[v2,2/2] crypto/qat: handle mixed hash-cipher crypto on GEN2 QAT
Checks
Commit Message
This patch adds handling of mixed hash-cipher algorithms
available on GEN2 QAT in particular firmware versions.
Also the documentation is updated to show the mixed crypto
algorithms are supported on QAT GEN2.
Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
---
doc/guides/cryptodevs/qat.rst | 9 ++++-----
doc/guides/rel_notes/release_20_05.rst | 7 +++++++
drivers/crypto/qat/qat_sym_pmd.c | 27 ++++++++++++++++++++++++++
drivers/crypto/qat/qat_sym_pmd.h | 5 +++++
drivers/crypto/qat/qat_sym_session.c | 17 ++++++++++------
5 files changed, 54 insertions(+), 11 deletions(-)
@@ -82,18 +82,17 @@ All the usual chains are supported and also some mixed chains:
+------------------+-----------+-------------+----------+----------+
| Cipher algorithm | NULL AUTH | SNOW3G UIA2 | ZUC EIA3 | AES CMAC |
+==================+===========+=============+==========+==========+
- | NULL CIPHER | Y | 3 | 3 | Y |
+ | NULL CIPHER | Y | 2&3 | 2&3 | Y |
+------------------+-----------+-------------+----------+----------+
- | SNOW3G UEA2 | 3 | Y | 3 | 3 |
+ | SNOW3G UEA2 | 2&3 | Y | 2&3 | 2&3 |
+------------------+-----------+-------------+----------+----------+
- | ZUC EEA3 | 3 | 3 | 2&3 | 3 |
+ | ZUC EEA3 | 2&3 | 2&3 | 2&3 | 2&3 |
+------------------+-----------+-------------+----------+----------+
- | AES CTR | Y | 3 | 3 | Y |
+ | AES CTR | Y | 2&3 | 2&3 | Y |
+------------------+-----------+-------------+----------+----------+
* The combinations marked as "Y" are supported on all QAT hardware versions.
* The combinations marked as "2&3" are supported on GEN2/GEN3 QAT hardware only.
-* The combinations marked as "3" are supported on GEN3 QAT hardware only.
Limitations
@@ -56,6 +56,13 @@ New Features
Also, make sure to start the actual text at the margin.
=========================================================
+* **Added handling of mixed crypto algorithms in QAT PMD for GEN2.**
+
+ Enabled handling of mixed algorithms in encrypted digest hash-cipher
+ (generation) and cipher-hash (verification) requests in QAT PMD
+ when running on GEN2 QAT hardware with particular firmware versions
+ (GEN3 support was added in DPDK 20.02).
+
Removed Items
-------------
@@ -14,6 +14,8 @@
#include "qat_sym_session.h"
#include "qat_sym_pmd.h"
+#define MIXED_CRYPTO_MIN_FW_VER 0x04090000
+
uint8_t cryptodev_qat_driver_id;
static const struct rte_cryptodev_capabilities qat_gen1_sym_capabilities[] = {
@@ -187,6 +189,31 @@ static int qat_sym_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
qat_sgl_dst);
}
+ /* Get fw version from QAT (GEN2), skip if we've got it already */
+ if (qp->qat_dev_gen == QAT_GEN2 && !(qat_private->internal_capabilities
+ & QAT_SYM_CAP_VALID)) {
+ ret = qat_cq_get_fw_version(qp);
+
+ if (ret < 0) {
+ qat_sym_qp_release(dev, qp_id);
+ return ret;
+ }
+
+ if (ret != 0)
+ QAT_LOG(DEBUG, "QAT firmware version: %d.%d.%d",
+ (ret >> 24) & 0xff,
+ (ret >> 16) & 0xff,
+ (ret >> 8) & 0xff);
+ else
+ QAT_LOG(DEBUG, "unknown QAT firmware version");
+
+ /* set capabilities based on the fw version */
+ qat_private->internal_capabilities = QAT_SYM_CAP_VALID |
+ ((ret >= MIXED_CRYPTO_MIN_FW_VER) ?
+ QAT_SYM_CAP_MIXED_CRYPTO : 0);
+ ret = 0;
+ }
+
return ret;
}
@@ -15,6 +15,10 @@
/** Intel(R) QAT Symmetric Crypto PMD driver name */
#define CRYPTODEV_NAME_QAT_SYM_PMD crypto_qat
+/* Internal capabilities */
+#define QAT_SYM_CAP_MIXED_CRYPTO (1 << 0)
+#define QAT_SYM_CAP_VALID (1 << 31)
+
extern uint8_t cryptodev_qat_driver_id;
/** private data structure for a QAT device.
@@ -29,6 +33,7 @@ struct qat_sym_dev_private {
const struct rte_cryptodev_capabilities *qat_dev_capabilities;
/* QAT device symmetric crypto capabilities */
uint16_t min_enq_burst_threshold;
+ uint32_t internal_capabilities; /* see flags QAT_SYM_CAP_xxx */
};
int
@@ -459,18 +459,23 @@ qat_sym_session_set_ext_hash_flags(struct qat_sym_session *session,
}
static void
-qat_sym_session_handle_mixed(struct qat_sym_session *session)
+qat_sym_session_handle_mixed(const struct rte_cryptodev *dev,
+ struct qat_sym_session *session)
{
+ const struct qat_sym_dev_private *qat_private = dev->data->dev_private;
+ enum qat_device_gen min_dev_gen = (qat_private->internal_capabilities &
+ QAT_SYM_CAP_MIXED_CRYPTO) ? QAT_GEN2 : QAT_GEN3;
+
if (session->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_ZUC_3G_128_EIA3 &&
session->qat_cipher_alg !=
ICP_QAT_HW_CIPHER_ALGO_ZUC_3G_128_EEA3) {
- session->min_qat_dev_gen = QAT_GEN3;
+ session->min_qat_dev_gen = min_dev_gen;
qat_sym_session_set_ext_hash_flags(session,
1 << ICP_QAT_FW_AUTH_HDR_FLAG_ZUC_EIA3_BITPOS);
} else if (session->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_SNOW_3G_UIA2 &&
session->qat_cipher_alg !=
ICP_QAT_HW_CIPHER_ALGO_SNOW_3G_UEA2) {
- session->min_qat_dev_gen = QAT_GEN3;
+ session->min_qat_dev_gen = min_dev_gen;
qat_sym_session_set_ext_hash_flags(session,
1 << ICP_QAT_FW_AUTH_HDR_FLAG_SNOW3G_UIA2_BITPOS);
} else if ((session->aes_cmac ||
@@ -479,7 +484,7 @@ qat_sym_session_handle_mixed(struct qat_sym_session *session)
ICP_QAT_HW_CIPHER_ALGO_SNOW_3G_UEA2 ||
session->qat_cipher_alg ==
ICP_QAT_HW_CIPHER_ALGO_ZUC_3G_128_EEA3)) {
- session->min_qat_dev_gen = QAT_GEN3;
+ session->min_qat_dev_gen = min_dev_gen;
qat_sym_session_set_ext_hash_flags(session, 0);
}
}
@@ -532,7 +537,7 @@ qat_sym_session_set_parameters(struct rte_cryptodev *dev,
if (ret < 0)
return ret;
/* Special handling of mixed hash+cipher algorithms */
- qat_sym_session_handle_mixed(session);
+ qat_sym_session_handle_mixed(dev, session);
}
break;
case ICP_QAT_FW_LA_CMD_HASH_CIPHER:
@@ -551,7 +556,7 @@ qat_sym_session_set_parameters(struct rte_cryptodev *dev,
if (ret < 0)
return ret;
/* Special handling of mixed hash+cipher algorithms */
- qat_sym_session_handle_mixed(session);
+ qat_sym_session_handle_mixed(dev, session);
}
break;
case ICP_QAT_FW_LA_CMD_TRNG_GET_RANDOM: