X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=lib%2Fcryptodev%2Frte_cryptodev.h;h=585cee272781aaeadd7dfc80d73652aa58415fa1;hb=77dd857d306f6b71eb93935ce1a01197156b5428;hp=bb01f0f195eb4fc619264f2a93f39c6bed918910;hpb=e74abd48433dc05e3d40cc922577d6c55b5b844c;p=dpdk.git diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h index bb01f0f195..585cee2727 100644 --- a/lib/cryptodev/rte_cryptodev.h +++ b/lib/cryptodev/rte_cryptodev.h @@ -20,9 +20,7 @@ extern "C" { #include "rte_kvargs.h" #include "rte_crypto.h" -#include "rte_dev.h" #include -#include #include #include "rte_cryptodev_trace_fp.h" @@ -102,6 +100,7 @@ struct rte_crypto_param_range { */ #define RTE_CRYPTO_CIPHER_DATA_UNIT_LEN_512_BYTES RTE_BIT32(0) #define RTE_CRYPTO_CIPHER_DATA_UNIT_LEN_4096_BYTES RTE_BIT32(1) +#define RTE_CRYPTO_CIPHER_DATA_UNIT_LEN_1_MEGABYTES RTE_BIT32(2) /** * Symmetric Crypto Capability @@ -169,7 +168,13 @@ struct rte_cryptodev_asymmetric_xform_capability { /**< Transform type: RSA/MODEXP/DH/DSA/MODINV */ uint32_t op_types; - /**< bitmask for supported rte_crypto_asym_op_type */ + /**< + * Bitmask for supported rte_crypto_asym_op_type or + * rte_crypto_asym_ke_type. Which enum is used is determined + * by the rte_crypto_asym_xform_type. For key exchange algorithms + * like Diffie-Hellman it is rte_crypto_asym_ke_type, for others + * it is rte_crypto_asym_op_type. + */ __extension__ union { @@ -479,6 +484,8 @@ rte_cryptodev_asym_get_xform_enum(enum rte_crypto_asym_xform_type *xform_enum, /**< Support operations on multiple data-units message */ #define RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY (1ULL << 26) /**< Support wrapped key in cipher xform */ +#define RTE_CRYPTODEV_FF_SECURITY_INNER_CSUM (1ULL << 27) +/**< Support inner checksum computation/verification */ /** * Get the name of a crypto device feature flag @@ -865,21 +872,10 @@ rte_cryptodev_callback_unregister(uint8_t dev_id, enum rte_cryptodev_event_type event, rte_cryptodev_cb_fn cb_fn, void *cb_arg); -typedef uint16_t (*dequeue_pkt_burst_t)(void *qp, - struct rte_crypto_op **ops, uint16_t nb_ops); -/**< Dequeue processed packets from queue pair of a device. */ - -typedef uint16_t (*enqueue_pkt_burst_t)(void *qp, - struct rte_crypto_op **ops, uint16_t nb_ops); -/**< Enqueue packets for processing on queue pair of a device. */ - - - - struct rte_cryptodev_callback; /** Structure to keep track of registered callbacks */ -TAILQ_HEAD(rte_cryptodev_cb_list, rte_cryptodev_callback); +RTE_TAILQ_HEAD(rte_cryptodev_cb_list, rte_cryptodev_callback); /** * Structure used to hold information about the callbacks to be called for a @@ -905,216 +901,9 @@ struct rte_cryptodev_cb_rcu { /**< RCU QSBR variable per queue pair */ }; -/** The data structure associated with each crypto device. */ -struct rte_cryptodev { - dequeue_pkt_burst_t dequeue_burst; - /**< Pointer to PMD receive function. */ - enqueue_pkt_burst_t enqueue_burst; - /**< Pointer to PMD transmit function. */ - - struct rte_cryptodev_data *data; - /**< Pointer to device data */ - struct rte_cryptodev_ops *dev_ops; - /**< Functions exported by PMD */ - uint64_t feature_flags; - /**< Feature flags exposes HW/SW features for the given device */ - struct rte_device *device; - /**< Backing device */ - - uint8_t driver_id; - /**< Crypto driver identifier*/ - - struct rte_cryptodev_cb_list link_intr_cbs; - /**< User application callback for interrupts if present */ - - void *security_ctx; - /**< Context for security ops */ - - __extension__ - uint8_t attached : 1; - /**< Flag indicating the device is attached */ - - struct rte_cryptodev_cb_rcu *enq_cbs; - /**< User application callback for pre enqueue processing */ - - struct rte_cryptodev_cb_rcu *deq_cbs; - /**< User application callback for post dequeue processing */ -} __rte_cache_aligned; - void * rte_cryptodev_get_sec_ctx(uint8_t dev_id); -/** - * - * The data part, with no function pointers, associated with each device. - * - * This structure is safe to place in shared memory to be common among - * different processes in a multi-process configuration. - */ -struct rte_cryptodev_data { - uint8_t dev_id; - /**< Device ID for this instance */ - uint8_t socket_id; - /**< Socket ID where memory is allocated */ - char name[RTE_CRYPTODEV_NAME_MAX_LEN]; - /**< Unique identifier name */ - - __extension__ - uint8_t dev_started : 1; - /**< Device state: STARTED(1)/STOPPED(0) */ - - struct rte_mempool *session_pool; - /**< Session memory pool */ - void **queue_pairs; - /**< Array of pointers to queue pairs. */ - uint16_t nb_queue_pairs; - /**< Number of device queue pairs. */ - - void *dev_private; - /**< PMD-specific private data */ -} __rte_cache_aligned; - -extern struct rte_cryptodev *rte_cryptodevs; -/** - * - * Dequeue a burst of processed crypto operations from a queue on the crypto - * device. The dequeued operation are stored in *rte_crypto_op* structures - * whose pointers are supplied in the *ops* array. - * - * The rte_cryptodev_dequeue_burst() function returns the number of ops - * actually dequeued, which is the number of *rte_crypto_op* data structures - * effectively supplied into the *ops* array. - * - * A return value equal to *nb_ops* indicates that the queue contained - * at least *nb_ops* operations, and this is likely to signify that other - * processed operations remain in the devices output queue. Applications - * implementing a "retrieve as many processed operations as possible" policy - * can check this specific case and keep invoking the - * rte_cryptodev_dequeue_burst() function until a value less than - * *nb_ops* is returned. - * - * The rte_cryptodev_dequeue_burst() function does not provide any error - * notification to avoid the corresponding overhead. - * - * @param dev_id The symmetric crypto device identifier - * @param qp_id The index of the queue pair from which to - * retrieve processed packets. The value must be - * in the range [0, nb_queue_pair - 1] previously - * supplied to rte_cryptodev_configure(). - * @param ops The address of an array of pointers to - * *rte_crypto_op* structures that must be - * large enough to store *nb_ops* pointers in it. - * @param nb_ops The maximum number of operations to dequeue. - * - * @return - * - The number of operations actually dequeued, which is the number - * of pointers to *rte_crypto_op* structures effectively supplied to the - * *ops* array. - */ -static inline uint16_t -rte_cryptodev_dequeue_burst(uint8_t dev_id, uint16_t qp_id, - struct rte_crypto_op **ops, uint16_t nb_ops) -{ - struct rte_cryptodev *dev = &rte_cryptodevs[dev_id]; - - rte_cryptodev_trace_dequeue_burst(dev_id, qp_id, (void **)ops, nb_ops); - nb_ops = (*dev->dequeue_burst) - (dev->data->queue_pairs[qp_id], ops, nb_ops); -#ifdef RTE_CRYPTO_CALLBACKS - if (unlikely(dev->deq_cbs != NULL)) { - struct rte_cryptodev_cb_rcu *list; - struct rte_cryptodev_cb *cb; - - /* __ATOMIC_RELEASE memory order was used when the - * call back was inserted into the list. - * Since there is a clear dependency between loading - * cb and cb->fn/cb->next, __ATOMIC_ACQUIRE memory order is - * not required. - */ - list = &dev->deq_cbs[qp_id]; - rte_rcu_qsbr_thread_online(list->qsbr, 0); - cb = __atomic_load_n(&list->next, __ATOMIC_RELAXED); - - while (cb != NULL) { - nb_ops = cb->fn(dev_id, qp_id, ops, nb_ops, - cb->arg); - cb = cb->next; - }; - - rte_rcu_qsbr_thread_offline(list->qsbr, 0); - } -#endif - return nb_ops; -} - -/** - * Enqueue a burst of operations for processing on a crypto device. - * - * The rte_cryptodev_enqueue_burst() function is invoked to place - * crypto operations on the queue *qp_id* of the device designated by - * its *dev_id*. - * - * The *nb_ops* parameter is the number of operations to process which are - * supplied in the *ops* array of *rte_crypto_op* structures. - * - * The rte_cryptodev_enqueue_burst() function returns the number of - * operations it actually enqueued for processing. A return value equal to - * *nb_ops* means that all packets have been enqueued. - * - * @param dev_id The identifier of the device. - * @param qp_id The index of the queue pair which packets are - * to be enqueued for processing. The value - * must be in the range [0, nb_queue_pairs - 1] - * previously supplied to - * *rte_cryptodev_configure*. - * @param ops The address of an array of *nb_ops* pointers - * to *rte_crypto_op* structures which contain - * the crypto operations to be processed. - * @param nb_ops The number of operations to process. - * - * @return - * The number of operations actually enqueued on the crypto device. The return - * value can be less than the value of the *nb_ops* parameter when the - * crypto devices queue is full or if invalid parameters are specified in - * a *rte_crypto_op*. - */ -static inline uint16_t -rte_cryptodev_enqueue_burst(uint8_t dev_id, uint16_t qp_id, - struct rte_crypto_op **ops, uint16_t nb_ops) -{ - struct rte_cryptodev *dev = &rte_cryptodevs[dev_id]; - -#ifdef RTE_CRYPTO_CALLBACKS - if (unlikely(dev->enq_cbs != NULL)) { - struct rte_cryptodev_cb_rcu *list; - struct rte_cryptodev_cb *cb; - - /* __ATOMIC_RELEASE memory order was used when the - * call back was inserted into the list. - * Since there is a clear dependency between loading - * cb and cb->fn/cb->next, __ATOMIC_ACQUIRE memory order is - * not required. - */ - list = &dev->enq_cbs[qp_id]; - rte_rcu_qsbr_thread_online(list->qsbr, 0); - cb = __atomic_load_n(&list->next, __ATOMIC_RELAXED); - - while (cb != NULL) { - nb_ops = cb->fn(dev_id, qp_id, ops, nb_ops, - cb->arg); - cb = cb->next; - }; - - rte_rcu_qsbr_thread_offline(list->qsbr, 0); - } -#endif - - rte_cryptodev_trace_enqueue_burst(dev_id, qp_id, (void **)ops, nb_ops); - return (*dev->enqueue_burst)( - dev->data->queue_pairs[qp_id], ops, nb_ops); -} - - /** Cryptodev symmetric crypto session * Each session is derived from a fixed xform chain. Therefore each session * has a fixed algo, key, op-type, digest_len etc. @@ -1133,12 +922,6 @@ struct rte_cryptodev_sym_session { /**< Driver specific session material, variable size */ }; -/** Cryptodev asymmetric crypto session */ -struct rte_cryptodev_asym_session { - __extension__ void *sess_private_data[0]; - /**< Private asymmetric session material */ -}; - /** * Create a symmetric session mempool. * @@ -1171,6 +954,31 @@ rte_cryptodev_sym_session_pool_create(const char *name, uint32_t nb_elts, uint32_t elt_size, uint32_t cache_size, uint16_t priv_size, int socket_id); +/** + * Create an asymmetric session mempool. + * + * @param name + * The unique mempool name. + * @param nb_elts + * The number of elements in the mempool. + * @param cache_size + * The number of per-lcore cache elements + * @param user_data_size + * The size of user data to be placed after session private data. + * @param socket_id + * The *socket_id* argument is the socket identifier in the case of + * NUMA. The value can be *SOCKET_ID_ANY* if there is no NUMA + * constraint for the reserved zone. + * + * @return + * - On success return mempool + * - On failure returns NULL + */ +__rte_experimental +struct rte_mempool * +rte_cryptodev_asym_session_pool_create(const char *name, uint32_t nb_elts, + uint32_t cache_size, uint16_t user_data_size, int socket_id); + /** * Create symmetric crypto session header (generic with no private data) * @@ -1184,17 +992,27 @@ struct rte_cryptodev_sym_session * rte_cryptodev_sym_session_create(struct rte_mempool *mempool); /** - * Create asymmetric crypto session header (generic with no private data) + * Create and initialise an asymmetric crypto session structure. + * Calls the PMD to configure the private session data. + * + * @param dev_id ID of device that we want the session to be used on + * @param xforms Asymmetric crypto transform operations to apply on flow + * processed with this session + * @param mp mempool to allocate asymmetric session + * objects from + * @param session void ** for session to be used * - * @param mempool mempool to allocate asymmetric session - * objects from * @return - * - On success return pointer to asym-session - * - On failure returns NULL + * - 0 on success. + * - -EINVAL on invalid arguments. + * - -ENOMEM on memory error for session allocation. + * - -ENOTSUP if device doesn't support session configuration. */ __rte_experimental -struct rte_cryptodev_asym_session * -rte_cryptodev_asym_session_create(struct rte_mempool *mempool); +int +rte_cryptodev_asym_session_create(uint8_t dev_id, + struct rte_crypto_asym_xform *xforms, struct rte_mempool *mp, + void **session); /** * Frees symmetric crypto session header, after checking that all @@ -1212,20 +1030,19 @@ int rte_cryptodev_sym_session_free(struct rte_cryptodev_sym_session *sess); /** - * Frees asymmetric crypto session header, after checking that all - * the device private data has been freed, returning it - * to its original mempool. + * Clears and frees asymmetric crypto session header and private data, + * returning it to its original mempool. * + * @param dev_id ID of device that uses the asymmetric session. * @param sess Session header to be freed. * * @return * - 0 if successful. - * - -EINVAL if session is NULL. - * - -EBUSY if not all device private data has been freed. + * - -EINVAL if device is invalid or session is NULL. */ __rte_experimental int -rte_cryptodev_asym_session_free(struct rte_cryptodev_asym_session *sess); +rte_cryptodev_asym_session_free(uint8_t dev_id, void *sess); /** * Fill out private data for the device id, based on its device type. @@ -1249,28 +1066,6 @@ rte_cryptodev_sym_session_init(uint8_t dev_id, struct rte_crypto_sym_xform *xforms, struct rte_mempool *mempool); -/** - * Initialize asymmetric session on a device with specific asymmetric xform - * - * @param dev_id ID of device that we want the session to be used on - * @param sess Session to be set up on a device - * @param xforms Asymmetric crypto transform operations to apply on flow - * processed with this session - * @param mempool Mempool to be used for internal allocation. - * - * @return - * - On success, zero. - * - -EINVAL if input parameters are invalid. - * - -ENOTSUP if crypto device does not support the crypto transform. - * - -ENOMEM if the private session could not be allocated. - */ -__rte_experimental -int -rte_cryptodev_asym_session_init(uint8_t dev_id, - struct rte_cryptodev_asym_session *sess, - struct rte_crypto_asym_xform *xforms, - struct rte_mempool *mempool); - /** * Frees private data for the device id, based on its device type, * returning it to its mempool. It is the application's responsibility @@ -1289,21 +1084,6 @@ int rte_cryptodev_sym_session_clear(uint8_t dev_id, struct rte_cryptodev_sym_session *sess); -/** - * Frees resources held by asymmetric session during rte_cryptodev_session_init - * - * @param dev_id ID of device that uses the asymmetric session. - * @param sess Asymmetric session setup on device using - * rte_cryptodev_session_init - * @return - * - 0 if successful. - * - -EINVAL if device is invalid or session is NULL. - */ -__rte_experimental -int -rte_cryptodev_asym_session_clear(uint8_t dev_id, - struct rte_cryptodev_asym_session *sess); - /** * Get the size of the header session, for all registered drivers excluding * the user data size. @@ -1331,7 +1111,7 @@ rte_cryptodev_sym_get_existing_header_session_size( struct rte_cryptodev_sym_session *sess); /** - * Get the size of the asymmetric session header, for all registered drivers. + * Get the size of the asymmetric session header. * * @return * Size of the asymmetric header session. @@ -1433,6 +1213,37 @@ void * rte_cryptodev_sym_session_get_user_data( struct rte_cryptodev_sym_session *sess); +/** + * Store user data in an asymmetric session. + * + * @param sess Session pointer allocated by + * *rte_cryptodev_asym_session_create*. + * @param data Pointer to the user data. + * @param size Size of the user data. + * + * @return + * - On success, zero. + * - -EINVAL if the session pointer is invalid. + * - -ENOMEM if the available user data size is smaller than the size parameter. + */ +__rte_experimental +int +rte_cryptodev_asym_session_set_user_data(void *sess, void *data, uint16_t size); + +/** + * Get user data stored in an asymmetric session. + * + * @param sess Session pointer allocated by + * *rte_cryptodev_asym_session_create*. + * + * @return + * - On success return pointer to user data. + * - On failure returns NULL. + */ +__rte_experimental +void * +rte_cryptodev_asym_session_get_user_data(void *sess); + /** * Perform actual crypto processing (encrypt/digest or auth/decrypt) * on user provided data. @@ -1464,6 +1275,28 @@ __rte_experimental int rte_cryptodev_get_raw_dp_ctx_size(uint8_t dev_id); +/** + * Set session event meta data + * + * @param dev_id The device identifier. + * @param sess Crypto or security session. + * @param op_type Operation type. + * @param sess_type Session type. + * @param ev_mdata Pointer to the event crypto meta data + * (aka *union rte_event_crypto_metadata*) + * @param size Size of ev_mdata. + * + * @return + * - On success, zero. + * - On failure, a negative value. + */ +__rte_experimental +int +rte_cryptodev_session_event_mdata_set(uint8_t dev_id, void *sess, + enum rte_crypto_op_type op_type, + enum rte_crypto_op_sess_type sess_type, + void *ev_mdata, uint16_t size); + /** * Union of different crypto session types, including session-less xform * pointer. @@ -2007,6 +1840,155 @@ int rte_cryptodev_remove_deq_callback(uint8_t dev_id, uint16_t qp_id, struct rte_cryptodev_cb *cb); +#include +/** + * + * Dequeue a burst of processed crypto operations from a queue on the crypto + * device. The dequeued operation are stored in *rte_crypto_op* structures + * whose pointers are supplied in the *ops* array. + * + * The rte_cryptodev_dequeue_burst() function returns the number of ops + * actually dequeued, which is the number of *rte_crypto_op* data structures + * effectively supplied into the *ops* array. + * + * A return value equal to *nb_ops* indicates that the queue contained + * at least *nb_ops* operations, and this is likely to signify that other + * processed operations remain in the devices output queue. Applications + * implementing a "retrieve as many processed operations as possible" policy + * can check this specific case and keep invoking the + * rte_cryptodev_dequeue_burst() function until a value less than + * *nb_ops* is returned. + * + * The rte_cryptodev_dequeue_burst() function does not provide any error + * notification to avoid the corresponding overhead. + * + * @param dev_id The symmetric crypto device identifier + * @param qp_id The index of the queue pair from which to + * retrieve processed packets. The value must be + * in the range [0, nb_queue_pair - 1] previously + * supplied to rte_cryptodev_configure(). + * @param ops The address of an array of pointers to + * *rte_crypto_op* structures that must be + * large enough to store *nb_ops* pointers in it. + * @param nb_ops The maximum number of operations to dequeue. + * + * @return + * - The number of operations actually dequeued, which is the number + * of pointers to *rte_crypto_op* structures effectively supplied to the + * *ops* array. + */ +static inline uint16_t +rte_cryptodev_dequeue_burst(uint8_t dev_id, uint16_t qp_id, + struct rte_crypto_op **ops, uint16_t nb_ops) +{ + const struct rte_crypto_fp_ops *fp_ops; + void *qp; + + rte_cryptodev_trace_dequeue_burst(dev_id, qp_id, (void **)ops, nb_ops); + + fp_ops = &rte_crypto_fp_ops[dev_id]; + qp = fp_ops->qp.data[qp_id]; + + nb_ops = fp_ops->dequeue_burst(qp, ops, nb_ops); + +#ifdef RTE_CRYPTO_CALLBACKS + if (unlikely(fp_ops->qp.deq_cb != NULL)) { + struct rte_cryptodev_cb_rcu *list; + struct rte_cryptodev_cb *cb; + + /* __ATOMIC_RELEASE memory order was used when the + * call back was inserted into the list. + * Since there is a clear dependency between loading + * cb and cb->fn/cb->next, __ATOMIC_ACQUIRE memory order is + * not required. + */ + list = &fp_ops->qp.deq_cb[qp_id]; + rte_rcu_qsbr_thread_online(list->qsbr, 0); + cb = __atomic_load_n(&list->next, __ATOMIC_RELAXED); + + while (cb != NULL) { + nb_ops = cb->fn(dev_id, qp_id, ops, nb_ops, + cb->arg); + cb = cb->next; + }; + + rte_rcu_qsbr_thread_offline(list->qsbr, 0); + } +#endif + return nb_ops; +} + +/** + * Enqueue a burst of operations for processing on a crypto device. + * + * The rte_cryptodev_enqueue_burst() function is invoked to place + * crypto operations on the queue *qp_id* of the device designated by + * its *dev_id*. + * + * The *nb_ops* parameter is the number of operations to process which are + * supplied in the *ops* array of *rte_crypto_op* structures. + * + * The rte_cryptodev_enqueue_burst() function returns the number of + * operations it actually enqueued for processing. A return value equal to + * *nb_ops* means that all packets have been enqueued. + * + * @param dev_id The identifier of the device. + * @param qp_id The index of the queue pair which packets are + * to be enqueued for processing. The value + * must be in the range [0, nb_queue_pairs - 1] + * previously supplied to + * *rte_cryptodev_configure*. + * @param ops The address of an array of *nb_ops* pointers + * to *rte_crypto_op* structures which contain + * the crypto operations to be processed. + * @param nb_ops The number of operations to process. + * + * @return + * The number of operations actually enqueued on the crypto device. The return + * value can be less than the value of the *nb_ops* parameter when the + * crypto devices queue is full or if invalid parameters are specified in + * a *rte_crypto_op*. + */ +static inline uint16_t +rte_cryptodev_enqueue_burst(uint8_t dev_id, uint16_t qp_id, + struct rte_crypto_op **ops, uint16_t nb_ops) +{ + const struct rte_crypto_fp_ops *fp_ops; + void *qp; + + fp_ops = &rte_crypto_fp_ops[dev_id]; + qp = fp_ops->qp.data[qp_id]; +#ifdef RTE_CRYPTO_CALLBACKS + if (unlikely(fp_ops->qp.enq_cb != NULL)) { + struct rte_cryptodev_cb_rcu *list; + struct rte_cryptodev_cb *cb; + + /* __ATOMIC_RELEASE memory order was used when the + * call back was inserted into the list. + * Since there is a clear dependency between loading + * cb and cb->fn/cb->next, __ATOMIC_ACQUIRE memory order is + * not required. + */ + list = &fp_ops->qp.enq_cb[qp_id]; + rte_rcu_qsbr_thread_online(list->qsbr, 0); + cb = __atomic_load_n(&list->next, __ATOMIC_RELAXED); + + while (cb != NULL) { + nb_ops = cb->fn(dev_id, qp_id, ops, nb_ops, + cb->arg); + cb = cb->next; + }; + + rte_rcu_qsbr_thread_offline(list->qsbr, 0); + } +#endif + + rte_cryptodev_trace_enqueue_burst(dev_id, qp_id, (void **)ops, nb_ops); + return fp_ops->enqueue_burst(qp, ops, nb_ops); +} + + + #ifdef __cplusplus } #endif