From: Nagadheeraj Rottela <rnagadheeraj@marvell.com>
To: <akhil.goyal@nxp.com>
Cc: <dev@dpdk.org>, <jsrikanth@marvell.com>,
Nagadheeraj Rottela <rnagadheeraj@marvell.com>
Subject: [dpdk-dev] [PATCH v3 2/2] crypto/nitrox: support cipher only crypto operations
Date: Fri, 9 Oct 2020 11:27:25 +0530 [thread overview]
Message-ID: <20201009055725.47329-3-rnagadheeraj@marvell.com> (raw)
In-Reply-To: <20201009055725.47329-1-rnagadheeraj@marvell.com>
This patch adds cipher only crypto operation support.
Signed-off-by: Nagadheeraj Rottela <rnagadheeraj@marvell.com>
---
doc/guides/cryptodevs/nitrox.rst | 2 -
doc/guides/rel_notes/release_20_11.rst | 5 +
drivers/crypto/nitrox/nitrox_sym.c | 3 +
drivers/crypto/nitrox/nitrox_sym_reqmgr.c | 189 ++++++++++++++++------
4 files changed, 148 insertions(+), 51 deletions(-)
diff --git a/doc/guides/cryptodevs/nitrox.rst b/doc/guides/cryptodevs/nitrox.rst
index 91fca905a..095e545c6 100644
--- a/doc/guides/cryptodevs/nitrox.rst
+++ b/doc/guides/cryptodevs/nitrox.rst
@@ -33,8 +33,6 @@ Supported AEAD algorithms:
Limitations
-----------
-* AES_CBC Cipher Only combination is not supported.
-* 3DES Cipher Only combination is not supported.
* Session-less APIs are not supported.
Installation
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index 73ac08fb0..ddcf90356 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -55,6 +55,11 @@ New Features
Also, make sure to start the actual text at the margin.
=======================================================
+* **Updated Marvell NITROX symmetric crypto PMD.**
+
+ * Added cipher only offload support.
+ * Added AES-GCM support.
+
Removed Items
-------------
diff --git a/drivers/crypto/nitrox/nitrox_sym.c b/drivers/crypto/nitrox/nitrox_sym.c
index fe3ee6e23..2768bdd2e 100644
--- a/drivers/crypto/nitrox/nitrox_sym.c
+++ b/drivers/crypto/nitrox/nitrox_sym.c
@@ -550,6 +550,9 @@ nitrox_sym_dev_sess_configure(struct rte_cryptodev *cdev,
ctx = mp_obj;
ctx->nitrox_chain = get_crypto_chain_order(xform);
switch (ctx->nitrox_chain) {
+ case NITROX_CHAIN_CIPHER_ONLY:
+ cipher_xform = &xform->cipher;
+ break;
case NITROX_CHAIN_CIPHER_AUTH:
cipher_xform = &xform->cipher;
auth_xform = &xform->next->auth;
diff --git a/drivers/crypto/nitrox/nitrox_sym_reqmgr.c b/drivers/crypto/nitrox/nitrox_sym_reqmgr.c
index 113ce5d11..fe3ca25a0 100644
--- a/drivers/crypto/nitrox/nitrox_sym_reqmgr.c
+++ b/drivers/crypto/nitrox/nitrox_sym_reqmgr.c
@@ -247,38 +247,6 @@ softreq_copy_iv(struct nitrox_softreq *sr, uint8_t salt_size)
sr->iv.len = sr->ctx->iv.length - salt_size;
}
-static int
-extract_cipher_auth_digest(struct nitrox_softreq *sr,
- struct nitrox_sglist *digest)
-{
- struct rte_crypto_op *op = sr->op;
- struct rte_mbuf *mdst = op->sym->m_dst ? op->sym->m_dst :
- op->sym->m_src;
-
- if (sr->ctx->req_op == NITROX_OP_DECRYPT &&
- unlikely(!op->sym->auth.digest.data))
- return -EINVAL;
-
- digest->len = sr->ctx->digest_length;
- if (op->sym->auth.digest.data) {
- digest->iova = op->sym->auth.digest.phys_addr;
- digest->virt = op->sym->auth.digest.data;
- return 0;
- }
-
- if (unlikely(rte_pktmbuf_data_len(mdst) < op->sym->auth.data.offset +
- op->sym->auth.data.length + digest->len))
- return -EINVAL;
-
- digest->iova = rte_pktmbuf_iova_offset(mdst,
- op->sym->auth.data.offset +
- op->sym->auth.data.length);
- digest->virt = rte_pktmbuf_mtod_offset(mdst, uint8_t *,
- op->sym->auth.data.offset +
- op->sym->auth.data.length);
- return 0;
-}
-
static void
fill_sglist(struct nitrox_sgtable *sgtbl, uint16_t len, rte_iova_t iova,
void *virt)
@@ -340,6 +308,143 @@ create_sglist_from_mbuf(struct nitrox_sgtable *sgtbl, struct rte_mbuf *mbuf,
return 0;
}
+static void
+create_sgcomp(struct nitrox_sgtable *sgtbl)
+{
+ int i, j, nr_sgcomp;
+ struct nitrox_sgcomp *sgcomp = sgtbl->sgcomp;
+ struct nitrox_sglist *sglist = sgtbl->sglist;
+
+ nr_sgcomp = RTE_ALIGN_MUL_CEIL(sgtbl->map_bufs_cnt, 4) / 4;
+ sgtbl->nr_sgcomp = nr_sgcomp;
+ for (i = 0; i < nr_sgcomp; i++, sgcomp++) {
+ for (j = 0; j < 4; j++, sglist++) {
+ sgcomp->len[j] = rte_cpu_to_be_16(sglist->len);
+ sgcomp->iova[j] = rte_cpu_to_be_64(sglist->iova);
+ }
+ }
+}
+
+static int
+create_cipher_inbuf(struct nitrox_softreq *sr)
+{
+ int err;
+ struct rte_crypto_op *op = sr->op;
+
+ fill_sglist(&sr->in, sr->iv.len, sr->iv.iova, sr->iv.virt);
+ err = create_sglist_from_mbuf(&sr->in, op->sym->m_src,
+ op->sym->cipher.data.offset,
+ op->sym->cipher.data.length);
+ if (unlikely(err))
+ return err;
+
+ create_sgcomp(&sr->in);
+ sr->dptr = sr->iova + offsetof(struct nitrox_softreq, in.sgcomp);
+
+ return 0;
+}
+
+static int
+create_cipher_outbuf(struct nitrox_softreq *sr)
+{
+ struct rte_crypto_op *op = sr->op;
+ int err, cnt = 0;
+ struct rte_mbuf *m_dst = op->sym->m_dst ? op->sym->m_dst :
+ op->sym->m_src;
+
+ sr->resp.orh = PENDING_SIG;
+ sr->out.sglist[cnt].len = sizeof(sr->resp.orh);
+ sr->out.sglist[cnt].iova = sr->iova + offsetof(struct nitrox_softreq,
+ resp.orh);
+ sr->out.sglist[cnt].virt = &sr->resp.orh;
+ cnt++;
+
+ sr->out.map_bufs_cnt = cnt;
+ fill_sglist(&sr->out, sr->iv.len, sr->iv.iova, sr->iv.virt);
+ err = create_sglist_from_mbuf(&sr->out, m_dst,
+ op->sym->cipher.data.offset,
+ op->sym->cipher.data.length);
+ if (unlikely(err))
+ return err;
+
+ cnt = sr->out.map_bufs_cnt;
+ sr->resp.completion = PENDING_SIG;
+ sr->out.sglist[cnt].len = sizeof(sr->resp.completion);
+ sr->out.sglist[cnt].iova = sr->iova + offsetof(struct nitrox_softreq,
+ resp.completion);
+ sr->out.sglist[cnt].virt = &sr->resp.completion;
+ cnt++;
+
+ RTE_VERIFY(cnt <= MAX_SGBUF_CNT);
+ sr->out.map_bufs_cnt = cnt;
+
+ create_sgcomp(&sr->out);
+ sr->rptr = sr->iova + offsetof(struct nitrox_softreq, out.sgcomp);
+
+ return 0;
+}
+
+static void
+create_cipher_gph(uint32_t cryptlen, uint16_t ivlen, struct gphdr *gph)
+{
+ gph->param0 = rte_cpu_to_be_16(cryptlen);
+ gph->param1 = 0;
+ gph->param2 = rte_cpu_to_be_16(ivlen);
+ gph->param3 = 0;
+}
+
+static int
+process_cipher_data(struct nitrox_softreq *sr)
+{
+ struct rte_crypto_op *op = sr->op;
+ int err;
+
+ softreq_copy_iv(sr, 0);
+ err = create_cipher_inbuf(sr);
+ if (unlikely(err))
+ return err;
+
+ err = create_cipher_outbuf(sr);
+ if (unlikely(err))
+ return err;
+
+ create_cipher_gph(op->sym->cipher.data.length, sr->iv.len, &sr->gph);
+
+ return 0;
+}
+
+static int
+extract_cipher_auth_digest(struct nitrox_softreq *sr,
+ struct nitrox_sglist *digest)
+{
+ struct rte_crypto_op *op = sr->op;
+ struct rte_mbuf *mdst = op->sym->m_dst ? op->sym->m_dst :
+ op->sym->m_src;
+
+ if (sr->ctx->req_op == NITROX_OP_DECRYPT &&
+ unlikely(!op->sym->auth.digest.data))
+ return -EINVAL;
+
+ digest->len = sr->ctx->digest_length;
+ if (op->sym->auth.digest.data) {
+ digest->iova = op->sym->auth.digest.phys_addr;
+ digest->virt = op->sym->auth.digest.data;
+ return 0;
+ }
+
+ if (unlikely(rte_pktmbuf_data_len(mdst) < op->sym->auth.data.offset +
+ op->sym->auth.data.length + digest->len))
+ return -EINVAL;
+
+ digest->iova = rte_pktmbuf_iova_offset(mdst,
+ op->sym->auth.data.offset +
+ op->sym->auth.data.length);
+ digest->virt = rte_pktmbuf_mtod_offset(mdst, uint8_t *,
+ op->sym->auth.data.offset +
+ op->sym->auth.data.length);
+ return 0;
+}
+
static int
create_cipher_auth_sglist(struct nitrox_softreq *sr,
struct nitrox_sgtable *sgtbl, struct rte_mbuf *mbuf)
@@ -408,23 +513,6 @@ create_aead_sglist(struct nitrox_softreq *sr, struct nitrox_sgtable *sgtbl,
return err;
}
-static void
-create_sgcomp(struct nitrox_sgtable *sgtbl)
-{
- int i, j, nr_sgcomp;
- struct nitrox_sgcomp *sgcomp = sgtbl->sgcomp;
- struct nitrox_sglist *sglist = sgtbl->sglist;
-
- nr_sgcomp = RTE_ALIGN_MUL_CEIL(sgtbl->map_bufs_cnt, 4) / 4;
- sgtbl->nr_sgcomp = nr_sgcomp;
- for (i = 0; i < nr_sgcomp; i++, sgcomp++) {
- for (j = 0; j < 4; j++, sglist++) {
- sgcomp->len[j] = rte_cpu_to_be_16(sglist->len);
- sgcomp->iova[j] = rte_cpu_to_be_64(sglist->iova);
- }
- }
-}
-
static int
create_aead_inbuf(struct nitrox_softreq *sr, struct nitrox_sglist *digest)
{
@@ -661,6 +749,9 @@ process_softreq(struct nitrox_softreq *sr)
int err = 0;
switch (ctx->nitrox_chain) {
+ case NITROX_CHAIN_CIPHER_ONLY:
+ err = process_cipher_data(sr);
+ break;
case NITROX_CHAIN_CIPHER_AUTH:
case NITROX_CHAIN_AUTH_CIPHER:
err = process_cipher_auth_data(sr);
--
2.20.1
next prev parent reply other threads:[~2020-10-09 5:58 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-24 11:00 [dpdk-dev] [PATCH 0/3] Add AES-GCM and cipher only offload support Nagadheeraj Rottela
2020-07-24 11:00 ` [dpdk-dev] [PATCH 1/3] test/crypto: replace NITROX PMD specific test suite Nagadheeraj Rottela
2020-07-24 11:00 ` [dpdk-dev] [PATCH 2/3] crypto/nitrox: support AES-GCM Nagadheeraj Rottela
2020-07-24 11:00 ` [dpdk-dev] [PATCH 3/3] crypto/nitrox: support cipher only crypto operations Nagadheeraj Rottela
2020-09-22 19:11 ` Akhil Goyal
2020-09-24 13:04 ` [dpdk-dev] [PATCH v2 0/3] Add AES-GCM and cipher only offload support Nagadheeraj Rottela
2020-09-24 13:04 ` [dpdk-dev] [PATCH v2 1/3] test/crypto: replace NITROX PMD specific test suite Nagadheeraj Rottela
2020-10-06 20:07 ` Akhil Goyal
2020-10-09 5:57 ` [dpdk-dev] [PATCH v3 0/2] Add AES-GCM and cipher only offload support Nagadheeraj Rottela
2020-10-09 5:57 ` [dpdk-dev] [PATCH v3 1/2] crypto/nitrox: support AES-GCM Nagadheeraj Rottela
2020-10-09 5:57 ` Nagadheeraj Rottela [this message]
2020-10-09 12:13 ` [dpdk-dev] [PATCH v3 0/2] Add AES-GCM and cipher only offload support Akhil Goyal
2020-09-24 13:04 ` [dpdk-dev] [PATCH v2 2/3] crypto/nitrox: support AES-GCM Nagadheeraj Rottela
2020-10-06 20:04 ` Akhil Goyal
2020-09-24 13:04 ` [dpdk-dev] [PATCH v2 3/3] crypto/nitrox: support cipher only crypto operations Nagadheeraj Rottela
2020-07-26 18:57 ` [dpdk-dev] [PATCH 0/3] Add AES-GCM and cipher only offload support Akhil Goyal
2020-07-28 6:41 ` Nagadheeraj Rottela
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201009055725.47329-3-rnagadheeraj@marvell.com \
--to=rnagadheeraj@marvell.com \
--cc=akhil.goyal@nxp.com \
--cc=dev@dpdk.org \
--cc=jsrikanth@marvell.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).