d/numam-dpdk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

crypto/kasumi: use IPsec library

Browse Source 
Link against Intel IPsec Multi-buffer library, which
added support for KASUMI-F8 and KASUMI-F9 from version v0.53,
moving from libSSO KASUMI library.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This commit is contained in:
Pablo de Lara 2020-01-20 11:47:55 +00:00 committed by Akhil Goyal
parent 61f7c988e3
commit bf6eb2c22f
9 changed files with 132 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
devtools/test-build.sh
View File

@ -30,7 +30,6 @@ default_path=$PATH
# - FLEXRAN_SDK # - FLEXRAN_SDK
# - LIBMUSDK_PATH # - LIBMUSDK_PATH
# - LIBSSO_SNOW3G_PATH # - LIBSSO_SNOW3G_PATH
# - LIBSSO_KASUMI_PATH
devtools_dir=$(dirname $(readlink -f $0)) devtools_dir=$(dirname $(readlink -f $0))
. $devtools_dir/load-devel-config . $devtools_dir/load-devel-config
@ -125,7 +124,6 @@ reset_env ()
unset FLEXRAN_SDK unset FLEXRAN_SDK
unset LIBMUSDK_PATH unset LIBMUSDK_PATH
unset LIBSSO_SNOW3G_PATH unset LIBSSO_SNOW3G_PATH
unset LIBSSO_KASUMI_PATH
unset PQOS_INSTALL_PATH unset PQOS_INSTALL_PATH
} }
@ -187,10 +185,10 @@ config () # <directory> <target> <options>
sed -ri="" 's,(PMD_AESNI_GCM=)n,\1y,' $1/.config sed -ri="" 's,(PMD_AESNI_GCM=)n,\1y,' $1/.config
test "$DPDK_DEP_IPSEC_MB" != y || \ test "$DPDK_DEP_IPSEC_MB" != y || \
sed -ri="" 's,(PMD_ZUC=)n,\1y,' $1/.config sed -ri="" 's,(PMD_ZUC=)n,\1y,' $1/.config
test "$DPDK_DEP_IPSEC_MB" != y || \
sed -ri="" 's,(PMD_KASUMI=)n,\1y,' $1/.config
test -z "$LIBSSO_SNOW3G_PATH" || \ test -z "$LIBSSO_SNOW3G_PATH" || \
sed -ri="" 's,(PMD_SNOW3G=)n,\1y,' $1/.config sed -ri="" 's,(PMD_SNOW3G=)n,\1y,' $1/.config
test -z "$LIBSSO_KASUMI_PATH" || \
sed -ri="" 's,(PMD_KASUMI=)n,\1y,' $1/.config
test "$DPDK_DEP_SSL" != y || \ test "$DPDK_DEP_SSL" != y || \
sed -ri="" 's,(PMD_CCP=)n,\1y,' $1/.config sed -ri="" 's,(PMD_CCP=)n,\1y,' $1/.config
test "$DPDK_DEP_SSL" != y || \ test "$DPDK_DEP_SSL" != y || \

62
doc/guides/cryptodevs/kasumi.rst
View File

@ -1,12 +1,12 @@
.. SPDX-License-Identifier: BSD-3-Clause .. SPDX-License-Identifier: BSD-3-Clause
Copyright(c) 2016 Intel Corporation. Copyright(c) 2016-2019 Intel Corporation.
KASUMI Crypto Poll Mode Driver KASUMI Crypto Poll Mode Driver
=============================== ===============================
The KASUMI PMD (**librte_pmd_kasumi**) provides poll mode crypto driver The KASUMI PMD (**librte_pmd_kasumi**) provides poll mode crypto driver support for
support for utilizing Intel Libsso library, which implements F8 and F9 functions utilizing `Intel IPSec Multi-buffer library <https://github.com/01org/intel-ipsec-mb>`_
for KASUMI UEA1 cipher and UIA1 hash algorithms. which implements F8 and F9 functions for KASUMI UEA1 cipher and UIA1 hash algorithms.
Features Features
-------- --------
@ -33,33 +33,33 @@ Limitations
Installation Installation
------------ ------------
To build DPDK with the KASUMI_PMD the user is required to download To build DPDK with the KASUMI_PMD the user is required to download the multi-buffer
the export controlled ``libsso_kasumi`` library, by registering in library from `here <https://github.com/01org/intel-ipsec-mb>`_
`Intel Resource & Design Center <https://www.intel.com/content/www/us/en/design/resource-design-center.html>`_. and compile it on their user system before building DPDK.
Once approval has been granted, the user needs to search for The latest version of the library supported by this PMD is v0.53, which
*Kasumi F8 F9 3GPP cryptographic algorithms Software Library* to download the can be downloaded from `<https://github.com/01org/intel-ipsec-mb/archive/v0.53.zip>`_.
library or directly through this `link <https://cdrdv2.intel.com/v1/dl/getContent/575866>`_.
After downloading the library, the user needs to unpack and compile it After downloading the library, the user needs to unpack and compile it
on their system before building DPDK:: on their system before building DPDK:
make .. code-block:: console
**Note**: When encrypting with KASUMI F8, by default the library make
encrypts full blocks of 8 bytes, regardless the number of bytes to make install
be encrypted provided (which leads to a possible buffer overflow).
To avoid this situation, it is necessary not to pass
3GPP_SAFE_BUFFERS as a compilation flag.
Also, this is required when using chained operations
(cipher-then-auth/auth-then-cipher).
For this, in the Makefile of the library, make sure that this flag
is commented out::
#EXTRA_CFLAGS += -D_3GPP_SAFE_BUFFERS As a reference, the following table shows a mapping between the past DPDK versions
and the external crypto libraries supported by them:
**Note**: To build the PMD as a shared library, the libsso_kasumi .. _table_kasumi_versions:
library must be built as follows::
make KASUMI_CFLAGS=-DKASUMI_C .. table:: DPDK and external crypto library version compatibility
============= ================================
DPDK version Crypto library version
============= ================================
16.11 - 19.11 LibSSO KASUMI
20.02+ Multi-buffer library 0.53
============= ================================
Initialization Initialization
@ -67,12 +67,16 @@ Initialization
In order to enable this virtual crypto PMD, user must: In order to enable this virtual crypto PMD, user must:
* Export the environmental variable LIBSSO_KASUMI_PATH with the path where * Build the multi buffer library (explained in Installation section).
the library was extracted (kasumi folder).
* Build the LIBSSO library (explained in Installation section). * Build DPDK as follows:
.. code-block:: console
make config T=x86_64-native-linux-gcc
sed -i 's,\(CONFIG_RTE_LIBRTE_PMD_KASUMI\)=n,\1=y,' build/.config
make
* Set CONFIG_RTE_LIBRTE_PMD_KASUMI=y in config/common_base.
To use the PMD in an application, user must: To use the PMD in an application, user must:

5
doc/guides/rel_notes/release_20_02.rst
View File

@ -145,6 +145,11 @@ New Features
* Removed dynamic library limitation, so PMD can be built as a shared * Removed dynamic library limitation, so PMD can be built as a shared
object now. object now.
* **Updated the KASUMI PMD.**
* Transistioned underlying library from libSSO KASUMI to intel-ipsec-mb
library (minimum version required 0.53).
* **Added Marvell OCTEON TX2 End Point rawdev PMD.** * **Added Marvell OCTEON TX2 End Point rawdev PMD.**
Added a new OCTEON TX2 rawdev PMD for End Point mode of operation. Added a new OCTEON TX2 rawdev PMD for End Point mode of operation.

26
drivers/crypto/kasumi/Makefile
View File

@ -3,12 +3,6 @@
include $(RTE_SDK)/mk/rte.vars.mk include $(RTE_SDK)/mk/rte.vars.mk
ifneq ($(MAKECMDGOALS),clean)
ifeq ($(LIBSSO_KASUMI_PATH),)
$(error "Please define LIBSSO_KASUMI_PATH environment variable")
endif
endif
# library name # library name
LIB = librte_pmd_kasumi.a LIB = librte_pmd_kasumi.a
@ -21,14 +15,26 @@ CFLAGS += -DALLOW_EXPERIMENTAL_API
EXPORT_MAP := rte_pmd_kasumi_version.map EXPORT_MAP := rte_pmd_kasumi_version.map
# external library dependencies # external library dependencies
CFLAGS += -I$(LIBSSO_KASUMI_PATH) LDLIBS += -lIPSec_MB
CFLAGS += -I$(LIBSSO_KASUMI_PATH)/include
CFLAGS += -I$(LIBSSO_KASUMI_PATH)/build
LDLIBS += -L$(LIBSSO_KASUMI_PATH)/build -lsso_kasumi
LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring LDLIBS += -lrte_eal -lrte_mbuf -lrte_mempool -lrte_ring
LDLIBS += -lrte_cryptodev LDLIBS += -lrte_cryptodev
LDLIBS += -lrte_bus_vdev LDLIBS += -lrte_bus_vdev
IMB_HDR = $(shell echo '\#include <intel-ipsec-mb.h>' | \
$(CC) -E $(EXTRA_CFLAGS) - | grep 'intel-ipsec-mb.h' | \
head -n1 | cut -d'"' -f2)
# Detect library version
IMB_VERSION = $(shell grep -e "IMB_VERSION_STR" $(IMB_HDR) | cut -d'"' -f2)
IMB_VERSION_NUM = $(shell grep -e "IMB_VERSION_NUM" $(IMB_HDR) | cut -d' ' -f3)
ifeq ($(IMB_VERSION),)
$(error "IPSec_MB version >= 0.53 is required")
endif
ifeq ($(shell expr $(IMB_VERSION_NUM) \< 0x3400), 1)
$(error "IPSec_MB version >= 0.53 is required")
endif
# library source files # library source files
SRCS-$(CONFIG_RTE_LIBRTE_PMD_KASUMI) += rte_kasumi_pmd.c SRCS-$(CONFIG_RTE_LIBRTE_PMD_KASUMI) += rte_kasumi_pmd.c
SRCS-$(CONFIG_RTE_LIBRTE_PMD_KASUMI) += rte_kasumi_pmd_ops.c SRCS-$(CONFIG_RTE_LIBRTE_PMD_KASUMI) += rte_kasumi_pmd_ops.c

12
drivers/crypto/kasumi/kasumi_pmd_private.h
View File

@ -5,7 +5,7 @@
#ifndef _KASUMI_PMD_PRIVATE_H_ #ifndef _KASUMI_PMD_PRIVATE_H_
#define _KASUMI_PMD_PRIVATE_H_ #define _KASUMI_PMD_PRIVATE_H_
#include <sso_kasumi.h> #include <intel-ipsec-mb.h>
#define CRYPTODEV_NAME_KASUMI_PMD crypto_kasumi #define CRYPTODEV_NAME_KASUMI_PMD crypto_kasumi
/**< KASUMI PMD device name */ /**< KASUMI PMD device name */
@ -24,6 +24,8 @@ int kasumi_logtype_driver;
struct kasumi_private { struct kasumi_private {
unsigned max_nb_queue_pairs; unsigned max_nb_queue_pairs;
/**< Max number of queue pairs supported by device */ /**< Max number of queue pairs supported by device */
MB_MGR *mgr;
/**< Multi-buffer instance */
}; };
/** KASUMI buffer queue pair */ /** KASUMI buffer queue pair */
@ -45,6 +47,8 @@ struct kasumi_qp {
* by the driver when verifying a digest provided * by the driver when verifying a digest provided
* by the user (using authentication verify operation) * by the user (using authentication verify operation)
*/ */
MB_MGR *mgr;
/**< Multi-buffer instance */
} __rte_cache_aligned; } __rte_cache_aligned;
enum kasumi_operation { enum kasumi_operation {
@ -58,8 +62,8 @@ enum kasumi_operation {
/** KASUMI private session structure */ /** KASUMI private session structure */
struct kasumi_session { struct kasumi_session {
/* Keys have to be 16-byte aligned */ /* Keys have to be 16-byte aligned */
sso_kasumi_key_sched_t pKeySched_cipher; kasumi_key_sched_t pKeySched_cipher;
sso_kasumi_key_sched_t pKeySched_hash; kasumi_key_sched_t pKeySched_hash;
enum kasumi_operation op; enum kasumi_operation op;
enum rte_crypto_auth_operation auth_op; enum rte_crypto_auth_operation auth_op;
uint16_t cipher_iv_offset; uint16_t cipher_iv_offset;
@ -67,7 +71,7 @@ struct kasumi_session {
int int
kasumi_set_session_parameters(struct kasumi_session *sess, kasumi_set_session_parameters(MB_MGR *mgr, struct kasumi_session *sess,
const struct rte_crypto_sym_xform *xform); const struct rte_crypto_sym_xform *xform);

21
drivers/crypto/kasumi/meson.build
View File

@ -1,11 +1,22 @@
# SPDX-License-Identifier: BSD-3-Clause # SPDX-License-Identifier: BSD-3-Clause
# Copyright(c) 2018 Intel Corporation # Copyright(c) 2018-2020 Intel Corporation
lib = cc.find_library('sso_kasumi', required: false) IMB_required_ver = '0.53.0'
if not lib.found() or not cc.has_header('sso_kasumi.h') lib = cc.find_library('IPSec_MB', required: false)
if not lib.found()
build = false build = false
reason = 'missing dependency, "libsso_kasumi"' reason = 'missing dependency, "libIPSec_MB"'
subdir_done() else
# version comes with quotes, so we split based on " and take the middle
imb_ver = cc.get_define('IMB_VERSION_STR',
prefix : '#include<intel-ipsec-mb.h>').split('"')[1]
if (imb_ver == '') or (imb_ver.version_compare('<' + IMB_required_ver))
reason = 'IPSec_MB version >= @0@ is required, found version @1@'.format(
IMB_required_ver, imb_ver)
build = false
endif
endif endif
allow_experimental_apis = true allow_experimental_apis = true

79
drivers/crypto/kasumi/rte_kasumi_pmd.c
View File

@ -54,7 +54,7 @@ kasumi_get_mode(const struct rte_crypto_sym_xform *xform)
/** Parse crypto xform chain and set private session parameters. */ /** Parse crypto xform chain and set private session parameters. */
int int
kasumi_set_session_parameters(struct kasumi_session *sess, kasumi_set_session_parameters(MB_MGR *mgr, struct kasumi_session *sess,
const struct rte_crypto_sym_xform *xform) const struct rte_crypto_sym_xform *xform)
{ {
const struct rte_crypto_sym_xform *auth_xform = NULL; const struct rte_crypto_sym_xform *auth_xform = NULL;
@ -97,7 +97,7 @@ kasumi_set_session_parameters(struct kasumi_session *sess,
} }
/* Initialize key */ /* Initialize key */
sso_kasumi_init_f8_key_sched(cipher_xform->cipher.key.data, IMB_KASUMI_INIT_F8_KEY_SCHED(mgr, cipher_xform->cipher.key.data,
&sess->pKeySched_cipher); &sess->pKeySched_cipher);
} }
@ -116,7 +116,7 @@ kasumi_set_session_parameters(struct kasumi_session *sess,
sess->auth_op = auth_xform->auth.op; sess->auth_op = auth_xform->auth.op;
/* Initialize key */ /* Initialize key */
sso_kasumi_init_f9_key_sched(auth_xform->auth.key.data, IMB_KASUMI_INIT_F9_KEY_SCHED(mgr, auth_xform->auth.key.data,
&sess->pKeySched_hash); &sess->pKeySched_hash);
} }
@ -151,7 +151,7 @@ kasumi_get_session(struct kasumi_qp *qp, struct rte_crypto_op *op)
sess = (struct kasumi_session *)_sess_private_data; sess = (struct kasumi_session *)_sess_private_data;
if (unlikely(kasumi_set_session_parameters(sess, if (unlikely(kasumi_set_session_parameters(qp->mgr, sess,
op->sym->xform) != 0)) { op->sym->xform) != 0)) {
rte_mempool_put(qp->sess_mp, _sess); rte_mempool_put(qp->sess_mp, _sess);
rte_mempool_put(qp->sess_mp_priv, _sess_private_data); rte_mempool_put(qp->sess_mp_priv, _sess_private_data);
@ -170,13 +170,13 @@ kasumi_get_session(struct kasumi_qp *qp, struct rte_crypto_op *op)
/** Encrypt/decrypt mbufs with same cipher key. */ /** Encrypt/decrypt mbufs with same cipher key. */
static uint8_t static uint8_t
process_kasumi_cipher_op(struct rte_crypto_op **ops, process_kasumi_cipher_op(struct kasumi_qp *qp, struct rte_crypto_op **ops,
struct kasumi_session *session, struct kasumi_session *session, uint8_t num_ops)
uint8_t num_ops)
{ {
unsigned i; unsigned i;
uint8_t processed_ops = 0; uint8_t processed_ops = 0;
uint8_t *src[num_ops], *dst[num_ops]; const void *src[num_ops];
void *dst[num_ops];
uint8_t *iv_ptr; uint8_t *iv_ptr;
uint64_t iv[num_ops]; uint64_t iv[num_ops];
uint32_t num_bytes[num_ops]; uint32_t num_bytes[num_ops];
@ -198,7 +198,7 @@ process_kasumi_cipher_op(struct rte_crypto_op **ops,
} }
if (processed_ops != 0) if (processed_ops != 0)
sso_kasumi_f8_n_buffer(&session->pKeySched_cipher, iv, IMB_KASUMI_F8_N_BUFFER(qp->mgr, &session->pKeySched_cipher, iv,
src, dst, num_bytes, processed_ops); src, dst, num_bytes, processed_ops);
return processed_ops; return processed_ops;
@ -206,7 +206,7 @@ process_kasumi_cipher_op(struct rte_crypto_op **ops,
/** Encrypt/decrypt mbuf (bit level function). */ /** Encrypt/decrypt mbuf (bit level function). */
static uint8_t static uint8_t
process_kasumi_cipher_op_bit(struct rte_crypto_op *op, process_kasumi_cipher_op_bit(struct kasumi_qp *qp, struct rte_crypto_op *op,
struct kasumi_session *session) struct kasumi_session *session)
{ {
uint8_t *src, *dst; uint8_t *src, *dst;
@ -216,18 +216,16 @@ process_kasumi_cipher_op_bit(struct rte_crypto_op *op,
offset_in_bits = op->sym->cipher.data.offset; offset_in_bits = op->sym->cipher.data.offset;
src = rte_pktmbuf_mtod(op->sym->m_src, uint8_t *); src = rte_pktmbuf_mtod(op->sym->m_src, uint8_t *);
if (op->sym->m_dst == NULL) { if (op->sym->m_dst == NULL)
op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; dst = src;
KASUMI_LOG(ERR, "bit-level in-place not supported"); else
return 0; dst = rte_pktmbuf_mtod(op->sym->m_dst, uint8_t *);
}
dst = rte_pktmbuf_mtod(op->sym->m_dst, uint8_t *);
iv_ptr = rte_crypto_op_ctod_offset(op, uint8_t *, iv_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
session->cipher_iv_offset); session->cipher_iv_offset);
iv = *((uint64_t *)(iv_ptr)); iv = *((uint64_t *)(iv_ptr));
length_in_bits = op->sym->cipher.data.length; length_in_bits = op->sym->cipher.data.length;
sso_kasumi_f8_1_buffer_bit(&session->pKeySched_cipher, iv, IMB_KASUMI_F8_1_BUFFER_BIT(qp->mgr, &session->pKeySched_cipher, iv,
src, dst, length_in_bits, offset_in_bits); src, dst, length_in_bits, offset_in_bits);
return 1; return 1;
@ -262,7 +260,8 @@ process_kasumi_hash_op(struct kasumi_qp *qp, struct rte_crypto_op **ops,
if (session->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY) { if (session->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY) {
dst = qp->temp_digest; dst = qp->temp_digest;
sso_kasumi_f9_1_buffer(&session->pKeySched_hash, src, IMB_KASUMI_F9_1_BUFFER(qp->mgr,
&session->pKeySched_hash, src,
num_bytes, dst); num_bytes, dst);
/* Verify digest. */ /* Verify digest. */
@ -272,7 +271,8 @@ process_kasumi_hash_op(struct kasumi_qp *qp, struct rte_crypto_op **ops,
} else { } else {
dst = ops[i]->sym->auth.digest.data; dst = ops[i]->sym->auth.digest.data;
sso_kasumi_f9_1_buffer(&session->pKeySched_hash, src, IMB_KASUMI_F9_1_BUFFER(qp->mgr,
&session->pKeySched_hash, src,
num_bytes, dst); num_bytes, dst);
} }
processed_ops++; processed_ops++;
@ -292,7 +292,7 @@ process_ops(struct rte_crypto_op **ops, struct kasumi_session *session,
switch (session->op) { switch (session->op) {
case KASUMI_OP_ONLY_CIPHER: case KASUMI_OP_ONLY_CIPHER:
processed_ops = process_kasumi_cipher_op(ops, processed_ops = process_kasumi_cipher_op(qp, ops,
session, num_ops); session, num_ops);
break; break;
case KASUMI_OP_ONLY_AUTH: case KASUMI_OP_ONLY_AUTH:
@ -300,14 +300,14 @@ process_ops(struct rte_crypto_op **ops, struct kasumi_session *session,
num_ops); num_ops);
break; break;
case KASUMI_OP_CIPHER_AUTH: case KASUMI_OP_CIPHER_AUTH:
processed_ops = process_kasumi_cipher_op(ops, session, processed_ops = process_kasumi_cipher_op(qp, ops, session,
num_ops); num_ops);
process_kasumi_hash_op(qp, ops, session, processed_ops); process_kasumi_hash_op(qp, ops, session, processed_ops);
break; break;
case KASUMI_OP_AUTH_CIPHER: case KASUMI_OP_AUTH_CIPHER:
processed_ops = process_kasumi_hash_op(qp, ops, session, processed_ops = process_kasumi_hash_op(qp, ops, session,
num_ops); num_ops);
process_kasumi_cipher_op(ops, session, processed_ops); process_kasumi_cipher_op(qp, ops, session, processed_ops);
break; break;
default: default:
/* Operation not supported. */ /* Operation not supported. */
@ -350,21 +350,21 @@ process_op_bit(struct rte_crypto_op *op, struct kasumi_session *session,
switch (session->op) { switch (session->op) {
case KASUMI_OP_ONLY_CIPHER: case KASUMI_OP_ONLY_CIPHER:
processed_op = process_kasumi_cipher_op_bit(op, processed_op = process_kasumi_cipher_op_bit(qp, op,
session); session);
break; break;
case KASUMI_OP_ONLY_AUTH: case KASUMI_OP_ONLY_AUTH:
processed_op = process_kasumi_hash_op(qp, &op, session, 1); processed_op = process_kasumi_hash_op(qp, &op, session, 1);
break; break;
case KASUMI_OP_CIPHER_AUTH: case KASUMI_OP_CIPHER_AUTH:
processed_op = process_kasumi_cipher_op_bit(op, session); processed_op = process_kasumi_cipher_op_bit(qp, op, session);
if (processed_op == 1) if (processed_op == 1)
process_kasumi_hash_op(qp, &op, session, 1); process_kasumi_hash_op(qp, &op, session, 1);
break; break;
case KASUMI_OP_AUTH_CIPHER: case KASUMI_OP_AUTH_CIPHER:
processed_op = process_kasumi_hash_op(qp, &op, session, 1); processed_op = process_kasumi_hash_op(qp, &op, session, 1);
if (processed_op == 1) if (processed_op == 1)
process_kasumi_cipher_op_bit(op, session); process_kasumi_cipher_op_bit(qp, op, session);
break; break;
default: default:
/* Operation not supported. */ /* Operation not supported. */
@ -533,7 +533,7 @@ cryptodev_kasumi_create(const char *name,
{ {
struct rte_cryptodev *dev; struct rte_cryptodev *dev;
struct kasumi_private *internals; struct kasumi_private *internals;
uint64_t cpu_flags = 0; MB_MGR *mgr;
dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params); dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
if (dev == NULL) { if (dev == NULL) {
@ -541,12 +541,6 @@ cryptodev_kasumi_create(const char *name,
goto init_error; goto init_error;
} }
/* Check CPU for supported vector instruction set */
if (rte_cpu_get_flag_enabled(RTE_CPUFLAG_AVX))
cpu_flags |= RTE_CRYPTODEV_FF_CPU_AVX;
else
cpu_flags |= RTE_CRYPTODEV_FF_CPU_SSE;
dev->driver_id = cryptodev_driver_id; dev->driver_id = cryptodev_driver_id;
dev->dev_ops = rte_kasumi_pmd_ops; dev->dev_ops = rte_kasumi_pmd_ops;
@ -555,12 +549,24 @@ cryptodev_kasumi_create(const char *name,
dev->enqueue_burst = kasumi_pmd_enqueue_burst; dev->enqueue_burst = kasumi_pmd_enqueue_burst;
dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO | dev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING | RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING;
cpu_flags;
mgr = alloc_mb_mgr(0);
if (mgr == NULL)
return -ENOMEM;
if (rte_cpu_get_flag_enabled(RTE_CPUFLAG_AVX)) {
dev->feature_flags |= RTE_CRYPTODEV_FF_CPU_AVX;
init_mb_mgr_avx(mgr);
} else {
dev->feature_flags |= RTE_CRYPTODEV_FF_CPU_SSE;
init_mb_mgr_sse(mgr);
}
internals = dev->data->dev_private; internals = dev->data->dev_private;
internals->max_nb_queue_pairs = init_params->max_nb_queue_pairs; internals->max_nb_queue_pairs = init_params->max_nb_queue_pairs;
internals->mgr = mgr;
return 0; return 0;
init_error: init_error:
@ -598,6 +604,7 @@ cryptodev_kasumi_remove(struct rte_vdev_device *vdev)
{ {
struct rte_cryptodev *cryptodev; struct rte_cryptodev *cryptodev;
const char *name; const char *name;
struct kasumi_private *internals;
name = rte_vdev_device_name(vdev); name = rte_vdev_device_name(vdev);
if (name == NULL) if (name == NULL)
@ -607,6 +614,10 @@ cryptodev_kasumi_remove(struct rte_vdev_device *vdev)
if (cryptodev == NULL) if (cryptodev == NULL)
return -ENODEV; return -ENODEV;
internals = cryptodev->data->dev_private;
free_mb_mgr(internals->mgr);
return rte_cryptodev_pmd_destroy(cryptodev); return rte_cryptodev_pmd_destroy(cryptodev);
} }

8
drivers/crypto/kasumi/rte_kasumi_pmd_ops.c
View File

@ -195,6 +195,7 @@ kasumi_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
int socket_id) int socket_id)
{ {
struct kasumi_qp *qp = NULL; struct kasumi_qp *qp = NULL;
struct kasumi_private *internals = dev->data->dev_private;
/* Free memory prior to re-allocation if needed. */ /* Free memory prior to re-allocation if needed. */
if (dev->data->queue_pairs[qp_id] != NULL) if (dev->data->queue_pairs[qp_id] != NULL)
@ -217,6 +218,7 @@ kasumi_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
if (qp->processed_ops == NULL) if (qp->processed_ops == NULL)
goto qp_setup_cleanup; goto qp_setup_cleanup;
qp->mgr = internals->mgr;
qp->sess_mp = qp_conf->mp_session; qp->sess_mp = qp_conf->mp_session;
qp->sess_mp_priv = qp_conf->mp_session_private; qp->sess_mp_priv = qp_conf->mp_session_private;
@ -246,13 +248,14 @@ kasumi_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
/** Configure a KASUMI session from a crypto xform chain */ /** Configure a KASUMI session from a crypto xform chain */
static int static int
kasumi_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused, kasumi_pmd_sym_session_configure(struct rte_cryptodev *dev,
struct rte_crypto_sym_xform *xform, struct rte_crypto_sym_xform *xform,
struct rte_cryptodev_sym_session *sess, struct rte_cryptodev_sym_session *sess,
struct rte_mempool *mempool) struct rte_mempool *mempool)
{ {
void *sess_private_data; void *sess_private_data;
int ret; int ret;
struct kasumi_private *internals = dev->data->dev_private;
if (unlikely(sess == NULL)) { if (unlikely(sess == NULL)) {
KASUMI_LOG(ERR, "invalid session struct"); KASUMI_LOG(ERR, "invalid session struct");
@ -265,7 +268,8 @@ kasumi_pmd_sym_session_configure(struct rte_cryptodev *dev __rte_unused,
return -ENOMEM; return -ENOMEM;
} }
ret = kasumi_set_session_parameters(sess_private_data, xform); ret = kasumi_set_session_parameters(internals->mgr,
sess_private_data, xform);
if (ret != 0) { if (ret != 0) {
KASUMI_LOG(ERR, "failed configure session parameters"); KASUMI_LOG(ERR, "failed configure session parameters");

2
mk/rte.app.mk
View File

@ -280,7 +280,7 @@ endif # CONFIG_RTE_LIBRTE_PMD_QAT
_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_SNOW3G) += -lrte_pmd_snow3g _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_SNOW3G) += -lrte_pmd_snow3g
_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_SNOW3G) += -L$(LIBSSO_SNOW3G_PATH)/build -lsso_snow3g _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_SNOW3G) += -L$(LIBSSO_SNOW3G_PATH)/build -lsso_snow3g
_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_KASUMI) += -lrte_pmd_kasumi _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_KASUMI) += -lrte_pmd_kasumi
_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_KASUMI) += -L$(LIBSSO_KASUMI_PATH)/build -lsso_kasumi _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_KASUMI) += -lIPSec_MB
_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_ZUC) += -lrte_pmd_zuc _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_ZUC) += -lrte_pmd_zuc
_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_ZUC) += -lIPSec_MB _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_ZUC) += -lIPSec_MB
_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO) += -lrte_pmd_armv8 _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO) += -lrte_pmd_armv8