From: root <root@localhost.localdomain>
Add crypto capabilities scope for zsda device.
Signed-off-by: Hanxiao Li <li.hanxiao@zte.com.cn>
---
doc/guides/compressdevs/zsda.rst | 9 ++
doc/guides/cryptodevs/features/zsda.ini | 19 +++-
doc/guides/cryptodevs/zsda.rst | 24 +++++
doc/guides/rel_notes/release_25_03.rst | 5 +
drivers/crypto/zsda/zsda_sym_capabilities.h | 111 ++++++++++++++++++++
drivers/crypto/zsda/zsda_sym_pmd.c | 29 ++++-
6 files changed, 193 insertions(+), 4 deletions(-)
create mode 100644 drivers/crypto/zsda/zsda_sym_capabilities.h
diff --git a/doc/guides/compressdevs/zsda.rst b/doc/guides/compressdevs/zsda.rst
index 25b7884535..34cbf235af 100644
--- a/doc/guides/compressdevs/zsda.rst
+++ b/doc/guides/compressdevs/zsda.rst
@@ -174,6 +174,15 @@ e.g. for the 1cf2 device::
Use ``modprobe vfio-pci disable_denylist=1`` from kernel 5.9 onwards.
+Building DPDK
+-------------
+
+The following commands can be used to build DPDK on a system::
+
+ meson setup build
+ ninja -C build
+
+
Testing
-------
diff --git a/doc/guides/cryptodevs/features/zsda.ini b/doc/guides/cryptodevs/features/zsda.ini
index 55c573adb0..b0f10f8de9 100644
--- a/doc/guides/cryptodevs/features/zsda.ini
+++ b/doc/guides/cryptodevs/features/zsda.ini
@@ -4,19 +4,32 @@
; Refer to default.ini for the full list of available PMD features.
;
[Features]
-
+Symmetric crypto = Y
+HW Accelerated = Y
+In Place SGL = Y
+OOP SGL In SGL Out = Y
+OOP SGL In LB Out = Y
+OOP LB In SGL Out = Y
+OOP LB In LB Out = Y
;
; Supported crypto algorithms of the 'zsda' crypto driver.
;
[Cipher]
-
+AES XTS (128) = Y
+AES XTS (256) = Y
+SM4 XTS = Y
;
; Supported authentication algorithms of the 'zsda' crypto driver.
;
[Auth]
-
+SHA1 = Y
+SHA224 = Y
+SHA256 = Y
+SHA384 = Y
+SHA512 = Y
+SM3 = Y
;
diff --git a/doc/guides/cryptodevs/zsda.rst b/doc/guides/cryptodevs/zsda.rst
index 0f163de93f..8824ee8949 100644
--- a/doc/guides/cryptodevs/zsda.rst
+++ b/doc/guides/cryptodevs/zsda.rst
@@ -13,10 +13,34 @@ support for the following hardware accelerator devices:
Features
--------
+The ZSDA SYM PMD has support for:
+
+Cipher algorithms:
+
+* ``RTE_CRYPTO_CIPHER_AES_XTS``
+* ``RTE_CRYPTO_CIPHER_SM4_XTS``
+
+Hash algorithms:
+
+* ``RTE_CRYPTO_AUTH_SHA1``
+* ``RTE_CRYPTO_AUTH_SHA224``
+* ``RTE_CRYPTO_AUTH_SHA256``
+* ``RTE_CRYPTO_AUTH_SHA384``
+* ``RTE_CRYPTO_AUTH_SHA512``
+* ``RTE_CRYPTO_AUTH_SM3``
+
Limitations
------------
+* Only supports the session-oriented API implementation (session-less APIs are
+ not supported).
+* No BSD and Windows support.
+* Queue-pairs are thread-safe on Intel CPUs but Queues are not (that is, within
+ a single queue-pair all enqueues to the TX queue must be done from one thread
+ and all dequeues from the RX queue must be done from one thread, but enqueues
+ and dequeues may be done in different threads.)
+
Installation
------------
diff --git a/doc/guides/rel_notes/release_25_03.rst b/doc/guides/rel_notes/release_25_03.rst
index 8867a4bd74..b6fe177509 100644
--- a/doc/guides/rel_notes/release_25_03.rst
+++ b/doc/guides/rel_notes/release_25_03.rst
@@ -151,6 +151,11 @@ New Features
See the :doc:`../compressdevs/zsda` guide for more details on the new driver.
+ Added a crypto driver for ZSDA devices
+ to support some encrypt, decrypt and hash algorithm.
+
+ See the :doc:`../cryptodevs/zsda` guide for more details on the new driver.
+
Removed Items
-------------
diff --git a/drivers/crypto/zsda/zsda_sym_capabilities.h b/drivers/crypto/zsda/zsda_sym_capabilities.h
new file mode 100644
index 0000000000..0669ae1a24
--- /dev/null
+++ b/drivers/crypto/zsda/zsda_sym_capabilities.h
@@ -0,0 +1,111 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2024 ZTE Corporation
+ */
+
+#ifndef _ZSDA_SYM_CAPABILITIES_H_
+#define _ZSDA_SYM_CAPABILITIES_H_
+
+static const struct rte_cryptodev_capabilities zsda_crypto_sym_capabilities[] = {
+ {/* SHA1 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ { .auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA1,
+ .block_size = 64,
+ .key_size = {.min = 0, .max = 0, .increment = 0},
+ .digest_size = {.min = 20, .max = 20, .increment = 2},
+ .iv_size = {0} },
+ } },
+ }
+ },
+ {/* SHA224 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ { .auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA224,
+ .block_size = 64,
+ .key_size = {.min = 0, .max = 0, .increment = 0},
+ .digest_size = {.min = 28, .max = 28, .increment = 0},
+ .iv_size = {0} },
+ } },
+ }
+ },
+ {/* SHA256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ { .auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA256,
+ .block_size = 64,
+ .key_size = {.min = 0, .max = 0, .increment = 0},
+ .digest_size = {.min = 32, .max = 32, .increment = 0},
+ .iv_size = {0} },
+ } },
+ }
+ },
+ {/* SHA384 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ { .auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA384,
+ .block_size = 128,
+ .key_size = {.min = 0, .max = 0, .increment = 0},
+ .digest_size = {.min = 48, .max = 48, .increment = 0},
+ .iv_size = {0} },
+ } },
+ }
+ },
+ {/* SHA512 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ { .auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA512,
+ .block_size = 128,
+ .key_size = {.min = 0, .max = 0, .increment = 0},
+ .digest_size = {.min = 64, .max = 64, .increment = 0},
+ .iv_size = {0} },
+ } },
+ }
+ },
+ {/* SM3 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ { .auth = {
+ .algo = RTE_CRYPTO_AUTH_SM3,
+ .block_size = 64,
+ .key_size = {.min = 0, .max = 0, .increment = 0},
+ .digest_size = {.min = 32, .max = 32, .increment = 0},
+ .iv_size = {0} },
+ } },
+ }
+ },
+ {/* AES XTS */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ { .cipher = {
+ .algo = RTE_CRYPTO_CIPHER_AES_XTS,
+ .block_size = 16,
+ .key_size = {.min = 32, .max = 64, .increment = 32},
+ .iv_size = {.min = 16, .max = 16, .increment = 0} },
+ } },
+ }
+ },
+ {/* SM4 XTS */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ { .cipher = {
+ .algo = RTE_CRYPTO_CIPHER_SM4_XTS,
+ .block_size = 16,
+ .key_size = {.min = 32, .max = 32, .increment = 0},
+ .iv_size = {.min = 16, .max = 16, .increment = 0} },
+ } },
+ }
+ }
+};
+#endif /* _ZSDA_SYM_CAPABILITIES_H_ */
diff --git a/drivers/crypto/zsda/zsda_sym_pmd.c b/drivers/crypto/zsda/zsda_sym_pmd.c
index a3d0bac7a0..e65cdd2af6 100644
--- a/drivers/crypto/zsda/zsda_sym_pmd.c
+++ b/drivers/crypto/zsda/zsda_sym_pmd.c
@@ -7,6 +7,7 @@
#include "zsda_sym_pmd.h"
#include "zsda_sym_session.h"
#include "zsda_sym.h"
+#include "zsda_sym_capabilities.h"
uint8_t zsda_sym_driver_id;
@@ -261,8 +262,11 @@ zsda_sym_dev_create(struct zsda_pci_device *zsda_pci_dev)
.private_data_size = sizeof(struct zsda_sym_dev_private)};
char name[RTE_CRYPTODEV_NAME_MAX_LEN];
+ char capa_memz_name[RTE_COMPRESSDEV_NAME_MAX_LEN];
struct rte_cryptodev *cryptodev;
struct zsda_sym_dev_private *sym_dev_priv;
+ const struct rte_cryptodev_capabilities *capabilities;
+ uint64_t capa_size;
snprintf(name, RTE_CRYPTODEV_NAME_MAX_LEN, "%s_%s", zsda_pci_dev->name,
"sym_encrypt");
@@ -289,11 +293,34 @@ zsda_sym_dev_create(struct zsda_pci_device *zsda_pci_dev)
cryptodev->enqueue_burst = zsda_sym_pmd_enqueue_op_burst;
cryptodev->dequeue_burst = zsda_sym_pmd_dequeue_op_burst;
- cryptodev->feature_flags = 0;
+ cryptodev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
+ RTE_CRYPTODEV_FF_SYM_SESSIONLESS |
+ RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT |
+ RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT |
+ RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
+ RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |
+ RTE_CRYPTODEV_FF_HW_ACCELERATED;
+ capabilities = zsda_crypto_sym_capabilities;
sym_dev_priv = cryptodev->data->dev_private;
sym_dev_priv->zsda_pci_dev = zsda_pci_dev;
sym_dev_priv->cryptodev = cryptodev;
+ capa_size = sizeof(zsda_crypto_sym_capabilities);
+
+ snprintf(capa_memz_name, RTE_CRYPTODEV_NAME_MAX_LEN, "ZSDA_SYM_CAPA");
+
+ sym_dev_priv->capa_mz = rte_memzone_lookup(capa_memz_name);
+ if (sym_dev_priv->capa_mz == NULL)
+ sym_dev_priv->capa_mz = rte_memzone_reserve(
+ capa_memz_name, capa_size, rte_socket_id(), 0);
+
+ if (sym_dev_priv->capa_mz == NULL) {
+ ZSDA_LOG(ERR, "Failed! sym_dev_priv->capa_mz");
+ goto error;
+ }
+
+ memcpy(sym_dev_priv->capa_mz->addr, capabilities, capa_size);
+ sym_dev_priv->zsda_dev_capabilities = sym_dev_priv->capa_mz->addr;
zsda_pci_dev->sym_dev_priv = sym_dev_priv;
--
2.27.0