From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by dpdk.org (Postfix) with ESMTP id 0D2704CB5 for ; Wed, 13 Mar 2019 15:52:22 +0100 (CET) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 13 Mar 2019 07:52:22 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.58,474,1544515200"; d="scan'208";a="151347638" Received: from damiannx-mobl.ger.corp.intel.com (HELO kali.isw.intel.com) ([10.103.104.80]) by fmsmga002.fm.intel.com with ESMTP; 13 Mar 2019 07:52:21 -0700 From: Damian Nowak To: dev@dpdk.org Cc: fiona.trahe@intel.com, Damian Nowak Date: Wed, 13 Mar 2019 15:52:12 +0100 Message-Id: <20190313145213.1269-3-damianx.nowak@intel.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190313145213.1269-1-damianx.nowak@intel.com> References: <20190228161851.7202-1-damianx.nowak@intel.com> <20190313145213.1269-1-damianx.nowak@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-dev] [PATCH v2 2/3] crypto/qat: add XTS for QAT session config X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Mar 2019 14:52:23 -0000 This patch adds XTS capabilities and enables XTS cipher mode on QAT. It also updates the documentation for newly supported AES XTS mode on QAT. Signed-off-by: Damian Nowak --- doc/guides/cryptodevs/features/qat.ini | 2 ++ doc/guides/cryptodevs/qat.rst | 3 ++- doc/guides/rel_notes/release_19_05.rst | 10 ++++++++++ drivers/crypto/qat/qat_sym_capabilities.h | 22 +++++++++++++++++++++- drivers/crypto/qat/qat_sym_session.c | 17 +++++++++++++++-- 5 files changed, 50 insertions(+), 4 deletions(-) diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini index 4f15ee0..a7c7273 100644 --- a/doc/guides/cryptodevs/features/qat.ini +++ b/doc/guides/cryptodevs/features/qat.ini @@ -24,6 +24,8 @@ AES CBC (256) = Y AES CTR (128) = Y AES CTR (192) = Y AES CTR (256) = Y +AES XTS (128) = Y +AES XTS (256) = Y 3DES CBC = Y 3DES CTR = Y DES CBC = Y diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst index b7eace1..b1a5c0e 100644 --- a/doc/guides/cryptodevs/qat.rst +++ b/doc/guides/cryptodevs/qat.rst @@ -1,5 +1,5 @@ .. SPDX-License-Identifier: BSD-3-Clause - Copyright(c) 2015-2016 Intel Corporation. + Copyright(c) 2015-2019 Intel Corporation. Intel(R) QuickAssist (QAT) Crypto Poll Mode Driver ================================================== @@ -41,6 +41,7 @@ Cipher algorithms: * ``RTE_CRYPTO_CIPHER_AES128_CTR`` * ``RTE_CRYPTO_CIPHER_AES192_CTR`` * ``RTE_CRYPTO_CIPHER_AES256_CTR`` +* ``RTE_CRYPTO_CIPHER_AES_XTS`` * ``RTE_CRYPTO_CIPHER_SNOW3G_UEA2`` * ``RTE_CRYPTO_CIPHER_NULL`` * ``RTE_CRYPTO_CIPHER_KASUMI_F8`` diff --git a/doc/guides/rel_notes/release_19_05.rst b/doc/guides/rel_notes/release_19_05.rst index 61a2c73..6ea2e15 100644 --- a/doc/guides/rel_notes/release_19_05.rst +++ b/doc/guides/rel_notes/release_19_05.rst @@ -91,6 +91,10 @@ New Features * Added promiscuous mode support. +* **Updated the QuickAssist Technology PMD.** + + Added support for AES-XTS with 128 and 256 bit AES keys. + Removed Items ------------- @@ -226,6 +230,12 @@ Known Issues Also, make sure to start the actual text at the margin. ========================================================= +* **No software AES-XTS implementation.** + + There are currently no cryptodev software PMDs available which implement + support for the AES-XTS algorithm, so this feature can only be used + if compatible hardware and an associated PMD is available. + Tested Platforms ---------------- diff --git a/drivers/crypto/qat/qat_sym_capabilities.h b/drivers/crypto/qat/qat_sym_capabilities.h index 7cba87d..6df12b9 100644 --- a/drivers/crypto/qat/qat_sym_capabilities.h +++ b/drivers/crypto/qat/qat_sym_capabilities.h @@ -1,5 +1,5 @@ /* SPDX-License-Identifier: BSD-3-Clause - * Copyright(c) 2017-2018 Intel Corporation + * Copyright(c) 2017-2019 Intel Corporation */ #ifndef _QAT_SYM_CAPABILITIES_H_ @@ -304,6 +304,26 @@ }, } \ }, } \ }, \ + { /* AES XTS */ \ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ + {.sym = { \ + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, \ + {.cipher = { \ + .algo = RTE_CRYPTO_CIPHER_AES_XTS, \ + .block_size = 16, \ + .key_size = { \ + .min = 32, \ + .max = 64, \ + .increment = 0 \ + }, \ + .iv_size = { \ + .min = 16, \ + .max = 16, \ + .increment = 0 \ + } \ + }, } \ + }, } \ + }, \ { /* AES DOCSIS BPI */ \ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ {.sym = { \ diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c index 4d7ec01..5cc86f5 100644 --- a/drivers/crypto/qat/qat_sym_session.c +++ b/drivers/crypto/qat/qat_sym_session.c @@ -1,5 +1,5 @@ /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0) - * Copyright(c) 2015-2018 Intel Corporation + * Copyright(c) 2015-2019 Intel Corporation */ #include /* Needed to calculate pre-compute values */ @@ -333,10 +333,23 @@ qat_sym_session_configure_cipher(struct rte_cryptodev *dev, } session->qat_mode = ICP_QAT_HW_CIPHER_ECB_MODE; break; + case RTE_CRYPTO_CIPHER_AES_XTS: + if ((cipher_xform->key.length/2) == ICP_QAT_HW_AES_192_KEY_SZ) { + QAT_LOG(ERR, "AES-XTS-192 not supported"); + ret = -EINVAL; + goto error_out; + } + if (qat_sym_validate_aes_key((cipher_xform->key.length/2), + &session->qat_cipher_alg) != 0) { + QAT_LOG(ERR, "Invalid AES-XTS cipher key size"); + ret = -EINVAL; + goto error_out; + } + session->qat_mode = ICP_QAT_HW_CIPHER_XTS_MODE; + break; case RTE_CRYPTO_CIPHER_3DES_ECB: case RTE_CRYPTO_CIPHER_AES_ECB: case RTE_CRYPTO_CIPHER_AES_F8: - case RTE_CRYPTO_CIPHER_AES_XTS: case RTE_CRYPTO_CIPHER_ARC4: QAT_LOG(ERR, "Crypto QAT PMD: Unsupported Cipher alg %u", cipher_xform->algo); -- 2.7.4