From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by dpdk.org (Postfix) with ESMTP id 8F0818D35 for ; Tue, 21 Jun 2016 14:56:11 +0200 (CEST) Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga101.fm.intel.com with ESMTP; 21 Jun 2016 05:56:11 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.26,504,1459839600"; d="scan'208";a="832409629" Received: from sie-lab-212-151.ir.intel.com (HELO silpixa00390977.ir.intel.com) ([10.237.212.151]) by orsmga003.jf.intel.com with ESMTP; 21 Jun 2016 05:56:09 -0700 From: John Griffin To: john.griffin@intel.com, dev@dpdk.org, deepak.k.jain@intel.com, pablo.de.lara.guarch@intel.com Date: Tue, 21 Jun 2016 13:55:59 +0100 Message-Id: <1466513759-55842-1-git-send-email-john.griffin@intel.com> X-Mailer: git-send-email 2.1.0 Subject: [dpdk-dev] [PATCH] qat: addition of optimized content descriptor for AES128-SHA1-HMAC X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Jun 2016 12:56:12 -0000 Adding an optimized content descriptor for AES128-SHA1-HMAC to improve thoughput performance. Signed-off-by: John Griffin --- drivers/crypto/qat/qat_adf/qat_algs.h | 7 ++ drivers/crypto/qat/qat_adf/qat_algs_build_desc.c | 91 ++++++++++++++++++++++++ drivers/crypto/qat/qat_crypto.c | 64 +++++++++++++---- drivers/crypto/qat/qat_crypto.h | 4 ++ 4 files changed, 154 insertions(+), 12 deletions(-) diff --git a/drivers/crypto/qat/qat_adf/qat_algs.h b/drivers/crypto/qat/qat_adf/qat_algs.h index b47dbc2..28fa111 100644 --- a/drivers/crypto/qat/qat_adf/qat_algs.h +++ b/drivers/crypto/qat/qat_adf/qat_algs.h @@ -127,4 +127,11 @@ void qat_alg_ablkcipher_init_dec(struct qat_alg_ablkcipher_cd *cd, int qat_alg_validate_aes_key(int key_len, enum icp_qat_hw_cipher_algo *alg); int qat_alg_validate_snow3g_key(int key_len, enum icp_qat_hw_cipher_algo *alg); +int qat_crypto_sym_use_optimized_alg(struct qat_session *session); +int qat_crypto_create_optimzed_session(struct qat_session *session, + uint8_t *cipherkey, + uint32_t cipherkeylen, + uint8_t *authkey, + uint32_t authkeylen, + uint32_t digestsize); #endif diff --git a/drivers/crypto/qat/qat_adf/qat_algs_build_desc.c b/drivers/crypto/qat/qat_adf/qat_algs_build_desc.c index aa108d4..8c1a801 100644 --- a/drivers/crypto/qat/qat_adf/qat_algs_build_desc.c +++ b/drivers/crypto/qat/qat_adf/qat_algs_build_desc.c @@ -444,6 +444,7 @@ int qat_alg_aead_session_create_content_desc_cipher(struct qat_session *cdesc, header->service_cmd_id = cdesc->qat_cmd; ICP_QAT_FW_LA_DIGEST_IN_BUFFER_SET(header->serv_specif_flags, ICP_QAT_FW_LA_NO_DIGEST_IN_BUFFER); + /* Configure the common header protocol flags */ ICP_QAT_FW_LA_PROTO_SET(header->serv_specif_flags, proto); cd_pars->u.s.content_desc_addr = cdesc->cd_paddr; @@ -749,6 +750,96 @@ int qat_alg_aead_session_create_content_desc_auth(struct qat_session *cdesc, return 0; } +/* + * Function which will return if it's possible to use the + * optimised content descriptor. + */ +int qat_crypto_sym_use_optimized_alg(struct qat_session *session) +{ + return ((session->qat_mode == ICP_QAT_HW_CIPHER_CBC_MODE) + && (session->qat_cipher_alg == ICP_QAT_HW_CIPHER_ALGO_AES128) + && (session->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_SHA1)); +} + +/* + * Function to create an optimised content descriptor for AES128 SHA1. + */ +int qat_crypto_create_optimzed_session(struct qat_session *session, + uint8_t *cipherkey, + uint32_t cipherkeylen, + uint8_t *authkey, + uint32_t authkeylen, + uint32_t digestsize) +{ + /* CFG_CIPH_AES128_CBC_ENCRYPT, CFG_AUTH_SHA1_MODE1_NO_NESTED */ + uint32_t icp_qat_fw_aes128_cbc_sha1_encrypt[] = {0x21120202, + 0x422E0000, 0x14140000, 0x18031800, 0}; + /* CFG_CIPH_AES128_CBC_DECRYPT, CFG_AUTH_SHA1_MODE1_NO_NESTED */ + uint32_t icp_qat_fw_aes128_cbc_sha1_decrypt[] = {0x41150202, + 0x122E0000, 0x14140000, 0x18031800, 0}; + + register struct icp_qat_fw_la_bulk_req *qat_req; + uint8_t *cd_ptr = (uint8_t *)&session->cd; + uint16_t state2_size; + struct icp_qat_fw_auth_cd_ctrl_hdr *hash_cd_ctrl; + + /* + * Setup the template for the request. + */ + qat_req = &session->fw_req; + + /* + * Setup some hard coded values for the constant config table. + */ + if (session->qat_dir == ICP_QAT_HW_CIPHER_ENCRYPT) { + memcpy(&qat_req->cd_ctrl, icp_qat_fw_aes128_cbc_sha1_encrypt, + sizeof(icp_qat_fw_aes128_cbc_sha1_encrypt)); + qat_req->comn_hdr.serv_specif_flags = 0x2c; + } else { + memcpy(&qat_req->cd_ctrl, icp_qat_fw_aes128_cbc_sha1_decrypt, + sizeof(icp_qat_fw_aes128_cbc_sha1_decrypt)); + qat_req->comn_hdr.serv_specif_flags = 0x4c; + } + + /* + * Cope with a digest size != 0x14 + */ + if (digestsize != 0x14) { + hash_cd_ctrl = (struct icp_qat_fw_auth_cd_ctrl_hdr *) + &qat_req->cd_ctrl; + hash_cd_ctrl->inner_res_sz = digestsize; + hash_cd_ctrl->final_sz = digestsize; + struct icp_qat_fw_la_auth_req_params *auth_param = + (struct icp_qat_fw_la_auth_req_params *) + ((char *)&qat_req->serv_specif_rqpars + + sizeof(struct icp_qat_fw_la_cipher_req_params)); + auth_param->auth_res_sz = digestsize; + } + + /* + * Setup the size of the content descriptor. + */ + + qat_req->cd_pars.u.s.content_desc_params_sz = 0x08; + qat_req->cd_pars.u.s.content_desc_addr = session->cd_paddr; + + /* + * Setup the content descriptor. + */ + memcpy(cd_ptr, cipherkey, cipherkeylen); + cd_ptr += cipherkeylen; + + if (qat_alg_do_precomputes(session->qat_hash_alg, + authkey, authkeylen, cd_ptr, + &state2_size)) { + PMD_DRV_LOG(ERR, "(SHA) pre-compute failed"); + return -EFAULT; + } + return 0; +} + + + static void qat_alg_ablkcipher_init_com(struct icp_qat_fw_la_bulk_req *req, struct icp_qat_hw_cipher_algo_blk *cd, const uint8_t *key, unsigned int keylen) diff --git a/drivers/crypto/qat/qat_crypto.c b/drivers/crypto/qat/qat_crypto.c index 940b2b6..69b63c3 100644 --- a/drivers/crypto/qat/qat_crypto.c +++ b/drivers/crypto/qat/qat_crypto.c @@ -361,7 +361,8 @@ qat_get_cipher_xform(struct rte_crypto_sym_xform *xform) } void * qat_crypto_sym_configure_session_cipher(struct rte_cryptodev *dev, - struct rte_crypto_sym_xform *xform, void *session_private) + struct rte_crypto_sym_xform *xform, + void *session_private) { struct qat_pmd_private *internals = dev->data->dev_private; @@ -443,9 +444,7 @@ qat_crypto_sym_configure_session(struct rte_cryptodev *dev, struct rte_crypto_sym_xform *xform, void *session_private) { struct qat_pmd_private *internals = dev->data->dev_private; - struct qat_session *session = session_private; - int qat_cmd_id; PMD_INIT_FUNC_TRACE(); @@ -459,19 +458,31 @@ qat_crypto_sym_configure_session(struct rte_cryptodev *dev, session->qat_cmd = (enum icp_qat_fw_la_cmd_id)qat_cmd_id; switch (session->qat_cmd) { case ICP_QAT_FW_LA_CMD_CIPHER: - session = qat_crypto_sym_configure_session_cipher(dev, xform, session); + session = qat_crypto_sym_configure_session_cipher(dev, xform, + session); break; case ICP_QAT_FW_LA_CMD_AUTH: - session = qat_crypto_sym_configure_session_auth(dev, xform, session); + session = qat_crypto_sym_configure_session_auth(dev, xform, + session); break; case ICP_QAT_FW_LA_CMD_CIPHER_HASH: - session = qat_crypto_sym_configure_session_cipher(dev, xform, session); - session = qat_crypto_sym_configure_session_auth(dev, xform, session); - break; + session = qat_crypto_sym_configure_session_cipher(dev, xform, + session); + session = qat_crypto_sym_configure_session_auth(dev, xform, + session); + if (qat_crypto_sym_use_optimized_alg(session)) + qat_crypto_sym_configure_optimized_session(dev, xform, + session); + break; case ICP_QAT_FW_LA_CMD_HASH_CIPHER: - session = qat_crypto_sym_configure_session_auth(dev, xform, session); - session = qat_crypto_sym_configure_session_cipher(dev, xform, session); - break; + session = qat_crypto_sym_configure_session_auth(dev, xform, + session); + session = qat_crypto_sym_configure_session_cipher(dev, xform, + session); + if (qat_crypto_sym_use_optimized_alg(session)) + qat_crypto_sym_configure_optimized_session(dev, xform, + session); + break; case ICP_QAT_FW_LA_CMD_TRNG_GET_RANDOM: case ICP_QAT_FW_LA_CMD_TRNG_TEST: case ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE: @@ -496,6 +507,35 @@ error_out: return NULL; } + +struct qat_session * +qat_crypto_sym_configure_optimized_session(struct rte_cryptodev *dev, + struct rte_crypto_sym_xform *xform, + struct qat_session *session) +{ + + struct qat_pmd_private *internals = dev->data->dev_private; + struct rte_crypto_auth_xform *auth_xform = NULL; + struct rte_crypto_cipher_xform *cipher_xform = NULL; + + auth_xform = qat_get_auth_xform(xform); + cipher_xform = qat_get_cipher_xform(xform); + if ((auth_xform == NULL) || (cipher_xform == NULL)) + goto error_out; + + if (qat_crypto_create_optimzed_session(session, + cipher_xform->key.data, + cipher_xform->key.length, + auth_xform->key.data, + auth_xform->key.length, + auth_xform->digest_length) == 0) + return session; + +error_out: + rte_mempool_put(internals->sess_mp, session); + return NULL; +} + struct qat_session * qat_crypto_sym_configure_session_auth(struct rte_cryptodev *dev, struct rte_crypto_sym_xform *xform, @@ -551,11 +591,11 @@ qat_crypto_sym_configure_session_auth(struct rte_cryptodev *dev, auth_xform->algo); goto error_out; } - cipher_xform = qat_get_cipher_xform(xform); if ((session->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_GALOIS_128) || (session->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_GALOIS_64)) { + cipher_xform = qat_get_cipher_xform(xform); if (qat_alg_aead_session_create_content_desc_auth(session, cipher_xform->key.data, cipher_xform->key.length, diff --git a/drivers/crypto/qat/qat_crypto.h b/drivers/crypto/qat/qat_crypto.h index 0afe74e..79f8b7a 100644 --- a/drivers/crypto/qat/qat_crypto.h +++ b/drivers/crypto/qat/qat_crypto.h @@ -120,6 +120,10 @@ void * qat_crypto_sym_configure_session_cipher(struct rte_cryptodev *dev, struct rte_crypto_sym_xform *xform, void *session_private); +struct qat_session * +qat_crypto_sym_configure_optimized_session(struct rte_cryptodev *dev, + struct rte_crypto_sym_xform *xform, + struct qat_session *session); extern void qat_crypto_sym_clear_session(struct rte_cryptodev *dev, void *session); -- 2.1.0