Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/65535/?format=api
{ "id": 65535, "url": "http://patches.dpdk.org/api/patches/65535/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/patch/20200204131258.17632-2-marcinx.smoczynski@intel.com/", "project": { "id": 1, "url": "http://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20200204131258.17632-2-marcinx.smoczynski@intel.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20200204131258.17632-2-marcinx.smoczynski@intel.com", "date": "2020-02-04T13:12:51", "name": "[v6,1/8] cryptodev: introduce cpu crypto support API", "commit_ref": null, "pull_url": null, "state": "accepted", "archived": true, "hash": "c1ed06c3f930e83204231821de65880a6cb35923", "submitter": { "id": 1293, "url": "http://patches.dpdk.org/api/people/1293/?format=api", "name": "Marcin Smoczynski", "email": "marcinx.smoczynski@intel.com" }, "delegate": { "id": 6690, "url": "http://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "http://patches.dpdk.org/project/dpdk/patch/20200204131258.17632-2-marcinx.smoczynski@intel.com/mbox/", "series": [ { "id": 8413, "url": "http://patches.dpdk.org/api/series/8413/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=8413", "date": "2020-02-04T13:12:50", "name": "Introduce CPU crypto mode", "version": 6, "mbox": "http://patches.dpdk.org/series/8413/mbox/" } ], "comments": "http://patches.dpdk.org/api/patches/65535/comments/", "check": "fail", "checks": "http://patches.dpdk.org/api/patches/65535/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from dpdk.org (dpdk.org [92.243.14.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 1F17EA0534;\n\tTue, 4 Feb 2020 14:13:16 +0100 (CET)", "from [92.243.14.124] (localhost [127.0.0.1])\n\tby dpdk.org (Postfix) with ESMTP id 3F9AD1C190;\n\tTue, 4 Feb 2020 14:13:09 +0100 (CET)", "from mga07.intel.com (mga07.intel.com [134.134.136.100])\n by dpdk.org (Postfix) with ESMTP id 8E847397D\n for <dev@dpdk.org>; Tue, 4 Feb 2020 14:13:06 +0100 (CET)", "from fmsmga005.fm.intel.com ([10.253.24.32])\n by orsmga105.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;\n 04 Feb 2020 05:13:06 -0800", "from msmoczyx-mobl.ger.corp.intel.com ([10.103.102.190])\n by fmsmga005.fm.intel.com with ESMTP; 04 Feb 2020 05:13:04 -0800" ], "X-Amp-Result": "SKIPPED(no attachment in message)", "X-Amp-File-Uploaded": "False", "X-ExtLoop1": "1", "X-IronPort-AV": "E=Sophos;i=\"5.70,401,1574150400\"; d=\"scan'208\";a=\"429800374\"", "From": "Marcin Smoczynski <marcinx.smoczynski@intel.com>", "To": "akhil.goyal@nxp.com, konstantin.ananyev@intel.com,\n roy.fan.zhang@intel.com,\n declan.doherty@intel.com, radu.nicolau@intel.com,\n pablo.de.lara.guarch@intel.com", "Cc": "dev@dpdk.org,\n\tMarcin Smoczynski <marcinx.smoczynski@intel.com>", "Date": "Tue, 4 Feb 2020 14:12:51 +0100", "Message-Id": "<20200204131258.17632-2-marcinx.smoczynski@intel.com>", "X-Mailer": "git-send-email 2.21.0.windows.1", "In-Reply-To": "<20200204131258.17632-1-marcinx.smoczynski@intel.com>", "References": "<20200128142220.16644-1-marcinx.smoczynski@intel.com>\n <20200204131258.17632-1-marcinx.smoczynski@intel.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Subject": "[dpdk-dev] [PATCH v6 1/8] cryptodev: introduce cpu crypto support\n\tAPI", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.15", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "Add new API allowing to process crypto operations in a synchronous\nmanner. Operations are performed on a set of SG arrays.\n\nCryptodevs which allows CPU crypto operation mode have to\nuse RTE_CRYPTODEV_FF_SYM_CPU_CRYPTO capability.\n\nAdd a helper method to easily convert mbufs to a SGL form.\n\nSigned-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>\nSigned-off-by: Marcin Smoczynski <marcinx.smoczynski@intel.com>\n---\n doc/guides/cryptodevs/features/default.ini | 1 +\n doc/guides/prog_guide/cryptodev_lib.rst | 33 ++++-\n lib/librte_cryptodev/rte_crypto_sym.h | 128 +++++++++++++++++-\n lib/librte_cryptodev/rte_cryptodev.c | 35 ++++-\n lib/librte_cryptodev/rte_cryptodev.h | 22 ++-\n lib/librte_cryptodev/rte_cryptodev_pmd.h | 21 ++-\n .../rte_cryptodev_version.map | 1 +\n 7 files changed, 236 insertions(+), 5 deletions(-)", "diff": "diff --git a/doc/guides/cryptodevs/features/default.ini b/doc/guides/cryptodevs/features/default.ini\nindex 304a6a94f..a14ee87d9 100644\n--- a/doc/guides/cryptodevs/features/default.ini\n+++ b/doc/guides/cryptodevs/features/default.ini\n@@ -27,6 +27,7 @@ RSA PRIV OP KEY EXP =\n RSA PRIV OP KEY QT =\n Digest encrypted =\n Asymmetric sessionless =\n+CPU crypto =\n \n ;\n ; Supported crypto algorithms of a default crypto driver.\ndiff --git a/doc/guides/prog_guide/cryptodev_lib.rst b/doc/guides/prog_guide/cryptodev_lib.rst\nindex ac1643774..b91f7c8b7 100644\n--- a/doc/guides/prog_guide/cryptodev_lib.rst\n+++ b/doc/guides/prog_guide/cryptodev_lib.rst\n@@ -1,5 +1,5 @@\n .. SPDX-License-Identifier: BSD-3-Clause\n- Copyright(c) 2016-2017 Intel Corporation.\n+ Copyright(c) 2016-2020 Intel Corporation.\n \n Cryptography Device Library\n ===========================\n@@ -600,6 +600,37 @@ chain.\n };\n };\n \n+Synchronous mode\n+----------------\n+\n+Some cryptodevs support synchronous mode alongside with a standard asynchronous\n+mode. In that case operations are performed directly when calling\n+``rte_cryptodev_sym_cpu_crypto_process`` method instead of enqueuing and\n+dequeuing an operation before. This mode of operation allows cryptodevs which\n+utilize CPU cryptographic acceleration to have significant performance boost\n+comparing to standard asynchronous approach. Cryptodevs supporting synchronous\n+mode have ``RTE_CRYPTODEV_FF_SYM_CPU_CRYPTO`` feature flag set.\n+\n+To perform a synchronous operation a call to\n+``rte_cryptodev_sym_cpu_crypto_process`` has to be made with vectorized\n+operation descriptor (``struct rte_crypto_sym_vec``) containing:\n+\n+- ``num`` - number of operations to perform,\n+- pointer to an array of size ``num`` containing a scatter-gather list\n+ descriptors of performed operations (``struct rte_crypto_sgl``). Each instance\n+ of ``struct rte_crypto_sgl`` consists of a number of segments and a pointer to\n+ an array of segment descriptors ``struct rte_crypto_vec``;\n+- pointers to arrays of size ``num`` containing IV, AAD and digest information,\n+- pointer to an array of size ``num`` where status information will be stored\n+ for each operation.\n+\n+Function returns a number of successfully completed operations and sets\n+appropriate status number for each operation in the status array provided as\n+a call argument. Status different than zero must be treated as error.\n+\n+For more details, e.g. how to convert an mbuf to an SGL, please refer to an\n+example usage in the IPsec library implementation.\n+\n Sample code\n -----------\n \ndiff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h\nindex bc356f6ff..5ca55a5e0 100644\n--- a/lib/librte_cryptodev/rte_crypto_sym.h\n+++ b/lib/librte_cryptodev/rte_crypto_sym.h\n@@ -1,5 +1,5 @@\n /* SPDX-License-Identifier: BSD-3-Clause\n- * Copyright(c) 2016-2019 Intel Corporation\n+ * Copyright(c) 2016-2020 Intel Corporation\n */\n \n #ifndef _RTE_CRYPTO_SYM_H_\n@@ -25,6 +25,67 @@ extern \"C\" {\n #include <rte_mempool.h>\n #include <rte_common.h>\n \n+/**\n+ * Crypto IO Vector (in analogy with struct iovec)\n+ * Supposed be used to pass input/output data buffers for crypto data-path\n+ * functions.\n+ */\n+struct rte_crypto_vec {\n+\t/** virtual address of the data buffer */\n+\tvoid *base;\n+\t/** IOVA of the data buffer */\n+\trte_iova_t iova;\n+\t/** length of the data buffer */\n+\tuint32_t len;\n+};\n+\n+/**\n+ * Crypto scatter-gather list descriptor. Consists of a pointer to an array\n+ * of Crypto IO vectors with its size.\n+ */\n+struct rte_crypto_sgl {\n+\t/** start of an array of vectors */\n+\tstruct rte_crypto_vec *vec;\n+\t/** size of an array of vectors */\n+\tuint32_t num;\n+};\n+\n+/**\n+ * Synchronous operation descriptor.\n+ * Supposed to be used with CPU crypto API call.\n+ */\n+struct rte_crypto_sym_vec {\n+\t/** array of SGL vectors */\n+\tstruct rte_crypto_sgl *sgl;\n+\t/** array of pointers to IV */\n+\tvoid **iv;\n+\t/** array of pointers to AAD */\n+\tvoid **aad;\n+\t/** array of pointers to digest */\n+\tvoid **digest;\n+\t/**\n+\t * array of statuses for each operation:\n+\t * - 0 on success\n+\t * - errno on error\n+\t */\n+\tint32_t *status;\n+\t/** number of operations to perform */\n+\tuint32_t num;\n+};\n+\n+/**\n+ * used for cpu_crypto_process_bulk() to specify head/tail offsets\n+ * for auth/cipher processing.\n+ */\n+union rte_crypto_sym_ofs {\n+\tuint64_t raw;\n+\tstruct {\n+\t\tstruct {\n+\t\t\tuint16_t head;\n+\t\t\tuint16_t tail;\n+\t\t} auth, cipher;\n+\t} ofs;\n+};\n \n /** Symmetric Cipher Algorithms */\n enum rte_crypto_cipher_algorithm {\n@@ -798,6 +859,71 @@ __rte_crypto_sym_op_attach_sym_session(struct rte_crypto_sym_op *sym_op,\n \treturn 0;\n }\n \n+/**\n+ * Converts portion of mbuf data into a vector representation.\n+ * Each segment will be represented as a separate entry in *vec* array.\n+ * Expects that provided *ofs* + *len* not to exceed mbuf's *pkt_len*.\n+ * @param mbuf\n+ * Pointer to the *rte_mbuf* object.\n+ * @param ofs\n+ * Offset within mbuf data to start with.\n+ * @param len\n+ * Length of data to represent.\n+ * @return\n+ * - number of successfully filled entries in *vec* array.\n+ * - negative number of elements in *vec* array required.\n+ */\n+__rte_experimental\n+static inline int\n+rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len,\n+\tstruct rte_crypto_vec vec[], uint32_t num)\n+{\n+\tuint32_t i;\n+\tstruct rte_mbuf *nseg;\n+\tuint32_t left;\n+\tuint32_t seglen;\n+\n+\t/* assuming that requested data starts in the first segment */\n+\tRTE_ASSERT(mb->data_len > ofs);\n+\n+\tif (mb->nb_segs > num)\n+\t\treturn -mb->nb_segs;\n+\n+\tvec[0].base = rte_pktmbuf_mtod_offset(mb, void *, ofs);\n+\tvec[0].iova = rte_pktmbuf_iova_offset(mb, ofs);\n+\n+\t/* whole data lies in the first segment */\n+\tseglen = mb->data_len - ofs;\n+\tif (len <= seglen) {\n+\t\tvec[0].len = len;\n+\t\treturn 1;\n+\t}\n+\n+\t/* data spread across segments */\n+\tvec[0].len = seglen;\n+\tleft = len - seglen;\n+\tfor (i = 1, nseg = mb->next; nseg != NULL; nseg = nseg->next, i++) {\n+\n+\t\tvec[i].base = rte_pktmbuf_mtod(nseg, void *);\n+\t\tvec[i].iova = rte_pktmbuf_iova(nseg);\n+\n+\t\tseglen = nseg->data_len;\n+\t\tif (left <= seglen) {\n+\t\t\t/* whole requested data is completed */\n+\t\t\tvec[i].len = left;\n+\t\t\tleft = 0;\n+\t\t\tbreak;\n+\t\t}\n+\n+\t\t/* use whole segment */\n+\t\tvec[i].len = seglen;\n+\t\tleft -= seglen;\n+\t}\n+\n+\tRTE_ASSERT(left == 0);\n+\treturn i + 1;\n+}\n+\n \n #ifdef __cplusplus\n }\ndiff --git a/lib/librte_cryptodev/rte_cryptodev.c b/lib/librte_cryptodev/rte_cryptodev.c\nindex 5c6359b5c..889d61319 100644\n--- a/lib/librte_cryptodev/rte_cryptodev.c\n+++ b/lib/librte_cryptodev/rte_cryptodev.c\n@@ -1,5 +1,5 @@\n /* SPDX-License-Identifier: BSD-3-Clause\n- * Copyright(c) 2015-2017 Intel Corporation\n+ * Copyright(c) 2015-2020 Intel Corporation\n */\n \n #include <sys/types.h>\n@@ -494,6 +494,8 @@ rte_cryptodev_get_feature_name(uint64_t flag)\n \t\treturn \"RSA_PRIV_OP_KEY_QT\";\n \tcase RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED:\n \t\treturn \"DIGEST_ENCRYPTED\";\n+\tcase RTE_CRYPTODEV_FF_SYM_CPU_CRYPTO:\n+\t\treturn \"SYM_CPU_CRYPTO\";\n \tdefault:\n \t\treturn NULL;\n \t}\n@@ -1619,6 +1621,37 @@ rte_cryptodev_sym_session_get_user_data(\n \treturn (void *)(sess->sess_data + sess->nb_drivers);\n }\n \n+static inline void\n+sym_crypto_fill_status(struct rte_crypto_sym_vec *vec, int32_t errnum)\n+{\n+\tuint32_t i;\n+\tfor (i = 0; i < vec->num; i++)\n+\t\tvec->status[i] = errnum;\n+}\n+\n+uint32_t\n+rte_cryptodev_sym_cpu_crypto_process(uint8_t dev_id,\n+\tstruct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs ofs,\n+\tstruct rte_crypto_sym_vec *vec)\n+{\n+\tstruct rte_cryptodev *dev;\n+\n+\tif (!rte_cryptodev_pmd_is_valid_dev(dev_id)) {\n+\t\tsym_crypto_fill_status(vec, EINVAL);\n+\t\treturn 0;\n+\t}\n+\n+\tdev = rte_cryptodev_pmd_get_dev(dev_id);\n+\n+\tif (*dev->dev_ops->sym_cpu_process == NULL ||\n+\t\t!(dev->feature_flags & RTE_CRYPTODEV_FF_SYM_CPU_CRYPTO)) {\n+\t\tsym_crypto_fill_status(vec, ENOTSUP);\n+\t\treturn 0;\n+\t}\n+\n+\treturn dev->dev_ops->sym_cpu_process(dev, sess, ofs, vec);\n+}\n+\n /** Initialise rte_crypto_op mempool element */\n static void\n rte_crypto_op_init(struct rte_mempool *mempool,\ndiff --git a/lib/librte_cryptodev/rte_cryptodev.h b/lib/librte_cryptodev/rte_cryptodev.h\nindex c6ffa3b35..437b8a9b3 100644\n--- a/lib/librte_cryptodev/rte_cryptodev.h\n+++ b/lib/librte_cryptodev/rte_cryptodev.h\n@@ -1,5 +1,5 @@\n /* SPDX-License-Identifier: BSD-3-Clause\n- * Copyright(c) 2015-2017 Intel Corporation.\n+ * Copyright(c) 2015-2020 Intel Corporation.\n */\n \n #ifndef _RTE_CRYPTODEV_H_\n@@ -450,6 +450,8 @@ rte_cryptodev_asym_get_xform_enum(enum rte_crypto_asym_xform_type *xform_enum,\n /**< Support encrypted-digest operations where digest is appended to data */\n #define RTE_CRYPTODEV_FF_ASYM_SESSIONLESS\t\t(1ULL << 20)\n /**< Support asymmetric session-less operations */\n+#define\tRTE_CRYPTODEV_FF_SYM_CPU_CRYPTO\t\t\t(1ULL << 21)\n+/**< Support symmetric cpu-crypto processing */\n \n \n /**\n@@ -1274,6 +1276,24 @@ void *\n rte_cryptodev_sym_session_get_user_data(\n \t\t\t\t\tstruct rte_cryptodev_sym_session *sess);\n \n+/**\n+ * Perform actual crypto processing (encrypt/digest or auth/decrypt)\n+ * on user provided data.\n+ *\n+ * @param\tdev_id\tThe device identifier.\n+ * @param\tsess\tCryptodev session structure\n+ * @param\tofs\tStart and stop offsets for auth and cipher operations\n+ * @param\tvec\tVectorized operation descriptor\n+ *\n+ * @return\n+ * - Returns number of successfully processed packets.\n+ */\n+__rte_experimental\n+uint32_t\n+rte_cryptodev_sym_cpu_crypto_process(uint8_t dev_id,\n+\tstruct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs ofs,\n+\tstruct rte_crypto_sym_vec *vec);\n+\n #ifdef __cplusplus\n }\n #endif\ndiff --git a/lib/librte_cryptodev/rte_cryptodev_pmd.h b/lib/librte_cryptodev/rte_cryptodev_pmd.h\nindex fba14f2fa..0e6b5f443 100644\n--- a/lib/librte_cryptodev/rte_cryptodev_pmd.h\n+++ b/lib/librte_cryptodev/rte_cryptodev_pmd.h\n@@ -1,5 +1,5 @@\n /* SPDX-License-Identifier: BSD-3-Clause\n- * Copyright(c) 2015-2016 Intel Corporation.\n+ * Copyright(c) 2015-2020 Intel Corporation.\n */\n \n #ifndef _RTE_CRYPTODEV_PMD_H_\n@@ -308,6 +308,23 @@ typedef void (*cryptodev_sym_free_session_t)(struct rte_cryptodev *dev,\n */\n typedef void (*cryptodev_asym_free_session_t)(struct rte_cryptodev *dev,\n \t\tstruct rte_cryptodev_asym_session *sess);\n+/**\n+ * Perform actual crypto processing (encrypt/digest or auth/decrypt)\n+ * on user provided data.\n+ *\n+ * @param\tdev\tCrypto device pointer\n+ * @param\tsess\tCryptodev session structure\n+ * @param\tofs\tStart and stop offsets for auth and cipher operations\n+ * @param\tvec\tVectorized operation descriptor\n+ *\n+ * @return\n+ * - Returns number of successfully processed packets.\n+ *\n+ */\n+typedef uint32_t (*cryptodev_sym_cpu_crypto_process_t)\n+\t(struct rte_cryptodev *dev, struct rte_cryptodev_sym_session *sess,\n+\tunion rte_crypto_sym_ofs ofs, struct rte_crypto_sym_vec *vec);\n+\n \n /** Crypto device operations function pointer table */\n struct rte_cryptodev_ops {\n@@ -342,6 +359,8 @@ struct rte_cryptodev_ops {\n \t/**< Clear a Crypto sessions private data. */\n \tcryptodev_asym_free_session_t asym_session_clear;\n \t/**< Clear a Crypto sessions private data. */\n+\tcryptodev_sym_cpu_crypto_process_t sym_cpu_process;\n+\t/**< process input data synchronously (cpu-crypto). */\n };\n \n \ndiff --git a/lib/librte_cryptodev/rte_cryptodev_version.map b/lib/librte_cryptodev/rte_cryptodev_version.map\nindex 1dd1e259a..6e41b4be5 100644\n--- a/lib/librte_cryptodev/rte_cryptodev_version.map\n+++ b/lib/librte_cryptodev/rte_cryptodev_version.map\n@@ -71,6 +71,7 @@ EXPERIMENTAL {\n \trte_cryptodev_asym_session_init;\n \trte_cryptodev_asym_xform_capability_check_modlen;\n \trte_cryptodev_asym_xform_capability_check_optype;\n+\trte_cryptodev_sym_cpu_crypto_process;\n \trte_cryptodev_sym_get_existing_header_session_size;\n \trte_cryptodev_sym_session_get_user_data;\n \trte_cryptodev_sym_session_pool_create;\n", "prefixes": [ "v6", "1/8" ] }