]>
Commit | Line | Data |
---|---|---|
7c673cae FG |
1 | /*- |
2 | * BSD LICENSE | |
3 | * | |
4 | * Copyright(c) 2015-2016 Intel Corporation. All rights reserved. | |
5 | * | |
6 | * Redistribution and use in source and binary forms, with or without | |
7 | * modification, are permitted provided that the following conditions | |
8 | * are met: | |
9 | * | |
10 | * * Redistributions of source code must retain the above copyright | |
11 | * notice, this list of conditions and the following disclaimer. | |
12 | * * Redistributions in binary form must reproduce the above copyright | |
13 | * notice, this list of conditions and the following disclaimer in | |
14 | * the documentation and/or other materials provided with the | |
15 | * distribution. | |
16 | * * Neither the name of Intel Corporation nor the names of its | |
17 | * contributors may be used to endorse or promote products derived | |
18 | * from this software without specific prior written permission. | |
19 | * | |
20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |
21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |
22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | |
23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT | |
24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | |
26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |
28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | |
30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
31 | */ | |
32 | ||
33 | #include <rte_common.h> | |
34 | #include <rte_hexdump.h> | |
35 | #include <rte_cryptodev.h> | |
36 | #include <rte_cryptodev_pmd.h> | |
37 | #include <rte_vdev.h> | |
38 | #include <rte_malloc.h> | |
39 | #include <rte_cpuflags.h> | |
40 | ||
41 | #include "rte_aesni_mb_pmd_private.h" | |
42 | ||
43 | /** | |
44 | * Global static parameter used to create a unique name for each AES-NI multi | |
45 | * buffer crypto device. | |
46 | */ | |
47 | static unsigned unique_name_id; | |
48 | ||
49 | static inline int | |
50 | create_unique_device_name(char *name, size_t size) | |
51 | { | |
52 | int ret; | |
53 | ||
54 | if (name == NULL) | |
55 | return -EINVAL; | |
56 | ||
57 | ret = snprintf(name, size, "%s_%u", RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD), | |
58 | unique_name_id++); | |
59 | if (ret < 0) | |
60 | return ret; | |
61 | return 0; | |
62 | } | |
63 | ||
64 | typedef void (*hash_one_block_t)(void *data, void *digest); | |
65 | typedef void (*aes_keyexp_t)(void *key, void *enc_exp_keys, void *dec_exp_keys); | |
66 | ||
67 | /** | |
68 | * Calculate the authentication pre-computes | |
69 | * | |
70 | * @param one_block_hash Function pointer to calculate digest on ipad/opad | |
71 | * @param ipad Inner pad output byte array | |
72 | * @param opad Outer pad output byte array | |
73 | * @param hkey Authentication key | |
74 | * @param hkey_len Authentication key length | |
75 | * @param blocksize Block size of selected hash algo | |
76 | */ | |
77 | static void | |
78 | calculate_auth_precomputes(hash_one_block_t one_block_hash, | |
79 | uint8_t *ipad, uint8_t *opad, | |
80 | uint8_t *hkey, uint16_t hkey_len, | |
81 | uint16_t blocksize) | |
82 | { | |
83 | unsigned i, length; | |
84 | ||
85 | uint8_t ipad_buf[blocksize] __rte_aligned(16); | |
86 | uint8_t opad_buf[blocksize] __rte_aligned(16); | |
87 | ||
88 | /* Setup inner and outer pads */ | |
89 | memset(ipad_buf, HMAC_IPAD_VALUE, blocksize); | |
90 | memset(opad_buf, HMAC_OPAD_VALUE, blocksize); | |
91 | ||
92 | /* XOR hash key with inner and outer pads */ | |
93 | length = hkey_len > blocksize ? blocksize : hkey_len; | |
94 | ||
95 | for (i = 0; i < length; i++) { | |
96 | ipad_buf[i] ^= hkey[i]; | |
97 | opad_buf[i] ^= hkey[i]; | |
98 | } | |
99 | ||
100 | /* Compute partial hashes */ | |
101 | (*one_block_hash)(ipad_buf, ipad); | |
102 | (*one_block_hash)(opad_buf, opad); | |
103 | ||
104 | /* Clean up stack */ | |
105 | memset(ipad_buf, 0, blocksize); | |
106 | memset(opad_buf, 0, blocksize); | |
107 | } | |
108 | ||
109 | /** Get xform chain order */ | |
110 | static int | |
111 | aesni_mb_get_chain_order(const struct rte_crypto_sym_xform *xform) | |
112 | { | |
113 | /* | |
114 | * Multi-buffer only supports HASH_CIPHER or CIPHER_HASH chained | |
115 | * operations, all other options are invalid, so we must have exactly | |
116 | * 2 xform structs chained together | |
117 | */ | |
118 | if (xform->next == NULL || xform->next->next != NULL) | |
119 | return -1; | |
120 | ||
121 | if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH && | |
122 | xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) | |
123 | return HASH_CIPHER; | |
124 | ||
125 | if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && | |
126 | xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) | |
127 | return CIPHER_HASH; | |
128 | ||
129 | return -1; | |
130 | } | |
131 | ||
132 | /** Set session authentication parameters */ | |
133 | static int | |
134 | aesni_mb_set_session_auth_parameters(const struct aesni_mb_ops *mb_ops, | |
135 | struct aesni_mb_session *sess, | |
136 | const struct rte_crypto_sym_xform *xform) | |
137 | { | |
138 | hash_one_block_t hash_oneblock_fn; | |
139 | ||
140 | if (xform->type != RTE_CRYPTO_SYM_XFORM_AUTH) { | |
141 | MB_LOG_ERR("Crypto xform struct not of type auth"); | |
142 | return -1; | |
143 | } | |
144 | ||
145 | /* Set Authentication Parameters */ | |
146 | if (xform->auth.algo == RTE_CRYPTO_AUTH_AES_XCBC_MAC) { | |
147 | sess->auth.algo = AES_XCBC; | |
148 | (*mb_ops->aux.keyexp.aes_xcbc)(xform->auth.key.data, | |
149 | sess->auth.xcbc.k1_expanded, | |
150 | sess->auth.xcbc.k2, sess->auth.xcbc.k3); | |
151 | return 0; | |
152 | } | |
153 | ||
154 | switch (xform->auth.algo) { | |
155 | case RTE_CRYPTO_AUTH_MD5_HMAC: | |
156 | sess->auth.algo = MD5; | |
157 | hash_oneblock_fn = mb_ops->aux.one_block.md5; | |
158 | break; | |
159 | case RTE_CRYPTO_AUTH_SHA1_HMAC: | |
160 | sess->auth.algo = SHA1; | |
161 | hash_oneblock_fn = mb_ops->aux.one_block.sha1; | |
162 | break; | |
163 | case RTE_CRYPTO_AUTH_SHA224_HMAC: | |
164 | sess->auth.algo = SHA_224; | |
165 | hash_oneblock_fn = mb_ops->aux.one_block.sha224; | |
166 | break; | |
167 | case RTE_CRYPTO_AUTH_SHA256_HMAC: | |
168 | sess->auth.algo = SHA_256; | |
169 | hash_oneblock_fn = mb_ops->aux.one_block.sha256; | |
170 | break; | |
171 | case RTE_CRYPTO_AUTH_SHA384_HMAC: | |
172 | sess->auth.algo = SHA_384; | |
173 | hash_oneblock_fn = mb_ops->aux.one_block.sha384; | |
174 | break; | |
175 | case RTE_CRYPTO_AUTH_SHA512_HMAC: | |
176 | sess->auth.algo = SHA_512; | |
177 | hash_oneblock_fn = mb_ops->aux.one_block.sha512; | |
178 | break; | |
179 | default: | |
180 | MB_LOG_ERR("Unsupported authentication algorithm selection"); | |
181 | return -1; | |
182 | } | |
183 | ||
184 | /* Calculate Authentication precomputes */ | |
185 | calculate_auth_precomputes(hash_oneblock_fn, | |
186 | sess->auth.pads.inner, sess->auth.pads.outer, | |
187 | xform->auth.key.data, | |
188 | xform->auth.key.length, | |
189 | get_auth_algo_blocksize(sess->auth.algo)); | |
190 | ||
191 | return 0; | |
192 | } | |
193 | ||
194 | /** Set session cipher parameters */ | |
195 | static int | |
196 | aesni_mb_set_session_cipher_parameters(const struct aesni_mb_ops *mb_ops, | |
197 | struct aesni_mb_session *sess, | |
198 | const struct rte_crypto_sym_xform *xform) | |
199 | { | |
200 | aes_keyexp_t aes_keyexp_fn; | |
201 | ||
202 | if (xform->type != RTE_CRYPTO_SYM_XFORM_CIPHER) { | |
203 | MB_LOG_ERR("Crypto xform struct not of type cipher"); | |
204 | return -1; | |
205 | } | |
206 | ||
207 | /* Select cipher direction */ | |
208 | switch (xform->cipher.op) { | |
209 | case RTE_CRYPTO_CIPHER_OP_ENCRYPT: | |
210 | sess->cipher.direction = ENCRYPT; | |
211 | break; | |
212 | case RTE_CRYPTO_CIPHER_OP_DECRYPT: | |
213 | sess->cipher.direction = DECRYPT; | |
214 | break; | |
215 | default: | |
216 | MB_LOG_ERR("Unsupported cipher operation parameter"); | |
217 | return -1; | |
218 | } | |
219 | ||
220 | /* Select cipher mode */ | |
221 | switch (xform->cipher.algo) { | |
222 | case RTE_CRYPTO_CIPHER_AES_CBC: | |
223 | sess->cipher.mode = CBC; | |
224 | break; | |
225 | case RTE_CRYPTO_CIPHER_AES_CTR: | |
226 | sess->cipher.mode = CNTR; | |
227 | break; | |
228 | default: | |
229 | MB_LOG_ERR("Unsupported cipher mode parameter"); | |
230 | return -1; | |
231 | } | |
232 | ||
233 | /* Check key length and choose key expansion function */ | |
234 | switch (xform->cipher.key.length) { | |
235 | case AES_128_BYTES: | |
236 | sess->cipher.key_length_in_bytes = AES_128_BYTES; | |
237 | aes_keyexp_fn = mb_ops->aux.keyexp.aes128; | |
238 | break; | |
239 | case AES_192_BYTES: | |
240 | sess->cipher.key_length_in_bytes = AES_192_BYTES; | |
241 | aes_keyexp_fn = mb_ops->aux.keyexp.aes192; | |
242 | break; | |
243 | case AES_256_BYTES: | |
244 | sess->cipher.key_length_in_bytes = AES_256_BYTES; | |
245 | aes_keyexp_fn = mb_ops->aux.keyexp.aes256; | |
246 | break; | |
247 | default: | |
248 | MB_LOG_ERR("Unsupported cipher key length"); | |
249 | return -1; | |
250 | } | |
251 | ||
252 | /* Expanded cipher keys */ | |
253 | (*aes_keyexp_fn)(xform->cipher.key.data, | |
254 | sess->cipher.expanded_aes_keys.encode, | |
255 | sess->cipher.expanded_aes_keys.decode); | |
256 | ||
257 | return 0; | |
258 | } | |
259 | ||
260 | /** Parse crypto xform chain and set private session parameters */ | |
261 | int | |
262 | aesni_mb_set_session_parameters(const struct aesni_mb_ops *mb_ops, | |
263 | struct aesni_mb_session *sess, | |
264 | const struct rte_crypto_sym_xform *xform) | |
265 | { | |
266 | const struct rte_crypto_sym_xform *auth_xform = NULL; | |
267 | const struct rte_crypto_sym_xform *cipher_xform = NULL; | |
268 | ||
269 | /* Select Crypto operation - hash then cipher / cipher then hash */ | |
270 | switch (aesni_mb_get_chain_order(xform)) { | |
271 | case HASH_CIPHER: | |
272 | sess->chain_order = HASH_CIPHER; | |
273 | auth_xform = xform; | |
274 | cipher_xform = xform->next; | |
275 | break; | |
276 | case CIPHER_HASH: | |
277 | sess->chain_order = CIPHER_HASH; | |
278 | auth_xform = xform->next; | |
279 | cipher_xform = xform; | |
280 | break; | |
281 | default: | |
282 | MB_LOG_ERR("Unsupported operation chain order parameter"); | |
283 | return -1; | |
284 | } | |
285 | ||
286 | if (aesni_mb_set_session_auth_parameters(mb_ops, sess, auth_xform)) { | |
287 | MB_LOG_ERR("Invalid/unsupported authentication parameters"); | |
288 | return -1; | |
289 | } | |
290 | ||
291 | if (aesni_mb_set_session_cipher_parameters(mb_ops, sess, | |
292 | cipher_xform)) { | |
293 | MB_LOG_ERR("Invalid/unsupported cipher parameters"); | |
294 | return -1; | |
295 | } | |
296 | return 0; | |
297 | } | |
298 | ||
299 | /** Get multi buffer session */ | |
300 | static struct aesni_mb_session * | |
301 | get_session(struct aesni_mb_qp *qp, struct rte_crypto_op *op) | |
302 | { | |
303 | struct aesni_mb_session *sess = NULL; | |
304 | ||
305 | if (op->sym->sess_type == RTE_CRYPTO_SYM_OP_WITH_SESSION) { | |
306 | if (unlikely(op->sym->session->dev_type != | |
307 | RTE_CRYPTODEV_AESNI_MB_PMD)) | |
308 | return NULL; | |
309 | ||
310 | sess = (struct aesni_mb_session *)op->sym->session->_private; | |
311 | } else { | |
312 | void *_sess = NULL; | |
313 | ||
314 | if (rte_mempool_get(qp->sess_mp, (void **)&_sess)) | |
315 | return NULL; | |
316 | ||
317 | sess = (struct aesni_mb_session *) | |
318 | ((struct rte_cryptodev_sym_session *)_sess)->_private; | |
319 | ||
320 | if (unlikely(aesni_mb_set_session_parameters(qp->ops, | |
321 | sess, op->sym->xform) != 0)) { | |
322 | rte_mempool_put(qp->sess_mp, _sess); | |
323 | sess = NULL; | |
324 | } | |
325 | } | |
326 | ||
327 | return sess; | |
328 | } | |
329 | ||
330 | /** | |
331 | * Process a crypto operation and complete a JOB_AES_HMAC job structure for | |
332 | * submission to the multi buffer library for processing. | |
333 | * | |
334 | * @param qp queue pair | |
335 | * @param job JOB_AES_HMAC structure to fill | |
336 | * @param m mbuf to process | |
337 | * | |
338 | * @return | |
339 | * - Completed JOB_AES_HMAC structure pointer on success | |
340 | * - NULL pointer if completion of JOB_AES_HMAC structure isn't possible | |
341 | */ | |
342 | static JOB_AES_HMAC * | |
343 | process_crypto_op(struct aesni_mb_qp *qp, struct rte_crypto_op *op, | |
344 | struct aesni_mb_session *session) | |
345 | { | |
346 | JOB_AES_HMAC *job; | |
347 | ||
348 | struct rte_mbuf *m_src = op->sym->m_src, *m_dst; | |
349 | uint16_t m_offset = 0; | |
350 | ||
351 | job = (*qp->ops->job.get_next)(&qp->mb_mgr); | |
352 | if (unlikely(job == NULL)) | |
353 | return job; | |
354 | ||
355 | /* Set crypto operation */ | |
356 | job->chain_order = session->chain_order; | |
357 | ||
358 | /* Set cipher parameters */ | |
359 | job->cipher_direction = session->cipher.direction; | |
360 | job->cipher_mode = session->cipher.mode; | |
361 | ||
362 | job->aes_key_len_in_bytes = session->cipher.key_length_in_bytes; | |
363 | job->aes_enc_key_expanded = session->cipher.expanded_aes_keys.encode; | |
364 | job->aes_dec_key_expanded = session->cipher.expanded_aes_keys.decode; | |
365 | ||
366 | ||
367 | /* Set authentication parameters */ | |
368 | job->hash_alg = session->auth.algo; | |
369 | if (job->hash_alg == AES_XCBC) { | |
370 | job->_k1_expanded = session->auth.xcbc.k1_expanded; | |
371 | job->_k2 = session->auth.xcbc.k2; | |
372 | job->_k3 = session->auth.xcbc.k3; | |
373 | } else { | |
374 | job->hashed_auth_key_xor_ipad = session->auth.pads.inner; | |
375 | job->hashed_auth_key_xor_opad = session->auth.pads.outer; | |
376 | } | |
377 | ||
378 | /* Mutable crypto operation parameters */ | |
379 | if (op->sym->m_dst) { | |
380 | m_src = m_dst = op->sym->m_dst; | |
381 | ||
382 | /* append space for output data to mbuf */ | |
383 | char *odata = rte_pktmbuf_append(m_dst, | |
384 | rte_pktmbuf_data_len(op->sym->m_src)); | |
385 | if (odata == NULL) { | |
386 | MB_LOG_ERR("failed to allocate space in destination " | |
387 | "mbuf for source data"); | |
388 | return NULL; | |
389 | } | |
390 | ||
391 | memcpy(odata, rte_pktmbuf_mtod(op->sym->m_src, void*), | |
392 | rte_pktmbuf_data_len(op->sym->m_src)); | |
393 | } else { | |
394 | m_dst = m_src; | |
395 | m_offset = op->sym->cipher.data.offset; | |
396 | } | |
397 | ||
398 | /* Set digest output location */ | |
399 | if (job->cipher_direction == DECRYPT) { | |
400 | job->auth_tag_output = (uint8_t *)rte_pktmbuf_append(m_dst, | |
401 | get_digest_byte_length(job->hash_alg)); | |
402 | ||
403 | if (job->auth_tag_output == NULL) { | |
404 | MB_LOG_ERR("failed to allocate space in output mbuf " | |
405 | "for temp digest"); | |
406 | return NULL; | |
407 | } | |
408 | ||
409 | memset(job->auth_tag_output, 0, | |
410 | sizeof(get_digest_byte_length(job->hash_alg))); | |
411 | ||
412 | } else { | |
413 | job->auth_tag_output = op->sym->auth.digest.data; | |
414 | } | |
415 | ||
416 | /* | |
417 | * Multi-buffer library current only support returning a truncated | |
418 | * digest length as specified in the relevant IPsec RFCs | |
419 | */ | |
420 | job->auth_tag_output_len_in_bytes = | |
421 | get_truncated_digest_byte_length(job->hash_alg); | |
422 | ||
423 | /* Set IV parameters */ | |
424 | job->iv = op->sym->cipher.iv.data; | |
425 | job->iv_len_in_bytes = op->sym->cipher.iv.length; | |
426 | ||
427 | /* Data Parameter */ | |
428 | job->src = rte_pktmbuf_mtod(m_src, uint8_t *); | |
429 | job->dst = rte_pktmbuf_mtod_offset(m_dst, uint8_t *, m_offset); | |
430 | ||
431 | job->cipher_start_src_offset_in_bytes = op->sym->cipher.data.offset; | |
432 | job->msg_len_to_cipher_in_bytes = op->sym->cipher.data.length; | |
433 | ||
434 | job->hash_start_src_offset_in_bytes = op->sym->auth.data.offset; | |
435 | job->msg_len_to_hash_in_bytes = op->sym->auth.data.length; | |
436 | ||
437 | /* Set user data to be crypto operation data struct */ | |
438 | job->user_data = op; | |
439 | job->user_data2 = m_dst; | |
440 | ||
441 | return job; | |
442 | } | |
443 | ||
444 | /** | |
445 | * Process a completed job and return rte_mbuf which job processed | |
446 | * | |
447 | * @param job JOB_AES_HMAC job to process | |
448 | * | |
449 | * @return | |
450 | * - Returns processed mbuf which is trimmed of output digest used in | |
451 | * verification of supplied digest in the case of a HASH_CIPHER operation | |
452 | * - Returns NULL on invalid job | |
453 | */ | |
454 | static struct rte_crypto_op * | |
455 | post_process_mb_job(struct aesni_mb_qp *qp, JOB_AES_HMAC *job) | |
456 | { | |
457 | struct rte_crypto_op *op = | |
458 | (struct rte_crypto_op *)job->user_data; | |
459 | struct rte_mbuf *m_dst = | |
460 | (struct rte_mbuf *)job->user_data2; | |
461 | ||
462 | if (op == NULL || m_dst == NULL) | |
463 | return NULL; | |
464 | ||
465 | /* set status as successful by default */ | |
466 | op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; | |
467 | ||
468 | /* check if job has been processed */ | |
469 | if (unlikely(job->status != STS_COMPLETED)) { | |
470 | op->status = RTE_CRYPTO_OP_STATUS_ERROR; | |
471 | return op; | |
472 | } else if (job->chain_order == HASH_CIPHER) { | |
473 | /* Verify digest if required */ | |
474 | if (memcmp(job->auth_tag_output, op->sym->auth.digest.data, | |
475 | job->auth_tag_output_len_in_bytes) != 0) | |
476 | op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED; | |
477 | ||
478 | /* trim area used for digest from mbuf */ | |
479 | rte_pktmbuf_trim(m_dst, get_digest_byte_length(job->hash_alg)); | |
480 | } | |
481 | ||
482 | /* Free session if a session-less crypto op */ | |
483 | if (op->sym->sess_type == RTE_CRYPTO_SYM_OP_SESSIONLESS) { | |
484 | rte_mempool_put(qp->sess_mp, op->sym->session); | |
485 | op->sym->session = NULL; | |
486 | } | |
487 | ||
488 | return op; | |
489 | } | |
490 | ||
491 | /** | |
492 | * Process a completed JOB_AES_HMAC job and keep processing jobs until | |
493 | * get_completed_job return NULL | |
494 | * | |
495 | * @param qp Queue Pair to process | |
496 | * @param job JOB_AES_HMAC job | |
497 | * | |
498 | * @return | |
499 | * - Number of processed jobs | |
500 | */ | |
501 | static unsigned | |
502 | handle_completed_jobs(struct aesni_mb_qp *qp, JOB_AES_HMAC *job) | |
503 | { | |
504 | struct rte_crypto_op *op = NULL; | |
505 | unsigned processed_jobs = 0; | |
506 | ||
507 | while (job) { | |
508 | processed_jobs++; | |
509 | op = post_process_mb_job(qp, job); | |
510 | if (op) | |
511 | rte_ring_enqueue(qp->processed_ops, (void *)op); | |
512 | else | |
513 | qp->stats.dequeue_err_count++; | |
514 | job = (*qp->ops->job.get_completed_job)(&qp->mb_mgr); | |
515 | } | |
516 | ||
517 | return processed_jobs; | |
518 | } | |
519 | ||
520 | static uint16_t | |
521 | aesni_mb_pmd_enqueue_burst(void *queue_pair, struct rte_crypto_op **ops, | |
522 | uint16_t nb_ops) | |
523 | { | |
524 | struct aesni_mb_session *sess; | |
525 | struct aesni_mb_qp *qp = queue_pair; | |
526 | ||
527 | JOB_AES_HMAC *job = NULL; | |
528 | ||
529 | int i, processed_jobs = 0; | |
530 | ||
531 | for (i = 0; i < nb_ops; i++) { | |
532 | #ifdef RTE_LIBRTE_AESNI_MB_DEBUG | |
533 | if (unlikely(op->type != RTE_CRYPTO_OP_TYPE_SYMMETRIC)) { | |
534 | MB_LOG_ERR("PMD only supports symmetric crypto " | |
535 | "operation requests, op (%p) is not a " | |
536 | "symmetric operation.", op); | |
537 | qp->stats.enqueue_err_count++; | |
538 | goto flush_jobs; | |
539 | } | |
540 | #endif | |
541 | sess = get_session(qp, ops[i]); | |
542 | if (unlikely(sess == NULL)) { | |
543 | qp->stats.enqueue_err_count++; | |
544 | goto flush_jobs; | |
545 | } | |
546 | ||
547 | job = process_crypto_op(qp, ops[i], sess); | |
548 | if (unlikely(job == NULL)) { | |
549 | qp->stats.enqueue_err_count++; | |
550 | goto flush_jobs; | |
551 | } | |
552 | ||
553 | /* Submit Job */ | |
554 | job = (*qp->ops->job.submit)(&qp->mb_mgr); | |
555 | ||
556 | /* | |
557 | * If submit returns a processed job then handle it, | |
558 | * before submitting subsequent jobs | |
559 | */ | |
560 | if (job) | |
561 | processed_jobs += handle_completed_jobs(qp, job); | |
562 | } | |
563 | ||
564 | if (processed_jobs == 0) | |
565 | goto flush_jobs; | |
566 | else | |
567 | qp->stats.enqueued_count += processed_jobs; | |
568 | return i; | |
569 | ||
570 | flush_jobs: | |
571 | /* | |
572 | * If we haven't processed any jobs in submit loop, then flush jobs | |
573 | * queue to stop the output stalling | |
574 | */ | |
575 | job = (*qp->ops->job.flush_job)(&qp->mb_mgr); | |
576 | if (job) | |
577 | qp->stats.enqueued_count += handle_completed_jobs(qp, job); | |
578 | ||
579 | return i; | |
580 | } | |
581 | ||
582 | static uint16_t | |
583 | aesni_mb_pmd_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops, | |
584 | uint16_t nb_ops) | |
585 | { | |
586 | struct aesni_mb_qp *qp = queue_pair; | |
587 | ||
588 | unsigned nb_dequeued; | |
589 | ||
590 | nb_dequeued = rte_ring_dequeue_burst(qp->processed_ops, | |
591 | (void **)ops, nb_ops); | |
592 | qp->stats.dequeued_count += nb_dequeued; | |
593 | ||
594 | return nb_dequeued; | |
595 | } | |
596 | ||
597 | ||
598 | static int cryptodev_aesni_mb_remove(const char *name); | |
599 | ||
600 | static int | |
601 | cryptodev_aesni_mb_create(const char *name, | |
602 | struct rte_crypto_vdev_init_params *init_params) | |
603 | { | |
604 | struct rte_cryptodev *dev; | |
605 | char crypto_dev_name[RTE_CRYPTODEV_NAME_MAX_LEN]; | |
606 | struct aesni_mb_private *internals; | |
607 | enum aesni_mb_vector_mode vector_mode; | |
608 | ||
609 | /* Check CPU for support for AES instruction set */ | |
610 | if (!rte_cpu_get_flag_enabled(RTE_CPUFLAG_AES)) { | |
611 | MB_LOG_ERR("AES instructions not supported by CPU"); | |
612 | return -EFAULT; | |
613 | } | |
614 | ||
615 | /* Check CPU for supported vector instruction set */ | |
616 | if (rte_cpu_get_flag_enabled(RTE_CPUFLAG_AVX2)) | |
617 | vector_mode = RTE_AESNI_MB_AVX2; | |
618 | else if (rte_cpu_get_flag_enabled(RTE_CPUFLAG_AVX)) | |
619 | vector_mode = RTE_AESNI_MB_AVX; | |
620 | else if (rte_cpu_get_flag_enabled(RTE_CPUFLAG_SSE4_1)) | |
621 | vector_mode = RTE_AESNI_MB_SSE; | |
622 | else { | |
623 | MB_LOG_ERR("Vector instructions are not supported by CPU"); | |
624 | return -EFAULT; | |
625 | } | |
626 | ||
627 | /* create a unique device name */ | |
628 | if (create_unique_device_name(crypto_dev_name, | |
629 | RTE_CRYPTODEV_NAME_MAX_LEN) != 0) { | |
630 | MB_LOG_ERR("failed to create unique cryptodev name"); | |
631 | return -EINVAL; | |
632 | } | |
633 | ||
634 | ||
635 | dev = rte_cryptodev_pmd_virtual_dev_init(crypto_dev_name, | |
636 | sizeof(struct aesni_mb_private), init_params->socket_id); | |
637 | if (dev == NULL) { | |
638 | MB_LOG_ERR("failed to create cryptodev vdev"); | |
639 | goto init_error; | |
640 | } | |
641 | ||
642 | dev->dev_type = RTE_CRYPTODEV_AESNI_MB_PMD; | |
643 | dev->dev_ops = rte_aesni_mb_pmd_ops; | |
644 | ||
645 | /* register rx/tx burst functions for data path */ | |
646 | dev->dequeue_burst = aesni_mb_pmd_dequeue_burst; | |
647 | dev->enqueue_burst = aesni_mb_pmd_enqueue_burst; | |
648 | ||
649 | dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO | | |
650 | RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING | | |
651 | RTE_CRYPTODEV_FF_CPU_AESNI; | |
652 | ||
653 | switch (vector_mode) { | |
654 | case RTE_AESNI_MB_SSE: | |
655 | dev->feature_flags |= RTE_CRYPTODEV_FF_CPU_SSE; | |
656 | break; | |
657 | case RTE_AESNI_MB_AVX: | |
658 | dev->feature_flags |= RTE_CRYPTODEV_FF_CPU_AVX; | |
659 | break; | |
660 | case RTE_AESNI_MB_AVX2: | |
661 | dev->feature_flags |= RTE_CRYPTODEV_FF_CPU_AVX2; | |
662 | break; | |
663 | default: | |
664 | break; | |
665 | } | |
666 | ||
667 | /* Set vector instructions mode supported */ | |
668 | internals = dev->data->dev_private; | |
669 | ||
670 | internals->vector_mode = vector_mode; | |
671 | internals->max_nb_queue_pairs = init_params->max_nb_queue_pairs; | |
672 | internals->max_nb_sessions = init_params->max_nb_sessions; | |
673 | ||
674 | return 0; | |
675 | init_error: | |
676 | MB_LOG_ERR("driver %s: cryptodev_aesni_create failed", name); | |
677 | ||
678 | cryptodev_aesni_mb_remove(crypto_dev_name); | |
679 | return -EFAULT; | |
680 | } | |
681 | ||
682 | ||
683 | static int | |
684 | cryptodev_aesni_mb_probe(const char *name, | |
685 | const char *input_args) | |
686 | { | |
687 | struct rte_crypto_vdev_init_params init_params = { | |
688 | RTE_CRYPTODEV_VDEV_DEFAULT_MAX_NB_QUEUE_PAIRS, | |
689 | RTE_CRYPTODEV_VDEV_DEFAULT_MAX_NB_SESSIONS, | |
690 | rte_socket_id() | |
691 | }; | |
692 | ||
693 | rte_cryptodev_parse_vdev_init_params(&init_params, input_args); | |
694 | ||
695 | RTE_LOG(INFO, PMD, "Initialising %s on NUMA node %d\n", name, | |
696 | init_params.socket_id); | |
697 | RTE_LOG(INFO, PMD, " Max number of queue pairs = %d\n", | |
698 | init_params.max_nb_queue_pairs); | |
699 | RTE_LOG(INFO, PMD, " Max number of sessions = %d\n", | |
700 | init_params.max_nb_sessions); | |
701 | ||
702 | return cryptodev_aesni_mb_create(name, &init_params); | |
703 | } | |
704 | ||
705 | static int | |
706 | cryptodev_aesni_mb_remove(const char *name) | |
707 | { | |
708 | if (name == NULL) | |
709 | return -EINVAL; | |
710 | ||
711 | RTE_LOG(INFO, PMD, "Closing AESNI crypto device %s on numa socket %u\n", | |
712 | name, rte_socket_id()); | |
713 | ||
714 | return 0; | |
715 | } | |
716 | ||
717 | static struct rte_vdev_driver cryptodev_aesni_mb_pmd_drv = { | |
718 | .probe = cryptodev_aesni_mb_probe, | |
719 | .remove = cryptodev_aesni_mb_remove | |
720 | }; | |
721 | ||
722 | RTE_PMD_REGISTER_VDEV(CRYPTODEV_NAME_AESNI_MB_PMD, cryptodev_aesni_mb_pmd_drv); | |
723 | RTE_PMD_REGISTER_ALIAS(CRYPTODEV_NAME_AESNI_MB_PMD, cryptodev_aesni_mb_pmd); | |
724 | RTE_PMD_REGISTER_PARAM_STRING(CRYPTODEV_NAME_AESNI_MB_PMD, | |
725 | "max_nb_queue_pairs=<int> " | |
726 | "max_nb_sessions=<int> " | |
727 | "socket_id=<int>"); |