Commit Graph

27 Commits

Author SHA1 Message Date
Srisivasubramanian S
0f89def761 crypto/armv8: fix HMAC supported key sizes
For HMAC algorithms (SHAx-HMAC), the supported
key sizes are not a fixed value, but a range between
1 and the block size.

Fixes: 169ca3db55 ("crypto/armv8: add PMD optimized for ARMv8 processors")
Cc: stable@dpdk.org

Signed-off-by: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>
Signed-off-by: Jerin Jacob <jerin.jacob@caviumnetworks.com>
2017-07-30 18:51:25 +02:00
Srisivasubramanian S
473174a7da crypto/armv8: fix authentication session configuration
For key sizes greater than digest length, pad with zero rather than
computing hash of the key itself.

Fixes: 169ca3db55 ("crypto/armv8: add PMD optimized for ARMv8 processors")
Cc: stable@dpdk.org

Signed-off-by: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>
2017-07-30 18:49:45 +02:00
Pablo de Lara
27391b53b3 cryptodev: fix session init return value
When calling rte_cryptodev_sym_session_init(),
if there was an error, it returned -1, instead
of returning the specific error code, which can
be valuable for the application for error handling.

Fixes: b3bbd9e5f2 ("cryptodev: support device independent sessions")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
2017-07-27 17:25:54 +02:00
Pablo de Lara
7b3880fdcc cryptodev: remove AAD size in auth capabilities
Additional Authenticated Data (AAD) was removed from the
authentication parameters, but still the supported size
was part of the authentication capabilities of a PMD.

Fixes: 4428eda8bb ("cryptodev: remove AAD from authentication structure")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
2017-07-19 14:10:41 +03:00
Jerin Jacob
3abcd29f2d update Cavium Inc copyright headers
Replace the incorrect reference to "Cavium Networks", "Cavium Ltd"
company name with correct the "Cavium, Inc" company name in
copyright headers.

Signed-off-by: Jerin Jacob <jerin.jacob@caviumnetworks.com>
2017-07-08 17:43:49 +02:00
Pablo de Lara
f7db6f821e cryptodev: add mempool pointer in queue pair setup
The session mempool pointer is needed in each queue pair,
if session-less operations are being handled.
Therefore, the API is changed to accept this parameter,
as the session mempool is created outside the
device configuration function, similar to what ethdev
does with the rx queues.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2017-07-06 22:34:55 +02:00
Slawomir Mrozowicz
b3bbd9e5f2 cryptodev: support device independent sessions
Change crypto device's session management to make it
device independent and simplify architecture when session
is intended to be used on more than one device.

Sessions private data is agnostic to underlying device
by adding an indirection in the sessions private data
using the crypto driver identifier.
A single session can contain indirections to multiple device types.

New function rte_cryptodev_sym_session_init has been created,
to initialize the driver private session data per driver to be
used on a same session, and rte_cryptodev_sym_session_clear
to clear this data before calling rte_cryptodev_sym_session_free.

Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2017-07-06 22:34:55 +02:00
Slawomir Mrozowicz
70c5c3d1b2 cryptodev: remove driver id from session
Since crypto session will not be attached to a specific
device or driver, the field driver_id is not required
anymore (only used to check that a session was being
handled by the right device).

Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2017-07-06 22:34:55 +02:00
Slawomir Mrozowicz
a3277ad47f cryptodev: remove crypto device driver name
Remove crypto device driver name string definitions from librte_cryptodev,
which avoid to library changes every time a new crypto driver was added.

The driver name is predefined internaly in the each PMD.
The applications could use the crypto device driver names based on
options with the driver name string provided in command line.

Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
2017-07-06 22:34:53 +02:00
Slawomir Mrozowicz
7a364faef1 cryptodev: remove crypto device type enumeration
Changes device type identification to be based on a unique
driver id replacing the current device type enumeration, which needed
library changes every time a new crypto driver was added.

The driver id is assigned dynamically during driver registration using
the new macro RTE_PMD_REGISTER_CRYPTO_DRIVER which returns a unique
uint8_t identifier for that driver. New APIs are also introduced
to allow retrieval of the driver id using the driver name.

Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
2017-07-06 22:34:20 +02:00
Pablo de Lara
7f0034275a cryptodev: remove digest length from crypto op
Digest length was duplicated in the authentication transform
and the crypto operation structures.

Since digest length is not expected to change in a same
session, it is removed from the crypto operation.

Also, the length has been shrunk to 16 bits,
which should be sufficient for any digest.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
2017-07-06 22:26:49 +02:00
Pablo de Lara
acf8616901 cryptodev: add auth IV
Authentication algorithms, such as AES-GMAC or the wireless
algorithms (like SNOW3G) use IV, like cipher algorithms.
So far, AES-GMAC has used the IV from the cipher structure,
and the wireless algorithms have used the AAD field,
which is not technically correct.

Therefore, authentication IV parameters have been added,
so API is more correct. Like cipher IV, auth IV is expected
to be copied after the crypto operation.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
2017-07-06 22:26:48 +02:00
Pablo de Lara
0fbd75a99f cryptodev: move IV parameters to session
Since IV parameters (offset and length) should not
change for operations in the same session, these parameters
are moved to the crypto transform structure, so they will
be stored in the sessions.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
2017-07-06 22:26:48 +02:00
Pablo de Lara
5082f991f6 cryptodev: pass IV as offset
Since IV now is copied after the crypto operation, in
its private size, IV can be passed only with offset
and length.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
2017-07-06 22:26:48 +02:00
Pablo de Lara
5209df0d33 cryptodev: move session type to generic crypto op
Session type (operation with or without session) is not
something specific to symmetric operations.
Therefore, the variable is moved to the generic crypto operation
structure.

Since this is an ABI change, the cryptodev library version
gets bumped.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
2017-07-06 22:22:09 +02:00
Pablo de Lara
63348b9d1c cryptodev: move vdev functions to a separate file
Move all functions handling virtual devices to a separate
header file "rte_cryptodev_vdev.h", in order to leave only
generic functions for any device in the rest of the files.

It also creates the file "rte_cryptodev_pmd.c", with the
implementations of these functions.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
2017-06-28 19:59:22 +02:00
Pablo de Lara
917ac9c49c cryptodev: store device pointer in virtual devices
Only non virtual devices were storing the pointer to
rte_device structure in rte_cryptodev, which will be needed
to retrieve the driver name for any device.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
2017-06-28 19:59:22 +02:00
Pablo de Lara
168b9e76f9 drivers/crypto: do not create unique name internally
Crypto devices of the same type could be initialized
with the same name, since internally this name was suffixed
with an index.

Since commit <dda987315ca2> ("vdev: make virtual bus use its
device struct"), this is not allowed anymore.

Therefore, there is no need to create an unique name
at device initialization.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
2017-04-20 11:32:45 +02:00
Pablo de Lara
7e21477118 drivers/crypto: check if name is null
Check if virtual device name is NULL,
to avoid possible segmentation faults.

Fixes: 5d2aa461cb ("vdev: use generic vdev struct for probe and remove")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
2017-04-20 11:32:45 +02:00
Jan Blunck
5d2aa461cb vdev: use generic vdev struct for probe and remove
This is a preparation to embed the generic rte_device into the rte_eth_dev
also for virtual devices.

Signed-off-by: Jan Blunck <jblunck@infradead.org>
Signed-off-by: Gaetan Rivet <gaetan.rivet@6wind.com>
2017-04-14 15:41:50 +02:00
Fan Zhang
60e686c223 cryptodev: change device configuration API
This patch changes the device configuration API for rte_cryptodev_ops
function prototype, and update all cryptodev PMDs for this change.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
2017-04-06 00:17:44 +02:00
Bruce Richardson
ecaed092b6 ring: return remaining entry count when dequeuing
Add an extra parameter to the ring dequeue burst/bulk functions so that
those functions can optionally return the amount of remaining objs in the
ring. This information can be used by applications in a number of ways,
for instance, with single-consumer queues, it provides a max
dequeue size which is guaranteed to work.

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Reviewed-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
2017-03-29 22:32:20 +02:00
Bruce Richardson
14fbffb0aa ring: return free space when enqueuing
Add an extra parameter to the ring enqueue burst/bulk functions so that
those functions can optionally return the amount of free space in the
ring. This information can be used by applications in a number of ways,
for instance, with single-producer queues, it provides a max
enqueue size which is guaranteed to work. It can also be used to
implement watermark functionality in apps, replacing the older
functionality with a more flexible version, which enables apps to
implement multiple watermark thresholds, rather than just one.

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Reviewed-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
2017-03-29 22:32:04 +02:00
Bruce Richardson
636e739204 drivers/crypto: use ring size function
Rather than reading the size directly from the ring structure, use the
dedicated ring function for that purpose.
Previous commits to do this only did so for the null crypto driver which
was the only one compiled in by default, but all other drivers need to be
similarly updated.

Fixes: b11c78a2e0 ("crypto/null: use ring size function")

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
2017-03-27 23:56:58 +02:00
Olivier Matz
feb9f680cd mk: optimize directory dependencies
Before this patch, the management of dependencies between directories
had several issues:

- the generation of .depdirs, done at configuration is slow: it can take
  more than one minute on some slow targets (usually ~10s on a standard
  PC without -j).

- for instance, it is possible to express a dependency like:
  - app/foo depends on lib/librte_foo
  - and lib/librte_foo depends on app/bar
  But this won't work because the directories are traversed with a
  depth-first algorithm, so we have to choose between doing 'app' before
  or after 'lib'.

- the script depdirs-rule.sh is too complex.

- we cannot use "make -d" for debug, because the output of make is used for
  the generation of .depdirs.

This patch moves the DEPDIRS-* variables in the upper Makefile, making
the dependencies much easier to calculate. A DEPDIRS variable is still
used to process library dependencies in LDLIBS.

After this commit, "make config" is almost immediate.

Signed-off-by: Olivier Matz <olivier.matz@6wind.com>
Tested-by: Robin Jarry <robin.jarry@6wind.com>
Tested-by: Jerin Jacob <jerin.jacob@caviumnetworks.com>
2017-03-27 23:28:43 +02:00
Zbigniew Bodek
c2fec02245 cryptodev: introduce ARM-specific feature flags
Add two new feature flags:
* RTE_CRYPTODEV_FF_CPU_NEON
  represents ARM NEON (TM) instructions
* RTE_CRYPTODEV_FF_CPU_ARM_CE
  represents ARM crypto extensions

Add them to both cryptodev library, documentation and relevant
PMD driver for ARMv8.

Signed-off-by: Zbigniew Bodek <zbigniew.bodek@caviumnetworks.com>
2017-01-19 01:00:55 +01:00
Zbigniew Bodek
169ca3db55 crypto/armv8: add PMD optimized for ARMv8 processors
This patch introduces crypto poll mode driver
using ARMv8 cryptographic extensions.
CPU compatibility with this driver is detected in
run-time and virtual crypto device will not be
created if CPU doesn't provide:
AES, SHA1, SHA2 and NEON.

This PMD is optimized to provide performance boost
for chained crypto operations processing,
such as encryption + HMAC generation,
decryption + HMAC validation. In particular,
cipher only or hash only operations are
not provided.

The driver currently supports AES-128-CBC
in combination with: SHA256 HMAC and SHA1 HMAC
and relies on the external armv8_crypto library:
https://github.com/caviumnetworks/armv8_crypto

Build ARMv8 crypto PMD if compiling for ARM64
and CONFIG_RTE_LIBRTE_PMD_ARMV8_CRYPTO option
is enable in the configuration file.
ARMV8_CRYPTO_LIB_PATH environment variable will
point to the appropriate library directory.

Signed-off-by: Zbigniew Bodek <zbigniew.bodek@caviumnetworks.com>
Reviewed-by: Jerin Jacob <jerin.jacob@caviumnetworks.com>
2017-01-19 01:00:55 +01:00