From patchwork Thu Sep 28 10:23:30 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tomasz Duszynski X-Patchwork-Id: 29242 X-Patchwork-Delegate: pablo.de.lara.guarch@intel.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 470821B1B6; Thu, 28 Sep 2017 12:23:48 +0200 (CEST) Received: from mail-wr0-f178.google.com (mail-wr0-f178.google.com [209.85.128.178]) by dpdk.org (Postfix) with ESMTP id C7F181B1A6 for ; Thu, 28 Sep 2017 12:23:45 +0200 (CEST) Received: by mail-wr0-f178.google.com with SMTP id h16so1772189wrf.6 for ; Thu, 28 Sep 2017 03:23:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=semihalf-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=l6fR4B9U6+ZCV0rYp/PysYWoLVnay+Ms29s35KSgBBo=; b=USrTrvCz9pbEOjs9hShOkwn8FT0x/qxRNFut0OZqkovRqn51R2R/Yb3H6mZDUVtb9p nFB9I4E4mgwtoOYtLonEh869g/KZFABu40FyoPp/UfeoI+pZus/7MlmDLwFDPPks7vQl ge6hk7xc1N0EMxGLX8kOYme9EPa2BIuAm7/Hwp44VDVhHl+G15xsa9aT3IBqCeGpf7dP qKuo5USXO1+2a7ZZU+MVSLku1BY00Z1sAhc6N6uuWVAMogk6NUrYHDrz2KRmsFV/DZBK gUrM42ZfVrrUZD1Y1in9MJf9J1hR8kybYj7j1Q1CCDGCu5O/4UPrr/ZzT24V5nGw6/61 Epkg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=l6fR4B9U6+ZCV0rYp/PysYWoLVnay+Ms29s35KSgBBo=; b=BYO4jHsLMh47bCDjbQlhku4/8zy1s8cjIaWKBm2zCa1vePlHk1jrqGByaQjnAPnTc7 iRjzS62EXSZoMRvb0WZt0hCtndDcJT1Vdz0b9eJonyTvVl77TJIvJEPJ5pQgoL5eTPeL 0iNKpvoClvjumZuP74t6Gk8FiYjw6xZZ4qGQwOFWSxcMwBYEiH/MUv8aJP68NzZ0y9h6 iLsswr1I6sgosfMJKn0CxYn5WT4RzEs7ODLMur+iRtluBZQOwQ7bEeeyHa08vD6xPUeL 8zm6/rTlNSC66bos2WVQD5hnH0WVAvaUiTvNhi0puGBYfGZ5ib76g3X+al9dmbIhZLG9 QD9w== X-Gm-Message-State: AHPjjUiKqtQ6IPVjOpx/xWNS/6M/wnYvSqqH7ibQnFJbuxbswuoaE22q I1U+/AAWR25c/qziedMbv7Vh/OQV2t8= X-Google-Smtp-Source: AOwi7QB5jYAbVHpxIMLgmKXz3ag963tz4X8D2yu2g5dxBU7kVda4D7iT0MX+Yz1VKT7rKr4ZmydUxA== X-Received: by 10.46.42.3 with SMTP id q3mr1797461ljq.191.1506594224833; Thu, 28 Sep 2017 03:23:44 -0700 (PDT) Received: from tdu.semihalf.local (31-172-191-173.noc.fibertech.net.pl. [31.172.191.173]) by smtp.gmail.com with ESMTPSA id l24sm226324ljb.41.2017.09.28.03.23.43 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Sep 2017 03:23:43 -0700 (PDT) From: Tomasz Duszynski To: dev@dpdk.org Cc: mw@semihalf.com, dima@marvell.com, nsamsono@marvell.com, Jianbo.liu@linaro.org, Tomasz Duszynski , Jacek Siuda Date: Thu, 28 Sep 2017 12:23:30 +0200 Message-Id: <1506594212-15803-3-git-send-email-tdu@semihalf.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1506594212-15803-1-git-send-email-tdu@semihalf.com> References: <1506418805-12117-1-git-send-email-tdu@semihalf.com> <1506594212-15803-1-git-send-email-tdu@semihalf.com> Subject: [dpdk-dev] [PATCH v2 2/4] doc: add mrvl crypto pmd documentation X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Add documentation for the MRVL CRYPTO PMD driver. Signed-off-by: Jacek Siuda Signed-off-by: Tomasz Duszynski --- doc/guides/cryptodevs/features/mrvl.ini | 42 +++++++ doc/guides/cryptodevs/index.rst | 1 + doc/guides/cryptodevs/mrvl.rst | 198 ++++++++++++++++++++++++++++++++ 3 files changed, 241 insertions(+) create mode 100644 doc/guides/cryptodevs/features/mrvl.ini create mode 100644 doc/guides/cryptodevs/mrvl.rst diff --git a/doc/guides/cryptodevs/features/mrvl.ini b/doc/guides/cryptodevs/features/mrvl.ini new file mode 100644 index 0000000..6d2fe6a --- /dev/null +++ b/doc/guides/cryptodevs/features/mrvl.ini @@ -0,0 +1,42 @@ +; Supported features of the 'mrvl' crypto driver. +; +; Refer to default.ini for the full list of available PMD features. +; +[Features] +Symmetric crypto = Y +Sym operation chaining = Y + +; +; Supported crypto algorithms of a default crypto driver. +; +[Cipher] +AES CBC (128) = Y +AES CBC (192) = Y +AES CBC (256) = Y +AES CTR (128) = Y +AES CTR (192) = Y +AES CTR (256) = Y +3DES CBC = Y +3DES CTR = Y + +; +; Supported authentication algorithms of a default crypto driver. +; +[Auth] +MD5 = Y +MD5 HMAC = Y +SHA1 = Y +SHA1 HMAC = Y +SHA256 = Y +SHA256 HMAC = Y +SHA384 = Y +SHA384 HMAC = Y +SHA512 = Y +SHA512 HMAC = Y +AES GMAC = Y + +; +; Supported AEAD algorithms of a default crypto driver. +; +[AEAD] +AES GCM (128) = Y diff --git a/doc/guides/cryptodevs/index.rst b/doc/guides/cryptodevs/index.rst index 361b82d..a8ee0eb 100644 --- a/doc/guides/cryptodevs/index.rst +++ b/doc/guides/cryptodevs/index.rst @@ -42,6 +42,7 @@ Crypto Device Drivers dpaa2_sec kasumi openssl + mrvl null scheduler snow3g diff --git a/doc/guides/cryptodevs/mrvl.rst b/doc/guides/cryptodevs/mrvl.rst new file mode 100644 index 0000000..f5a83dc --- /dev/null +++ b/doc/guides/cryptodevs/mrvl.rst @@ -0,0 +1,198 @@ +.. BSD LICENSE + Copyright(c) 2017 Semihalf. All rights reserved. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + * Neither the name of Semihalf nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +MRVL Crypto Poll Mode Driver +============================ + +The MRVL CRYPTO PMD (**librte_crypto_mrvl_pmd**) provides poll mode crypto driver +support by utilizing MUSDK library, which provides cryptographic operations +acceleration by using Security Acceleration Engine (EIP197) directly from +user-space with minimum overhead and high performance. + +Features +-------- + +MRVL CRYPTO PMD has support for: + +* Symmetric crypto +* Sym operation chaining +* AES CBC (128) +* AES CBC (192) +* AES CBC (256) +* AES CTR (128) +* AES CTR (192) +* AES CTR (256) +* 3DES CBC +* 3DES CTR +* MD5 +* MD5 HMAC +* SHA1 +* SHA1 HMAC +* SHA256 +* SHA256 HMAC +* SHA384 +* SHA384 HMAC +* SHA512 +* SHA512 HMAC +* AES GCM (128) + +Limitations +----------- + +* Hardware only supports scenarios where ICV (digest buffer) is placed just + after the authenticated data. Other placement will result in error. + +Installation +------------ + +MRVL CRYPTO PMD driver compilation is disabled by default due to external dependencies. +Currently there are two driver specific compilation options in +``config/common_base`` available: + +- ``CONFIG_RTE_LIBRTE_MRVL_CRYPTO`` (default ``n``) + + Toggle compilation of the librte_pmd_mrvl driver. + +- ``CONFIG_RTE_LIBRTE_MRVL_CRYPTO_DEBUG`` (default ``n``) + + Toggle display of debugging messages. + +During compilation external MUSDK library, which provides direct access +to Marvell's EIP197 cryptographic engine, is necessary. Library sources are +available `here `_. + +Alternatively, prebuilt library can be downloaded from +`Marvell Extranet `_. Once approval has been +granted, library can be found by typing ``musdk`` in the search box. + +For MUSDK library build instruction please refer to ``doc/musdk_get_started.txt`` +in library sources directory. + +Initialization +-------------- + +After successfully building MRVL CRYPTO PMD, the following modules need to be +loaded: + +.. code-block:: console + + insmod musdk_uio.ko + insmod mvpp2x_sysfs.ko + insmod mv_pp_uio.ko + insmod mv_sam_uio.ko + insmod crypto_safexcel.ko + +The following parameters (all optional) are exported by the driver: + +* max_nb_queue_pairs: maximum number of queue pairs in the device (8 by default). +* max_nb_sessions: maximum number of sessions that can be created (2048 by default). +* socket_id: socket on which to allocate the device resources on. + +l2fwd-crypto example application can be used to verify MRVL CRYPTO PMD +operation: + +.. code-block:: console + + ./l2fwd-crypto -c 0x3 --vdev=eth_mrvl,iface=eth0 --vdev=cryptodev_mrvl_pmd + +Example output: + +.. code-block:: console + + [...] + PMD: Max number of queue pairs = 8 + PMD: Max number of sessions = 2048 + [ERROR] Dma object already exits. + [INFO] DMA buffers allocated for 2048 sessions (256 bytes) + Initializing port 0... [ERROR] [pp2_ppio_flush_vlan] routine not supported yet! + PMD: Failed to flush vlan list + [INFO] PORT: Port0 - link is up + [INFO] ---- GOP ID 0 configuration ---- + [INFO] Port mode : KR + [INFO] MAC status : disabled + [INFO] Link status : link up + [INFO] Port speed : 10G + [INFO] Port duplex : full + [INFO] Port: Egress enable tx_port_num=16 qmap=0x1 + [INFO] PORT: Port0 - link is up + [INFO] ---- GOP ID 0 configuration ---- + [INFO] Port mode : KR + [INFO] MAC status : disabled + [INFO] Link status : link up + [INFO] Port speed : 10G + [INFO] Port duplex : full + [INFO] Port: Egress enable tx_port_num=16 qmap=0x1 + [INFO] PORT: Port0 - link is down + [INFO] ---- GOP ID 0 configuration ---- + [INFO] Port mode : KR + [INFO] MAC status : disabled + [INFO] Link status : link down + [INFO] Port speed : 10G + [INFO] Port duplex : full + [INFO] Port: Egress enable tx_port_num=16 qmap=0x1 + Port 0, MAC address: 00:50:43:02:21:20 + + + Checking link statusdone + Port 0 Link Up - speed 0 Mbps - full-duplex + Lcore 0: RX port 0 + [INFO] eip197: 0:0 registers: paddr: 0xf2880000, vaddr: 0x0x7f25480000 + [INFO] DMA buffer (16448 bytes) for CDR #0 allocated: paddr = 0xb0525e00, \ + vaddr = 0x7f21b24e00 + [INFO] DMA buffer (16448 bytes) for RDR #0 allocated: paddr = 0xb0529f00, \ + vaddr = 0x7f21b28f00 + [INFO] DMA buffers allocated for 257 operations. Tokens - 256 bytes + Lcore 0: cryptodev 0 + L2FWD: lcore 1 has nothing to do + L2FWD: entering main loop on lcore 0 + L2FWD: -- lcoreid=0 portid=0 + L2FWD: -- lcoreid=0 cryptoid=0 + Options:- + nportmask: ffffffff + ports per lcore: 1 + refresh period : 10000 + single lcore mode: disabled + stats_printing: enabled + sessionless crypto: disabled + + Crypto chain: Input --> Encrypt --> Auth generate --> Output + + ---- Cipher information --- + Algorithm: aes-cbc + Cipher key: at [0x7f253cee80], len=16 + 00000000: C2 B1 90 57 16 32 A8 56 5A 16 CD A5 D1 24 64 C3 | ...W.2.VZ....$d. + IV: at [0x7f253cec80], len=16 + 00000000: F7 98 65 93 94 22 2C 8F A6 3C F1 F2 7C 88 FF 5D | ..e..",..<..|..] + + ---- Authentication information --- + Algorithm: sha1-hmac + Auth key: at [0x7f253ced80], len=16 + 00000000: 8B 32 09 22 BF A7 AA 0D 0C 65 A3 2E 64 6E 74 44 | .2.".....e..dntD + AAD: at [0x7f253ceb80], len=