From: Suanming Mou <suanmingm@nvidia.com>
To: Matan Azrad <matan@nvidia.com>,
Viacheslav Ovsiienko <viacheslavo@nvidia.com>
Cc: <dev@dpdk.org>, <rasland@nvidia.com>
Subject: [PATCH v2 3/9] crypto/mlx5: add AES-GCM query and initialization
Date: Fri, 26 May 2023 06:14:15 +0300 [thread overview]
Message-ID: <20230526031422.913377-4-suanmingm@nvidia.com> (raw)
In-Reply-To: <20230526031422.913377-1-suanmingm@nvidia.com>
AES-GCM provides both authenticated encryption and the ability to check
the integrity and authentication of additional authenticated data (AAD)
that is sent in the clear.
This commit adds the AES-GCM attributes query and initialization function.
Signed-off-by: Suanming Mou <suanmingm@nvidia.com>
---
drivers/common/mlx5/mlx5_devx_cmds.c | 15 +++++++++++
drivers/common/mlx5/mlx5_devx_cmds.h | 13 ++++++++++
drivers/common/mlx5/mlx5_prm.h | 19 +++++++++++---
drivers/crypto/mlx5/meson.build | 1 +
drivers/crypto/mlx5/mlx5_crypto.c | 4 ++-
drivers/crypto/mlx5/mlx5_crypto.h | 3 +++
drivers/crypto/mlx5/mlx5_crypto_gcm.c | 36 +++++++++++++++++++++++++++
7 files changed, 87 insertions(+), 4 deletions(-)
create mode 100644 drivers/crypto/mlx5/mlx5_crypto_gcm.c
diff --git a/drivers/common/mlx5/mlx5_devx_cmds.c b/drivers/common/mlx5/mlx5_devx_cmds.c
index 1e418a0353..4332081165 100644
--- a/drivers/common/mlx5/mlx5_devx_cmds.c
+++ b/drivers/common/mlx5/mlx5_devx_cmds.c
@@ -1117,6 +1117,21 @@ mlx5_devx_cmd_query_hca_attr(void *ctx,
attr->crypto_wrapped_import_method = !!(MLX5_GET(crypto_caps,
hcattr, wrapped_import_method)
& 1 << 2);
+ attr->crypto_mmo.crypto_mmo_qp = MLX5_GET(crypto_caps, hcattr, crypto_mmo_qp);
+ attr->crypto_mmo.gcm_256_encrypt =
+ MLX5_GET(crypto_caps, hcattr, crypto_aes_gcm_256_encrypt);
+ attr->crypto_mmo.gcm_128_encrypt =
+ MLX5_GET(crypto_caps, hcattr, crypto_aes_gcm_128_encrypt);
+ attr->crypto_mmo.gcm_256_decrypt =
+ MLX5_GET(crypto_caps, hcattr, crypto_aes_gcm_256_decrypt);
+ attr->crypto_mmo.gcm_128_decrypt =
+ MLX5_GET(crypto_caps, hcattr, crypto_aes_gcm_128_decrypt);
+ attr->crypto_mmo.gcm_auth_tag_128 =
+ MLX5_GET(crypto_caps, hcattr, gcm_auth_tag_128);
+ attr->crypto_mmo.gcm_auth_tag_96 =
+ MLX5_GET(crypto_caps, hcattr, gcm_auth_tag_96);
+ attr->crypto_mmo.log_crypto_mmo_max_size =
+ MLX5_GET(crypto_caps, hcattr, log_crypto_mmo_max_size);
}
if (hca_cap_2_sup) {
hcattr = mlx5_devx_get_hca_cap(ctx, in, out, &rc,
diff --git a/drivers/common/mlx5/mlx5_devx_cmds.h b/drivers/common/mlx5/mlx5_devx_cmds.h
index dc3359268d..cb3f3a211b 100644
--- a/drivers/common/mlx5/mlx5_devx_cmds.h
+++ b/drivers/common/mlx5/mlx5_devx_cmds.h
@@ -125,6 +125,18 @@ struct mlx5_hca_flex_attr {
uint8_t header_length_mask_width;
};
+__extension__
+struct mlx5_hca_crypto_mmo_attr {
+ uint32_t crypto_mmo_qp:1;
+ uint32_t gcm_256_encrypt:1;
+ uint32_t gcm_128_encrypt:1;
+ uint32_t gcm_256_decrypt:1;
+ uint32_t gcm_128_decrypt:1;
+ uint32_t gcm_auth_tag_128:1;
+ uint32_t gcm_auth_tag_96:1;
+ uint32_t log_crypto_mmo_max_size:6;
+};
+
/* ISO C restricts enumerator values to range of 'int' */
__extension__
enum {
@@ -250,6 +262,7 @@ struct mlx5_hca_attr {
struct mlx5_hca_vdpa_attr vdpa;
struct mlx5_hca_flow_attr flow;
struct mlx5_hca_flex_attr flex;
+ struct mlx5_hca_crypto_mmo_attr crypto_mmo;
int log_max_qp_sz;
int log_max_cq_sz;
int log_max_qp;
diff --git a/drivers/common/mlx5/mlx5_prm.h b/drivers/common/mlx5/mlx5_prm.h
index 9f749a2dcc..b4446f56b9 100644
--- a/drivers/common/mlx5/mlx5_prm.h
+++ b/drivers/common/mlx5/mlx5_prm.h
@@ -4577,7 +4577,9 @@ struct mlx5_ifc_crypto_caps_bits {
u8 synchronize_dek[0x1];
u8 int_kek_manual[0x1];
u8 int_kek_auto[0x1];
- u8 reserved_at_6[0x12];
+ u8 reserved_at_6[0xd];
+ u8 sw_wrapped_dek_key_purpose[0x1];
+ u8 reserved_at_14[0x4];
u8 wrapped_import_method[0x8];
u8 reserved_at_20[0x3];
u8 log_dek_max_alloc[0x5];
@@ -4594,8 +4596,19 @@ struct mlx5_ifc_crypto_caps_bits {
u8 log_dek_granularity[0x5];
u8 reserved_at_68[0x3];
u8 log_max_num_int_kek[0x5];
- u8 reserved_at_70[0x10];
- u8 reserved_at_80[0x780];
+ u8 sw_wrapped_dek_new[0x10];
+ u8 reserved_at_80[0x80];
+ u8 crypto_mmo_qp[0x1];
+ u8 crypto_aes_gcm_256_encrypt[0x1];
+ u8 crypto_aes_gcm_128_encrypt[0x1];
+ u8 crypto_aes_gcm_256_decrypt[0x1];
+ u8 crypto_aes_gcm_128_decrypt[0x1];
+ u8 gcm_auth_tag_128[0x1];
+ u8 gcm_auth_tag_96[0x1];
+ u8 reserved_at_107[0x3];
+ u8 log_crypto_mmo_max_size[0x6];
+ u8 reserved_at_110[0x10];
+ u8 reserved_at_120[0x6e0];
};
struct mlx5_ifc_crypto_commissioning_register_bits {
diff --git a/drivers/crypto/mlx5/meson.build b/drivers/crypto/mlx5/meson.build
index 045e8ce81d..17ffce89f0 100644
--- a/drivers/crypto/mlx5/meson.build
+++ b/drivers/crypto/mlx5/meson.build
@@ -16,6 +16,7 @@ endif
sources = files(
'mlx5_crypto.c',
'mlx5_crypto_xts.c',
+ 'mlx5_crypto_gcm.c',
'mlx5_crypto_dek.c',
)
diff --git a/drivers/crypto/mlx5/mlx5_crypto.c b/drivers/crypto/mlx5/mlx5_crypto.c
index 2e6bcc6ddc..ff632cd69a 100644
--- a/drivers/crypto/mlx5/mlx5_crypto.c
+++ b/drivers/crypto/mlx5/mlx5_crypto.c
@@ -335,7 +335,9 @@ mlx5_crypto_dev_probe(struct mlx5_common_device *cdev,
rte_errno = ENOTSUP;
return -rte_errno;
}
- if (!cdev->config.hca_attr.crypto || !cdev->config.hca_attr.aes_xts) {
+ if (!cdev->config.hca_attr.crypto ||
+ (!cdev->config.hca_attr.aes_xts &&
+ !cdev->config.hca_attr.crypto_mmo.crypto_mmo_qp)) {
DRV_LOG(ERR, "Not enough capabilities to support crypto "
"operations, maybe old FW/OFED version?");
rte_errno = ENOTSUP;
diff --git a/drivers/crypto/mlx5/mlx5_crypto.h b/drivers/crypto/mlx5/mlx5_crypto.h
index 05d8fe97fe..76f368ee91 100644
--- a/drivers/crypto/mlx5/mlx5_crypto.h
+++ b/drivers/crypto/mlx5/mlx5_crypto.h
@@ -117,4 +117,7 @@ mlx5_crypto_dek_unset(struct mlx5_crypto_priv *priv);
int
mlx5_crypto_xts_init(struct mlx5_crypto_priv *priv);
+int
+mlx5_crypto_gcm_init(struct mlx5_crypto_priv *priv);
+
#endif /* MLX5_CRYPTO_H_ */
diff --git a/drivers/crypto/mlx5/mlx5_crypto_gcm.c b/drivers/crypto/mlx5/mlx5_crypto_gcm.c
new file mode 100644
index 0000000000..bd78c6d66b
--- /dev/null
+++ b/drivers/crypto/mlx5/mlx5_crypto_gcm.c
@@ -0,0 +1,36 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright (c) 2023 NVIDIA Corporation & Affiliates
+ */
+
+#include <rte_malloc.h>
+#include <rte_mempool.h>
+#include <rte_eal_paging.h>
+#include <rte_errno.h>
+#include <rte_log.h>
+#include <bus_pci_driver.h>
+#include <rte_memory.h>
+
+#include <mlx5_glue.h>
+#include <mlx5_common.h>
+#include <mlx5_devx_cmds.h>
+#include <mlx5_common_os.h>
+
+#include "mlx5_crypto_utils.h"
+#include "mlx5_crypto.h"
+
+static struct rte_cryptodev_capabilities mlx5_crypto_gcm_caps[] = {
+ {
+ .op = RTE_CRYPTO_OP_TYPE_UNDEFINED,
+ },
+ {
+ .op = RTE_CRYPTO_OP_TYPE_UNDEFINED,
+ }
+};
+
+int
+mlx5_crypto_gcm_init(struct mlx5_crypto_priv *priv)
+{
+ priv->caps = mlx5_crypto_gcm_caps;
+ return 0;
+}
+
--
2.25.1
next prev parent reply other threads:[~2023-05-26 3:16 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-18 9:23 [RFC PATCH 0/5] crypto/mlx5: support AES-GCM Suanming Mou
2023-04-18 9:23 ` [RFC PATCH 1/5] crypto/mlx5: add AES-GCM capability Suanming Mou
2023-05-17 7:37 ` [EXT] " Akhil Goyal
2023-05-17 7:42 ` Suanming Mou
2023-05-17 7:47 ` Akhil Goyal
2023-05-17 7:51 ` Suanming Mou
2023-05-17 8:02 ` Akhil Goyal
2023-05-17 8:06 ` Suanming Mou
2023-04-18 9:23 ` [RFC PATCH 2/5] crypto/mlx5: add AES-GCM encryption key Suanming Mou
2023-04-18 9:23 ` [RFC PATCH 3/5] crypto/mlx5: add AES-GCM session configure Suanming Mou
2023-04-18 9:23 ` [RFC PATCH 4/5] crypto/mlx5: add queue pair setup Suanming Mou
2023-04-18 9:23 ` [RFC PATCH 5/5] crypto/mlx5: add enqueue and dequeue operations Suanming Mou
2023-05-26 3:14 ` [PATCH v2 0/9] crypto/mlx5: support AES-GCM Suanming Mou
2023-05-26 3:14 ` [PATCH v2 1/9] common/mlx5: export memory region lookup by address Suanming Mou
2023-05-26 3:14 ` [PATCH v2 2/9] crypto/mlx5: split AES-XTS Suanming Mou
2023-05-26 3:14 ` Suanming Mou [this message]
2023-05-26 3:14 ` [PATCH v2 4/9] crypto/mlx5: add AES-GCM encryption key Suanming Mou
2023-05-26 3:14 ` [PATCH v2 5/9] crypto/mlx5: add AES-GCM session configure Suanming Mou
2023-05-26 3:14 ` [PATCH v2 6/9] common/mlx5: add WQE-based QP synchronous basics Suanming Mou
2023-05-26 3:14 ` [PATCH v2 7/9] crypto/mlx5: add queue pair setup for GCM Suanming Mou
2023-05-26 3:14 ` [PATCH v2 8/9] crypto/mlx5: add enqueue and dequeue operations Suanming Mou
2023-05-26 3:14 ` [PATCH v2 9/9] crypto/mlx5: enable AES-GCM capability Suanming Mou
2023-06-14 18:11 ` [EXT] [PATCH v2 0/9] crypto/mlx5: support AES-GCM Akhil Goyal
2023-06-20 1:22 ` Suanming Mou
2023-06-20 1:23 ` Suanming Mou
2023-06-20 1:23 ` [PATCH v3 1/9] common/mlx5: export memory region lookup by address Suanming Mou
2023-06-20 1:23 ` [PATCH v3 2/9] crypto/mlx5: split AES-XTS Suanming Mou
2023-06-20 1:23 ` [PATCH v3 3/9] crypto/mlx5: add AES-GCM query and initialization Suanming Mou
2023-06-20 1:23 ` [PATCH v3 4/9] crypto/mlx5: add AES-GCM encryption key Suanming Mou
2023-06-20 1:23 ` [PATCH v3 5/9] crypto/mlx5: add AES-GCM session configure Suanming Mou
2023-06-20 1:23 ` [PATCH v3 6/9] common/mlx5: add WQE-based QP synchronous basics Suanming Mou
2023-06-20 1:23 ` [PATCH v3 7/9] crypto/mlx5: add queue pair setup for GCM Suanming Mou
2023-06-20 1:23 ` [PATCH v3 8/9] crypto/mlx5: add enqueue and dequeue operations Suanming Mou
2023-06-20 1:23 ` [PATCH v3 9/9] crypto/mlx5: enable AES-GCM capability Suanming Mou
2023-06-20 9:25 ` [EXT] " Akhil Goyal
2023-06-20 9:42 ` Suanming Mou
2023-06-20 9:48 ` Akhil Goyal
2023-06-20 9:56 ` Suanming Mou
2023-06-20 9:55 ` [PATCH v2 0/9] crypto/mlx5: support AES-GCM Suanming Mou
2023-06-20 9:58 ` Akhil Goyal
2023-06-20 10:03 ` Suanming Mou
2023-06-20 13:52 ` Matan Azrad
2023-06-20 14:11 ` [PATCH v4 " Suanming Mou
2023-06-20 14:11 ` [PATCH v4 1/9] common/mlx5: export memory region lookup by address Suanming Mou
2023-06-20 14:11 ` [PATCH v4 2/9] crypto/mlx5: split AES-XTS Suanming Mou
2023-06-20 14:11 ` [PATCH v4 3/9] crypto/mlx5: add AES-GCM query and initialization Suanming Mou
2023-06-20 14:11 ` [PATCH v4 4/9] crypto/mlx5: add AES-GCM encryption key Suanming Mou
2023-06-20 14:11 ` [PATCH v4 5/9] crypto/mlx5: add AES-GCM session configure Suanming Mou
2023-06-20 14:11 ` [PATCH v4 6/9] common/mlx5: add WQE-based QP synchronous basics Suanming Mou
2023-06-20 14:11 ` [PATCH v4 7/9] crypto/mlx5: add queue pair setup for GCM Suanming Mou
2023-06-20 14:11 ` [PATCH v4 8/9] crypto/mlx5: add enqueue and dequeue operations Suanming Mou
2023-06-20 14:11 ` [PATCH v4 9/9] crypto/mlx5: enable AES-GCM capability Suanming Mou
2023-06-20 18:49 ` [EXT] [PATCH v4 0/9] crypto/mlx5: support AES-GCM Akhil Goyal
2023-06-23 9:31 ` Thomas Monjalon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230526031422.913377-4-suanmingm@nvidia.com \
--to=suanmingm@nvidia.com \
--cc=dev@dpdk.org \
--cc=matan@nvidia.com \
--cc=rasland@nvidia.com \
--cc=viacheslavo@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).