[1/2] crypto/qat: add chacha poly implementation
Checks
Commit Message
This patchset adds Chacha20-Poly1305 implementation to Intel
QuickAssist Technology pmd.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
doc/guides/cryptodevs/qat.rst | 1 +
doc/guides/rel_notes/release_20_02.rst | 4 ++++
drivers/common/qat/qat_adf/icp_qat_hw.h | 17 ++++++++++++++--
drivers/crypto/qat/qat_sym_capabilities.h | 32 +++++++++++++++++++++++++++++++
drivers/crypto/qat/qat_sym_pmd.c | 11 ++++++++++-
drivers/crypto/qat/qat_sym_session.c | 20 +++++++++++++++----
6 files changed, 78 insertions(+), 7 deletions(-)
Comments
Hi Arek,
> -----Original Message-----
> From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Sent: Friday, December 6, 2019 6:14 PM
> To: dev@dpdk.org
> Cc: akhil.goyal@nxp.com; Trahe, Fiona <fiona.trahe@intel.com>; Kusztal, ArkadiuszX
> <arkadiuszx.kusztal@intel.com>
> Subject: [PATCH 1/2] crypto/qat: add chacha poly implementation
>
> This patchset adds Chacha20-Poly1305 implementation to Intel
> QuickAssist Technology pmd.
>
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> ---
> doc/guides/cryptodevs/qat.rst | 1 +
> doc/guides/rel_notes/release_20_02.rst | 4 ++++
> drivers/common/qat/qat_adf/icp_qat_hw.h | 17 ++++++++++++++--
> drivers/crypto/qat/qat_sym_capabilities.h | 32 +++++++++++++++++++++++++++++++
> drivers/crypto/qat/qat_sym_pmd.c | 11 ++++++++++-
> drivers/crypto/qat/qat_sym_session.c | 20 +++++++++++++++----
> 6 files changed, 78 insertions(+), 7 deletions(-)
[Fiona] The supported algorithm Matrix should be updated. This was missing from the API patch,
But can be added with this patch as this is the first PMD which is enabling this algorithm.
///snip///
> diff --git a/drivers/common/qat/qat_adf/icp_qat_hw.h b/drivers/common/qat/qat_adf/icp_qat_hw.h
> index cef6486..ed04178 100644
> --- a/drivers/common/qat/qat_adf/icp_qat_hw.h
> +++ b/drivers/common/qat/qat_adf/icp_qat_hw.h
> @@ -51,7 +51,10 @@ enum icp_qat_hw_auth_algo {
> ICP_QAT_HW_AUTH_ALGO_SHA3_256 = 17,
> ICP_QAT_HW_AUTH_RESERVED_3 = 18,
> ICP_QAT_HW_AUTH_ALGO_SHA3_512 = 19,
> - ICP_QAT_HW_AUTH_ALGO_DELIMITER = 20
> + ICP_QAT_HW_AUTH_ALGO_SHAKE_128 = 20,
> + ICP_QAT_HW_AUTH_ALGO_SHAKE_256 = 21,
> + ICP_QAT_HW_AUTH_ALGO_POLY = 22,
[Fiona] I don't see anywhere these are used? Shouldn't they be?
///snip///
> +#define ICP_QAT_HW_CHACHAPOLY_ICV__SZ 16
[Fiona] typo double underscore. Need to update based on latest firmware hdrs
///snip///
> diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c
> index 72290ba..c6ca42c 100644
> --- a/drivers/crypto/qat/qat_sym_session.c
> +++ b/drivers/crypto/qat/qat_sym_session.c
> @@ -519,7 +519,8 @@ qat_sym_session_handle_single_pass(struct qat_sym_dev_private *internals,
> session->is_single_pass = 1;
> session->min_qat_dev_gen = QAT_GEN3;
> session->qat_cmd = ICP_QAT_FW_LA_CMD_CIPHER;
> - session->qat_mode = ICP_QAT_HW_CIPHER_AEAD_MODE;
> + if (aead_xform->algo == RTE_CRYPTO_AEAD_AES_GCM)
> + session->qat_mode = ICP_QAT_HW_CIPHER_AEAD_MODE;
[Fiona] This fn should be reworked as now handling both chacha and gcm - comments only refer to GCM, and condition only checks GCM iv length - which is coincidentally matching chacha length. Several vars (is_single_pass, qat_mode , qat_dev_gen) are set up before for chacha, then rewritten here. Best do his only in fn and make clear what's common and what's different for each algo.
///snip///
> @@ -746,15 +749,24 @@ qat_sym_session_configure_aead(struct rte_cryptodev *dev,
> session->qat_mode = ICP_QAT_HW_CIPHER_CTR_MODE;
> session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_AES_CBC_MAC;
> break;
> + case RTE_CRYPTO_AEAD_CHACHA20_POLY1305:
> + if (aead_xform->key.length != ICP_QAT_HW_CHACHAPOLY_KEY_SZ)
> + return -EINVAL;
> + session->qat_cipher_alg = ICP_QAT_HW_CIPHER_ALGO_CHACHA20_POLY1305;
> + session->qat_mode = ICP_QAT_HW_CIPHER_CTR_MODE;
> + session->min_qat_dev_gen = QAT_GEN3;
> + session->is_single_pass = 1;
[Fiona] as comment above - combine these with the single-pass fn.
Maybe move call to handle_single_pass() into this switch statement?
Also, I don't see qat_hash_alg set anywhere for CHACHA? Is this defaulting to ALGO_NULL or missed?
If default, better set explicitly as several other fns depend on this (get_state1, get_digest_size, get_block_size).
@@ -70,6 +70,7 @@ Supported AEAD algorithms:
* ``RTE_CRYPTO_AEAD_AES_GCM``
* ``RTE_CRYPTO_AEAD_AES_CCM``
+* ``RTE_CRYPTO_AEAD_CHACHA20_POLY1305``
Limitations
@@ -60,6 +60,10 @@ New Features
Chacha20-Poly1305 AEAD algorithm can now be supported in Cryptodev.
+* **Updated the Intel QuickAssist Technology (QAT) symmetric crypto PMD.**
+
+ Added Chacha20-Poly1305 AEAD algorithm.
+
Removed Items
-------------
@@ -51,7 +51,10 @@ enum icp_qat_hw_auth_algo {
ICP_QAT_HW_AUTH_ALGO_SHA3_256 = 17,
ICP_QAT_HW_AUTH_RESERVED_3 = 18,
ICP_QAT_HW_AUTH_ALGO_SHA3_512 = 19,
- ICP_QAT_HW_AUTH_ALGO_DELIMITER = 20
+ ICP_QAT_HW_AUTH_ALGO_SHAKE_128 = 20,
+ ICP_QAT_HW_AUTH_ALGO_SHAKE_256 = 21,
+ ICP_QAT_HW_AUTH_ALGO_POLY = 22,
+ ICP_QAT_HW_AUTH_ALGO_DELIMITER = 23
};
enum icp_qat_hw_auth_mode {
@@ -204,7 +207,9 @@ enum icp_qat_hw_cipher_algo {
ICP_QAT_HW_CIPHER_ALGO_KASUMI = 7,
ICP_QAT_HW_CIPHER_ALGO_SNOW_3G_UEA2 = 8,
ICP_QAT_HW_CIPHER_ALGO_ZUC_3G_128_EEA3 = 9,
- ICP_QAT_HW_CIPHER_DELIMITER = 10
+ ICP_QAT_HW_CIPHER_ALGO_SM4 = 10,
+ ICP_QAT_HW_CIPHER_ALGO_CHACHA20_POLY1305 = 11,
+ ICP_QAT_HW_CIPHER_DELIMITER = 12
};
enum icp_qat_hw_cipher_mode {
@@ -306,6 +311,14 @@ enum icp_qat_hw_cipher_convert {
#define ICP_QAT_HW_ZUC_3G_EEA3_KEY_SZ 16
#define ICP_QAT_HW_ZUC_3G_EEA3_IV_SZ 16
#define ICP_QAT_HW_MODE_F8_NUM_REG_TO_CLEAR 2
+#define ICP_QAT_HW_SM4_KEY_SZ 16
+#define ICP_QAT_HW_SM4_IV_SZ 16
+#define ICP_QAT_HW_CHACHAPOLY_KEY_SZ 32
+#define ICP_QAT_HW_CHACHAPOLY_IV_SZ 12
+#define ICP_QAT_HW_CHACHAPOLY_BLK_SZ 64
+#define ICP_QAT_HW_SPC_CTR_SZ 16
+#define ICP_QAT_HW_CHACHAPOLY_ICV__SZ 16
+#define ICP_QAT_HW_CHACHAPOLY_AAD_MAX_LOG 14
#define ICP_QAT_HW_CIPHER_MAX_KEY_SZ ICP_QAT_HW_AES_256_F8_KEY_SZ
@@ -594,4 +594,36 @@
}, } \
}
+#define QAT_EXTRA_GEN3_SYM_CAPABILITIES \
+ { /* Chacha20-Poly1305 */ \
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \
+ {.sym = { \
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD, \
+ {.aead = { \
+ .algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305, \
+ .block_size = 64, \
+ .key_size = { \
+ .min = 32, \
+ .max = 32, \
+ .increment = 0 \
+ }, \
+ .digest_size = { \
+ .min = 16, \
+ .max = 16, \
+ .increment = 0 \
+ }, \
+ .aad_size = { \
+ .min = 0, \
+ .max = 240, \
+ .increment = 1 \
+ }, \
+ .iv_size = { \
+ .min = 12, \
+ .max = 12, \
+ .increment = 0 \
+ }, \
+ }, } \
+ }, } \
+ }
+
#endif /* _QAT_SYM_CAPABILITIES_H_ */
@@ -27,6 +27,13 @@ static const struct rte_cryptodev_capabilities qat_gen2_sym_capabilities[] = {
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
+static const struct rte_cryptodev_capabilities qat_gen3_sym_capabilities[] = {
+ QAT_BASE_GEN1_SYM_CAPABILITIES,
+ QAT_EXTRA_GEN2_SYM_CAPABILITIES,
+ QAT_EXTRA_GEN3_SYM_CAPABILITIES,
+ RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
+};
+
static int qat_sym_qp_release(struct rte_cryptodev *dev,
uint16_t queue_pair_id);
@@ -291,9 +298,11 @@ qat_sym_dev_create(struct qat_pci_device *qat_pci_dev)
internals->qat_dev_capabilities = qat_gen1_sym_capabilities;
break;
case QAT_GEN2:
- case QAT_GEN3:
internals->qat_dev_capabilities = qat_gen2_sym_capabilities;
break;
+ case QAT_GEN3:
+ internals->qat_dev_capabilities = qat_gen3_sym_capabilities;
+ break;
default:
internals->qat_dev_capabilities = qat_gen2_sym_capabilities;
QAT_LOG(DEBUG,
@@ -519,7 +519,8 @@ qat_sym_session_handle_single_pass(struct qat_sym_dev_private *internals,
session->is_single_pass = 1;
session->min_qat_dev_gen = QAT_GEN3;
session->qat_cmd = ICP_QAT_FW_LA_CMD_CIPHER;
- session->qat_mode = ICP_QAT_HW_CIPHER_AEAD_MODE;
+ if (aead_xform->algo == RTE_CRYPTO_AEAD_AES_GCM)
+ session->qat_mode = ICP_QAT_HW_CIPHER_AEAD_MODE;
session->cipher_iv.offset = aead_xform->iv.offset;
session->cipher_iv.length = aead_xform->iv.length;
if (qat_sym_session_aead_create_cd_cipher(session,
@@ -566,6 +567,7 @@ qat_sym_session_handle_single_pass(struct qat_sym_dev_private *internals,
aead_xform->aad_length);
cipher_param->spc_aad_sz = aead_xform->aad_length;
cipher_param->spc_auth_res_sz = aead_xform->digest_length;
+
}
return 0;
}
@@ -727,6 +729,7 @@ qat_sym_session_configure_aead(struct rte_cryptodev *dev,
session->cipher_iv.offset = xform->aead.iv.offset;
session->cipher_iv.length = xform->aead.iv.length;
+ session->is_single_pass = 0;
switch (aead_xform->algo) {
case RTE_CRYPTO_AEAD_AES_GCM:
if (qat_sym_validate_aes_key(aead_xform->key.length,
@@ -746,15 +749,24 @@ qat_sym_session_configure_aead(struct rte_cryptodev *dev,
session->qat_mode = ICP_QAT_HW_CIPHER_CTR_MODE;
session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_AES_CBC_MAC;
break;
+ case RTE_CRYPTO_AEAD_CHACHA20_POLY1305:
+ if (aead_xform->key.length != ICP_QAT_HW_CHACHAPOLY_KEY_SZ)
+ return -EINVAL;
+ session->qat_cipher_alg = ICP_QAT_HW_CIPHER_ALGO_CHACHA20_POLY1305;
+ session->qat_mode = ICP_QAT_HW_CIPHER_CTR_MODE;
+ session->min_qat_dev_gen = QAT_GEN3;
+ session->is_single_pass = 1;
+ break;
default:
QAT_LOG(ERR, "Crypto: Undefined AEAD specified %u\n",
aead_xform->algo);
return -EINVAL;
}
- session->is_single_pass = 0;
- if (aead_xform->algo == RTE_CRYPTO_AEAD_AES_GCM) {
- /* Use faster Single-Pass GCM if possible */
+ if (aead_xform->algo == RTE_CRYPTO_AEAD_AES_GCM ||
+ aead_xform->algo == RTE_CRYPTO_AEAD_CHACHA20_POLY1305) {
+ /* Use faster Single-Pass GCM if possible, for ChachaPoly
+ it always is single pass */
int res = qat_sym_session_handle_single_pass(
dev->data->dev_private, session, aead_xform);
if (res < 0)