOG_ERR("Unsupported cipher mode parameter"); + return -ENOTSUP; } /* Set IV parameters */ sess->iv.offset = xform->cipher.iv.offset; sess->iv.length = xform->cipher.iv.length; - /* Expanded cipher keys */ - (*aes_keyexp_fn)(xform->cipher.key.data, - sess->cipher.expanded_aes_keys.encode, - sess->cipher.expanded_aes_keys.decode); + /* Check key length and choose key expansion function for AES */ + if (is_aes) { + switch (xform->cipher.key.length) { + case AES_128_BYTES: + sess->cipher.key_length_in_bytes = AES_128_BYTES; + aes_keyexp_fn = mb_ops->aux.keyexp.aes128; + break; + case AES_192_BYTES: + sess->cipher.key_length_in_bytes = AES_192_BYTES; + aes_keyexp_fn = mb_ops->aux.keyexp.aes192; + break; + case AES_256_BYTES: + sess->cipher.key_length_in_bytes = AES_256_BYTES; + aes_keyexp_fn = mb_ops->aux.keyexp.aes256; + break; + default: + MB_LOG_ERR("Invalid cipher key length"); + return -EINVAL; + } + + /* Expanded cipher keys */ + (*aes_keyexp_fn)(xform->cipher.key.data, + sess->cipher.expanded_aes_keys.encode, + sess->cipher.expanded_aes_keys.decode); + + } else { + if (xform->cipher.key.length != 8) { + MB_LOG_ERR("Invalid cipher key length"); + return -EINVAL; + } + sess->cipher.key_length_in_bytes = 8; + + des_key_schedule((uint64_t *)sess->cipher.expanded_aes_keys.encode, + xform->cipher.key.data); + des_key_schedule((uint64_t *)sess->cipher.expanded_aes_keys.decode, + xform->cipher.key.data); + } return 0; } @@ -407,7 +433,7 @@ get_session(struct aesni_mb_qp *qp, struct rte_crypto_op *op) */ static inline int set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp, - struct rte_crypto_op *op) + struct rte_crypto_op *op, uint8_t *digest_idx) { struct rte_mbuf *m_src = op->sym->m_src, *m_dst; struct aesni_mb_session *session; @@ -466,19 +492,8 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp, /* Set digest output location */ if (job->hash_alg != NULL_HASH && session->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) { - job->auth_tag_output = (uint8_t *)rte_pktmbuf_append(m_dst, - get_digest_byte_length(job->hash_alg)); - - if (job->auth_tag_output == NULL) { - MB_LOG_ERR("failed to allocate space in output mbuf " - "for temp digest"); - op->status = RTE_CRYPTO_OP_STATUS_ERROR; - return -1; - } - - memset(job->auth_tag_output, 0, - sizeof(get_digest_byte_length(job->hash_alg))); - + job->auth_tag_output = qp->temp_digests[*digest_idx]; + *digest_idx = (*digest_idx + 1) % MAX_JOBS; } else { job->auth_tag_output = op->sym->auth.digest.data; } @@ -507,22 +522,17 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp, /* Set user data to be crypto operation data struct */ job->user_data = op; - job->user_data2 = m_dst; return 0; } static inline void -verify_digest(JOB_AES_HMAC *job, struct rte_crypto_op *op) { - struct rte_mbuf *m_dst = (struct rte_mbuf *)job->user_data2; - +verify_digest(struct aesni_mb_qp *qp __rte_unused, JOB_AES_HMAC *job, + struct rte_crypto_op *op) { /* Verify digest if required */ if (memcmp(job->auth_tag_output, op->sym->auth.digest.data, job->auth_tag_output_len_in_bytes) != 0) op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED; - - /* trim area used for digest from mbuf */ - rte_pktmbuf_trim(m_dst, get_digest_byte_length(job->hash_alg)); } /** @@ -532,8 +542,7 @@ verify_digest(JOB_AES_HMAC *job, struct rte_crypto_op *op) { * @param job JOB_AES_HMAC job to process * * @return - * - Returns processed crypto operation which mbuf is trimmed of output digest - * used in verification of supplied digest. + * - Returns processed crypto operation. * - Returns NULL on invalid job */ static inline struct rte_crypto_op * @@ -552,7 +561,7 @@ post_process_mb_job(struct aesni_mb_qp *qp, JOB_AES_HMAC *job) if (job->hash_alg != NULL_HASH) { if (sess->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) - verify_digest(job, op); + verify_digest(qp, job, op); } break; default: @@ -626,13 +635,16 @@ flush_mb_mgr(struct aesni_mb_qp *qp, struct rte_crypto_op **ops, } static inline JOB_AES_HMAC * -set_job_null_op(JOB_AES_HMAC *job) +set_job_null_op(JOB_AES_HMAC *job, struct rte_crypto_op *op) { job->chain_order = HASH_CIPHER; job->cipher_mode = NULL_CIPHER; job->hash_alg = NULL_HASH; job->cipher_direction = DECRYPT; + /* Set user data to be crypto operation data struct */ + job->user_data = op; + return job; } @@ -650,6 +662,7 @@ aesni_mb_pmd_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops, if (unlikely(nb_ops == 0)) return 0; + uint8_t digest_idx = qp->digest_idx; do { /* Get next operation to process from ingress queue */ retval = rte_ring_dequeue(qp->ingress_queue, (void **)&op); @@ -667,10 +680,10 @@ aesni_mb_pmd_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops, job = (*qp->op_fns->job.get_next)(&qp->mb_mgr); } - retval = set_mb_job_params(job, qp, op); + retval = set_mb_job_params(job, qp, op, &digest_idx); if (unlikely(retval != 0)) { qp->stats.dequeue_err_count++; - set_job_null_op(job); + set_job_null_op(job, op); } /* Submit job to multi-buffer for processing */ @@ -687,6 +700,8 @@ aesni_mb_pmd_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops, } while (processed_jobs < nb_ops); + qp->digest_idx = digest_idx; + if (processed_jobs < 1) processed_jobs += flush_mb_mgr(qp, &ops[processed_jobs], @@ -823,10 +838,14 @@ static struct rte_vdev_driver cryptodev_aesni_mb_pmd_drv = { .remove = cryptodev_aesni_mb_remove }; +static struct cryptodev_driver aesni_mb_crypto_drv; + RTE_PMD_REGISTER_VDEV(CRYPTODEV_NAME_AESNI_MB_PMD, cryptodev_aesni_mb_pmd_drv); RTE_PMD_REGISTER_ALIAS(CRYPTODEV_NAME_AESNI_MB_PMD, cryptodev_aesni_mb_pmd); RTE_PMD_REGISTER_PARAM_STRING(CRYPTODEV_NAME_AESNI_MB_PMD, "max_nb_queue_pairs= " "max_nb_sessions= " "socket_id="); -RTE_PMD_REGISTER_CRYPTO_DRIVER(cryptodev_aesni_mb_pmd_drv, cryptodev_driver_id); +RTE_PMD_REGISTER_CRYPTO_DRIVER(aesni_mb_crypto_drv, + cryptodev_aesni_mb_pmd_drv, + cryptodev_driver_id);