From: David Coyle Date: Fri, 3 Jul 2020 12:39:33 +0000 (+0100) Subject: test/crypto-perf: support DOCSIS protocol X-Git-Url: http://git.droids-corp.org/?a=commitdiff_plain;h=d4a131a9498d;p=dpdk.git test/crypto-perf: support DOCSIS protocol Update test-crypto-perf app to calculate DOCSIS throughput numbers. 1 new parameter is added for DOCSIS: --docsis-hdr-sz ./dpdk-test-crypto-perf -l 3,4 --socket-mem 2048,0 --vdev crypto_aesni_mb_pmd_1 -n 1 -- --devtype crypto_aesni_mb --optype docsis --cipher-algo aes-docsisbpi --cipher-op encrypt --cipher-key-sz 16 --cipher-iv-sz 16 --burst-sz 32 --total-ops 20000000 --buffer-sz 1024 --silent --docsis-hdr-sz 17 Signed-off-by: David Coyle Signed-off-by: Mairtin o Loingsigh Acked-by: Akhil Goyal Acked-by: Pablo de Lara --- diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c index 97584ceedb..e06b59f555 100644 --- a/app/test-crypto-perf/cperf_ops.c +++ b/app/test-crypto-perf/cperf_ops.c @@ -3,6 +3,7 @@ */ #include +#include #include "cperf_ops.h" #include "cperf_test_vectors.h" @@ -15,8 +16,7 @@ cperf_set_ops_security(struct rte_crypto_op **ops, uint16_t nb_ops, struct rte_cryptodev_sym_session *sess, const struct cperf_options *options __rte_unused, const struct cperf_test_vector *test_vector __rte_unused, - uint16_t iv_offset __rte_unused, - uint32_t *imix_idx __rte_unused) + uint16_t iv_offset __rte_unused, uint32_t *imix_idx) { uint16_t i; @@ -24,14 +24,39 @@ cperf_set_ops_security(struct rte_crypto_op **ops, struct rte_crypto_sym_op *sym_op = ops[i]->sym; struct rte_security_session *sec_sess = (struct rte_security_session *)sess; + uint32_t buf_sz; ops[i]->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; rte_security_attach_session(ops[i], sec_sess); sym_op->m_src = (struct rte_mbuf *)((uint8_t *)ops[i] + src_buf_offset); - sym_op->m_src->buf_len = options->segment_sz; - sym_op->m_src->data_len = options->test_buffer_size; - sym_op->m_src->pkt_len = sym_op->m_src->data_len; + + if (options->op_type == CPERF_PDCP) { + sym_op->m_src->buf_len = options->segment_sz; + sym_op->m_src->data_len = options->test_buffer_size; + sym_op->m_src->pkt_len = sym_op->m_src->data_len; + } + + if (options->op_type == CPERF_DOCSIS) { + if (options->imix_distribution_count) { + buf_sz = options->imix_buffer_sizes[*imix_idx]; + *imix_idx = (*imix_idx + 1) % options->pool_sz; + } else + buf_sz = options->test_buffer_size; + + /* DOCSIS header is not CRC'ed */ + sym_op->auth.data.offset = options->docsis_hdr_sz; + sym_op->auth.data.length = buf_sz - + sym_op->auth.data.offset - RTE_ETHER_CRC_LEN; + /* + * DOCSIS header and SRC and DST MAC addresses are not + * ciphered + */ + sym_op->cipher.data.offset = sym_op->auth.data.offset + + RTE_ETHER_HDR_LEN - RTE_ETHER_TYPE_LEN; + sym_op->cipher.data.length = buf_sz - + sym_op->cipher.data.offset; + } /* Set dest mbuf to NULL if out-of-place (dst_buf_offset = 0) */ if (dst_buf_offset == 0) @@ -589,6 +614,49 @@ cperf_create_session(struct rte_mempool *sess_mp, return (void *)rte_security_session_create(ctx, &sess_conf, sess_mp); } + if (options->op_type == CPERF_DOCSIS) { + enum rte_security_docsis_direction direction; + + cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + cipher_xform.next = NULL; + cipher_xform.cipher.algo = options->cipher_algo; + cipher_xform.cipher.op = options->cipher_op; + cipher_xform.cipher.iv.offset = iv_offset; + if (options->cipher_algo != RTE_CRYPTO_CIPHER_NULL) { + cipher_xform.cipher.key.data = + test_vector->cipher_key.data; + cipher_xform.cipher.key.length = + test_vector->cipher_key.length; + cipher_xform.cipher.iv.length = + test_vector->cipher_iv.length; + } else { + cipher_xform.cipher.key.data = NULL; + cipher_xform.cipher.key.length = 0; + cipher_xform.cipher.iv.length = 0; + } + cipher_xform.next = NULL; + + if (options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) + direction = RTE_SECURITY_DOCSIS_DOWNLINK; + else + direction = RTE_SECURITY_DOCSIS_UPLINK; + + struct rte_security_session_conf sess_conf = { + .action_type = + RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL, + .protocol = RTE_SECURITY_PROTOCOL_DOCSIS, + {.docsis = { + .direction = direction, + } }, + .crypto_xform = &cipher_xform + }; + struct rte_security_ctx *ctx = (struct rte_security_ctx *) + rte_cryptodev_get_sec_ctx(dev_id); + + /* Create security session */ + return (void *)rte_security_session_create(ctx, + &sess_conf, priv_mp); + } #endif sess = rte_cryptodev_sym_session_create(sess_mp); /* @@ -772,6 +840,10 @@ cperf_get_op_functions(const struct cperf_options *options, op_fns->populate_ops = cperf_set_ops_security; return 0; } + if (options->op_type == CPERF_DOCSIS) { + op_fns->populate_ops = cperf_set_ops_security; + return 0; + } #endif return -1; } diff --git a/app/test-crypto-perf/cperf_options.h b/app/test-crypto-perf/cperf_options.h index 1ed0a77e54..e5f1edffcc 100644 --- a/app/test-crypto-perf/cperf_options.h +++ b/app/test-crypto-perf/cperf_options.h @@ -50,6 +50,7 @@ #ifdef RTE_LIBRTE_SECURITY #define CPERF_PDCP_SN_SZ ("pdcp-sn-sz") #define CPERF_PDCP_DOMAIN ("pdcp-domain") +#define CPERF_DOCSIS_HDR_SZ ("docsis-hdr-sz") #endif #define CPERF_CSV ("csv-friendly") @@ -75,7 +76,8 @@ enum cperf_op_type { CPERF_CIPHER_THEN_AUTH, CPERF_AUTH_THEN_CIPHER, CPERF_AEAD, - CPERF_PDCP + CPERF_PDCP, + CPERF_DOCSIS }; extern const char *cperf_op_type_strs[]; @@ -122,6 +124,7 @@ struct cperf_options { #ifdef RTE_LIBRTE_SECURITY uint16_t pdcp_sn_sz; enum rte_security_pdcp_domain pdcp_domain; + uint16_t docsis_hdr_sz; #endif char device_type[RTE_CRYPTODEV_NAME_MAX_LEN]; enum cperf_op_type op_type; diff --git a/app/test-crypto-perf/cperf_options_parsing.c b/app/test-crypto-perf/cperf_options_parsing.c index f43c5bede7..20577a1447 100644 --- a/app/test-crypto-perf/cperf_options_parsing.c +++ b/app/test-crypto-perf/cperf_options_parsing.c @@ -7,6 +7,7 @@ #include #include +#include #include "cperf_options.h" @@ -56,6 +57,9 @@ usage(char *progname) " --pmd-cyclecount-delay-ms N: set delay between enqueue\n" " and dequeue in pmd-cyclecount benchmarking mode\n" " --csv-friendly: enable test result output CSV friendly\n" +#ifdef RTE_LIBRTE_SECURITY + " --docsis-hdr-sz: set DOCSIS header size\n" +#endif " -h: prints this help\n", progname); } @@ -446,6 +450,10 @@ parse_op_type(struct cperf_options *opts, const char *arg) { cperf_op_type_strs[CPERF_PDCP], CPERF_PDCP + }, + { + cperf_op_type_strs[CPERF_DOCSIS], + CPERF_DOCSIS } }; @@ -675,6 +683,12 @@ parse_pdcp_domain(struct cperf_options *opts, const char *arg) return 0; } + +static int +parse_docsis_hdr_sz(struct cperf_options *opts, const char *arg) +{ + return parse_uint16_t(&opts->docsis_hdr_sz, arg); +} #endif static int @@ -820,6 +834,7 @@ static struct option lgopts[] = { #ifdef RTE_LIBRTE_SECURITY { CPERF_PDCP_SN_SZ, required_argument, 0, 0 }, { CPERF_PDCP_DOMAIN, required_argument, 0, 0 }, + { CPERF_DOCSIS_HDR_SZ, required_argument, 0, 0 }, #endif { CPERF_CSV, no_argument, 0, 0}, @@ -890,6 +905,7 @@ cperf_options_default(struct cperf_options *opts) #ifdef RTE_LIBRTE_SECURITY opts->pdcp_sn_sz = 12; opts->pdcp_domain = RTE_SECURITY_PDCP_MODE_CONTROL; + opts->docsis_hdr_sz = 17; #endif } @@ -929,6 +945,7 @@ cperf_opts_parse_long(int opt_idx, struct cperf_options *opts) #ifdef RTE_LIBRTE_SECURITY { CPERF_PDCP_SN_SZ, parse_pdcp_sn_sz }, { CPERF_PDCP_DOMAIN, parse_pdcp_domain }, + { CPERF_DOCSIS_HDR_SZ, parse_docsis_hdr_sz }, #endif { CPERF_CSV, parse_csv_friendly}, { CPERF_PMDCC_DELAY_MS, parse_pmd_cyclecount_delay_ms}, @@ -1031,10 +1048,44 @@ check_cipher_buffer_length(struct cperf_options *options) return 0; } +#ifdef RTE_LIBRTE_SECURITY +static int +check_docsis_buffer_length(struct cperf_options *options) +{ + uint32_t buffer_size, buffer_size_idx = 0; + + if (options->inc_buffer_size != 0) + buffer_size = options->min_buffer_size; + else + buffer_size = options->buffer_size_list[0]; + + while (buffer_size <= options->max_buffer_size) { + if (buffer_size < (uint32_t)(options->docsis_hdr_sz + + RTE_ETHER_HDR_LEN + RTE_ETHER_CRC_LEN)) { + RTE_LOG(ERR, USER1, "Some of the buffer sizes are not " + "valid for DOCSIS\n"); + return -EINVAL; + } + + if (options->inc_buffer_size != 0) + buffer_size += options->inc_buffer_size; + else { + if (++buffer_size_idx == options->buffer_size_count) + break; + buffer_size = + options->buffer_size_list[buffer_size_idx]; + } + } + + return 0; +} +#endif + int cperf_options_check(struct cperf_options *options) { - if (options->op_type == CPERF_CIPHER_ONLY) + if (options->op_type == CPERF_CIPHER_ONLY || + options->op_type == CPERF_DOCSIS) options->digest_sz = 0; if (options->out_of_place && @@ -1151,6 +1202,13 @@ cperf_options_check(struct cperf_options *options) return -EINVAL; } +#ifdef RTE_LIBRTE_SECURITY + if (options->op_type == CPERF_DOCSIS) { + if (check_docsis_buffer_length(options) < 0) + return -EINVAL; + } +#endif + return 0; } @@ -1236,4 +1294,11 @@ cperf_options_dump(struct cperf_options *opts) printf("# aead aad size: %u\n", opts->aead_aad_sz); printf("#\n"); } + +#ifdef RTE_LIBRTE_SECURITY + if (opts->op_type == CPERF_DOCSIS) { + printf("# docsis header size: %u\n", opts->docsis_hdr_sz); + printf("#\n"); + } +#endif } diff --git a/app/test-crypto-perf/cperf_test_throughput.c b/app/test-crypto-perf/cperf_test_throughput.c index 35c51026fe..12d9ea4f9f 100644 --- a/app/test-crypto-perf/cperf_test_throughput.c +++ b/app/test-crypto-perf/cperf_test_throughput.c @@ -36,7 +36,8 @@ cperf_throughput_test_free(struct cperf_throughput_ctx *ctx) return; if (ctx->sess) { #ifdef RTE_LIBRTE_SECURITY - if (ctx->options->op_type == CPERF_PDCP) { + if (ctx->options->op_type == CPERF_PDCP || + ctx->options->op_type == CPERF_DOCSIS) { struct rte_security_ctx *sec_ctx = (struct rte_security_ctx *) rte_cryptodev_get_sec_ctx(ctx->dev_id); diff --git a/app/test-crypto-perf/cperf_test_vectors.c b/app/test-crypto-perf/cperf_test_vectors.c index 41641650c8..0af01ff911 100644 --- a/app/test-crypto-perf/cperf_test_vectors.c +++ b/app/test-crypto-perf/cperf_test_vectors.c @@ -469,7 +469,8 @@ cperf_test_vector_get_dummy(struct cperf_options *options) if (options->op_type == CPERF_CIPHER_ONLY || options->op_type == CPERF_CIPHER_THEN_AUTH || - options->op_type == CPERF_AUTH_THEN_CIPHER) { + options->op_type == CPERF_AUTH_THEN_CIPHER || + options->op_type == CPERF_DOCSIS) { if (options->cipher_algo == RTE_CRYPTO_CIPHER_NULL) { t_vec->cipher_key.length = 0; t_vec->ciphertext.data = plaintext; diff --git a/app/test-crypto-perf/main.c b/app/test-crypto-perf/main.c index 7bb286ccbe..edeea9c1be 100644 --- a/app/test-crypto-perf/main.c +++ b/app/test-crypto-perf/main.c @@ -39,7 +39,8 @@ const char *cperf_op_type_strs[] = { [CPERF_CIPHER_THEN_AUTH] = "cipher-then-auth", [CPERF_AUTH_THEN_CIPHER] = "auth-then-cipher", [CPERF_AEAD] = "aead", - [CPERF_PDCP] = "pdcp" + [CPERF_PDCP] = "pdcp", + [CPERF_DOCSIS] = "docsis" }; const struct cperf_test cperf_testmap[] = { @@ -244,7 +245,7 @@ cperf_initialize_cryptodev(struct cperf_options *opts, uint8_t *enabled_cdevs) #endif } else sessions_needed = enabled_cdev_count * - opts->nb_qps; + opts->nb_qps * 2; /* * A single session is required per queue pair diff --git a/app/test-crypto-perf/meson.build b/app/test-crypto-perf/meson.build index ef28cb5a03..f394b75ba5 100644 --- a/app/test-crypto-perf/meson.build +++ b/app/test-crypto-perf/meson.build @@ -11,4 +11,4 @@ sources = files('cperf_ops.c', 'cperf_test_vectors.c', 'cperf_test_verify.c', 'main.c') -deps += ['cryptodev', 'security'] +deps += ['cryptodev', 'net', 'security'] diff --git a/doc/guides/tools/cryptoperf.rst b/doc/guides/tools/cryptoperf.rst index a19ccb2622..a8df8bc99c 100644 --- a/doc/guides/tools/cryptoperf.rst +++ b/doc/guides/tools/cryptoperf.rst @@ -193,6 +193,7 @@ The following are the application command-line options: auth-then-cipher aead pdcp + docsis For GCM/CCM algorithms you should use aead flag. @@ -342,6 +343,10 @@ The following are the application command-line options: Set PDCP domain to specify Control/user plane. +* ``--docsis-hdr-sz `` + + Set DOCSIS header size(n) in bytes. + Test Vector File ~~~~~~~~~~~~~~~~