[dpdk-dev] [PATCH v2] cryptodev: add ff_disable field in cryptodev config

[Anoob Joseph <anoobj@marvell.com>]

Adding a new field, ff_disable, to allow applications to control the
features enabled on the crypto device. This would allow for efficient
usage of HW/SW offloads.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
v2:
* Updated test & example applications to incorporate the default setting
  for ff_disable field. Disabling SECURITY offload for cases where only
  crypto is applicable & asymmetric crypto in case of ipsec etc.

 app/test-crypto-perf/main.c                   |  3 ++-
 app/test/test_cryptodev.c                     |  2 ++
 app/test/test_event_crypto_adapter.c          |  1 +
 app/test/test_ipsec.c                         |  1 +
 doc/guides/rel_notes/deprecation.rst          | 14 --------------
 doc/guides/rel_notes/release_19_08.rst        | 11 ++++++++++-
 examples/fips_validation/fips_dev_self_test.c |  6 +++++-
 examples/fips_validation/main.c               |  2 +-
 examples/ip_pipeline/cryptodev.c              |  1 +
 examples/ipsec-secgw/ipsec-secgw.c            |  1 +
 examples/l2fwd-crypto/main.c                  |  1 +
 examples/vhost_crypto/main.c                  |  1 +
 lib/librte_cryptodev/Makefile                 |  2 +-
 lib/librte_cryptodev/meson.build              |  2 +-
 lib/librte_cryptodev/rte_cryptodev.h          |  7 +++++++
 15 files changed, 35 insertions(+), 20 deletions(-)

diff --git a/app/test-crypto-perf/main.c b/app/test-crypto-perf/main.c
index 4247f6a..db02907 100644
--- a/app/test-crypto-perf/main.c
+++ b/app/test-crypto-perf/main.c
@@ -200,7 +200,8 @@ cperf_initialize_cryptodev(struct cperf_options *opts, uint8_t *enabled_cdevs)
 		}
 		struct rte_cryptodev_config conf = {
 			.nb_queue_pairs = opts->nb_qps,
-			.socket_id = socket_id
+			.socket_id = socket_id,
+			.ff_disable = RTE_CRYPTODEV_FF_SECURITY,
 		};
 
 		struct rte_cryptodev_qp_conf qp_conf = {
diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index eca6d3d..bcba5a5 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -430,6 +430,7 @@ testsuite_setup(void)
 
 	ts_params->conf.nb_queue_pairs = info.max_nb_queue_pairs;
 	ts_params->conf.socket_id = SOCKET_ID_ANY;
+	ts_params->conf.ff_disable = RTE_CRYPTODEV_FF_SECURITY;
 
 	unsigned int session_size =
 		rte_cryptodev_sym_get_private_session_size(dev_id);
@@ -524,6 +525,7 @@ ut_setup(void)
 
 	/* Reconfigure device to default parameters */
 	ts_params->conf.socket_id = SOCKET_ID_ANY;
+	ts_params->conf.ff_disable = RTE_CRYPTODEV_FF_SECURITY;
 	ts_params->qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT;
 	ts_params->qp_conf.mp_session = ts_params->session_mpool;
 	ts_params->qp_conf.mp_session_private = ts_params->session_priv_mpool;
diff --git a/app/test/test_event_crypto_adapter.c b/app/test/test_event_crypto_adapter.c
index f750ce3..7365502 100644
--- a/app/test/test_event_crypto_adapter.c
+++ b/app/test/test_event_crypto_adapter.c
@@ -548,6 +548,7 @@ configure_cryptodev(void)
 	rte_cryptodev_info_get(TEST_CDEV_ID, &info);
 	conf.nb_queue_pairs = info.max_nb_queue_pairs;
 	conf.socket_id = SOCKET_ID_ANY;
+	conf.ff_disable = RTE_CRYPTODEV_FF_SECURITY;
 
 	TEST_ASSERT_SUCCESS(rte_cryptodev_configure(TEST_CDEV_ID, &conf),
 			"Failed to configure cryptodev %u with %u qps\n",
diff --git a/app/test/test_ipsec.c b/app/test/test_ipsec.c
index 3993ff4..e880700 100644
--- a/app/test/test_ipsec.c
+++ b/app/test/test_ipsec.c
@@ -342,6 +342,7 @@ testsuite_setup(void)
 
 	ts_params->conf.nb_queue_pairs = info.max_nb_queue_pairs;
 	ts_params->conf.socket_id = SOCKET_ID_ANY;
+	ts_params->conf.ff_disable = RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO;
 
 	sess_sz = rte_cryptodev_sym_get_private_session_size(dev_id);
 	sess_sz = RTE_MAX(sess_sz, sizeof(struct rte_security_session));
diff --git a/doc/guides/rel_notes/deprecation.rst b/doc/guides/rel_notes/deprecation.rst
index e2721fa..2cc63d8 100644
--- a/doc/guides/rel_notes/deprecation.rst
+++ b/doc/guides/rel_notes/deprecation.rst
@@ -62,20 +62,6 @@ Deprecation Notices
   Target release for removal of the legacy API will be defined once most
   PMDs have switched to rte_flow.
 
-* cryptodev: New member in ``rte_cryptodev_config`` to allow applications to
-  disable features supported by the crypto device. Only the following features
-  would be allowed to be disabled this way,
-
-  - ``RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO``
-  - ``RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO``
-  - ``RTE_CRYPTODEV_FF_SECURITY``
-
-  Disabling unused features would facilitate efficient usage of HW/SW offload.
-
-  - Member ``uint64_t ff_disable`` in ``rte_cryptodev_config``
-
-  The field would be added in v19.08.
-
 * cryptodev: the ``uint8_t *data`` member of ``key`` structure in the xforms
   structure (``rte_crypto_cipher_xform``, ``rte_crypto_auth_xform``, and
   ``rte_crypto_aead_xform``) will be changed to ``const uint8_t *data``.
diff --git a/doc/guides/rel_notes/release_19_08.rst b/doc/guides/rel_notes/release_19_08.rst
index 8c3932d..c586e55 100644
--- a/doc/guides/rel_notes/release_19_08.rst
+++ b/doc/guides/rel_notes/release_19_08.rst
@@ -140,6 +140,15 @@ ABI Changes
    Also, make sure to start the actual text at the margin.
    =========================================================
 
+* cryptodev: New member in ``rte_cryptodev_config`` to allow applications to
+  disable features supported by the crypto device. Only the following features
+  would be allowed to be disabled this way,
+
+  - ``RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO``
+  - ``RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO``
+  - ``RTE_CRYPTODEV_FF_SECURITY``
+
+  Disabling unused features would facilitate efficient usage of HW/SW offload.
 
 Shared Library Versions
 -----------------------
@@ -171,7 +180,7 @@ The libraries prepended with a plus sign were incremented in this version.
      librte_cfgfile.so.2
      librte_cmdline.so.2
      librte_compressdev.so.1
-     librte_cryptodev.so.7
+   + librte_cryptodev.so.8
      librte_distributor.so.1
      librte_eal.so.10
      librte_efd.so.1
diff --git a/examples/fips_validation/fips_dev_self_test.c b/examples/fips_validation/fips_dev_self_test.c
index 444bbaa..17e8597 100644
--- a/examples/fips_validation/fips_dev_self_test.c
+++ b/examples/fips_validation/fips_dev_self_test.c
@@ -1557,12 +1557,16 @@ fips_dev_auto_test_uninit(uint8_t dev_id,
 static int
 fips_dev_auto_test_init(uint8_t dev_id, struct fips_dev_auto_test_env *env)
 {
-	struct rte_cryptodev_config conf = {rte_cryptodev_socket_id(dev_id), 1};
 	struct rte_cryptodev_qp_conf qp_conf = {128, NULL, NULL};
 	uint32_t sess_sz = rte_cryptodev_sym_get_private_session_size(dev_id);
+	struct rte_cryptodev_config conf;
 	char name[128];
 	int ret;
 
+	conf.socket_id = rte_cryptodev_socket_id(dev_id);
+	conf.nb_queue_pairs = 1;
+	conf.ff_disable = 0;
+
 	ret = rte_cryptodev_configure(dev_id, &conf);
 	if (ret < 0)
 		return ret;
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index aef4505..8135340 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -48,7 +48,7 @@ struct cryptodev_fips_validate_env {
 static int
 cryptodev_fips_validate_app_int(void)
 {
-	struct rte_cryptodev_config conf = {rte_socket_id(), 1};
+	struct rte_cryptodev_config conf = {rte_socket_id(), 1, 0};
 	struct rte_cryptodev_qp_conf qp_conf = {128, NULL, NULL};
 	uint32_t sess_sz = rte_cryptodev_sym_get_private_session_size(
 			env.dev_id);
diff --git a/examples/ip_pipeline/cryptodev.c b/examples/ip_pipeline/cryptodev.c
index 94a0462..b0d9f3d 100644
--- a/examples/ip_pipeline/cryptodev.c
+++ b/examples/ip_pipeline/cryptodev.c
@@ -93,6 +93,7 @@ cryptodev_create(const char *name, struct cryptodev_params *params)
 
 	dev_conf.socket_id = socket_id;
 	dev_conf.nb_queue_pairs = params->n_queues;
+	dev_conf.ff_disable = 0;
 
 	status = rte_cryptodev_configure(dev_id, &dev_conf);
 	if (status < 0)
diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
index 6c626fa..931e5ea 100644
--- a/examples/ipsec-secgw/ipsec-secgw.c
+++ b/examples/ipsec-secgw/ipsec-secgw.c
@@ -1720,6 +1720,7 @@ cryptodevs_init(void)
 
 		dev_conf.socket_id = rte_cryptodev_socket_id(cdev_id);
 		dev_conf.nb_queue_pairs = qp;
+		dev_conf.ff_disable = RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO;
 
 		uint32_t dev_max_sess = cdev_info.sym.max_nb_sessions;
 		if (dev_max_sess != 0 && dev_max_sess < CDEV_MP_NB_OBJS)
diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
index 09cd4c9..3fe2ba7 100644
--- a/examples/l2fwd-crypto/main.c
+++ b/examples/l2fwd-crypto/main.c
@@ -2256,6 +2256,7 @@ initialize_cryptodevs(struct l2fwd_crypto_options *options, unsigned nb_ports,
 		struct rte_cryptodev_config conf = {
 			.nb_queue_pairs = 1,
 			.socket_id = socket_id,
+			.ff_disable = RTE_CRYPTODEV_FF_SECURITY,
 		};
 
 		rte_cryptodev_info_get(cdev_id, &dev_info);
diff --git a/examples/vhost_crypto/main.c b/examples/vhost_crypto/main.c
index ac7118e..c7b747b 100644
--- a/examples/vhost_crypto/main.c
+++ b/examples/vhost_crypto/main.c
@@ -522,6 +522,7 @@ main(int argc, char *argv[])
 
 		config.nb_queue_pairs = dev_info.max_nb_queue_pairs;
 		config.socket_id = rte_lcore_to_socket_id(lo->lcore_id);
+		config.ff_disable = RTE_CRYPTODEV_FF_SECURITY;
 
 		ret = rte_cryptodev_configure(info->cid, &config);
 		if (ret < 0) {
diff --git a/lib/librte_cryptodev/Makefile b/lib/librte_cryptodev/Makefile
index c20e090..55d352a 100644
--- a/lib/librte_cryptodev/Makefile
+++ b/lib/librte_cryptodev/Makefile
@@ -7,7 +7,7 @@ include $(RTE_SDK)/mk/rte.vars.mk
 LIB = librte_cryptodev.a
 
 # library version
-LIBABIVER := 7
+LIBABIVER := 8
 
 # build flags
 CFLAGS += -O3
diff --git a/lib/librte_cryptodev/meson.build b/lib/librte_cryptodev/meson.build
index 9e009d4..0a2275d 100644
--- a/lib/librte_cryptodev/meson.build
+++ b/lib/librte_cryptodev/meson.build
@@ -1,7 +1,7 @@
 # SPDX-License-Identifier: BSD-3-Clause
 # Copyright(c) 2017-2019 Intel Corporation
 
-version = 7
+version = 8
 allow_experimental_apis = true
 sources = files('rte_cryptodev.c', 'rte_cryptodev_pmd.c')
 headers = files('rte_cryptodev.h',
diff --git a/lib/librte_cryptodev/rte_cryptodev.h b/lib/librte_cryptodev/rte_cryptodev.h
index 2d4f6d7..58bfab5 100644
--- a/lib/librte_cryptodev/rte_cryptodev.h
+++ b/lib/librte_cryptodev/rte_cryptodev.h
@@ -612,6 +612,13 @@ struct rte_cryptodev_config {
 	int socket_id;			/**< Socket to allocate resources on */
 	uint16_t nb_queue_pairs;
 	/**< Number of queue pairs to configure on device */
+	uint64_t ff_disable;
+	/**< Feature flags to be disabled. Only the following features are
+	 * allowed to be disabled,
+	 *  - RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO
+	 *  - RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO
+	 *  - RTE_CRYTPODEV_FF_SECURITY
+	 */
 };
 
 /**
-- 
2.7.4