FD.io VPP  v21.10.1-2-g0a485f517
Vector Packet Processing
cryptodev.h
Go to the documentation of this file.
1 /*
2  *------------------------------------------------------------------
3  * Copyright (c) 2019 - 2021 Intel and/or its affiliates.
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at:
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  *------------------------------------------------------------------
16  */
17 #ifndef included_cryptodev_h
18 #define included_cryptodev_h
19 
20 #include <vnet/crypto/crypto.h>
21 #undef always_inline
22 #include <rte_cryptodev.h>
23 
24 #define CRYPTODEV_NB_CRYPTO_OPS 1024
25 #define CRYPTODEV_CACHE_QUEUE_SIZE VNET_CRYPTO_FRAME_POOL_SIZE
26 #define CRYPTODEV_CACHE_QUEUE_MASK (VNET_CRYPTO_FRAME_POOL_SIZE - 1)
27 #define CRYPTODEV_MAX_INFLIGHT (CRYPTODEV_NB_CRYPTO_OPS - 1)
28 #define CRYPTODEV_AAD_MASK (CRYPTODEV_NB_CRYPTO_OPS - 1)
29 #define CRYPTODEV_DEQ_CACHE_SZ 32
30 #define CRYPTODEV_NB_SESSION 10240
31 #define CRYPTODEV_MAX_IV_SIZE 16
32 #define CRYPTODEV_MAX_AAD_SIZE 16
33 #define CRYPTODEV_MAX_N_SGL 8 /**< maximum number of segments */
34 
35 #define CRYPTODEV_IV_OFFSET (offsetof (cryptodev_op_t, iv))
36 #define CRYPTODEV_AAD_OFFSET (offsetof (cryptodev_op_t, aad))
37 
38 /* VNET_CRYPTO_ALGO, TYPE, DPDK_CRYPTO_ALGO, IV_LEN, TAG_LEN, AAD_LEN, KEY_LEN
39  */
40 #define foreach_vnet_aead_crypto_conversion \
41  _ (AES_128_GCM, AEAD, AES_GCM, 12, 16, 8, 16) \
42  _ (AES_128_GCM, AEAD, AES_GCM, 12, 16, 12, 16) \
43  _ (AES_192_GCM, AEAD, AES_GCM, 12, 16, 8, 24) \
44  _ (AES_192_GCM, AEAD, AES_GCM, 12, 16, 12, 24) \
45  _ (AES_256_GCM, AEAD, AES_GCM, 12, 16, 8, 32) \
46  _ (AES_256_GCM, AEAD, AES_GCM, 12, 16, 12, 32)
47 
48 /**
49  * crypto (alg, cryptodev_alg, key_size), hash (alg, digest-size)
50  **/
51 #define foreach_cryptodev_link_async_alg \
52  _ (AES_128_CBC, AES_CBC, 16, MD5, 12) \
53  _ (AES_192_CBC, AES_CBC, 24, MD5, 12) \
54  _ (AES_256_CBC, AES_CBC, 32, MD5, 12) \
55  _ (AES_128_CBC, AES_CBC, 16, SHA1, 12) \
56  _ (AES_192_CBC, AES_CBC, 24, SHA1, 12) \
57  _ (AES_256_CBC, AES_CBC, 32, SHA1, 12) \
58  _ (AES_128_CBC, AES_CBC, 16, SHA224, 14) \
59  _ (AES_192_CBC, AES_CBC, 24, SHA224, 14) \
60  _ (AES_256_CBC, AES_CBC, 32, SHA224, 14) \
61  _ (AES_128_CBC, AES_CBC, 16, SHA256, 16) \
62  _ (AES_192_CBC, AES_CBC, 24, SHA256, 16) \
63  _ (AES_256_CBC, AES_CBC, 32, SHA256, 16) \
64  _ (AES_128_CBC, AES_CBC, 16, SHA384, 24) \
65  _ (AES_192_CBC, AES_CBC, 24, SHA384, 24) \
66  _ (AES_256_CBC, AES_CBC, 32, SHA384, 24) \
67  _ (AES_128_CBC, AES_CBC, 16, SHA512, 32) \
68  _ (AES_192_CBC, AES_CBC, 24, SHA512, 32) \
69  _ (AES_256_CBC, AES_CBC, 32, SHA512, 32)
70 
71 typedef enum
72 {
77 
78 /* Cryptodev session data, one data per direction per numa */
79 typedef struct
80 {
81  struct rte_cryptodev_sym_session ***keys;
83 
84 /* Replicate DPDK rte_cryptodev_sym_capability structure with key size ranges
85  * in favor of vpp vector */
86 typedef struct
87 {
88  enum rte_crypto_sym_xform_type xform_type;
89  union
90  {
91  struct
92  {
93  enum rte_crypto_auth_algorithm algo; /*auth algo */
94  u32 *digest_sizes; /* vector of auth digest sizes */
95  } auth;
96  struct
97  {
98  enum rte_crypto_cipher_algorithm algo; /* cipher algo */
99  u32 *key_sizes; /* vector of cipher key sizes */
100  } cipher;
101  struct
102  {
103  enum rte_crypto_aead_algorithm algo; /* aead algo */
104  u32 *key_sizes; /*vector of aead key sizes */
105  u32 *aad_sizes; /*vector of aad sizes */
106  u32 *digest_sizes; /* vector of aead digest sizes */
107  } aead;
108  };
110 
111 /* Cryptodev instance data */
112 typedef struct
113 {
116  char *desc;
118 
119 typedef struct
120 {
121  struct rte_mempool *sess_pool;
122  struct rte_mempool *sess_priv_pool;
124 
125 typedef struct
126 {
127  CLIB_CACHE_LINE_ALIGN_MARK (cacheline0);
128  struct rte_crypto_op op;
129  struct rte_crypto_sym_op sop;
135 
136 typedef struct
137 {
138  CLIB_CACHE_LINE_ALIGN_MARK (cacheline0);
140  union
141  {
142  struct
143  {
145  struct rte_mempool *cop_pool;
146  struct rte_ring *ring;
147  };
148  struct
149  {
150  struct rte_crypto_raw_dp_ctx *ctx;
151  struct rte_ring *cached_frame;
155  struct rte_cryptodev_sym_session *reset_sess;
156  };
157  };
162 
163 typedef struct
164 {
168  enum rte_iova_mode iova_mode;
175 
177 
181 {
182  u32 n_elts = f->n_elts, i;
183 
184  for (i = 0; i < n_elts; i++)
185  f->elts[i].status = s;
187 }
188 
190  u32 aad_len);
191 
193  vnet_crypto_key_index_t idx, u32 aad_len);
194 
195 int cryptodev_check_cap_support (struct rte_cryptodev_sym_capability_idx *idx,
196  u32 key_size, u32 digest_size, u32 aad_size);
197 
199 
201  u32 eidx);
202 
204 
205 #endif
cryptodev_engine_thread_t::inflight
u16 inflight
Definition: cryptodev.h:160
cryptodev_sess_handler
void cryptodev_sess_handler(vlib_main_t *vm, vnet_crypto_key_op_t kop, vnet_crypto_key_index_t idx, u32 aad_len)
Definition: cryptodev.c:272
cryptodev_capability_t::key_sizes
u32 * key_sizes
Definition: cryptodev.h:99
auth
vl_api_ikev2_auth_t auth
Definition: ikev2_types.api:88
cryptodev_main
cryptodev_main_t cryptodev_main
Definition: cryptodev.c:43
cryptodev_numa_data_t::sess_pool
struct rte_mempool * sess_pool
Definition: cryptodev.h:121
cryptodev_engine_thread_t::cryptodev_q
u16 cryptodev_q
Definition: cryptodev.h:159
cryptodev_engine_thread_t::cop_pool
struct rte_mempool * cop_pool
Definition: cryptodev.h:145
crypto.h
cryptodev_main_t::active_cdev_inst_mask
clib_bitmap_t * active_cdev_inst_mask
Definition: cryptodev.h:170
f
vlib_frame_t * f
Definition: interface_output.c:1098
CLIB_CACHE_LINE_ALIGN_MARK
#define CLIB_CACHE_LINE_ALIGN_MARK(mark)
Definition: cache.h:60
clib_bitmap_t
uword clib_bitmap_t
Definition: bitmap.h:50
CRYPTODEV_OP_TYPE_DECRYPT
@ CRYPTODEV_OP_TYPE_DECRYPT
Definition: cryptodev.h:74
cryptodev_main_t
Definition: cryptodev.h:163
CRYPTODEV_MAX_IV_SIZE
#define CRYPTODEV_MAX_IV_SIZE
Definition: cryptodev.h:31
VNET_CRYPTO_FRAME_SIZE
#define VNET_CRYPTO_FRAME_SIZE
Definition: crypto.h:21
u16
unsigned short u16
Definition: types.h:57
cryptodev_main_t::supported_caps
cryptodev_capability_t * supported_caps
Definition: cryptodev.h:172
vnet_crypto_key_index_t
u32 vnet_crypto_key_index_t
Definition: crypto.h:378
vnet_crypto_async_frame_t
Definition: crypto.h:358
vm
vlib_main_t * vm
X-connect all packets from the HOST to the PHY.
Definition: nat44_ei.c:3047
CRYPTODEV_OP_TYPE_ENCRYPT
@ CRYPTODEV_OP_TYPE_ENCRYPT
Definition: cryptodev.h:73
cryptodev_engine_thread_t
Definition: cryptodev.h:136
cryptodev_main_t::keys
cryptodev_key_t * keys
Definition: cryptodev.h:166
cryptodev_engine_thread_t::cryptodev_id
u16 cryptodev_id
Definition: cryptodev.h:158
cryptodev_engine_thread_t::reset_sess
struct rte_cryptodev_sym_session * reset_sess
Definition: cryptodev.h:155
cryptodev_numa_data_t::sess_priv_pool
struct rte_mempool * sess_priv_pool
Definition: cryptodev.h:122
cryptodev_capability_t::aad_sizes
u32 * aad_sizes
Definition: cryptodev.h:105
cryptodev_check_cap_support
int cryptodev_check_cap_support(struct rte_cryptodev_sym_capability_idx *idx, u32 key_size, u32 digest_size, u32 aad_size)
Definition: cryptodev.c:719
cryptodev_register_raw_hdl
clib_error_t *__clib_weak cryptodev_register_raw_hdl(vlib_main_t *vm, u32 eidx)
Definition: cryptodev_raw_data_path.c:631
dpdk_cryptodev_init
clib_error_t *__clib_weak dpdk_cryptodev_init(vlib_main_t *vm)
Definition: cryptodev.c:1061
cryptodev_main_t::is_raw_api
u8 is_raw_api
Definition: cryptodev.h:173
cryptodev_key_t
Definition: cryptodev.h:79
cryptodev_main_t::cryptodev_inst
cryptodev_inst_t * cryptodev_inst
Definition: cryptodev.h:169
cryptodev_op_t
Definition: cryptodev.h:125
static_always_inline
#define static_always_inline
Definition: clib.h:112
clib_spinlock_s
Definition: lock.h:51
cryptodev_main_t::tlock
clib_spinlock_t tlock
Definition: cryptodev.h:171
cryptodev_main_t::per_thread_data
cryptodev_engine_thread_t * per_thread_data
Definition: cryptodev.h:167
cryptodev_session_create
int cryptodev_session_create(vlib_main_t *vm, vnet_crypto_key_index_t idx, u32 aad_len)
Definition: cryptodev.c:326
cryptodev_engine_thread_t::aad_buf
u8 * aad_buf
Definition: cryptodev.h:153
cryptodev_capability_t
Definition: cryptodev.h:86
cryptodev_engine_thread_t::cops
cryptodev_op_t ** cops
Definition: cryptodev.h:144
cryptodev_mark_frame_err_status
static_always_inline void cryptodev_mark_frame_err_status(vnet_crypto_async_frame_t *f, vnet_crypto_op_status_t s)
Definition: cryptodev.h:179
cryptodev_engine_thread_t::ring
struct rte_ring * ring
Definition: cryptodev.h:146
cryptodev_op_type_t
cryptodev_op_type_t
Definition: cryptodev.h:71
cryptodev_inst_t::dev_id
u32 dev_id
Definition: cryptodev.h:114
cryptodev_inst_t
Definition: cryptodev.h:112
cryptodev_inst_t::q_id
u32 q_id
Definition: cryptodev.h:115
cryptodev_engine_thread_t::aad_index
u16 aad_index
Definition: cryptodev.h:152
u64
unsigned long u64
Definition: types.h:89
cryptodev_capability_t::digest_sizes
u32 * digest_sizes
Definition: cryptodev.h:94
u32
unsigned int u32
Definition: types.h:88
VNET_CRYPTO_FRAME_STATE_NOT_PROCESSED
@ VNET_CRYPTO_FRAME_STATE_NOT_PROCESSED
Definition: crypto.h:350
iv
static u8 iv[]
Definition: aes_cbc.c:24
CRYPTODEV_N_OP_TYPES
@ CRYPTODEV_N_OP_TYPES
Definition: cryptodev.h:75
vnet_crypto_key_op_t
vnet_crypto_key_op_t
Definition: crypto.h:129
CRYPTODEV_MAX_AAD_SIZE
#define CRYPTODEV_MAX_AAD_SIZE
Definition: cryptodev.h:32
cryptodev_inst_t::desc
char * desc
Definition: cryptodev.h:116
vlib_main_t
Definition: main.h:102
cryptodev_engine_thread_t::ctx
struct rte_crypto_raw_dp_ctx * ctx
Definition: cryptodev.h:150
b
vlib_buffer_t ** b
Definition: nat44_ei_out2in.c:717
u8
unsigned char u8
Definition: types.h:56
clib_error_t
Definition: clib_error.h:21
cryptodev_numa_data_t
Definition: cryptodev.h:119
cryptodev_engine_thread_t::cached_frame
struct rte_ring * cached_frame
Definition: cryptodev.h:151
i
int i
Definition: flowhash_template.h:376
cryptodev_main_t::per_numa_data
cryptodev_numa_data_t * per_numa_data
Definition: cryptodev.h:165
cryptodev_op_t::frame
vnet_crypto_async_frame_t * frame
Definition: cryptodev.h:132
cryptodev_register_cop_hdl
clib_error_t * cryptodev_register_cop_hdl(vlib_main_t *vm, u32 eidx)
Definition: cryptodev_op_data_path.c:509
cryptodev_engine_thread_t::aad_phy_addr
u64 aad_phy_addr
Definition: cryptodev.h:154
cryptodev_key_t::keys
struct rte_cryptodev_sym_session *** keys
Definition: cryptodev.h:81
vnet_crypto_op_status_t
vnet_crypto_op_status_t
Definition: crypto.h:136
cryptodev_op_t::n_elts
u32 n_elts
Definition: cryptodev.h:133
vlib_buffer_t
VLIB buffer representation.
Definition: buffer.h:111