[3/8] crypto/octeontx: add asymmetric session operations
diff mbox series

Message ID 1568035687-25492-4-git-send-email-anoobj@marvell.com
State Changes Requested
Delegated to: akhil goyal
Headers show
Series
  • add asym support in crypto_octeontx PMD
Related show

Checks

Context Check Description
ci/checkpatch success coding style OK
ci/Intel-compilation success Compilation OK

Commit Message

Anoob Joseph Sept. 9, 2019, 1:28 p.m. UTC
From: Kanaka Durga Kotamarthy <kkotamarthy@marvell.com>

Add asymmetric session setup and free functions

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Kanaka Durga Kotamarthy <kkotamarthy@marvell.com>
Signed-off-by: Sunila Sahu <ssahu@marvell.com>
---
 drivers/common/cpt/cpt_mcode_defines.h      |   9 ++
 drivers/common/cpt/cpt_ucode_asym.h         | 169 ++++++++++++++++++++++++++++
 drivers/crypto/octeontx/otx_cryptodev_ops.c |  66 ++++++++++-
 3 files changed, 243 insertions(+), 1 deletion(-)
 create mode 100644 drivers/common/cpt/cpt_ucode_asym.h

Comments

Akhil Goyal Oct. 1, 2019, 12:57 p.m. UTC | #1
Hi Anoob,

Just a couple of nits

> +
> +static __rte_always_inline void
> +cpt_modex_param_normalize(uint8_t **data, size_t *len)
> +{
> +	size_t i;
> +
> +	/* Strip leading NUL bytes */

Typo NULL

> +
> +	for (i = 0; i < *len; i++) {
> +		if ((*data)[i] != 0)
> +			break;
> +	}
> +
> +	*data += i;
> +	*len -= i;
> +}
> +

<.snip.>

> +static __rte_always_inline void
> +cpt_free_asym_session_parameters(struct cpt_asym_sess_misc *sess)
> +{
> +	struct rte_crypto_modex_xform *mod;
> +	struct rte_crypto_rsa_xform *rsa;
> +
> +	switch (sess->xfrm_type) {
> +	case RTE_CRYPTO_ASYM_XFORM_RSA:
> +		rsa = &sess->rsa_ctx;
> +		if (rsa->n.data)
> +			rte_free(rsa->n.data);
> +		break;
> +	case RTE_CRYPTO_ASYM_XFORM_MODEX:
> +		mod = &sess->mod_ctx;
> +		if (mod->modulus.data)
> +			rte_free(mod->modulus.data);
> +		break;
> +	default:
> +		break;


Do we need an error print here?

> +	}
> +}
> +
Anoob Joseph Oct. 2, 2019, 11:18 a.m. UTC | #2
Hi Akhil,

Please see inline.

Thanks,
Anoob

> -----Original Message-----
> From: Akhil Goyal <akhil.goyal@nxp.com>
> Sent: Tuesday, October 1, 2019 6:27 PM
> To: Anoob Joseph <anoobj@marvell.com>; Pablo de Lara
> <pablo.de.lara.guarch@intel.com>
> Cc: Kanaka Durga Kotamarthy <kkotamarthy@marvell.com>; Jerin Jacob
> Kollanukkaran <jerinj@marvell.com>; Narayana Prasad Raju Athreya
> <pathreya@marvell.com>; Fiona Trahe <fiona.trahe@intel.com>; Shally Verma
> <shallyv@marvell.com>; Sunila Sahu <ssahu@marvell.com>; dev@dpdk.org
> Subject: RE: [PATCH 3/8] crypto/octeontx: add asymmetric session operations
> 
> Hi Anoob,
> 
> Just a couple of nits
> 
> > +
> > +static __rte_always_inline void
> > +cpt_modex_param_normalize(uint8_t **data, size_t *len) {
> > +	size_t i;
> > +
> > +	/* Strip leading NUL bytes */
> 
> Typo NULL

[Anoob] It is intentional.

"NUL is a ASCII character which ascii value is 0 whereas NULL is a macro defined in stddef.h and several more header file with value of ((void *)0)."
 
> 
> > +
> > +	for (i = 0; i < *len; i++) {
> > +		if ((*data)[i] != 0)
> > +			break;
> > +	}
> > +
> > +	*data += i;
> > +	*len -= i;
> > +}
> > +
> 
> <.snip.>
> 
> > +static __rte_always_inline void
> > +cpt_free_asym_session_parameters(struct cpt_asym_sess_misc *sess) {
> > +	struct rte_crypto_modex_xform *mod;
> > +	struct rte_crypto_rsa_xform *rsa;
> > +
> > +	switch (sess->xfrm_type) {
> > +	case RTE_CRYPTO_ASYM_XFORM_RSA:
> > +		rsa = &sess->rsa_ctx;
> > +		if (rsa->n.data)
> > +			rte_free(rsa->n.data);
> > +		break;
> > +	case RTE_CRYPTO_ASYM_XFORM_MODEX:
> > +		mod = &sess->mod_ctx;
> > +		if (mod->modulus.data)
> > +			rte_free(mod->modulus.data);
> > +		break;
> > +	default:
> > +		break;
> 
> 
> Do we need an error print here?

[Anoob] I'll add DP logs here.
 
> 
> > +	}
> > +}
> > +

Patch
diff mbox series

diff --git a/drivers/common/cpt/cpt_mcode_defines.h b/drivers/common/cpt/cpt_mcode_defines.h
index c197c7b..3a373ee 100644
--- a/drivers/common/cpt/cpt_mcode_defines.h
+++ b/drivers/common/cpt/cpt_mcode_defines.h
@@ -6,6 +6,7 @@ 
 #define _CPT_MCODE_DEFINES_H_
 
 #include <rte_byteorder.h>
+#include <rte_crypto_asym.h>
 #include <rte_memory.h>
 
 /*
@@ -316,6 +317,14 @@  struct cpt_ctx {
 	uint8_t  auth_key[64];
 };
 
+struct cpt_asym_sess_misc {
+	enum rte_crypto_asym_xform_type xfrm_type;
+	union {
+		struct rte_crypto_rsa_xform rsa_ctx;
+		struct rte_crypto_modex_xform mod_ctx;
+	};
+};
+
 /* Buffer pointer */
 typedef struct buf_ptr {
 	void *vaddr;
diff --git a/drivers/common/cpt/cpt_ucode_asym.h b/drivers/common/cpt/cpt_ucode_asym.h
new file mode 100644
index 0000000..e6bc257
--- /dev/null
+++ b/drivers/common/cpt/cpt_ucode_asym.h
@@ -0,0 +1,169 @@ 
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright (C) 2019 Marvell International Ltd.
+ */
+
+#ifndef _CPT_UCODE_ASYM_H_
+#define _CPT_UCODE_ASYM_H_
+
+#include <rte_common.h>
+#include <rte_crypto_asym.h>
+#include <rte_malloc.h>
+
+#include "cpt_mcode_defines.h"
+
+static __rte_always_inline void
+cpt_modex_param_normalize(uint8_t **data, size_t *len)
+{
+	size_t i;
+
+	/* Strip leading NUL bytes */
+
+	for (i = 0; i < *len; i++) {
+		if ((*data)[i] != 0)
+			break;
+	}
+
+	*data += i;
+	*len -= i;
+}
+
+static __rte_always_inline int
+cpt_fill_modex_params(struct cpt_asym_sess_misc *sess,
+		      struct rte_crypto_asym_xform *xform)
+{
+	struct rte_crypto_modex_xform *ctx = &sess->mod_ctx;
+	size_t exp_len = xform->modex.exponent.length;
+	size_t mod_len = xform->modex.modulus.length;
+	uint8_t *exp = xform->modex.exponent.data;
+	uint8_t *mod = xform->modex.modulus.data;
+
+	cpt_modex_param_normalize(&mod, &mod_len);
+	cpt_modex_param_normalize(&exp, &exp_len);
+
+	if (unlikely(exp_len == 0 || mod_len == 0))
+		return -EINVAL;
+
+	if (unlikely(exp_len > mod_len)) {
+		CPT_LOG_DP_ERR("Exponent length greater than modulus length is not supported");
+		return -ENOTSUP;
+	}
+
+	/* Allocate buffer to hold modexp params */
+	ctx->modulus.data = rte_malloc(NULL, mod_len + exp_len, 0);
+	if (ctx->modulus.data == NULL) {
+		CPT_LOG_DP_ERR("Could not allocate buffer for modex params");
+		return -ENOMEM;
+	}
+
+	/* Set up modexp prime modulus and private exponent */
+
+	memcpy(ctx->modulus.data, mod, mod_len);
+	ctx->exponent.data = ctx->modulus.data + mod_len;
+	memcpy(ctx->exponent.data, exp, exp_len);
+
+	ctx->modulus.length = mod_len;
+	ctx->exponent.length = exp_len;
+
+	return 0;
+}
+
+static __rte_always_inline int
+cpt_fill_rsa_params(struct cpt_asym_sess_misc *sess,
+		    struct rte_crypto_asym_xform *xform)
+{
+	struct rte_crypto_rsa_priv_key_qt qt = xform->rsa.qt;
+	struct rte_crypto_rsa_xform *xfrm_rsa = &xform->rsa;
+	struct rte_crypto_rsa_xform *rsa = &sess->rsa_ctx;
+	size_t mod_len = xfrm_rsa->n.length;
+	size_t exp_len = xfrm_rsa->e.length;
+	uint64_t total_size;
+	size_t len = 0;
+
+	/* Make sure key length used is not more than mod_len/2 */
+	if (qt.p.data != NULL)
+		len = (((mod_len / 2) < qt.p.length) ? len : qt.p.length);
+
+	/* Total size required for RSA key params(n,e,(q,dQ,p,dP,qInv)) */
+	total_size = mod_len + exp_len + 5 * len;
+
+	/* Allocate buffer to hold all RSA keys */
+	rsa->n.data = rte_malloc(NULL, total_size, 0);
+	if (rsa->n.data == NULL) {
+		CPT_LOG_DP_ERR("Could not allocate buffer for RSA keys");
+		return -ENOMEM;
+	}
+
+	/* Set up RSA prime modulus and public key exponent */
+	memcpy(rsa->n.data, xfrm_rsa->n.data, mod_len);
+	rsa->e.data = rsa->n.data + mod_len;
+	memcpy(rsa->e.data, xfrm_rsa->e.data, exp_len);
+
+	/* Private key in quintuple format */
+	if (len != 0) {
+		rsa->qt.q.data = rsa->e.data + exp_len;
+		memcpy(rsa->qt.q.data, qt.q.data, qt.q.length);
+		rsa->qt.dQ.data = rsa->qt.q.data + qt.q.length;
+		memcpy(rsa->qt.dQ.data, qt.dQ.data, qt.dQ.length);
+		rsa->qt.p.data = rsa->qt.dQ.data + qt.dQ.length;
+		memcpy(rsa->qt.p.data, qt.p.data, qt.p.length);
+		rsa->qt.dP.data = rsa->qt.p.data + qt.p.length;
+		memcpy(rsa->qt.dP.data, qt.dP.data, qt.dP.length);
+		rsa->qt.qInv.data = rsa->qt.dP.data + qt.dP.length;
+		memcpy(rsa->qt.qInv.data, qt.qInv.data, qt.qInv.length);
+
+		rsa->qt.q.length = qt.q.length;
+		rsa->qt.dQ.length = qt.dQ.length;
+		rsa->qt.p.length = qt.p.length;
+		rsa->qt.dP.length = qt.dP.length;
+		rsa->qt.qInv.length = qt.qInv.length;
+	}
+	rsa->n.length = mod_len;
+	rsa->e.length = exp_len;
+
+	return 0;
+}
+
+static __rte_always_inline int
+cpt_fill_asym_session_parameters(struct cpt_asym_sess_misc *sess,
+				 struct rte_crypto_asym_xform *xform)
+{
+	int ret;
+
+	sess->xfrm_type = xform->xform_type;
+
+	switch (xform->xform_type) {
+	case RTE_CRYPTO_ASYM_XFORM_RSA:
+		ret = cpt_fill_rsa_params(sess, xform);
+		break;
+	case RTE_CRYPTO_ASYM_XFORM_MODEX:
+		ret = cpt_fill_modex_params(sess, xform);
+		break;
+	default:
+		return -EINVAL;
+	}
+	return ret;
+}
+
+static __rte_always_inline void
+cpt_free_asym_session_parameters(struct cpt_asym_sess_misc *sess)
+{
+	struct rte_crypto_modex_xform *mod;
+	struct rte_crypto_rsa_xform *rsa;
+
+	switch (sess->xfrm_type) {
+	case RTE_CRYPTO_ASYM_XFORM_RSA:
+		rsa = &sess->rsa_ctx;
+		if (rsa->n.data)
+			rte_free(rsa->n.data);
+		break;
+	case RTE_CRYPTO_ASYM_XFORM_MODEX:
+		mod = &sess->mod_ctx;
+		if (mod->modulus.data)
+			rte_free(mod->modulus.data);
+		break;
+	default:
+		break;
+	}
+}
+
+#endif /* _CPT_UCODE_ASYM_H_ */
diff --git a/drivers/crypto/octeontx/otx_cryptodev_ops.c b/drivers/crypto/octeontx/otx_cryptodev_ops.c
index b59a001..5c08bc1 100644
--- a/drivers/crypto/octeontx/otx_cryptodev_ops.c
+++ b/drivers/crypto/octeontx/otx_cryptodev_ops.c
@@ -12,6 +12,7 @@ 
 
 #include "cpt_pmd_logs.h"
 #include "cpt_ucode.h"
+#include "cpt_ucode_asym.h"
 
 #include "otx_cryptodev.h"
 #include "otx_cryptodev_capabilities.h"
@@ -285,6 +286,65 @@  otx_cpt_session_clear(struct rte_cryptodev *dev,
 	}
 }
 
+static unsigned int
+otx_cpt_asym_session_size_get(struct rte_cryptodev *dev __rte_unused)
+{
+	return sizeof(struct cpt_asym_sess_misc);
+}
+
+static int
+otx_cpt_asym_session_cfg(struct rte_cryptodev *dev,
+			 struct rte_crypto_asym_xform *xform __rte_unused,
+			 struct rte_cryptodev_asym_session *sess,
+			 struct rte_mempool *pool)
+{
+	struct cpt_asym_sess_misc *priv;
+	int ret;
+
+	CPT_PMD_INIT_FUNC_TRACE();
+
+	if (rte_mempool_get(pool, (void **)&priv)) {
+		CPT_LOG_ERR("Could not allocate session private data");
+		return -ENOMEM;
+	}
+
+	memset(priv, 0, sizeof(struct cpt_asym_sess_misc));
+
+	ret = cpt_fill_asym_session_parameters(priv, xform);
+	if (ret) {
+		CPT_LOG_ERR("Could not configure session parameters");
+
+		/* Return session to mempool */
+		rte_mempool_put(pool, priv);
+		return ret;
+	}
+
+	set_asym_session_private_data(sess, dev->driver_id, priv);
+	return 0;
+}
+
+static void
+otx_cpt_asym_session_clear(struct rte_cryptodev *dev,
+			   struct rte_cryptodev_asym_session *sess)
+{
+	struct cpt_asym_sess_misc *priv;
+	struct rte_mempool *sess_mp;
+
+	CPT_PMD_INIT_FUNC_TRACE();
+
+	priv = get_asym_session_private_data(sess, dev->driver_id);
+
+	if (priv == NULL)
+		return;
+
+	/* Free resources allocated during session configure */
+	cpt_free_asym_session_parameters(priv);
+	memset(priv, 0, otx_cpt_asym_session_size_get(dev));
+	sess_mp = rte_mempool_from_obj(priv);
+	set_asym_session_private_data(sess, dev->driver_id, NULL);
+	rte_mempool_put(sess_mp, priv);
+}
+
 static __rte_always_inline int32_t __hot
 otx_cpt_request_enqueue(struct cpt_instance *instance,
 			struct pending_queue *pqueue,
@@ -584,7 +644,11 @@  static struct rte_cryptodev_ops cptvf_ops = {
 	/* Crypto related operations */
 	.sym_session_get_size = otx_cpt_get_session_size,
 	.sym_session_configure = otx_cpt_session_cfg,
-	.sym_session_clear = otx_cpt_session_clear
+	.sym_session_clear = otx_cpt_session_clear,
+
+	.asym_session_get_size = otx_cpt_asym_session_size_get,
+	.asym_session_configure = otx_cpt_asym_session_cfg,
+	.asym_session_clear = otx_cpt_asym_session_clear,
 };
 
 int