From: Matan Azrad <matan@nvidia.com>
To: <dev@dpdk.org>
Cc: Akhil Goyal <gakhil@marvell.com>,
Declan Doherty <declan.doherty@intel.com>,
Shiri Kuzin <shirik@nvidia.com>
Subject: [dpdk-dev] [PATCH] examples/l2fwd-crypto: support cipher multiple data-unit
Date: Mon, 26 Apr 2021 11:05:37 +0300 [thread overview]
Message-ID: <20210426080537.376693-1-matan@nvidia.com> (raw)
Patch [1] added a new API to support multiple data-units in cipher
operations.
Add a support for this API:
- Add a new command-line argument to provide the data-unit length.
- Set the length in the cipher xform.
- Validate device capabilities for this feature.
- Pad the AES-XTS operation length to be aligned to the defined data-unit.
[1]: commit d014dddb2d69 ("cryptodev: support multiple cipher data-units")
Signed-off-by: Matan Azrad <matan@nvidia.com>
---
.../sample_app_ug/l2_forward_crypto.rst | 7 ++-
examples/l2fwd-crypto/main.c | 61 +++++++++++++++++++
2 files changed, 66 insertions(+), 2 deletions(-)
diff --git a/doc/guides/sample_app_ug/l2_forward_crypto.rst b/doc/guides/sample_app_ug/l2_forward_crypto.rst
index e2c0f9f1ec..cc772aaec4 100644
--- a/doc/guides/sample_app_ug/l2_forward_crypto.rst
+++ b/doc/guides/sample_app_ug/l2_forward_crypto.rst
@@ -41,8 +41,9 @@ The application requires a number of command line options:
./<build_dir>/examples/dpdk-l2fwd-crypto [EAL options] -- [-p PORTMASK] [-q NQ] [-s] [-T PERIOD] /
[--cdev_type HW/SW/ANY] [--chain HASH_CIPHER/CIPHER_HASH/CIPHER_ONLY/HASH_ONLY/AEAD] /
- [--cipher_algo ALGO] [--cipher_op ENCRYPT/DECRYPT] [--cipher_key KEY] /
- [--cipher_key_random_size SIZE] [--cipher_iv IV] [--cipher_iv_random_size SIZE] /
+ [--cipher_algo ALGO] [--cipher_op ENCRYPT/DECRYPT] [--cipher_dataunit_len SIZE] /
+ [--cipher_key KEY] [--cipher_key_random_size SIZE] [--cipher_iv IV] /
+ [--cipher_iv_random_size SIZE] /
[--auth_algo ALGO] [--auth_op GENERATE/VERIFY] [--auth_key KEY] /
[--auth_key_random_size SIZE] [--auth_iv IV] [--auth_iv_random_size SIZE] /
[--aead_algo ALGO] [--aead_op ENCRYPT/DECRYPT] [--aead_key KEY] /
@@ -81,6 +82,8 @@ where,
(default is ENCRYPT)
+* cipher_dataunit_len: set the length of the cipher data-unit.
+
* cipher_key: set the ciphering key to be used. Bytes has to be separated with ":"
* cipher_key_random_size: set the size of the ciphering key,
diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
index 4f51616492..22bd47061b 100644
--- a/examples/l2fwd-crypto/main.c
+++ b/examples/l2fwd-crypto/main.c
@@ -182,6 +182,8 @@ struct l2fwd_crypto_params {
unsigned digest_length;
unsigned block_size;
+ uint16_t cipher_dataunit_len;
+
struct l2fwd_iv cipher_iv;
struct l2fwd_iv auth_iv;
struct l2fwd_iv aead_iv;
@@ -434,6 +436,12 @@ l2fwd_simple_crypto_enqueue(struct rte_mbuf *m,
pad_len = cparams->block_size -
(data_len % cparams->block_size);
break;
+ case RTE_CRYPTO_CIPHER_AES_XTS:
+ if (cparams->cipher_dataunit_len != 0 &&
+ (data_len % cparams->cipher_dataunit_len))
+ pad_len = cparams->cipher_dataunit_len -
+ (data_len % cparams->cipher_dataunit_len);
+ break;
default:
pad_len = 0;
}
@@ -827,6 +835,8 @@ l2fwd_main_loop(struct l2fwd_crypto_options *options)
port_cparams[i].cipher_iv.length);
port_cparams[i].cipher_algo = options->cipher_xform.cipher.algo;
+ port_cparams[i].cipher_dataunit_len =
+ options->cipher_xform.cipher.dataunit_len;
/* Set IV parameters */
options->cipher_xform.cipher.iv.offset = IV_OFFSET;
options->cipher_xform.cipher.iv.length =
@@ -989,6 +999,7 @@ l2fwd_crypto_usage(const char *prgname)
" --cipher_key_random_size SIZE: size of cipher key when generated randomly\n"
" --cipher_iv IV (bytes separated with \":\")\n"
" --cipher_iv_random_size SIZE: size of cipher IV when generated randomly\n"
+ " --cipher_dataunit_len SIZE: length of the algorithm data-unit\n"
" --auth_algo ALGO\n"
" --auth_op GENERATE / VERIFY\n"
@@ -1215,6 +1226,7 @@ l2fwd_crypto_parse_args_long_options(struct l2fwd_crypto_options *options,
struct option *lgopts, int option_index)
{
int retval;
+ int val;
if (strcmp(lgopts[option_index].name, "cdev_type") == 0) {
retval = parse_cryptodev_type(&options->type, optarg);
@@ -1245,6 +1257,16 @@ l2fwd_crypto_parse_args_long_options(struct l2fwd_crypto_options *options,
return -1;
}
+ else if (strcmp(lgopts[option_index].name, "cipher_dataunit_len") == 0) {
+ retval = parse_size(&val, optarg);
+ if (retval == 0 && val >= 0 && val <= UINT16_MAX) {
+ options->cipher_xform.cipher.dataunit_len =
+ (uint16_t)val;
+ return 0;
+ } else
+ return -1;
+ }
+
else if (strcmp(lgopts[option_index].name, "cipher_key_random_size") == 0)
return parse_size(&options->ckey_random_size, optarg);
@@ -1469,6 +1491,7 @@ l2fwd_crypto_default_options(struct l2fwd_crypto_options *options)
options->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_AES_CBC;
options->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_ENCRYPT;
+ options->cipher_xform.cipher.dataunit_len = 0;
/* Authentication Data */
options->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH;
@@ -1644,6 +1667,7 @@ l2fwd_crypto_parse_args(struct l2fwd_crypto_options *options,
{ "cipher_key_random_size", required_argument, 0, 0 },
{ "cipher_iv", required_argument, 0, 0 },
{ "cipher_iv_random_size", required_argument, 0, 0 },
+ { "cipher_dataunit_len", required_argument, 0, 0},
{ "auth_algo", required_argument, 0, 0 },
{ "auth_op", required_argument, 0, 0 },
@@ -2158,6 +2182,43 @@ check_capabilities(struct l2fwd_crypto_options *options, uint8_t cdev_id)
return -1;
}
}
+
+ if (options->cipher_xform.cipher.dataunit_len > 0) {
+ if (!(dev_info.feature_flags &
+ RTE_CRYPTODEV_FF_CIPHER_MULTIPLE_DATA_UNITS)) {
+ RTE_LOG(DEBUG, USER1,
+ "Device %u does not support "
+ "cipher multiple data units\n",
+ cdev_id);
+ return -1;
+ }
+ if (cap->sym.cipher.dataunit_set != 0) {
+ int ret = 0;
+
+ switch (options->cipher_xform.cipher.dataunit_len) {
+ case 512:
+ if (!(cap->sym.cipher.dataunit_set &
+ RTE_CRYPTO_CIPHER_DATA_UNIT_LEN_512_BYTES))
+ ret = -1;
+ break;
+ case 4096:
+ if (!(cap->sym.cipher.dataunit_set &
+ RTE_CRYPTO_CIPHER_DATA_UNIT_LEN_4096_BYTES))
+ ret = -1;
+ break;
+ default:
+ ret = -1;
+ }
+ if (ret == -1) {
+ RTE_LOG(DEBUG, USER1,
+ "Device %u does not support "
+ "data-unit length %u\n",
+ cdev_id,
+ options->cipher_xform.cipher.dataunit_len);
+ return -1;
+ }
+ }
+ }
}
/* Set auth parameters */
--
2.25.1
next reply other threads:[~2021-04-26 8:06 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-26 8:05 Matan Azrad [this message]
2021-07-28 7:56 ` [dpdk-dev] [PATCH v2] examples/l2fwd-crypto: support cipher multiple data-unit Matan Azrad
2021-07-30 19:13 ` [dpdk-dev] [EXT] " Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210426080537.376693-1-matan@nvidia.com \
--to=matan@nvidia.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
--cc=shirik@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.