bus/vdev: move code from EAL into a new driver

Move the vdev bus from lib/librte_eal to drivers/bus.

As the crypto vdev helper function refers to data structure
in rte_vdev.h, so we move those help

bus/vdev: move code from EAL into a new driver

Move the vdev bus from lib/librte_eal to drivers/bus.

As the crypto vdev helper function refers to data structure
in rte_vdev.h, so we move those helper function into drivers/bus
too.

Signed-off-by: Jianfeng Tan <jianfeng.tan@intel.com>

show more ...

cryptodev: break dependency on virtual device bus

Removes any dependency of librte_cryptodev on the virtual device
infrastructure code and removes the functions which were virtual
device specific.

cryptodev: break dependency on virtual device bus

Removes any dependency of librte_cryptodev on the virtual device
infrastructure code and removes the functions which were virtual
device specific.

Updates all virtual PMDs to remove dependencies on rte_cryptodev_vdev.h
and replaces those calls with the new bus independent functions.

Due to these changes, the cryptodev ABI version gets bumped.

Signed-off-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Tested-by: Tomasz Duszynski <tdu@semihalf.com>

show more ...

crypto/openssl: support AES-CCM

Add support to AES-CCM, for 128, 192 and 256-bit keys.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>

crypto/openssl: init GCM key at session creation

When creating a session for AES-GCM, since the key is going
to be constant, the OpenSSL context can initialize the key
at that moment, leaving the se

crypto/openssl: init GCM key at session creation

When creating a session for AES-GCM, since the key is going
to be constant, the OpenSSL context can initialize the key
at that moment, leaving the setting of the IV for the
operation handling.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>

show more ...

crypto/openssl: fix AEAD parameters

When using AES-GCM with OpenSSL, cipher direction
and authentication operation were being set incorrectly,
as the PMD was looking at the cipher and authentication

crypto/openssl: fix AEAD parameters

When using AES-GCM with OpenSSL, cipher direction
and authentication operation were being set incorrectly,
as the PMD was looking at the cipher and authentication
transform, instead of the new AEAD.

Fixes: b79e4c00af0e ("cryptodev: use AES-GCM/CCM as AEAD algorithms")
Cc: stable@dpdk.org

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>

show more ...

crypto/openssl: support DES-CBC

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>

crypto/openssl: do not append digest

When performing an authentication verification,
the PMD was using memory at the end of the input buffer,
to store temporarily the digest.
This operation requires

crypto/openssl: do not append digest

When performing an authentication verification,
the PMD was using memory at the end of the input buffer,
to store temporarily the digest.
This operation requires the buffer to have enough
tailroom unnecessarily.
Instead, memory is allocated for each queue pair, to store
temporarily the digest generated by the driver, so it can
be compared with the one provided in the crypto operation,
without needing to touch the input buffer.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>

show more ...

cryptodev: allocate driver structure statically

When register a crypto driver, a cryptodev driver
structure was being allocated, using malloc.
Since this call may fail, it is safer to allocate
this

cryptodev: allocate driver structure statically

When register a crypto driver, a cryptodev driver
structure was being allocated, using malloc.
Since this call may fail, it is safer to allocate
this memory statically in each PMD, so driver registration
will never fail.

Coverity issue: 158645
Fixes: 7a364faef185 ("cryptodev: remove crypto device type enumeration")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Reviewed-by: Kirill Rybalchenko <kirill.rybalchenko@intel.com>

show more ...

crypto/openssl: update key and algo during session init

Key and algo are added in the openssl ctx during
session initialization instead of adding it for
each packet, since it remains constant for th

crypto/openssl: update key and algo during session init

Key and algo are added in the openssl ctx during
session initialization instead of adding it for
each packet, since it remains constant for that session,
improving the performance.

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Reviewed-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

show more ...

crypto/openssl: replace evp APIs with HMAC APIs

in case of HMAC the openssl APIs HMAC_XXX give
better performance for all HMAC cases as compared with
EVP_XXX

Signed-off-by: Akhil Goyal <akhil.goyal

crypto/openssl: replace evp APIs with HMAC APIs

in case of HMAC the openssl APIs HMAC_XXX give
better performance for all HMAC cases as compared with
EVP_XXX

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Reviewed-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

show more ...

cryptodev: fix session init return value

When calling rte_cryptodev_sym_session_init(),
if there was an error, it returned -1, instead
of returning the specific error code, which can
be valuable for

cryptodev: fix session init return value

When calling rte_cryptodev_sym_session_init(),
if there was an error, it returned -1, instead
of returning the specific error code, which can
be valuable for the application for error handling.

Fixes: b3bbd9e5f265 ("cryptodev: support device independent sessions")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

show more ...

crypto/openssl: fix typo

Fixes: b79e4c00af0e ("cryptodev: use AES-GCM/CCM as AEAD algorithms")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

cryptodev: rename ADD field

Additional Authenticated Data (AAD) is called "aad" in most
places of cryptodev, but it was called "add_auth_data"
in the AEAD transform transform (aead_xform).

This fie

cryptodev: rename ADD field

Additional Authenticated Data (AAD) is called "aad" in most
places of cryptodev, but it was called "add_auth_data"
in the AEAD transform transform (aead_xform).

This field is renamed to "aad_length" in order to keep
consistency.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

show more ...

cryptodev: support device independent sessions

Change crypto device's session management to make it
device independent and simplify architecture when session
is intended to be used on more than one

cryptodev: support device independent sessions

Change crypto device's session management to make it
device independent and simplify architecture when session
is intended to be used on more than one device.

Sessions private data is agnostic to underlying device
by adding an indirection in the sessions private data
using the crypto driver identifier.
A single session can contain indirections to multiple device types.

New function rte_cryptodev_sym_session_init has been created,
to initialize the driver private session data per driver to be
used on a same session, and rte_cryptodev_sym_session_clear
to clear this data before calling rte_cryptodev_sym_session_free.

Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

show more ...

cryptodev: remove driver id from session

Since crypto session will not be attached to a specific
device or driver, the field driver_id is not required
anymore (only used to check that a session was

cryptodev: remove driver id from session

Since crypto session will not be attached to a specific
device or driver, the field driver_id is not required
anymore (only used to check that a session was being
handled by the right device).

Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

show more ...

cryptodev: remove crypto device type enumeration

Changes device type identification to be based on a unique
driver id replacing the current device type enumeration, which needed
library changes ever

cryptodev: remove crypto device type enumeration

Changes device type identification to be based on a unique
driver id replacing the current device type enumeration, which needed
library changes every time a new crypto driver was added.

The driver id is assigned dynamically during driver registration using
the new macro RTE_PMD_REGISTER_CRYPTO_DRIVER which returns a unique
uint8_t identifier for that driver. New APIs are also introduced
to allow retrieval of the driver id using the driver name.

Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

show more ...

cryptodev: remove AAD from authentication structure

Now that AAD is only used in AEAD algorithms,
there is no need to keep AAD in the authentication
structure.

Signed-off-by: Pablo de Lara <pablo.d

cryptodev: remove AAD from authentication structure

Now that AAD is only used in AEAD algorithms,
there is no need to keep AAD in the authentication
structure.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

show more ...

cryptodev: use AES-GCM/CCM as AEAD algorithms

Now that all the structures/functions for AEAD algorithms
are in place, migrate the two supported algorithms
AES-GCM and AES-CCM to these, instead of us

cryptodev: use AES-GCM/CCM as AEAD algorithms

Now that all the structures/functions for AEAD algorithms
are in place, migrate the two supported algorithms
AES-GCM and AES-CCM to these, instead of using
cipher and authentication parameters.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

show more ...

cryptodev: set AES-GMAC as auth-only algo

AES-GMAC is an authentication algorithm, based on AES-GCM
without encryption. To simplify its usage, now it can be used
setting the authentication parameter

cryptodev: set AES-GMAC as auth-only algo

AES-GMAC is an authentication algorithm, based on AES-GCM
without encryption. To simplify its usage, now it can be used
setting the authentication parameters, without requiring
to concatenate a ciphering transform.

Therefore, it is not required to set AAD, but authentication
data length and offset, giving the user the option
to have Scatter-Gather List in the input buffer,
as long as the driver supports it.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

show more ...

cryptodev: remove digest length from crypto op

Digest length was duplicated in the authentication transform
and the crypto operation structures.

Since digest length is not expected to change in a s

cryptodev: remove digest length from crypto op

Digest length was duplicated in the authentication transform
and the crypto operation structures.

Since digest length is not expected to change in a same
session, it is removed from the crypto operation.

Also, the length has been shrunk to 16 bits,
which should be sufficient for any digest.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

show more ...

cryptodev: remove AAD length from crypto op

Additional authenticated data (AAD) information was duplicated
in the authentication transform and in the crypto
operation structures.

Since AAD length i

cryptodev: remove AAD length from crypto op

Additional authenticated data (AAD) information was duplicated
in the authentication transform and in the crypto
operation structures.

Since AAD length is not meant to be changed in a same session,
it is removed from the crypto operation structure.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

show more ...

cryptodev: move IV parameters to session

Since IV parameters (offset and length) should not
change for operations in the same session, these parameters
are moved to the crypto transform structure, s

cryptodev: move IV parameters to session

Since IV parameters (offset and length) should not
change for operations in the same session, these parameters
are moved to the crypto transform structure, so they will
be stored in the sessions.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

show more ...

cryptodev: pass IV as offset

Since IV now is copied after the crypto operation, in
its private size, IV can be passed only with offset
and length.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch

cryptodev: pass IV as offset

Since IV now is copied after the crypto operation, in
its private size, IV can be passed only with offset
and length.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

show more ...

cryptodev: move session type to generic crypto op

Session type (operation with or without session) is not
something specific to symmetric operations.
Therefore, the variable is moved to the generic

cryptodev: move session type to generic crypto op

Session type (operation with or without session) is not
something specific to symmetric operations.
Therefore, the variable is moved to the generic crypto operation
structure.

Since this is an ABI change, the cryptodev library version
gets bumped.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

show more ...

cryptodev: move vdev functions to a separate file

Move all functions handling virtual devices to a separate
header file "rte_cryptodev_vdev.h", in order to leave only
generic functions for any devic

cryptodev: move vdev functions to a separate file

Move all functions handling virtual devices to a separate
header file "rte_cryptodev_vdev.h", in order to leave only
generic functions for any device in the rest of the files.

It also creates the file "rte_cryptodev_pmd.c", with the
implementations of these functions.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

show more ...