From: Suanming Mou <suanmingm@nvidia.com>
To: <gakhil@marvell.com>, Matan Azrad <matan@nvidia.com>,
Viacheslav Ovsiienko <viacheslavo@nvidia.com>,
Ori Kam <orika@nvidia.com>
Cc: <rasland@nvidia.com>, <dev@dpdk.org>
Subject: [PATCH v4 5/9] crypto/mlx5: add AES-GCM session configure
Date: Tue, 20 Jun 2023 17:11:11 +0300 [thread overview]
Message-ID: <20230620141115.841226-6-suanmingm@nvidia.com> (raw)
In-Reply-To: <20230620141115.841226-1-suanmingm@nvidia.com>
Sessions are used in symmetric transformations in order to prepare
objects and data for packet processing stage.
The AES-GCM session includes IV, AAD, digest(tag), DEK, operation
mode information.
Signed-off-by: Suanming Mou <suanmingm@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
---
drivers/common/mlx5/mlx5_prm.h | 12 +++++++
drivers/crypto/mlx5/mlx5_crypto.h | 40 ++++++++++++++++++-----
drivers/crypto/mlx5/mlx5_crypto_gcm.c | 47 +++++++++++++++++++++++++++
3 files changed, 91 insertions(+), 8 deletions(-)
diff --git a/drivers/common/mlx5/mlx5_prm.h b/drivers/common/mlx5/mlx5_prm.h
index e41b5b3528..96ce342d29 100644
--- a/drivers/common/mlx5/mlx5_prm.h
+++ b/drivers/common/mlx5/mlx5_prm.h
@@ -523,11 +523,23 @@ enum {
MLX5_BLOCK_SIZE_4048B = 0x6,
};
+enum {
+ MLX5_ENCRYPTION_TYPE_AES_GCM = 0x3,
+};
+
+enum {
+ MLX5_CRYPTO_OP_TYPE_ENCRYPTION = 0x0,
+ MLX5_CRYPTO_OP_TYPE_DECRYPTION = 0x1,
+};
+
#define MLX5_BSF_SIZE_OFFSET 30
#define MLX5_BSF_P_TYPE_OFFSET 24
#define MLX5_ENCRYPTION_ORDER_OFFSET 16
#define MLX5_BLOCK_SIZE_OFFSET 24
+#define MLX5_CRYPTO_MMO_TYPE_OFFSET 24
+#define MLX5_CRYPTO_MMO_OP_OFFSET 20
+
struct mlx5_wqe_umr_bsf_seg {
/*
* bs_bpt_eo_es contains:
diff --git a/drivers/crypto/mlx5/mlx5_crypto.h b/drivers/crypto/mlx5/mlx5_crypto.h
index bb5a557a38..6cb4d4ddec 100644
--- a/drivers/crypto/mlx5/mlx5_crypto.h
+++ b/drivers/crypto/mlx5/mlx5_crypto.h
@@ -72,16 +72,40 @@ struct mlx5_crypto_devarg_params {
};
struct mlx5_crypto_session {
- uint32_t bs_bpt_eo_es;
- /**< bsf_size, bsf_p_type, encryption_order and encryption standard,
- * saved in big endian format.
- */
- uint32_t bsp_res;
- /**< crypto_block_size_pointer and reserved 24 bits saved in big
- * endian format.
- */
+ union {
+ /**< AES-XTS configuration. */
+ struct {
+ uint32_t bs_bpt_eo_es;
+ /**< bsf_size, bsf_p_type, encryption_order and encryption standard,
+ * saved in big endian format.
+ */
+ uint32_t bsp_res;
+ /**< crypto_block_size_pointer and reserved 24 bits saved in big
+ * endian format.
+ */
+ };
+ /**< AES-GCM configuration. */
+ struct {
+ uint32_t mmo_ctrl;
+ /**< Crypto control fields with algo type and op type in big
+ * endian format.
+ */
+ uint32_t wqe_aad_len;
+ /**< Crypto AAD length field in big endian format. */
+ uint32_t wqe_tag_len;
+ /**< Crypto tag length field in big endian format. */
+ uint16_t tag_len;
+ /**< AES-GCM crypto digest size in bytes. */
+ uint16_t aad_len;
+ /**< The length of the additional authenticated data (AAD) in bytes. */
+ uint32_t op_type;
+ /**< Operation type. */
+ };
+ };
uint32_t iv_offset:16;
/**< Starting point for Initialisation Vector. */
+ uint32_t iv_len;
+ /**< Initialisation Vector length. */
struct mlx5_crypto_dek *dek; /**< Pointer to dek struct. */
uint32_t dek_id; /**< DEK ID */
} __rte_packed;
diff --git a/drivers/crypto/mlx5/mlx5_crypto_gcm.c b/drivers/crypto/mlx5/mlx5_crypto_gcm.c
index 5b315ef42c..5f55314382 100644
--- a/drivers/crypto/mlx5/mlx5_crypto_gcm.c
+++ b/drivers/crypto/mlx5/mlx5_crypto_gcm.c
@@ -60,9 +60,56 @@ mlx5_crypto_dek_fill_gcm_attr(struct mlx5_crypto_dek *dek,
return 0;
}
+static int
+mlx5_crypto_sym_gcm_session_configure(struct rte_cryptodev *dev,
+ struct rte_crypto_sym_xform *xform,
+ struct rte_cryptodev_sym_session *session)
+{
+ struct mlx5_crypto_priv *priv = dev->data->dev_private;
+ struct mlx5_crypto_session *sess_private_data = CRYPTODEV_GET_SYM_SESS_PRIV(session);
+ struct rte_crypto_aead_xform *aead = &xform->aead;
+ uint32_t op_type;
+
+ if (unlikely(xform->next != NULL)) {
+ DRV_LOG(ERR, "Xform next is not supported.");
+ return -ENOTSUP;
+ }
+ if (aead->algo != RTE_CRYPTO_AEAD_AES_GCM) {
+ DRV_LOG(ERR, "Only AES-GCM algorithm is supported.");
+ return -ENOTSUP;
+ }
+ if (aead->op == RTE_CRYPTO_AEAD_OP_ENCRYPT)
+ op_type = MLX5_CRYPTO_OP_TYPE_ENCRYPTION;
+ else
+ op_type = MLX5_CRYPTO_OP_TYPE_DECRYPTION;
+ sess_private_data->op_type = op_type;
+ sess_private_data->mmo_ctrl = rte_cpu_to_be_32
+ (op_type << MLX5_CRYPTO_MMO_OP_OFFSET |
+ MLX5_ENCRYPTION_TYPE_AES_GCM << MLX5_CRYPTO_MMO_TYPE_OFFSET);
+ sess_private_data->aad_len = aead->aad_length;
+ sess_private_data->tag_len = aead->digest_length;
+ sess_private_data->iv_offset = aead->iv.offset;
+ sess_private_data->iv_len = aead->iv.length;
+ sess_private_data->dek = mlx5_crypto_dek_prepare(priv, xform);
+ if (sess_private_data->dek == NULL) {
+ DRV_LOG(ERR, "Failed to prepare dek.");
+ return -ENOMEM;
+ }
+ sess_private_data->dek_id =
+ rte_cpu_to_be_32(sess_private_data->dek->obj->id &
+ 0xffffff);
+ DRV_LOG(DEBUG, "Session %p was configured.", sess_private_data);
+ return 0;
+}
+
int
mlx5_crypto_gcm_init(struct mlx5_crypto_priv *priv)
{
+ struct rte_cryptodev *crypto_dev = priv->crypto_dev;
+ struct rte_cryptodev_ops *dev_ops = crypto_dev->dev_ops;
+
+ /* Override AES-GCM specified ops. */
+ dev_ops->sym_session_configure = mlx5_crypto_sym_gcm_session_configure;
priv->caps = mlx5_crypto_gcm_caps;
return 0;
}
--
2.25.1
next prev parent reply other threads:[~2023-06-20 14:12 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-18 9:23 [RFC PATCH 0/5] crypto/mlx5: support AES-GCM Suanming Mou
2023-04-18 9:23 ` [RFC PATCH 1/5] crypto/mlx5: add AES-GCM capability Suanming Mou
2023-05-17 7:37 ` [EXT] " Akhil Goyal
2023-05-17 7:42 ` Suanming Mou
2023-05-17 7:47 ` Akhil Goyal
2023-05-17 7:51 ` Suanming Mou
2023-05-17 8:02 ` Akhil Goyal
2023-05-17 8:06 ` Suanming Mou
2023-04-18 9:23 ` [RFC PATCH 2/5] crypto/mlx5: add AES-GCM encryption key Suanming Mou
2023-04-18 9:23 ` [RFC PATCH 3/5] crypto/mlx5: add AES-GCM session configure Suanming Mou
2023-04-18 9:23 ` [RFC PATCH 4/5] crypto/mlx5: add queue pair setup Suanming Mou
2023-04-18 9:23 ` [RFC PATCH 5/5] crypto/mlx5: add enqueue and dequeue operations Suanming Mou
2023-05-26 3:14 ` [PATCH v2 0/9] crypto/mlx5: support AES-GCM Suanming Mou
2023-05-26 3:14 ` [PATCH v2 1/9] common/mlx5: export memory region lookup by address Suanming Mou
2023-05-26 3:14 ` [PATCH v2 2/9] crypto/mlx5: split AES-XTS Suanming Mou
2023-05-26 3:14 ` [PATCH v2 3/9] crypto/mlx5: add AES-GCM query and initialization Suanming Mou
2023-05-26 3:14 ` [PATCH v2 4/9] crypto/mlx5: add AES-GCM encryption key Suanming Mou
2023-05-26 3:14 ` [PATCH v2 5/9] crypto/mlx5: add AES-GCM session configure Suanming Mou
2023-05-26 3:14 ` [PATCH v2 6/9] common/mlx5: add WQE-based QP synchronous basics Suanming Mou
2023-05-26 3:14 ` [PATCH v2 7/9] crypto/mlx5: add queue pair setup for GCM Suanming Mou
2023-05-26 3:14 ` [PATCH v2 8/9] crypto/mlx5: add enqueue and dequeue operations Suanming Mou
2023-05-26 3:14 ` [PATCH v2 9/9] crypto/mlx5: enable AES-GCM capability Suanming Mou
2023-06-14 18:11 ` [EXT] [PATCH v2 0/9] crypto/mlx5: support AES-GCM Akhil Goyal
2023-06-20 1:22 ` Suanming Mou
2023-06-20 1:23 ` Suanming Mou
2023-06-20 1:23 ` [PATCH v3 1/9] common/mlx5: export memory region lookup by address Suanming Mou
2023-06-20 1:23 ` [PATCH v3 2/9] crypto/mlx5: split AES-XTS Suanming Mou
2023-06-20 1:23 ` [PATCH v3 3/9] crypto/mlx5: add AES-GCM query and initialization Suanming Mou
2023-06-20 1:23 ` [PATCH v3 4/9] crypto/mlx5: add AES-GCM encryption key Suanming Mou
2023-06-20 1:23 ` [PATCH v3 5/9] crypto/mlx5: add AES-GCM session configure Suanming Mou
2023-06-20 1:23 ` [PATCH v3 6/9] common/mlx5: add WQE-based QP synchronous basics Suanming Mou
2023-06-20 1:23 ` [PATCH v3 7/9] crypto/mlx5: add queue pair setup for GCM Suanming Mou
2023-06-20 1:23 ` [PATCH v3 8/9] crypto/mlx5: add enqueue and dequeue operations Suanming Mou
2023-06-20 1:23 ` [PATCH v3 9/9] crypto/mlx5: enable AES-GCM capability Suanming Mou
2023-06-20 9:25 ` [EXT] " Akhil Goyal
2023-06-20 9:42 ` Suanming Mou
2023-06-20 9:48 ` Akhil Goyal
2023-06-20 9:56 ` Suanming Mou
2023-06-20 9:55 ` [PATCH v2 0/9] crypto/mlx5: support AES-GCM Suanming Mou
2023-06-20 9:58 ` Akhil Goyal
2023-06-20 10:03 ` Suanming Mou
2023-06-20 13:52 ` Matan Azrad
2023-06-20 14:11 ` [PATCH v4 " Suanming Mou
2023-06-20 14:11 ` [PATCH v4 1/9] common/mlx5: export memory region lookup by address Suanming Mou
2023-06-20 14:11 ` [PATCH v4 2/9] crypto/mlx5: split AES-XTS Suanming Mou
2023-06-20 14:11 ` [PATCH v4 3/9] crypto/mlx5: add AES-GCM query and initialization Suanming Mou
2023-06-20 14:11 ` [PATCH v4 4/9] crypto/mlx5: add AES-GCM encryption key Suanming Mou
2023-06-20 14:11 ` Suanming Mou [this message]
2023-06-20 14:11 ` [PATCH v4 6/9] common/mlx5: add WQE-based QP synchronous basics Suanming Mou
2023-06-20 14:11 ` [PATCH v4 7/9] crypto/mlx5: add queue pair setup for GCM Suanming Mou
2023-06-20 14:11 ` [PATCH v4 8/9] crypto/mlx5: add enqueue and dequeue operations Suanming Mou
2023-06-20 14:11 ` [PATCH v4 9/9] crypto/mlx5: enable AES-GCM capability Suanming Mou
2023-06-20 18:49 ` [EXT] [PATCH v4 0/9] crypto/mlx5: support AES-GCM Akhil Goyal
2023-06-23 9:31 ` Thomas Monjalon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230620141115.841226-6-suanmingm@nvidia.com \
--to=suanmingm@nvidia.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
--cc=matan@nvidia.com \
--cc=orika@nvidia.com \
--cc=rasland@nvidia.com \
--cc=viacheslavo@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).