Message ID | 20230418092325.2578712-1-suanmingm@nvidia.com (mailing list archive) |
---|---|
Headers |
Return-Path: <dev-bounces@dpdk.org> X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 934554297B; Tue, 18 Apr 2023 11:24:01 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 862BD410EA; Tue, 18 Apr 2023 11:24:01 +0200 (CEST) Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2059.outbound.protection.outlook.com [40.107.94.59]) by mails.dpdk.org (Postfix) with ESMTP id 74FB640698 for <dev@dpdk.org>; Tue, 18 Apr 2023 11:23:59 +0200 (CEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YlzeklP7BjFIZJvSwDT5R5qyVYzZWkptjM6A1BOD1uj6Cnb0/5WmiyVK3elpPlpE6pswooqnJEOvtfumTkxvf8Z+W8OhgdpJviMzhfXdNVaxKyvArhZDR06f6WCj0g0Rjwp0HvSDgh2PzO+n/8Y4tdCx9k6eYcHlPErH/mHwwRXlgEtsUVbOQvPxnE8zpo1bEcKIbfJf5DHWlbDyoKE2c1ZX80VRWIB86G3s4pnexw6ImrTpAtt9A8eb5ratupuhEZfpkbeVqp5LuCDvAy8RScgXVscM8TVJ5MH0nu+xbr65IrkY/eri7g2WP2k9CJWulZ8RAFGffYkYT8tifzqYag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=P8xf3evs75pBUphgAJ+BpHbZHv+9eK8N+g9yZCQ18SM=; b=MNa3Qz5v98g10AL9vUtz42DgJC9J60q/ROyAjytqAx2PN1vXkRKjsmU5aYkqafSYHffcn9veayAi0QCTrbqEqqPksuq+mfThlIOLZJ+LIJkkqMt4rzKcbJoicpCRiVwY1CmscBi47wnmKt8BePwmQ+1NJVcapH9na62lCcwrHpNw8avibouJJJhP4EHBhP5gYg0yEKJwp2H0mNCMPCH1RgPmCJITk3vgL2N64P+KcxmXvGzW2kGL1ByZhm8iFLbXSRnKNAvpwzGJcbDD31oBo9cxomRvW9Y7UlvUW9cUuHHynLkhYZWyWT4Ar56ps9+b7qdx1OqiP3HlIOxJX+eA1A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=dpdk.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=P8xf3evs75pBUphgAJ+BpHbZHv+9eK8N+g9yZCQ18SM=; b=E88UGjaTQoCESm7Xyqog2+s61UCqCakXZfDbXt5MO5JjHgGWUyMH+uWvvBDbsXMtMJAH3l/TDh8a2gbPoTh6SgI7fay6lL6byb7XyOId85P6AocqAXL8ubAA6sF/MmJhIExlNDzW31sFIBFbR3lt0S1USjLPP+XNXzpz7plNHv7F6Vf+mMBdUGla7eO2s9iKyLDRXpVqykaw75CReVrioxHlpduFaqO9/+Hw6McU3S+BzkppYF70PeabsWkLk78APvhi9EI5l3PdDdYwR3VhIMQZVP6cHquPN2bD38I6/T5wq9K9jUoU8ymf/DHqevgcqC5GnCBLkRIksEsrSyTc5w== Received: from DM6PR06CA0049.namprd06.prod.outlook.com (2603:10b6:5:54::26) by CH3PR12MB8536.namprd12.prod.outlook.com (2603:10b6:610:15e::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6298.45; Tue, 18 Apr 2023 09:23:57 +0000 Received: from DM6NAM11FT014.eop-nam11.prod.protection.outlook.com (2603:10b6:5:54:cafe::cc) by DM6PR06CA0049.outlook.office365.com (2603:10b6:5:54::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.20 via Frontend Transport; Tue, 18 Apr 2023 09:23:57 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by DM6NAM11FT014.mail.protection.outlook.com (10.13.173.132) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.20 via Frontend Transport; Tue, 18 Apr 2023 09:23:57 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.5; Tue, 18 Apr 2023 02:23:44 -0700 Received: from nvidia.com (10.126.230.37) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37; Tue, 18 Apr 2023 02:23:42 -0700 From: Suanming Mou <suanmingm@nvidia.com> To: <matan@nvidia.com> CC: <rasland@nvidia.com>, <mkashani@nvidia.com>, <dev@dpdk.org> Subject: [RFC PATCH 0/5] crypto/mlx5: support AES-GCM Date: Tue, 18 Apr 2023 12:23:20 +0300 Message-ID: <20230418092325.2578712-1-suanmingm@nvidia.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Originating-IP: [10.126.230.37] X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT014:EE_|CH3PR12MB8536:EE_ X-MS-Office365-Filtering-Correlation-Id: 5f22e6ee-bb8c-412a-34df-08db3feea346 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: wOv78P2na04FbxxiA/ZboXSxCIQT+6L25RQa9c6fFbgVNy+KlDTXpPXhgQj3bmI2/NBH/khuqIzz3MCPswhtXbN6RBN7FA5t+iBasoWDnKFnt9poKx6jA0vz1Ppn1zCp1wMNnKzn4CWf1K+5HaghAo6bepkB7J9kKLbkFBVzvS6KNMgMtDgfm6IK3v52t57R0oouZAHC4dGFdel2N02R3jdth6v7vt2Vm7wxfTm2EenWFYqKBs/H83AfvEsefAd0GpAJWDMyL/hiTZ6K0SBVa79mrboDQ4aq07rU/nLsoRZXqM6rg5A547UIwsF/JaDLnpsyBqsb0SpX3PR9QYVyDcOco8zaGOVP9iIVb2Z0F8v4ViS4B7oscCXfzNVpSpYTLpQAAbaOvxv/4NnKZczqseBWjb8nGDRCKxEuRnjCfTExsOG7tzI5Lw7gqMRozJ8cWnFo0oTFHXhbWswuyE4zOEb5daxbjSF+iumGIS8dfveaB73EPNh79iaGX2Q02s7FkJO0ZlHUXAp9zflVwhPe1KvvucOJK2r/K6ERS/sr5Sg9YkbaK7FjD74UcKrvBZ9/+ygn4tQHhyJflkDk7+4aY+ichJHugzUdcgsaPJ2jaqHTUk4yuhQ5J+kxEwYlHbrvKEldS1j2rt+W4mHpzHC7BrmNW5W9+lErT7+qohprq37Qh6O3yIWtkhpIEiz6O6cqfF/DFqhvqQt9BjnX/gXKgOjKSeVKhgrEZZsEkV4yzUy1IqQhU7J10L7BSP2Wi6lMM7pIsAgQ00tbF8JyGbZQK3jsV8TfOIOjemTBqEJvEvk= X-Forefront-Antispam-Report: CIP:216.228.117.161; CTRY:US; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:mail.nvidia.com; PTR:dc6edge2.nvidia.com; CAT:NONE; SFS:(13230028)(4636009)(346002)(39860400002)(376002)(396003)(136003)(451199021)(46966006)(40470700004)(36840700001)(36756003)(40460700003)(82310400005)(2906002)(5660300002)(6862004)(7636003)(8936002)(8676002)(41300700001)(356005)(55016003)(40480700001)(86362001)(478600001)(34020700004)(37006003)(2616005)(36860700001)(26005)(1076003)(54906003)(6636002)(186003)(6666004)(6286002)(16526019)(7696005)(336012)(4326008)(426003)(70206006)(70586007)(82740400003)(83380400001)(47076005)(316002); DIR:OUT; SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Apr 2023 09:23:57.5548 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 5f22e6ee-bb8c-412a-34df-08db3feea346 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a; Ip=[216.228.117.161]; Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT014.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR12MB8536 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions <dev.dpdk.org> List-Unsubscribe: <https://mails.dpdk.org/options/dev>, <mailto:dev-request@dpdk.org?subject=unsubscribe> List-Archive: <http://mails.dpdk.org/archives/dev/> List-Post: <mailto:dev@dpdk.org> List-Help: <mailto:dev-request@dpdk.org?subject=help> List-Subscribe: <https://mails.dpdk.org/listinfo/dev>, <mailto:dev-request@dpdk.org?subject=subscribe> Errors-To: dev-bounces@dpdk.org |
Series | crypto/mlx5: support AES-GCM | |
Message
Suanming Mou
April 18, 2023, 9:23 a.m. UTC
AES-GCM provides both authenticated encryption and the ability to check the integrity and authentication of additional authenticated data (AAD) that is sent in the clear. The crypto operations are performed with crypto WQE. If the input buffers(AAD, mbuf, digest) are not contiguous, as the requirement from FW, an UMR WQE is needed to generate contiguous address space for crypto WQE. The UMR WQE and crypto WQE are handled in two different QPs. The QP for UMR operation contains two types of WQE, UMR and SEND_EN WQE. The WQEs are built dynamically according to the crypto operation buffer address. Crypto operation with non-contiguous buffers will have its own UMR WQE, while the operation with contiguous buffers doesn't need the UMR WQE. Once the all the operations WQE in the enqueue burst built finishes, if any UMR WQEs are built, additional SEND_EN WQE will be as the final WQE of the burst in the UMR QP. The purpose of that SEND_EN WQE is to trigger the crypto QP processing with the UMR ready input memory address space buffers. The QP for crypto operations contains only the crypto WQE and the QP WQEs are built as fixed in QP setup. The QP processing is triggered by doorbell ring or the SEND_EN WQE from UMR QP. Suanming Mou (5): crypto/mlx5: add AES-GCM capability crypto/mlx5: add AES-GCM encryption key crypto/mlx5: add AES-GCM session configure crypto/mlx5: add queue pair setup crypto/mlx5: add enqueue and dequeue operations doc/guides/nics/mlx5.rst | 8 + drivers/common/mlx5/mlx5_devx_cmds.c | 29 +- drivers/common/mlx5/mlx5_devx_cmds.h | 18 + drivers/common/mlx5/mlx5_prm.h | 62 +- drivers/crypto/mlx5/meson.build | 1 + drivers/crypto/mlx5/mlx5_crypto.c | 64 +- drivers/crypto/mlx5/mlx5_crypto.h | 57 +- drivers/crypto/mlx5/mlx5_crypto_dek.c | 157 +++-- drivers/crypto/mlx5/mlx5_crypto_gcm.c | 803 ++++++++++++++++++++++++++ 9 files changed, 1139 insertions(+), 60 deletions(-) create mode 100644 drivers/crypto/mlx5/mlx5_crypto_gcm.c
Comments
AES-GCM provides both authenticated encryption and the ability to check the integrity and authentication of additional authenticated data (AAD) that is sent in the clear. The crypto operations are performed with crypto WQE. If the input buffers(AAD, mbuf, digest) are not contiguous and there is no enough headroom or tailroom for AAD or digest, as the requirement from FW, an UMR WQE is needed to generate contiguous address space for crypto WQE. The UMR WQE and crypto WQE are handled in two different QPs. The QP for UMR operation contains two types of WQE, UMR and SEND_EN WQE. The WQEs are built dynamically according to the crypto operation buffer address. Crypto operation with non-contiguous buffers will have its own UMR WQE, while the operation with contiguous buffers doesn't need the UMR WQE. Once the all the operations WQE in the enqueue burst built finishes, if any UMR WQEs are built, additional SEND_EN WQE will be as the final WQE of the burst in the UMR QP. The purpose of that SEND_EN WQE is to trigger the crypto QP processing with the UMR ready input memory address space buffers. The QP for crypto operations contains only the crypto WQE and the QP WQEs are built as fixed in QP setup. The QP processing is triggered by doorbell ring or the SEND_EN WQE from UMR QP. v2: - split XTS and GCM code to different file. - add headroom and tailroom optimize. v3: - fix AES-GCM 128b key creation. Suanming Mou (9): common/mlx5: export memory region lookup by address crypto/mlx5: split AES-XTS crypto/mlx5: add AES-GCM query and initialization crypto/mlx5: add AES-GCM encryption key crypto/mlx5: add AES-GCM session configure common/mlx5: add WQE-based QP synchronous basics crypto/mlx5: add queue pair setup for GCM crypto/mlx5: add enqueue and dequeue operations crypto/mlx5: enable AES-GCM capability doc/guides/cryptodevs/mlx5.rst | 48 +- doc/guides/rel_notes/release_23_07.rst | 1 + drivers/common/mlx5/mlx5_common_mr.c | 2 +- drivers/common/mlx5/mlx5_common_mr.h | 5 + drivers/common/mlx5/mlx5_devx_cmds.c | 21 + drivers/common/mlx5/mlx5_devx_cmds.h | 16 + drivers/common/mlx5/mlx5_prm.h | 65 +- drivers/common/mlx5/version.map | 3 + drivers/crypto/mlx5/meson.build | 2 + drivers/crypto/mlx5/mlx5_crypto.c | 673 ++--------------- drivers/crypto/mlx5/mlx5_crypto.h | 101 ++- drivers/crypto/mlx5/mlx5_crypto_dek.c | 102 ++- drivers/crypto/mlx5/mlx5_crypto_gcm.c | 997 +++++++++++++++++++++++++ drivers/crypto/mlx5/mlx5_crypto_xts.c | 645 ++++++++++++++++ 14 files changed, 2016 insertions(+), 665 deletions(-) create mode 100644 drivers/crypto/mlx5/mlx5_crypto_gcm.c create mode 100644 drivers/crypto/mlx5/mlx5_crypto_xts.c
Hi Akhil, Maybe due to "To" is empty, it was not collected correctly to the ML. But it was in my inbox, and you were cced. Thanks, Suanming > -----Original Message----- > From: Suanming Mou <suanmingm@nvidia.com> > Sent: Tuesday, June 20, 2023 9:23 AM > Cc: Raslan Darawsheh <rasland@nvidia.com>; dev@dpdk.org; > gakhil@marvell.com > Subject: [PATCH v2 0/9] crypto/mlx5: support AES-GCM > > AES-GCM provides both authenticated encryption and the ability to check the > integrity and authentication of additional authenticated data (AAD) that is sent in > the clear. > > The crypto operations are performed with crypto WQE. If the input buffers(AAD, > mbuf, digest) are not contiguous and there is no enough headroom or tailroom for > AAD or digest, as the requirement from FW, an UMR WQE is needed to generate > contiguous address space for crypto WQE. > The UMR WQE and crypto WQE are handled in two different QPs. > > The QP for UMR operation contains two types of WQE, UMR and SEND_EN WQE. > The WQEs are built dynamically according to the crypto operation buffer address. > Crypto operation with non-contiguous buffers will > have its own UMR WQE, while the operation with contiguous buffers > doesn't need the UMR WQE. Once the all the operations WQE in the enqueue > burst built finishes, if any UMR WQEs are built, additional SEND_EN WQE will be > as the final WQE of the burst in the UMR QP. > The purpose of that SEND_EN WQE is to trigger the crypto QP processing with the > UMR ready input memory address space buffers. > > The QP for crypto operations contains only the crypto WQE and the QP WQEs are > built as fixed in QP setup. The QP processing is triggered by doorbell ring or the > SEND_EN WQE from UMR QP. > > v2: > - split XTS and GCM code to different file. > - add headroom and tailroom optimize. > > v3: > - fix AES-GCM 128b key creation. > > Suanming Mou (9): > common/mlx5: export memory region lookup by address > crypto/mlx5: split AES-XTS > crypto/mlx5: add AES-GCM query and initialization > crypto/mlx5: add AES-GCM encryption key > crypto/mlx5: add AES-GCM session configure > common/mlx5: add WQE-based QP synchronous basics > crypto/mlx5: add queue pair setup for GCM > crypto/mlx5: add enqueue and dequeue operations > crypto/mlx5: enable AES-GCM capability > > doc/guides/cryptodevs/mlx5.rst | 48 +- > doc/guides/rel_notes/release_23_07.rst | 1 + > drivers/common/mlx5/mlx5_common_mr.c | 2 +- > drivers/common/mlx5/mlx5_common_mr.h | 5 + > drivers/common/mlx5/mlx5_devx_cmds.c | 21 + > drivers/common/mlx5/mlx5_devx_cmds.h | 16 + > drivers/common/mlx5/mlx5_prm.h | 65 +- > drivers/common/mlx5/version.map | 3 + > drivers/crypto/mlx5/meson.build | 2 + > drivers/crypto/mlx5/mlx5_crypto.c | 673 ++--------------- > drivers/crypto/mlx5/mlx5_crypto.h | 101 ++- > drivers/crypto/mlx5/mlx5_crypto_dek.c | 102 ++- > drivers/crypto/mlx5/mlx5_crypto_gcm.c | 997 +++++++++++++++++++++++++ > drivers/crypto/mlx5/mlx5_crypto_xts.c | 645 ++++++++++++++++ > 14 files changed, 2016 insertions(+), 665 deletions(-) create mode 100644 > drivers/crypto/mlx5/mlx5_crypto_gcm.c > create mode 100644 drivers/crypto/mlx5/mlx5_crypto_xts.c > > -- > 2.25.1
Hi Suanming, > Hi Akhil, > > Maybe due to "To" is empty, it was not collected correctly to the ML. But it was > in my inbox, and you were cced. > This is a v2 cover-letter as per the title.
> -----Original Message----- > From: Akhil Goyal <gakhil@marvell.com> > Sent: Tuesday, June 20, 2023 5:59 PM > To: Suanming Mou <suanmingm@nvidia.com> > Cc: Raslan Darawsheh <rasland@nvidia.com>; dev@dpdk.org > Subject: RE: [PATCH v2 0/9] crypto/mlx5: support AES-GCM > > Hi Suanming, > > Hi Akhil, > > > > Maybe due to "To" is empty, it was not collected correctly to the ML. > > But it was in my inbox, and you were cced. > > > This is a v2 cover-letter as per the title. Sorry, v2 is typo here, it is v3 in fact. So I understand why the cover-letter was "missing".
From: Suanming Mou > > -----Original Message----- > > From: Akhil Goyal <gakhil@marvell.com> > > Sent: Tuesday, June 20, 2023 5:59 PM > > To: Suanming Mou <suanmingm@nvidia.com> > > Cc: Raslan Darawsheh <rasland@nvidia.com>; dev@dpdk.org > > Subject: RE: [PATCH v2 0/9] crypto/mlx5: support AES-GCM > > > > Hi Suanming, > > > Hi Akhil, > > > > > > Maybe due to "To" is empty, it was not collected correctly to the ML. > > > But it was in my inbox, and you were cced. > > > > > This is a v2 cover-letter as per the title. > > Sorry, v2 is typo here, it is v3 in fact. So I understand why the cover-letter was > "missing". For v3 series: Series-acked-by: Matan Azrad <matan@nvidia.com>