The cryptodev info structure currently contains
the maximum number of sessions that can be used in a queue pair.
This is only set in DPAA_SEC PMD, and since it is calculated
based on the maximum number of sessions (which is not used
anymore), this field can be removed.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Structure rte_cryptodev_info has currently PCI device
information ("struct rte_pci_device") in it.
This information is not generic to all devices,
so this gets replaced with the generic "rte_device" structure,
compatible with all crypto devices.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
For cryptodev dynamic logging, conditional compilation of
debug logs is not actually required.
Signed-off-by: Jananee Parthasarathy <jananeex.m.parthasarathy@intel.com>
Reviewed-by: Reshma Pattan <reshma.pattan@intel.com>
Reviewed-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
In 17.08, the crypto operation was restructured,
and some reserved bytes (5) were added to have the mempool
pointer aligned to 64 bits, since the structure is expected
to be aligned to 64 bits, allowing future additions with no
ABI breakage needed.
In 18.05, a new 2-byte field was added, so the reserved bytes
were reduced to 3. However, this field was added after the first 3 bytes
of the structure, causing it to be placed in an offset of 4 bytes,
and therefore, forcing the mempool pointer to be placed after 16 bytes,
instead of a 8 bytes, causing unintentionally the ABI breakage.
This commit fixes the breakage, by swapping the reserved bytes
and the private_data_offset field, so the latter is aligned to 2 bytes
and the offset of the mempool pointer returns to its original offset,
8 bytes.
Fixes: 54c8368466 ("cryptodev: set private data for session-less mode")
Cc: stable@dpdk.org
Reported-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Abhinandan Gujjar <abhinandan.gujjar@intel.com>
Converted the license header of the files
that still have the old full header.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Kevin Laatz <kevin.laatz@intel.com>
rte_cryptodev_get_header_session_size() and
rte_cryptodev_get_private_session_size() functions are
targeting symmetric sessions.
With the future addition of asymmetric operations,
these functions need to be renamed from *cryptodev_*_session_*
to *cryptodev_sym_*_session_* to be symmetric specific.
The two original functions are marked as deprecated
and will be removed in 18.08, so applications can still
use the functions in 18.05.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Shally Verma <shally.verma@caviumnetworks.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Deepak Kumar Jain <deepak.k.jain@intel.com>
Functions rte_cryptodev_queue_pair_start/stop
are not really used in any of the crypto drivers
(they all just return 0 or -ENOTSUP).
Therefore, this API can be deprecated from 18.05
and removed in 18.08.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Deepak Kumar Jain <deepak.k.jain@intel.com>
Functions rte_cryptodev_queue_pair_attach_sym_session
and rte_cryptodev_queue_pair_detach_sym_sessions
are not really used in any of the crypto drivers
(only one driver implements it and it just return 0).
Therefore, this API can be deprecated from 18.05
and removed in 18.08.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Deepak Kumar Jain <deepak.k.jain@intel.com>
Session data can only be cleared once there are no
inflight operations using the session. It is the application's
responsability to make sure of this.
Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Security protocol flag string was not added
when the actual flag was added.
Fixes: eadb4fa1e1 ("cryptodev: support security APIs")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Vipin Varghese <vipin.varghese@intel.com>
Extend the description of cryptodev feature flags,
adding extra information.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Vipin Varghese <vipin.varghese@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Crypto capability structure contains supported
sizes for key, IV, digest, etc. on different algorithms.
These sizes can be expressed as a single value or
a range of values.
The check was broken when a size was checked against
a range with multiple values.
Also, for more clarity, the param_range_check macro
has been converted into a function.
Fixes: 38227c0e3a ("cryptodev: retrieve device info")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Remove version tag from experimental block in linker version scripts
(.map files).
That label is not used by linker and information only. It is useful
for version blocks but not useful for experimental block but confusing.
Removing those labels.
Signed-off-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
The application may want to store private data along with the
rte_cryptodev that is transparent to the rte_cryptodev layer.
For e.g., If an eventdev based application is submitting a
rte_cryptodev_sym_session operation and wants to indicate event
information required to construct a new event that will be
enqueued to eventdev after completion of the rte_cryptodev_sym_session
operation. This patch provides a mechanism for the application
to associate this information with the rte_cryptodev_sym_session session.
The application can set the private data using
rte_cryptodev_sym_session_set_private_data() and retrieve it using
rte_cryptodev_sym_session_get_private_data().
Signed-off-by: Abhinandan Gujjar <abhinandan.gujjar@intel.com>
Signed-off-by: Nikhil Rao <nikhil.rao@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
The application may want to store private data along with the
rte_crypto_op that is transparent to the rte_cryptodev layer.
For e.g., If an eventdev based application is submitting a
crypto session-less operation and wants to indicate event
information required to construct a new event that will be
enqueued to eventdev after completion of the crypto
operation. This patch provides a mechanism for the application
to associate this information with the rte_crypto_op in
session-less mode.
Signed-off-by: Abhinandan Gujjar <abhinandan.gujjar@intel.com>
Signed-off-by: Nikhil Rao <nikhil.rao@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Add SHA3 family authentication algorithm support for
CCP crypto PMD. This patch defines new macros for SHA3
algorithms in the DPDK crypto framework.
Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>
Pass an rte_driver to the RTE_PMD_REGISTER_CRYPTO_DRIVER macro
rather than an unspecified container which holds an rte_driver.
All the macro actually needs is the rte_driver, not the
container holding it.
This paves the way for a later patch in which a driver
will be registered which does not naturally derive from a
container and so avoids having to create an arbitrary container
to pass in the rte_driver.
This patch changes the cryptodev lib macro and all the
PMDs which use it.
Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
Add non-EAL libraries to DPDK build. The compat lib is a special case,
along with the previously-added EAL, but all other libs can be build using
the same set of commands, where the individual meson.build files only need
to specify their dependencies, source files, header files and ABI versions.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Reviewed-by: Harry van Haaren <harry.van.haaren@intel.com>
Acked-by: Keith Wiles <keith.wiles@intel.com>
Acked-by: Luca Boccassi <luca.boccassi@gmail.com>
The wrong casts don't cause actual error, but they should conform to C
standard.
Fixes: c261d1431b ("security: introduce security API and framework")
Fixes: b3bbd9e5f2 ("cryptodev: support device independent sessions")
Cc: stable@dpdk.org
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
qp_detach_session function was using the attach_session_t
function prototype, instead of detach_session_t.
Since both of them have the same parameters, there were
no compilation issues, but it is not consistent.
Fixes: d816fdea55 ("cryptodev: add API to associate session with queue pair")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
CPU flag AVX512 was added in a previous release,
but it was not added in the list of strings.
Fixes: 84d7965866 ("crypto/aesni_mb: support AVX512")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
/x86_64-native-linuxapp-gcc/include/rte_crypto.h:126:28:
error: ISO C forbids zero-size array ‘sym’ [-Werror=pedantic]
struct rte_crypto_sym_op sym[0];
^~~
Zero-size array is an extension to the language it cannot be replaced by a
empty size array i.e. [] because structure is inside a union.
Fixes: d2a4223c4c ("cryptodev: do not store pointer to op specific params")
Cc: stable@dpdk.org
Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Many exported headers rely on definitions found in rte_config.h without
including it, as shown by the following command:
grep -L '^#include <rte_config.h>' -- \
$(grep -Rl \
$(sed -n '/^#define \([^ ]\+\).*$/{s//\1/;H;};${x;s/\n//;s/\n/\\|/g;p;}' \
build/include/rte_config.h) \
-- build/include/)
We cannot assume external applications will include rte_config.h on their
own, neither directly nor through a -include parameter like DPDK does
internally.
This not only causes obvious compilation failures that can be reproduced
with check-includes.sh such as:
[...]/rte_memory.h:88:43: error: ‘RTE_CACHE_LINE_SIZE’ was not declared in
this scope
#define __rte_cache_aligned __rte_aligned(RTE_CACHE_LINE_SIZE)
^
It also results in less visible issues, for instance rte_hash_crc.h relying
on RTE_ARCH_X86_64's presence to provide dedicated inline functions.
This patch partially reverts the commit below and adds missing include
lines to the remaining files.
Fixes: f1a7a5c5f4 ("remove include of generated config header")
Cc: stable@dpdk.org
Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>
Replace the BSD license header with the SPDX tag for files
with only an Intel copyright on them.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Remove rte_cryptodev_create_vdev() for duplication.
Signed-off-by: Jianfeng Tan <jianfeng.tan@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Renamed data type from phys_addr_t to rte_iova_t.
Signed-off-by: Santosh Shukla <santosh.shukla@caviumnetworks.com>
Reviewed-by: Anatoly Burakov <anatoly.burakov@intel.com>
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
The function rte_mem_virt2phy() is kept and used in functions which
works only with physical addresses.
For all other calls this function is replaced by rte_mem_virt2iova()
which does a direct mapping (no conversion) in the VA case.
Note: the new function rte_mem_virt2iova() function matches the
behaviour implemented in rte_mem_virt2phy() by the commit
680f6c1260 ("mem: honor IOVA mode in virt2phy")
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Santosh Shukla <santosh.shukla@caviumnetworks.com>
Extend the Doxygen documentation of rte_cryptodev_info_get,
to describe how it returns the capabilities of a device.
Signed-off-by: Billy O'Mahony <billy.o.mahony@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Removes any dependency of librte_cryptodev on the PCI device
infrastructure code and removes the functions which were virtual
device specific.
Updates QAT crypto PMD to remove dependencies on rte_cryptodev_pci.h
and replaces those calls with the new bus independent functions.
Signed-off-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Removes any dependency of librte_cryptodev on the virtual device
infrastructure code and removes the functions which were virtual
device specific.
Updates all virtual PMDs to remove dependencies on rte_cryptodev_vdev.h
and replaces those calls with the new bus independent functions.
Due to these changes, the cryptodev ABI version gets bumped.
Signed-off-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Tested-by: Tomasz Duszynski <tdu@semihalf.com>
Adds new PMD assist functions which are bus independent for driver to
create and destroy new device instances.
Also includes function to parse parameters which can be passed to
driver on device initialisation.
Signed-off-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
When compiling with an application that includes rte_cryptodev.h with
Ofast, an error is reported regarding enumeration
RTE_CRYPTO_OP_TYPE_UNDEFINED not handled in switch case in function
__rte_crypto_op_reset().
Fix this by adding a case for RTE_CRYPTO_OP_TYPE_UNDEFINED.
Fixes: c0f87eb525 ("cryptodev: change burst API to be crypto op oriented")
Cc: stable@dpdk.org
Signed-off-by: Ian Stokes <ian.stokes@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
The list of libraries in LDLIBS was generated from the DEPDIRS-xyz
variable. This is valid when the subdirectory name match the library
name, but it's not always the case, especially for PMDs.
The patches removes this feature and explicitly adds the proper
libraries in LDLIBS.
Some DEPDIRS-xyz variables become useless, remove them.
Reported-by: Gage Eads <gage.eads@intel.com>
Signed-off-by: Olivier Matz <olivier.matz@6wind.com>
Reviewed-by: Gage Eads <gage.eads@intel.com>
Add support to AES-CCM, for 128, 192 and 256-bit keys.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
AES-CCM algorithm has some restrictions when
handling nonce (IV) and AAD information.
As the API stated, the nonce needs to be place 1 byte
after the start of the IV field. This field needs
to be 16 bytes long, regardless the length of the nonce,
but it is important to clarify that the first byte
and the padding added after the nonce may be modified
by the PMDs using this algorithm.
Same happens with the AAD. It needs to be placed 18 bytes
after the start of the AAD field. The field also needs
to be multiple of 16 bytes long and all memory reserved
(the first bytes and the padding (may be modified by the PMDs).
Lastly, nonce is not needed to be placed in the first 16 bytes
of the AAD, as the API stated, as that depends on the PMD
used, so the comment has been removed.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Currently, in order to get the name of a crypto device,
a user needs to access to it using the crypto device structure.
It is a better practise to have a function to retrieve this
name, given a device id.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
When register a crypto driver, a cryptodev driver
structure was being allocated, using malloc.
Since this call may fail, it is safer to allocate
this memory statically in each PMD, so driver registration
will never fail.
Coverity issue: 158645
Fixes: 7a364faef1 ("cryptodev: remove crypto device type enumeration")
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Reviewed-by: Kirill Rybalchenko <kirill.rybalchenko@intel.com>
The function rte_cryptodev_create_vdev is an alias
for rte_vdev_init() which is scheduled to move out of the
rte_eal library. Lets deprecate this function to be able to
remove it from the cryptodev library in 17.11.
Signed-off-by: Jan Blunck <jblunck@infradead.org>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
When calling rte_crypto_op_bulk_alloc, the function may
return either a 0, if not enough objects are available
in the mempool or the number of operations requested,
it there are enough available. However, the Doxygen comments
were not matching these two cases.
Fixes: c0f87eb525 ("cryptodev: change burst API to be crypto op oriented")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
When calling rte_cryptodev_sym_session_init(),
if there was an error, it returned -1, instead
of returning the specific error code, which can
be valuable for the application for error handling.
Fixes: b3bbd9e5f2 ("cryptodev: support device independent sessions")
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Crypto operation status RTE_CRYPTO_OP_STATUS_ENQUEUED is removed
from rte_crypto.h as it is not needed for crypto operation processing.
This status value is redundant to RTE_CRYPTO_OP_STATUS_NOT_PROCESSED value
and it was not intended to be part of public API.
Signed-off-by: Kirill Rybalchenko <kirill.rybalchenko@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
IV was positioned differently in authentication
transform structure, compared to the other two
transforms (cipher and AEAD).
To keep consistency, digest length is moved to
the end of the transform.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Additional Authenticated Data (AAD) is called "aad" in most
places of cryptodev, but it was called "add_auth_data"
in the AEAD transform transform (aead_xform).
This field is renamed to "aad_length" in order to keep
consistency.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Crypto keys and digests are not expected
to be big, so using a uint16_t to store
their lengths should be enough.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
For KASUMI F9 algorithm, COUNT, FRESH and DIRECTION
input values need to be contiguous with
the message, as described in the KASUMI and QAT PMD
documentation.
Before, the COUNT and FRESH values were set
as part of the AAD (now IV), but always set before
the beginning of the message.
Since now the IV is set after the crypto operation,
it is not possible to have these values in the
expected location.
Therefore, as these are required to be contiguous,
cryptodev API will expect these them to be passed
as a single buffer, already constructed, so
authentication IV parameters not needed anymore.
Fixes: 681f540da5 ("cryptodev: do not use AAD in wireless algorithms")
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Additional Authenticated Data (AAD) was removed from the
authentication parameters, but still the supported size
was part of the authentication capabilities of a PMD.
Fixes: 4428eda8bb ("cryptodev: remove AAD from authentication structure")
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Removed unnecessary macro RTE_STD_C11, which is used
for unnamed structs.
Since there is no longer an unnamed structure in
rte_cryptodev_sym_session, this is not needed and
it is actually breaking compilation on icc:
lib/librte_cryptodev/rte_cryptodev.h(887): error: expected a declaration
__extension__ void *sess_private_data[0];
^
Fixes: 7c110ce7aa ("cryptodev: remove mempool from session")
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Since now the private session data is initialized after
the session pool is created, there is no need to keep
this PMD function.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
The session mempool pointer is needed in each queue pair,
if session-less operations are being handled.
Therefore, the API is changed to accept this parameter,
as the session mempool is created outside the
device configuration function, similar to what ethdev
does with the rx queues.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Change crypto device's session management to make it
device independent and simplify architecture when session
is intended to be used on more than one device.
Sessions private data is agnostic to underlying device
by adding an indirection in the sessions private data
using the crypto driver identifier.
A single session can contain indirections to multiple device types.
New function rte_cryptodev_sym_session_init has been created,
to initialize the driver private session data per driver to be
used on a same session, and rte_cryptodev_sym_session_clear
to clear this data before calling rte_cryptodev_sym_session_free.
Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Mempool pointer can be obtained from the object itself,
which means that it is not required to actually store the pointer
in the session.
Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Since crypto session will not be attached to a specific
device or driver, the field driver_id is not required
anymore (only used to check that a session was being
handled by the right device).
Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Device id is necessary in the crypto session,
as it was only used for the functions that attach/detach
a session to a queue pair.
Since the session is not going to be attached to a device
anymore, this is field is no longer necessary.
Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Device id is going to be removed from session,
as the session will be device independent.
Therefore, the functions that attach/dettach a session
to a queue pair need to be updated, to accept the device id
as a parameter, apart from the queue pair id and the session.
Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Instead of creating the session mempool while configuring
the crypto device, apps will create the mempool themselves.
This way, it gives flexibility to the user to have a single
mempool for all devices (as long as the objects are big
enough to contain the biggest private session size) or
separate mempools for different drivers.
Also, since the mempool is now created outside the
device configuration function, now it needs to be passed
through this function, which will be eventually passed
when setting up the queue pairs, as ethernet devices do.
Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Provide a function to get the private session size
of any crypto device (specifically, to its crypto driver).
This will be useful once the session mempool is created
outside the library.
Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Prior to removing the session pool creation from cryptodev
configure function, session init function needs to be
separated from the pool creation.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Cryptodev session structure was a duplication of the
cryptodev symmetric structure.
It was used by some PMDs that should use the symmetric
structure instead.
Since this structure was internal, there is no deprecation
notice required.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Remove crypto device driver name string definitions from librte_cryptodev,
which avoid to library changes every time a new crypto driver was added.
The driver name is predefined internaly in the each PMD.
The applications could use the crypto device driver names based on
options with the driver name string provided in command line.
Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Changes device type identification to be based on a unique
driver id replacing the current device type enumeration, which needed
library changes every time a new crypto driver was added.
The driver id is assigned dynamically during driver registration using
the new macro RTE_PMD_REGISTER_CRYPTO_DRIVER which returns a unique
uint8_t identifier for that driver. New APIs are also introduced
to allow retrieval of the driver id using the driver name.
Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
while registering driver to dpaa2, hard coded string is used.
It is now updated as per the latest changes in string name.
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Now that AAD is only used in AEAD algorithms,
there is no need to keep AAD in the authentication
structure.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Now that all the structures/functions for AEAD algorithms
are in place, migrate the two supported algorithms
AES-GCM and AES-CCM to these, instead of using
cipher and authentication parameters.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
AEAD operation parameters can be set in the new
aead structure, in the crypto operation.
This structure is within a union with the cipher
and authentication parameters, since operations can be:
- AEAD: using the aead structure
- Cipher only: using only the cipher structure
- Auth only: using only the authentication structure
- Cipher-then-auth/Auth-then-cipher: using both cipher
and authentication structures
Therefore, all three cannot be used at the same time.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
AEAD algorithms such as AES-GCM needed to be
used as a concatenation of a cipher transform and
an authentication transform.
Instead, a new transform and functions to handle it
are created to support these kind of algorithms,
making their use easier.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
AES-GMAC is an authentication algorithm, based on AES-GCM
without encryption. To simplify its usage, now it can be used
setting the authentication parameters, without requiring
to concatenate a ciphering transform.
Therefore, it is not required to set AAD, but authentication
data length and offset, giving the user the option
to have Scatter-Gather List in the input buffer,
as long as the driver supports it.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Digest length was duplicated in the authentication transform
and the crypto operation structures.
Since digest length is not expected to change in a same
session, it is removed from the crypto operation.
Also, the length has been shrunk to 16 bits,
which should be sufficient for any digest.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Additional authenticated data (AAD) information was duplicated
in the authentication transform and in the crypto
operation structures.
Since AAD length is not meant to be changed in a same session,
it is removed from the crypto operation structure.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
For wireless algorithms (SNOW3G, KASUMI, ZUC),
the IV for the authentication algorithms (F9, UIA2 and EIA3)
was taken from the AAD parameter, as there was no IV parameter
in the authentication structure.
Now that IV is available for all algorithms, there is need
to keep doing this, so AAD is not used for these algorithms
anymore.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Authentication algorithms, such as AES-GMAC or the wireless
algorithms (like SNOW3G) use IV, like cipher algorithms.
So far, AES-GMAC has used the IV from the cipher structure,
and the wireless algorithms have used the AAD field,
which is not technically correct.
Therefore, authentication IV parameters have been added,
so API is more correct. Like cipher IV, auth IV is expected
to be copied after the crypto operation.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Since IV parameters (offset and length) should not
change for operations in the same session, these parameters
are moved to the crypto transform structure, so they will
be stored in the sessions.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Since IV now is copied after the crypto operation, in
its private size, IV can be passed only with offset
and length.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
In order to facilitate the access to the private data,
after the crypto operation, two new macros have been
implemented:
- rte_crypto_op_ctod_offset(c,t,o), which returns a pointer
to "o" bytes after the start of the crypto operation
(rte_crypto_op)
- rte_crypto_op_ctophys_offset(c, o), which returns
the physical address of the data "o" bytes after the
start of the crypto operation (rte_crypto_op)
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
rte_crypto_op and rte_crypto_sym_op structures
were marked as cache aligned.
However, since these structures are always initialized
in a mempool, this alignment is useless, since the mempool
forces the alignment of its objects.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Instead of storing a pointer to operation specific parameters,
such as symmetric crypto parameters, use a zero-length array,
to mark that these parameters will be stored after the
generic crypto operation structure, which was already assumed
in the code, reducing the memory footprint of the crypto operation.
Besides, it is always expected to have rte_crypto_op
and rte_crypto_sym_op (the only operation specific parameters
structure right now) to be together, as they are initialized
as a single object in the crypto operation pool.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Storing a pointer to the user data is unnecessary,
since user can store additional data, after the crypto operation.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Instead of storing some crypto operation flags,
such as operation status, as enumerations,
store them as uint8_t, for memory efficiency.
Also, reserve extra 5 bytes in the crypto operation,
for future additions.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Session type (operation with or without session) is not
something specific to symmetric operations.
Therefore, the variable is moved to the generic crypto operation
structure.
Since this is an ABI change, the cryptodev library version
gets bumped.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Flag dev_started should be cleared after dev_stop() function call
because the flag is checked inside the dev_stop() function.
Fixes: d11b0f30df ("cryptodev: introduce API and framework for crypto devices")
Cc: stable@dpdk.org
Signed-off-by: Kirill Rybalchenko <kirill.rybalchenko@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Add PCI probe/remove/init/uninit functions in a separate
file rte_cryptodev_pci.h, which do not use cryptodev driver,
in order to be removed in next commits.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Call rte_cryptodev_pmd_release_device() if probing a
PCI crypto device, instead of accessing the variables
directly. This will be useful when rte_cryptodev_pci_probe()
gets moved to a separate file.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Move all functions handling virtual devices to a separate
header file "rte_cryptodev_vdev.h", in order to leave only
generic functions for any device in the rest of the files.
It also creates the file "rte_cryptodev_pmd.c", with the
implementations of these functions.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Do not set PCI information in the device information structure
for any crypto device, just for the ones that are PCI, so
this is set internally in the PCI crypto PMDs (only QAT now).
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
rte_cryptodev_devices_get() function returns an array of devices
sharing the same driver.
Instead of having two different paths depending on the device being
virtual or physical, retrieve the driver name from rte_device structure.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
rte_cryptodev_devices_get() function was parsing a crypto
device name as an argument, but the function actually
returns device identifiers of devices that share the
same crypto driver, so the argument should be driver name, instead.
Fixes: 38227c0e3a ("cryptodev: retrieve device info")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
When retrieving device information for a crypto driver,
driver name was only set when it was a PCI driver.
Getting the driver name from rte_device structure
allows rte_cryptodev_get_info() function to return it
regardless they are virtual or physical devices.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Only non virtual devices were storing the pointer to
rte_device structure in rte_cryptodev, which will be needed
to retrieve the driver name for any device.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Socket id parsed from the user was checked
if it was in the range of available sockets.
This check is unnecessary, as the socket specified
might not have memory anyway, so it will fail
at memory allocation.
Therefore, the best solution is to remove this check.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
The VDEV code will move to the bus drivers directory.
Rename functions from rte_eal_vdev_ to rte_vdev_
to prepare the move of the driver out of EAL.
The prefix rte_eal_vdrv_ is also renamed to rte_vdev_.
It was used for registration of vdev drivers.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Stephen Hemminger <stephen@networkplumber.org>
The PCI code will move to the bus drivers directory.
Rename functions from rte_eal_pci_ to rte_pci_
to prepare the move of the driver out of EAL.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Stephen Hemminger <stephen@networkplumber.org>
