Add crypto capabilities scope for zsda device. Signed-off-by: Hanxiao Li --- doc/guides/cryptodevs/features/zsda.ini | 19 +++- doc/guides/cryptodevs/zsda.rst | 24 +++++ doc/guides/rel_notes/release_25_03.rst | 5 + drivers/crypto/zsda/zsda_sym_capabilities.h | 111 ++++++++++++++++++++ drivers/crypto/zsda/zsda_sym_pmd.c | 29 ++++- 5 files changed, 184 insertions(+), 4 deletions(-) create mode 100644 drivers/crypto/zsda/zsda_sym_capabilities.h diff --git a/doc/guides/cryptodevs/features/zsda.ini b/doc/guides/cryptodevs/features/zsda.ini index 55c573adb0..b0f10f8de9 100644 --- a/doc/guides/cryptodevs/features/zsda.ini +++ b/doc/guides/cryptodevs/features/zsda.ini @@ -4,19 +4,32 @@ ; Refer to default.ini for the full list of available PMD features. ; [Features] - +Symmetric crypto = Y +HW Accelerated = Y +In Place SGL = Y +OOP SGL In SGL Out = Y +OOP SGL In LB Out = Y +OOP LB In SGL Out = Y +OOP LB In LB Out = Y ; ; Supported crypto algorithms of the 'zsda' crypto driver. ; [Cipher] - +AES XTS (128) = Y +AES XTS (256) = Y +SM4 XTS = Y ; ; Supported authentication algorithms of the 'zsda' crypto driver. ; [Auth] - +SHA1 = Y +SHA224 = Y +SHA256 = Y +SHA384 = Y +SHA512 = Y +SM3 = Y ; diff --git a/doc/guides/cryptodevs/zsda.rst b/doc/guides/cryptodevs/zsda.rst index 5373b39a2a..f5596dff16 100644 --- a/doc/guides/cryptodevs/zsda.rst +++ b/doc/guides/cryptodevs/zsda.rst @@ -13,10 +13,34 @@ support for the following hardware accelerator devices: Features -------- +The ZSDA SYM PMD has support for: + +Cipher algorithms: + +* ``RTE_CRYPTO_CIPHER_AES_XTS`` +* ``RTE_CRYPTO_CIPHER_SM4_XTS`` + +Hash algorithms: + +* ``RTE_CRYPTO_AUTH_SHA1`` +* ``RTE_CRYPTO_AUTH_SHA224`` +* ``RTE_CRYPTO_AUTH_SHA256`` +* ``RTE_CRYPTO_AUTH_SHA384`` +* ``RTE_CRYPTO_AUTH_SHA512`` +* ``RTE_CRYPTO_AUTH_SM3`` + Limitations ------------ +* Only supports the session-oriented API implementation (session-less APIs are + not supported). +* No BSD and Windows support. +* Queue-pairs are thread-safe on Intel CPUs but Queues are not (that is, within + a single queue-pair all enqueues to the TX queue must be done from one thread + and all dequeues from the RX queue must be done from one thread, but enqueues + and dequeues may be done in different threads.) + Installation ------------ diff --git a/doc/guides/rel_notes/release_25_03.rst b/doc/guides/rel_notes/release_25_03.rst index 8867a4bd74..b6fe177509 100644 --- a/doc/guides/rel_notes/release_25_03.rst +++ b/doc/guides/rel_notes/release_25_03.rst @@ -151,6 +151,11 @@ New Features See the :doc:`../compressdevs/zsda` guide for more details on the new driver. + Added a crypto driver for ZSDA devices + to support some encrypt, decrypt and hash algorithm. + + See the :doc:`../cryptodevs/zsda` guide for more details on the new driver. + Removed Items ------------- diff --git a/drivers/crypto/zsda/zsda_sym_capabilities.h b/drivers/crypto/zsda/zsda_sym_capabilities.h new file mode 100644 index 0000000000..3c890f8fa7 --- /dev/null +++ b/drivers/crypto/zsda/zsda_sym_capabilities.h @@ -0,0 +1,111 @@ +/* SPDX-License-Identifier: BSD-3-Clause + * Copyright(c) 2025 ZTE Corporation + */ + +#ifndef _ZSDA_SYM_CAPABILITIES_H_ +#define _ZSDA_SYM_CAPABILITIES_H_ + +static const struct rte_cryptodev_capabilities zsda_crypto_sym_capabilities[] = { + {/* SHA1 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + { .sym = {.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + { .auth = { + .algo = RTE_CRYPTO_AUTH_SHA1, + .block_size = 64, + .key_size = {.min = 0, .max = 0, .increment = 0}, + .digest_size = {.min = 20, .max = 20, .increment = 2}, + .iv_size = {0} }, + } }, + } + }, + {/* SHA224 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + { .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + { .auth = { + .algo = RTE_CRYPTO_AUTH_SHA224, + .block_size = 64, + .key_size = {.min = 0, .max = 0, .increment = 0}, + .digest_size = {.min = 28, .max = 28, .increment = 0}, + .iv_size = {0} }, + } }, + } + }, + {/* SHA256 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + { .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + { .auth = { + .algo = RTE_CRYPTO_AUTH_SHA256, + .block_size = 64, + .key_size = {.min = 0, .max = 0, .increment = 0}, + .digest_size = {.min = 32, .max = 32, .increment = 0}, + .iv_size = {0} }, + } }, + } + }, + {/* SHA384 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + { .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + { .auth = { + .algo = RTE_CRYPTO_AUTH_SHA384, + .block_size = 128, + .key_size = {.min = 0, .max = 0, .increment = 0}, + .digest_size = {.min = 48, .max = 48, .increment = 0}, + .iv_size = {0} }, + } }, + } + }, + {/* SHA512 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + { .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + { .auth = { + .algo = RTE_CRYPTO_AUTH_SHA512, + .block_size = 128, + .key_size = {.min = 0, .max = 0, .increment = 0}, + .digest_size = {.min = 64, .max = 64, .increment = 0}, + .iv_size = {0} }, + } }, + } + }, + {/* SM3 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + { .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + { .auth = { + .algo = RTE_CRYPTO_AUTH_SM3, + .block_size = 64, + .key_size = {.min = 0, .max = 0, .increment = 0}, + .digest_size = {.min = 32, .max = 32, .increment = 0}, + .iv_size = {0} }, + } }, + } + }, + {/* AES XTS */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + { .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + { .cipher = { + .algo = RTE_CRYPTO_CIPHER_AES_XTS, + .block_size = 16, + .key_size = {.min = 32, .max = 64, .increment = 32}, + .iv_size = {.min = 16, .max = 16, .increment = 0} }, + } }, + } + }, + {/* SM4 XTS */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + { .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + { .cipher = { + .algo = RTE_CRYPTO_CIPHER_SM4_XTS, + .block_size = 16, + .key_size = {.min = 32, .max = 32, .increment = 0}, + .iv_size = {.min = 16, .max = 16, .increment = 0} }, + } }, + } + } +}; +#endif /* _ZSDA_SYM_CAPABILITIES_H_ */ diff --git a/drivers/crypto/zsda/zsda_sym_pmd.c b/drivers/crypto/zsda/zsda_sym_pmd.c index 44c4521ba3..7c1d08cb58 100644 --- a/drivers/crypto/zsda/zsda_sym_pmd.c +++ b/drivers/crypto/zsda/zsda_sym_pmd.c @@ -7,6 +7,7 @@ #include "zsda_sym_pmd.h" #include "zsda_sym_session.h" #include "zsda_sym.h" +#include "zsda_sym_capabilities.h" uint8_t zsda_sym_driver_id; @@ -261,8 +262,11 @@ zsda_sym_dev_create(struct zsda_pci_device *zsda_pci_dev) .private_data_size = sizeof(struct zsda_sym_dev_private)}; char name[RTE_CRYPTODEV_NAME_MAX_LEN]; + char capa_memz_name[RTE_COMPRESSDEV_NAME_MAX_LEN]; struct rte_cryptodev *cryptodev; struct zsda_sym_dev_private *sym_dev_priv; + const struct rte_cryptodev_capabilities *capabilities; + uint64_t capa_size; snprintf(name, RTE_CRYPTODEV_NAME_MAX_LEN, "%s_%s", zsda_pci_dev->name, "sym_encrypt"); @@ -289,11 +293,34 @@ zsda_sym_dev_create(struct zsda_pci_device *zsda_pci_dev) cryptodev->enqueue_burst = zsda_sym_pmd_enqueue_op_burst; cryptodev->dequeue_burst = zsda_sym_pmd_dequeue_op_burst; - cryptodev->feature_flags = 0; + cryptodev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO | + RTE_CRYPTODEV_FF_SYM_SESSIONLESS | + RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT | + RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT | + RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT | + RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT | + RTE_CRYPTODEV_FF_HW_ACCELERATED; + capabilities = zsda_crypto_sym_capabilities; sym_dev_priv = cryptodev->data->dev_private; sym_dev_priv->zsda_pci_dev = zsda_pci_dev; sym_dev_priv->cryptodev = cryptodev; + capa_size = sizeof(zsda_crypto_sym_capabilities); + + snprintf(capa_memz_name, RTE_CRYPTODEV_NAME_MAX_LEN, "ZSDA_SYM_CAPA"); + + sym_dev_priv->capa_mz = rte_memzone_lookup(capa_memz_name); + if (sym_dev_priv->capa_mz == NULL) + sym_dev_priv->capa_mz = rte_memzone_reserve( + capa_memz_name, capa_size, rte_socket_id(), 0); + + if (sym_dev_priv->capa_mz == NULL) { + ZSDA_LOG(ERR, "Failed! sym_dev_priv->capa_mz"); + goto error; + } + + memcpy(sym_dev_priv->capa_mz->addr, capabilities, capa_size); + sym_dev_priv->zsda_dev_capabilities = sym_dev_priv->capa_mz->addr; zsda_pci_dev->sym_dev_priv = sym_dev_priv; -- 2.27.0