1 /*- 2 * BSD LICENSE 3 * 4 * Copyright(c) 2016-2017 Intel Corporation. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * * Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * * Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in 14 * the documentation and/or other materials provided with the 15 * distribution. 16 * * Neither the name of Intel Corporation nor the names of its 17 * contributors may be used to endorse or promote products derived 18 * from this software without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 23 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 #include <string.h> 34 35 #include <rte_common.h> 36 #include <rte_malloc.h> 37 #include <rte_cryptodev_pmd.h> 38 39 #include "rte_openssl_pmd_private.h" 40 41 42 static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = { 43 { /* MD5 HMAC */ 44 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 45 {.sym = { 46 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 47 {.auth = { 48 .algo = RTE_CRYPTO_AUTH_MD5_HMAC, 49 .block_size = 64, 50 .key_size = { 51 .min = 64, 52 .max = 64, 53 .increment = 0 54 }, 55 .digest_size = { 56 .min = 16, 57 .max = 16, 58 .increment = 0 59 }, 60 .aad_size = { 0 }, 61 .iv_size = { 0 } 62 }, } 63 }, } 64 }, 65 { /* MD5 */ 66 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 67 {.sym = { 68 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 69 {.auth = { 70 .algo = RTE_CRYPTO_AUTH_MD5, 71 .block_size = 64, 72 .key_size = { 73 .min = 0, 74 .max = 0, 75 .increment = 0 76 }, 77 .digest_size = { 78 .min = 16, 79 .max = 16, 80 .increment = 0 81 }, 82 .aad_size = { 0 }, 83 .iv_size = { 0 } 84 }, } 85 }, } 86 }, 87 { /* SHA1 HMAC */ 88 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 89 {.sym = { 90 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 91 {.auth = { 92 .algo = RTE_CRYPTO_AUTH_SHA1_HMAC, 93 .block_size = 64, 94 .key_size = { 95 .min = 64, 96 .max = 64, 97 .increment = 0 98 }, 99 .digest_size = { 100 .min = 20, 101 .max = 20, 102 .increment = 0 103 }, 104 .aad_size = { 0 }, 105 .iv_size = { 0 } 106 }, } 107 }, } 108 }, 109 { /* SHA1 */ 110 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 111 {.sym = { 112 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 113 {.auth = { 114 .algo = RTE_CRYPTO_AUTH_SHA1, 115 .block_size = 64, 116 .key_size = { 117 .min = 0, 118 .max = 0, 119 .increment = 0 120 }, 121 .digest_size = { 122 .min = 20, 123 .max = 20, 124 .increment = 0 125 }, 126 .aad_size = { 0 }, 127 .iv_size = { 0 } 128 }, } 129 }, } 130 }, 131 { /* SHA224 HMAC */ 132 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 133 {.sym = { 134 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 135 {.auth = { 136 .algo = RTE_CRYPTO_AUTH_SHA224_HMAC, 137 .block_size = 64, 138 .key_size = { 139 .min = 64, 140 .max = 64, 141 .increment = 0 142 }, 143 .digest_size = { 144 .min = 28, 145 .max = 28, 146 .increment = 0 147 }, 148 .aad_size = { 0 }, 149 .iv_size = { 0 } 150 }, } 151 }, } 152 }, 153 { /* SHA224 */ 154 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 155 {.sym = { 156 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 157 {.auth = { 158 .algo = RTE_CRYPTO_AUTH_SHA224, 159 .block_size = 64, 160 .key_size = { 161 .min = 0, 162 .max = 0, 163 .increment = 0 164 }, 165 .digest_size = { 166 .min = 28, 167 .max = 28, 168 .increment = 0 169 }, 170 .aad_size = { 0 }, 171 .iv_size = { 0 } 172 }, } 173 }, } 174 }, 175 { /* SHA256 HMAC */ 176 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 177 {.sym = { 178 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 179 {.auth = { 180 .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, 181 .block_size = 64, 182 .key_size = { 183 .min = 64, 184 .max = 64, 185 .increment = 0 186 }, 187 .digest_size = { 188 .min = 32, 189 .max = 32, 190 .increment = 0 191 }, 192 .aad_size = { 0 }, 193 .iv_size = { 0 } 194 }, } 195 }, } 196 }, 197 { /* SHA256 */ 198 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 199 {.sym = { 200 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 201 {.auth = { 202 .algo = RTE_CRYPTO_AUTH_SHA256, 203 .block_size = 64, 204 .key_size = { 205 .min = 0, 206 .max = 0, 207 .increment = 0 208 }, 209 .digest_size = { 210 .min = 32, 211 .max = 32, 212 .increment = 0 213 }, 214 .aad_size = { 0 }, 215 .iv_size = { 0 } 216 }, } 217 }, } 218 }, 219 { /* SHA384 HMAC */ 220 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 221 {.sym = { 222 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 223 {.auth = { 224 .algo = RTE_CRYPTO_AUTH_SHA384_HMAC, 225 .block_size = 128, 226 .key_size = { 227 .min = 128, 228 .max = 128, 229 .increment = 0 230 }, 231 .digest_size = { 232 .min = 48, 233 .max = 48, 234 .increment = 0 235 }, 236 .aad_size = { 0 }, 237 .iv_size = { 0 } 238 }, } 239 }, } 240 }, 241 { /* SHA384 */ 242 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 243 {.sym = { 244 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 245 {.auth = { 246 .algo = RTE_CRYPTO_AUTH_SHA384, 247 .block_size = 128, 248 .key_size = { 249 .min = 0, 250 .max = 0, 251 .increment = 0 252 }, 253 .digest_size = { 254 .min = 48, 255 .max = 48, 256 .increment = 0 257 }, 258 .aad_size = { 0 }, 259 .iv_size = { 0 } 260 }, } 261 }, } 262 }, 263 { /* SHA512 HMAC */ 264 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 265 {.sym = { 266 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 267 {.auth = { 268 .algo = RTE_CRYPTO_AUTH_SHA512_HMAC, 269 .block_size = 128, 270 .key_size = { 271 .min = 128, 272 .max = 128, 273 .increment = 0 274 }, 275 .digest_size = { 276 .min = 64, 277 .max = 64, 278 .increment = 0 279 }, 280 .aad_size = { 0 }, 281 .iv_size = { 0 } 282 }, } 283 }, } 284 }, 285 { /* SHA512 */ 286 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 287 {.sym = { 288 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 289 {.auth = { 290 .algo = RTE_CRYPTO_AUTH_SHA512, 291 .block_size = 128, 292 .key_size = { 293 .min = 0, 294 .max = 0, 295 .increment = 0 296 }, 297 .digest_size = { 298 .min = 64, 299 .max = 64, 300 .increment = 0 301 }, 302 .aad_size = { 0 }, 303 .iv_size = { 0 } 304 }, } 305 }, } 306 }, 307 { /* AES CBC */ 308 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 309 {.sym = { 310 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 311 {.cipher = { 312 .algo = RTE_CRYPTO_CIPHER_AES_CBC, 313 .block_size = 16, 314 .key_size = { 315 .min = 16, 316 .max = 32, 317 .increment = 8 318 }, 319 .iv_size = { 320 .min = 16, 321 .max = 16, 322 .increment = 0 323 } 324 }, } 325 }, } 326 }, 327 { /* AES CTR */ 328 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 329 {.sym = { 330 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 331 {.cipher = { 332 .algo = RTE_CRYPTO_CIPHER_AES_CTR, 333 .block_size = 16, 334 .key_size = { 335 .min = 16, 336 .max = 32, 337 .increment = 8 338 }, 339 .iv_size = { 340 .min = 16, 341 .max = 16, 342 .increment = 0 343 } 344 }, } 345 }, } 346 }, 347 { /* AES GCM */ 348 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 349 {.sym = { 350 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD, 351 {.aead = { 352 .algo = RTE_CRYPTO_AEAD_AES_GCM, 353 .block_size = 16, 354 .key_size = { 355 .min = 16, 356 .max = 32, 357 .increment = 8 358 }, 359 .digest_size = { 360 .min = 16, 361 .max = 16, 362 .increment = 0 363 }, 364 .aad_size = { 365 .min = 0, 366 .max = 65535, 367 .increment = 1 368 }, 369 .iv_size = { 370 .min = 12, 371 .max = 16, 372 .increment = 4 373 }, 374 }, } 375 }, } 376 }, 377 { /* AES GMAC (AUTH) */ 378 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 379 {.sym = { 380 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 381 {.auth = { 382 .algo = RTE_CRYPTO_AUTH_AES_GMAC, 383 .block_size = 16, 384 .key_size = { 385 .min = 16, 386 .max = 32, 387 .increment = 8 388 }, 389 .digest_size = { 390 .min = 16, 391 .max = 16, 392 .increment = 0 393 }, 394 .iv_size = { 395 .min = 12, 396 .max = 16, 397 .increment = 4 398 } 399 }, } 400 }, } 401 }, 402 { /* 3DES CBC */ 403 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 404 {.sym = { 405 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 406 {.cipher = { 407 .algo = RTE_CRYPTO_CIPHER_3DES_CBC, 408 .block_size = 8, 409 .key_size = { 410 .min = 16, 411 .max = 24, 412 .increment = 8 413 }, 414 .iv_size = { 415 .min = 8, 416 .max = 8, 417 .increment = 0 418 } 419 }, } 420 }, } 421 }, 422 { /* 3DES CTR */ 423 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 424 {.sym = { 425 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 426 {.cipher = { 427 .algo = RTE_CRYPTO_CIPHER_3DES_CTR, 428 .block_size = 8, 429 .key_size = { 430 .min = 16, 431 .max = 24, 432 .increment = 8 433 }, 434 .iv_size = { 435 .min = 8, 436 .max = 8, 437 .increment = 0 438 } 439 }, } 440 }, } 441 }, 442 { /* DES DOCSIS BPI */ 443 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 444 {.sym = { 445 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 446 {.cipher = { 447 .algo = RTE_CRYPTO_CIPHER_DES_DOCSISBPI, 448 .block_size = 8, 449 .key_size = { 450 .min = 8, 451 .max = 8, 452 .increment = 0 453 }, 454 .iv_size = { 455 .min = 8, 456 .max = 8, 457 .increment = 0 458 } 459 }, } 460 }, } 461 }, 462 463 RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() 464 }; 465 466 467 /** Configure device */ 468 static int 469 openssl_pmd_config(__rte_unused struct rte_cryptodev *dev, 470 __rte_unused struct rte_cryptodev_config *config) 471 { 472 return 0; 473 } 474 475 /** Start device */ 476 static int 477 openssl_pmd_start(__rte_unused struct rte_cryptodev *dev) 478 { 479 return 0; 480 } 481 482 /** Stop device */ 483 static void 484 openssl_pmd_stop(__rte_unused struct rte_cryptodev *dev) 485 { 486 } 487 488 /** Close device */ 489 static int 490 openssl_pmd_close(__rte_unused struct rte_cryptodev *dev) 491 { 492 return 0; 493 } 494 495 496 /** Get device statistics */ 497 static void 498 openssl_pmd_stats_get(struct rte_cryptodev *dev, 499 struct rte_cryptodev_stats *stats) 500 { 501 int qp_id; 502 503 for (qp_id = 0; qp_id < dev->data->nb_queue_pairs; qp_id++) { 504 struct openssl_qp *qp = dev->data->queue_pairs[qp_id]; 505 506 stats->enqueued_count += qp->stats.enqueued_count; 507 stats->dequeued_count += qp->stats.dequeued_count; 508 509 stats->enqueue_err_count += qp->stats.enqueue_err_count; 510 stats->dequeue_err_count += qp->stats.dequeue_err_count; 511 } 512 } 513 514 /** Reset device statistics */ 515 static void 516 openssl_pmd_stats_reset(struct rte_cryptodev *dev) 517 { 518 int qp_id; 519 520 for (qp_id = 0; qp_id < dev->data->nb_queue_pairs; qp_id++) { 521 struct openssl_qp *qp = dev->data->queue_pairs[qp_id]; 522 523 memset(&qp->stats, 0, sizeof(qp->stats)); 524 } 525 } 526 527 528 /** Get device info */ 529 static void 530 openssl_pmd_info_get(struct rte_cryptodev *dev, 531 struct rte_cryptodev_info *dev_info) 532 { 533 struct openssl_private *internals = dev->data->dev_private; 534 535 if (dev_info != NULL) { 536 dev_info->dev_type = dev->dev_type; 537 dev_info->feature_flags = dev->feature_flags; 538 dev_info->capabilities = openssl_pmd_capabilities; 539 dev_info->max_nb_queue_pairs = internals->max_nb_qpairs; 540 dev_info->sym.max_nb_sessions = internals->max_nb_sessions; 541 } 542 } 543 544 /** Release queue pair */ 545 static int 546 openssl_pmd_qp_release(struct rte_cryptodev *dev, uint16_t qp_id) 547 { 548 if (dev->data->queue_pairs[qp_id] != NULL) { 549 rte_free(dev->data->queue_pairs[qp_id]); 550 dev->data->queue_pairs[qp_id] = NULL; 551 } 552 return 0; 553 } 554 555 /** set a unique name for the queue pair based on it's name, dev_id and qp_id */ 556 static int 557 openssl_pmd_qp_set_unique_name(struct rte_cryptodev *dev, 558 struct openssl_qp *qp) 559 { 560 unsigned int n = snprintf(qp->name, sizeof(qp->name), 561 "openssl_pmd_%u_qp_%u", 562 dev->data->dev_id, qp->id); 563 564 if (n > sizeof(qp->name)) 565 return -1; 566 567 return 0; 568 } 569 570 571 /** Create a ring to place processed operations on */ 572 static struct rte_ring * 573 openssl_pmd_qp_create_processed_ops_ring(struct openssl_qp *qp, 574 unsigned int ring_size, int socket_id) 575 { 576 struct rte_ring *r; 577 578 r = rte_ring_lookup(qp->name); 579 if (r) { 580 if (rte_ring_get_size(r) >= ring_size) { 581 OPENSSL_LOG_INFO( 582 "Reusing existing ring %s for processed ops", 583 qp->name); 584 return r; 585 } 586 587 OPENSSL_LOG_ERR( 588 "Unable to reuse existing ring %s for processed ops", 589 qp->name); 590 return NULL; 591 } 592 593 return rte_ring_create(qp->name, ring_size, socket_id, 594 RING_F_SP_ENQ | RING_F_SC_DEQ); 595 } 596 597 598 /** Setup a queue pair */ 599 static int 600 openssl_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id, 601 const struct rte_cryptodev_qp_conf *qp_conf, 602 int socket_id) 603 { 604 struct openssl_qp *qp = NULL; 605 606 /* Free memory prior to re-allocation if needed. */ 607 if (dev->data->queue_pairs[qp_id] != NULL) 608 openssl_pmd_qp_release(dev, qp_id); 609 610 /* Allocate the queue pair data structure. */ 611 qp = rte_zmalloc_socket("OPENSSL PMD Queue Pair", sizeof(*qp), 612 RTE_CACHE_LINE_SIZE, socket_id); 613 if (qp == NULL) 614 return -ENOMEM; 615 616 qp->id = qp_id; 617 dev->data->queue_pairs[qp_id] = qp; 618 619 if (openssl_pmd_qp_set_unique_name(dev, qp)) 620 goto qp_setup_cleanup; 621 622 qp->processed_ops = openssl_pmd_qp_create_processed_ops_ring(qp, 623 qp_conf->nb_descriptors, socket_id); 624 if (qp->processed_ops == NULL) 625 goto qp_setup_cleanup; 626 627 qp->sess_mp = dev->data->session_pool; 628 629 memset(&qp->stats, 0, sizeof(qp->stats)); 630 631 return 0; 632 633 qp_setup_cleanup: 634 if (qp) 635 rte_free(qp); 636 637 return -1; 638 } 639 640 /** Start queue pair */ 641 static int 642 openssl_pmd_qp_start(__rte_unused struct rte_cryptodev *dev, 643 __rte_unused uint16_t queue_pair_id) 644 { 645 return -ENOTSUP; 646 } 647 648 /** Stop queue pair */ 649 static int 650 openssl_pmd_qp_stop(__rte_unused struct rte_cryptodev *dev, 651 __rte_unused uint16_t queue_pair_id) 652 { 653 return -ENOTSUP; 654 } 655 656 /** Return the number of allocated queue pairs */ 657 static uint32_t 658 openssl_pmd_qp_count(struct rte_cryptodev *dev) 659 { 660 return dev->data->nb_queue_pairs; 661 } 662 663 /** Returns the size of the session structure */ 664 static unsigned 665 openssl_pmd_session_get_size(struct rte_cryptodev *dev __rte_unused) 666 { 667 return sizeof(struct openssl_session); 668 } 669 670 /** Configure the session from a crypto xform chain */ 671 static void * 672 openssl_pmd_session_configure(struct rte_cryptodev *dev __rte_unused, 673 struct rte_crypto_sym_xform *xform, void *sess) 674 { 675 if (unlikely(sess == NULL)) { 676 OPENSSL_LOG_ERR("invalid session struct"); 677 return NULL; 678 } 679 680 if (openssl_set_session_parameters( 681 sess, xform) != 0) { 682 OPENSSL_LOG_ERR("failed configure session parameters"); 683 return NULL; 684 } 685 686 return sess; 687 } 688 689 690 /** Clear the memory of session so it doesn't leave key material behind */ 691 static void 692 openssl_pmd_session_clear(struct rte_cryptodev *dev __rte_unused, void *sess) 693 { 694 /* 695 * Current just resetting the whole data structure, need to investigate 696 * whether a more selective reset of key would be more performant 697 */ 698 if (sess) { 699 openssl_reset_session(sess); 700 memset(sess, 0, sizeof(struct openssl_session)); 701 } 702 } 703 704 struct rte_cryptodev_ops openssl_pmd_ops = { 705 .dev_configure = openssl_pmd_config, 706 .dev_start = openssl_pmd_start, 707 .dev_stop = openssl_pmd_stop, 708 .dev_close = openssl_pmd_close, 709 710 .stats_get = openssl_pmd_stats_get, 711 .stats_reset = openssl_pmd_stats_reset, 712 713 .dev_infos_get = openssl_pmd_info_get, 714 715 .queue_pair_setup = openssl_pmd_qp_setup, 716 .queue_pair_release = openssl_pmd_qp_release, 717 .queue_pair_start = openssl_pmd_qp_start, 718 .queue_pair_stop = openssl_pmd_qp_stop, 719 .queue_pair_count = openssl_pmd_qp_count, 720 721 .session_get_size = openssl_pmd_session_get_size, 722 .session_configure = openssl_pmd_session_configure, 723 .session_clear = openssl_pmd_session_clear 724 }; 725 726 struct rte_cryptodev_ops *rte_openssl_pmd_ops = &openssl_pmd_ops; 727