From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 8FCBBA034F; Wed, 28 Jul 2021 09:57:16 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 7A9A3410ED; Wed, 28 Jul 2021 09:57:16 +0200 (CEST) Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2073.outbound.protection.outlook.com [40.107.237.73]) by mails.dpdk.org (Postfix) with ESMTP id 4201E40142 for ; Wed, 28 Jul 2021 09:57:15 +0200 (CEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=m9ZDVP7gAIM84mmlAcjvIwfzdAXBKE4QucyP2VpOaeqnTfu9QBkyQ/2fbOmPZ6BLftpKGGeRda7uDrUyxTAXlncYNjeKJN6Y+L8ZSbEN0SaA/ZPYjD6lCrbMKHVbVPh1aklLUVfg7KIv/NzWuVDSSD+rclxlIjwS3To6DW+DjYQIINxvaKMJZUV8PyTLywyKDqE+FLDgHxJ5osD/4FtPHOTlYYuc5mUFcfP2klFVZB5S/nQGLZ0YQn8E+4GAjbIvEgKazc5GYuExCGVicY5Ut4IMgh4LZeaM/N5dlvh2PqS0F+RdC6j63j94uxYbYKbUFXCLf2dW2cokz3vQh+8xEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZIxT/s+LU3yUkKNDI+inlWrA/GTvqExHRM0G8l3+G7k=; b=KgH5O6mmcF5sI5UZPVrJAF6Ksgf+L2ZifKcg3FXz6zHKmbot/np6/CcjarqCwfAnL5JsiUPcEdQvEfUiAAZq2SAIiD4SRDOTQky5wb9BV5IhrTYjqkiASwOGzy5gxKQOPsyuWq8ashJKicx0zcxsyQy1xhoPGWJZF+CSSxsAeR1Ir/Z18TFlyDQxmyFQqRIqHBfn1HJJjR2isdjrGsIbwNOn/KAroMZySvJ+Zm9xV5lCIwJ9QXSjSZBNVg50iLUYZ6JbVV6HyhEUHPTrN6FE/+KBOoGZlxMcGK9dx2CiFyuHMT7nl7Aa17daCUuNSdP2+iqDdREmToTCSUoWX2e8IQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.112.34) smtp.rcpttodomain=marvell.com smtp.mailfrom=nvidia.com; dmarc=pass (p=quarantine sp=none pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZIxT/s+LU3yUkKNDI+inlWrA/GTvqExHRM0G8l3+G7k=; b=E8YgHZULFO04IcK6Tqh1Ai2uzbPT/WX6s0zWRunr2rbJ8+tHQnJK1We+0qS7/xGbYEW6o4kNc6ekJUKiNY5FJ0Cqfnqnn4zBraVtNUQADSpC7LO0rHOv0RQKr1z2pbjiYETK+WaWmP/Oq2lEUcAyr/GjChTEda7H8l1vbiCAbvSMD6651zQCATabkriHUwBfJLKycZPseqok+dKfbWpduxmZfSMwiJ1D/nGPlvwTccrTmssP3+9cT2oK0o5rhIhRqKkce+17oEtFG/FRG2mdew5pZ86TaYWzaq41hH8BlU9bErpXnFCPhis4spsKgPIiwZtvhiGJfX1rhAqWgbnmgA== Received: from MW4PR04CA0279.namprd04.prod.outlook.com (2603:10b6:303:89::14) by DM8PR12MB5413.namprd12.prod.outlook.com (2603:10b6:8:3b::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4352.25; Wed, 28 Jul 2021 07:57:14 +0000 Received: from CO1NAM11FT066.eop-nam11.prod.protection.outlook.com (2603:10b6:303:89:cafe::22) by MW4PR04CA0279.outlook.office365.com (2603:10b6:303:89::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4352.29 via Frontend Transport; Wed, 28 Jul 2021 07:57:13 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.112.34) smtp.mailfrom=nvidia.com; marvell.com; dkim=none (message not signed) header.d=none;marvell.com; dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.112.34 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.112.34; helo=mail.nvidia.com; Received: from mail.nvidia.com (216.228.112.34) by CO1NAM11FT066.mail.protection.outlook.com (10.13.175.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.4373.18 via Frontend Transport; Wed, 28 Jul 2021 07:57:13 +0000 Received: from nvidia.com (172.20.187.5) by HQMAIL107.nvidia.com (172.20.187.13) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 28 Jul 2021 07:57:11 +0000 From: Matan Azrad To: CC: Akhil Goyal Date: Wed, 28 Jul 2021 10:56:42 +0300 Message-ID: <20210728075642.4049476-1-matan@nvidia.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210426080537.376693-1-matan@nvidia.com> References: <20210426080537.376693-1-matan@nvidia.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Originating-IP: [172.20.187.5] X-ClientProxiedBy: HQMAIL107.nvidia.com (172.20.187.13) To HQMAIL107.nvidia.com (172.20.187.13) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 1f913d4a-911c-4f86-a7df-08d9519d4f89 X-MS-TrafficTypeDiagnostic: DM8PR12MB5413: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:4303; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ck4aBY7TFzx8OvVVwVFzmNvrp7vMKuyyQik3lIbLuew/TaPAb0mMoBeK4hWsH9RoW9ewa2gmcwOArCzuE1bCWC/DvppKiXSf8DGQpc3tSCRvLbo9/f1FMlRI78UAM2RPLBjXKhUlhIXaeFPOMMBOTXHn/eA8dOfqnLTW2pX5R2qIV+U0zwVOnO5G6KujSg//jN4OHuVJcoKR+RJbldVMvveee4LDrlXoYHygacc8RpJwlFPtdCFV2jvIAPsw3vFsISRp//v5/zFl1vqI6g6l73xuSBqcV2cqQblEzPLzTRmcxlpdgxwGY0HkULxWxC8hL2w+fMEX3vq5y8ehvOJd/braHwTBcg60NnhZ4Cxx2kKHG8yv7UpyP5bkSMiHgtXPLs/4zujmdfb71Xoe3uF1tpecrpqDC0KI4Uug6OK2G+y1vkfr1n15wP8EQRILXWnI8GUsolBJOYSdcG0bCvdsqdwD64Mx+ReTS3z13NfNPfUHgSQS8OQh1vflALFZiMIN0fH9uUqa6HArAPOMHyiGP8gCpEeLEknpKgDKphDltnwN1LcpMS28sKlDiOk46ek4IlHE4bqAfphX1IPuLhlcmVFAfMloywpcI8B6aBrStvVUhWI7/HevleX+wjCQgctjGvi1CkIlCFBHRHRQgCwa2IrIcX13cM8tpUcea18QhYgHvnCUPuzzoUnppPVafdqPYzt5Z4q3kbCy4bcdDYcsCQ== X-Forefront-Antispam-Report: CIP:216.228.112.34; CTRY:US; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:mail.nvidia.com; PTR:schybrid03.nvidia.com; CAT:NONE; SFS:(4636009)(346002)(136003)(376002)(396003)(39860400002)(46966006)(36840700001)(36860700001)(7696005)(6286002)(86362001)(8936002)(356005)(6916009)(82310400003)(4326008)(8676002)(186003)(336012)(2616005)(426003)(5660300002)(36756003)(316002)(1076003)(26005)(16526019)(478600001)(70206006)(55016002)(2906002)(6666004)(82740400003)(7636003)(83380400001)(70586007)(47076005)(36906005); DIR:OUT; SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Jul 2021 07:57:13.3064 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 1f913d4a-911c-4f86-a7df-08d9519d4f89 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a; Ip=[216.228.112.34]; Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT066.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM8PR12MB5413 Subject: [dpdk-dev] [PATCH v2] examples/l2fwd-crypto: support cipher multiple data-unit X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" The support for multiple data-units includes the next: - Add a new command-line argument to provide the data-unit length. - Set the length in the cipher xform. - Validate device capabilities for this feature. - Pad the AES-XTS operation length to be aligned to the defined data-unit. Signed-off-by: Matan Azrad --- v2: remove the feature patch reference. .../sample_app_ug/l2_forward_crypto.rst | 7 ++- examples/l2fwd-crypto/main.c | 61 +++++++++++++++++++ 2 files changed, 66 insertions(+), 2 deletions(-) diff --git a/doc/guides/sample_app_ug/l2_forward_crypto.rst b/doc/guides/sample_app_ug/l2_forward_crypto.rst index e2c0f9f1ec..cc772aaec4 100644 --- a/doc/guides/sample_app_ug/l2_forward_crypto.rst +++ b/doc/guides/sample_app_ug/l2_forward_crypto.rst @@ -41,8 +41,9 @@ The application requires a number of command line options: .//examples/dpdk-l2fwd-crypto [EAL options] -- [-p PORTMASK] [-q NQ] [-s] [-T PERIOD] / [--cdev_type HW/SW/ANY] [--chain HASH_CIPHER/CIPHER_HASH/CIPHER_ONLY/HASH_ONLY/AEAD] / - [--cipher_algo ALGO] [--cipher_op ENCRYPT/DECRYPT] [--cipher_key KEY] / - [--cipher_key_random_size SIZE] [--cipher_iv IV] [--cipher_iv_random_size SIZE] / + [--cipher_algo ALGO] [--cipher_op ENCRYPT/DECRYPT] [--cipher_dataunit_len SIZE] / + [--cipher_key KEY] [--cipher_key_random_size SIZE] [--cipher_iv IV] / + [--cipher_iv_random_size SIZE] / [--auth_algo ALGO] [--auth_op GENERATE/VERIFY] [--auth_key KEY] / [--auth_key_random_size SIZE] [--auth_iv IV] [--auth_iv_random_size SIZE] / [--aead_algo ALGO] [--aead_op ENCRYPT/DECRYPT] [--aead_key KEY] / @@ -81,6 +82,8 @@ where, (default is ENCRYPT) +* cipher_dataunit_len: set the length of the cipher data-unit. + * cipher_key: set the ciphering key to be used. Bytes has to be separated with ":" * cipher_key_random_size: set the size of the ciphering key, diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c index 4f51616492..22bd47061b 100644 --- a/examples/l2fwd-crypto/main.c +++ b/examples/l2fwd-crypto/main.c @@ -182,6 +182,8 @@ struct l2fwd_crypto_params { unsigned digest_length; unsigned block_size; + uint16_t cipher_dataunit_len; + struct l2fwd_iv cipher_iv; struct l2fwd_iv auth_iv; struct l2fwd_iv aead_iv; @@ -434,6 +436,12 @@ l2fwd_simple_crypto_enqueue(struct rte_mbuf *m, pad_len = cparams->block_size - (data_len % cparams->block_size); break; + case RTE_CRYPTO_CIPHER_AES_XTS: + if (cparams->cipher_dataunit_len != 0 && + (data_len % cparams->cipher_dataunit_len)) + pad_len = cparams->cipher_dataunit_len - + (data_len % cparams->cipher_dataunit_len); + break; default: pad_len = 0; } @@ -827,6 +835,8 @@ l2fwd_main_loop(struct l2fwd_crypto_options *options) port_cparams[i].cipher_iv.length); port_cparams[i].cipher_algo = options->cipher_xform.cipher.algo; + port_cparams[i].cipher_dataunit_len = + options->cipher_xform.cipher.dataunit_len; /* Set IV parameters */ options->cipher_xform.cipher.iv.offset = IV_OFFSET; options->cipher_xform.cipher.iv.length = @@ -989,6 +999,7 @@ l2fwd_crypto_usage(const char *prgname) " --cipher_key_random_size SIZE: size of cipher key when generated randomly\n" " --cipher_iv IV (bytes separated with \":\")\n" " --cipher_iv_random_size SIZE: size of cipher IV when generated randomly\n" + " --cipher_dataunit_len SIZE: length of the algorithm data-unit\n" " --auth_algo ALGO\n" " --auth_op GENERATE / VERIFY\n" @@ -1215,6 +1226,7 @@ l2fwd_crypto_parse_args_long_options(struct l2fwd_crypto_options *options, struct option *lgopts, int option_index) { int retval; + int val; if (strcmp(lgopts[option_index].name, "cdev_type") == 0) { retval = parse_cryptodev_type(&options->type, optarg); @@ -1245,6 +1257,16 @@ l2fwd_crypto_parse_args_long_options(struct l2fwd_crypto_options *options, return -1; } + else if (strcmp(lgopts[option_index].name, "cipher_dataunit_len") == 0) { + retval = parse_size(&val, optarg); + if (retval == 0 && val >= 0 && val <= UINT16_MAX) { + options->cipher_xform.cipher.dataunit_len = + (uint16_t)val; + return 0; + } else + return -1; + } + else if (strcmp(lgopts[option_index].name, "cipher_key_random_size") == 0) return parse_size(&options->ckey_random_size, optarg); @@ -1469,6 +1491,7 @@ l2fwd_crypto_default_options(struct l2fwd_crypto_options *options) options->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_AES_CBC; options->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_ENCRYPT; + options->cipher_xform.cipher.dataunit_len = 0; /* Authentication Data */ options->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH; @@ -1644,6 +1667,7 @@ l2fwd_crypto_parse_args(struct l2fwd_crypto_options *options, { "cipher_key_random_size", required_argument, 0, 0 }, { "cipher_iv", required_argument, 0, 0 }, { "cipher_iv_random_size", required_argument, 0, 0 }, + { "cipher_dataunit_len", required_argument, 0, 0}, { "auth_algo", required_argument, 0, 0 }, { "auth_op", required_argument, 0, 0 }, @@ -2158,6 +2182,43 @@ check_capabilities(struct l2fwd_crypto_options *options, uint8_t cdev_id) return -1; } } + + if (options->cipher_xform.cipher.dataunit_len > 0) { + if (!(dev_info.feature_flags & + RTE_CRYPTODEV_FF_CIPHER_MULTIPLE_DATA_UNITS)) { + RTE_LOG(DEBUG, USER1, + "Device %u does not support " + "cipher multiple data units\n", + cdev_id); + return -1; + } + if (cap->sym.cipher.dataunit_set != 0) { + int ret = 0; + + switch (options->cipher_xform.cipher.dataunit_len) { + case 512: + if (!(cap->sym.cipher.dataunit_set & + RTE_CRYPTO_CIPHER_DATA_UNIT_LEN_512_BYTES)) + ret = -1; + break; + case 4096: + if (!(cap->sym.cipher.dataunit_set & + RTE_CRYPTO_CIPHER_DATA_UNIT_LEN_4096_BYTES)) + ret = -1; + break; + default: + ret = -1; + } + if (ret == -1) { + RTE_LOG(DEBUG, USER1, + "Device %u does not support " + "data-unit length %u\n", + cdev_id, + options->cipher_xform.cipher.dataunit_len); + return -1; + } + } + } } /* Set auth parameters */ -- 2.25.1