@@ -3,6 +3,7 @@
*/
#include <rte_cryptodev.h>
+#include <rte_ether.h>
#include "cperf_ops.h"
#include "cperf_test_vectors.h"
@@ -15,8 +16,7 @@ cperf_set_ops_security(struct rte_crypto_op **ops,
uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
const struct cperf_options *options __rte_unused,
const struct cperf_test_vector *test_vector __rte_unused,
- uint16_t iv_offset __rte_unused,
- uint32_t *imix_idx __rte_unused)
+ uint16_t iv_offset __rte_unused, uint32_t *imix_idx)
{
uint16_t i;
@@ -24,14 +24,39 @@ cperf_set_ops_security(struct rte_crypto_op **ops,
struct rte_crypto_sym_op *sym_op = ops[i]->sym;
struct rte_security_session *sec_sess =
(struct rte_security_session *)sess;
+ uint32_t buf_sz;
ops[i]->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
rte_security_attach_session(ops[i], sec_sess);
sym_op->m_src = (struct rte_mbuf *)((uint8_t *)ops[i] +
src_buf_offset);
- sym_op->m_src->buf_len = options->segment_sz;
- sym_op->m_src->data_len = options->test_buffer_size;
- sym_op->m_src->pkt_len = sym_op->m_src->data_len;
+
+ if (options->op_type == CPERF_PDCP) {
+ sym_op->m_src->buf_len = options->segment_sz;
+ sym_op->m_src->data_len = options->test_buffer_size;
+ sym_op->m_src->pkt_len = sym_op->m_src->data_len;
+ }
+
+ if (options->op_type == CPERF_DOCSIS) {
+ if (options->imix_distribution_count) {
+ buf_sz = options->imix_buffer_sizes[*imix_idx];
+ *imix_idx = (*imix_idx + 1) % options->pool_sz;
+ } else
+ buf_sz = options->test_buffer_size;
+
+ /* DOCSIS header is not CRC'ed */
+ sym_op->auth.data.offset = options->docsis_hdr_sz;
+ sym_op->auth.data.length = buf_sz -
+ sym_op->auth.data.offset - RTE_ETHER_CRC_LEN;
+ /*
+ * DOCSIS header and SRC and DST MAC addresses are not
+ * ciphered
+ */
+ sym_op->cipher.data.offset = sym_op->auth.data.offset +
+ RTE_ETHER_HDR_LEN - RTE_ETHER_TYPE_LEN;
+ sym_op->cipher.data.length = buf_sz -
+ sym_op->cipher.data.offset;
+ }
/* Set dest mbuf to NULL if out-of-place (dst_buf_offset = 0) */
if (dst_buf_offset == 0)
@@ -589,6 +614,49 @@ cperf_create_session(struct rte_mempool *sess_mp,
return (void *)rte_security_session_create(ctx,
&sess_conf, sess_mp);
}
+ if (options->op_type == CPERF_DOCSIS) {
+ enum rte_security_docsis_direction direction;
+
+ cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+ cipher_xform.next = NULL;
+ cipher_xform.cipher.algo = options->cipher_algo;
+ cipher_xform.cipher.op = options->cipher_op;
+ cipher_xform.cipher.iv.offset = iv_offset;
+ if (options->cipher_algo != RTE_CRYPTO_CIPHER_NULL) {
+ cipher_xform.cipher.key.data =
+ test_vector->cipher_key.data;
+ cipher_xform.cipher.key.length =
+ test_vector->cipher_key.length;
+ cipher_xform.cipher.iv.length =
+ test_vector->cipher_iv.length;
+ } else {
+ cipher_xform.cipher.key.data = NULL;
+ cipher_xform.cipher.key.length = 0;
+ cipher_xform.cipher.iv.length = 0;
+ }
+ cipher_xform.next = NULL;
+
+ if (options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
+ direction = RTE_SECURITY_DOCSIS_DOWNLINK;
+ else
+ direction = RTE_SECURITY_DOCSIS_UPLINK;
+
+ struct rte_security_session_conf sess_conf = {
+ .action_type =
+ RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+ .protocol = RTE_SECURITY_PROTOCOL_DOCSIS,
+ {.docsis = {
+ .direction = direction,
+ } },
+ .crypto_xform = &cipher_xform
+ };
+ struct rte_security_ctx *ctx = (struct rte_security_ctx *)
+ rte_cryptodev_get_sec_ctx(dev_id);
+
+ /* Create security session */
+ return (void *)rte_security_session_create(ctx,
+ &sess_conf, priv_mp);
+ }
#endif
sess = rte_cryptodev_sym_session_create(sess_mp);
/*
@@ -772,6 +840,10 @@ cperf_get_op_functions(const struct cperf_options *options,
op_fns->populate_ops = cperf_set_ops_security;
return 0;
}
+ if (options->op_type == CPERF_DOCSIS) {
+ op_fns->populate_ops = cperf_set_ops_security;
+ return 0;
+ }
#endif
return -1;
}
@@ -50,6 +50,7 @@
#ifdef RTE_LIBRTE_SECURITY
#define CPERF_PDCP_SN_SZ ("pdcp-sn-sz")
#define CPERF_PDCP_DOMAIN ("pdcp-domain")
+#define CPERF_DOCSIS_HDR_SZ ("docsis-hdr-sz")
#endif
#define CPERF_CSV ("csv-friendly")
@@ -75,7 +76,8 @@ enum cperf_op_type {
CPERF_CIPHER_THEN_AUTH,
CPERF_AUTH_THEN_CIPHER,
CPERF_AEAD,
- CPERF_PDCP
+ CPERF_PDCP,
+ CPERF_DOCSIS
};
extern const char *cperf_op_type_strs[];
@@ -122,6 +124,7 @@ struct cperf_options {
#ifdef RTE_LIBRTE_SECURITY
uint16_t pdcp_sn_sz;
enum rte_security_pdcp_domain pdcp_domain;
+ uint16_t docsis_hdr_sz;
#endif
char device_type[RTE_CRYPTODEV_NAME_MAX_LEN];
enum cperf_op_type op_type;
@@ -7,6 +7,7 @@
#include <rte_cryptodev.h>
#include <rte_malloc.h>
+#include <rte_ether.h>
#include "cperf_options.h"
@@ -56,6 +57,9 @@ usage(char *progname)
" --pmd-cyclecount-delay-ms N: set delay between enqueue\n"
" and dequeue in pmd-cyclecount benchmarking mode\n"
" --csv-friendly: enable test result output CSV friendly\n"
+#ifdef RTE_LIBRTE_SECURITY
+ " --docsis-hdr-sz: set DOCSIS header size\n"
+#endif
" -h: prints this help\n",
progname);
}
@@ -446,6 +450,10 @@ parse_op_type(struct cperf_options *opts, const char *arg)
{
cperf_op_type_strs[CPERF_PDCP],
CPERF_PDCP
+ },
+ {
+ cperf_op_type_strs[CPERF_DOCSIS],
+ CPERF_DOCSIS
}
};
@@ -675,6 +683,12 @@ parse_pdcp_domain(struct cperf_options *opts, const char *arg)
return 0;
}
+
+static int
+parse_docsis_hdr_sz(struct cperf_options *opts, const char *arg)
+{
+ return parse_uint16_t(&opts->docsis_hdr_sz, arg);
+}
#endif
static int
@@ -820,6 +834,7 @@ static struct option lgopts[] = {
#ifdef RTE_LIBRTE_SECURITY
{ CPERF_PDCP_SN_SZ, required_argument, 0, 0 },
{ CPERF_PDCP_DOMAIN, required_argument, 0, 0 },
+ { CPERF_DOCSIS_HDR_SZ, required_argument, 0, 0 },
#endif
{ CPERF_CSV, no_argument, 0, 0},
@@ -890,6 +905,7 @@ cperf_options_default(struct cperf_options *opts)
#ifdef RTE_LIBRTE_SECURITY
opts->pdcp_sn_sz = 12;
opts->pdcp_domain = RTE_SECURITY_PDCP_MODE_CONTROL;
+ opts->docsis_hdr_sz = 17;
#endif
}
@@ -929,6 +945,7 @@ cperf_opts_parse_long(int opt_idx, struct cperf_options *opts)
#ifdef RTE_LIBRTE_SECURITY
{ CPERF_PDCP_SN_SZ, parse_pdcp_sn_sz },
{ CPERF_PDCP_DOMAIN, parse_pdcp_domain },
+ { CPERF_DOCSIS_HDR_SZ, parse_docsis_hdr_sz },
#endif
{ CPERF_CSV, parse_csv_friendly},
{ CPERF_PMDCC_DELAY_MS, parse_pmd_cyclecount_delay_ms},
@@ -1031,10 +1048,44 @@ check_cipher_buffer_length(struct cperf_options *options)
return 0;
}
+#ifdef RTE_LIBRTE_SECURITY
+static int
+check_docsis_buffer_length(struct cperf_options *options)
+{
+ uint32_t buffer_size, buffer_size_idx = 0;
+
+ if (options->inc_buffer_size != 0)
+ buffer_size = options->min_buffer_size;
+ else
+ buffer_size = options->buffer_size_list[0];
+
+ while (buffer_size <= options->max_buffer_size) {
+ if (buffer_size < (uint32_t)(options->docsis_hdr_sz +
+ RTE_ETHER_HDR_LEN + RTE_ETHER_CRC_LEN)) {
+ RTE_LOG(ERR, USER1, "Some of the buffer sizes are not "
+ "valid for DOCSIS\n");
+ return -EINVAL;
+ }
+
+ if (options->inc_buffer_size != 0)
+ buffer_size += options->inc_buffer_size;
+ else {
+ if (++buffer_size_idx == options->buffer_size_count)
+ break;
+ buffer_size =
+ options->buffer_size_list[buffer_size_idx];
+ }
+ }
+
+ return 0;
+}
+#endif
+
int
cperf_options_check(struct cperf_options *options)
{
- if (options->op_type == CPERF_CIPHER_ONLY)
+ if (options->op_type == CPERF_CIPHER_ONLY ||
+ options->op_type == CPERF_DOCSIS)
options->digest_sz = 0;
if (options->out_of_place &&
@@ -1151,6 +1202,13 @@ cperf_options_check(struct cperf_options *options)
return -EINVAL;
}
+#ifdef RTE_LIBRTE_SECURITY
+ if (options->op_type == CPERF_DOCSIS) {
+ if (check_docsis_buffer_length(options) < 0)
+ return -EINVAL;
+ }
+#endif
+
return 0;
}
@@ -1236,4 +1294,11 @@ cperf_options_dump(struct cperf_options *opts)
printf("# aead aad size: %u\n", opts->aead_aad_sz);
printf("#\n");
}
+
+#ifdef RTE_LIBRTE_SECURITY
+ if (opts->op_type == CPERF_DOCSIS) {
+ printf("# docsis header size: %u\n", opts->docsis_hdr_sz);
+ printf("#\n");
+ }
+#endif
}
@@ -36,7 +36,8 @@ cperf_throughput_test_free(struct cperf_throughput_ctx *ctx)
return;
if (ctx->sess) {
#ifdef RTE_LIBRTE_SECURITY
- if (ctx->options->op_type == CPERF_PDCP) {
+ if (ctx->options->op_type == CPERF_PDCP ||
+ ctx->options->op_type == CPERF_DOCSIS) {
struct rte_security_ctx *sec_ctx =
(struct rte_security_ctx *)
rte_cryptodev_get_sec_ctx(ctx->dev_id);
@@ -469,7 +469,8 @@ cperf_test_vector_get_dummy(struct cperf_options *options)
if (options->op_type == CPERF_CIPHER_ONLY ||
options->op_type == CPERF_CIPHER_THEN_AUTH ||
- options->op_type == CPERF_AUTH_THEN_CIPHER) {
+ options->op_type == CPERF_AUTH_THEN_CIPHER ||
+ options->op_type == CPERF_DOCSIS) {
if (options->cipher_algo == RTE_CRYPTO_CIPHER_NULL) {
t_vec->cipher_key.length = 0;
t_vec->ciphertext.data = plaintext;
@@ -39,7 +39,8 @@ const char *cperf_op_type_strs[] = {
[CPERF_CIPHER_THEN_AUTH] = "cipher-then-auth",
[CPERF_AUTH_THEN_CIPHER] = "auth-then-cipher",
[CPERF_AEAD] = "aead",
- [CPERF_PDCP] = "pdcp"
+ [CPERF_PDCP] = "pdcp",
+ [CPERF_DOCSIS] = "docsis"
};
const struct cperf_test cperf_testmap[] = {
@@ -244,7 +245,7 @@ cperf_initialize_cryptodev(struct cperf_options *opts, uint8_t *enabled_cdevs)
#endif
} else
sessions_needed = enabled_cdev_count *
- opts->nb_qps;
+ opts->nb_qps * 2;
/*
* A single session is required per queue pair
@@ -11,4 +11,4 @@ sources = files('cperf_ops.c',
'cperf_test_vectors.c',
'cperf_test_verify.c',
'main.c')
-deps += ['cryptodev', 'security']
+deps += ['cryptodev', 'net', 'security']