X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=lib%2Flibrte_cryptodev%2Frte_cryptodev.h;h=92ce6d49a213ab5cba656401abe1a988606931d5;hb=refs%2Fheads%2F18.05.x;hp=88aeb873ed52ff8a37b1b9740a3346e800cc710d;hpb=fca143f059a0bddd7d47b8dc2df646a891b0eb0f;p=deb_dpdk.git diff --git a/lib/librte_cryptodev/rte_cryptodev.h b/lib/librte_cryptodev/rte_cryptodev.h index 88aeb873..92ce6d49 100644 --- a/lib/librte_cryptodev/rte_cryptodev.h +++ b/lib/librte_cryptodev/rte_cryptodev.h @@ -49,44 +49,7 @@ extern "C" { #include "rte_crypto.h" #include "rte_dev.h" #include - -#define CRYPTODEV_NAME_NULL_PMD crypto_null -/**< Null crypto PMD device name */ -#define CRYPTODEV_NAME_AESNI_MB_PMD crypto_aesni_mb -/**< AES-NI Multi buffer PMD device name */ -#define CRYPTODEV_NAME_AESNI_GCM_PMD crypto_aesni_gcm -/**< AES-NI GCM PMD device name */ -#define CRYPTODEV_NAME_OPENSSL_PMD crypto_openssl -/**< Open SSL Crypto PMD device name */ -#define CRYPTODEV_NAME_QAT_SYM_PMD crypto_qat -/**< Intel QAT Symmetric Crypto PMD device name */ -#define CRYPTODEV_NAME_SNOW3G_PMD crypto_snow3g -/**< SNOW 3G PMD device name */ -#define CRYPTODEV_NAME_KASUMI_PMD crypto_kasumi -/**< KASUMI PMD device name */ -#define CRYPTODEV_NAME_ZUC_PMD crypto_zuc -/**< KASUMI PMD device name */ -#define CRYPTODEV_NAME_ARMV8_PMD crypto_armv8 -/**< ARMv8 Crypto PMD device name */ -#define CRYPTODEV_NAME_SCHEDULER_PMD crypto_scheduler -/**< Scheduler Crypto PMD device name */ -#define CRYPTODEV_NAME_DPAA2_SEC_PMD cryptodev_dpaa2_sec_pmd -/**< NXP DPAA2 - SEC PMD device name */ - -/** Crypto device type */ -enum rte_cryptodev_type { - RTE_CRYPTODEV_NULL_PMD = 1, /**< Null crypto PMD */ - RTE_CRYPTODEV_AESNI_GCM_PMD, /**< AES-NI GCM PMD */ - RTE_CRYPTODEV_AESNI_MB_PMD, /**< AES-NI multi buffer PMD */ - RTE_CRYPTODEV_QAT_SYM_PMD, /**< QAT PMD Symmetric Crypto */ - RTE_CRYPTODEV_SNOW3G_PMD, /**< SNOW 3G PMD */ - RTE_CRYPTODEV_KASUMI_PMD, /**< KASUMI PMD */ - RTE_CRYPTODEV_ZUC_PMD, /**< ZUC PMD */ - RTE_CRYPTODEV_OPENSSL_PMD, /**< OpenSSL PMD */ - RTE_CRYPTODEV_ARMV8_PMD, /**< ARMv8 crypto PMD */ - RTE_CRYPTODEV_SCHEDULER_PMD, /**< Crypto Scheduler PMD */ - RTE_CRYPTODEV_DPAA2_SEC_PMD, /**< NXP DPAA2 - SEC PMD */ -}; +#include extern const char **rte_cyptodev_names; @@ -97,10 +60,10 @@ extern const char **rte_cyptodev_names; RTE_FMT("%s() line %u: " RTE_FMT_HEAD(__VA_ARGS__,) "\n", \ __func__, __LINE__, RTE_FMT_TAIL(__VA_ARGS__,))) -#define CDEV_PMD_LOG_ERR(dev, ...) \ - RTE_LOG(ERR, CRYPTODEV, \ - RTE_FMT("[%s] %s() line %u: " RTE_FMT_HEAD(__VA_ARGS__,) "\n", \ - dev, __func__, __LINE__, RTE_FMT_TAIL(__VA_ARGS__,))) +#define CDEV_LOG_INFO(...) \ + RTE_LOG(INFO, CRYPTODEV, \ + RTE_FMT(RTE_FMT_HEAD(__VA_ARGS__,) "\n", \ + RTE_FMT_TAIL(__VA_ARGS__,))) #ifdef RTE_LIBRTE_CRYPTODEV_DEBUG #define CDEV_LOG_DEBUG(...) \ @@ -118,6 +81,38 @@ extern const char **rte_cyptodev_names; #define CDEV_PMD_TRACE(...) (void)0 #endif + + +/** + * A macro that points to an offset from the start + * of the crypto operation structure (rte_crypto_op) + * + * The returned pointer is cast to type t. + * + * @param c + * The crypto operation. + * @param o + * The offset from the start of the crypto operation. + * @param t + * The type to cast the result into. + */ +#define rte_crypto_op_ctod_offset(c, t, o) \ + ((t)((char *)(c) + (o))) + +/** + * A macro that returns the physical address that points + * to an offset from the start of the crypto operation + * (rte_crypto_op) + * + * @param c + * The crypto operation. + * @param o + * The offset from the start of the crypto operation + * to calculate address from. + */ +#define rte_crypto_op_ctophys_offset(c, o) \ + (rte_iova_t)((c)->phys_addr + (o)) + /** * Crypto parameters range description */ @@ -137,7 +132,7 @@ struct rte_crypto_param_range { */ struct rte_cryptodev_symmetric_capability { enum rte_crypto_sym_xform_type xform_type; - /**< Transform type : Authentication / Cipher */ + /**< Transform type : Authentication / Cipher / AEAD */ RTE_STD_C11 union { struct { @@ -151,6 +146,8 @@ struct rte_cryptodev_symmetric_capability { /**< digest size range */ struct rte_crypto_param_range aad_size; /**< Additional authentication data size range */ + struct rte_crypto_param_range iv_size; + /**< Initialisation vector data size range */ } auth; /**< Symmetric Authentication transform capabilities */ struct { @@ -164,6 +161,20 @@ struct rte_cryptodev_symmetric_capability { /**< Initialisation vector data size range */ } cipher; /**< Symmetric Cipher transform capabilities */ + struct { + enum rte_crypto_aead_algorithm algo; + /**< AEAD algorithm */ + uint16_t block_size; + /**< algorithm block size */ + struct rte_crypto_param_range key_size; + /**< AEAD key size range */ + struct rte_crypto_param_range digest_size; + /**< digest size range */ + struct rte_crypto_param_range aad_size; + /**< Additional authentication data size range */ + struct rte_crypto_param_range iv_size; + /**< Initialisation vector data size range */ + } aead; }; }; @@ -185,6 +196,7 @@ struct rte_cryptodev_sym_capability_idx { union { enum rte_crypto_cipher_algorithm cipher; enum rte_crypto_auth_algorithm auth; + enum rte_crypto_aead_algorithm aead; } algo; }; @@ -226,7 +238,7 @@ rte_cryptodev_sym_capability_check_cipher( * @param capability Description of the symmetric crypto capability. * @param key_size Auth key size. * @param digest_size Auth digest size. - * @param aad_size Auth aad size. + * @param iv_size Auth initial vector size. * * @return * - Return 0 if the parameters are in range of the capability. @@ -235,7 +247,27 @@ rte_cryptodev_sym_capability_check_cipher( int rte_cryptodev_sym_capability_check_auth( const struct rte_cryptodev_symmetric_capability *capability, - uint16_t key_size, uint16_t digest_size, uint16_t aad_size); + uint16_t key_size, uint16_t digest_size, uint16_t iv_size); + +/** + * Check if key, digest, AAD and initial vector sizes are supported + * in crypto AEAD capability + * + * @param capability Description of the symmetric crypto capability. + * @param key_size AEAD key size. + * @param digest_size AEAD digest size. + * @param aad_size AEAD AAD size. + * @param iv_size AEAD IV size. + * + * @return + * - Return 0 if the parameters are in range of the capability. + * - Return -1 if the parameters are out of range of the capability. + */ +int +rte_cryptodev_sym_capability_check_aead( + const struct rte_cryptodev_symmetric_capability *capability, + uint16_t key_size, uint16_t digest_size, uint16_t aad_size, + uint16_t iv_size); /** * Provide the cipher algorithm enum, given an algorithm string @@ -267,6 +299,21 @@ int rte_cryptodev_get_auth_algo_enum(enum rte_crypto_auth_algorithm *algo_enum, const char *algo_string); +/** + * Provide the AEAD algorithm enum, given an algorithm string + * + * @param algo_enum A pointer to the AEAD algorithm + * enum to be filled + * @param algo_string AEAD algorithm string + * + * @return + * - Return -1 if string is not valid + * - Return 0 is the string is valid + */ +int +rte_cryptodev_get_aead_algo_enum(enum rte_crypto_aead_algorithm *algo_enum, + const char *algo_string); + /** Macro used at end of crypto PMD list */ #define RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() \ { RTE_CRYPTO_OP_TYPE_UNDEFINED } @@ -304,6 +351,8 @@ rte_cryptodev_get_auth_algo_enum(enum rte_crypto_auth_algorithm *algo_enum, /**< Utilises CPU NEON instructions */ #define RTE_CRYPTODEV_FF_CPU_ARM_CE (1ULL << 11) /**< Utilises ARM CPU Cryptographic Extensions */ +#define RTE_CRYPTODEV_FF_SECURITY (1ULL << 12) +/**< Support Security Protocol Processing */ /** @@ -321,10 +370,11 @@ rte_cryptodev_get_feature_name(uint64_t flag); /** Crypto device information */ struct rte_cryptodev_info { const char *driver_name; /**< Driver name. */ - enum rte_cryptodev_type dev_type; /**< Device type */ + uint8_t driver_id; /**< Driver identifier */ struct rte_pci_device *pci_dev; /**< PCI information. */ - uint64_t feature_flags; /**< Feature flags */ + uint64_t feature_flags; + /**< Feature flags exposes HW/SW features for the given device */ const struct rte_cryptodev_capabilities *capabilities; /**< Array of devices supported capabilities */ @@ -385,61 +435,31 @@ struct rte_cryptodev_stats { #define RTE_CRYPTODEV_NAME_MAX_LEN (64) /**< Max length of name of crypto PMD */ -#define RTE_CRYPTODEV_VDEV_DEFAULT_MAX_NB_QUEUE_PAIRS 8 -#define RTE_CRYPTODEV_VDEV_DEFAULT_MAX_NB_SESSIONS 2048 - -/** - * @internal - * Initialisation parameters for virtual crypto devices - */ -struct rte_crypto_vdev_init_params { - unsigned max_nb_queue_pairs; - unsigned max_nb_sessions; - uint8_t socket_id; - char name[RTE_CRYPTODEV_NAME_MAX_LEN]; -}; /** - * Parse virtual device initialisation parameters input arguments - * @internal - * - * @params params Initialisation parameters with defaults set. - * @params input_args Command line arguments - * - * @return - * 0 on successful parse - * <0 on failure to parse - */ -int -rte_cryptodev_parse_vdev_init_params( - struct rte_crypto_vdev_init_params *params, - const char *input_args); - -/** - * Create a virtual crypto device + * Get the device identifier for the named crypto device. * - * @param name Cryptodev PMD name of device to be created. - * @param args Options arguments for device. + * @param name device name to select the device structure. * * @return - * - On successful creation of the cryptodev the device index is returned, - * which will be between 0 and rte_cryptodev_count(). - * - In the case of a failure, returns -1. + * - Returns crypto device identifier on success. + * - Return -1 on failure to find named crypto device. */ extern int -rte_cryptodev_create_vdev(const char *name, const char *args); +rte_cryptodev_get_dev_id(const char *name); /** - * Get the device identifier for the named crypto device. + * Get the crypto device name given a device identifier. * - * @param name device name to select the device structure. + * @param dev_id + * The identifier of the device * * @return - * - Returns crypto device identifier on success. - * - Return -1 on failure to find named crypto device. + * - Returns crypto device name. + * - Returns NULL if crypto device is not present. */ -extern int -rte_cryptodev_get_dev_id(const char *name); +extern const char * +rte_cryptodev_name_get(uint8_t dev_id); /** * Get the total number of crypto devices that have been successfully @@ -454,18 +474,19 @@ rte_cryptodev_count(void); /** * Get number of crypto device defined type. * - * @param type type of device. + * @param driver_id driver identifier. * * @return * Returns number of crypto device. */ extern uint8_t -rte_cryptodev_count_devtype(enum rte_cryptodev_type type); +rte_cryptodev_device_count_by_driver(uint8_t driver_id); /** - * Get number and identifiers of attached crypto device. + * Get number and identifiers of attached crypto devices that + * use the same crypto driver. * - * @param dev_name device name. + * @param driver_name driver name. * @param devices output devices identifiers. * @param nb_devices maximal number of devices. * @@ -473,7 +494,7 @@ rte_cryptodev_count_devtype(enum rte_cryptodev_type type); * Returns number of attached crypto device. */ uint8_t -rte_cryptodev_devices_get(const char *dev_name, uint8_t *devices, +rte_cryptodev_devices_get(const char *driver_name, uint8_t *devices, uint8_t nb_devices); /* * Return the NUMA socket to which a device is connected @@ -493,11 +514,6 @@ struct rte_cryptodev_config { int socket_id; /**< Socket to allocate resources on */ uint16_t nb_queue_pairs; /**< Number of queue pairs to configure on device */ - - struct { - uint32_t nb_objs; /**< Number of objects in mempool */ - uint32_t cache_size; /**< l-core object cache size */ - } session_mp; /**< Session mempool configuration */ }; /** @@ -574,6 +590,8 @@ rte_cryptodev_close(uint8_t dev_id); * *SOCKET_ID_ANY* if there is no NUMA constraint * for the DMA memory allocated for the receive * queue pair. + * @param session_pool Pointer to device session mempool, used + * for session-less operations. * * @return * - 0: Success, queue pair correctly set up. @@ -581,9 +599,11 @@ rte_cryptodev_close(uint8_t dev_id); */ extern int rte_cryptodev_queue_pair_setup(uint8_t dev_id, uint16_t queue_pair_id, - const struct rte_cryptodev_qp_conf *qp_conf, int socket_id); + const struct rte_cryptodev_qp_conf *qp_conf, int socket_id, + struct rte_mempool *session_pool); /** + * @deprecated * Start a specified queue pair of a device. It is used * when deferred_start flag of the specified queue is true. * @@ -597,10 +617,12 @@ rte_cryptodev_queue_pair_setup(uint8_t dev_id, uint16_t queue_pair_id, * - -EINVAL: The dev_id or the queue_id out of range. * - -ENOTSUP: The function not supported in PMD driver. */ +__rte_deprecated extern int rte_cryptodev_queue_pair_start(uint8_t dev_id, uint16_t queue_pair_id); /** + * @deprecated * Stop specified queue pair of a device * * @param dev_id The identifier of the device @@ -613,6 +635,7 @@ rte_cryptodev_queue_pair_start(uint8_t dev_id, uint16_t queue_pair_id); * - -EINVAL: The dev_id or the queue_id out of range. * - -ENOTSUP: The function not supported in PMD driver. */ +__rte_deprecated extern int rte_cryptodev_queue_pair_stop(uint8_t dev_id, uint16_t queue_pair_id); @@ -656,6 +679,11 @@ rte_cryptodev_stats_reset(uint8_t dev_id); * @param dev_info A pointer to a structure of type * *rte_cryptodev_info* to be filled with the * contextual information of the device. + * + * @note The capabilities field of dev_info is set to point to the first + * element of an array of struct rte_cryptodev_capabilities. The element after + * the last valid element has it's op field set to + * RTE_CRYPTO_OP_TYPE_UNDEFINED. */ extern void rte_cryptodev_info_get(uint8_t dev_id, struct rte_cryptodev_info *dev_info); @@ -721,28 +749,32 @@ struct rte_cryptodev { enqueue_pkt_burst_t enqueue_burst; /**< Pointer to PMD transmit function. */ - const struct rte_cryptodev_driver *driver; - /**< Driver for this device */ struct rte_cryptodev_data *data; /**< Pointer to device data */ struct rte_cryptodev_ops *dev_ops; /**< Functions exported by PMD */ uint64_t feature_flags; - /**< Supported features */ + /**< Feature flags exposes HW/SW features for the given device */ struct rte_device *device; /**< Backing device */ - enum rte_cryptodev_type dev_type; - /**< Crypto device type */ + uint8_t driver_id; + /**< Crypto driver identifier*/ struct rte_cryptodev_cb_list link_intr_cbs; /**< User application callback for interrupts if present */ + void *security_ctx; + /**< Context for security ops */ + __extension__ uint8_t attached : 1; /**< Flag indicating the device is attached */ } __rte_cache_aligned; +void * +rte_cryptodev_get_sec_ctx(uint8_t dev_id); + /** * * The data part, with no function pointers, associated with each device. @@ -864,68 +896,135 @@ rte_cryptodev_enqueue_burst(uint8_t dev_id, uint16_t qp_id, } -/** Cryptodev symmetric crypto session */ +/** Cryptodev symmetric crypto session + * Each session is derived from a fixed xform chain. Therefore each session + * has a fixed algo, key, op-type, digest_len etc. + */ struct rte_cryptodev_sym_session { - RTE_STD_C11 - struct { - uint8_t dev_id; - /**< Device Id */ - enum rte_cryptodev_type dev_type; - /** Crypto Device type session created on */ - struct rte_mempool *mp; - /**< Mempool session allocated from */ - } __rte_aligned(8); - /**< Public symmetric session details */ - - __extension__ char _private[0]; + __extension__ void *sess_private_data[0]; /**< Private session material */ }; /** - * Initialise a session for symmetric cryptographic operations. + * Create symmetric crypto session header (generic with no private data) * - * This function is used by the client to initialize immutable - * parameters of symmetric cryptographic operation. - * To perform the operation the rte_cryptodev_enqueue_burst function is - * used. Each mbuf should contain a reference to the session - * pointer returned from this function contained within it's crypto_op if a - * session-based operation is being provisioned. Memory to contain the session - * information is allocated from within mempool managed by the cryptodev. + * @param mempool Symmetric session mempool to allocate session + * objects from + * @return + * - On success return pointer to sym-session + * - On failure returns NULL + */ +struct rte_cryptodev_sym_session * +rte_cryptodev_sym_session_create(struct rte_mempool *mempool); + +/** + * Frees symmetric crypto session header, after checking that all + * the device private data has been freed, returning it + * to its original mempool. * - * The rte_cryptodev_session_free must be called to free allocated - * memory when the session is no longer required. + * @param sess Session header to be freed. + * + * @return + * - 0 if successful. + * - -EINVAL if session is NULL. + * - -EBUSY if not all device private data has been freed. + */ +int +rte_cryptodev_sym_session_free(struct rte_cryptodev_sym_session *sess); + +/** + * Fill out private data for the device id, based on its device type. + * + * @param dev_id ID of device that we want the session to be used on + * @param sess Session where the private data will be attached to + * @param xforms Symmetric crypto transform operations to apply on flow + * processed with this session + * @param mempool Mempool where the private data is allocated. + * + * @return + * - On success, zero. + * - -EINVAL if input parameters are invalid. + * - -ENOTSUP if crypto device does not support the crypto transform. + * - -ENOMEM if the private session could not be allocated. + */ +int +rte_cryptodev_sym_session_init(uint8_t dev_id, + struct rte_cryptodev_sym_session *sess, + struct rte_crypto_sym_xform *xforms, + struct rte_mempool *mempool); + +/** + * Frees private data for the device id, based on its device type, + * returning it to its mempool. It is the application's responsibility + * to ensure that private session data is not cleared while there are + * still in-flight operations using it. + * + * @param dev_id ID of device that uses the session. + * @param sess Session containing the reference to the private data + * + * @return + * - 0 if successful. + * - -EINVAL if device is invalid or session is NULL. + */ +int +rte_cryptodev_sym_session_clear(uint8_t dev_id, + struct rte_cryptodev_sym_session *sess); + +/** + * @deprecated + * Get the size of the header session, for all registered drivers. + * + * @return + * Size of the header session. + */ +__rte_deprecated +unsigned int +rte_cryptodev_get_header_session_size(void); + +/** + * @deprecated + * Get the size of the private session data for a device. * * @param dev_id The device identifier. - * @param xform Crypto transform chain. + * + * @return + * - Size of the private data, if successful + * - 0 if device is invalid or does not have private session + */ +__rte_deprecated +unsigned int +rte_cryptodev_get_private_session_size(uint8_t dev_id); +/** + * Get the size of the header session, for all registered drivers. * * @return - * Pointer to the created session or NULL + * Size of the symmetric eader session. */ -extern struct rte_cryptodev_sym_session * -rte_cryptodev_sym_session_create(uint8_t dev_id, - struct rte_crypto_sym_xform *xform); +unsigned int +rte_cryptodev_sym_get_header_session_size(void); /** - * Free the memory associated with a previously allocated session. + * Get the size of the private symmetric session data + * for a device. * * @param dev_id The device identifier. - * @param session Session pointer previously allocated by - * *rte_cryptodev_sym_session_create*. * * @return - * NULL on successful freeing of session. - * Session pointer on failure to free session. + * - Size of the private data, if successful + * - 0 if device is invalid or does not have private + * symmetric session */ -extern struct rte_cryptodev_sym_session * -rte_cryptodev_sym_session_free(uint8_t dev_id, - struct rte_cryptodev_sym_session *session); +unsigned int +rte_cryptodev_sym_get_private_session_size(uint8_t dev_id); /** + * @deprecated * Attach queue pair with sym session. * - * @param qp_id Queue pair to which session will be attached. + * @param dev_id Device to which the session will be attached. + * @param qp_id Queue pair to which the session will be attached. * @param session Session pointer previously allocated by * *rte_cryptodev_sym_session_create*. * @@ -933,14 +1032,17 @@ rte_cryptodev_sym_session_free(uint8_t dev_id, * - On success, zero. * - On failure, a negative value. */ +__rte_deprecated int -rte_cryptodev_queue_pair_attach_sym_session(uint16_t qp_id, +rte_cryptodev_queue_pair_attach_sym_session(uint8_t dev_id, uint16_t qp_id, struct rte_cryptodev_sym_session *session); /** + * @deprecated * Detach queue pair with sym session. * - * @param qp_id Queue pair to which session is attached. + * @param dev_id Device to which the session is attached. + * @param qp_id Queue pair to which the session is attached. * @param session Session pointer previously allocated by * *rte_cryptodev_sym_session_create*. * @@ -948,10 +1050,62 @@ rte_cryptodev_queue_pair_attach_sym_session(uint16_t qp_id, * - On success, zero. * - On failure, a negative value. */ +__rte_deprecated int -rte_cryptodev_queue_pair_detach_sym_session(uint16_t qp_id, +rte_cryptodev_queue_pair_detach_sym_session(uint8_t dev_id, uint16_t qp_id, struct rte_cryptodev_sym_session *session); +/** + * Provide driver identifier. + * + * @param name + * The pointer to a driver name. + * @return + * The driver type identifier or -1 if no driver found + */ +int rte_cryptodev_driver_id_get(const char *name); + +/** + * Provide driver name. + * + * @param driver_id + * The driver identifier. + * @return + * The driver name or null if no driver found + */ +const char *rte_cryptodev_driver_name_get(uint8_t driver_id); + +/** + * Set private data for a session. + * + * @param sess Session pointer allocated by + * *rte_cryptodev_sym_session_create*. + * @param data Pointer to the private data. + * @param size Size of the private data. + * + * @return + * - On success, zero. + * - On failure, a negative value. + */ +int __rte_experimental +rte_cryptodev_sym_session_set_private_data( + struct rte_cryptodev_sym_session *sess, + void *data, + uint16_t size); + +/** + * Get private data of a session. + * + * @param sess Session pointer allocated by + * *rte_cryptodev_sym_session_create*. + * + * @return + * - On success return pointer to private data. + * - On failure returns NULL. + */ +void * __rte_experimental +rte_cryptodev_sym_session_get_private_data( + struct rte_cryptodev_sym_session *sess); #ifdef __cplusplus }