[dpdk-dev] [PATCH v4 7/7] app/crypto-perf: add support for DOCSIS protocol

[David Coyle <david.coyle@intel.com>]

Update test-crypto-perf app to calculate DOCSIS throughput numbers.

1 new parameter is added for DOCSIS:
--docsis-hdr-sz <n>

./dpdk-test-crypto-perf -l 3,4 --socket-mem 2048,0
--vdev crypto_aesni_mb_pmd_1 -n 1 -- --devtype crypto_aesni_mb
--optype docsis --cipher-algo aes-docsisbpi --cipher-op encrypt
--cipher-key-sz 16 --cipher-iv-sz 16 --burst-sz 32 --total-ops 20000000
--buffer-sz 1024 --silent --docsis-hdr-sz 17

Signed-off-by: David Coyle <david.coyle@intel.com>
Signed-off-by: Mairtin o Loingsigh <mairtin.oloingsigh@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 app/test-crypto-perf/cperf_ops.c             | 82 ++++++++++++++++++--
 app/test-crypto-perf/cperf_options.h         |  5 +-
 app/test-crypto-perf/cperf_options_parsing.c | 67 +++++++++++++++-
 app/test-crypto-perf/cperf_test_throughput.c |  3 +-
 app/test-crypto-perf/cperf_test_vectors.c    |  3 +-
 app/test-crypto-perf/main.c                  |  5 +-
 app/test-crypto-perf/meson.build             |  2 +-
 doc/guides/rel_notes/release_20_08.rst       |  6 ++
 doc/guides/tools/cryptoperf.rst              |  5 ++
 9 files changed, 166 insertions(+), 12 deletions(-)

diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c
index 97584ceed..e06b59f55 100644
--- a/app/test-crypto-perf/cperf_ops.c
+++ b/app/test-crypto-perf/cperf_ops.c
@@ -3,6 +3,7 @@
  */
 
 #include <rte_cryptodev.h>
+#include <rte_ether.h>
 
 #include "cperf_ops.h"
 #include "cperf_test_vectors.h"
@@ -15,8 +16,7 @@ cperf_set_ops_security(struct rte_crypto_op **ops,
 		uint16_t nb_ops, struct rte_cryptodev_sym_session *sess,
 		const struct cperf_options *options __rte_unused,
 		const struct cperf_test_vector *test_vector __rte_unused,
-		uint16_t iv_offset __rte_unused,
-		uint32_t *imix_idx __rte_unused)
+		uint16_t iv_offset __rte_unused, uint32_t *imix_idx)
 {
 	uint16_t i;
 
@@ -24,14 +24,39 @@ cperf_set_ops_security(struct rte_crypto_op **ops,
 		struct rte_crypto_sym_op *sym_op = ops[i]->sym;
 		struct rte_security_session *sec_sess =
 			(struct rte_security_session *)sess;
+		uint32_t buf_sz;
 
 		ops[i]->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
 		rte_security_attach_session(ops[i], sec_sess);
 		sym_op->m_src = (struct rte_mbuf *)((uint8_t *)ops[i] +
 							src_buf_offset);
-		sym_op->m_src->buf_len = options->segment_sz;
-		sym_op->m_src->data_len = options->test_buffer_size;
-		sym_op->m_src->pkt_len = sym_op->m_src->data_len;
+
+		if (options->op_type == CPERF_PDCP) {
+			sym_op->m_src->buf_len = options->segment_sz;
+			sym_op->m_src->data_len = options->test_buffer_size;
+			sym_op->m_src->pkt_len = sym_op->m_src->data_len;
+		}
+
+		if (options->op_type == CPERF_DOCSIS) {
+			if (options->imix_distribution_count) {
+				buf_sz = options->imix_buffer_sizes[*imix_idx];
+				*imix_idx = (*imix_idx + 1) % options->pool_sz;
+			} else
+				buf_sz = options->test_buffer_size;
+
+			/* DOCSIS header is not CRC'ed */
+			sym_op->auth.data.offset = options->docsis_hdr_sz;
+			sym_op->auth.data.length = buf_sz -
+				sym_op->auth.data.offset - RTE_ETHER_CRC_LEN;
+			/*
+			 * DOCSIS header and SRC and DST MAC addresses are not
+			 * ciphered
+			 */
+			sym_op->cipher.data.offset = sym_op->auth.data.offset +
+				RTE_ETHER_HDR_LEN - RTE_ETHER_TYPE_LEN;
+			sym_op->cipher.data.length = buf_sz -
+				sym_op->cipher.data.offset;
+		}
 
 		/* Set dest mbuf to NULL if out-of-place (dst_buf_offset = 0) */
 		if (dst_buf_offset == 0)
@@ -589,6 +614,49 @@ cperf_create_session(struct rte_mempool *sess_mp,
 		return (void *)rte_security_session_create(ctx,
 					&sess_conf, sess_mp);
 	}
+	if (options->op_type == CPERF_DOCSIS) {
+		enum rte_security_docsis_direction direction;
+
+		cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+		cipher_xform.next = NULL;
+		cipher_xform.cipher.algo = options->cipher_algo;
+		cipher_xform.cipher.op = options->cipher_op;
+		cipher_xform.cipher.iv.offset = iv_offset;
+		if (options->cipher_algo != RTE_CRYPTO_CIPHER_NULL) {
+			cipher_xform.cipher.key.data =
+				test_vector->cipher_key.data;
+			cipher_xform.cipher.key.length =
+				test_vector->cipher_key.length;
+			cipher_xform.cipher.iv.length =
+				test_vector->cipher_iv.length;
+		} else {
+			cipher_xform.cipher.key.data = NULL;
+			cipher_xform.cipher.key.length = 0;
+			cipher_xform.cipher.iv.length = 0;
+		}
+		cipher_xform.next = NULL;
+
+		if (options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
+			direction = RTE_SECURITY_DOCSIS_DOWNLINK;
+		else
+			direction = RTE_SECURITY_DOCSIS_UPLINK;
+
+		struct rte_security_session_conf sess_conf = {
+			.action_type =
+				RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+			.protocol = RTE_SECURITY_PROTOCOL_DOCSIS,
+			{.docsis = {
+				.direction = direction,
+			} },
+			.crypto_xform = &cipher_xform
+		};
+		struct rte_security_ctx *ctx = (struct rte_security_ctx *)
+					rte_cryptodev_get_sec_ctx(dev_id);
+
+		/* Create security session */
+		return (void *)rte_security_session_create(ctx,
+					&sess_conf, priv_mp);
+	}
 #endif
 	sess = rte_cryptodev_sym_session_create(sess_mp);
 	/*
@@ -772,6 +840,10 @@ cperf_get_op_functions(const struct cperf_options *options,
 		op_fns->populate_ops = cperf_set_ops_security;
 		return 0;
 	}
+	if (options->op_type == CPERF_DOCSIS) {
+		op_fns->populate_ops = cperf_set_ops_security;
+		return 0;
+	}
 #endif
 	return -1;
 }
diff --git a/app/test-crypto-perf/cperf_options.h b/app/test-crypto-perf/cperf_options.h
index 1ed0a77e5..e5f1edffc 100644
--- a/app/test-crypto-perf/cperf_options.h
+++ b/app/test-crypto-perf/cperf_options.h
@@ -50,6 +50,7 @@
 #ifdef RTE_LIBRTE_SECURITY
 #define CPERF_PDCP_SN_SZ	("pdcp-sn-sz")
 #define CPERF_PDCP_DOMAIN	("pdcp-domain")
+#define CPERF_DOCSIS_HDR_SZ	("docsis-hdr-sz")
 #endif
 
 #define CPERF_CSV		("csv-friendly")
@@ -75,7 +76,8 @@ enum cperf_op_type {
 	CPERF_CIPHER_THEN_AUTH,
 	CPERF_AUTH_THEN_CIPHER,
 	CPERF_AEAD,
-	CPERF_PDCP
+	CPERF_PDCP,
+	CPERF_DOCSIS
 };
 
 extern const char *cperf_op_type_strs[];
@@ -122,6 +124,7 @@ struct cperf_options {
 #ifdef RTE_LIBRTE_SECURITY
 	uint16_t pdcp_sn_sz;
 	enum rte_security_pdcp_domain pdcp_domain;
+	uint16_t docsis_hdr_sz;
 #endif
 	char device_type[RTE_CRYPTODEV_NAME_MAX_LEN];
 	enum cperf_op_type op_type;
diff --git a/app/test-crypto-perf/cperf_options_parsing.c b/app/test-crypto-perf/cperf_options_parsing.c
index f43c5bede..20577a144 100644
--- a/app/test-crypto-perf/cperf_options_parsing.c
+++ b/app/test-crypto-perf/cperf_options_parsing.c
@@ -7,6 +7,7 @@
 
 #include <rte_cryptodev.h>
 #include <rte_malloc.h>
+#include <rte_ether.h>
 
 #include "cperf_options.h"
 
@@ -56,6 +57,9 @@ usage(char *progname)
 		" --pmd-cyclecount-delay-ms N: set delay between enqueue\n"
 		"           and dequeue in pmd-cyclecount benchmarking mode\n"
 		" --csv-friendly: enable test result output CSV friendly\n"
+#ifdef RTE_LIBRTE_SECURITY
+		" --docsis-hdr-sz: set DOCSIS header size\n"
+#endif
 		" -h: prints this help\n",
 		progname);
 }
@@ -446,6 +450,10 @@ parse_op_type(struct cperf_options *opts, const char *arg)
 		{
 			cperf_op_type_strs[CPERF_PDCP],
 			CPERF_PDCP
+		},
+		{
+			cperf_op_type_strs[CPERF_DOCSIS],
+			CPERF_DOCSIS
 		}
 	};
 
@@ -675,6 +683,12 @@ parse_pdcp_domain(struct cperf_options *opts, const char *arg)
 
 	return 0;
 }
+
+static int
+parse_docsis_hdr_sz(struct cperf_options *opts, const char *arg)
+{
+	return parse_uint16_t(&opts->docsis_hdr_sz, arg);
+}
 #endif
 
 static int
@@ -820,6 +834,7 @@ static struct option lgopts[] = {
 #ifdef RTE_LIBRTE_SECURITY
 	{ CPERF_PDCP_SN_SZ, required_argument, 0, 0 },
 	{ CPERF_PDCP_DOMAIN, required_argument, 0, 0 },
+	{ CPERF_DOCSIS_HDR_SZ, required_argument, 0, 0 },
 #endif
 	{ CPERF_CSV, no_argument, 0, 0},
 
@@ -890,6 +905,7 @@ cperf_options_default(struct cperf_options *opts)
 #ifdef RTE_LIBRTE_SECURITY
 	opts->pdcp_sn_sz = 12;
 	opts->pdcp_domain = RTE_SECURITY_PDCP_MODE_CONTROL;
+	opts->docsis_hdr_sz = 17;
 #endif
 }
 
@@ -929,6 +945,7 @@ cperf_opts_parse_long(int opt_idx, struct cperf_options *opts)
 #ifdef RTE_LIBRTE_SECURITY
 		{ CPERF_PDCP_SN_SZ,	parse_pdcp_sn_sz },
 		{ CPERF_PDCP_DOMAIN,	parse_pdcp_domain },
+		{ CPERF_DOCSIS_HDR_SZ,	parse_docsis_hdr_sz },
 #endif
 		{ CPERF_CSV,		parse_csv_friendly},
 		{ CPERF_PMDCC_DELAY_MS,	parse_pmd_cyclecount_delay_ms},
@@ -1031,10 +1048,44 @@ check_cipher_buffer_length(struct cperf_options *options)
 	return 0;
 }
 
+#ifdef RTE_LIBRTE_SECURITY
+static int
+check_docsis_buffer_length(struct cperf_options *options)
+{
+	uint32_t buffer_size, buffer_size_idx = 0;
+
+	if (options->inc_buffer_size != 0)
+		buffer_size = options->min_buffer_size;
+	else
+		buffer_size = options->buffer_size_list[0];
+
+	while (buffer_size <= options->max_buffer_size) {
+		if (buffer_size < (uint32_t)(options->docsis_hdr_sz +
+				RTE_ETHER_HDR_LEN + RTE_ETHER_CRC_LEN)) {
+			RTE_LOG(ERR, USER1, "Some of the buffer sizes are not "
+				"valid for DOCSIS\n");
+			return -EINVAL;
+		}
+
+		if (options->inc_buffer_size != 0)
+			buffer_size += options->inc_buffer_size;
+		else {
+			if (++buffer_size_idx == options->buffer_size_count)
+				break;
+			buffer_size =
+				options->buffer_size_list[buffer_size_idx];
+		}
+	}
+
+	return 0;
+}
+#endif
+
 int
 cperf_options_check(struct cperf_options *options)
 {
-	if (options->op_type == CPERF_CIPHER_ONLY)
+	if (options->op_type == CPERF_CIPHER_ONLY ||
+			options->op_type == CPERF_DOCSIS)
 		options->digest_sz = 0;
 
 	if (options->out_of_place &&
@@ -1151,6 +1202,13 @@ cperf_options_check(struct cperf_options *options)
 			return -EINVAL;
 	}
 
+#ifdef RTE_LIBRTE_SECURITY
+	if (options->op_type == CPERF_DOCSIS) {
+		if (check_docsis_buffer_length(options) < 0)
+			return -EINVAL;
+	}
+#endif
+
 	return 0;
 }
 
@@ -1236,4 +1294,11 @@ cperf_options_dump(struct cperf_options *opts)
 		printf("# aead aad size: %u\n", opts->aead_aad_sz);
 		printf("#\n");
 	}
+
+#ifdef RTE_LIBRTE_SECURITY
+	if (opts->op_type == CPERF_DOCSIS) {
+		printf("# docsis header size: %u\n", opts->docsis_hdr_sz);
+		printf("#\n");
+	}
+#endif
 }
diff --git a/app/test-crypto-perf/cperf_test_throughput.c b/app/test-crypto-perf/cperf_test_throughput.c
index 35c51026f..12d9ea4f9 100644
--- a/app/test-crypto-perf/cperf_test_throughput.c
+++ b/app/test-crypto-perf/cperf_test_throughput.c
@@ -36,7 +36,8 @@ cperf_throughput_test_free(struct cperf_throughput_ctx *ctx)
 		return;
 	if (ctx->sess) {
 #ifdef RTE_LIBRTE_SECURITY
-		if (ctx->options->op_type == CPERF_PDCP) {
+		if (ctx->options->op_type == CPERF_PDCP ||
+				ctx->options->op_type == CPERF_DOCSIS) {
 			struct rte_security_ctx *sec_ctx =
 				(struct rte_security_ctx *)
 				rte_cryptodev_get_sec_ctx(ctx->dev_id);
diff --git a/app/test-crypto-perf/cperf_test_vectors.c b/app/test-crypto-perf/cperf_test_vectors.c
index 41641650c..0af01ff91 100644
--- a/app/test-crypto-perf/cperf_test_vectors.c
+++ b/app/test-crypto-perf/cperf_test_vectors.c
@@ -469,7 +469,8 @@ cperf_test_vector_get_dummy(struct cperf_options *options)
 
 	if (options->op_type ==	CPERF_CIPHER_ONLY ||
 			options->op_type == CPERF_CIPHER_THEN_AUTH ||
-			options->op_type == CPERF_AUTH_THEN_CIPHER) {
+			options->op_type == CPERF_AUTH_THEN_CIPHER ||
+			options->op_type == CPERF_DOCSIS) {
 		if (options->cipher_algo == RTE_CRYPTO_CIPHER_NULL) {
 			t_vec->cipher_key.length = 0;
 			t_vec->ciphertext.data = plaintext;
diff --git a/app/test-crypto-perf/main.c b/app/test-crypto-perf/main.c
index 7bb286ccb..edeea9c1b 100644
--- a/app/test-crypto-perf/main.c
+++ b/app/test-crypto-perf/main.c
@@ -39,7 +39,8 @@ const char *cperf_op_type_strs[] = {
 	[CPERF_CIPHER_THEN_AUTH] = "cipher-then-auth",
 	[CPERF_AUTH_THEN_CIPHER] = "auth-then-cipher",
 	[CPERF_AEAD] = "aead",
-	[CPERF_PDCP] = "pdcp"
+	[CPERF_PDCP] = "pdcp",
+	[CPERF_DOCSIS] = "docsis"
 };
 
 const struct cperf_test cperf_testmap[] = {
@@ -244,7 +245,7 @@ cperf_initialize_cryptodev(struct cperf_options *opts, uint8_t *enabled_cdevs)
 #endif
 		} else
 			sessions_needed = enabled_cdev_count *
-						opts->nb_qps;
+						opts->nb_qps * 2;
 
 		/*
 		 * A single session is required per queue pair
diff --git a/app/test-crypto-perf/meson.build b/app/test-crypto-perf/meson.build
index ef28cb5a0..f394b75ba 100644
--- a/app/test-crypto-perf/meson.build
+++ b/app/test-crypto-perf/meson.build
@@ -11,4 +11,4 @@ sources = files('cperf_ops.c',
 		'cperf_test_vectors.c',
 		'cperf_test_verify.c',
 		'main.c')
-deps += ['cryptodev', 'security']
+deps += ['cryptodev', 'net', 'security']
diff --git a/doc/guides/rel_notes/release_20_08.rst b/doc/guides/rel_notes/release_20_08.rst
index 4ff7911c0..a07150e62 100644
--- a/doc/guides/rel_notes/release_20_08.rst
+++ b/doc/guides/rel_notes/release_20_08.rst
@@ -122,6 +122,12 @@ New Features
   * Dump ``rte_flow`` memory consumption.
   * Measure packet per second forwarding.
 
+* **Added support for DOCSIS protocol to dpdk-test-crypto-perf application.**
+
+  Updated the ``dpdk-test-crypto-perf`` application to support the DOCSIS
+  protocol in order to measure the throughput of combined crypto and CRC
+  operations.
+
 
 Removed Items
 -------------
diff --git a/doc/guides/tools/cryptoperf.rst b/doc/guides/tools/cryptoperf.rst
index a19ccb262..a8df8bc99 100644
--- a/doc/guides/tools/cryptoperf.rst
+++ b/doc/guides/tools/cryptoperf.rst
@@ -193,6 +193,7 @@ The following are the application command-line options:
            auth-then-cipher
            aead
            pdcp
+           docsis
 
         For GCM/CCM algorithms you should use aead flag.
 
@@ -342,6 +343,10 @@ The following are the application command-line options:
 
         Set PDCP domain to specify Control/user plane.
 
+* ``--docsis-hdr-sz <n>``
+
+        Set DOCSIS header size(n) in bytes.
+
 Test Vector File
 ~~~~~~~~~~~~~~~~
 
-- 
2.17.1