From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:49340) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bpAru-0003oE-Bt for qemu-devel@nongnu.org; Wed, 28 Sep 2016 05:09:39 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bpArq-0002PU-2i for qemu-devel@nongnu.org; Wed, 28 Sep 2016 05:09:33 -0400 Received: from szxga03-in.huawei.com ([119.145.14.66]:52611) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bpArp-0002OK-6Y for qemu-devel@nongnu.org; Wed, 28 Sep 2016 05:09:30 -0400 From: Gonglei Date: Wed, 28 Sep 2016 17:08:23 +0800 Message-ID: <1475053705-400172-1-git-send-email-arei.gonglei@huawei.com> MIME-Version: 1.0 Content-Type: text/plain Subject: [Qemu-devel] [PATCH v11 0/2] virtio-crypto: virtio crypto device specification List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org, virtio-dev@lists.oasis-open.org Cc: peter.huangpeng@huawei.com, luonengjun@huawei.com, mst@redhat.com, cornelia.huck@de.ibm.com, stefanha@redhat.com, denglingli@chinamobile.com, Jani.Kokkonen@huawei.com, Ola.Liljedahl@arm.com, Varun.Sethi@freescale.com, xin.zeng@intel.com, brian.a.keating@intel.com, liang.j.ma@intel.com, john.griffin@intel.com, hanweidong@huawei.com, weidong.huang@huawei.com, mike.caraman@nxp.com, agraf@suse.de, claudio.fontana@huawei.com, jianjay.zhou@huawei.com, nmorey@kalray.eu, vincent.jardin@6wind.com, wu.wubin@huawei.com, Shiqing.Fan@huawei.com, Gonglei This is the specification about a new virtio crypto device. You can get the source code from the below website: [PATCH v3 00/10] virtio-crypto: introduce framework and device emulation https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg04132.html [PATCH v4 00/13] virtio-crypto: introduce framework and device emulation https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07327.html Please help to review, thanks. CC: Michael S. Tsirkin CC: Cornelia Huck CC: Stefan Hajnoczi CC: Lingli Deng CC: Jani Kokkonen CC: Ola Liljedahl CC: Varun Sethi CC: Zeng Xin CC: Keating Brian CC: Ma Liang J CC: Griffin John CC: Hanweidong CC: Mihai Claudiu Caraman Changes since v10: - fix typos s/filed/field/. [Xin] - replace 'real cypto accelerator' with 'backend crypto accelerator'. [mst] - drop KDF, ASYM, PRIMITIVE services description temporarily. [mst] - write a device requirement are testable about VIRTIO_CRYPTO_S_HW_READY. [mst] - add a space before * in one code comment. [mst] - reset the layout of all crypto operations for better asymmetric algos support. [Xin] - add more detailed description for initialization vector under different modes. - sed -i 's/VIRTIO_CRYPTO_OP_/VIRTIO_CRYPTO_/g' for general usage in asym algos. [Xin] Changes since v9: - request a native speaker go over the text and fix corresponding grammar issues. [mst] - make some description more appropriated over here and there. [mst] - rewrite some requirement for both device and driver. [mst] - use RFC 2119 keywords. [mst] - fix some complaints by Xelatex and typoes. [Xin Zeng] - add scatter/getter chain support for possible large block data. Thanks for your review, Michael and Xin. Changes from v8: - add additional auth gpa and length to struct virtio_crypto_sym_data_req; - add definition of op in struct virtio_crypto_cipher_session_para, VIRTIO_CRYPTO_OP_ENCRYPT and VIRTIO_CRYPTO_OP_DECRYPT; - make all structures 64bit aligned in order to support different architectures more conveniently [Alex & Stefan] - change to devicenormative{\subsection} and \drivernormative{\subsection} in some sections [Stefan] - driver does not have to initialize all data virtqueues if it wants to use fewer [Stefan] - drop VIRTIO_CRYPTO_NO_SERVICE definition [Stefan] - many grammatical problems and typos. [Stefan] - rename VIRTIO_CRYPTO_MAC_CMAC_KASUMI_F9 to VIRTIO_CRYPTO_MAC_CMAC_KASUMI_F9, and VIRTIO_CRYPTO_MAC_CMAC_SNOW3G_UIA2 to VIRTIO_CRYPTO_MAC_SNOW3G_UIA2. [Liang Ma] - drop queue_id property of struct virtio_crypto_op_data_req. - reconstruct some structures about session operation request. - introduce struct virtio_crypto_alg_chain_session_req and struct virtio_crypto_alg_chain_data_req, introduce chain para, output, input structures as well. - change some sections' layout for better compatibility, for asymmetric algos. [Xin Zeng] Changes from v7: - fix some grammar or typo problems. - add more detailed description at steps of encryption section. Changes from v6: - drop verion filed in struct virtio_crypto_config. [Michael & Cornelia] - change the incorrect description in initialization routine. [Zeng Xin] - redefine flag u16 to make structure alignment. [Zeng Xin] - move the content of virtio_crypto_hash_session_para into virtio_crypto_hash_session_input directly, Same to MAC/SYM/AEAD session creation. [Zeng Xin] - adjuest the sequence of idata and odata refer to the virtio scsi parts, meanwhile add the comments of device-readable/writable for them. - add restrictive documents for the guest memory in some structure, which MUST be gauranted to be allocated and physically-contiguous. Changes from v5: - add conformance clauses for virtio crypto device. [Michael] - drop VIRTIO_CRYPTO_S_STARTED. [Michael] - fix some characters problems. [Stefan] - add a MAC algorithm, named VIRTIO_CRYPTO_MAC_ZUC_EIA3. [Zeng Xin] - add the fourth return code, named VIRTIO_CRYPTO_OP_INVSESS used for invalid session id when executing crypto operations. - drop some gpu stuff forgot to delete. [Michael] - convert tab to space all over the content. Changes from v4: - introduce crypto services into virtio crypto device. The services currently defined are CIPHER, MAC, HASH, AEAD, KDF, ASYM, PRIMITIVE. - define a unified crypto request format that is consisted of general header + service specific request, Where 'general header' is for all crypto request, 'service specific request' is composed of operation parameter + input data + output data in generally. operation parameter is algorithm-specific parameters, input data is the data should be operated , output data is the "operation result + result buffer". - redefine the algorithms and structure based on above crypto services. - rearrange the title and subtitle - Only support CIPHER, MAC, HASH and AEAD crypto services, and Xin will focus KDF, ASYM and PRIMITIVE services. - Some other corresponding fixes. - Make a formal patch using tex type. This version is a big reconstruction based on Zeng, Xin' comments, thanks a lot. Changes from v3: - Don't use enum is the spec but macros in specific structures. [Michael & Stefan] - Add two complete structures for session creation and closing, so that the spec is clear on how to lay out the request. [Stefan] - Definite the crypto operation request with assigned structure, in this way, each data request only occupies *one entry* of the Vring descriptor table, which *improves* the *throughput* of data transferring. Changes from v2: - Reserve virtio device ID 20 for crypto device. [Cornelia] - Drop all feature bits, those capabilities are offered by the device all the time. [Stefan & Cornelia] - Add a new section 1.4.2 for driver requirements. [Stefan] - Use definite type definition instead of enum type in some structure. [Stefan] - Add virtio_crypto_cipher_alg definition. [Stefan] - Add a "Device requirements" section as using MUST. [Stefan] - Some grammar nits fixes and typo fixes. [Stefan & Cornelia] - Add one VIRTIO_CRYPTO_S_STARTED status for the driver as the flag of virtio-crypto device started and can work now. Great thanks for Stefan and Cornelia! Changes from v1: - Drop the feature bit definition for each algorithm, and using config space instead [Cornelia] - Add multiqueue support and add corresponding feature bit - Update Encryption process and header definition - Add session operation process and add corresponding header description - Other better description in order to fit for virtio spec [Michael] - Some other trivial fixes. Gonglei (2): virtio-crypto: Add virtio crypto device specification virtio-crypto: Add conformance clauses conformance.tex | 32 ++ content.tex | 2 + virtio-crypto.tex | 1034 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 1068 insertions(+) create mode 100644 virtio-crypto.tex -- 1.7.12.4