From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 88FA6A057C; Thu, 26 Mar 2020 17:22:33 +0100 (CET) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id B261E1C029; Thu, 26 Mar 2020 17:22:22 +0100 (CET) Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by dpdk.org (Postfix) with ESMTP id 164532C15 for ; Thu, 26 Mar 2020 17:22:14 +0100 (CET) IronPort-SDR: XHOwyxqF5FA/+AJFowT4ndakpBiPBPYZLpWNlrgNMjW6/JWJwApqvTUpyHOB+ydsAXxX+x95/f WHkRa71lkizA== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Mar 2020 09:22:14 -0700 IronPort-SDR: 3W15sHidYB8U4Ckh+ZDPSOxnZ0VYNhArm+7v0ui2pY/XJA4DUNm3Dhe0bGD4A9tAE3yZ7O+rhm ecHPyhtAXR1g== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.72,309,1580803200"; d="scan'208";a="358196366" Received: from adamdybx-mobl.ger.corp.intel.com (HELO localhost.localdomain) ([10.104.121.54]) by fmsmga001.fm.intel.com with ESMTP; 26 Mar 2020 09:22:12 -0700 From: Adam Dybkowski To: dev@dpdk.org, fiona.trahe@intel.com, akhil.goyal@nxp.com Cc: Adam Dybkowski Date: Thu, 26 Mar 2020 17:22:08 +0100 Message-Id: <20200326162208.12158-3-adamx.dybkowski@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200326162208.12158-1-adamx.dybkowski@intel.com> References: <20200316122421.21546-1-adamx.dybkowski@intel.com> <20200326162208.12158-1-adamx.dybkowski@intel.com> Subject: [dpdk-dev] [PATCH v4 2/2] crypto/qat: handle mixed hash-cipher crypto on GEN2 QAT X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch adds handling of mixed hash-cipher algorithms available on GEN2 QAT in particular firmware versions. Also the documentation is updated to show the mixed crypto algorithms are supported on QAT GEN2. Signed-off-by: Adam Dybkowski --- doc/guides/cryptodevs/qat.rst | 13 ++++++++----- doc/guides/rel_notes/release_20_05.rst | 7 +++++++ drivers/crypto/qat/qat_sym_pmd.c | 27 ++++++++++++++++++++++++++ drivers/crypto/qat/qat_sym_pmd.h | 5 +++++ drivers/crypto/qat/qat_sym_session.c | 17 ++++++++++------ 5 files changed, 58 insertions(+), 11 deletions(-) diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst index 1e83ed626..c79e686de 100644 --- a/doc/guides/cryptodevs/qat.rst +++ b/doc/guides/cryptodevs/qat.rst @@ -82,18 +82,17 @@ All the usual chains are supported and also some mixed chains: +------------------+-----------+-------------+----------+----------+ | Cipher algorithm | NULL AUTH | SNOW3G UIA2 | ZUC EIA3 | AES CMAC | +==================+===========+=============+==========+==========+ - | NULL CIPHER | Y | 3 | 3 | Y | + | NULL CIPHER | Y | 2&3 | 2&3 | Y | +------------------+-----------+-------------+----------+----------+ - | SNOW3G UEA2 | 3 | Y | 3 | 3 | + | SNOW3G UEA2 | 2&3 | Y | 2&3 | 2&3 | +------------------+-----------+-------------+----------+----------+ - | ZUC EEA3 | 3 | 3 | 2&3 | 3 | + | ZUC EEA3 | 2&3 | 2&3 | 2&3 | 2&3 | +------------------+-----------+-------------+----------+----------+ - | AES CTR | Y | 3 | 3 | Y | + | AES CTR | Y | 2&3 | 2&3 | Y | +------------------+-----------+-------------+----------+----------+ * The combinations marked as "Y" are supported on all QAT hardware versions. * The combinations marked as "2&3" are supported on GEN2/GEN3 QAT hardware only. -* The combinations marked as "3" are supported on GEN3 QAT hardware only. Limitations @@ -120,6 +119,8 @@ Limitations enqueued to the device and will be marked as failed. The simplest way to mitigate this is to use the bdf whitelist to avoid mixing devices of different generations in the same process if planning to use for GCM. +* The mixed algo feature on GEN2 is not supported by all kernel drivers. Check + the notes under the Available Kernel Drivers table below for specific details. Extra notes on KASUMI F9 ~~~~~~~~~~~~~~~~~~~~~~~~ @@ -379,6 +380,8 @@ to see the full table) | Yes | No | No | 3 | P5xxx | p | qat_p5xxx | p5xxx | 18a0 | 1 | 18a1 | 128 | +-----+-----+-----+-----+----------+---------------+---------------+------------+--------+------+--------+--------+ +* Note: Symmetric mixed crypto algorithms feature on Gen 2 works only with 01.org driver version 4.9.0+ + The first 3 columns indicate the service: * S = Symmetric crypto service (via cryptodev API) diff --git a/doc/guides/rel_notes/release_20_05.rst b/doc/guides/rel_notes/release_20_05.rst index 1dfcfccee..fe3e649d5 100644 --- a/doc/guides/rel_notes/release_20_05.rst +++ b/doc/guides/rel_notes/release_20_05.rst @@ -70,6 +70,13 @@ New Features by making use of the event device capabilities. The event mode currently supports only inline IPsec protocol offload. +* **Added handling of mixed crypto algorithms in QAT PMD for GEN2.** + + Enabled handling of mixed algorithms in encrypted digest hash-cipher + (generation) and cipher-hash (verification) requests in QAT PMD + when running on GEN2 QAT hardware with particular firmware versions + (GEN3 support was added in DPDK 20.02). + Removed Items ------------- diff --git a/drivers/crypto/qat/qat_sym_pmd.c b/drivers/crypto/qat/qat_sym_pmd.c index 50abdf6f5..e887c880f 100644 --- a/drivers/crypto/qat/qat_sym_pmd.c +++ b/drivers/crypto/qat/qat_sym_pmd.c @@ -14,6 +14,8 @@ #include "qat_sym_session.h" #include "qat_sym_pmd.h" +#define MIXED_CRYPTO_MIN_FW_VER 0x04090000 + uint8_t cryptodev_qat_driver_id; static const struct rte_cryptodev_capabilities qat_gen1_sym_capabilities[] = { @@ -187,6 +189,31 @@ static int qat_sym_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id, qat_sgl_dst); } + /* Get fw version from QAT (GEN2), skip if we've got it already */ + if (qp->qat_dev_gen == QAT_GEN2 && !(qat_private->internal_capabilities + & QAT_SYM_CAP_VALID)) { + ret = qat_cq_get_fw_version(qp); + + if (ret < 0) { + qat_sym_qp_release(dev, qp_id); + return ret; + } + + if (ret != 0) + QAT_LOG(DEBUG, "QAT firmware version: %d.%d.%d", + (ret >> 24) & 0xff, + (ret >> 16) & 0xff, + (ret >> 8) & 0xff); + else + QAT_LOG(DEBUG, "unknown QAT firmware version"); + + /* set capabilities based on the fw version */ + qat_private->internal_capabilities = QAT_SYM_CAP_VALID | + ((ret >= MIXED_CRYPTO_MIN_FW_VER) ? + QAT_SYM_CAP_MIXED_CRYPTO : 0); + ret = 0; + } + return ret; } diff --git a/drivers/crypto/qat/qat_sym_pmd.h b/drivers/crypto/qat/qat_sym_pmd.h index a32c25abc..a5a31e512 100644 --- a/drivers/crypto/qat/qat_sym_pmd.h +++ b/drivers/crypto/qat/qat_sym_pmd.h @@ -15,6 +15,10 @@ /** Intel(R) QAT Symmetric Crypto PMD driver name */ #define CRYPTODEV_NAME_QAT_SYM_PMD crypto_qat +/* Internal capabilities */ +#define QAT_SYM_CAP_MIXED_CRYPTO (1 << 0) +#define QAT_SYM_CAP_VALID (1 << 31) + extern uint8_t cryptodev_qat_driver_id; /** private data structure for a QAT device. @@ -29,6 +33,7 @@ struct qat_sym_dev_private { const struct rte_cryptodev_capabilities *qat_dev_capabilities; /* QAT device symmetric crypto capabilities */ uint16_t min_enq_burst_threshold; + uint32_t internal_capabilities; /* see flags QAT_SYM_CAP_xxx */ }; int diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c index 61ab9edc4..fd2cc382e 100644 --- a/drivers/crypto/qat/qat_sym_session.c +++ b/drivers/crypto/qat/qat_sym_session.c @@ -464,18 +464,23 @@ qat_sym_session_set_ext_hash_flags(struct qat_sym_session *session, } static void -qat_sym_session_handle_mixed(struct qat_sym_session *session) +qat_sym_session_handle_mixed(const struct rte_cryptodev *dev, + struct qat_sym_session *session) { + const struct qat_sym_dev_private *qat_private = dev->data->dev_private; + enum qat_device_gen min_dev_gen = (qat_private->internal_capabilities & + QAT_SYM_CAP_MIXED_CRYPTO) ? QAT_GEN2 : QAT_GEN3; + if (session->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_ZUC_3G_128_EIA3 && session->qat_cipher_alg != ICP_QAT_HW_CIPHER_ALGO_ZUC_3G_128_EEA3) { - session->min_qat_dev_gen = QAT_GEN3; + session->min_qat_dev_gen = min_dev_gen; qat_sym_session_set_ext_hash_flags(session, 1 << ICP_QAT_FW_AUTH_HDR_FLAG_ZUC_EIA3_BITPOS); } else if (session->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_SNOW_3G_UIA2 && session->qat_cipher_alg != ICP_QAT_HW_CIPHER_ALGO_SNOW_3G_UEA2) { - session->min_qat_dev_gen = QAT_GEN3; + session->min_qat_dev_gen = min_dev_gen; qat_sym_session_set_ext_hash_flags(session, 1 << ICP_QAT_FW_AUTH_HDR_FLAG_SNOW3G_UIA2_BITPOS); } else if ((session->aes_cmac || @@ -484,7 +489,7 @@ qat_sym_session_handle_mixed(struct qat_sym_session *session) ICP_QAT_HW_CIPHER_ALGO_SNOW_3G_UEA2 || session->qat_cipher_alg == ICP_QAT_HW_CIPHER_ALGO_ZUC_3G_128_EEA3)) { - session->min_qat_dev_gen = QAT_GEN3; + session->min_qat_dev_gen = min_dev_gen; qat_sym_session_set_ext_hash_flags(session, 0); } } @@ -537,7 +542,7 @@ qat_sym_session_set_parameters(struct rte_cryptodev *dev, if (ret < 0) return ret; /* Special handling of mixed hash+cipher algorithms */ - qat_sym_session_handle_mixed(session); + qat_sym_session_handle_mixed(dev, session); } break; case ICP_QAT_FW_LA_CMD_HASH_CIPHER: @@ -556,7 +561,7 @@ qat_sym_session_set_parameters(struct rte_cryptodev *dev, if (ret < 0) return ret; /* Special handling of mixed hash+cipher algorithms */ - qat_sym_session_handle_mixed(session); + qat_sym_session_handle_mixed(dev, session); } break; case ICP_QAT_FW_LA_CMD_TRNG_GET_RANDOM: -- 2.17.1