[dpdk-dev] [PATCH] qat: addition of optimized content descriptor for AES128-SHA1-HMAC

[John Griffin <john.griffin@intel.com>]

Adding an optimized content descriptor for AES128-SHA1-HMAC to
improve thoughput performance.

Signed-off-by: John Griffin <john.griffin@intel.com>
---
 drivers/crypto/qat/qat_adf/qat_algs.h            |  7 ++
 drivers/crypto/qat/qat_adf/qat_algs_build_desc.c | 91 ++++++++++++++++++++++++
 drivers/crypto/qat/qat_crypto.c                  | 64 +++++++++++++----
 drivers/crypto/qat/qat_crypto.h                  |  4 ++
 4 files changed, 154 insertions(+), 12 deletions(-)

diff --git a/drivers/crypto/qat/qat_adf/qat_algs.h b/drivers/crypto/qat/qat_adf/qat_algs.h
index b47dbc2..28fa111 100644
--- a/drivers/crypto/qat/qat_adf/qat_algs.h
+++ b/drivers/crypto/qat/qat_adf/qat_algs.h
@@ -127,4 +127,11 @@ void qat_alg_ablkcipher_init_dec(struct qat_alg_ablkcipher_cd *cd,
 int qat_alg_validate_aes_key(int key_len, enum icp_qat_hw_cipher_algo *alg);
 int qat_alg_validate_snow3g_key(int key_len, enum icp_qat_hw_cipher_algo *alg);
 
+int qat_crypto_sym_use_optimized_alg(struct qat_session *session);
+int qat_crypto_create_optimzed_session(struct qat_session *session,
+					uint8_t *cipherkey,
+					uint32_t cipherkeylen,
+					uint8_t *authkey,
+					uint32_t authkeylen,
+					uint32_t digestsize);
 #endif
diff --git a/drivers/crypto/qat/qat_adf/qat_algs_build_desc.c b/drivers/crypto/qat/qat_adf/qat_algs_build_desc.c
index aa108d4..8c1a801 100644
--- a/drivers/crypto/qat/qat_adf/qat_algs_build_desc.c
+++ b/drivers/crypto/qat/qat_adf/qat_algs_build_desc.c
@@ -444,6 +444,7 @@ int qat_alg_aead_session_create_content_desc_cipher(struct qat_session *cdesc,
 	header->service_cmd_id = cdesc->qat_cmd;
 	ICP_QAT_FW_LA_DIGEST_IN_BUFFER_SET(header->serv_specif_flags,
 					ICP_QAT_FW_LA_NO_DIGEST_IN_BUFFER);
+
 	/* Configure the common header protocol flags */
 	ICP_QAT_FW_LA_PROTO_SET(header->serv_specif_flags, proto);
 	cd_pars->u.s.content_desc_addr = cdesc->cd_paddr;
@@ -749,6 +750,96 @@ int qat_alg_aead_session_create_content_desc_auth(struct qat_session *cdesc,
 	return 0;
 }
 
+/*
+ * Function which will return if it's possible to use the
+ * optimised content descriptor.
+ */
+int qat_crypto_sym_use_optimized_alg(struct qat_session *session)
+{
+	return ((session->qat_mode == ICP_QAT_HW_CIPHER_CBC_MODE)
+	&& (session->qat_cipher_alg == ICP_QAT_HW_CIPHER_ALGO_AES128)
+	&& (session->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_SHA1));
+}
+
+/*
+ * Function to create an optimised content descriptor for AES128 SHA1.
+ */
+int qat_crypto_create_optimzed_session(struct qat_session *session,
+				       uint8_t *cipherkey,
+				       uint32_t cipherkeylen,
+				       uint8_t *authkey,
+				       uint32_t authkeylen,
+				       uint32_t digestsize)
+{
+	/* CFG_CIPH_AES128_CBC_ENCRYPT, CFG_AUTH_SHA1_MODE1_NO_NESTED */
+	uint32_t icp_qat_fw_aes128_cbc_sha1_encrypt[] = {0x21120202,
+			0x422E0000, 0x14140000, 0x18031800, 0};
+	/* CFG_CIPH_AES128_CBC_DECRYPT, CFG_AUTH_SHA1_MODE1_NO_NESTED */
+	uint32_t icp_qat_fw_aes128_cbc_sha1_decrypt[] = {0x41150202,
+			0x122E0000, 0x14140000, 0x18031800, 0};
+
+	register struct icp_qat_fw_la_bulk_req *qat_req;
+	uint8_t *cd_ptr = (uint8_t *)&session->cd;
+	uint16_t state2_size;
+	struct icp_qat_fw_auth_cd_ctrl_hdr *hash_cd_ctrl;
+
+	/*
+	 * Setup the template for the request.
+	 */
+	qat_req = &session->fw_req;
+
+	/*
+	 * Setup some hard coded values for the constant config table.
+	 */
+	if (session->qat_dir == ICP_QAT_HW_CIPHER_ENCRYPT) {
+		memcpy(&qat_req->cd_ctrl, icp_qat_fw_aes128_cbc_sha1_encrypt,
+				sizeof(icp_qat_fw_aes128_cbc_sha1_encrypt));
+		qat_req->comn_hdr.serv_specif_flags = 0x2c;
+	} else {
+		memcpy(&qat_req->cd_ctrl, icp_qat_fw_aes128_cbc_sha1_decrypt,
+				sizeof(icp_qat_fw_aes128_cbc_sha1_decrypt));
+		qat_req->comn_hdr.serv_specif_flags = 0x4c;
+	}
+
+	/*
+	 * Cope with a digest size != 0x14
+	 */
+	if (digestsize != 0x14) {
+		hash_cd_ctrl = (struct icp_qat_fw_auth_cd_ctrl_hdr *)
+				&qat_req->cd_ctrl;
+		hash_cd_ctrl->inner_res_sz = digestsize;
+		hash_cd_ctrl->final_sz = digestsize;
+		struct icp_qat_fw_la_auth_req_params *auth_param =
+			(struct icp_qat_fw_la_auth_req_params *)
+			((char *)&qat_req->serv_specif_rqpars +
+			sizeof(struct icp_qat_fw_la_cipher_req_params));
+		auth_param->auth_res_sz = digestsize;
+	}
+
+	/*
+	 * Setup the size of the content descriptor.
+	 */
+
+	qat_req->cd_pars.u.s.content_desc_params_sz = 0x08;
+	qat_req->cd_pars.u.s.content_desc_addr = session->cd_paddr;
+
+	/*
+	 * Setup the content descriptor.
+	 */
+	memcpy(cd_ptr, cipherkey, cipherkeylen);
+	cd_ptr += cipherkeylen;
+
+	if (qat_alg_do_precomputes(session->qat_hash_alg,
+				authkey, authkeylen, cd_ptr,
+				&state2_size)) {
+		PMD_DRV_LOG(ERR, "(SHA) pre-compute failed");
+		return -EFAULT;
+	}
+	return 0;
+}
+
+
+
 static void qat_alg_ablkcipher_init_com(struct icp_qat_fw_la_bulk_req *req,
 					struct icp_qat_hw_cipher_algo_blk *cd,
 					const uint8_t *key, unsigned int keylen)
diff --git a/drivers/crypto/qat/qat_crypto.c b/drivers/crypto/qat/qat_crypto.c
index 940b2b6..69b63c3 100644
--- a/drivers/crypto/qat/qat_crypto.c
+++ b/drivers/crypto/qat/qat_crypto.c
@@ -361,7 +361,8 @@ qat_get_cipher_xform(struct rte_crypto_sym_xform *xform)
 }
 void *
 qat_crypto_sym_configure_session_cipher(struct rte_cryptodev *dev,
-		struct rte_crypto_sym_xform *xform, void *session_private)
+		struct rte_crypto_sym_xform *xform,
+		void *session_private)
 {
 	struct qat_pmd_private *internals = dev->data->dev_private;
 
@@ -443,9 +444,7 @@ qat_crypto_sym_configure_session(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform, void *session_private)
 {
 	struct qat_pmd_private *internals = dev->data->dev_private;
-
 	struct qat_session *session = session_private;
-
 	int qat_cmd_id;
 
 	PMD_INIT_FUNC_TRACE();
@@ -459,19 +458,31 @@ qat_crypto_sym_configure_session(struct rte_cryptodev *dev,
 	session->qat_cmd = (enum icp_qat_fw_la_cmd_id)qat_cmd_id;
 	switch (session->qat_cmd) {
 	case ICP_QAT_FW_LA_CMD_CIPHER:
-	session = qat_crypto_sym_configure_session_cipher(dev, xform, session);
+		session = qat_crypto_sym_configure_session_cipher(dev, xform,
+				session);
 		break;
 	case ICP_QAT_FW_LA_CMD_AUTH:
-	session = qat_crypto_sym_configure_session_auth(dev, xform, session);
+		session = qat_crypto_sym_configure_session_auth(dev, xform,
+				session);
 		break;
 	case ICP_QAT_FW_LA_CMD_CIPHER_HASH:
-	session = qat_crypto_sym_configure_session_cipher(dev, xform, session);
-	session = qat_crypto_sym_configure_session_auth(dev, xform, session);
-		break;
+		session = qat_crypto_sym_configure_session_cipher(dev, xform,
+				session);
+		session = qat_crypto_sym_configure_session_auth(dev, xform,
+				session);
+		if (qat_crypto_sym_use_optimized_alg(session))
+			qat_crypto_sym_configure_optimized_session(dev, xform,
+				session);
+	break;
 	case ICP_QAT_FW_LA_CMD_HASH_CIPHER:
-	session = qat_crypto_sym_configure_session_auth(dev, xform, session);
-	session = qat_crypto_sym_configure_session_cipher(dev, xform, session);
-		break;
+		session = qat_crypto_sym_configure_session_auth(dev, xform,
+				session);
+		session = qat_crypto_sym_configure_session_cipher(dev, xform,
+				session);
+		if (qat_crypto_sym_use_optimized_alg(session))
+			qat_crypto_sym_configure_optimized_session(dev, xform,
+				session);
+	break;
 	case ICP_QAT_FW_LA_CMD_TRNG_GET_RANDOM:
 	case ICP_QAT_FW_LA_CMD_TRNG_TEST:
 	case ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE:
@@ -496,6 +507,35 @@ error_out:
 	return NULL;
 }
 
+
+struct qat_session *
+qat_crypto_sym_configure_optimized_session(struct rte_cryptodev *dev,
+				struct rte_crypto_sym_xform *xform,
+				struct qat_session *session)
+{
+
+	struct qat_pmd_private *internals = dev->data->dev_private;
+	struct rte_crypto_auth_xform *auth_xform = NULL;
+	struct rte_crypto_cipher_xform *cipher_xform = NULL;
+
+	auth_xform = qat_get_auth_xform(xform);
+	cipher_xform = qat_get_cipher_xform(xform);
+	if ((auth_xform == NULL) || (cipher_xform == NULL))
+		goto error_out;
+
+	if (qat_crypto_create_optimzed_session(session,
+			cipher_xform->key.data,
+			cipher_xform->key.length,
+			auth_xform->key.data,
+			auth_xform->key.length,
+			auth_xform->digest_length) == 0)
+	return session;
+
+error_out:
+	rte_mempool_put(internals->sess_mp, session);
+	return NULL;
+}
+
 struct qat_session *
 qat_crypto_sym_configure_session_auth(struct rte_cryptodev *dev,
 				struct rte_crypto_sym_xform *xform,
@@ -551,11 +591,11 @@ qat_crypto_sym_configure_session_auth(struct rte_cryptodev *dev,
 				auth_xform->algo);
 		goto error_out;
 	}
-	cipher_xform = qat_get_cipher_xform(xform);
 
 	if ((session->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_GALOIS_128) ||
 			(session->qat_hash_alg ==
 				ICP_QAT_HW_AUTH_ALGO_GALOIS_64))  {
+		cipher_xform = qat_get_cipher_xform(xform);
 		if (qat_alg_aead_session_create_content_desc_auth(session,
 				cipher_xform->key.data,
 				cipher_xform->key.length,
diff --git a/drivers/crypto/qat/qat_crypto.h b/drivers/crypto/qat/qat_crypto.h
index 0afe74e..79f8b7a 100644
--- a/drivers/crypto/qat/qat_crypto.h
+++ b/drivers/crypto/qat/qat_crypto.h
@@ -120,6 +120,10 @@ void *
 qat_crypto_sym_configure_session_cipher(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform, void *session_private);
 
+struct qat_session *
+qat_crypto_sym_configure_optimized_session(struct rte_cryptodev *dev,
+				struct rte_crypto_sym_xform *xform,
+				struct qat_session *session);
 
 extern void
 qat_crypto_sym_clear_session(struct rte_cryptodev *dev, void *session);
-- 
2.1.0