[dpdk-dev] [PATCH v2 0/6] Crypto API and device framework
Declan Doherty
declan.doherty at intel.com
Fri Oct 30 13:59:40 CET 2015
This series of patches defines a set of application burst oriented APIs for
asynchronous symmetric cryptographic functions within DPDK. It also contains a
poll mode driver cryptographic device framework for the implementation of
crypto devices within DPDK.
In the patch set we also have included 2 reference implementations of crypto
PMDs. Currently both implementations support AES128-CBC with
HMAC_SHA1/SHA256/SHA512 authentication operations. The first device is a purely
software PMD based on Intel's multi-buffer library, which utilises both
AES-NI instructions and vector operations to accelerate crypto operations and
the second PMD utilises Intel's Quick Assist Technology (on DH895xxC) to provide
hardware accelerated crypto operations.
The API set supports two functional modes of operation:
1, A session oriented mode. In this mode the user creates a crypto session
which defines all the immutable data required to perform a particular crypto
operation in advance, including cipher/hash algorithms and operations to be
performed as well as the keys to used etc. The session is then referenced by
the crypto operation data structure which is a data structure specific to each
mbuf. It is contains all mutable data about the cryto operation to be
performed, such as data offsets and lengths into the mbuf's data payload for
cipher and hash operations to be performed.
2, A session-less mode. In this mode the user is able to provision crypto
operations on an mbuf without the need to have a cached session created in
advance, but at the cost of entailing the overhead of calculating
authentication pre-computes and preforming key expansions in-line with the
crypto operation. The crypto xform chain is directly attached to the op struct
in this mode, so the op struct now contains all of the immutable crypto operation
parameters that would be normally set within a session. Once all mutable and
immutable parameters are set the crypto operation data structure can be attached
to the specified mbuf and enqueued on a specified crypto device for processing.
The patch set contains the following features:
- Crypto device APIs and device framework
- Implementation of a software crypto PMD based on multi-buffer library
- Implementation of a hardware crypto PMD baed on Intel QAT(DH895xxC)
- Unit and performance test's which give and example of utilising the crypto API's.
- Sample application which performs crypto operations on the IP payload of the
packets being forwarded
Current Status:
There is no support for chained mbuf's and as mentioned above the PMD's
have currently implemented support for AES128-CBC/AES256-CBC/AES512-CBC
and HMAC_SHA1/SHA256/SHA512.
v2:
- Introduces a new library to support attaching offload operations to a mbuf
- Remove unused APIs from cryptodev
- PMD code refactor due to new rte_mbuf_offload structure
- General bug fixes and code tidy up
Declan Doherty (6):
cryptodev: Initial DPDK Crypto APIs and device framework release
mbuf_offload: library to support attaching offloads to a mbuf
qat_crypto_pmd: Addition of a new QAT DPDK PMD.
aesni_mb_pmd: Initial implementation of multi buffer based crypto
device
app/test: add cryptodev unit and performance tests
l2fwd-crypto: crypto
app/test/Makefile | 3 +
app/test/test.c | 92 +-
app/test/test.h | 34 +-
app/test/test_cryptodev.c | 1924 ++++++++++++++++++++
app/test/test_cryptodev.h | 68 +
app/test/test_cryptodev_perf.c | 1449 +++++++++++++++
app/test/test_link_bonding.c | 6 +-
app/test/test_link_bonding_mode4.c | 7 +-
config/common_bsdapp | 37 +-
config/common_linuxapp | 36 +-
doc/api/doxy-api-index.md | 1 +
doc/api/doxy-api.conf | 1 +
doc/guides/cryptodevs/aesni_mb.rst | 76 +
doc/guides/cryptodevs/index.rst | 43 +
doc/guides/cryptodevs/qat.rst | 188 ++
doc/guides/index.rst | 1 +
drivers/Makefile | 1 +
drivers/crypto/Makefile | 38 +
drivers/crypto/aesni_mb/Makefile | 67 +
drivers/crypto/aesni_mb/aesni_mb_ops.h | 212 +++
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 790 ++++++++
drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 296 +++
drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h | 230 +++
drivers/crypto/aesni_mb/rte_pmd_aesni_version.map | 3 +
drivers/crypto/qat/Makefile | 63 +
.../qat/qat_adf/adf_transport_access_macros.h | 173 ++
drivers/crypto/qat/qat_adf/icp_qat_fw.h | 316 ++++
drivers/crypto/qat/qat_adf/icp_qat_fw_la.h | 404 ++++
drivers/crypto/qat/qat_adf/icp_qat_hw.h | 306 ++++
drivers/crypto/qat/qat_adf/qat_algs.h | 125 ++
drivers/crypto/qat/qat_adf/qat_algs_build_desc.c | 578 ++++++
drivers/crypto/qat/qat_crypto.c | 547 ++++++
drivers/crypto/qat/qat_crypto.h | 113 ++
drivers/crypto/qat/qat_logs.h | 78 +
drivers/crypto/qat/qat_qp.c | 416 +++++
drivers/crypto/qat/rte_pmd_qat_version.map | 3 +
drivers/crypto/qat/rte_qat_cryptodev.c | 130 ++
examples/l2fwd-crypto/Makefile | 50 +
examples/l2fwd-crypto/main.c | 1472 +++++++++++++++
lib/Makefile | 2 +
lib/librte_cryptodev/Makefile | 60 +
lib/librte_cryptodev/rte_crypto.h | 604 ++++++
lib/librte_cryptodev/rte_cryptodev.c | 1065 +++++++++++
lib/librte_cryptodev/rte_cryptodev.h | 619 +++++++
lib/librte_cryptodev/rte_cryptodev_pmd.h | 529 ++++++
lib/librte_cryptodev/rte_cryptodev_version.map | 41 +
lib/librte_eal/common/include/rte_common.h | 15 +
lib/librte_eal/common/include/rte_eal.h | 14 +
lib/librte_eal/common/include/rte_log.h | 1 +
lib/librte_eal/common/include/rte_memory.h | 14 +-
lib/librte_ether/rte_ethdev.c | 30 -
lib/librte_mbuf/rte_mbuf.h | 36 +-
lib/librte_mbuf_offload/Makefile | 52 +
lib/librte_mbuf_offload/rte_mbuf_offload.c | 100 +
lib/librte_mbuf_offload/rte_mbuf_offload.h | 289 +++
.../rte_mbuf_offload_version.map | 7 +
mk/rte.app.mk | 9 +
57 files changed, 13784 insertions(+), 80 deletions(-)
create mode 100644 app/test/test_cryptodev.c
create mode 100644 app/test/test_cryptodev.h
create mode 100644 app/test/test_cryptodev_perf.c
create mode 100644 doc/guides/cryptodevs/aesni_mb.rst
create mode 100644 doc/guides/cryptodevs/index.rst
create mode 100644 doc/guides/cryptodevs/qat.rst
create mode 100644 drivers/crypto/Makefile
create mode 100644 drivers/crypto/aesni_mb/Makefile
create mode 100644 drivers/crypto/aesni_mb/aesni_mb_ops.h
create mode 100644 drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
create mode 100644 drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
create mode 100644 drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
create mode 100644 drivers/crypto/aesni_mb/rte_pmd_aesni_version.map
create mode 100644 drivers/crypto/qat/Makefile
create mode 100644 drivers/crypto/qat/qat_adf/adf_transport_access_macros.h
create mode 100644 drivers/crypto/qat/qat_adf/icp_qat_fw.h
create mode 100644 drivers/crypto/qat/qat_adf/icp_qat_fw_la.h
create mode 100644 drivers/crypto/qat/qat_adf/icp_qat_hw.h
create mode 100644 drivers/crypto/qat/qat_adf/qat_algs.h
create mode 100644 drivers/crypto/qat/qat_adf/qat_algs_build_desc.c
create mode 100644 drivers/crypto/qat/qat_crypto.c
create mode 100644 drivers/crypto/qat/qat_crypto.h
create mode 100644 drivers/crypto/qat/qat_logs.h
create mode 100644 drivers/crypto/qat/qat_qp.c
create mode 100644 drivers/crypto/qat/rte_pmd_qat_version.map
create mode 100644 drivers/crypto/qat/rte_qat_cryptodev.c
create mode 100644 examples/l2fwd-crypto/Makefile
create mode 100644 examples/l2fwd-crypto/main.c
create mode 100644 lib/librte_cryptodev/Makefile
create mode 100644 lib/librte_cryptodev/rte_crypto.h
create mode 100644 lib/librte_cryptodev/rte_cryptodev.c
create mode 100644 lib/librte_cryptodev/rte_cryptodev.h
create mode 100644 lib/librte_cryptodev/rte_cryptodev_pmd.h
create mode 100644 lib/librte_cryptodev/rte_cryptodev_version.map
create mode 100644 lib/librte_mbuf_offload/Makefile
create mode 100644 lib/librte_mbuf_offload/rte_mbuf_offload.c
create mode 100644 lib/librte_mbuf_offload/rte_mbuf_offload.h
create mode 100644 lib/librte_mbuf_offload/rte_mbuf_offload_version.map
--
2.4.3
More information about the dev
mailing list