Add crypto capabilities scope for zsda device.
Signed-off-by: Hanxiao Li <li.hanxiao@zte.com.cn>
---
doc/guides/cryptodevs/features/zsda.ini | 51 +++++++++
doc/guides/cryptodevs/zsda.rst | 26 +++++
doc/guides/rel_notes/release_25_07.rst | 8 ++
drivers/crypto/zsda/zsda_sym_capabilities.h | 111 ++++++++++++++++++++
drivers/crypto/zsda/zsda_sym_pmd.c | 29 ++++-
5 files changed, 224 insertions(+), 1 deletion(-)
create mode 100644 doc/guides/cryptodevs/features/zsda.ini
create mode 100644 drivers/crypto/zsda/zsda_sym_capabilities.h
diff --git a/doc/guides/cryptodevs/features/zsda.ini b/doc/guides/cryptodevs/features/zsda.ini
new file mode 100644
index 0000000000..b0f10f8de9
--- /dev/null
+++ b/doc/guides/cryptodevs/features/zsda.ini
@@ -0,0 +1,51 @@
+;
+; Supported features of the 'zsda' crypto driver.
+;
+; Refer to default.ini for the full list of available PMD features.
+;
+[Features]
+Symmetric crypto = Y
+HW Accelerated = Y
+In Place SGL = Y
+OOP SGL In SGL Out = Y
+OOP SGL In LB Out = Y
+OOP LB In SGL Out = Y
+OOP LB In LB Out = Y
+
+;
+; Supported crypto algorithms of the 'zsda' crypto driver.
+;
+[Cipher]
+AES XTS (128) = Y
+AES XTS (256) = Y
+SM4 XTS = Y
+
+;
+; Supported authentication algorithms of the 'zsda' crypto driver.
+;
+[Auth]
+SHA1 = Y
+SHA224 = Y
+SHA256 = Y
+SHA384 = Y
+SHA512 = Y
+SM3 = Y
+
+
+;
+; Supported AEAD algorithms of the 'zsda' crypto driver.
+;
+[AEAD]
+
+
+;
+; Supported Asymmetric algorithms of the 'zsda' crypto driver.
+;
+[Asymmetric]
+
+
+;
+; Supported Operating systems of the 'zsda' crypto driver.
+;
+[OS]
+Linux = Y
diff --git a/doc/guides/cryptodevs/zsda.rst b/doc/guides/cryptodevs/zsda.rst
index 0a7aeb2d50..2b7de0422d 100644
--- a/doc/guides/cryptodevs/zsda.rst
+++ b/doc/guides/cryptodevs/zsda.rst
@@ -13,14 +13,40 @@ support for the following hardware accelerator devices:
Features
--------
+The ZSDA SYM PMD has support for:
+
+Cipher algorithms:
+
+* ``RTE_CRYPTO_CIPHER_AES_XTS``
+* ``RTE_CRYPTO_CIPHER_SM4_XTS``
+
+Hash algorithms:
+
+* ``RTE_CRYPTO_AUTH_SHA1``
+* ``RTE_CRYPTO_AUTH_SHA224``
+* ``RTE_CRYPTO_AUTH_SHA256``
+* ``RTE_CRYPTO_AUTH_SHA384``
+* ``RTE_CRYPTO_AUTH_SHA512``
+* ``RTE_CRYPTO_AUTH_SM3``
+
Limitations
-----------
+* Only supports the session-oriented API implementation (session-less APIs are
+ not supported).
+* No BSD and Windows support.
+* Queue-pairs are thread-safe on Intel CPUs but Queues are not (that is, within
+ a single queue-pair all enqueues to the TX queue must be done from one thread
+ and all dequeues from the RX queue must be done from one thread, but enqueues
+ and dequeues may be done in different threads.)
+
Installation
------------
+The ZSDA crypto service is built by default with a standard DPDK build.
+
Testing
-------
diff --git a/doc/guides/rel_notes/release_25_07.rst b/doc/guides/rel_notes/release_25_07.rst
index 093b85d206..8cd5d53ef3 100644
--- a/doc/guides/rel_notes/release_25_07.rst
+++ b/doc/guides/rel_notes/release_25_07.rst
@@ -56,6 +56,14 @@ New Features
=======================================================
+* **Added ZTE Storage Data Accelerator (ZSDA) crypto driver.**
+
+ Added a crypto driver for ZSDA devices
+ to support some encrypt, decrypt and hash algorithm.
+
+ See the :doc:`../cryptodevs/zsda` guide for more details on the new driver.
+
+
Removed Items
-------------
diff --git a/drivers/crypto/zsda/zsda_sym_capabilities.h b/drivers/crypto/zsda/zsda_sym_capabilities.h
new file mode 100644
index 0000000000..3c890f8fa7
--- /dev/null
+++ b/drivers/crypto/zsda/zsda_sym_capabilities.h
@@ -0,0 +1,111 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2025 ZTE Corporation
+ */
+
+#ifndef _ZSDA_SYM_CAPABILITIES_H_
+#define _ZSDA_SYM_CAPABILITIES_H_
+
+static const struct rte_cryptodev_capabilities zsda_crypto_sym_capabilities[] = {
+ {/* SHA1 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ { .auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA1,
+ .block_size = 64,
+ .key_size = {.min = 0, .max = 0, .increment = 0},
+ .digest_size = {.min = 20, .max = 20, .increment = 2},
+ .iv_size = {0} },
+ } },
+ }
+ },
+ {/* SHA224 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ { .auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA224,
+ .block_size = 64,
+ .key_size = {.min = 0, .max = 0, .increment = 0},
+ .digest_size = {.min = 28, .max = 28, .increment = 0},
+ .iv_size = {0} },
+ } },
+ }
+ },
+ {/* SHA256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ { .auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA256,
+ .block_size = 64,
+ .key_size = {.min = 0, .max = 0, .increment = 0},
+ .digest_size = {.min = 32, .max = 32, .increment = 0},
+ .iv_size = {0} },
+ } },
+ }
+ },
+ {/* SHA384 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ { .auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA384,
+ .block_size = 128,
+ .key_size = {.min = 0, .max = 0, .increment = 0},
+ .digest_size = {.min = 48, .max = 48, .increment = 0},
+ .iv_size = {0} },
+ } },
+ }
+ },
+ {/* SHA512 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ { .auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA512,
+ .block_size = 128,
+ .key_size = {.min = 0, .max = 0, .increment = 0},
+ .digest_size = {.min = 64, .max = 64, .increment = 0},
+ .iv_size = {0} },
+ } },
+ }
+ },
+ {/* SM3 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ { .auth = {
+ .algo = RTE_CRYPTO_AUTH_SM3,
+ .block_size = 64,
+ .key_size = {.min = 0, .max = 0, .increment = 0},
+ .digest_size = {.min = 32, .max = 32, .increment = 0},
+ .iv_size = {0} },
+ } },
+ }
+ },
+ {/* AES XTS */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ { .cipher = {
+ .algo = RTE_CRYPTO_CIPHER_AES_XTS,
+ .block_size = 16,
+ .key_size = {.min = 32, .max = 64, .increment = 32},
+ .iv_size = {.min = 16, .max = 16, .increment = 0} },
+ } },
+ }
+ },
+ {/* SM4 XTS */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ { .cipher = {
+ .algo = RTE_CRYPTO_CIPHER_SM4_XTS,
+ .block_size = 16,
+ .key_size = {.min = 32, .max = 32, .increment = 0},
+ .iv_size = {.min = 16, .max = 16, .increment = 0} },
+ } },
+ }
+ }
+};
+#endif /* _ZSDA_SYM_CAPABILITIES_H_ */
diff --git a/drivers/crypto/zsda/zsda_sym_pmd.c b/drivers/crypto/zsda/zsda_sym_pmd.c
index 4b9905b1be..96fbadcfb2 100644
--- a/drivers/crypto/zsda/zsda_sym_pmd.c
+++ b/drivers/crypto/zsda/zsda_sym_pmd.c
@@ -7,6 +7,7 @@
#include "zsda_sym_pmd.h"
#include "zsda_sym_session.h"
#include "zsda_sym.h"
+#include "zsda_sym_capabilities.h"
uint8_t zsda_sym_driver_id;
@@ -265,8 +266,11 @@ zsda_sym_dev_create(struct zsda_pci_device *zsda_pci_dev)
};
char name[RTE_CRYPTODEV_NAME_MAX_LEN];
+ char capa_memz_name[RTE_COMPRESSDEV_NAME_MAX_LEN];
struct rte_cryptodev *cryptodev;
struct zsda_sym_dev_private *sym_dev_priv;
+ const struct rte_cryptodev_capabilities *capabilities;
+ uint64_t capa_size;
if (rte_eal_process_type() != RTE_PROC_PRIMARY)
return ZSDA_SUCCESS;
@@ -293,11 +297,34 @@ zsda_sym_dev_create(struct zsda_pci_device *zsda_pci_dev)
cryptodev->enqueue_burst = zsda_sym_pmd_enqueue_op_burst;
cryptodev->dequeue_burst = zsda_sym_pmd_dequeue_op_burst;
- cryptodev->feature_flags = 0;
+ cryptodev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
+ RTE_CRYPTODEV_FF_SYM_SESSIONLESS |
+ RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT |
+ RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT |
+ RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
+ RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |
+ RTE_CRYPTODEV_FF_HW_ACCELERATED;
+ capabilities = zsda_crypto_sym_capabilities;
sym_dev_priv = cryptodev->data->dev_private;
sym_dev_priv->zsda_pci_dev = zsda_pci_dev;
sym_dev_priv->cryptodev = cryptodev;
+ capa_size = sizeof(zsda_crypto_sym_capabilities);
+
+ snprintf(capa_memz_name, RTE_CRYPTODEV_NAME_MAX_LEN, "ZSDA_SYM_CAPA");
+
+ sym_dev_priv->capa_mz = rte_memzone_lookup(capa_memz_name);
+ if (sym_dev_priv->capa_mz == NULL)
+ sym_dev_priv->capa_mz = rte_memzone_reserve(
+ capa_memz_name, capa_size, rte_socket_id(), 0);
+
+ if (sym_dev_priv->capa_mz == NULL) {
+ ZSDA_LOG(ERR, "Failed! sym_dev_priv->capa_mz");
+ goto error;
+ }
+
+ memcpy(sym_dev_priv->capa_mz->addr, capabilities, capa_size);
+ sym_dev_priv->zsda_dev_capabilities = sym_dev_priv->capa_mz->addr;
zsda_pci_dev->sym_dev_priv = sym_dev_priv;
--
2.27.0