* [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation
@ 2016-10-10 8:55 Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 01/12] cryptodev: introduce cryptodev backend interface Gonglei
` (13 more replies)
0 siblings, 14 replies; 15+ messages in thread
From: Gonglei @ 2016-10-10 8:55 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, eblake, Gonglei
The virtio crypto is a virtual crypto device as well as a kind
of virtual hardware accelerator for virtual machines. The
encryption and decryption requests are placed in the data
queue and handled by the real crypto accelerators finally.
The second queue is the control queue used to create or
destroy sessions for symmetric algorithms and control
some advanced features in the future. The virtio crypto
device provides the following crypto services: CIPHER,
MAC, HASH, AEAD etc.
TODO:
- add vhost-user as a high performance cryptodev backend.
- more crypto services support.
- mirgration support.
Changes since v5:
- rebase the patch 14 in v5, using the correct at the beginning of whole patch serials. [Eric]
- perfect algorithm chain support in patch 12.
- more friendly error handler in both controlq and dataq.
- drop patch "virtio-crypto: emulate virtio crypto as a legacy device by default" because
we shouldn't support transitional virtio devices any more. [Michael]
- drop patch "virtio-crypto-test: add qtest case for virtio-crypto" because
libqtest doesn't support virtio-1.0 device yet.
- rebase the patch set based on Michael's pull request:
[PULL 00/33] virtio, pc: fixes and features
Changes since v4: (Thanks to Stefan)
- drop scatter-gather I/O identification in virtio crypto spec and corresponding code [Stefan]
- remove qcrypto perfix for cryptdov stuff [Stefan]
- use virtio_error() in virtio-crypto device's functions. [Stefan]
- fix endianness handling. [Stefan]
- use VMSTATE_VIRTIO_DEVICE() instead of calling register_savevm(). [Stefan]
- redefine DPRINTF in virtio-crypto.h [Stefan]
- fix some typos [Stefan]
- fix other farraginous problems suggested by Stefan.
Changes since v3:
- rename cryptodev-gcrypt to cryptodev-buitlin. [Daniel]
- move cryptodev stuff from crypto/ directory to backends/ directory
in order to keep the crypto subsystem influence by syetem
emulators. [Daniel]
- emulate virtio-crypto device as a legacy device by default in patch 11
- introduce virtio-crypto qtest case in patch 12
- add myself as cryptdoev backends mainatainer and vitio-crypto
co-maintainer in patch 13
- add CRT support for cryptodev-builtin, it based on my previous crypto
patch serial queued by Daniel.
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg06607.html
- add queue_index for qcrypto_cryptodev_backend_sym_close_session()
Changes since v2:
According to Daniel's comments:
- drop cryptodev kernel module as a cryptodev backend
- rename crypto stuff to cryptodev stuff
- change some files' license to GPLv2+
- remove cryptodev command line instead of QOM to define the cryptodev backend
- rename all functions and structures in crypto sub-directory.
- add full inline documentation for cryptodev.h
And:
- drop crypto-queue.c [Paolo]
- merge some patches
Great thanks to Daniel and Paolo. Please review again, thanks!
Changes since v1:
- rmmove mixed endian-ness handler for virtio-crypto device, just
use little-endian. [mst]
- add sg list support according virtio-crypto spec v10 (will be posted soon).
- fix a memory leak in session handler.
- add a feature page link in qemu.org (http://qemu-project.org/Features/VirtioCrypto)
- fix some trivial problems, sush as 's/Since 2.7/Since 2.8/g' in qapi-schema.json
- rebase the latest qemu master tree.
This patch series realize the framework and emulation of a new
virtio crypto device, which is similar with virtio net device.
- I introduce the cryptodev backend as the client of virtio crypto device
which can be realized by different methods, such as cryptodev-backend-gcrypt in my series,
vhost-crypto kernel module, vhost-user etc.
- The patch set abides by the virtio crypto speccification.
- The virtio crypto support symmetric algorithms (including CIPHER and algorithm chainning)
at present, except HASH, MAC and AEAD services.
- unsupport hot plug/unplug cryptodev backend at this moment.
Firstly build QEMU with libgcrypt cryptography support.
QEMU can then be started using the following parameters:
qemu-system-x86_64 \
[...] \
-object cryptodev-backend-builtin,id=cryptodev0 \
-device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0 \
[...]
The front-end linux kernel driver (Experimental at present) is publicly accessible from:
https://github.com/gongleiarei/virtio-crypto-linux-driver.git
After insmod virtio-crypto.ko, you can use cryptodev-linux test the crypto function
in the guest. For example:
linux-guest:/home/gonglei/cryptodev-linux/tests # ./cipher -
requested cipher CRYPTO_AES_CBC, got cbc(aes) with driver virtio_crypto_aes_cbc
AES Test passed
requested cipher CRYPTO_AES_CBC, got cbc(aes) with driver virtio_crypto_aes_cbc
requested cipher CRYPTO_AES_CBC, got cbc(aes) with driver virtio_crypto_aes_cbc
Test passed
QEMU code also can be accessible from:
https://github.com/gongleiarei/qemu.git
branch virtio-crypto
For more information, please see:
http://qemu-project.org/Features/VirtioCrypto
Gonglei (12):
cryptodev: introduce cryptodev backend interface
cryptodev: add symmetric algorithm operation stuff
virtio-crypto: introduce virtio_crypto.h
cryptodev: introduce a new cryptodev backend
virtio-crypto: add virtio crypto device emulation
virtio-crypto-pci: add virtio crypto pci support
virtio-crypto: set capacity of algorithms supported
virtio-crypto: add control queue handler
virtio-crypto: add data queue processing handler
cryptodev: introduce an unified wrapper for crypto operation
virtio-crypto: add myself as virtio-crypto and cryptodev backends
maintainer
virtio-crypto: perfect algorithms chainning support
MAINTAINERS | 13 +
backends/Makefile.objs | 3 +
backends/cryptodev-builtin.c | 351 +++++++++++
backends/cryptodev.c | 245 ++++++++
hw/virtio/Makefile.objs | 2 +
hw/virtio/virtio-crypto-pci.c | 77 +++
hw/virtio/virtio-crypto.c | 821 +++++++++++++++++++++++++
hw/virtio/virtio-pci.h | 15 +
include/hw/virtio/virtio-crypto.h | 96 +++
include/standard-headers/linux/virtio_crypto.h | 390 ++++++++++++
include/standard-headers/linux/virtio_ids.h | 2 +-
include/sysemu/cryptodev.h | 295 +++++++++
qemu-options.hx | 18 +
13 files changed, 2327 insertions(+), 1 deletion(-)
create mode 100644 backends/cryptodev-builtin.c
create mode 100644 backends/cryptodev.c
create mode 100644 hw/virtio/virtio-crypto-pci.c
create mode 100644 hw/virtio/virtio-crypto.c
create mode 100644 include/hw/virtio/virtio-crypto.h
create mode 100644 include/standard-headers/linux/virtio_crypto.h
create mode 100644 include/sysemu/cryptodev.h
--
1.7.12.4
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Qemu-devel] [PATCH RESEND v6 01/12] cryptodev: introduce cryptodev backend interface
2016-10-10 8:55 [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation Gonglei
@ 2016-10-10 8:55 ` Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 02/12] cryptodev: add symmetric algorithm operation stuff Gonglei
` (12 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: Gonglei @ 2016-10-10 8:55 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, eblake, Gonglei
cryptodev backend interface is used to realize the active work for
virtual crypto device.
This patch only add the framework, doesn't include specific operations.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
backends/Makefile.objs | 2 +
backends/cryptodev.c | 176 +++++++++++++++++++++++++++++++++++++++++++++
include/sysemu/cryptodev.h | 145 +++++++++++++++++++++++++++++++++++++
3 files changed, 323 insertions(+)
create mode 100644 backends/cryptodev.c
create mode 100644 include/sysemu/cryptodev.h
diff --git a/backends/Makefile.objs b/backends/Makefile.objs
index 31a3a89..55bd43d 100644
--- a/backends/Makefile.objs
+++ b/backends/Makefile.objs
@@ -9,3 +9,5 @@ common-obj-$(CONFIG_TPM) += tpm.o
common-obj-y += hostmem.o hostmem-ram.o
common-obj-$(CONFIG_LINUX) += hostmem-file.o
+
+common-obj-y += cryptodev.o
diff --git a/backends/cryptodev.c b/backends/cryptodev.c
new file mode 100644
index 0000000..e8582cd
--- /dev/null
+++ b/backends/cryptodev.c
@@ -0,0 +1,176 @@
+/*
+ * QEMU Crypto Device Implementation
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "sysemu/cryptodev.h"
+#include "hw/boards.h"
+#include "qapi/error.h"
+#include "qapi/visitor.h"
+#include "qapi-types.h"
+#include "qapi-visit.h"
+#include "qemu/config-file.h"
+#include "qom/object_interfaces.h"
+
+static QTAILQ_HEAD(, CryptoDevBackendClient) crypto_clients;
+
+
+CryptoDevBackendClient *
+cryptodev_backend_new_client(const char *model,
+ const char *name)
+{
+ CryptoDevBackendClient *cc;
+
+ cc = g_malloc0(sizeof(CryptoDevBackendClient));
+ cc->model = g_strdup(model);
+ if (name) {
+ cc->name = g_strdup(name);
+ }
+
+ QTAILQ_INSERT_TAIL(&crypto_clients, cc, next);
+
+ return cc;
+}
+
+void cryptodev_backend_free_client(
+ CryptoDevBackendClient *cc)
+{
+ QTAILQ_REMOVE(&crypto_clients, cc, next);
+ g_free(cc->name);
+ g_free(cc->model);
+ g_free(cc->info_str);
+ g_free(cc);
+}
+
+void cryptodev_backend_cleanup(
+ CryptoDevBackend *backend,
+ Error **errp)
+{
+ CryptoDevBackendClass *bc =
+ CRYPTODEV_BACKEND_GET_CLASS(backend);
+
+ if (bc->cleanup) {
+ bc->cleanup(backend, errp);
+ }
+
+ backend->ready = false;
+}
+
+static void
+cryptodev_backend_get_queues(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ CryptoDevBackend *backend = CRYPTODEV_BACKEND(obj);
+ uint32_t value = backend->conf.peers.queues;
+
+ visit_type_uint32(v, name, &value, errp);
+}
+
+static void
+cryptodev_backend_set_queues(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ CryptoDevBackend *backend = CRYPTODEV_BACKEND(obj);
+ Error *local_err = NULL;
+ uint32_t value;
+
+ visit_type_uint32(v, name, &value, &local_err);
+ if (local_err) {
+ goto out;
+ }
+ if (!value) {
+ error_setg(&local_err, "Property '%s.%s' doesn't take value '%"
+ PRIu32 "'", object_get_typename(obj), name, value);
+ goto out;
+ }
+ backend->conf.peers.queues = value;
+out:
+ error_propagate(errp, local_err);
+}
+
+static void
+cryptodev_backend_complete(UserCreatable *uc, Error **errp)
+{
+ CryptoDevBackend *backend = CRYPTODEV_BACKEND(uc);
+ CryptoDevBackendClass *bc = CRYPTODEV_BACKEND_GET_CLASS(uc);
+ Error *local_err = NULL;
+
+ if (bc->init) {
+ bc->init(backend, &local_err);
+ if (local_err) {
+ goto out;
+ }
+ }
+ backend->ready = true;
+ return;
+
+out:
+ backend->ready = false;
+ error_propagate(errp, local_err);
+}
+
+static void cryptodev_backend_instance_init(Object *obj)
+{
+ object_property_add(obj, "queues", "int",
+ cryptodev_backend_get_queues,
+ cryptodev_backend_set_queues,
+ NULL, NULL, NULL);
+ /* Initialize devices' queues property to 1 */
+ object_property_set_int(obj, 1, "queues", NULL);
+}
+
+static void cryptodev_backend_finalize(Object *obj)
+{
+
+}
+
+static void
+cryptodev_backend_class_init(ObjectClass *oc, void *data)
+{
+ UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc);
+
+ ucc->complete = cryptodev_backend_complete;
+
+ QTAILQ_INIT(&crypto_clients);
+}
+
+static const TypeInfo cryptodev_backend_info = {
+ .name = TYPE_CRYPTODEV_BACKEND,
+ .parent = TYPE_OBJECT,
+ .instance_size = sizeof(CryptoDevBackend),
+ .instance_init = cryptodev_backend_instance_init,
+ .instance_finalize = cryptodev_backend_finalize,
+ .class_size = sizeof(CryptoDevBackendClass),
+ .class_init = cryptodev_backend_class_init,
+ .interfaces = (InterfaceInfo[]) {
+ { TYPE_USER_CREATABLE },
+ { }
+ }
+};
+
+static void
+cryptodev_backend_register_types(void)
+{
+ type_register_static(&cryptodev_backend_info);
+}
+
+type_init(cryptodev_backend_register_types);
diff --git a/include/sysemu/cryptodev.h b/include/sysemu/cryptodev.h
new file mode 100644
index 0000000..de9d3e3
--- /dev/null
+++ b/include/sysemu/cryptodev.h
@@ -0,0 +1,145 @@
+/*
+ * QEMU Crypto Device Implementation
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+#ifndef CRYPTODEV_H
+#define CRYPTODEV_H
+
+#include "qom/object.h"
+#include "qemu-common.h"
+
+/**
+ * CryptoDevBackend:
+ *
+ * The CryptoDevBackend object is an interface
+ * for different cryptodev backends, which provides crypto
+ * operation wrapper.
+ *
+ */
+
+#define TYPE_CRYPTODEV_BACKEND "cryptodev-backend"
+
+#define CRYPTODEV_BACKEND(obj) \
+ OBJECT_CHECK(CryptoDevBackend, \
+ (obj), TYPE_CRYPTODEV_BACKEND)
+#define CRYPTODEV_BACKEND_GET_CLASS(obj) \
+ OBJECT_GET_CLASS(CryptoDevBackendClass, \
+ (obj), TYPE_CRYPTODEV_BACKEND)
+#define CRYPTODEV_BACKEND_CLASS(klass) \
+ OBJECT_CLASS_CHECK(CryptoDevBackendClass, \
+ (klass), TYPE_CRYPTODEV_BACKEND)
+
+
+#define MAX_CRYPTO_QUEUE_NUM 64
+
+typedef struct CryptoDevBackendConf CryptoDevBackendConf;
+typedef struct CryptoDevBackendPeers CryptoDevBackendPeers;
+typedef struct CryptoDevBackendClient
+ CryptoDevBackendClient;
+typedef struct CryptoDevBackend CryptoDevBackend;
+
+
+typedef struct CryptoDevBackendClass {
+ ObjectClass parent_class;
+
+ void (*init)(CryptoDevBackend *backend, Error **errp);
+ void (*cleanup)(CryptoDevBackend *backend, Error **errp);
+} CryptoDevBackendClass;
+
+
+struct CryptoDevBackendClient {
+ char *model;
+ char *name;
+ char *info_str;
+ unsigned int queue_index;
+ QTAILQ_ENTRY(CryptoDevBackendClient) next;
+};
+
+struct CryptoDevBackendPeers {
+ CryptoDevBackendClient *ccs[MAX_CRYPTO_QUEUE_NUM];
+ uint32_t queues;
+};
+
+struct CryptoDevBackendConf {
+ CryptoDevBackendPeers peers;
+
+ /* Supported service mask */
+ uint32_t crypto_services;
+
+ /* Detailed algorithms mask */
+ uint32_t cipher_algo_l;
+ uint32_t cipher_algo_h;
+ uint32_t hash_algo;
+ uint32_t mac_algo_l;
+ uint32_t mac_algo_h;
+ uint32_t asym_algo;
+ uint32_t kdf_algo;
+ uint32_t aead_algo;
+ uint32_t primitive_algo;
+};
+
+struct CryptoDevBackend {
+ Object parent_obj;
+
+ bool ready;
+ CryptoDevBackendConf conf;
+};
+
+/**
+ * cryptodev_backend_new_client:
+ * @model: the cryptodev backend model
+ * @name: the cryptodev backend name, can be NULL
+ *
+ * Creates a new cryptodev backend client object
+ * with the @name in the model @model.
+ *
+ * The returned object must be released with
+ * cryptodev_backend_free_client() when no
+ * longer required
+ *
+ * Returns: a new cryptodev backend client object
+ */
+CryptoDevBackendClient *
+cryptodev_backend_new_client(const char *model,
+ const char *name);
+/**
+ * cryptodev_backend_free_client:
+ * @cc: the cryptodev backend client object
+ *
+ * Release the memory associated with @cc that
+ * was previously allocated by cryptodev_backend_new_client()
+ */
+void cryptodev_backend_free_client(
+ CryptoDevBackendClient *cc);
+
+/**
+ * cryptodev_backend_cleanup:
+ * @backend: the cryptodev backend object
+ * @errp: pointer to a NULL-initialized error object
+ *
+ * Clean the resouce associated with @backend that realizaed
+ * by the specific backend's init() callback
+ */
+void cryptodev_backend_cleanup(
+ CryptoDevBackend *backend,
+ Error **errp);
+
+#endif /* CRYPTODEV_H */
--
1.7.12.4
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [Qemu-devel] [PATCH RESEND v6 02/12] cryptodev: add symmetric algorithm operation stuff
2016-10-10 8:55 [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 01/12] cryptodev: introduce cryptodev backend interface Gonglei
@ 2016-10-10 8:55 ` Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 03/12] virtio-crypto: introduce virtio_crypto.h Gonglei
` (11 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: Gonglei @ 2016-10-10 8:55 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, eblake, Gonglei
This patch adds session operation and crypto operation
stuff in the cryptodev backend, including function
pointers and corresponding structures.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
backends/cryptodev.c | 45 +++++++++++++++
include/sysemu/cryptodev.h | 138 +++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 183 insertions(+)
diff --git a/backends/cryptodev.c b/backends/cryptodev.c
index e8582cd..47521cf 100644
--- a/backends/cryptodev.c
+++ b/backends/cryptodev.c
@@ -75,6 +75,51 @@ void cryptodev_backend_cleanup(
backend->ready = false;
}
+int64_t cryptodev_backend_sym_create_session(
+ CryptoDevBackend *backend,
+ CryptoDevBackendSymSessionInfo *sess_info,
+ uint32_t queue_index, Error **errp)
+{
+ CryptoDevBackendClass *bc =
+ CRYPTODEV_BACKEND_GET_CLASS(backend);
+
+ if (bc->create_session) {
+ return bc->create_session(backend, sess_info, queue_index, errp);
+ }
+
+ return -1;
+}
+
+int cryptodev_backend_sym_close_session(
+ CryptoDevBackend *backend,
+ uint64_t session_id,
+ uint32_t queue_index, Error **errp)
+{
+ CryptoDevBackendClass *bc =
+ CRYPTODEV_BACKEND_GET_CLASS(backend);
+
+ if (bc->close_session) {
+ return bc->close_session(backend, session_id, queue_index, errp);
+ }
+
+ return -1;
+}
+
+int cryptodev_backend_sym_operation(
+ CryptoDevBackend *backend,
+ CryptoDevBackendSymOpInfo *op_info,
+ uint32_t queue_index, Error **errp)
+{
+ CryptoDevBackendClass *bc =
+ CRYPTODEV_BACKEND_GET_CLASS(backend);
+
+ if (bc->do_sym_op) {
+ return bc->do_sym_op(backend, op_info, queue_index, errp);
+ }
+
+ return -1;
+}
+
static void
cryptodev_backend_get_queues(Object *obj, Visitor *v, const char *name,
void *opaque, Error **errp)
diff --git a/include/sysemu/cryptodev.h b/include/sysemu/cryptodev.h
index de9d3e3..8fbf1e2 100644
--- a/include/sysemu/cryptodev.h
+++ b/include/sysemu/cryptodev.h
@@ -56,12 +56,100 @@ typedef struct CryptoDevBackendClient
CryptoDevBackendClient;
typedef struct CryptoDevBackend CryptoDevBackend;
+enum CryptoDevBackendAlgType {
+ CRYPTODEV_BACKEND_ALG_SYM,
+ CRYPTODEV_BACKEND_ALG__MAX,
+};
+
+/**
+ * CryptoDevBackendSymSessionInfo:
+ *
+ * @op_code: operation code (refer to virtio_crypto.h)
+ * @cipher_alg: algorithm type of CIPHER
+ * @key_len: byte length of cipher key
+ * @hash_alg: algorithm type of HASH/MAC
+ * @hash_result_len: byte length of HASH operation result
+ * @auth_key_len: byte length of authenticated key
+ * @add_len: byte length of additional authenticated data
+ * @op_type: operation type (refer to virtio_crypto.h)
+ * @direction: encryption or direction for CIPHER
+ * @hash_mode: HASH mode for HASH operation (refer to virtio_crypto.h)
+ * @alg_chain_order: order of algorithm chaining (CIPHER then HASH,
+ * or HASH then CIPHER)
+ * @cipher_key: point to a key of CIPHER
+ * @auth_key: point to an authenticated key of MAC
+ *
+ */
+typedef struct CryptoDevBackendSymSessionInfo {
+ /* corresponding with virtio crypto spec */
+ uint32_t op_code;
+ uint32_t cipher_alg;
+ uint32_t key_len;
+ uint32_t hash_alg;
+ uint32_t hash_result_len;
+ uint32_t auth_key_len;
+ uint32_t add_len;
+ uint8_t op_type;
+ uint8_t direction;
+ uint8_t hash_mode;
+ uint8_t alg_chain_order;
+ uint8_t *cipher_key;
+ uint8_t *auth_key;
+} CryptoDevBackendSymSessionInfo;
+
+/**
+ * CryptoDevBackendSymOpInfo:
+ *
+ * @session_id: session index which was previously
+ * created by cryptodev_backend_sym_create_session()
+ * @aad_len: byte length of additional authenticated data
+ * @iv_len: byte length of initialization vector or counter
+ * @src_len: byte length of source data
+ * @dst_len: byte length of destination data
+ * @digest_result_len: byte length of hash digest result
+ * @hash_start_src_offset: Starting point for hash processing, specified
+ * as number of bytes from start of packet in source data
+ * @op_type: operation type (refer to virtio_crypto.h)
+ * @iv: point to the initialization vector or counter
+ * @src: point to the source data
+ * @dst: point to the destination data
+ * @aad_data: point to the additional authenticated data
+ * @digest_result: point to the digest result data
+ * @data[0]: point to the extensional memory by one memory allocation
+ *
+ */
+typedef struct CryptoDevBackendSymOpInfo {
+ uint64_t session_id;
+ uint32_t aad_len;
+ uint32_t iv_len;
+ uint32_t src_len;
+ uint32_t dst_len;
+ uint32_t digest_result_len;
+ uint32_t hash_start_src_offset;
+ uint8_t op_type;
+ uint8_t *iv;
+ uint8_t *src;
+ uint8_t *dst;
+ uint8_t *aad_data;
+ uint8_t *digest_result;
+ uint8_t data[0];
+} CryptoDevBackendSymOpInfo;
typedef struct CryptoDevBackendClass {
ObjectClass parent_class;
void (*init)(CryptoDevBackend *backend, Error **errp);
void (*cleanup)(CryptoDevBackend *backend, Error **errp);
+
+ int64_t (*create_session)(CryptoDevBackend *backend,
+ CryptoDevBackendSymSessionInfo *sess_info,
+ uint32_t queue_index, Error **errp);
+ int (*close_session)(CryptoDevBackend *backend,
+ uint64_t session_id,
+ uint32_t queue_index, Error **errp);
+ int (*do_sym_op)(CryptoDevBackend *backend,
+ CryptoDevBackendSymOpInfo *op_info,
+ uint32_t queue_index, Error **errp);
} CryptoDevBackendClass;
@@ -142,4 +230,54 @@ void cryptodev_backend_cleanup(
CryptoDevBackend *backend,
Error **errp);
+/**
+ * cryptodev_backend_sym_create_session:
+ * @backend: the cryptodev backend object
+ * @sess_info: parameters needed by session creating
+ * @queue_index: queue index of cryptodev backend client
+ * @errp: pointer to a NULL-initialized error object
+ *
+ * Create a session for symmetric algorithms
+ *
+ * Returns: session id on success, or -1 on error
+ */
+int64_t cryptodev_backend_sym_create_session(
+ CryptoDevBackend *backend,
+ CryptoDevBackendSymSessionInfo *sess_info,
+ uint32_t queue_index, Error **errp);
+
+/**
+ * cryptodev_backend_sym_close_session:
+ * @backend: the cryptodev backend object
+ * @session_id: the session id
+ * @queue_index: queue index of cryptodev backend client
+ * @errp: pointer to a NULL-initialized error object
+ *
+ * Close a session for symmetric algorithms which was previously
+ * created by cryptodev_backend_sym_create_session()
+ *
+ * Returns: 0 on success, or Negative on error
+ */
+int cryptodev_backend_sym_close_session(
+ CryptoDevBackend *backend,
+ uint64_t session_id,
+ uint32_t queue_index, Error **errp);
+
+/**
+ * cryptodev_backend_sym_operation:
+ * @backend: the cryptodev backend object
+ * @op_info: parameters needed by symmetric crypto operation
+ * @queue_index: queue index of cryptodev backend client
+ * @errp: pointer to a NULL-initialized error object
+ *
+ * Do symmetric crypto operation, such as encryption and
+ * decryption
+ *
+ * Returns: 0 on success, or Negative on error
+ */
+int cryptodev_backend_sym_operation(
+ CryptoDevBackend *backend,
+ CryptoDevBackendSymOpInfo *op_info,
+ uint32_t queue_index, Error **errp);
+
#endif /* CRYPTODEV_H */
--
1.7.12.4
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [Qemu-devel] [PATCH RESEND v6 03/12] virtio-crypto: introduce virtio_crypto.h
2016-10-10 8:55 [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 01/12] cryptodev: introduce cryptodev backend interface Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 02/12] cryptodev: add symmetric algorithm operation stuff Gonglei
@ 2016-10-10 8:55 ` Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 04/12] cryptodev: introduce a new cryptodev backend Gonglei
` (10 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: Gonglei @ 2016-10-10 8:55 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, eblake, Gonglei
Introduce the virtio_crypto.h which follows
virtio-crypto specification.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
include/standard-headers/linux/virtio_crypto.h | 381 +++++++++++++++++++++++++
1 file changed, 381 insertions(+)
create mode 100644 include/standard-headers/linux/virtio_crypto.h
diff --git a/include/standard-headers/linux/virtio_crypto.h b/include/standard-headers/linux/virtio_crypto.h
new file mode 100644
index 0000000..a62d192
--- /dev/null
+++ b/include/standard-headers/linux/virtio_crypto.h
@@ -0,0 +1,381 @@
+#ifndef _VIRTIO_CRYPTO_H
+#define _VIRTIO_CRYPTO_H
+
+#include "standard-headers/linux/types.h"
+#include "standard-headers/linux/virtio_config.h"
+#include "standard-headers/linux/virtio_types.h"
+
+
+#define VIRTIO_CRYPTO_SERVICE_CIPHER (0)
+#define VIRTIO_CRYPTO_SERVICE_HASH (1)
+#define VIRTIO_CRYPTO_SERVICE_MAC (2)
+#define VIRTIO_CRYPTO_SERVICE_AEAD (3)
+
+#define VIRTIO_CRYPTO_OPCODE(service, op) ((service << 8) | (op))
+
+struct virtio_crypto_ctrl_header {
+#define VIRTIO_CRYPTO_CIPHER_CREATE_SESSION \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x02)
+#define VIRTIO_CRYPTO_CIPHER_DESTROY_SESSION \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x03)
+#define VIRTIO_CRYPTO_HASH_CREATE_SESSION \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x02)
+#define VIRTIO_CRYPTO_HASH_DESTROY_SESSION \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x03)
+#define VIRTIO_CRYPTO_MAC_CREATE_SESSION \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x02)
+#define VIRTIO_CRYPTO_MAC_DESTROY_SESSION \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x03)
+#define VIRTIO_CRYPTO_AEAD_CREATE_SESSION \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x02)
+#define VIRTIO_CRYPTO_AEAD_DESTROY_SESSION \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x03)
+ __virtio32 opcode;
+ __virtio32 algo;
+ __virtio32 flag;
+ /* data virtqueue id */
+ __virtio32 queue_id;
+};
+
+struct virtio_crypto_cipher_session_para {
+#define VIRTIO_CRYPTO_NO_CIPHER 0
+#define VIRTIO_CRYPTO_CIPHER_ARC4 1
+#define VIRTIO_CRYPTO_CIPHER_AES_ECB 2
+#define VIRTIO_CRYPTO_CIPHER_AES_CBC 3
+#define VIRTIO_CRYPTO_CIPHER_AES_CTR 4
+#define VIRTIO_CRYPTO_CIPHER_DES_ECB 5
+#define VIRTIO_CRYPTO_CIPHER_DES_CBC 6
+#define VIRTIO_CRYPTO_CIPHER_3DES_ECB 7
+#define VIRTIO_CRYPTO_CIPHER_3DES_CBC 8
+#define VIRTIO_CRYPTO_CIPHER_3DES_CTR 9
+#define VIRTIO_CRYPTO_CIPHER_KASUMI_F8 10
+#define VIRTIO_CRYPTO_CIPHER_SNOW3G_UEA2 11
+#define VIRTIO_CRYPTO_CIPHER_AES_F8 12
+#define VIRTIO_CRYPTO_CIPHER_AES_XTS 13
+#define VIRTIO_CRYPTO_CIPHER_ZUC_EEA3 14
+ __virtio32 algo;
+ /* length of key */
+ __virtio32 keylen;
+
+#define VIRTIO_CRYPTO_OP_ENCRYPT 1
+#define VIRTIO_CRYPTO_OP_DECRYPT 2
+ /* encrypt or decrypt */
+ __virtio32 op;
+ __virtio32 padding;
+};
+
+struct virtio_crypto_session_input {
+ /* Device-writable part */
+ __virtio64 session_id;
+ __virtio32 status;
+ __virtio32 padding;
+};
+
+struct virtio_crypto_cipher_session_req {
+ struct virtio_crypto_cipher_session_para para;
+};
+
+struct virtio_crypto_hash_session_para {
+#define VIRTIO_CRYPTO_NO_HASH 0
+#define VIRTIO_CRYPTO_HASH_MD5 1
+#define VIRTIO_CRYPTO_HASH_SHA1 2
+#define VIRTIO_CRYPTO_HASH_SHA_224 3
+#define VIRTIO_CRYPTO_HASH_SHA_256 4
+#define VIRTIO_CRYPTO_HASH_SHA_384 5
+#define VIRTIO_CRYPTO_HASH_SHA_512 6
+#define VIRTIO_CRYPTO_HASH_SHA3_224 7
+#define VIRTIO_CRYPTO_HASH_SHA3_256 8
+#define VIRTIO_CRYPTO_HASH_SHA3_384 9
+#define VIRTIO_CRYPTO_HASH_SHA3_512 10
+#define VIRTIO_CRYPTO_HASH_SHA3_SHAKE128 11
+#define VIRTIO_CRYPTO_HASH_SHA3_SHAKE256 12
+ __virtio32 algo;
+ /* hash result length */
+ __virtio32 hash_result_len;
+};
+
+struct virtio_crypto_hash_create_session_req {
+ struct virtio_crypto_hash_session_para para;
+};
+
+struct virtio_crypto_mac_session_para {
+#define VIRTIO_CRYPTO_NO_MAC 0
+#define VIRTIO_CRYPTO_MAC_HMAC_MD5 1
+#define VIRTIO_CRYPTO_MAC_HMAC_SHA1 2
+#define VIRTIO_CRYPTO_MAC_HMAC_SHA_224 3
+#define VIRTIO_CRYPTO_MAC_HMAC_SHA_256 4
+#define VIRTIO_CRYPTO_MAC_HMAC_SHA_384 5
+#define VIRTIO_CRYPTO_MAC_HMAC_SHA_512 6
+#define VIRTIO_CRYPTO_MAC_CMAC_3DES 25
+#define VIRTIO_CRYPTO_MAC_CMAC_AES 26
+#define VIRTIO_CRYPTO_MAC_KASUMI_F9 27
+#define VIRTIO_CRYPTO_MAC_SNOW3G_UIA2 28
+#define VIRTIO_CRYPTO_MAC_GMAC_AES 41
+#define VIRTIO_CRYPTO_MAC_GMAC_TWOFISH 42
+#define VIRTIO_CRYPTO_MAC_CBCMAC_AES 49
+#define VIRTIO_CRYPTO_MAC_CBCMAC_KASUMI_F9 50
+#define VIRTIO_CRYPTO_MAC_XCBC_AES 53
+ __virtio32 algo;
+ /* hash result length */
+ __virtio32 hash_result_len;
+ /* length of authenticated key */
+ __virtio32 auth_key_len;
+ __virtio32 padding;
+};
+
+struct virtio_crypto_mac_create_session_req {
+ struct virtio_crypto_mac_session_para para;
+};
+
+struct virtio_crypto_aead_session_para {
+#define VIRTIO_CRYPTO_NO_AEAD 0
+#define VIRTIO_CRYPTO_AEAD_GCM 1
+#define VIRTIO_CRYPTO_AEAD_CCM 2
+#define VIRTIO_CRYPTO_AEAD_CHACHA20_POLY1305 3
+ __virtio32 algo;
+ /* length of key */
+ __virtio32 key_len;
+ /* digest result length */
+ __virtio32 digest_result_len;
+ /* length of the additional authenticated data (AAD) in bytes */
+ __virtio32 aad_len;
+ /* encrypt or decrypt, See above VIRTIO_CRYPTO_OP_* */
+ __virtio32 op;
+ __virtio32 padding;
+};
+
+struct virtio_crypto_aead_create_session_req {
+ struct virtio_crypto_aead_session_para para;
+};
+
+struct virtio_crypto_alg_chain_session_para {
+#define VIRTIO_CRYPTO_SYM_ALG_CHAIN_ORDER_HASH_THEN_CIPHER 1
+#define VIRTIO_CRYPTO_SYM_ALG_CHAIN_ORDER_CIPHER_THEN_HASH 2
+ __virtio32 alg_chain_order;
+/* Plain hash */
+#define VIRTIO_CRYPTO_SYM_HASH_MODE_PLAIN 1
+/* Authenticated hash (mac) */
+#define VIRTIO_CRYPTO_SYM_HASH_MODE_AUTH 2
+/* Nested hash */
+#define VIRTIO_CRYPTO_SYM_HASH_MODE_NESTED 3
+ __virtio32 hash_mode;
+ struct virtio_crypto_cipher_session_para cipher_param;
+ union {
+ struct virtio_crypto_hash_session_para hash_param;
+ struct virtio_crypto_mac_session_para mac_param;
+ } u;
+ /* length of the additional authenticated data (AAD) in bytes */
+ __virtio32 aad_len;
+ __virtio32 padding;
+};
+
+struct virtio_crypto_alg_chain_session_req {
+ struct virtio_crypto_alg_chain_session_para para;
+};
+
+struct virtio_crypto_sym_create_session_req {
+ union {
+ struct virtio_crypto_cipher_session_req cipher;
+ struct virtio_crypto_alg_chain_session_req chain;
+ } u;
+
+ /* Device-readable part */
+
+/* No operation */
+#define VIRTIO_CRYPTO_SYM_OP_NONE 0
+/* Cipher only operation on the data */
+#define VIRTIO_CRYPTO_SYM_OP_CIPHER 1
+/* Chain any cipher with any hash or mac operation. The order
+ depends on the value of alg_chain_order param */
+#define VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING 2
+ __virtio32 op_type;
+ __virtio32 padding;
+};
+
+struct virtio_crypto_destroy_session_req {
+ /* Device-readable part */
+ __virtio64 session_id;
+};
+
+/* The request of the control viritqueue's packet */
+struct virtio_crypto_op_ctrl_req {
+ struct virtio_crypto_ctrl_header header;
+
+ union {
+ struct virtio_crypto_sym_create_session_req sym_create_session;
+ struct virtio_crypto_hash_create_session_req hash_create_session;
+ struct virtio_crypto_mac_create_session_req mac_create_session;
+ struct virtio_crypto_aead_create_session_req aead_create_session;
+ struct virtio_crypto_destroy_session_req destroy_session;
+ } u;
+};
+
+struct virtio_crypto_op_header {
+#define VIRTIO_CRYPTO_CIPHER_ENCRYPT \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x00)
+#define VIRTIO_CRYPTO_CIPHER_DECRYPT \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x01)
+#define VIRTIO_CRYPTO_HASH \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x00)
+#define VIRTIO_CRYPTO_MAC \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x00)
+#define VIRTIO_CRYPTO_AEAD_ENCRYPT \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x00)
+#define VIRTIO_CRYPTO_AEAD_DECRYPT \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x01)
+ __virtio32 opcode;
+ /* algo should be service-specific algorithms */
+ __virtio32 algo;
+ /* session_id should be service-specific algorithms */
+ __virtio64 session_id;
+ /* control flag to control the request */
+ __virtio32 flag;
+ __virtio32 padding;
+};
+
+struct virtio_crypto_cipher_para {
+ /*
+ * Byte Length of valid IV/Counter
+ *
+ * - For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or for
+ * SNOW3G in UEA2 mode, this is the length of the IV (which
+ * must be the same as the block length of the cipher).
+ * - For block ciphers in CTR mode, this is the length of the counter
+ * (which must be the same as the block length of the cipher).
+ * - For AES-XTS, this is the 128bit tweak, i, from IEEE Std 1619-2007.
+ *
+ * The IV/Counter will be updated after every partial cryptographic
+ * operation.
+ */
+ __virtio32 iv_len;
+ /* length of source data */
+ __virtio32 src_data_len;
+ /* length of dst data */
+ __virtio32 dst_data_len;
+ __virtio32 padding;
+};
+
+struct virtio_crypto_hash_para {
+ /* length of source data */
+ __virtio32 src_data_len;
+ /* hash result length */
+ __virtio32 hash_result_len;
+};
+
+struct virtio_crypto_mac_para {
+ struct virtio_crypto_hash_para hash;
+};
+
+struct virtio_crypto_aead_para {
+ /*
+ * Byte Length of valid IV data pointed to by the below iv_addr
+ * parameter.
+ *
+ * - For GCM mode, this is either 12 (for 96-bit IVs) or 16, in which
+ * case iv_addr points to J0.
+ * - For CCM mode, this is the length of the nonce, which can be in the
+ * range 7 to 13 inclusive.
+ */
+ __virtio32 iv_len;
+ /* length of additional auth data */
+ __virtio32 aad_len;
+ /* length of source data */
+ __virtio32 src_data_len;
+ /* length of dst data */
+ __virtio32 dst_data_len;
+};
+
+struct virtio_crypto_cipher_data_req {
+ /* Device-readable part */
+ struct virtio_crypto_cipher_para para;
+};
+
+struct virtio_crypto_hash_data_req {
+ /* Device-readable part */
+ struct virtio_crypto_hash_para para;
+};
+
+struct virtio_crypto_mac_data_req {
+ /* Device-readable part */
+ struct virtio_crypto_mac_para para;
+};
+
+struct virtio_crypto_alg_chain_data_para {
+ struct virtio_crypto_cipher_para cipher;
+ /* Starting point for hash processing in source data */
+ __virtio32 hash_start_src_offset;
+ /* Length of the source data that the hash will be computed on */
+ __virtio32 len_to_hash;
+ /* Length of the additional auth data */
+ __virtio32 aad_len;
+ /* Length of the hash result */
+ __virtio32 hash_result_len;
+};
+
+struct virtio_crypto_alg_chain_data_req {
+ /* Device-readable part */
+ struct virtio_crypto_alg_chain_data_para para;
+};
+
+struct virtio_crypto_sym_data_req {
+ union {
+ struct virtio_crypto_cipher_data_req cipher;
+ struct virtio_crypto_alg_chain_data_req chain;
+ } u;
+
+ /* See above VIRTIO_CRYPTO_SYM_OP_* */
+ __virtio32 op_type;
+ __virtio32 padding;
+};
+
+struct virtio_crypto_aead_data_req {
+ /* Device-readable part */
+ struct virtio_crypto_aead_para para;
+};
+
+/* The request of the data viritqueue's packet */
+struct virtio_crypto_op_data_req {
+ struct virtio_crypto_op_header header;
+
+ union {
+ struct virtio_crypto_sym_data_req sym_req;
+ struct virtio_crypto_hash_data_req hash_req;
+ struct virtio_crypto_mac_data_req mac_req;
+ struct virtio_crypto_aead_data_req aead_req;
+ } u;
+};
+
+#define VIRTIO_CRYPTO_OK 0
+#define VIRTIO_CRYPTO_ERR 1
+#define VIRTIO_CRYPTO_BADMSG 2
+#define VIRTIO_CRYPTO_NOTSUPP 3
+#define VIRTIO_CRYPTO_INVSESS 4 /* Invaild session id */
+
+/* The accelerator hardware is ready */
+#define VIRTIO_CRYPTO_S_HW_READY (1 << 0)
+#define VIRTIO_CRYPTO_S_STARTED (1 << 1)
+
+struct virtio_crypto_config {
+ /* See VIRTIO_CRYPTO_OP_* above */
+ __virtio32 status;
+
+ /*
+ * Maximum number of data queue legal values are between 1 and 0x8000
+ */
+ __virtio32 max_dataqueues;
+
+ /* Specifies the services mask which the devcie support,
+ see VIRTIO_CRYPTO_SERVICE_* above */
+ __virtio32 crypto_services;
+
+ /* Detailed algorithms mask */
+ __virtio32 cipher_algo_l;
+ __virtio32 cipher_algo_h;
+ __virtio32 hash_algo;
+ __virtio32 mac_algo_l;
+ __virtio32 mac_algo_h;
+ __virtio32 aead_algo;
+ __virtio32 reserve;
+};
+
+#endif
--
1.7.12.4
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [Qemu-devel] [PATCH RESEND v6 04/12] cryptodev: introduce a new cryptodev backend
2016-10-10 8:55 [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation Gonglei
` (2 preceding siblings ...)
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 03/12] virtio-crypto: introduce virtio_crypto.h Gonglei
@ 2016-10-10 8:55 ` Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 05/12] virtio-crypto: add virtio crypto device emulation Gonglei
` (9 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: Gonglei @ 2016-10-10 8:55 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, eblake, Gonglei
The new cryptodev backend named cryptodev-builtin,
which realized by QEMU cipher APIS. These APIs can
be backed by either nettle or gcrypt.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
backends/Makefile.objs | 1 +
backends/cryptodev-builtin.c | 345 +++++++++++++++++++++++++++++++++++++++++++
qemu-options.hx | 18 +++
3 files changed, 364 insertions(+)
create mode 100644 backends/cryptodev-builtin.c
diff --git a/backends/Makefile.objs b/backends/Makefile.objs
index 55bd43d..1846998 100644
--- a/backends/Makefile.objs
+++ b/backends/Makefile.objs
@@ -11,3 +11,4 @@ common-obj-y += hostmem.o hostmem-ram.o
common-obj-$(CONFIG_LINUX) += hostmem-file.o
common-obj-y += cryptodev.o
+common-obj-y += cryptodev-builtin.o
diff --git a/backends/cryptodev-builtin.c b/backends/cryptodev-builtin.c
new file mode 100644
index 0000000..34c45be
--- /dev/null
+++ b/backends/cryptodev-builtin.c
@@ -0,0 +1,345 @@
+/*
+ * QEMU Cryptodev backend for QEMU cipher APIs
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "sysemu/cryptodev.h"
+#include "hw/boards.h"
+#include "qapi/error.h"
+#include "standard-headers/linux/virtio_crypto.h"
+#include "crypto/cipher.h"
+
+
+/**
+ * @TYPE_CRYPTODEV_BACKEND_BUILTIN:
+ * name of backend that uses QEMU cipher API
+ */
+#define TYPE_CRYPTODEV_BACKEND_BUILTIN "cryptodev-backend-builtin"
+
+#define CRYPTODEV_BACKEND_BUILTIN(obj) \
+ OBJECT_CHECK(CryptoDevBackendBuiltin, \
+ (obj), TYPE_CRYPTODEV_BACKEND_BUILTIN)
+
+typedef struct CryptoDevBackendBuiltin
+ CryptoDevBackendBuiltin;
+
+typedef struct CryptoDevBackendBuiltinSession {
+ QCryptoCipher *cipher;
+ uint8_t direction; /* encryption or decryption */
+ uint8_t type; /* cipher? hash? aead? */
+ QTAILQ_ENTRY(CryptoDevBackendBuiltinSession) next;
+} CryptoDevBackendBuiltinSession;
+
+/* Max number of symmetric sessions */
+#define MAX_NUM_SESSIONS 256
+
+
+struct CryptoDevBackendBuiltin {
+ CryptoDevBackend parent_obj;
+
+ CryptoDevBackendBuiltinSession *sessions[MAX_NUM_SESSIONS];
+};
+
+static void cryptodev_builtin_init(
+ CryptoDevBackend *backend, Error **errp)
+{
+ /* Only support one queue */
+ int queues = backend->conf.peers.queues;
+ CryptoDevBackendClient *cc;
+
+ if (queues != 1) {
+ error_setg(errp,
+ "Only support one queue in cryptdov-builtin backend");
+ return;
+ }
+
+ cc = cryptodev_backend_new_client(
+ "cryptodev-builtin", NULL);
+ cc->info_str = g_strdup_printf("cryptodev-builtin0");
+ cc->queue_index = 0;
+ backend->conf.peers.ccs[0] = cc;
+
+ backend->conf.crypto_services =
+ 1u << VIRTIO_CRYPTO_SERVICE_CIPHER |
+ 1u << VIRTIO_CRYPTO_SERVICE_HASH |
+ 1u << VIRTIO_CRYPTO_SERVICE_MAC;
+ backend->conf.cipher_algo_l = 1u << VIRTIO_CRYPTO_CIPHER_AES_CBC;
+ backend->conf.hash_algo = 1u << VIRTIO_CRYPTO_HASH_SHA1;
+}
+
+static int
+cryptodev_builtin_get_unused_session_index(
+ CryptoDevBackendBuiltin *builtin)
+{
+ size_t i;
+
+ for (i = 0; i < MAX_NUM_SESSIONS; i++) {
+ if (builtin->sessions[i] == NULL) {
+ return i;
+ }
+ }
+
+ return -1;
+}
+
+static int
+cryptodev_builtin_get_aes_algo(uint32_t key_len, Error **errp)
+{
+ int algo;
+
+ if (key_len == 128 / 8) {
+ algo = QCRYPTO_CIPHER_ALG_AES_128;
+ } else if (key_len == 192 / 8) {
+ algo = QCRYPTO_CIPHER_ALG_AES_192;
+ } else if (key_len == 256 / 8) {
+ algo = QCRYPTO_CIPHER_ALG_AES_256;
+ } else {
+ error_setg(errp, "Unsupported key length :%u", key_len);
+ return -1;
+ }
+
+ return algo;
+}
+
+static int cryptodev_builtin_create_cipher_session(
+ CryptoDevBackendBuiltin *builtin,
+ CryptoDevBackendSymSessionInfo *sess_info,
+ Error **errp)
+{
+ int algo;
+ int mode;
+ QCryptoCipher *cipher;
+ int index;
+ CryptoDevBackendBuiltinSession *sess;
+
+ if (sess_info->op_type != VIRTIO_CRYPTO_SYM_OP_CIPHER) {
+ error_setg(errp, "Unsupported optype :%u", sess_info->op_type);
+ return -1;
+ }
+
+ index = cryptodev_builtin_get_unused_session_index(builtin);
+ if (index < 0) {
+ error_setg(errp, "Total number of sessions created exceeds %u",
+ MAX_NUM_SESSIONS);
+ return -1;
+ }
+
+ switch (sess_info->cipher_alg) {
+ case VIRTIO_CRYPTO_CIPHER_AES_ECB:
+ algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
+ errp);
+ if (algo < 0) {
+ return -1;
+ }
+ mode = QCRYPTO_CIPHER_MODE_ECB;
+ break;
+ case VIRTIO_CRYPTO_CIPHER_AES_CBC:
+ algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
+ errp);
+ if (algo < 0) {
+ return -1;
+ }
+ mode = QCRYPTO_CIPHER_MODE_CBC;
+ break;
+ case VIRTIO_CRYPTO_CIPHER_AES_CTR:
+ algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
+ errp);
+ if (algo < 0) {
+ return -1;
+ }
+ mode = QCRYPTO_CIPHER_MODE_CTR;
+ break;
+ case VIRTIO_CRYPTO_CIPHER_DES_ECB:
+ algo = QCRYPTO_CIPHER_ALG_DES_RFB;
+ mode = QCRYPTO_CIPHER_MODE_ECB;
+ break;
+ default:
+ error_setg(errp, "Unsupported cipher alg :%u",
+ sess_info->cipher_alg);
+ return -1;
+ }
+
+ cipher = qcrypto_cipher_new(algo, mode,
+ sess_info->cipher_key,
+ sess_info->key_len,
+ errp);
+ if (!cipher) {
+ return -1;
+ }
+
+ sess = g_new0(CryptoDevBackendBuiltinSession, 1);
+ sess->cipher = cipher;
+ sess->direction = sess_info->direction;
+ sess->type = sess_info->op_type;
+
+ builtin->sessions[index] = sess;
+
+ return index;
+}
+
+static int64_t cryptodev_builtin_sym_create_session(
+ CryptoDevBackend *backend,
+ CryptoDevBackendSymSessionInfo *sess_info,
+ uint32_t queue_index, Error **errp)
+{
+ CryptoDevBackendBuiltin *builtin =
+ CRYPTODEV_BACKEND_BUILTIN(backend);
+ int64_t session_id = -1;
+ int ret;
+
+ switch (sess_info->op_code) {
+ case VIRTIO_CRYPTO_CIPHER_CREATE_SESSION:
+ ret = cryptodev_builtin_create_cipher_session(
+ builtin, sess_info, errp);
+ if (ret < 0) {
+ return ret;
+ } else {
+ session_id = ret;
+ }
+ break;
+ case VIRTIO_CRYPTO_HASH_CREATE_SESSION:
+ case VIRTIO_CRYPTO_MAC_CREATE_SESSION:
+ default:
+ error_setg(errp, "Unsupported opcode :%" PRIu32 "",
+ sess_info->op_code);
+ return -1;
+ }
+
+ return session_id;
+}
+
+static int cryptodev_builtin_sym_close_session(
+ CryptoDevBackend *backend,
+ uint64_t session_id,
+ uint32_t queue_index, Error **errp)
+{
+ CryptoDevBackendBuiltin *builtin =
+ CRYPTODEV_BACKEND_BUILTIN(backend);
+
+ if (session_id >= MAX_NUM_SESSIONS ||
+ builtin->sessions[session_id] == NULL) {
+ error_setg(errp, "Cannot find a valid session id: %" PRIu64 "",
+ session_id);
+ return -1;
+ }
+
+ qcrypto_cipher_free(builtin->sessions[session_id]->cipher);
+ g_free(builtin->sessions[session_id]);
+ builtin->sessions[session_id] = NULL;
+ return 0;
+}
+
+static int cryptodev_builtin_sym_operation(
+ CryptoDevBackend *backend,
+ CryptoDevBackendSymOpInfo *op_info,
+ uint32_t queue_index, Error **errp)
+{
+ CryptoDevBackendBuiltin *builtin =
+ CRYPTODEV_BACKEND_BUILTIN(backend);
+ CryptoDevBackendBuiltinSession *sess;
+ int ret;
+
+ if (op_info->session_id >= MAX_NUM_SESSIONS ||
+ builtin->sessions[op_info->session_id] == NULL) {
+ error_setg(errp, "Cannot find a valid session id: %" PRIu64 "",
+ op_info->session_id);
+ return -VIRTIO_CRYPTO_INVSESS;
+ }
+
+ sess = builtin->sessions[op_info->session_id];
+
+ ret = qcrypto_cipher_setiv(sess->cipher, op_info->iv,
+ op_info->iv_len, errp);
+ if (ret < 0) {
+ return -VIRTIO_CRYPTO_ERR;
+ }
+
+ if (sess->direction == VIRTIO_CRYPTO_OP_ENCRYPT) {
+ ret = qcrypto_cipher_encrypt(sess->cipher, op_info->src,
+ op_info->dst, op_info->src_len, errp);
+ if (ret < 0) {
+ return -VIRTIO_CRYPTO_ERR;
+ }
+ } else {
+ ret = qcrypto_cipher_decrypt(sess->cipher, op_info->src,
+ op_info->dst, op_info->src_len, errp);
+ if (ret < 0) {
+ return -VIRTIO_CRYPTO_ERR;
+ }
+ }
+ return 0;
+}
+
+static void cryptodev_builtin_cleanup(
+ CryptoDevBackend *backend,
+ Error **errp)
+{
+ CryptoDevBackendBuiltin *builtin =
+ CRYPTODEV_BACKEND_BUILTIN(backend);
+ size_t i;
+ int queues = backend->conf.peers.queues;
+ CryptoDevBackendClient *cc;
+
+ for (i = 0; i < MAX_NUM_SESSIONS; i++) {
+ if (builtin->sessions[i] != NULL) {
+ cryptodev_builtin_sym_close_session(
+ backend, i, 0, errp);
+ }
+ }
+
+ assert(queues == 1);
+
+ for (i = 0; i < queues; i++) {
+ cc = backend->conf.peers.ccs[i];
+ if (cc) {
+ cryptodev_backend_free_client(cc);
+ backend->conf.peers.ccs[i] = NULL;
+ }
+ }
+}
+
+static void
+cryptodev_builtin_class_init(ObjectClass *oc, void *data)
+{
+ CryptoDevBackendClass *bc = CRYPTODEV_BACKEND_CLASS(oc);
+
+ bc->init = cryptodev_builtin_init;
+ bc->cleanup = cryptodev_builtin_cleanup;
+ bc->create_session = cryptodev_builtin_sym_create_session;
+ bc->close_session = cryptodev_builtin_sym_close_session;
+ bc->do_sym_op = cryptodev_builtin_sym_operation;
+}
+
+static const TypeInfo cryptodev_builtin_info = {
+ .name = TYPE_CRYPTODEV_BACKEND_BUILTIN,
+ .parent = TYPE_CRYPTODEV_BACKEND,
+ .class_init = cryptodev_builtin_class_init,
+ .instance_size = sizeof(CryptoDevBackendBuiltin),
+};
+
+static void
+cryptodev_builtin_register_types(void)
+{
+ type_register_static(&cryptodev_builtin_info);
+}
+
+type_init(cryptodev_builtin_register_types);
diff --git a/qemu-options.hx b/qemu-options.hx
index 01f01df..616cd30 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -3948,6 +3948,24 @@ secondary:
If you want to know the detail of above command line, you can read
the colo-compare git log.
+@item -object cryptodev-backend-builtin,id=@var{id}[,queues=@var{queues}]
+
+Creates a cryptodev backend which executes crypto opreation from
+the QEMU cipher APIS. The @var{id} parameter is
+a unique ID that will be used to reference this cryptodev backend from
+the @option{virtio-crypto} device. The @var{queues} parameter is optional,
+which specify the queue number of cryptodev backend, the default of
+@var{queues} is 1.
+
+@example
+
+ # qemu-system-x86_64 \
+ [...] \
+ -object cryptodev-backend-builtin,id=cryptodev0 \
+ -device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0 \
+ [...]
+@end example
+
@item -object secret,id=@var{id},data=@var{string},format=@var{raw|base64}[,keyid=@var{secretid},iv=@var{string}]
@item -object secret,id=@var{id},file=@var{filename},format=@var{raw|base64}[,keyid=@var{secretid},iv=@var{string}]
--
1.7.12.4
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [Qemu-devel] [PATCH RESEND v6 05/12] virtio-crypto: add virtio crypto device emulation
2016-10-10 8:55 [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation Gonglei
` (3 preceding siblings ...)
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 04/12] cryptodev: introduce a new cryptodev backend Gonglei
@ 2016-10-10 8:55 ` Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 06/12] virtio-crypto-pci: add virtio crypto pci support Gonglei
` (8 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: Gonglei @ 2016-10-10 8:55 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, eblake, Gonglei
Introduce the virtio crypto realization, I'll
finish the core code in the following patches. The
thoughts came from virtio net realization.
For more information see:
http://qemu-project.org/Features/VirtioCrypto
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
hw/virtio/Makefile.objs | 1 +
hw/virtio/virtio-crypto.c | 150 ++++++++++++++++++++++++++++
include/hw/virtio/virtio-crypto.h | 75 ++++++++++++++
include/standard-headers/linux/virtio_ids.h | 2 +-
4 files changed, 227 insertions(+), 1 deletion(-)
create mode 100644 hw/virtio/virtio-crypto.c
create mode 100644 include/hw/virtio/virtio-crypto.h
diff --git a/hw/virtio/Makefile.objs b/hw/virtio/Makefile.objs
index e716308..968f392 100644
--- a/hw/virtio/Makefile.objs
+++ b/hw/virtio/Makefile.objs
@@ -7,3 +7,4 @@ obj-y += virtio.o virtio-balloon.o
obj-$(CONFIG_LINUX) += vhost.o vhost-backend.o vhost-user.o
obj-$(CONFIG_VHOST_VSOCK) += vhost-vsock.o
+obj-y += virtio-crypto.o
diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
new file mode 100644
index 0000000..58cb3a9
--- /dev/null
+++ b/hw/virtio/virtio-crypto.c
@@ -0,0 +1,150 @@
+/*
+ * Virtio crypto Support
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * (at your option) any later version. See the COPYING file in the
+ * top-level directory.
+ */
+#include "qemu/osdep.h"
+#include "qemu/iov.h"
+#include "hw/qdev.h"
+#include "qapi/error.h"
+#include "qemu/error-report.h"
+
+#include "hw/virtio/virtio.h"
+#include "hw/virtio/virtio-crypto.h"
+#include "hw/virtio/virtio-access.h"
+#include "standard-headers/linux/virtio_ids.h"
+
+#define VIRTIO_CRYPTO_VM_VERSION 1
+
+static uint64_t virtio_crypto_get_features(VirtIODevice *vdev,
+ uint64_t features,
+ Error **errp)
+{
+ return features;
+}
+
+static void virtio_crypto_reset(VirtIODevice *vdev)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(vdev);
+ /* multiqueue is disabled by default */
+ vcrypto->curr_queues = 1;
+ if (!vcrypto->cryptodev->ready) {
+ vcrypto->status &= ~VIRTIO_CRYPTO_S_HW_READY;
+ } else {
+ vcrypto->status |= VIRTIO_CRYPTO_S_HW_READY;
+ }
+}
+
+static void virtio_crypto_device_realize(DeviceState *dev, Error **errp)
+{
+ VirtIODevice *vdev = VIRTIO_DEVICE(dev);
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(dev);
+ int i;
+
+ vcrypto->cryptodev = vcrypto->conf.cryptodev;
+ if (vcrypto->cryptodev == NULL) {
+ error_setg(errp, "'cryptodev' parameter expects a valid object");
+ return;
+ }
+
+ vcrypto->max_queues = MAX(vcrypto->cryptodev->conf.peers.queues, 1);
+ if (vcrypto->max_queues + 1 > VIRTIO_QUEUE_MAX) {
+ error_setg(errp, "Invalid number of queues (= %" PRIu16 "), "
+ "must be a postive integer less than %d.",
+ vcrypto->max_queues, VIRTIO_QUEUE_MAX);
+ return;
+ }
+
+ virtio_init(vdev, "virtio-crypto", VIRTIO_ID_CRYPTO, vcrypto->config_size);
+ vcrypto->curr_queues = 1;
+
+ for (i = 0; i < vcrypto->max_queues; i++) {
+ virtio_add_queue(vdev, 1024, NULL);
+ }
+
+ vcrypto->ctrl_vq = virtio_add_queue(vdev, 64, NULL);
+ if (!vcrypto->cryptodev->ready) {
+ vcrypto->status &= ~VIRTIO_CRYPTO_S_HW_READY;
+ } else {
+ vcrypto->status |= VIRTIO_CRYPTO_S_HW_READY;
+ }
+}
+
+static void virtio_crypto_device_unrealize(DeviceState *dev, Error **errp)
+{
+ VirtIODevice *vdev = VIRTIO_DEVICE(dev);
+
+ virtio_cleanup(vdev);
+}
+
+static const VMStateDescription vmstate_virtio_blk = {
+ .name = "virtio-crypto",
+ .minimum_version_id = VIRTIO_CRYPTO_VM_VERSION,
+ .version_id = VIRTIO_CRYPTO_VM_VERSION,
+ .fields = (VMStateField[]) {
+ VMSTATE_VIRTIO_DEVICE,
+ VMSTATE_END_OF_LIST()
+ },
+};
+
+static Property virtio_crypto_properties[] = {
+ DEFINE_PROP_END_OF_LIST(),
+};
+
+static void virtio_crypto_get_config(VirtIODevice *vdev, uint8_t *config)
+{
+
+}
+
+static void virtio_crypto_class_init(ObjectClass *klass, void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(klass);
+ VirtioDeviceClass *vdc = VIRTIO_DEVICE_CLASS(klass);
+
+ dc->props = virtio_crypto_properties;
+ set_bit(DEVICE_CATEGORY_MISC, dc->categories);
+ vdc->realize = virtio_crypto_device_realize;
+ vdc->unrealize = virtio_crypto_device_unrealize;
+ vdc->get_config = virtio_crypto_get_config;
+ vdc->get_features = virtio_crypto_get_features;
+ vdc->reset = virtio_crypto_reset;
+}
+
+static void virtio_crypto_instance_init(Object *obj)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(obj);
+
+ /*
+ * The default config_size is sizeof(struct virtio_crypto_config).
+ * Can be overriden with virtio_crypto_set_config_size.
+ */
+ vcrypto->config_size = sizeof(struct virtio_crypto_config);
+
+ object_property_add_link(obj, "cryptodev",
+ TYPE_CRYPTODEV_BACKEND,
+ (Object **)&vcrypto->conf.cryptodev,
+ qdev_prop_allow_set_link_before_realize,
+ OBJ_PROP_LINK_UNREF_ON_RELEASE, NULL);
+}
+
+static const TypeInfo virtio_crypto_info = {
+ .name = TYPE_VIRTIO_CRYPTO,
+ .parent = TYPE_VIRTIO_DEVICE,
+ .instance_size = sizeof(VirtIOCrypto),
+ .instance_init = virtio_crypto_instance_init,
+ .class_init = virtio_crypto_class_init,
+};
+
+static void virtio_register_types(void)
+{
+ type_register_static(&virtio_crypto_info);
+}
+
+type_init(virtio_register_types)
diff --git a/include/hw/virtio/virtio-crypto.h b/include/hw/virtio/virtio-crypto.h
new file mode 100644
index 0000000..9bf2b74
--- /dev/null
+++ b/include/hw/virtio/virtio-crypto.h
@@ -0,0 +1,75 @@
+/*
+ * Virtio crypto Support
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * (at your option) any later version. See the COPYING file in the
+ * top-level directory.
+ */
+
+#ifndef _QEMU_VIRTIO_CRYPTO_H
+#define _QEMU_VIRTIO_CRYPTO_H
+
+#include "standard-headers/linux/virtio_crypto.h"
+#include "hw/virtio/virtio.h"
+#include "sysemu/iothread.h"
+#include "sysemu/cryptodev.h"
+
+
+#define DEBUG_VIRTIO_CRYPTO 0
+
+#define DPRINTF(fmt, ...) \
+do { \
+ if (DEBUG_VIRTIO_CRYPTO) { \
+ fprintf(stderr, "virtio_crypto: " fmt, ##__VA_ARGS__); \
+ } \
+} while (0)
+
+
+#define TYPE_VIRTIO_CRYPTO "virtio-crypto-device"
+#define VIRTIO_CRYPTO(obj) \
+ OBJECT_CHECK(VirtIOCrypto, (obj), TYPE_VIRTIO_CRYPTO)
+#define VIRTIO_CRYPTO_GET_PARENT_CLASS(obj) \
+ OBJECT_GET_PARENT_CLASS(obj, TYPE_VIRTIO_CRYPTO)
+
+
+typedef struct VirtIOCryptoConf {
+ CryptoDevBackend *cryptodev;
+} VirtIOCryptoConf;
+
+struct VirtIOCrypto;
+
+typedef struct VirtIOCryptoReq {
+ VirtQueueElement elem;
+ /* flags of operation, such as type of algorithm */
+ uint32_t flags;
+ /* address of in data (Device to Driver) */
+ void *idata_hva;
+ VirtQueue *vq;
+ struct VirtIOCrypto *vcrypto;
+ union {
+ CryptoDevBackendSymOpInfo *sym_op_info;
+ } u;
+} VirtIOCryptoReq;
+
+typedef struct VirtIOCrypto {
+ VirtIODevice parent_obj;
+
+ VirtQueue *ctrl_vq;
+
+ VirtIOCryptoConf conf;
+ CryptoDevBackend *cryptodev;
+
+ uint32_t max_queues;
+ uint32_t status;
+
+ int multiqueue;
+ uint32_t curr_queues;
+ size_t config_size;
+} VirtIOCrypto;
+
+#endif /* _QEMU_VIRTIO_CRYPTO_H */
diff --git a/include/standard-headers/linux/virtio_ids.h b/include/standard-headers/linux/virtio_ids.h
index 3228d58..fe74e42 100644
--- a/include/standard-headers/linux/virtio_ids.h
+++ b/include/standard-headers/linux/virtio_ids.h
@@ -42,5 +42,5 @@
#define VIRTIO_ID_GPU 16 /* virtio GPU */
#define VIRTIO_ID_INPUT 18 /* virtio input */
#define VIRTIO_ID_VSOCK 19 /* virtio vsock transport */
-
+#define VIRTIO_ID_CRYPTO 20 /* virtio crypto */
#endif /* _LINUX_VIRTIO_IDS_H */
--
1.7.12.4
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [Qemu-devel] [PATCH RESEND v6 06/12] virtio-crypto-pci: add virtio crypto pci support
2016-10-10 8:55 [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation Gonglei
` (4 preceding siblings ...)
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 05/12] virtio-crypto: add virtio crypto device emulation Gonglei
@ 2016-10-10 8:55 ` Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 07/12] virtio-crypto: set capacity of algorithms supported Gonglei
` (7 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: Gonglei @ 2016-10-10 8:55 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, eblake, Gonglei
This patch adds virtio-crypto-pci, which is the pci proxy for the virtio
crypto device.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
hw/virtio/Makefile.objs | 1 +
hw/virtio/virtio-crypto-pci.c | 77 +++++++++++++++++++++++++++++++++++++++++++
hw/virtio/virtio-pci.h | 15 +++++++++
3 files changed, 93 insertions(+)
create mode 100644 hw/virtio/virtio-crypto-pci.c
diff --git a/hw/virtio/Makefile.objs b/hw/virtio/Makefile.objs
index 968f392..95c4c30 100644
--- a/hw/virtio/Makefile.objs
+++ b/hw/virtio/Makefile.objs
@@ -8,3 +8,4 @@ obj-$(CONFIG_LINUX) += vhost.o vhost-backend.o vhost-user.o
obj-$(CONFIG_VHOST_VSOCK) += vhost-vsock.o
obj-y += virtio-crypto.o
+obj-$(CONFIG_VIRTIO_PCI) += virtio-crypto-pci.o
diff --git a/hw/virtio/virtio-crypto-pci.c b/hw/virtio/virtio-crypto-pci.c
new file mode 100644
index 0000000..21d9984
--- /dev/null
+++ b/hw/virtio/virtio-crypto-pci.c
@@ -0,0 +1,77 @@
+/*
+ * Virtio crypto device
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * (at your option) any later version. See the COPYING file in the
+ * top-level directory.
+ *
+ */
+#include "qemu/osdep.h"
+#include "hw/pci/pci.h"
+#include "hw/virtio/virtio.h"
+#include "hw/virtio/virtio-bus.h"
+#include "hw/virtio/virtio-pci.h"
+#include "hw/virtio/virtio-crypto.h"
+#include "qapi/error.h"
+
+static Property virtio_crypto_pci_properties[] = {
+ DEFINE_PROP_BIT("ioeventfd", VirtIOPCIProxy, flags,
+ VIRTIO_PCI_FLAG_USE_IOEVENTFD_BIT, true),
+ DEFINE_PROP_UINT32("vectors", VirtIOPCIProxy, nvectors, 2),
+ DEFINE_PROP_END_OF_LIST(),
+};
+
+static void virtio_crypto_pci_realize(VirtIOPCIProxy *vpci_dev, Error **errp)
+{
+ VirtIOCryptoPCI *vcrypto = VIRTIO_CRYPTO_PCI(vpci_dev);
+ DeviceState *vdev = DEVICE(&vcrypto->vdev);
+
+ qdev_set_parent_bus(vdev, BUS(&vpci_dev->bus));
+ virtio_pci_force_virtio_1(vpci_dev);
+ object_property_set_bool(OBJECT(vdev), true, "realized", errp);
+ object_property_set_link(OBJECT(vcrypto),
+ OBJECT(vcrypto->vdev.conf.cryptodev), "cryptodev",
+ NULL);
+}
+
+static void virtio_crypto_pci_class_init(ObjectClass *klass, void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(klass);
+ VirtioPCIClass *k = VIRTIO_PCI_CLASS(klass);
+ PCIDeviceClass *pcidev_k = PCI_DEVICE_CLASS(klass);
+
+ k->realize = virtio_crypto_pci_realize;
+ set_bit(DEVICE_CATEGORY_MISC, dc->categories);
+ dc->props = virtio_crypto_pci_properties;
+
+ pcidev_k->class_id = PCI_CLASS_OTHERS;
+}
+
+static void virtio_crypto_initfn(Object *obj)
+{
+ VirtIOCryptoPCI *dev = VIRTIO_CRYPTO_PCI(obj);
+
+ virtio_instance_init_common(obj, &dev->vdev, sizeof(dev->vdev),
+ TYPE_VIRTIO_CRYPTO);
+ object_property_add_alias(obj, "cryptodev", OBJECT(&dev->vdev),
+ "cryptodev", &error_abort);
+}
+
+static const TypeInfo virtio_crypto_pci_info = {
+ .name = TYPE_VIRTIO_CRYPTO_PCI,
+ .parent = TYPE_VIRTIO_PCI,
+ .instance_size = sizeof(VirtIOCryptoPCI),
+ .instance_init = virtio_crypto_initfn,
+ .class_init = virtio_crypto_pci_class_init,
+};
+
+static void virtio_crypto_pci_register_types(void)
+{
+ type_register_static(&virtio_crypto_pci_info);
+}
+type_init(virtio_crypto_pci_register_types)
diff --git a/hw/virtio/virtio-pci.h b/hw/virtio/virtio-pci.h
index 541cbdb..c493692 100644
--- a/hw/virtio/virtio-pci.h
+++ b/hw/virtio/virtio-pci.h
@@ -25,6 +25,8 @@
#include "hw/virtio/virtio-bus.h"
#include "hw/virtio/virtio-input.h"
#include "hw/virtio/virtio-gpu.h"
+#include "hw/virtio/virtio-crypto.h"
+
#ifdef CONFIG_VIRTFS
#include "hw/9pfs/virtio-9p.h"
#endif
@@ -48,6 +50,7 @@ typedef struct VirtIOInputHIDPCI VirtIOInputHIDPCI;
typedef struct VirtIOInputHostPCI VirtIOInputHostPCI;
typedef struct VirtIOGPUPCI VirtIOGPUPCI;
typedef struct VHostVSockPCI VHostVSockPCI;
+typedef struct VirtIOCryptoPCI VirtIOCryptoPCI;
/* virtio-pci-bus */
@@ -352,6 +355,18 @@ struct VHostVSockPCI {
};
#endif
+/*
+ * virtio-crypto-pci: This extends VirtioPCIProxy.
+ */
+#define TYPE_VIRTIO_CRYPTO_PCI "virtio-crypto-pci"
+#define VIRTIO_CRYPTO_PCI(obj) \
+ OBJECT_CHECK(VirtIOCryptoPCI, (obj), TYPE_VIRTIO_CRYPTO_PCI)
+
+struct VirtIOCryptoPCI {
+ VirtIOPCIProxy parent_obj;
+ VirtIOCrypto vdev;
+};
+
/* Virtio ABI version, if we increment this, we break the guest driver. */
#define VIRTIO_PCI_ABI_VERSION 0
--
1.7.12.4
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [Qemu-devel] [PATCH RESEND v6 07/12] virtio-crypto: set capacity of algorithms supported
2016-10-10 8:55 [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation Gonglei
` (5 preceding siblings ...)
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 06/12] virtio-crypto-pci: add virtio crypto pci support Gonglei
@ 2016-10-10 8:55 ` Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 08/12] virtio-crypto: add control queue handler Gonglei
` (6 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: Gonglei @ 2016-10-10 8:55 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, eblake, Gonglei
Expose the capacity of algorithms supported by
virtio crypto device to the frontend driver using
pci configuration space.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
hw/virtio/virtio-crypto.c | 40 ++++++++++++++++++++++++++++++++++++++-
include/hw/virtio/virtio-crypto.h | 14 ++++++++++++++
2 files changed, 53 insertions(+), 1 deletion(-)
diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
index 58cb3a9..e2bc90e 100644
--- a/hw/virtio/virtio-crypto.c
+++ b/hw/virtio/virtio-crypto.c
@@ -42,6 +42,22 @@ static void virtio_crypto_reset(VirtIODevice *vdev)
}
}
+static void virtio_crypto_init_config(VirtIODevice *vdev)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(vdev);
+
+ vcrypto->conf.crypto_services =
+ vcrypto->conf.cryptodev->conf.crypto_services;
+ vcrypto->conf.cipher_algo_l =
+ vcrypto->conf.cryptodev->conf.cipher_algo_l;
+ vcrypto->conf.cipher_algo_h =
+ vcrypto->conf.cryptodev->conf.cipher_algo_h;
+ vcrypto->conf.hash_algo = vcrypto->conf.cryptodev->conf.hash_algo;
+ vcrypto->conf.mac_algo_l = vcrypto->conf.cryptodev->conf.mac_algo_l;
+ vcrypto->conf.mac_algo_h = vcrypto->conf.cryptodev->conf.mac_algo_h;
+ vcrypto->conf.aead_algo = vcrypto->conf.cryptodev->conf.aead_algo;
+}
+
static void virtio_crypto_device_realize(DeviceState *dev, Error **errp)
{
VirtIODevice *vdev = VIRTIO_DEVICE(dev);
@@ -75,6 +91,8 @@ static void virtio_crypto_device_realize(DeviceState *dev, Error **errp)
} else {
vcrypto->status |= VIRTIO_CRYPTO_S_HW_READY;
}
+
+ virtio_crypto_init_config(vdev);
}
static void virtio_crypto_device_unrealize(DeviceState *dev, Error **errp)
@@ -100,7 +118,27 @@ static Property virtio_crypto_properties[] = {
static void virtio_crypto_get_config(VirtIODevice *vdev, uint8_t *config)
{
-
+ VirtIOCrypto *c = VIRTIO_CRYPTO(vdev);
+ struct virtio_crypto_config crypto_cfg;
+
+ virtio_stl_p(vdev, &crypto_cfg.status, c->status);
+ virtio_stl_p(vdev, &crypto_cfg.max_dataqueues, c->max_queues);
+ virtio_stl_p(vdev, &crypto_cfg.crypto_services,
+ c->conf.crypto_services);
+ virtio_stl_p(vdev, &crypto_cfg.cipher_algo_l,
+ c->conf.cipher_algo_l);
+ virtio_stl_p(vdev, &crypto_cfg.cipher_algo_h,
+ c->conf.cipher_algo_h);
+ virtio_stl_p(vdev, &crypto_cfg.hash_algo,
+ c->conf.hash_algo);
+ virtio_stl_p(vdev, &crypto_cfg.mac_algo_l,
+ c->conf.mac_algo_l);
+ virtio_stl_p(vdev, &crypto_cfg.mac_algo_h,
+ c->conf.mac_algo_h);
+ virtio_stl_p(vdev, &crypto_cfg.aead_algo,
+ c->conf.aead_algo);
+
+ memcpy(config, &crypto_cfg, c->config_size);
}
static void virtio_crypto_class_init(ObjectClass *klass, void *data)
diff --git a/include/hw/virtio/virtio-crypto.h b/include/hw/virtio/virtio-crypto.h
index 9bf2b74..a5e826c 100644
--- a/include/hw/virtio/virtio-crypto.h
+++ b/include/hw/virtio/virtio-crypto.h
@@ -39,6 +39,20 @@ do { \
typedef struct VirtIOCryptoConf {
CryptoDevBackend *cryptodev;
+
+ /* Supported service mask */
+ uint32_t crypto_services;
+
+ /* Detailed algorithms mask */
+ uint32_t cipher_algo_l;
+ uint32_t cipher_algo_h;
+ uint32_t hash_algo;
+ uint32_t mac_algo_l;
+ uint32_t mac_algo_h;
+ uint32_t asym_algo;
+ uint32_t kdf_algo;
+ uint32_t aead_algo;
+ uint32_t primitive_algo;
} VirtIOCryptoConf;
struct VirtIOCrypto;
--
1.7.12.4
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [Qemu-devel] [PATCH RESEND v6 08/12] virtio-crypto: add control queue handler
2016-10-10 8:55 [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation Gonglei
` (6 preceding siblings ...)
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 07/12] virtio-crypto: set capacity of algorithms supported Gonglei
@ 2016-10-10 8:55 ` Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 09/12] virtio-crypto: add data queue processing handler Gonglei
` (5 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: Gonglei @ 2016-10-10 8:55 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, eblake, Gonglei
Realize the symmetric algorithm control queue handler,
including plain cipher and chainning algorithms.
Currently the control queue is used to create and
close session for symmetric algorithm.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
hw/virtio/virtio-crypto.c | 285 +++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 284 insertions(+), 1 deletion(-)
diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
index e2bc90e..98a7d60 100644
--- a/hw/virtio/virtio-crypto.c
+++ b/hw/virtio/virtio-crypto.c
@@ -23,6 +23,289 @@
#define VIRTIO_CRYPTO_VM_VERSION 1
+/*
+ * Transfer virtqueue index to crypto queue index.
+ * The control virtqueue is after the data virtqueues
+ * so the input value doesn't need to be adjusted
+ */
+static inline int virtio_crypto_vq2q(int queue_index)
+{
+ return queue_index;
+}
+
+static int
+virtio_crypto_cipher_session_helper(VirtIODevice *vdev,
+ CryptoDevBackendSymSessionInfo *info,
+ struct virtio_crypto_cipher_session_para *cipher_para,
+ struct iovec **iov, unsigned int *out_num)
+{
+ unsigned int num = *out_num;
+
+ info->cipher_alg = virtio_ldl_p(vdev, &cipher_para->algo);
+ info->key_len = virtio_ldl_p(vdev, &cipher_para->keylen);
+ info->direction = virtio_ldl_p(vdev, &cipher_para->op);
+ DPRINTF("cipher_alg=%" PRIu32 ", info->direction=%" PRIu32 "\n",
+ info->cipher_alg, info->direction);
+ /* Get cipher key */
+ if (info->key_len > 0) {
+ size_t s;
+ DPRINTF("keylen=%" PRIu32 "\n", info->key_len);
+
+ info->cipher_key = g_malloc(info->key_len);
+ s = iov_to_buf(*iov, num, 0, info->cipher_key, info->key_len);
+ if (unlikely(s != info->key_len)) {
+ virtio_error(vdev, "virtio-crypto cipher key incorrect");
+ return -EFAULT;
+ }
+ iov_discard_front(iov, &num, info->key_len);
+ *out_num = num;
+ }
+
+ return 0;
+}
+
+static int64_t
+virtio_crypto_create_sym_session(VirtIOCrypto *vcrypto,
+ struct virtio_crypto_sym_create_session_req *sess_req,
+ uint32_t queue_id,
+ uint32_t opcode,
+ struct iovec *iov, unsigned int out_num)
+{
+ VirtIODevice *vdev = VIRTIO_DEVICE(vcrypto);
+ CryptoDevBackendSymSessionInfo info;
+ int64_t session_id;
+ int queue_index;
+ uint32_t op_type;
+ Error *local_err = NULL;
+ int ret;
+
+ memset(&info, 0, sizeof(info));
+ op_type = virtio_ldl_p(vdev, &sess_req->op_type);
+ info.op_type = op_type;
+ info.op_code = opcode;
+
+ if (op_type == VIRTIO_CRYPTO_SYM_OP_CIPHER) {
+ ret = virtio_crypto_cipher_session_helper(vdev, &info,
+ &sess_req->u.cipher.para,
+ &iov, &out_num);
+ if (ret < 0) {
+ return -EFAULT;
+ }
+ } else if (op_type == VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING) {
+ size_t s;
+ /* cipher part */
+ ret = virtio_crypto_cipher_session_helper(vdev, &info,
+ &sess_req->u.chain.para.cipher_param,
+ &iov, &out_num);
+ if (ret < 0) {
+ return -EFAULT;
+ }
+ /* hash part */
+ info.alg_chain_order = virtio_ldl_p(vdev,
+ &sess_req->u.chain.para.alg_chain_order);
+ info.add_len = virtio_ldl_p(vdev, &sess_req->u.chain.para.aad_len);
+ info.hash_mode = virtio_ldl_p(vdev, &sess_req->u.chain.para.hash_mode);
+ if (info.hash_mode == VIRTIO_CRYPTO_SYM_HASH_MODE_AUTH) {
+ info.hash_alg = virtio_ldl_p(vdev,
+ &sess_req->u.chain.para.u.mac_param.algo);
+ info.auth_key_len = virtio_ldl_p(vdev,
+ &sess_req->u.chain.para.u.mac_param.auth_key_len);
+ info.hash_result_len = virtio_ldl_p(vdev,
+ &sess_req->u.chain.para.u.mac_param.hash_result_len);
+ /* get auth key */
+ if (info.auth_key_len > 0) {
+ DPRINTF("auth_keylen=%" PRIu32 "\n", info.auth_key_len);
+ info.auth_key = g_malloc(info.auth_key_len);
+ s = iov_to_buf(iov, out_num, 0, info.auth_key,
+ info.auth_key_len);
+ if (unlikely(s != info.auth_key_len)) {
+ virtio_error(vdev,
+ "virtio-crypto authenticated key incorrect");
+ ret = -EFAULT;
+ goto err;
+ }
+ iov_discard_front(&iov, &out_num, info.auth_key_len);
+ }
+ } else if (info.hash_mode == VIRTIO_CRYPTO_SYM_HASH_MODE_PLAIN) {
+ info.hash_alg = virtio_ldl_p(vdev,
+ &sess_req->u.chain.para.u.hash_param.algo);
+ info.hash_result_len = virtio_ldl_p(vdev,
+ &sess_req->u.chain.para.u.hash_param.hash_result_len);
+ } else {
+ /* VIRTIO_CRYPTO_SYM_HASH_MODE_NESTED */
+ error_report("unsupported hash mode");
+ ret = -VIRTIO_CRYPTO_NOTSUPP;
+ goto err;
+ }
+ } else {
+ /* VIRTIO_CRYPTO_SYM_OP_NONE */
+ error_report("unsupported cipher op_type: VIRTIO_CRYPTO_SYM_OP_NONE");
+ ret = -VIRTIO_CRYPTO_NOTSUPP;
+ goto err;
+ }
+
+ queue_index = virtio_crypto_vq2q(queue_id);
+ session_id = cryptodev_backend_sym_create_session(
+ vcrypto->cryptodev,
+ &info, queue_index, &local_err);
+ if (session_id >= 0) {
+ DPRINTF("create session_id=%" PRIu64 " successfully\n",
+ session_id);
+
+ ret = session_id;
+ } else {
+ if (local_err) {
+ error_report_err(local_err);
+ }
+ ret = -VIRTIO_CRYPTO_ERR;
+ }
+
+err:
+ g_free(info.cipher_key);
+ g_free(info.auth_key);
+ return ret;
+}
+
+static uint32_t
+virtio_crypto_handle_close_session(VirtIOCrypto *vcrypto,
+ struct virtio_crypto_destroy_session_req *close_sess_req,
+ uint32_t queue_id)
+{
+ VirtIODevice *vdev = VIRTIO_DEVICE(vcrypto);
+ int ret;
+ uint64_t session_id;
+ uint32_t status;
+ Error *local_err = NULL;
+
+ session_id = virtio_ldq_p(vdev, &close_sess_req->session_id);
+ DPRINTF("close session, id=%" PRIu64 "\n", session_id);
+
+ ret = cryptodev_backend_sym_close_session(
+ vcrypto->cryptodev, session_id, queue_id, &local_err);
+ if (ret == 0) {
+ status = VIRTIO_CRYPTO_OK;
+ } else {
+ if (local_err) {
+ error_report_err(local_err);
+ } else {
+ error_report("destroy session failed");
+ }
+ status = VIRTIO_CRYPTO_ERR;
+ }
+
+ return status;
+}
+
+static void virtio_crypto_handle_ctrl(VirtIODevice *vdev, VirtQueue *vq)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(vdev);
+ struct virtio_crypto_op_ctrl_req ctrl;
+ VirtQueueElement *elem;
+ size_t in_len;
+ struct iovec *in_iov;
+ struct iovec *out_iov;
+ unsigned in_num;
+ unsigned out_num;
+ uint32_t queue_id;
+ uint32_t opcode;
+ struct virtio_crypto_session_input *input;
+ int64_t session_id;
+ uint32_t status;
+ size_t s;
+
+ for (;;) {
+ elem = virtqueue_pop(vq, sizeof(VirtQueueElement));
+ if (!elem) {
+ break;
+ }
+ if (elem->out_num < 1 || elem->in_num < 1) {
+ virtio_error(vdev, "virtio-crypto ctrl missing headers");
+ virtqueue_detach_element(vq, elem, 0);
+ g_free(elem);
+ break;
+ }
+
+ out_num = elem->out_num;
+ out_iov = elem->out_sg;
+ in_num = elem->in_num;
+ in_iov = elem->in_sg;
+ if (unlikely(iov_to_buf(out_iov, out_num, 0, &ctrl, sizeof(ctrl))
+ != sizeof(ctrl))) {
+ virtio_error(vdev, "virtio-crypto request ctrl_hdr too short");
+ virtqueue_detach_element(vq, elem, 0);
+ g_free(elem);
+ break;
+ }
+ iov_discard_front(&out_iov, &out_num, sizeof(ctrl));
+
+ opcode = virtio_ldl_p(vdev, &ctrl.header.opcode);
+ queue_id = virtio_ldl_p(vdev, &ctrl.header.queue_id);
+
+ switch (opcode) {
+ case VIRTIO_CRYPTO_CIPHER_CREATE_SESSION:
+ in_len = iov_size(in_iov, in_num);
+ input = (void *)in_iov[in_num - 1].iov_base
+ + in_iov[in_num - 1].iov_len
+ - sizeof(*input);
+ iov_discard_back(in_iov, &in_num, sizeof(*input));
+
+ session_id = virtio_crypto_create_sym_session(vcrypto,
+ &ctrl.u.sym_create_session,
+ queue_id, opcode,
+ out_iov, out_num);
+ /* Serious errors, need to reset virtio crypto device */
+ if (session_id == -EFAULT) {
+ virtqueue_detach_element(vq, elem, 0);
+ break;
+ } else if (session_id == -VIRTIO_CRYPTO_NOTSUPP) {
+ input->status = VIRTIO_CRYPTO_NOTSUPP;
+ } else if (session_id == -VIRTIO_CRYPTO_ERR) {
+ input->status = VIRTIO_CRYPTO_ERR;
+ } else {
+ input->session_id = session_id;
+ input->status = VIRTIO_CRYPTO_OK;
+ }
+
+ virtqueue_push(vq, elem, in_len);
+ virtio_notify(vdev, vq);
+ break;
+ case VIRTIO_CRYPTO_CIPHER_DESTROY_SESSION:
+ case VIRTIO_CRYPTO_HASH_DESTROY_SESSION:
+ case VIRTIO_CRYPTO_MAC_DESTROY_SESSION:
+ case VIRTIO_CRYPTO_AEAD_DESTROY_SESSION:
+ status = virtio_crypto_handle_close_session(vcrypto,
+ &ctrl.u.destroy_session, queue_id);
+
+ s = iov_from_buf(in_iov, in_num, 0, &status, sizeof(status));
+ if (unlikely(s != sizeof(status))) {
+ virtio_error(vdev, "virtio-crypto status incorrect");
+ virtqueue_detach_element(vq, elem, 0);
+ break;
+ }
+ virtqueue_push(vq, elem, sizeof(status));
+ virtio_notify(vdev, vq);
+ break;
+ case VIRTIO_CRYPTO_HASH_CREATE_SESSION:
+ case VIRTIO_CRYPTO_MAC_CREATE_SESSION:
+ case VIRTIO_CRYPTO_AEAD_CREATE_SESSION:
+ default:
+ in_len = iov_size(in_iov, in_num);
+ input = (void *)in_iov[in_num - 1].iov_base
+ + in_iov[in_num - 1].iov_len
+ - sizeof(*input);
+ error_report("virtio-crypto unsupported ctrl opcode: %d", opcode);
+
+ input->status = VIRTIO_CRYPTO_NOTSUPP;
+ virtqueue_push(vq, elem, in_len);
+ virtio_notify(vdev, vq);
+
+ break;
+ } /* end switch case */
+
+ g_free(elem);
+ } /* end for loop */
+}
+
static uint64_t virtio_crypto_get_features(VirtIODevice *vdev,
uint64_t features,
Error **errp)
@@ -85,7 +368,7 @@ static void virtio_crypto_device_realize(DeviceState *dev, Error **errp)
virtio_add_queue(vdev, 1024, NULL);
}
- vcrypto->ctrl_vq = virtio_add_queue(vdev, 64, NULL);
+ vcrypto->ctrl_vq = virtio_add_queue(vdev, 64, virtio_crypto_handle_ctrl);
if (!vcrypto->cryptodev->ready) {
vcrypto->status &= ~VIRTIO_CRYPTO_S_HW_READY;
} else {
--
1.7.12.4
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [Qemu-devel] [PATCH RESEND v6 09/12] virtio-crypto: add data queue processing handler
2016-10-10 8:55 [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation Gonglei
` (7 preceding siblings ...)
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 08/12] virtio-crypto: add control queue handler Gonglei
@ 2016-10-10 8:55 ` Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 10/12] cryptodev: introduce an unified wrapper for crypto operation Gonglei
` (4 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: Gonglei @ 2016-10-10 8:55 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, eblake, Gonglei
Introduces VirtIOCryptoReq structure to store
crypto request so that we can support sync and async
crypto operation in the future.
At present, we only support cipher and algorithm
chainning.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
hw/virtio/virtio-crypto.c | 338 +++++++++++++++++++++++++++++++++++++-
include/hw/virtio/virtio-crypto.h | 11 +-
2 files changed, 346 insertions(+), 3 deletions(-)
diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
index 98a7d60..29eb1a1 100644
--- a/hw/virtio/virtio-crypto.c
+++ b/hw/virtio/virtio-crypto.c
@@ -306,6 +306,342 @@ static void virtio_crypto_handle_ctrl(VirtIODevice *vdev, VirtQueue *vq)
} /* end for loop */
}
+static void virtio_crypto_init_request(VirtIOCrypto *vcrypto, VirtQueue *vq,
+ VirtIOCryptoReq *req)
+{
+ req->vcrypto = vcrypto;
+ req->vq = vq;
+ req->in = NULL;
+ req->in_iov = NULL;
+ req->in_num = 0;
+ req->in_len = 0;
+ req->flags = CRYPTODEV_BACKEND_ALG__MAX;
+ req->u.sym_op_info = NULL;
+}
+
+static void virtio_crypto_free_request(VirtIOCryptoReq *req)
+{
+ if (req) {
+ if (req->flags == CRYPTODEV_BACKEND_ALG_SYM) {
+ g_free(req->u.sym_op_info);
+ }
+ g_free(req);
+ }
+}
+
+static void
+virtio_crypto_sym_input_data_helper(VirtIODevice *vdev,
+ VirtIOCryptoReq *req,
+ uint32_t status,
+ CryptoDevBackendSymOpInfo *sym_op_info)
+{
+ size_t s, len;
+
+ if (status != VIRTIO_CRYPTO_OK) {
+ return;
+ }
+
+ len = sym_op_info->dst_len;
+ /* Save the cipher result */
+ s = iov_from_buf(req->in_iov, req->in_num, 0, sym_op_info->dst, len);
+ if (s != len) {
+ virtio_error(vdev, "virtio-crypto dest data incorrect");
+ return;
+ }
+
+ iov_discard_front(&req->in_iov, &req->in_num, len);
+
+ if (sym_op_info->op_type ==
+ VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING) {
+ /* Save the digest result */
+ s = iov_from_buf(req->in_iov, req->in_num, 0,
+ sym_op_info->digest_result,
+ sym_op_info->digest_result_len);
+ if (s != len) {
+ virtio_error(vdev, "virtio-crypto digest result incorrect");
+ }
+ }
+}
+
+static void virtio_crypto_req_complete(VirtIOCryptoReq *req, uint32_t status)
+{
+ VirtIOCrypto *vcrypto = req->vcrypto;
+ VirtIODevice *vdev = VIRTIO_DEVICE(vcrypto);
+
+ if (req->flags == CRYPTODEV_BACKEND_ALG_SYM) {
+ virtio_crypto_sym_input_data_helper(vdev, req, status,
+ req->u.sym_op_info);
+ }
+ stl_he_p(&req->in->status, status);
+ virtqueue_push(req->vq, &req->elem, req->in_len);
+ virtio_notify(vdev, req->vq);
+}
+
+static VirtIOCryptoReq *
+virtio_crypto_get_request(VirtIOCrypto *s, VirtQueue *vq)
+{
+ VirtIOCryptoReq *req = virtqueue_pop(vq, sizeof(VirtIOCryptoReq));
+
+ if (req) {
+ virtio_crypto_init_request(s, vq, req);
+ }
+ return req;
+}
+
+static CryptoDevBackendSymOpInfo *
+virtio_crypto_sym_op_helper(VirtIODevice *vdev,
+ struct virtio_crypto_cipher_para *para,
+ uint32_t aad_len,
+ struct iovec *iov, unsigned int out_num,
+ uint32_t hash_result_len,
+ uint32_t hash_start_src_offset)
+{
+ CryptoDevBackendSymOpInfo *op_info;
+ uint32_t src_len, dst_len;
+ uint32_t iv_len;
+ size_t max_len, curr_size = 0;
+ size_t s;
+
+ iv_len = virtio_ldl_p(vdev, ¶->iv_len);
+ src_len = virtio_ldl_p(vdev, ¶->src_data_len);
+ dst_len = virtio_ldl_p(vdev, ¶->dst_data_len);
+
+ max_len = iv_len + aad_len + src_len + dst_len + hash_result_len;
+ op_info = g_malloc0(sizeof(CryptoDevBackendSymOpInfo) + max_len);
+ op_info->iv_len = iv_len;
+ op_info->src_len = src_len;
+ op_info->dst_len = dst_len;
+ op_info->aad_len = aad_len;
+ op_info->digest_result_len = hash_result_len;
+ op_info->hash_start_src_offset = hash_start_src_offset;
+ /* Handle the initilization vector */
+ if (op_info->iv_len > 0) {
+ DPRINTF("iv_len=%" PRIu32 "\n", op_info->iv_len);
+ op_info->iv = op_info->data + curr_size;
+
+ s = iov_to_buf(iov, out_num, 0, op_info->iv, op_info->iv_len);
+ if (unlikely(s != op_info->iv_len)) {
+ virtio_error(vdev, "virtio-crypto iv incorrect");
+ goto err;
+ }
+ iov_discard_front(&iov, &out_num, op_info->iv_len);
+ curr_size += op_info->iv_len;
+ }
+
+ /* Handle additional authentication data if exist */
+ if (op_info->aad_len > 0) {
+ DPRINTF("aad_len=%" PRIu32 "\n", op_info->aad_len);
+ op_info->aad_data = op_info->data + curr_size;
+
+ s = iov_to_buf(iov, out_num, 0, op_info->aad_data, op_info->aad_len);
+ if (unlikely(s != op_info->aad_len)) {
+ virtio_error(vdev, "virtio-crypto additional auth data incorrect");
+ goto err;
+ }
+ iov_discard_front(&iov, &out_num, op_info->aad_len);
+
+ curr_size += op_info->aad_len;
+ }
+
+ /* Handle the source data */
+ if (op_info->src_len > 0) {
+ DPRINTF("src_len=%" PRIu32 "\n", op_info->src_len);
+ op_info->src = op_info->data + curr_size;
+
+ s = iov_to_buf(iov, out_num, 0, op_info->src, op_info->src_len);
+ if (unlikely(s != op_info->src_len)) {
+ virtio_error(vdev, "virtio-crypto source data incorrect");
+ goto err;
+ }
+ iov_discard_front(&iov, &out_num, op_info->src_len);
+
+ curr_size += op_info->src_len;
+ }
+
+ /* Handle the destination data */
+ op_info->dst = op_info->data + curr_size;
+ curr_size += op_info->dst_len;
+
+ DPRINTF("dst_len=%" PRIu32 "\n", op_info->dst_len);
+
+ /* Handle the hash digest result */
+ if (hash_result_len > 0) {
+ DPRINTF("hash_result_len=%" PRIu32 "\n", hash_result_len);
+ op_info->digest_result = op_info->data + curr_size;
+ }
+
+ return op_info;
+
+err:
+ g_free(op_info);
+ return NULL;
+}
+
+static int
+virtio_crypto_handle_sym_req(VirtIOCrypto *vcrypto,
+ struct virtio_crypto_sym_data_req *req,
+ CryptoDevBackendSymOpInfo **sym_op_info,
+ struct iovec *iov, unsigned int out_num)
+{
+ VirtIODevice *vdev = VIRTIO_DEVICE(vcrypto);
+ uint32_t op_type;
+ CryptoDevBackendSymOpInfo *op_info;
+
+ op_type = virtio_ldl_p(vdev, &req->op_type);
+
+ if (op_type == VIRTIO_CRYPTO_SYM_OP_CIPHER) {
+ op_info = virtio_crypto_sym_op_helper(vdev, &req->u.cipher.para,
+ 0, iov, out_num, 0, 0);
+ if (!op_info) {
+ return -EFAULT;
+ }
+ op_info->op_type = op_type;
+ } else if (op_type == VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING) {
+ uint32_t aad_len, hash_result_len;
+ uint32_t hash_start_src_offset;
+
+ aad_len = virtio_ldl_p(vdev, &req->u.chain.para.aad_len);
+ hash_result_len = virtio_ldl_p(vdev,
+ &req->u.chain.para.hash_result_len);
+ hash_start_src_offset = virtio_ldl_p(vdev,
+ &req->u.chain.para.hash_start_src_offset);
+ /* cipher part */
+ op_info = virtio_crypto_sym_op_helper(vdev, &req->u.chain.para.cipher,
+ aad_len, iov, out_num,
+ hash_result_len,
+ hash_start_src_offset);
+ if (!op_info) {
+ return -EFAULT;
+ }
+ op_info->op_type = op_type;
+ } else {
+ /* VIRTIO_CRYPTO_SYM_OP_NONE */
+ error_report("virtio-crypto unsupported cipher type");
+ return -VIRTIO_CRYPTO_NOTSUPP;
+ }
+
+ *sym_op_info = op_info;
+
+ return 0;
+}
+
+static int
+virtio_crypto_handle_request(VirtIOCryptoReq *request)
+{
+ VirtIOCrypto *vcrypto = request->vcrypto;
+ VirtIODevice *vdev = VIRTIO_DEVICE(vcrypto);
+ VirtQueueElement *elem = &request->elem;
+ int queue_index = virtio_crypto_vq2q(virtio_get_queue_index(request->vq));
+ struct virtio_crypto_op_data_req req;
+ int ret;
+ struct iovec *in_iov;
+ struct iovec *out_iov;
+ unsigned in_num;
+ unsigned out_num;
+ uint32_t opcode, status = VIRTIO_CRYPTO_ERR;
+ uint64_t session_id;
+ CryptoDevBackendSymOpInfo *sym_op_info = NULL;
+ Error *local_err = NULL;
+
+ if (elem->out_num < 1 || elem->in_num < 1) {
+ virtio_error(vdev, "virtio-crypto dataq missing headers");
+ return -1;
+ }
+
+ out_num = elem->out_num;
+ out_iov = elem->out_sg;
+ in_num = elem->in_num;
+ in_iov = elem->in_sg;
+ if (unlikely(iov_to_buf(out_iov, out_num, 0, &req, sizeof(req))
+ != sizeof(req))) {
+ virtio_error(vdev, "virtio-crypto request outhdr too short");
+ return -1;
+ }
+ iov_discard_front(&out_iov, &out_num, sizeof(req));
+
+ if (in_iov[in_num - 1].iov_len <
+ sizeof(struct virtio_crypto_inhdr)) {
+ virtio_error(vdev, "virtio-crypto request inhdr too short");
+ return -1;
+ }
+
+ request->in_len = iov_size(in_iov, in_num);
+ request->in = (void *)in_iov[in_num - 1].iov_base
+ + in_iov[in_num - 1].iov_len
+ - sizeof(struct virtio_crypto_inhdr);
+ iov_discard_back(in_iov, &in_num, sizeof(struct virtio_crypto_inhdr));
+
+ /*
+ * The length of operation result, including dest_data
+ * and digest_result if exist.
+ */
+ request->in_num = in_num;
+ request->in_iov = in_iov;
+
+ opcode = virtio_ldl_p(vdev, &req.header.opcode);
+ session_id = virtio_ldq_p(vdev, &req.header.session_id);
+
+ switch (opcode) {
+ case VIRTIO_CRYPTO_CIPHER_ENCRYPT:
+ case VIRTIO_CRYPTO_CIPHER_DECRYPT:
+ ret = virtio_crypto_handle_sym_req(vcrypto,
+ &req.u.sym_req,
+ &sym_op_info,
+ out_iov, out_num);
+ /* Serious errors, need to reset virtio crypto device */
+ if (ret == -EFAULT) {
+ return -1;
+ } else if (ret == -VIRTIO_CRYPTO_NOTSUPP) {
+ virtio_crypto_req_complete(request, VIRTIO_CRYPTO_NOTSUPP);
+ virtio_crypto_free_request(request);
+ } else {
+ sym_op_info->session_id = session_id;
+
+ /* Set request's parameter */
+ request->flags = CRYPTODEV_BACKEND_ALG_SYM;
+ request->u.sym_op_info = sym_op_info;
+ ret = cryptodev_backend_sym_operation(vcrypto->cryptodev,
+ sym_op_info, queue_index, &local_err);
+ if (ret < 0) {
+ status = VIRTIO_CRYPTO_ERR;
+ if (local_err) {
+ error_report_err(local_err);
+ }
+ } else { /* ret >= 0 */
+ status = VIRTIO_CRYPTO_OK;
+ }
+ virtio_crypto_req_complete(request, status);
+ virtio_crypto_free_request(request);
+ }
+ break;
+ case VIRTIO_CRYPTO_HASH:
+ case VIRTIO_CRYPTO_MAC:
+ case VIRTIO_CRYPTO_AEAD_ENCRYPT:
+ case VIRTIO_CRYPTO_AEAD_DECRYPT:
+ default:
+ error_report("virtio-crypto unsupported dataq opcode: %u",
+ opcode);
+ virtio_crypto_req_complete(request, VIRTIO_CRYPTO_NOTSUPP);
+ virtio_crypto_free_request(request);
+ }
+
+ return 0;
+}
+
+static void virtio_crypto_handle_dataq(VirtIODevice *vdev, VirtQueue *vq)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(vdev);
+ VirtIOCryptoReq *req;
+
+ while ((req = virtio_crypto_get_request(vcrypto, vq))) {
+ if (virtio_crypto_handle_request(req) < 0) {
+ virtqueue_detach_element(req->vq, &req->elem, 0);
+ virtio_crypto_free_request(req);
+ break;
+ }
+ }
+}
+
static uint64_t virtio_crypto_get_features(VirtIODevice *vdev,
uint64_t features,
Error **errp)
@@ -365,7 +701,7 @@ static void virtio_crypto_device_realize(DeviceState *dev, Error **errp)
vcrypto->curr_queues = 1;
for (i = 0; i < vcrypto->max_queues; i++) {
- virtio_add_queue(vdev, 1024, NULL);
+ virtio_add_queue(vdev, 1024, virtio_crypto_handle_dataq);
}
vcrypto->ctrl_vq = virtio_add_queue(vdev, 64, virtio_crypto_handle_ctrl);
diff --git a/include/hw/virtio/virtio-crypto.h b/include/hw/virtio/virtio-crypto.h
index a5e826c..ff3abfe 100644
--- a/include/hw/virtio/virtio-crypto.h
+++ b/include/hw/virtio/virtio-crypto.h
@@ -36,6 +36,11 @@ do { \
#define VIRTIO_CRYPTO_GET_PARENT_CLASS(obj) \
OBJECT_GET_PARENT_CLASS(obj, TYPE_VIRTIO_CRYPTO)
+/* This is the last element of the write scatter-gather list */
+struct virtio_crypto_inhdr
+{
+ uint32_t status;
+};
typedef struct VirtIOCryptoConf {
CryptoDevBackend *cryptodev;
@@ -61,8 +66,10 @@ typedef struct VirtIOCryptoReq {
VirtQueueElement elem;
/* flags of operation, such as type of algorithm */
uint32_t flags;
- /* address of in data (Device to Driver) */
- void *idata_hva;
+ struct virtio_crypto_inhdr *in;
+ struct iovec *in_iov; /* Head address of dest iovec */
+ unsigned int in_num; /* Number of dest iovec */
+ size_t in_len;
VirtQueue *vq;
struct VirtIOCrypto *vcrypto;
union {
--
1.7.12.4
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [Qemu-devel] [PATCH RESEND v6 10/12] cryptodev: introduce an unified wrapper for crypto operation
2016-10-10 8:55 [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation Gonglei
` (8 preceding siblings ...)
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 09/12] virtio-crypto: add data queue processing handler Gonglei
@ 2016-10-10 8:55 ` Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 11/12] virtio-crypto: add myself as virtio-crypto and cryptodev backends maintainer Gonglei
` (3 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: Gonglei @ 2016-10-10 8:55 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, eblake, Gonglei
We use an opaque point to the VirtIOCryptoReq which
can support different packets based on different
algorithms.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
backends/cryptodev-builtin.c | 2 +-
backends/cryptodev.c | 28 ++++++++++++++++++++++++++--
hw/virtio/virtio-crypto.c | 10 +++++-----
include/sysemu/cryptodev.h | 13 +++++++------
4 files changed, 39 insertions(+), 14 deletions(-)
diff --git a/backends/cryptodev-builtin.c b/backends/cryptodev-builtin.c
index 34c45be..dc0a364 100644
--- a/backends/cryptodev-builtin.c
+++ b/backends/cryptodev-builtin.c
@@ -286,7 +286,7 @@ static int cryptodev_builtin_sym_operation(
return -VIRTIO_CRYPTO_ERR;
}
}
- return 0;
+ return VIRTIO_CRYPTO_OK;
}
static void cryptodev_builtin_cleanup(
diff --git a/backends/cryptodev.c b/backends/cryptodev.c
index 47521cf..4a49f97 100644
--- a/backends/cryptodev.c
+++ b/backends/cryptodev.c
@@ -30,6 +30,8 @@
#include "qapi-visit.h"
#include "qemu/config-file.h"
#include "qom/object_interfaces.h"
+#include "hw/virtio/virtio-crypto.h"
+
static QTAILQ_HEAD(, CryptoDevBackendClient) crypto_clients;
@@ -105,7 +107,7 @@ int cryptodev_backend_sym_close_session(
return -1;
}
-int cryptodev_backend_sym_operation(
+static int cryptodev_backend_sym_operation(
CryptoDevBackend *backend,
CryptoDevBackendSymOpInfo *op_info,
uint32_t queue_index, Error **errp)
@@ -117,7 +119,29 @@ int cryptodev_backend_sym_operation(
return bc->do_sym_op(backend, op_info, queue_index, errp);
}
- return -1;
+ return -VIRTIO_CRYPTO_ERR;
+}
+
+int cryptodev_backend_crypto_operation(
+ CryptoDevBackend *backend,
+ void *opaque,
+ uint32_t queue_index, Error **errp)
+{
+ VirtIOCryptoReq *req = opaque;
+
+ if (req->flags == CRYPTODEV_BACKEND_ALG_SYM) {
+ CryptoDevBackendSymOpInfo *op_info;
+ op_info = req->u.sym_op_info;
+
+ return cryptodev_backend_sym_operation(backend,
+ op_info, queue_index, errp);
+ } else {
+ error_setg(errp, "Unsupported cryptodev alg type: %" PRIu32 "",
+ req->flags);
+ return -VIRTIO_CRYPTO_NOTSUPP;
+ }
+
+ return -VIRTIO_CRYPTO_ERR;
}
static void
diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
index 29eb1a1..1729579 100644
--- a/hw/virtio/virtio-crypto.c
+++ b/hw/virtio/virtio-crypto.c
@@ -600,15 +600,15 @@ virtio_crypto_handle_request(VirtIOCryptoReq *request)
/* Set request's parameter */
request->flags = CRYPTODEV_BACKEND_ALG_SYM;
request->u.sym_op_info = sym_op_info;
- ret = cryptodev_backend_sym_operation(vcrypto->cryptodev,
- sym_op_info, queue_index, &local_err);
+ ret = cryptodev_backend_crypto_operation(vcrypto->cryptodev,
+ request, queue_index, &local_err);
if (ret < 0) {
- status = VIRTIO_CRYPTO_ERR;
+ status = -ret;
if (local_err) {
error_report_err(local_err);
}
- } else { /* ret >= 0 */
- status = VIRTIO_CRYPTO_OK;
+ } else { /* ret == VIRTIO_CRYPTO_OK */
+ status = ret;
}
virtio_crypto_req_complete(request, status);
virtio_crypto_free_request(request);
diff --git a/include/sysemu/cryptodev.h b/include/sysemu/cryptodev.h
index 8fbf1e2..f55b79e 100644
--- a/include/sysemu/cryptodev.h
+++ b/include/sysemu/cryptodev.h
@@ -264,20 +264,21 @@ int cryptodev_backend_sym_close_session(
uint32_t queue_index, Error **errp);
/**
- * cryptodev_backend_sym_operation:
+ * cryptodev_backend_crypto_operation:
* @backend: the cryptodev backend object
- * @op_info: parameters needed by symmetric crypto operation
+ * @opaque: pointer to a VirtIOCryptoReq object
* @queue_index: queue index of cryptodev backend client
* @errp: pointer to a NULL-initialized error object
*
- * Do symmetric crypto operation, such as encryption and
+ * Do crypto operation, such as encryption and
* decryption
*
- * Returns: 0 on success, or Negative on error
+ * Returns: VIRTIO_CRYPTO_OK on success,
+ * or -VIRTIO_CRYPTO_* on error
*/
-int cryptodev_backend_sym_operation(
+int cryptodev_backend_crypto_operation(
CryptoDevBackend *backend,
- CryptoDevBackendSymOpInfo *op_info,
+ void *opaque,
uint32_t queue_index, Error **errp);
#endif /* CRYPTODEV_H */
--
1.7.12.4
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [Qemu-devel] [PATCH RESEND v6 11/12] virtio-crypto: add myself as virtio-crypto and cryptodev backends maintainer
2016-10-10 8:55 [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation Gonglei
` (9 preceding siblings ...)
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 10/12] cryptodev: introduce an unified wrapper for crypto operation Gonglei
@ 2016-10-10 8:55 ` Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 12/12] virtio-crypto: perfect algorithms chainning support Gonglei
` (2 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: Gonglei @ 2016-10-10 8:55 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, eblake, Gonglei
This patch including two parts: Cryptodev Backends
and virtio-crypto stuff. I can maintain cryptodev backends
which introduced by myself. For virtio-crypto stuff, I can
share the work with Michael (The whole virtio supporter).
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
MAINTAINERS | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index 9bca506..aea9b91 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -981,6 +981,13 @@ F: include/sysemu/rng*.h
F: backends/rng*.c
F: tests/virtio-rng-test.c
+virtio-crypto
+M: Gonglei <arei.gonglei@huawei.com>
+S: Supported
+F: hw/virtio/virtio-crypto.c
+F: hw/virtio/virtio-crypto-pci.c
+F: include/hw/virtio/virtio-crypto.h
+
nvme
M: Keith Busch <keith.busch@intel.com>
L: qemu-block@nongnu.org
@@ -1223,6 +1230,12 @@ S: Maintained
F: backends/hostmem*.c
F: include/sysemu/hostmem.h
+Cryptodev Backends
+M: Gonglei <arei.gonglei@huawei.com>
+S: Maintained
+F: include/sysemu/cryptodev*.h
+F: backends/cryptodev*.c
+
QAPI
M: Markus Armbruster <armbru@redhat.com>
M: Michael Roth <mdroth@linux.vnet.ibm.com>
--
1.7.12.4
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [Qemu-devel] [PATCH RESEND v6 12/12] virtio-crypto: perfect algorithms chainning support
2016-10-10 8:55 [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation Gonglei
` (10 preceding siblings ...)
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 11/12] virtio-crypto: add myself as virtio-crypto and cryptodev backends maintainer Gonglei
@ 2016-10-10 8:55 ` Gonglei
2016-10-10 16:15 ` [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation no-reply
2016-10-11 10:46 ` no-reply
13 siblings, 0 replies; 15+ messages in thread
From: Gonglei @ 2016-10-10 8:55 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, eblake, Gonglei
For one source buffer, we can do cipher and hash operations
partly in algorithms chainning mode. We updated the
corresponding part in virtio crypto specification firstly.
The cryptodev-builtin backend doesn't support algorithm
chainning, so let's add a check for it.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
backends/cryptodev-builtin.c | 6 +++
hw/virtio/virtio-crypto.c | 62 ++++++++++++++++----------
include/standard-headers/linux/virtio_crypto.h | 11 ++++-
include/sysemu/cryptodev.h | 13 +++++-
4 files changed, 66 insertions(+), 26 deletions(-)
diff --git a/backends/cryptodev-builtin.c b/backends/cryptodev-builtin.c
index dc0a364..9ad79ad 100644
--- a/backends/cryptodev-builtin.c
+++ b/backends/cryptodev-builtin.c
@@ -265,6 +265,12 @@ static int cryptodev_builtin_sym_operation(
return -VIRTIO_CRYPTO_INVSESS;
}
+ if (op_info->op_type == VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING) {
+ error_setg(errp,
+ "Algorithm chain is unsupported for cryptdoev-builtin");
+ return -VIRTIO_CRYPTO_NOTSUPP;
+ }
+
sess = builtin->sessions[op_info->session_id];
ret = qcrypto_cipher_setiv(sess->cipher, op_info->iv,
diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
index 1729579..0bd0686 100644
--- a/hw/virtio/virtio-crypto.c
+++ b/hw/virtio/virtio-crypto.c
@@ -390,21 +390,42 @@ virtio_crypto_get_request(VirtIOCrypto *s, VirtQueue *vq)
static CryptoDevBackendSymOpInfo *
virtio_crypto_sym_op_helper(VirtIODevice *vdev,
- struct virtio_crypto_cipher_para *para,
- uint32_t aad_len,
- struct iovec *iov, unsigned int out_num,
- uint32_t hash_result_len,
- uint32_t hash_start_src_offset)
+ struct virtio_crypto_cipher_para *cipher_para,
+ struct virtio_crypto_alg_chain_data_para *alg_chain_para,
+ struct iovec *iov, unsigned int out_num)
{
CryptoDevBackendSymOpInfo *op_info;
- uint32_t src_len, dst_len;
- uint32_t iv_len;
+ uint32_t src_len = 0, dst_len = 0;
+ uint32_t iv_len = 0;
+ uint32_t aad_len = 0, hash_result_len = 0;
+ uint32_t hash_start_src_offset = 0, len_to_hash = 0;
+ uint32_t cipher_start_src_offset = 0, len_to_cipher = 0;
+
size_t max_len, curr_size = 0;
size_t s;
- iv_len = virtio_ldl_p(vdev, ¶->iv_len);
- src_len = virtio_ldl_p(vdev, ¶->src_data_len);
- dst_len = virtio_ldl_p(vdev, ¶->dst_data_len);
+ /* Plain cipher */
+ if (cipher_para) {
+ iv_len = virtio_ldl_p(vdev, &cipher_para->iv_len);
+ src_len = virtio_ldl_p(vdev, &cipher_para->src_data_len);
+ dst_len = virtio_ldl_p(vdev, &cipher_para->dst_data_len);
+ } else if (alg_chain_para) { /* Algorithm chain */
+ iv_len = virtio_ldl_p(vdev, &alg_chain_para->iv_len);
+ src_len = virtio_ldl_p(vdev, &alg_chain_para->src_data_len);
+ dst_len = virtio_ldl_p(vdev, &alg_chain_para->dst_data_len);
+
+ aad_len = virtio_ldl_p(vdev, &alg_chain_para->aad_len);
+ hash_result_len = virtio_ldl_p(vdev,
+ &alg_chain_para->hash_result_len);
+ hash_start_src_offset = virtio_ldl_p(vdev,
+ &alg_chain_para->hash_start_src_offset);
+ cipher_start_src_offset = virtio_ldl_p(vdev,
+ &alg_chain_para->cipher_start_src_offset);
+ len_to_cipher = virtio_ldl_p(vdev, &alg_chain_para->len_to_cipher);
+ len_to_hash = virtio_ldl_p(vdev, &alg_chain_para->len_to_hash);
+ } else {
+ return NULL;
+ }
max_len = iv_len + aad_len + src_len + dst_len + hash_result_len;
op_info = g_malloc0(sizeof(CryptoDevBackendSymOpInfo) + max_len);
@@ -414,6 +435,9 @@ virtio_crypto_sym_op_helper(VirtIODevice *vdev,
op_info->aad_len = aad_len;
op_info->digest_result_len = hash_result_len;
op_info->hash_start_src_offset = hash_start_src_offset;
+ op_info->len_to_hash = len_to_hash;
+ op_info->cipher_start_src_offset = cipher_start_src_offset;
+ op_info->len_to_cipher = len_to_cipher;
/* Handle the initilization vector */
if (op_info->iv_len > 0) {
DPRINTF("iv_len=%" PRIu32 "\n", op_info->iv_len);
@@ -491,25 +515,15 @@ virtio_crypto_handle_sym_req(VirtIOCrypto *vcrypto,
if (op_type == VIRTIO_CRYPTO_SYM_OP_CIPHER) {
op_info = virtio_crypto_sym_op_helper(vdev, &req->u.cipher.para,
- 0, iov, out_num, 0, 0);
+ NULL, iov, out_num);
if (!op_info) {
return -EFAULT;
}
op_info->op_type = op_type;
} else if (op_type == VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING) {
- uint32_t aad_len, hash_result_len;
- uint32_t hash_start_src_offset;
-
- aad_len = virtio_ldl_p(vdev, &req->u.chain.para.aad_len);
- hash_result_len = virtio_ldl_p(vdev,
- &req->u.chain.para.hash_result_len);
- hash_start_src_offset = virtio_ldl_p(vdev,
- &req->u.chain.para.hash_start_src_offset);
- /* cipher part */
- op_info = virtio_crypto_sym_op_helper(vdev, &req->u.chain.para.cipher,
- aad_len, iov, out_num,
- hash_result_len,
- hash_start_src_offset);
+ op_info = virtio_crypto_sym_op_helper(vdev, NULL,
+ &req->u.chain.para,
+ iov, out_num);
if (!op_info) {
return -EFAULT;
}
diff --git a/include/standard-headers/linux/virtio_crypto.h b/include/standard-headers/linux/virtio_crypto.h
index a62d192..3556fb3 100644
--- a/include/standard-headers/linux/virtio_crypto.h
+++ b/include/standard-headers/linux/virtio_crypto.h
@@ -301,7 +301,15 @@ struct virtio_crypto_mac_data_req {
};
struct virtio_crypto_alg_chain_data_para {
- struct virtio_crypto_cipher_para cipher;
+ __virtio32 iv_len;
+ /* Length of source data */
+ __virtio32 src_data_len;
+ /* Length of destination data */
+ __virtio32 dst_data_len;
+ /* Starting point for cipher processing in source data */
+ __virtio32 cipher_start_src_offset;
+ /* Length of the source data that the cipher will be computed on */
+ __virtio32 len_to_cipher;
/* Starting point for hash processing in source data */
__virtio32 hash_start_src_offset;
/* Length of the source data that the hash will be computed on */
@@ -310,6 +318,7 @@ struct virtio_crypto_alg_chain_data_para {
__virtio32 aad_len;
/* Length of the hash result */
__virtio32 hash_result_len;
+ __virtio32 reserved;
};
struct virtio_crypto_alg_chain_data_req {
diff --git a/include/sysemu/cryptodev.h b/include/sysemu/cryptodev.h
index f55b79e..f9a4b36 100644
--- a/include/sysemu/cryptodev.h
+++ b/include/sysemu/cryptodev.h
@@ -108,7 +108,15 @@ typedef struct CryptoDevBackendSymSessionInfo {
* @dst_len: byte length of destination data
* @digest_result_len: byte length of hash digest result
* @hash_start_src_offset: Starting point for hash processing, specified
- * as number of bytes from start of packet in source data
+ * as number of bytes from start of packet in source data, only used for
+ * algorithm chain
+ * @cipher_start_src_offset: Starting point for cipher processing, specified
+ * as number of bytes from start of packet in source data, only used for
+ * algorithm chain
+ * @len_to_hash: byte length of source data on which the hash
+ * operation will be computed, only used for algorithm chain
+ * @len_to_cipher: byte length of source data on which the cipher
+ * operation will be computed, only used for algorithm chain
* @op_type: operation type (refer to virtio_crypto.h)
* @iv: point to the initialization vector or counter
* @src: point to the source data
@@ -126,6 +134,9 @@ typedef struct CryptoDevBackendSymOpInfo {
uint32_t dst_len;
uint32_t digest_result_len;
uint32_t hash_start_src_offset;
+ uint32_t cipher_start_src_offset;
+ uint32_t len_to_hash;
+ uint32_t len_to_cipher;
uint8_t op_type;
uint8_t *iv;
uint8_t *src;
--
1.7.12.4
^ permalink raw reply related [flat|nested] 15+ messages in thread
* Re: [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation
2016-10-10 8:55 [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation Gonglei
` (11 preceding siblings ...)
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 12/12] virtio-crypto: perfect algorithms chainning support Gonglei
@ 2016-10-10 16:15 ` no-reply
2016-10-11 10:46 ` no-reply
13 siblings, 0 replies; 15+ messages in thread
From: no-reply @ 2016-10-10 16:15 UTC (permalink / raw)
To: arei.gonglei
Cc: famz, qemu-devel, virtio-dev, weidong.huang, claudio.fontana,
mst, xin.zeng, hanweidong, luonengjun, agraf, nmorey,
mike.caraman, stefanha, jianjay.zhou, pbonzini, peter.huangpeng,
vincent.jardin, wu.wubin, arei.gonglei
Hi,
Your series seems to have some coding style problems. See output below for
more information:
Message-id: 1476089730-65776-1-git-send-email-arei.gonglei@huawei.com
Subject: [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation
Type: series
=== TEST SCRIPT BEGIN ===
#!/bin/bash
BASE=base
n=1
total=$(git log --oneline $BASE.. | wc -l)
failed=0
# Useful git options
git config --local diff.renamelimit 0
git config --local diff.renames True
commits="$(git log --format=%H --reverse $BASE..)"
for c in $commits; do
echo "Checking PATCH $n/$total: $(git show --no-patch --format=%s $c)..."
if ! git show $c --format=email | ./scripts/checkpatch.pl --mailback -; then
failed=1
echo
fi
n=$((n+1))
done
exit $failed
=== TEST SCRIPT END ===
Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
Switched to a new branch 'test'
47cfbc1 virtio-crypto: perfect algorithms chainning support
81a4d12 virtio-crypto: add myself as virtio-crypto and cryptodev backends maintainer
7ad32b1 cryptodev: introduce an unified wrapper for crypto operation
4714b3d virtio-crypto: add data queue processing handler
b61dfe7 virtio-crypto: add control queue handler
8b91458 virtio-crypto: set capacity of algorithms supported
c0f4d06 virtio-crypto-pci: add virtio crypto pci support
a7e5efe virtio-crypto: add virtio crypto device emulation
727ff7f cryptodev: introduce a new cryptodev backend
a7db317 virtio-crypto: introduce virtio_crypto.h
c2324a0 cryptodev: add symmetric algorithm operation stuff
a302606 cryptodev: introduce cryptodev backend interface
=== OUTPUT BEGIN ===
Checking PATCH 1/12: cryptodev: introduce cryptodev backend interface...
Checking PATCH 2/12: cryptodev: add symmetric algorithm operation stuff...
Checking PATCH 3/12: virtio-crypto: introduce virtio_crypto.h...
Checking PATCH 4/12: cryptodev: introduce a new cryptodev backend...
Checking PATCH 5/12: virtio-crypto: add virtio crypto device emulation...
Checking PATCH 6/12: virtio-crypto-pci: add virtio crypto pci support...
Checking PATCH 7/12: virtio-crypto: set capacity of algorithms supported...
Checking PATCH 8/12: virtio-crypto: add control queue handler...
Checking PATCH 9/12: virtio-crypto: add data queue processing handler...
ERROR: open brace '{' following struct go on the same line
#382: FILE: include/hw/virtio/virtio-crypto.h:41:
+struct virtio_crypto_inhdr
+{
total: 1 errors, 0 warnings, 373 lines checked
Your patch has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
Checking PATCH 10/12: cryptodev: introduce an unified wrapper for crypto operation...
Checking PATCH 11/12: virtio-crypto: add myself as virtio-crypto and cryptodev backends maintainer...
Checking PATCH 12/12: virtio-crypto: perfect algorithms chainning support...
=== OUTPUT END ===
Test command exited with code: 1
---
Email generated automatically by Patchew [http://patchew.org/].
Please send your feedback to patchew-devel@freelists.org
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation
2016-10-10 8:55 [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation Gonglei
` (12 preceding siblings ...)
2016-10-10 16:15 ` [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation no-reply
@ 2016-10-11 10:46 ` no-reply
13 siblings, 0 replies; 15+ messages in thread
From: no-reply @ 2016-10-11 10:46 UTC (permalink / raw)
To: arei.gonglei
Cc: famz, qemu-devel, virtio-dev, weidong.huang, claudio.fontana,
mst, xin.zeng, hanweidong, luonengjun, agraf, nmorey,
mike.caraman, stefanha, jianjay.zhou, pbonzini, peter.huangpeng,
vincent.jardin, wu.wubin, arei.gonglei
Hi,
Your series failed automatic build test. Please find the testing commands and
their output below. If you have docker installed, you can probably reproduce it
locally.
Message-id: 1476089730-65776-1-git-send-email-arei.gonglei@huawei.com
Subject: [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation
Type: series
=== TEST SCRIPT BEGIN ===
#!/bin/bash
set -e
git submodule update --init dtc
# Let docker tests dump environment info
export SHOW_ENV=1
make J=8 docker-test-quick@centos6
make J=8 docker-test-mingw@fedora
=== TEST SCRIPT END ===
Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
Switched to a new branch 'test'
47cfbc1 virtio-crypto: perfect algorithms chainning support
81a4d12 virtio-crypto: add myself as virtio-crypto and cryptodev backends maintainer
7ad32b1 cryptodev: introduce an unified wrapper for crypto operation
4714b3d virtio-crypto: add data queue processing handler
b61dfe7 virtio-crypto: add control queue handler
8b91458 virtio-crypto: set capacity of algorithms supported
c0f4d06 virtio-crypto-pci: add virtio crypto pci support
a7e5efe virtio-crypto: add virtio crypto device emulation
727ff7f cryptodev: introduce a new cryptodev backend
a7db317 virtio-crypto: introduce virtio_crypto.h
c2324a0 cryptodev: add symmetric algorithm operation stuff
a302606 cryptodev: introduce cryptodev backend interface
=== OUTPUT BEGIN ===
Submodule 'dtc' (git://git.qemu-project.org/dtc.git) registered for path 'dtc'
Cloning into 'dtc'...
Submodule path 'dtc': checked out '65cc4d2748a2c2e6f27f1cf39e07a5dbabd80ebf'
BUILD centos6
ARCHIVE qemu.tgz
ARCHIVE dtc.tgz
COPY RUNNER
RUN test-quick in centos6
Packages installed:
SDL-devel-1.2.14-7.el6_7.1.x86_64
ccache-3.1.6-2.el6.x86_64
epel-release-6-8.noarch
gcc-4.4.7-17.el6.x86_64
git-1.7.1-4.el6_7.1.x86_64
glib2-devel-2.28.8-5.el6.x86_64
libfdt-devel-1.4.0-1.el6.x86_64
make-3.81-23.el6.x86_64
package g++ is not installed
pixman-devel-0.32.8-1.el6.x86_64
tar-1.23-15.el6_8.x86_64
zlib-devel-1.2.3-29.el6.x86_64
Environment variables:
PACKAGES=libfdt-devel ccache tar git make gcc g++ zlib-devel glib2-devel SDL-devel pixman-devel epel-release
HOSTNAME=6a7e1ed80713
TERM=xterm
MAKEFLAGS= -j8
HISTSIZE=1000
J=8
USER=root
CCACHE_DIR=/var/tmp/ccache
EXTRA_CONFIGURE_OPTS=
V=
SHOW_ENV=1
MAIL=/var/spool/mail/root
PATH=/usr/lib/ccache:/usr/lib64/ccache:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PWD=/
LANG=en_US.UTF-8
TARGET_LIST=
HISTCONTROL=ignoredups
SHLVL=1
HOME=/root
TEST_DIR=/tmp/qemu-test
LOGNAME=root
LESSOPEN=||/usr/bin/lesspipe.sh %s
FEATURES= dtc
DEBUG=
G_BROKEN_FILENAMES=1
CCACHE_HASHDIR=
_=/usr/bin/env
Configure options:
--enable-werror --target-list=x86_64-softmmu,aarch64-softmmu --prefix=/var/tmp/qemu-build/install
No C++ compiler available; disabling C++ specific optional code
Install prefix /var/tmp/qemu-build/install
BIOS directory /var/tmp/qemu-build/install/share/qemu
binary directory /var/tmp/qemu-build/install/bin
library directory /var/tmp/qemu-build/install/lib
module directory /var/tmp/qemu-build/install/lib/qemu
libexec directory /var/tmp/qemu-build/install/libexec
include directory /var/tmp/qemu-build/install/include
config directory /var/tmp/qemu-build/install/etc
local state directory /var/tmp/qemu-build/install/var
Manual directory /var/tmp/qemu-build/install/share/man
ELF interp prefix /usr/gnemul/qemu-%M
Source path /tmp/qemu-test/src
C compiler cc
Host C compiler cc
C++ compiler
Objective-C compiler cc
ARFLAGS rv
CFLAGS -O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -g
QEMU_CFLAGS -I/usr/include/pixman-1 -pthread -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -fPIE -DPIE -m64 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wall -Wundef -Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv -Wendif-labels -Wmissing-include-dirs -Wempty-body -Wnested-externs -Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers -Wold-style-declaration -Wold-style-definition -Wtype-limits -fstack-protector-all
LDFLAGS -Wl,--warn-common -Wl,-z,relro -Wl,-z,now -pie -m64 -g
make make
install install
python python -B
smbd /usr/sbin/smbd
module support no
host CPU x86_64
host big endian no
target list x86_64-softmmu aarch64-softmmu
tcg debug enabled no
gprof enabled no
sparse enabled no
strip binaries yes
profiler no
static build no
pixman system
SDL support yes (1.2.14)
GTK support no
GTK GL support no
VTE support no
TLS priority NORMAL
GNUTLS support no
GNUTLS rnd no
libgcrypt no
libgcrypt kdf no
nettle no
nettle kdf no
libtasn1 no
curses support no
virgl support no
curl support no
mingw32 support no
Audio drivers oss
Block whitelist (rw)
Block whitelist (ro)
VirtFS support no
VNC support yes
VNC SASL support no
VNC JPEG support no
VNC PNG support no
xen support no
brlapi support no
bluez support no
Documentation no
PIE yes
vde support no
netmap support no
Linux AIO support no
ATTR/XATTR support yes
Install blobs yes
KVM support yes
RDMA support no
TCG interpreter no
fdt support yes
preadv support yes
fdatasync yes
madvise yes
posix_madvise yes
libcap-ng support no
vhost-net support yes
vhost-scsi support yes
vhost-vsock support yes
Trace backends log
spice support no
rbd support no
xfsctl support no
smartcard support no
libusb no
usb net redir no
OpenGL support no
OpenGL dmabufs no
libiscsi support no
libnfs support no
build guest agent yes
QGA VSS support no
QGA w32 disk info no
QGA MSI support no
seccomp support no
coroutine backend ucontext
coroutine pool yes
debug stack usage no
GlusterFS support no
Archipelago support no
gcov gcov
gcov enabled no
TPM support yes
libssh2 support no
TPM passthrough yes
QOM debugging yes
lzo support no
snappy support no
bzip2 support no
NUMA host support no
tcmalloc support no
jemalloc support no
avx2 optimization no
replication support yes
GEN x86_64-softmmu/config-devices.mak.tmp
GEN aarch64-softmmu/config-devices.mak.tmp
GEN config-host.h
GEN qemu-options.def
GEN qmp-commands.h
GEN qapi-types.h
GEN qapi-visit.h
GEN qapi-event.h
GEN x86_64-softmmu/config-devices.mak
GEN aarch64-softmmu/config-devices.mak
GEN qmp-introspect.h
GEN module_block.h
GEN tests/test-qapi-types.h
GEN tests/test-qapi-visit.h
GEN tests/test-qmp-commands.h
GEN tests/test-qapi-event.h
GEN tests/test-qmp-introspect.h
GEN config-all-devices.mak
GEN trace/generated-events.h
GEN trace/generated-tracers.h
GEN trace/generated-tcg-tracers.h
GEN trace/generated-helpers-wrappers.h
GEN trace/generated-helpers.h
CC tests/qemu-iotests/socket_scm_helper.o
GEN qga/qapi-generated/qga-qapi-types.h
GEN qga/qapi-generated/qga-qapi-visit.h
GEN qga/qapi-generated/qga-qmp-commands.h
GEN qga/qapi-generated/qga-qapi-types.c
GEN qga/qapi-generated/qga-qapi-visit.c
GEN qga/qapi-generated/qga-qmp-marshal.c
GEN qmp-introspect.c
GEN qapi-types.c
GEN qapi-visit.c
GEN qapi-event.c
CC qapi/qapi-visit-core.o
CC qapi/qapi-dealloc-visitor.o
CC qapi/qmp-input-visitor.o
CC qapi/qmp-output-visitor.o
CC qapi/qmp-registry.o
CC qapi/qmp-dispatch.o
CC qapi/string-input-visitor.o
CC qapi/string-output-visitor.o
CC qapi/opts-visitor.o
CC qapi/qapi-clone-visitor.o
CC qapi/qmp-event.o
CC qapi/qapi-util.o
CC qobject/qnull.o
CC qobject/qint.o
CC qobject/qstring.o
CC qobject/qdict.o
CC qobject/qlist.o
CC qobject/qfloat.o
CC qobject/qbool.o
CC qobject/qjson.o
CC qobject/qobject.o
CC qobject/json-lexer.o
CC qobject/json-streamer.o
CC qobject/json-parser.o
GEN trace/generated-events.c
CC trace/control.o
CC trace/qmp.o
CC util/osdep.o
CC util/cutils.o
CC util/unicode.o
CC util/qemu-timer-common.o
CC util/bufferiszero.o
CC util/compatfd.o
CC util/event_notifier-posix.o
CC util/mmap-alloc.o
CC util/oslib-posix.o
CC util/qemu-openpty.o
CC util/qemu-thread-posix.o
CC util/memfd.o
CC util/envlist.o
CC util/path.o
CC util/module.o
CC util/bitmap.o
CC util/bitops.o
CC util/hbitmap.o
CC util/fifo8.o
CC util/acl.o
CC util/error.o
CC util/qemu-error.o
CC util/id.o
CC util/iov.o
CC util/qemu-config.o
CC util/qemu-sockets.o
CC util/uri.o
CC util/notify.o
CC util/qemu-option.o
CC util/hexdump.o
CC util/qemu-progress.o
CC util/crc32c.o
CC util/uuid.o
CC util/throttle.o
CC util/getauxval.o
CC util/readline.o
CC util/rfifolock.o
CC util/rcu.o
CC util/qemu-coroutine.o
CC util/qemu-coroutine-lock.o
CC util/qemu-coroutine-io.o
CC util/qemu-coroutine-sleep.o
CC util/coroutine-ucontext.o
CC util/buffer.o
CC util/timed-average.o
CC util/base64.o
CC util/log.o
CC util/qdist.o
CC util/qht.o
CC util/range.o
CC crypto/pbkdf-stub.o
CC stubs/arch-query-cpu-def.o
CC stubs/arch-query-cpu-model-expansion.o
CC stubs/arch-query-cpu-model-comparison.o
CC stubs/arch-query-cpu-model-baseline.o
CC stubs/bdrv-next-monitor-owned.o
CC stubs/blk-commit-all.o
CC stubs/blockdev-close-all-bdrv-states.o
CC stubs/clock-warp.o
CC stubs/cpu-get-clock.o
CC stubs/cpu-get-icount.o
CC stubs/dump.o
CC stubs/fdset-add-fd.o
CC stubs/fdset-find-fd.o
CC stubs/fdset-get-fd.o
CC stubs/fdset-remove-fd.o
CC stubs/gdbstub.o
CC stubs/get-fd.o
CC stubs/get-next-serial.o
CC stubs/get-vm-name.o
CC stubs/iothread-lock.o
CC stubs/is-daemonized.o
CC stubs/machine-init-done.o
CC stubs/migr-blocker.o
CC stubs/mon-is-qmp.o
CC stubs/mon-printf.o
CC stubs/monitor-init.o
CC stubs/notify-event.o
CC stubs/qtest.o
CC stubs/replay.o
CC stubs/replay-user.o
CC stubs/reset.o
CC stubs/runstate-check.o
CC stubs/set-fd-handler.o
CC stubs/slirp.o
CC stubs/sysbus.o
CC stubs/trace-control.o
CC stubs/uuid.o
CC stubs/vm-stop.o
CC stubs/vmstate.o
CC stubs/cpus.o
CC stubs/kvm.o
CC stubs/qmp_pc_dimm_device_list.o
CC stubs/target-monitor-defs.o
CC stubs/target-get-monitor-def.o
CC stubs/vhost.o
CC stubs/iohandler.o
CC stubs/smbios_type_38.o
CC stubs/ipmi.o
CC stubs/pc_madt_cpu_entry.o
CC contrib/ivshmem-client/ivshmem-client.o
CC contrib/ivshmem-client/main.o
CC contrib/ivshmem-server/ivshmem-server.o
CC contrib/ivshmem-server/main.o
CC qemu-nbd.o
CC async.o
CC thread-pool.o
CC block.o
CC blockjob.o
CC main-loop.o
CC iohandler.o
CC qemu-timer.o
CC aio-posix.o
CC qemu-io-cmds.o
CC replication.o
CC block/raw_bsd.o
CC block/qcow.o
CC block/vdi.o
CC block/vmdk.o
CC block/cloop.o
CC block/bochs.o
CC block/vpc.o
CC block/vvfat.o
CC block/dmg.o
CC block/qcow2.o
CC block/qcow2-refcount.o
CC block/qcow2-cluster.o
CC block/qcow2-snapshot.o
CC block/qcow2-cache.o
CC block/qed.o
CC block/qed-gencb.o
CC block/qed-l2-cache.o
CC block/qed-table.o
CC block/qed-cluster.o
CC block/qed-check.o
CC block/vhdx.o
CC block/vhdx-endian.o
CC block/vhdx-log.o
CC block/quorum.o
CC block/parallels.o
CC block/blkdebug.o
CC block/blkverify.o
CC block/blkreplay.o
CC block/block-backend.o
CC block/snapshot.o
CC block/qapi.o
CC block/raw-posix.o
CC block/null.o
CC block/mirror.o
CC block/commit.o
CC block/io.o
CC block/throttle-groups.o
CC block/nbd.o
CC block/nbd-client.o
CC block/sheepdog.o
CC block/accounting.o
CC block/dirty-bitmap.o
CC block/write-threshold.o
CC block/backup.o
CC block/replication.o
CC block/crypto.o
CC nbd/server.o
CC nbd/client.o
CC nbd/common.o
CC crypto/init.o
CC crypto/hash.o
CC crypto/hash-glib.o
CC crypto/aes.o
CC crypto/desrfb.o
CC crypto/cipher.o
CC crypto/tlscreds.o
CC crypto/tlscredsanon.o
CC crypto/tlscredsx509.o
CC crypto/tlssession.o
CC crypto/secret.o
CC crypto/random-platform.o
CC crypto/pbkdf.o
CC crypto/ivgen.o
CC crypto/ivgen-essiv.o
CC crypto/ivgen-plain.o
CC crypto/ivgen-plain64.o
CC crypto/afsplit.o
CC crypto/xts.o
CC crypto/block.o
CC crypto/block-qcow.o
CC crypto/block-luks.o
CC io/channel.o
CC io/channel-buffer.o
CC io/channel-command.o
CC io/channel-file.o
CC io/channel-socket.o
CC io/channel-tls.o
CC io/channel-watch.o
CC io/channel-websock.o
CC io/channel-util.o
CC io/task.o
CC qom/object.o
CC qom/container.o
CC qom/qom-qobject.o
CC qom/object_interfaces.o
GEN qemu-img-cmds.h
CC qemu-io.o
CC qemu-bridge-helper.o
CC blockdev.o
CC blockdev-nbd.o
CC iothread.o
CC qdev-monitor.o
CC device-hotplug.o
CC os-posix.o
CC qemu-char.o
CC page_cache.o
CC accel.o
CC bt-host.o
CC bt-vhci.o
CC dma-helpers.o
CC vl.o
CC tpm.o
CC device_tree.o
GEN qmp-marshal.c
CC qmp.o
CC hmp.o
CC tcg-runtime.o
CC cpus-common.o
CC audio/audio.o
CC audio/noaudio.o
CC audio/wavaudio.o
CC audio/mixeng.o
CC audio/sdlaudio.o
CC audio/ossaudio.o
CC audio/wavcapture.o
CC backends/rng.o
CC backends/rng-egd.o
CC backends/rng-random.o
CC backends/msmouse.o
CC backends/testdev.o
CC backends/tpm.o
CC backends/hostmem.o
CC backends/hostmem-ram.o
CC backends/hostmem-file.o
CC backends/cryptodev.o
CC backends/cryptodev-builtin.o
CC block/stream.o
CC disas/arm.o
CC disas/i386.o
CC fsdev/qemu-fsdev-dummy.o
CC fsdev/qemu-fsdev-opts.o
CC hw/acpi/core.o
CC hw/acpi/piix4.o
CC hw/acpi/pcihp.o
CC hw/acpi/ich9.o
CC hw/acpi/tco.o
CC hw/acpi/cpu_hotplug.o
CC hw/acpi/memory_hotplug.o
CC hw/acpi/memory_hotplug_acpi_table.o
CC hw/acpi/cpu.o
CC hw/acpi/acpi_interface.o
CC hw/acpi/bios-linker-loader.o
CC hw/acpi/aml-build.o
CC hw/acpi/ipmi.o
CC hw/audio/sb16.o
CC hw/audio/es1370.o
CC hw/audio/ac97.o
CC hw/audio/fmopl.o
CC hw/audio/adlib.o
CC hw/audio/gus.o
CC hw/audio/gusemu_hal.o
CC hw/audio/gusemu_mixer.o
CC hw/audio/cs4231a.o
CC hw/audio/intel-hda.o
CC hw/audio/hda-codec.o
CC hw/audio/pcspk.o
CC hw/audio/wm8750.o
CC hw/audio/pl041.o
CC hw/audio/lm4549.o
CC hw/audio/marvell_88w8618.o
CC hw/block/block.o
CC hw/block/cdrom.o
CC hw/block/hd-geometry.o
CC hw/block/fdc.o
CC hw/block/m25p80.o
CC hw/block/nand.o
CC hw/block/pflash_cfi01.o
CC hw/block/pflash_cfi02.o
CC hw/block/ecc.o
CC hw/block/onenand.o
CC hw/block/nvme.o
CC hw/bt/core.o
CC hw/bt/l2cap.o
CC hw/bt/sdp.o
CC hw/bt/hci.o
CC hw/bt/hid.o
CC hw/bt/hci-csr.o
CC hw/char/ipoctal232.o
CC hw/char/parallel.o
CC hw/char/pl011.o
CC hw/char/serial.o
CC hw/char/serial-isa.o
CC hw/char/serial-pci.o
CC hw/char/virtio-console.o
CC hw/char/cadence_uart.o
/tmp/qemu-test/src/backends/cryptodev-builtin.c: In function ‘cryptodev_builtin_create_cipher_session’:
/tmp/qemu-test/src/backends/cryptodev-builtin.c:169: error: ‘QCRYPTO_CIPHER_MODE_CTR’ undeclared (first use in this function)
/tmp/qemu-test/src/backends/cryptodev-builtin.c:169: error: (Each undeclared identifier is reported only once
/tmp/qemu-test/src/backends/cryptodev-builtin.c:169: error: for each function it appears in.)
CC hw/char/debugcon.o
make: *** [backends/cryptodev-builtin.o] Error 1
make: *** Waiting for unfinished jobs....
tests/docker/Makefile.include:107: recipe for target 'docker-run-test-quick@centos6' failed
make: *** [docker-run-test-quick@centos6] Error 2
=== OUTPUT END ===
Test command exited with code: 2
---
Email generated automatically by Patchew [http://patchew.org/].
Please send your feedback to patchew-devel@freelists.org
^ permalink raw reply [flat|nested] 15+ messages in thread
end of thread, other threads:[~2016-10-11 10:47 UTC | newest]
Thread overview: 15+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-10-10 8:55 [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 01/12] cryptodev: introduce cryptodev backend interface Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 02/12] cryptodev: add symmetric algorithm operation stuff Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 03/12] virtio-crypto: introduce virtio_crypto.h Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 04/12] cryptodev: introduce a new cryptodev backend Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 05/12] virtio-crypto: add virtio crypto device emulation Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 06/12] virtio-crypto-pci: add virtio crypto pci support Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 07/12] virtio-crypto: set capacity of algorithms supported Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 08/12] virtio-crypto: add control queue handler Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 09/12] virtio-crypto: add data queue processing handler Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 10/12] cryptodev: introduce an unified wrapper for crypto operation Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 11/12] virtio-crypto: add myself as virtio-crypto and cryptodev backends maintainer Gonglei
2016-10-10 8:55 ` [Qemu-devel] [PATCH RESEND v6 12/12] virtio-crypto: perfect algorithms chainning support Gonglei
2016-10-10 16:15 ` [Qemu-devel] [PATCH RESEND v6 00/12] virtio-crypto: introduce framework and device emulation no-reply
2016-10-11 10:46 ` no-reply
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.