From mboxrd@z Thu Jan 1 00:00:00 1970 From: Yuanhan Liu Subject: Re: [PATCH 00/12] lib/librte_vhost: introduce new vhost_user crypto Date: Thu, 18 Jan 2018 22:59:52 +0800 Message-ID: <20180118145952.GN29540@yliu-mob> References: <20171127200115.31049-1-roy.fan.zhang@intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: dev@dpdk.org, maxime.coquelin@redhat.com, tiwei.bie@intel.com To: Fan Zhang Return-path: Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) by dpdk.org (Postfix) with ESMTP id 402F81B340 for ; Thu, 18 Jan 2018 15:59:57 +0100 (CET) Content-Disposition: inline In-Reply-To: <20171127200115.31049-1-roy.fan.zhang@intel.com> List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" On Mon, Nov 27, 2017 at 08:01:03PM +0000, Fan Zhang wrote: > This patchset adds crypto backend suppport to vhost_user library, > including a proof-of-concept sample application. The implementation > follows the virtio-crypto specification and have been tested > with qemu 2.9.50 (with several patches applied, detailed later) > with Fedora 24 running in the frontend. > > The vhost_user library acts as a "bridge" method that translate > the virtio-crypto crypto requests to DPDK crypto operations, so it > is purely software implementation. However it does require the user > to provide the DPDK Cryptodev ID so it knows how to handle the > virtio-crypto session creation and deletion mesages. > > Currently the implementation supports AES-CBC-128 and HMAC-SHA1 > cipher only/chaining modes and does not support sessionless mode > yet. The guest can use standard virtio-crypto driver to set up > session and sends encryption/decryption requests to backend. The > vhost-crypto sample application provided in this patchset will > do the actual crypto work. > > To make this patchset working, a few tweaks need to be done: > > In the host: > 1. Download the qemu source code, and apply the patches in: > list.nongnu.org/archive/html/qemu-devel/2017-07/msg04664.html. I could not open it. What's the status of them now? Have they got merged? Besides that, this patchset doesn't seem well organized. For example, Makefile, version_map, config file, doc (etc.) are all updated separately. Could you do a re-organization? Personally, I'd suggest something below: - one patch for introduce extra msg_handler - one patch for implementing vhost_crypto (release doc should also be updated here). - one patch for adding an example (example doc should also be included here). Of course, if you could split 2nd item a bit further, that'd be better. Also, the new functions should be marked as "experimental". --yliu > As the patches have been out for over 2 months, they cannot be > cleanly applied to the latest code. I have reverted the commits > back to 4c4414a to make the patches applied cleanly. > > 2. Recompile your qemu. > > 3. Apply this patchset to latest DPDK code and recompile DPDK. > > 4. Compile and run vhost-crypto sample application. > > ./examples/vhost_crypto/build/vhost-crypto -l 11,12,13 -w 0000:86:01.0 \ > --socket-mem 2048,2048 > > Where 0000:86:01.0 is the QAT PCI address. You may use AES-NI-MB if it is > not available. The sample application requires 3 lcores: 1 master, 1 worker, > and 1 statistics displaying worker. The application will create a UNIX socket > file /tmp/vhost_crypto1.socket. > > 5. Start your qemu application. Here is my command: > > qemu/x86_64-softmmu/qemu-system-x86_64 -machine accel=kvm -cpu host \ > -smp 2 -m 1G -hda ~/path-to-your/image.qcow \ > -object memory-backend-file,id=mem,size=1G,mem-path=/dev/hugepages,share=on \ > -mem-prealloc -numa node,memdev=mem -chardev \ > socket,id=charcrypto0,path=/tmp/vhost_crypto1.socket \ > -object cryptodev-vhost-user,id=cryptodev0,chardev=charcrypto0 \ > -device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0 > > 6. Once guest is booted. The Linux virtio_crypto kernel module is loaded by > default. You shall see the following logs in your demsg: > > [ 17.611723] virtio_crypto virtio0: max_queues: 1, max_cipher_key_len: ... > [ 17.612156] virtio_crypto virtio0: will run requests pump with realtime ... > [ 18.376100] virtio_crypto virtio0: Accelerator is ready > > The virtio_crypto driver in the guest is now up and running. > > 7. The rest steps can be as same as the Testing section in > https://wiki.qemu.org/Features/VirtioCrypto > > Fan Zhang (12): > lib/librte_vhost: add private data field > lib/librte_vhost: add vhost_user private info structure > lib/librte_vhost: add virtio crypto user message structure > lib/librte_vhost: add session messsage handler > lib/librte_vhost: add request handler > lib/librte_vhost: add head file > lib/librte_vhost: add public function implementation > lib/librte_vhost: update version map > lib/librte_vhost: update makefile > config: added no copy configuration item > example/vhost_crypto: add vhost_crypto sample application > doc: update vhost crypto documentation > > config/common_base | 1 + > doc/guides/prog_guide/vhost_lib.rst | 16 + > doc/guides/rel_notes/release_18_02.rst | 7 + > doc/guides/sample_app_ug/index.rst | 1 + > doc/guides/sample_app_ug/vhost_crypto.rst | 95 +++ > examples/vhost_crypto/Makefile | 59 ++ > examples/vhost_crypto/main.c | 588 +++++++++++++ > lib/librte_vhost/Makefile | 6 +- > lib/librte_vhost/rte_vhost_crypto.h | 150 ++++ > lib/librte_vhost/rte_vhost_version.map | 11 + > lib/librte_vhost/vhost.h | 4 +- > lib/librte_vhost/vhost_crypto.c | 1314 +++++++++++++++++++++++++++++ > lib/librte_vhost/vhost_user.c | 13 +- > lib/librte_vhost/vhost_user.h | 34 +- > 14 files changed, 2294 insertions(+), 5 deletions(-) > create mode 100644 doc/guides/sample_app_ug/vhost_crypto.rst > create mode 100644 examples/vhost_crypto/Makefile > create mode 100644 examples/vhost_crypto/main.c > create mode 100644 lib/librte_vhost/rte_vhost_crypto.h > create mode 100644 lib/librte_vhost/vhost_crypto.c > > -- > 2.9.5