* [Qemu-devel] [PATCH v5 00/14] virtio-crypto: introduce framework and device emulation
@ 2016-10-06 11:36 Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 01/14] cryptodev: introduce cryptodev backend interface Gonglei
` (13 more replies)
0 siblings, 14 replies; 19+ messages in thread
From: Gonglei @ 2016-10-06 11:36 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, Gonglei
The virtio crypto is a virtual crypto device as well as a kind
of virtual hardware accelerator for virtual machines. The
encryption and decryption requests are placed in the data
queue and handled by the real crypto accelerators finally.
The second queue is the control queue used to create or
destroy sessions for symmetric algorithms and control
some advanced features in the future. The virtio crypto
device provides the following crypto services: CIPHER,
MAC, HASH, AEAD etc.
TODO:
- add vhost-user as a high performance cryptodev backend.
- more crypto services support.
- mirgration support.
Changes since v4: (Thanks to Stefan)
- drop scatter-gather I/O identification in virtio crypto spec and corresponding code [Stefan]
- remove qcrypto perfix for cryptdov stuff [Stefan]
- use virtio_error() in virtio-crypto device's functions. [Stefan]
- fix endianness handling. [Stefan]
- use VMSTATE_VIRTIO_DEVICE() instead of calling register_savevm(). [Stefan]
- redefine DPRINTF in virtio-crypto.h [Stefan]
- fix some typos [Stefan]
- fix other farraginous problems suggested by Stefan.
Changes since v3:
- rename cryptodev-gcrypt to cryptodev-buitlin. [Daniel]
- move cryptodev stuff from crypto/ directory to backends/ directory
in order to keep the crypto subsystem influence by syetem
emulators. [Daniel]
- emulate virtio-crypto device as a legacy device by default in patch 11
- introduce virtio-crypto qtest case in patch 12
- add myself as cryptdoev backends mainatainer and vitio-crypto
co-maintainer in patch 13
- add CRT support for cryptodev-builtin, it based on my previous crypto
patch serial queued by Daniel.
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg06607.html
- add queue_index for qcrypto_cryptodev_backend_sym_close_session()
Changes since v2:
According to Daniel's comments:
- drop cryptodev kernel module as a cryptodev backend
- rename crypto stuff to cryptodev stuff
- change some files' license to GPLv2+
- remove cryptodev command line instead of QOM to define the cryptodev backend
- rename all functions and structures in crypto sub-directory.
- add full inline documentation for cryptodev.h
And:
- drop crypto-queue.c [Paolo]
- merge some patches
Great thanks to Daniel and Paolo. Please review again, thanks!
Changes since v1:
- rmmove mixed endian-ness handler for virtio-crypto device, just
use little-endian. [mst]
- add sg list support according virtio-crypto spec v10 (will be posted soon).
- fix a memory leak in session handler.
- add a feature page link in qemu.org (http://qemu-project.org/Features/VirtioCrypto)
- fix some trivial problems, sush as 's/Since 2.7/Since 2.8/g' in qapi-schema.json
- rebase the latest qemu master tree.
This patch series realize the framework and emulation of a new
virtio crypto device, which is similar with virtio net device.
- I introduce the cryptodev backend as the client of virtio crypto device
which can be realized by different methods, such as cryptodev-backend-gcrypt in my series,
vhost-crypto kernel module, vhost-user etc.
- The patch set abides by the virtio crypto speccification.
- The virtio crypto support symmetric algorithms (including CIPHER and algorithm chainning)
at present, except HASH, MAC and AEAD services.
- unsupport hot plug/unplug cryptodev backend at this moment.
Firstly build QEMU with libgcrypt cryptography support.
QEMU can then be started using the following parameters:
qemu-system-x86_64 \
[...] \
-object cryptodev-backend-builtin,id=cryptodev0 \
-device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0 \
[...]
The front-end linux kernel driver (Experimental at present) is publicly accessible from:
https://github.com/gongleiarei/virtio-crypto-linux-driver.git
After insmod virtio-crypto.ko, you can use cryptodev-linux test the crypto function
in the guest. For example:
linux-guest:/home/gonglei/cryptodev-linux/tests # ./cipher -
requested cipher CRYPTO_AES_CBC, got cbc(aes) with driver virtio_crypto_aes_cbc
AES Test passed
requested cipher CRYPTO_AES_CBC, got cbc(aes) with driver virtio_crypto_aes_cbc
requested cipher CRYPTO_AES_CBC, got cbc(aes) with driver virtio_crypto_aes_cbc
Test passed
QEMU code also can be accessible from:
https://github.com/gongleiarei/qemu.git
branch virtio-crypto
For more information, please see:
http://qemu-project.org/Features/VirtioCrypto
Gonglei (14):
cryptodev: introduce cryptodev backend interface
cryptodev: add symmetric algorithm operation stuff
virtio-crypto: introduce virtio_crypto.h
cryptodev: introduce a new cryptodev backend
virtio-crypto: add virtio crypto device emulation
virtio-crypto-pci: add virtio crypto pci support
virtio-crypto: set capacity of algorithms supported
virtio-crypto: add control queue handler
virtio-crypto: add data queue processing handler
cryptodev: introduce an unified wrapper for crypto operation
virtio-crypto: emulate virtio crypto as a legacy device by default
virtio-crypto-test: add qtest case for virtio-crypto
virtio-crypto: add myself as virtio-crypto and cryptodev backends
maintainer
cryptodev: rename cryptodev stuff
MAINTAINERS | 14 +
backends/Makefile.objs | 3 +
backends/cryptodev-builtin.c | 345 +++++++++++
backends/cryptodev.c | 245 ++++++++
docs/specs/pci-ids.txt | 2 +
hw/virtio/Makefile.objs | 2 +
hw/virtio/virtio-crypto-pci.c | 79 +++
hw/virtio/virtio-crypto.c | 803 +++++++++++++++++++++++++
hw/virtio/virtio-pci.h | 15 +
include/hw/pci/pci.h | 2 +
include/hw/virtio/virtio-crypto.h | 96 +++
include/standard-headers/linux/virtio_crypto.h | 381 ++++++++++++
include/standard-headers/linux/virtio_ids.h | 2 +-
include/sysemu/cryptodev.h | 284 +++++++++
qemu-options.hx | 18 +
tests/Makefile.include | 3 +
tests/virtio-crypto-test.c | 427 +++++++++++++
17 files changed, 2720 insertions(+), 1 deletion(-)
create mode 100644 backends/cryptodev-builtin.c
create mode 100644 backends/cryptodev.c
create mode 100644 hw/virtio/virtio-crypto-pci.c
create mode 100644 hw/virtio/virtio-crypto.c
create mode 100644 include/hw/virtio/virtio-crypto.h
create mode 100644 include/standard-headers/linux/virtio_crypto.h
create mode 100644 include/sysemu/cryptodev.h
create mode 100644 tests/virtio-crypto-test.c
--
1.7.12.4
^ permalink raw reply [flat|nested] 19+ messages in thread
* [Qemu-devel] [PATCH v5 01/14] cryptodev: introduce cryptodev backend interface
2016-10-06 11:36 [Qemu-devel] [PATCH v5 00/14] virtio-crypto: introduce framework and device emulation Gonglei
@ 2016-10-06 11:36 ` Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 02/14] cryptodev: add symmetric algorithm operation stuff Gonglei
` (12 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Gonglei @ 2016-10-06 11:36 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, Gonglei
cryptodev backend interface is used to realize the active work for
virtual crypto device.
This patch only add the framework, doesn't include specific operations.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
backends/Makefile.objs | 2 +
backends/cryptodev.c | 176 +++++++++++++++++++++++++++++++++++++++++++++
include/sysemu/cryptodev.h | 145 +++++++++++++++++++++++++++++++++++++
3 files changed, 323 insertions(+)
create mode 100644 backends/cryptodev.c
create mode 100644 include/sysemu/cryptodev.h
diff --git a/backends/Makefile.objs b/backends/Makefile.objs
index 31a3a89..55bd43d 100644
--- a/backends/Makefile.objs
+++ b/backends/Makefile.objs
@@ -9,3 +9,5 @@ common-obj-$(CONFIG_TPM) += tpm.o
common-obj-y += hostmem.o hostmem-ram.o
common-obj-$(CONFIG_LINUX) += hostmem-file.o
+
+common-obj-y += cryptodev.o
diff --git a/backends/cryptodev.c b/backends/cryptodev.c
new file mode 100644
index 0000000..20ab456
--- /dev/null
+++ b/backends/cryptodev.c
@@ -0,0 +1,176 @@
+/*
+ * QEMU Crypto Device Implementation
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "sysemu/cryptodev.h"
+#include "hw/boards.h"
+#include "qapi/error.h"
+#include "qapi/visitor.h"
+#include "qapi-types.h"
+#include "qapi-visit.h"
+#include "qemu/config-file.h"
+#include "qom/object_interfaces.h"
+
+static QTAILQ_HEAD(, QCryptoCryptoDevBackendClientState) crypto_clients;
+
+
+QCryptoCryptoDevBackendClientState *
+qcrypto_cryptodev_backend_new_client(const char *model,
+ const char *name)
+{
+ QCryptoCryptoDevBackendClientState *cc;
+
+ cc = g_malloc0(sizeof(QCryptoCryptoDevBackendClientState));
+ cc->model = g_strdup(model);
+ if (name) {
+ cc->name = g_strdup(name);
+ }
+
+ QTAILQ_INSERT_TAIL(&crypto_clients, cc, next);
+
+ return cc;
+}
+
+void qcrypto_cryptodev_backend_free_client(
+ QCryptoCryptoDevBackendClientState *cc)
+{
+ QTAILQ_REMOVE(&crypto_clients, cc, next);
+ g_free(cc->name);
+ g_free(cc->model);
+ g_free(cc->info_str);
+ g_free(cc);
+}
+
+void qcrypto_cryptodev_backend_cleanup(
+ QCryptoCryptoDevBackend *backend,
+ Error **errp)
+{
+ QCryptoCryptoDevBackendClass *bc =
+ QCRYPTO_CRYPTODEV_BACKEND_GET_CLASS(backend);
+
+ if (bc->cleanup) {
+ bc->cleanup(backend, errp);
+ }
+
+ backend->ready = false;
+}
+
+static void
+qcrypto_cryptodev_backend_get_queues(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ QCryptoCryptoDevBackend *backend = QCRYPTO_CRYPTODEV_BACKEND(obj);
+ uint32_t value = backend->conf.peers.queues;
+
+ visit_type_uint32(v, name, &value, errp);
+}
+
+static void
+qcrypto_cryptodev_backend_set_queues(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ QCryptoCryptoDevBackend *backend = QCRYPTO_CRYPTODEV_BACKEND(obj);
+ Error *local_err = NULL;
+ uint32_t value;
+
+ visit_type_uint32(v, name, &value, &local_err);
+ if (local_err) {
+ goto out;
+ }
+ if (!value) {
+ error_setg(&local_err, "Property '%s.%s' doesn't take value '%"
+ PRIu32 "'", object_get_typename(obj), name, value);
+ goto out;
+ }
+ backend->conf.peers.queues = value;
+out:
+ error_propagate(errp, local_err);
+}
+
+static void
+qcrypto_cryptodev_backend_complete(UserCreatable *uc, Error **errp)
+{
+ QCryptoCryptoDevBackend *backend = QCRYPTO_CRYPTODEV_BACKEND(uc);
+ QCryptoCryptoDevBackendClass *bc = QCRYPTO_CRYPTODEV_BACKEND_GET_CLASS(uc);
+ Error *local_err = NULL;
+
+ if (bc->init) {
+ bc->init(backend, &local_err);
+ if (local_err) {
+ goto out;
+ }
+ }
+ backend->ready = true;
+ return;
+
+out:
+ backend->ready = false;
+ error_propagate(errp, local_err);
+}
+
+static void qcrypto_cryptodev_backend_instance_init(Object *obj)
+{
+ object_property_add(obj, "queues", "int",
+ qcrypto_cryptodev_backend_get_queues,
+ qcrypto_cryptodev_backend_set_queues,
+ NULL, NULL, NULL);
+ /* Initialize devices' queues property to 1 */
+ object_property_set_int(obj, 1, "queues", NULL);
+}
+
+static void qcrypto_cryptodev_backend_finalize(Object *obj)
+{
+
+}
+
+static void
+qcrypto_cryptodev_backend_class_init(ObjectClass *oc, void *data)
+{
+ UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc);
+
+ ucc->complete = qcrypto_cryptodev_backend_complete;
+
+ QTAILQ_INIT(&crypto_clients);
+}
+
+static const TypeInfo qcrypto_cryptodev_backend_info = {
+ .name = TYPE_QCRYPTO_CRYPTODEV_BACKEND,
+ .parent = TYPE_OBJECT,
+ .instance_size = sizeof(QCryptoCryptoDevBackend),
+ .instance_init = qcrypto_cryptodev_backend_instance_init,
+ .instance_finalize = qcrypto_cryptodev_backend_finalize,
+ .class_size = sizeof(QCryptoCryptoDevBackendClass),
+ .class_init = qcrypto_cryptodev_backend_class_init,
+ .interfaces = (InterfaceInfo[]) {
+ { TYPE_USER_CREATABLE },
+ { }
+ }
+};
+
+static void
+qcrypto_cryptodev_backend_register_types(void)
+{
+ type_register_static(&qcrypto_cryptodev_backend_info);
+}
+
+type_init(qcrypto_cryptodev_backend_register_types);
diff --git a/include/sysemu/cryptodev.h b/include/sysemu/cryptodev.h
new file mode 100644
index 0000000..d43cbb4
--- /dev/null
+++ b/include/sysemu/cryptodev.h
@@ -0,0 +1,145 @@
+/*
+ * QEMU Crypto Device Implementation
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+#ifndef QCRYPTO_CRYPTODEV_H
+#define QCRYPTO_CRYPTODEV_H
+
+#include "qom/object.h"
+#include "qemu-common.h"
+
+/**
+ * QCryptoCryptoDevBackend:
+ *
+ * The QCryptoCryptoDevBackend object is an interface
+ * for different cryptodev backends, which provides crypto
+ * operation wrapper.
+ *
+ */
+
+#define TYPE_QCRYPTO_CRYPTODEV_BACKEND "cryptodev-backend"
+
+#define QCRYPTO_CRYPTODEV_BACKEND(obj) \
+ OBJECT_CHECK(QCryptoCryptoDevBackend, \
+ (obj), TYPE_QCRYPTO_CRYPTODEV_BACKEND)
+#define QCRYPTO_CRYPTODEV_BACKEND_GET_CLASS(obj) \
+ OBJECT_GET_CLASS(QCryptoCryptoDevBackendClass, \
+ (obj), TYPE_QCRYPTO_CRYPTODEV_BACKEND)
+#define QCRYPTO_CRYPTODEV_BACKEND_CLASS(klass) \
+ OBJECT_CLASS_CHECK(QCryptoCryptoDevBackendClass, \
+ (klass), TYPE_QCRYPTO_CRYPTODEV_BACKEND)
+
+
+#define MAX_CRYPTO_QUEUE_NUM 64
+
+typedef struct QCryptoCryptoDevBackendConf QCryptoCryptoDevBackendConf;
+typedef struct QCryptoCryptoDevBackendPeers QCryptoCryptoDevBackendPeers;
+typedef struct QCryptoCryptoDevBackendClientState
+ QCryptoCryptoDevBackendClientState;
+typedef struct QCryptoCryptoDevBackend QCryptoCryptoDevBackend;
+
+
+typedef struct QCryptoCryptoDevBackendClass {
+ ObjectClass parent_class;
+
+ void (*init)(QCryptoCryptoDevBackend *backend, Error **errp);
+ void (*cleanup)(QCryptoCryptoDevBackend *backend, Error **errp);
+} QCryptoCryptoDevBackendClass;
+
+
+struct QCryptoCryptoDevBackendClientState {
+ char *model;
+ char *name;
+ char *info_str;
+ unsigned int queue_index;
+ QTAILQ_ENTRY(QCryptoCryptoDevBackendClientState) next;
+};
+
+struct QCryptoCryptoDevBackendPeers {
+ QCryptoCryptoDevBackendClientState *ccs[MAX_CRYPTO_QUEUE_NUM];
+ uint32_t queues;
+};
+
+struct QCryptoCryptoDevBackendConf {
+ QCryptoCryptoDevBackendPeers peers;
+
+ /* Supported service mask */
+ uint32_t crypto_services;
+
+ /* Detailed algorithms mask */
+ uint32_t cipher_algo_l;
+ uint32_t cipher_algo_h;
+ uint32_t hash_algo;
+ uint32_t mac_algo_l;
+ uint32_t mac_algo_h;
+ uint32_t asym_algo;
+ uint32_t kdf_algo;
+ uint32_t aead_algo;
+ uint32_t primitive_algo;
+};
+
+struct QCryptoCryptoDevBackend {
+ Object parent_obj;
+
+ bool ready;
+ QCryptoCryptoDevBackendConf conf;
+};
+
+/**
+ * qcrypto_cryptodev_backend_new_client:
+ * @model: the cryptodev backend model
+ * @name: the cryptodev backend name, can be NULL
+ *
+ * Creates a new cryptodev backend client object
+ * with the @name in the model @model.
+ *
+ * The returned object must be released with
+ * qcrypto_cryptodev_backend_free_client() when no
+ * longer required
+ *
+ * Returns: a new cryptodev backend client object
+ */
+QCryptoCryptoDevBackendClientState *
+qcrypto_cryptodev_backend_new_client(const char *model,
+ const char *name);
+/**
+ * qcrypto_cryptodev_backend_free_client:
+ * @cc: the cryptodev backend client object
+ *
+ * Release the memory associated with @cc that
+ * was previously allocated by qcrypto_cryptodev_backend_new_client()
+ */
+void qcrypto_cryptodev_backend_free_client(
+ QCryptoCryptoDevBackendClientState *cc);
+
+/**
+ * qcrypto_cryptodev_backend_cleanup:
+ * @backend: the cryptodev backend object
+ * @errp: pointer to a NULL-initialized error object
+ *
+ * Clean the resouce associated with @backend that realizaed
+ * by the specific backend's init() callback
+ */
+void qcrypto_cryptodev_backend_cleanup(
+ QCryptoCryptoDevBackend *backend,
+ Error **errp);
+
+#endif /* QCRYPTO_CRYPTODEV_H */
--
1.7.12.4
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [Qemu-devel] [PATCH v5 02/14] cryptodev: add symmetric algorithm operation stuff
2016-10-06 11:36 [Qemu-devel] [PATCH v5 00/14] virtio-crypto: introduce framework and device emulation Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 01/14] cryptodev: introduce cryptodev backend interface Gonglei
@ 2016-10-06 11:36 ` Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 03/14] virtio-crypto: introduce virtio_crypto.h Gonglei
` (11 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Gonglei @ 2016-10-06 11:36 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, Gonglei
This patch adds session operation and crypto operation
stuff in the cryptodev backend, including function
pointers and corresponding structures.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
backends/cryptodev.c | 45 +++++++++++++++
include/sysemu/cryptodev.h | 138 +++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 183 insertions(+)
diff --git a/backends/cryptodev.c b/backends/cryptodev.c
index 20ab456..e4c066a 100644
--- a/backends/cryptodev.c
+++ b/backends/cryptodev.c
@@ -75,6 +75,51 @@ void qcrypto_cryptodev_backend_cleanup(
backend->ready = false;
}
+int64_t qcrypto_cryptodev_backend_sym_create_session(
+ QCryptoCryptoDevBackend *backend,
+ QCryptoCryptoDevBackendSymSessionInfo *sess_info,
+ uint32_t queue_index, Error **errp)
+{
+ QCryptoCryptoDevBackendClass *bc =
+ QCRYPTO_CRYPTODEV_BACKEND_GET_CLASS(backend);
+
+ if (bc->create_session) {
+ return bc->create_session(backend, sess_info, queue_index, errp);
+ }
+
+ return -1;
+}
+
+int qcrypto_cryptodev_backend_sym_close_session(
+ QCryptoCryptoDevBackend *backend,
+ uint64_t session_id,
+ uint32_t queue_index, Error **errp)
+{
+ QCryptoCryptoDevBackendClass *bc =
+ QCRYPTO_CRYPTODEV_BACKEND_GET_CLASS(backend);
+
+ if (bc->close_session) {
+ return bc->close_session(backend, session_id, queue_index, errp);
+ }
+
+ return -1;
+}
+
+int qcrypto_cryptodev_backend_sym_operation(
+ QCryptoCryptoDevBackend *backend,
+ QCryptoCryptoDevBackendSymOpInfo *op_info,
+ uint32_t queue_index, Error **errp)
+{
+ QCryptoCryptoDevBackendClass *bc =
+ QCRYPTO_CRYPTODEV_BACKEND_GET_CLASS(backend);
+
+ if (bc->do_sym_op) {
+ return bc->do_sym_op(backend, op_info, queue_index, errp);
+ }
+
+ return -1;
+}
+
static void
qcrypto_cryptodev_backend_get_queues(Object *obj, Visitor *v, const char *name,
void *opaque, Error **errp)
diff --git a/include/sysemu/cryptodev.h b/include/sysemu/cryptodev.h
index d43cbb4..70565b5 100644
--- a/include/sysemu/cryptodev.h
+++ b/include/sysemu/cryptodev.h
@@ -56,12 +56,100 @@ typedef struct QCryptoCryptoDevBackendClientState
QCryptoCryptoDevBackendClientState;
typedef struct QCryptoCryptoDevBackend QCryptoCryptoDevBackend;
+enum QCryptoCryptoDevBackendAlgType {
+ QCRYPTO_CRYPTODEV_BACKEND_ALG_SYM,
+ QCRYPTO_CRYPTODEV_BACKEND_ALG__MAX,
+};
+
+/**
+ * QCryptoCryptoDevBackendSymSessionInfo:
+ *
+ * @op_code: operation code (refer to virtio_crypto.h)
+ * @cipher_alg: algorithm type of CIPHER
+ * @key_len: byte length of cipher key
+ * @hash_alg: algorithm type of HASH/MAC
+ * @hash_result_len: byte length of HASH operation result
+ * @auth_key_len: byte length of authenticated key
+ * @add_len: byte length of additional authenticated data
+ * @op_type: operation type (refer to virtio_crypto.h)
+ * @direction: encryption or direction for CIPHER
+ * @hash_mode: HASH mode for HASH operation (refer to virtio_crypto.h)
+ * @alg_chain_order: order of algorithm chaining (CIPHER then HASH,
+ * or HASH then CIPHER)
+ * @cipher_key: point to a key of CIPHER
+ * @auth_key: point to an authenticated key of MAC
+ *
+ */
+typedef struct QCryptoCryptoDevBackendSymSessionInfo {
+ /* corresponding with virtio crypto spec */
+ uint32_t op_code;
+ uint32_t cipher_alg;
+ uint32_t key_len;
+ uint32_t hash_alg;
+ uint32_t hash_result_len;
+ uint32_t auth_key_len;
+ uint32_t add_len;
+ uint8_t op_type;
+ uint8_t direction;
+ uint8_t hash_mode;
+ uint8_t alg_chain_order;
+ uint8_t *cipher_key;
+ uint8_t *auth_key;
+} QCryptoCryptoDevBackendSymSessionInfo;
+
+/**
+ * QCryptoCryptoDevBackendSymOpInfo:
+ *
+ * @session_id: session index which was previously
+ * created by qcrypto_cryptodev_backend_sym_create_session()
+ * @aad_len: byte length of additional authenticated data
+ * @iv_len: byte length of initialization vector or counter
+ * @src_len: byte length of source data
+ * @dst_len: byte length of destination data
+ * @digest_result_len: byte length of hash digest result
+ * @hash_start_src_offset: Starting point for hash processing, specified
+ * as number of bytes from start of packet in source data
+ * @op_type: operation type (refer to virtio_crypto.h)
+ * @iv: point to the initialization vector or counter
+ * @src: point to the source data
+ * @dst: point to the destination data
+ * @aad_data: point to the additional authenticated data
+ * @digest_result: point to the digest result data
+ * @data[0]: point to the extensional memory by one memory allocation
+ *
+ */
+typedef struct QCryptoCryptoDevBackendSymOpInfo {
+ uint64_t session_id;
+ uint32_t aad_len;
+ uint32_t iv_len;
+ uint32_t src_len;
+ uint32_t dst_len;
+ uint32_t digest_result_len;
+ uint32_t hash_start_src_offset;
+ uint8_t op_type;
+ uint8_t *iv;
+ uint8_t *src;
+ uint8_t *dst;
+ uint8_t *aad_data;
+ uint8_t *digest_result;
+ uint8_t data[0];
+} QCryptoCryptoDevBackendSymOpInfo;
typedef struct QCryptoCryptoDevBackendClass {
ObjectClass parent_class;
void (*init)(QCryptoCryptoDevBackend *backend, Error **errp);
void (*cleanup)(QCryptoCryptoDevBackend *backend, Error **errp);
+
+ int64_t (*create_session)(QCryptoCryptoDevBackend *backend,
+ QCryptoCryptoDevBackendSymSessionInfo *sess_info,
+ uint32_t queue_index, Error **errp);
+ int (*close_session)(QCryptoCryptoDevBackend *backend,
+ uint64_t session_id,
+ uint32_t queue_index, Error **errp);
+ int (*do_sym_op)(QCryptoCryptoDevBackend *backend,
+ QCryptoCryptoDevBackendSymOpInfo *op_info,
+ uint32_t queue_index, Error **errp);
} QCryptoCryptoDevBackendClass;
@@ -142,4 +230,54 @@ void qcrypto_cryptodev_backend_cleanup(
QCryptoCryptoDevBackend *backend,
Error **errp);
+/**
+ * qcrypto_cryptodev_backend_sym_create_session:
+ * @backend: the cryptodev backend object
+ * @sess_info: parameters needed by session creating
+ * @queue_index: queue index of cryptodev backend client
+ * @errp: pointer to a NULL-initialized error object
+ *
+ * Create a session for symmetric algorithms
+ *
+ * Returns: session id on success, or -1 on error
+ */
+int64_t qcrypto_cryptodev_backend_sym_create_session(
+ QCryptoCryptoDevBackend *backend,
+ QCryptoCryptoDevBackendSymSessionInfo *sess_info,
+ uint32_t queue_index, Error **errp);
+
+/**
+ * qcrypto_cryptodev_backend_sym_close_session:
+ * @backend: the cryptodev backend object
+ * @session_id: the session id
+ * @queue_index: queue index of cryptodev backend client
+ * @errp: pointer to a NULL-initialized error object
+ *
+ * Close a session for symmetric algorithms which was previously
+ * created by qcrypto_cryptodev_backend_sym_create_session()
+ *
+ * Returns: 0 on success, or Negative on error
+ */
+int qcrypto_cryptodev_backend_sym_close_session(
+ QCryptoCryptoDevBackend *backend,
+ uint64_t session_id,
+ uint32_t queue_index, Error **errp);
+
+/**
+ * qcrypto_cryptodev_backend_sym_operation:
+ * @backend: the cryptodev backend object
+ * @op_info: parameters needed by symmetric crypto operation
+ * @queue_index: queue index of cryptodev backend client
+ * @errp: pointer to a NULL-initialized error object
+ *
+ * Do symmetric crypto operation, such as encryption and
+ * decryption
+ *
+ * Returns: 0 on success, or Negative on error
+ */
+int qcrypto_cryptodev_backend_sym_operation(
+ QCryptoCryptoDevBackend *backend,
+ QCryptoCryptoDevBackendSymOpInfo *op_info,
+ uint32_t queue_index, Error **errp);
+
#endif /* QCRYPTO_CRYPTODEV_H */
--
1.7.12.4
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [Qemu-devel] [PATCH v5 03/14] virtio-crypto: introduce virtio_crypto.h
2016-10-06 11:36 [Qemu-devel] [PATCH v5 00/14] virtio-crypto: introduce framework and device emulation Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 01/14] cryptodev: introduce cryptodev backend interface Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 02/14] cryptodev: add symmetric algorithm operation stuff Gonglei
@ 2016-10-06 11:36 ` Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 04/14] cryptodev: introduce a new cryptodev backend Gonglei
` (10 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Gonglei @ 2016-10-06 11:36 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, Gonglei
Introduce the virtio_crypto.h which follows
virtio-crypto specification.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
include/standard-headers/linux/virtio_crypto.h | 381 +++++++++++++++++++++++++
1 file changed, 381 insertions(+)
create mode 100644 include/standard-headers/linux/virtio_crypto.h
diff --git a/include/standard-headers/linux/virtio_crypto.h b/include/standard-headers/linux/virtio_crypto.h
new file mode 100644
index 0000000..a62d192
--- /dev/null
+++ b/include/standard-headers/linux/virtio_crypto.h
@@ -0,0 +1,381 @@
+#ifndef _VIRTIO_CRYPTO_H
+#define _VIRTIO_CRYPTO_H
+
+#include "standard-headers/linux/types.h"
+#include "standard-headers/linux/virtio_config.h"
+#include "standard-headers/linux/virtio_types.h"
+
+
+#define VIRTIO_CRYPTO_SERVICE_CIPHER (0)
+#define VIRTIO_CRYPTO_SERVICE_HASH (1)
+#define VIRTIO_CRYPTO_SERVICE_MAC (2)
+#define VIRTIO_CRYPTO_SERVICE_AEAD (3)
+
+#define VIRTIO_CRYPTO_OPCODE(service, op) ((service << 8) | (op))
+
+struct virtio_crypto_ctrl_header {
+#define VIRTIO_CRYPTO_CIPHER_CREATE_SESSION \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x02)
+#define VIRTIO_CRYPTO_CIPHER_DESTROY_SESSION \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x03)
+#define VIRTIO_CRYPTO_HASH_CREATE_SESSION \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x02)
+#define VIRTIO_CRYPTO_HASH_DESTROY_SESSION \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x03)
+#define VIRTIO_CRYPTO_MAC_CREATE_SESSION \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x02)
+#define VIRTIO_CRYPTO_MAC_DESTROY_SESSION \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x03)
+#define VIRTIO_CRYPTO_AEAD_CREATE_SESSION \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x02)
+#define VIRTIO_CRYPTO_AEAD_DESTROY_SESSION \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x03)
+ __virtio32 opcode;
+ __virtio32 algo;
+ __virtio32 flag;
+ /* data virtqueue id */
+ __virtio32 queue_id;
+};
+
+struct virtio_crypto_cipher_session_para {
+#define VIRTIO_CRYPTO_NO_CIPHER 0
+#define VIRTIO_CRYPTO_CIPHER_ARC4 1
+#define VIRTIO_CRYPTO_CIPHER_AES_ECB 2
+#define VIRTIO_CRYPTO_CIPHER_AES_CBC 3
+#define VIRTIO_CRYPTO_CIPHER_AES_CTR 4
+#define VIRTIO_CRYPTO_CIPHER_DES_ECB 5
+#define VIRTIO_CRYPTO_CIPHER_DES_CBC 6
+#define VIRTIO_CRYPTO_CIPHER_3DES_ECB 7
+#define VIRTIO_CRYPTO_CIPHER_3DES_CBC 8
+#define VIRTIO_CRYPTO_CIPHER_3DES_CTR 9
+#define VIRTIO_CRYPTO_CIPHER_KASUMI_F8 10
+#define VIRTIO_CRYPTO_CIPHER_SNOW3G_UEA2 11
+#define VIRTIO_CRYPTO_CIPHER_AES_F8 12
+#define VIRTIO_CRYPTO_CIPHER_AES_XTS 13
+#define VIRTIO_CRYPTO_CIPHER_ZUC_EEA3 14
+ __virtio32 algo;
+ /* length of key */
+ __virtio32 keylen;
+
+#define VIRTIO_CRYPTO_OP_ENCRYPT 1
+#define VIRTIO_CRYPTO_OP_DECRYPT 2
+ /* encrypt or decrypt */
+ __virtio32 op;
+ __virtio32 padding;
+};
+
+struct virtio_crypto_session_input {
+ /* Device-writable part */
+ __virtio64 session_id;
+ __virtio32 status;
+ __virtio32 padding;
+};
+
+struct virtio_crypto_cipher_session_req {
+ struct virtio_crypto_cipher_session_para para;
+};
+
+struct virtio_crypto_hash_session_para {
+#define VIRTIO_CRYPTO_NO_HASH 0
+#define VIRTIO_CRYPTO_HASH_MD5 1
+#define VIRTIO_CRYPTO_HASH_SHA1 2
+#define VIRTIO_CRYPTO_HASH_SHA_224 3
+#define VIRTIO_CRYPTO_HASH_SHA_256 4
+#define VIRTIO_CRYPTO_HASH_SHA_384 5
+#define VIRTIO_CRYPTO_HASH_SHA_512 6
+#define VIRTIO_CRYPTO_HASH_SHA3_224 7
+#define VIRTIO_CRYPTO_HASH_SHA3_256 8
+#define VIRTIO_CRYPTO_HASH_SHA3_384 9
+#define VIRTIO_CRYPTO_HASH_SHA3_512 10
+#define VIRTIO_CRYPTO_HASH_SHA3_SHAKE128 11
+#define VIRTIO_CRYPTO_HASH_SHA3_SHAKE256 12
+ __virtio32 algo;
+ /* hash result length */
+ __virtio32 hash_result_len;
+};
+
+struct virtio_crypto_hash_create_session_req {
+ struct virtio_crypto_hash_session_para para;
+};
+
+struct virtio_crypto_mac_session_para {
+#define VIRTIO_CRYPTO_NO_MAC 0
+#define VIRTIO_CRYPTO_MAC_HMAC_MD5 1
+#define VIRTIO_CRYPTO_MAC_HMAC_SHA1 2
+#define VIRTIO_CRYPTO_MAC_HMAC_SHA_224 3
+#define VIRTIO_CRYPTO_MAC_HMAC_SHA_256 4
+#define VIRTIO_CRYPTO_MAC_HMAC_SHA_384 5
+#define VIRTIO_CRYPTO_MAC_HMAC_SHA_512 6
+#define VIRTIO_CRYPTO_MAC_CMAC_3DES 25
+#define VIRTIO_CRYPTO_MAC_CMAC_AES 26
+#define VIRTIO_CRYPTO_MAC_KASUMI_F9 27
+#define VIRTIO_CRYPTO_MAC_SNOW3G_UIA2 28
+#define VIRTIO_CRYPTO_MAC_GMAC_AES 41
+#define VIRTIO_CRYPTO_MAC_GMAC_TWOFISH 42
+#define VIRTIO_CRYPTO_MAC_CBCMAC_AES 49
+#define VIRTIO_CRYPTO_MAC_CBCMAC_KASUMI_F9 50
+#define VIRTIO_CRYPTO_MAC_XCBC_AES 53
+ __virtio32 algo;
+ /* hash result length */
+ __virtio32 hash_result_len;
+ /* length of authenticated key */
+ __virtio32 auth_key_len;
+ __virtio32 padding;
+};
+
+struct virtio_crypto_mac_create_session_req {
+ struct virtio_crypto_mac_session_para para;
+};
+
+struct virtio_crypto_aead_session_para {
+#define VIRTIO_CRYPTO_NO_AEAD 0
+#define VIRTIO_CRYPTO_AEAD_GCM 1
+#define VIRTIO_CRYPTO_AEAD_CCM 2
+#define VIRTIO_CRYPTO_AEAD_CHACHA20_POLY1305 3
+ __virtio32 algo;
+ /* length of key */
+ __virtio32 key_len;
+ /* digest result length */
+ __virtio32 digest_result_len;
+ /* length of the additional authenticated data (AAD) in bytes */
+ __virtio32 aad_len;
+ /* encrypt or decrypt, See above VIRTIO_CRYPTO_OP_* */
+ __virtio32 op;
+ __virtio32 padding;
+};
+
+struct virtio_crypto_aead_create_session_req {
+ struct virtio_crypto_aead_session_para para;
+};
+
+struct virtio_crypto_alg_chain_session_para {
+#define VIRTIO_CRYPTO_SYM_ALG_CHAIN_ORDER_HASH_THEN_CIPHER 1
+#define VIRTIO_CRYPTO_SYM_ALG_CHAIN_ORDER_CIPHER_THEN_HASH 2
+ __virtio32 alg_chain_order;
+/* Plain hash */
+#define VIRTIO_CRYPTO_SYM_HASH_MODE_PLAIN 1
+/* Authenticated hash (mac) */
+#define VIRTIO_CRYPTO_SYM_HASH_MODE_AUTH 2
+/* Nested hash */
+#define VIRTIO_CRYPTO_SYM_HASH_MODE_NESTED 3
+ __virtio32 hash_mode;
+ struct virtio_crypto_cipher_session_para cipher_param;
+ union {
+ struct virtio_crypto_hash_session_para hash_param;
+ struct virtio_crypto_mac_session_para mac_param;
+ } u;
+ /* length of the additional authenticated data (AAD) in bytes */
+ __virtio32 aad_len;
+ __virtio32 padding;
+};
+
+struct virtio_crypto_alg_chain_session_req {
+ struct virtio_crypto_alg_chain_session_para para;
+};
+
+struct virtio_crypto_sym_create_session_req {
+ union {
+ struct virtio_crypto_cipher_session_req cipher;
+ struct virtio_crypto_alg_chain_session_req chain;
+ } u;
+
+ /* Device-readable part */
+
+/* No operation */
+#define VIRTIO_CRYPTO_SYM_OP_NONE 0
+/* Cipher only operation on the data */
+#define VIRTIO_CRYPTO_SYM_OP_CIPHER 1
+/* Chain any cipher with any hash or mac operation. The order
+ depends on the value of alg_chain_order param */
+#define VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING 2
+ __virtio32 op_type;
+ __virtio32 padding;
+};
+
+struct virtio_crypto_destroy_session_req {
+ /* Device-readable part */
+ __virtio64 session_id;
+};
+
+/* The request of the control viritqueue's packet */
+struct virtio_crypto_op_ctrl_req {
+ struct virtio_crypto_ctrl_header header;
+
+ union {
+ struct virtio_crypto_sym_create_session_req sym_create_session;
+ struct virtio_crypto_hash_create_session_req hash_create_session;
+ struct virtio_crypto_mac_create_session_req mac_create_session;
+ struct virtio_crypto_aead_create_session_req aead_create_session;
+ struct virtio_crypto_destroy_session_req destroy_session;
+ } u;
+};
+
+struct virtio_crypto_op_header {
+#define VIRTIO_CRYPTO_CIPHER_ENCRYPT \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x00)
+#define VIRTIO_CRYPTO_CIPHER_DECRYPT \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x01)
+#define VIRTIO_CRYPTO_HASH \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x00)
+#define VIRTIO_CRYPTO_MAC \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x00)
+#define VIRTIO_CRYPTO_AEAD_ENCRYPT \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x00)
+#define VIRTIO_CRYPTO_AEAD_DECRYPT \
+ VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x01)
+ __virtio32 opcode;
+ /* algo should be service-specific algorithms */
+ __virtio32 algo;
+ /* session_id should be service-specific algorithms */
+ __virtio64 session_id;
+ /* control flag to control the request */
+ __virtio32 flag;
+ __virtio32 padding;
+};
+
+struct virtio_crypto_cipher_para {
+ /*
+ * Byte Length of valid IV/Counter
+ *
+ * - For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or for
+ * SNOW3G in UEA2 mode, this is the length of the IV (which
+ * must be the same as the block length of the cipher).
+ * - For block ciphers in CTR mode, this is the length of the counter
+ * (which must be the same as the block length of the cipher).
+ * - For AES-XTS, this is the 128bit tweak, i, from IEEE Std 1619-2007.
+ *
+ * The IV/Counter will be updated after every partial cryptographic
+ * operation.
+ */
+ __virtio32 iv_len;
+ /* length of source data */
+ __virtio32 src_data_len;
+ /* length of dst data */
+ __virtio32 dst_data_len;
+ __virtio32 padding;
+};
+
+struct virtio_crypto_hash_para {
+ /* length of source data */
+ __virtio32 src_data_len;
+ /* hash result length */
+ __virtio32 hash_result_len;
+};
+
+struct virtio_crypto_mac_para {
+ struct virtio_crypto_hash_para hash;
+};
+
+struct virtio_crypto_aead_para {
+ /*
+ * Byte Length of valid IV data pointed to by the below iv_addr
+ * parameter.
+ *
+ * - For GCM mode, this is either 12 (for 96-bit IVs) or 16, in which
+ * case iv_addr points to J0.
+ * - For CCM mode, this is the length of the nonce, which can be in the
+ * range 7 to 13 inclusive.
+ */
+ __virtio32 iv_len;
+ /* length of additional auth data */
+ __virtio32 aad_len;
+ /* length of source data */
+ __virtio32 src_data_len;
+ /* length of dst data */
+ __virtio32 dst_data_len;
+};
+
+struct virtio_crypto_cipher_data_req {
+ /* Device-readable part */
+ struct virtio_crypto_cipher_para para;
+};
+
+struct virtio_crypto_hash_data_req {
+ /* Device-readable part */
+ struct virtio_crypto_hash_para para;
+};
+
+struct virtio_crypto_mac_data_req {
+ /* Device-readable part */
+ struct virtio_crypto_mac_para para;
+};
+
+struct virtio_crypto_alg_chain_data_para {
+ struct virtio_crypto_cipher_para cipher;
+ /* Starting point for hash processing in source data */
+ __virtio32 hash_start_src_offset;
+ /* Length of the source data that the hash will be computed on */
+ __virtio32 len_to_hash;
+ /* Length of the additional auth data */
+ __virtio32 aad_len;
+ /* Length of the hash result */
+ __virtio32 hash_result_len;
+};
+
+struct virtio_crypto_alg_chain_data_req {
+ /* Device-readable part */
+ struct virtio_crypto_alg_chain_data_para para;
+};
+
+struct virtio_crypto_sym_data_req {
+ union {
+ struct virtio_crypto_cipher_data_req cipher;
+ struct virtio_crypto_alg_chain_data_req chain;
+ } u;
+
+ /* See above VIRTIO_CRYPTO_SYM_OP_* */
+ __virtio32 op_type;
+ __virtio32 padding;
+};
+
+struct virtio_crypto_aead_data_req {
+ /* Device-readable part */
+ struct virtio_crypto_aead_para para;
+};
+
+/* The request of the data viritqueue's packet */
+struct virtio_crypto_op_data_req {
+ struct virtio_crypto_op_header header;
+
+ union {
+ struct virtio_crypto_sym_data_req sym_req;
+ struct virtio_crypto_hash_data_req hash_req;
+ struct virtio_crypto_mac_data_req mac_req;
+ struct virtio_crypto_aead_data_req aead_req;
+ } u;
+};
+
+#define VIRTIO_CRYPTO_OK 0
+#define VIRTIO_CRYPTO_ERR 1
+#define VIRTIO_CRYPTO_BADMSG 2
+#define VIRTIO_CRYPTO_NOTSUPP 3
+#define VIRTIO_CRYPTO_INVSESS 4 /* Invaild session id */
+
+/* The accelerator hardware is ready */
+#define VIRTIO_CRYPTO_S_HW_READY (1 << 0)
+#define VIRTIO_CRYPTO_S_STARTED (1 << 1)
+
+struct virtio_crypto_config {
+ /* See VIRTIO_CRYPTO_OP_* above */
+ __virtio32 status;
+
+ /*
+ * Maximum number of data queue legal values are between 1 and 0x8000
+ */
+ __virtio32 max_dataqueues;
+
+ /* Specifies the services mask which the devcie support,
+ see VIRTIO_CRYPTO_SERVICE_* above */
+ __virtio32 crypto_services;
+
+ /* Detailed algorithms mask */
+ __virtio32 cipher_algo_l;
+ __virtio32 cipher_algo_h;
+ __virtio32 hash_algo;
+ __virtio32 mac_algo_l;
+ __virtio32 mac_algo_h;
+ __virtio32 aead_algo;
+ __virtio32 reserve;
+};
+
+#endif
--
1.7.12.4
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [Qemu-devel] [PATCH v5 04/14] cryptodev: introduce a new cryptodev backend
2016-10-06 11:36 [Qemu-devel] [PATCH v5 00/14] virtio-crypto: introduce framework and device emulation Gonglei
` (2 preceding siblings ...)
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 03/14] virtio-crypto: introduce virtio_crypto.h Gonglei
@ 2016-10-06 11:36 ` Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 05/14] virtio-crypto: add virtio crypto device emulation Gonglei
` (9 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Gonglei @ 2016-10-06 11:36 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, Gonglei
The new cryptodev backend named cryptodev-builtin,
which realized by QEMU cipher APIS. These APIs can
be backed by either nettle or gcrypt.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
backends/Makefile.objs | 1 +
backends/cryptodev-builtin.c | 345 +++++++++++++++++++++++++++++++++++++++++++
qemu-options.hx | 18 +++
3 files changed, 364 insertions(+)
create mode 100644 backends/cryptodev-builtin.c
diff --git a/backends/Makefile.objs b/backends/Makefile.objs
index 55bd43d..1846998 100644
--- a/backends/Makefile.objs
+++ b/backends/Makefile.objs
@@ -11,3 +11,4 @@ common-obj-y += hostmem.o hostmem-ram.o
common-obj-$(CONFIG_LINUX) += hostmem-file.o
common-obj-y += cryptodev.o
+common-obj-y += cryptodev-builtin.o
diff --git a/backends/cryptodev-builtin.c b/backends/cryptodev-builtin.c
new file mode 100644
index 0000000..1592208
--- /dev/null
+++ b/backends/cryptodev-builtin.c
@@ -0,0 +1,345 @@
+/*
+ * QEMU Cryptodev backend for QEMU cipher APIs
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "sysemu/cryptodev.h"
+#include "hw/boards.h"
+#include "qapi/error.h"
+#include "standard-headers/linux/virtio_crypto.h"
+#include "crypto/cipher.h"
+
+
+/**
+ * @TYPE_QCRYPTO_CRYPTODEV_BACKEND_BUILTIN:
+ * name of backend that uses QEMU cipher API
+ */
+#define TYPE_QCRYPTO_CRYPTODEV_BACKEND_BUILTIN "cryptodev-backend-builtin"
+
+#define QCRYPTO_CRYPTODEV_BACKEND_BUILTIN(obj) \
+ OBJECT_CHECK(QCryptoCryptoDevBackendBuiltin, \
+ (obj), TYPE_QCRYPTO_CRYPTODEV_BACKEND_BUILTIN)
+
+typedef struct QCryptoCryptoDevBackendBuiltin
+ QCryptoCryptoDevBackendBuiltin;
+
+typedef struct QCryptoCryptoDevBackendBuiltinSession {
+ QCryptoCipher *cipher;
+ uint8_t direction; /* encryption or decryption */
+ uint8_t type; /* cipher? hash? aead? */
+ QTAILQ_ENTRY(QCryptoCryptoDevBackendBuiltinSession) next;
+} QCryptoCryptoDevBackendBuiltinSession;
+
+/* Max number of symmetric sessions */
+#define MAX_NUM_SESSIONS 256
+
+
+struct QCryptoCryptoDevBackendBuiltin {
+ QCryptoCryptoDevBackend parent_obj;
+
+ QCryptoCryptoDevBackendBuiltinSession *sessions[MAX_NUM_SESSIONS];
+};
+
+static void cryptodev_builtin_init(
+ QCryptoCryptoDevBackend *backend, Error **errp)
+{
+ /* Only support one queue */
+ int queues = backend->conf.peers.queues;
+ QCryptoCryptoDevBackendClientState *cc;
+
+ if (queues != 1) {
+ error_setg(errp,
+ "Only support one queue in cryptdov-builtin backend");
+ return;
+ }
+
+ cc = qcrypto_cryptodev_backend_new_client(
+ "cryptodev-builtin", NULL);
+ cc->info_str = g_strdup_printf("cryptodev-builtin0");
+ cc->queue_index = 0;
+ backend->conf.peers.ccs[0] = cc;
+
+ backend->conf.crypto_services =
+ 1u << VIRTIO_CRYPTO_SERVICE_CIPHER |
+ 1u << VIRTIO_CRYPTO_SERVICE_HASH |
+ 1u << VIRTIO_CRYPTO_SERVICE_MAC;
+ backend->conf.cipher_algo_l = 1u << VIRTIO_CRYPTO_CIPHER_AES_CBC;
+ backend->conf.hash_algo = 1u << VIRTIO_CRYPTO_HASH_SHA1;
+}
+
+static int
+cryptodev_builtin_get_unused_session_index(
+ QCryptoCryptoDevBackendBuiltin *builtin)
+{
+ size_t i;
+
+ for (i = 0; i < MAX_NUM_SESSIONS; i++) {
+ if (builtin->sessions[i] == NULL) {
+ return i;
+ }
+ }
+
+ return -1;
+}
+
+static int
+cryptodev_builtin_get_aes_algo(uint32_t key_len, Error **errp)
+{
+ int algo;
+
+ if (key_len == 128 / 8) {
+ algo = QCRYPTO_CIPHER_ALG_AES_128;
+ } else if (key_len == 192 / 8) {
+ algo = QCRYPTO_CIPHER_ALG_AES_192;
+ } else if (key_len == 256 / 8) {
+ algo = QCRYPTO_CIPHER_ALG_AES_256;
+ } else {
+ error_setg(errp, "Unsupported key length :%u", key_len);
+ return -1;
+ }
+
+ return algo;
+}
+
+static int cryptodev_builtin_create_cipher_session(
+ QCryptoCryptoDevBackendBuiltin *builtin,
+ QCryptoCryptoDevBackendSymSessionInfo *sess_info,
+ Error **errp)
+{
+ int algo;
+ int mode;
+ QCryptoCipher *cipher;
+ int index;
+ QCryptoCryptoDevBackendBuiltinSession *sess;
+
+ if (sess_info->op_type != VIRTIO_CRYPTO_SYM_OP_CIPHER) {
+ error_setg(errp, "Unsupported optype :%u", sess_info->op_type);
+ return -1;
+ }
+
+ index = cryptodev_builtin_get_unused_session_index(builtin);
+ if (index < 0) {
+ error_setg(errp, "Total number of sessions created exceeds %u",
+ MAX_NUM_SESSIONS);
+ return -1;
+ }
+
+ switch (sess_info->cipher_alg) {
+ case VIRTIO_CRYPTO_CIPHER_AES_ECB:
+ algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
+ errp);
+ if (algo < 0) {
+ return -1;
+ }
+ mode = QCRYPTO_CIPHER_MODE_ECB;
+ break;
+ case VIRTIO_CRYPTO_CIPHER_AES_CBC:
+ algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
+ errp);
+ if (algo < 0) {
+ return -1;
+ }
+ mode = QCRYPTO_CIPHER_MODE_CBC;
+ break;
+ case VIRTIO_CRYPTO_CIPHER_AES_CTR:
+ algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
+ errp);
+ if (algo < 0) {
+ return -1;
+ }
+ mode = QCRYPTO_CIPHER_MODE_CTR;
+ break;
+ case VIRTIO_CRYPTO_CIPHER_DES_ECB:
+ algo = QCRYPTO_CIPHER_ALG_DES_RFB;
+ mode = QCRYPTO_CIPHER_MODE_ECB;
+ break;
+ default:
+ error_setg(errp, "Unsupported cipher alg :%u",
+ sess_info->cipher_alg);
+ return -1;
+ }
+
+ cipher = qcrypto_cipher_new(algo, mode,
+ sess_info->cipher_key,
+ sess_info->key_len,
+ errp);
+ if (!cipher) {
+ return -1;
+ }
+
+ sess = g_new0(QCryptoCryptoDevBackendBuiltinSession, 1);
+ sess->cipher = cipher;
+ sess->direction = sess_info->direction;
+ sess->type = sess_info->op_type;
+
+ builtin->sessions[index] = sess;
+
+ return index;
+}
+
+static int64_t cryptodev_builtin_sym_create_session(
+ QCryptoCryptoDevBackend *backend,
+ QCryptoCryptoDevBackendSymSessionInfo *sess_info,
+ uint32_t queue_index, Error **errp)
+{
+ QCryptoCryptoDevBackendBuiltin *builtin =
+ QCRYPTO_CRYPTODEV_BACKEND_BUILTIN(backend);
+ int64_t session_id = -1;
+ int ret;
+
+ switch (sess_info->op_code) {
+ case VIRTIO_CRYPTO_CIPHER_CREATE_SESSION:
+ ret = cryptodev_builtin_create_cipher_session(
+ builtin, sess_info, errp);
+ if (ret < 0) {
+ return ret;
+ } else {
+ session_id = ret;
+ }
+ break;
+ case VIRTIO_CRYPTO_HASH_CREATE_SESSION:
+ case VIRTIO_CRYPTO_MAC_CREATE_SESSION:
+ default:
+ error_setg(errp, "Unsupported opcode :%" PRIu32 "",
+ sess_info->op_code);
+ return -1;
+ }
+
+ return session_id;
+}
+
+static int cryptodev_builtin_sym_close_session(
+ QCryptoCryptoDevBackend *backend,
+ uint64_t session_id,
+ uint32_t queue_index, Error **errp)
+{
+ QCryptoCryptoDevBackendBuiltin *builtin =
+ QCRYPTO_CRYPTODEV_BACKEND_BUILTIN(backend);
+
+ if (session_id >= MAX_NUM_SESSIONS ||
+ builtin->sessions[session_id] == NULL) {
+ error_setg(errp, "Cannot find a valid session id: %" PRIu64 "",
+ session_id);
+ return -1;
+ }
+
+ qcrypto_cipher_free(builtin->sessions[session_id]->cipher);
+ g_free(builtin->sessions[session_id]);
+ builtin->sessions[session_id] = NULL;
+ return 0;
+}
+
+static int cryptodev_builtin_sym_operation(
+ QCryptoCryptoDevBackend *backend,
+ QCryptoCryptoDevBackendSymOpInfo *op_info,
+ uint32_t queue_index, Error **errp)
+{
+ QCryptoCryptoDevBackendBuiltin *builtin =
+ QCRYPTO_CRYPTODEV_BACKEND_BUILTIN(backend);
+ QCryptoCryptoDevBackendBuiltinSession *sess;
+ int ret;
+
+ if (op_info->session_id >= MAX_NUM_SESSIONS ||
+ builtin->sessions[op_info->session_id] == NULL) {
+ error_setg(errp, "Cannot find a valid session id: %" PRIu64 "",
+ op_info->session_id);
+ return -VIRTIO_CRYPTO_INVSESS;
+ }
+
+ sess = builtin->sessions[op_info->session_id];
+
+ ret = qcrypto_cipher_setiv(sess->cipher, op_info->iv,
+ op_info->iv_len, errp);
+ if (ret < 0) {
+ return -VIRTIO_CRYPTO_ERR;
+ }
+
+ if (sess->direction == VIRTIO_CRYPTO_OP_ENCRYPT) {
+ ret = qcrypto_cipher_encrypt(sess->cipher, op_info->src,
+ op_info->dst, op_info->src_len, errp);
+ if (ret < 0) {
+ return -VIRTIO_CRYPTO_ERR;
+ }
+ } else {
+ ret = qcrypto_cipher_decrypt(sess->cipher, op_info->src,
+ op_info->dst, op_info->src_len, errp);
+ if (ret < 0) {
+ return -VIRTIO_CRYPTO_ERR;
+ }
+ }
+ return 0;
+}
+
+static void cryptodev_builtin_cleanup(
+ QCryptoCryptoDevBackend *backend,
+ Error **errp)
+{
+ QCryptoCryptoDevBackendBuiltin *builtin =
+ QCRYPTO_CRYPTODEV_BACKEND_BUILTIN(backend);
+ size_t i;
+ int queues = backend->conf.peers.queues;
+ QCryptoCryptoDevBackendClientState *cc;
+
+ for (i = 0; i < MAX_NUM_SESSIONS; i++) {
+ if (builtin->sessions[i] != NULL) {
+ cryptodev_builtin_sym_close_session(
+ backend, i, 0, errp);
+ }
+ }
+
+ assert(queues == 1);
+
+ for (i = 0; i < queues; i++) {
+ cc = backend->conf.peers.ccs[i];
+ if (cc) {
+ qcrypto_cryptodev_backend_free_client(cc);
+ backend->conf.peers.ccs[i] = NULL;
+ }
+ }
+}
+
+static void
+cryptodev_builtin_class_init(ObjectClass *oc, void *data)
+{
+ QCryptoCryptoDevBackendClass *bc = QCRYPTO_CRYPTODEV_BACKEND_CLASS(oc);
+
+ bc->init = cryptodev_builtin_init;
+ bc->cleanup = cryptodev_builtin_cleanup;
+ bc->create_session = cryptodev_builtin_sym_create_session;
+ bc->close_session = cryptodev_builtin_sym_close_session;
+ bc->do_sym_op = cryptodev_builtin_sym_operation;
+}
+
+static const TypeInfo cryptodev_builtin_info = {
+ .name = TYPE_QCRYPTO_CRYPTODEV_BACKEND_BUILTIN,
+ .parent = TYPE_QCRYPTO_CRYPTODEV_BACKEND,
+ .class_init = cryptodev_builtin_class_init,
+ .instance_size = sizeof(QCryptoCryptoDevBackendBuiltin),
+};
+
+static void
+cryptodev_builtin_register_types(void)
+{
+ type_register_static(&cryptodev_builtin_info);
+}
+
+type_init(cryptodev_builtin_register_types);
diff --git a/qemu-options.hx b/qemu-options.hx
index 01f01df..616cd30 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -3948,6 +3948,24 @@ secondary:
If you want to know the detail of above command line, you can read
the colo-compare git log.
+@item -object cryptodev-backend-builtin,id=@var{id}[,queues=@var{queues}]
+
+Creates a cryptodev backend which executes crypto opreation from
+the QEMU cipher APIS. The @var{id} parameter is
+a unique ID that will be used to reference this cryptodev backend from
+the @option{virtio-crypto} device. The @var{queues} parameter is optional,
+which specify the queue number of cryptodev backend, the default of
+@var{queues} is 1.
+
+@example
+
+ # qemu-system-x86_64 \
+ [...] \
+ -object cryptodev-backend-builtin,id=cryptodev0 \
+ -device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0 \
+ [...]
+@end example
+
@item -object secret,id=@var{id},data=@var{string},format=@var{raw|base64}[,keyid=@var{secretid},iv=@var{string}]
@item -object secret,id=@var{id},file=@var{filename},format=@var{raw|base64}[,keyid=@var{secretid},iv=@var{string}]
--
1.7.12.4
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [Qemu-devel] [PATCH v5 05/14] virtio-crypto: add virtio crypto device emulation
2016-10-06 11:36 [Qemu-devel] [PATCH v5 00/14] virtio-crypto: introduce framework and device emulation Gonglei
` (3 preceding siblings ...)
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 04/14] cryptodev: introduce a new cryptodev backend Gonglei
@ 2016-10-06 11:36 ` Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 06/14] virtio-crypto-pci: add virtio crypto pci support Gonglei
` (8 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Gonglei @ 2016-10-06 11:36 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, Gonglei
Introduce the virtio crypto realization, I'll
finish the core code in the following patches. The
thoughts came from virtio net realization.
For more information see:
http://qemu-project.org/Features/VirtioCrypto
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
hw/virtio/Makefile.objs | 1 +
hw/virtio/virtio-crypto.c | 166 ++++++++++++++++++++++++++++
include/hw/virtio/virtio-crypto.h | 75 +++++++++++++
include/standard-headers/linux/virtio_ids.h | 2 +-
4 files changed, 243 insertions(+), 1 deletion(-)
create mode 100644 hw/virtio/virtio-crypto.c
create mode 100644 include/hw/virtio/virtio-crypto.h
diff --git a/hw/virtio/Makefile.objs b/hw/virtio/Makefile.objs
index e716308..968f392 100644
--- a/hw/virtio/Makefile.objs
+++ b/hw/virtio/Makefile.objs
@@ -7,3 +7,4 @@ obj-y += virtio.o virtio-balloon.o
obj-$(CONFIG_LINUX) += vhost.o vhost-backend.o vhost-user.o
obj-$(CONFIG_VHOST_VSOCK) += vhost-vsock.o
+obj-y += virtio-crypto.o
diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
new file mode 100644
index 0000000..82d93b3
--- /dev/null
+++ b/hw/virtio/virtio-crypto.c
@@ -0,0 +1,166 @@
+/*
+ * Virtio crypto Support
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * (at your option) any later version. See the COPYING file in the
+ * top-level directory.
+ */
+#include "qemu/osdep.h"
+#include "qemu/iov.h"
+#include "hw/qdev.h"
+#include "qapi/error.h"
+#include "qemu/error-report.h"
+
+#include "hw/virtio/virtio.h"
+#include "hw/virtio/virtio-crypto.h"
+#include "hw/virtio/virtio-access.h"
+#include "standard-headers/linux/virtio_ids.h"
+
+#define VIRTIO_CRYPTO_VM_VERSION 1
+
+static uint64_t virtio_crypto_get_features(VirtIODevice *vdev,
+ uint64_t features,
+ Error **errp)
+{
+ return features;
+}
+
+static void virtio_crypto_save(QEMUFile *f, void *opaque, size_t size)
+{
+ VirtIODevice *vdev = opaque;
+
+ virtio_save(vdev, f);
+}
+
+static int virtio_crypto_load(QEMUFile *f, void *opaque, size_t size)
+{
+ VirtIOCrypto *vcrypto = opaque;
+ int ret;
+
+ ret = virtio_load(VIRTIO_DEVICE(vcrypto), f, VIRTIO_CRYPTO_VM_VERSION);
+ if (ret != 0) {
+ return ret;
+ }
+
+ return 0;
+}
+
+static void virtio_crypto_reset(VirtIODevice *vdev)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(vdev);
+ /* multiqueue is disabled by default */
+ vcrypto->curr_queues = 1;
+ if (!vcrypto->cryptodev->ready) {
+ vcrypto->status &= ~VIRTIO_CRYPTO_S_HW_READY;
+ } else {
+ vcrypto->status |= VIRTIO_CRYPTO_S_HW_READY;
+ }
+}
+
+static void virtio_crypto_device_realize(DeviceState *dev, Error **errp)
+{
+ VirtIODevice *vdev = VIRTIO_DEVICE(dev);
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(dev);
+ int i;
+
+ vcrypto->cryptodev = vcrypto->conf.cryptodev;
+ if (vcrypto->cryptodev == NULL) {
+ error_setg(errp, "'cryptodev' parameter expects a valid object");
+ return;
+ }
+
+ vcrypto->max_queues = MAX(vcrypto->cryptodev->conf.peers.queues, 1);
+ if (vcrypto->max_queues + 1 > VIRTIO_QUEUE_MAX) {
+ error_setg(errp, "Invalid number of queues (= %" PRIu16 "), "
+ "must be a postive integer less than %d.",
+ vcrypto->max_queues, VIRTIO_QUEUE_MAX);
+ return;
+ }
+
+ virtio_init(vdev, "virtio-crypto", VIRTIO_ID_CRYPTO, vcrypto->config_size);
+ vcrypto->curr_queues = 1;
+
+ for (i = 0; i < vcrypto->max_queues; i++) {
+ virtio_add_queue(vdev, 1024, NULL);
+ }
+
+ vcrypto->ctrl_vq = virtio_add_queue(vdev, 64, NULL);
+ if (!vcrypto->cryptodev->ready) {
+ vcrypto->status &= ~VIRTIO_CRYPTO_S_HW_READY;
+ } else {
+ vcrypto->status |= VIRTIO_CRYPTO_S_HW_READY;
+ }
+}
+
+static void virtio_crypto_device_unrealize(DeviceState *dev, Error **errp)
+{
+ VirtIODevice *vdev = VIRTIO_DEVICE(dev);
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(dev);
+
+ unregister_savevm(dev, "virtio-crypto", vcrypto);
+
+ virtio_cleanup(vdev);
+}
+
+VMSTATE_VIRTIO_DEVICE(crypto, VIRTIO_CRYPTO_VM_VERSION,
+ virtio_crypto_load, virtio_crypto_save);
+
+static Property virtio_crypto_properties[] = {
+ DEFINE_PROP_END_OF_LIST(),
+};
+
+static void virtio_crypto_get_config(VirtIODevice *vdev, uint8_t *config)
+{
+
+}
+
+static void virtio_crypto_class_init(ObjectClass *klass, void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(klass);
+ VirtioDeviceClass *vdc = VIRTIO_DEVICE_CLASS(klass);
+
+ dc->props = virtio_crypto_properties;
+ set_bit(DEVICE_CATEGORY_MISC, dc->categories);
+ vdc->realize = virtio_crypto_device_realize;
+ vdc->unrealize = virtio_crypto_device_unrealize;
+ vdc->get_config = virtio_crypto_get_config;
+ vdc->get_features = virtio_crypto_get_features;
+ vdc->reset = virtio_crypto_reset;
+}
+
+static void virtio_crypto_instance_init(Object *obj)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(obj);
+
+ /*
+ * The default config_size is sizeof(struct virtio_crypto_config).
+ * Can be overriden with virtio_crypto_set_config_size.
+ */
+ vcrypto->config_size = sizeof(struct virtio_crypto_config);
+
+ object_property_add_link(obj, "cryptodev",
+ TYPE_QCRYPTO_CRYPTODEV_BACKEND,
+ (Object **)&vcrypto->conf.cryptodev,
+ qdev_prop_allow_set_link_before_realize,
+ OBJ_PROP_LINK_UNREF_ON_RELEASE, NULL);
+}
+
+static const TypeInfo virtio_crypto_info = {
+ .name = TYPE_VIRTIO_CRYPTO,
+ .parent = TYPE_VIRTIO_DEVICE,
+ .instance_size = sizeof(VirtIOCrypto),
+ .instance_init = virtio_crypto_instance_init,
+ .class_init = virtio_crypto_class_init,
+};
+
+static void virtio_register_types(void)
+{
+ type_register_static(&virtio_crypto_info);
+}
+
+type_init(virtio_register_types)
diff --git a/include/hw/virtio/virtio-crypto.h b/include/hw/virtio/virtio-crypto.h
new file mode 100644
index 0000000..1c72234
--- /dev/null
+++ b/include/hw/virtio/virtio-crypto.h
@@ -0,0 +1,75 @@
+/*
+ * Virtio crypto Support
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * (at your option) any later version. See the COPYING file in the
+ * top-level directory.
+ */
+
+#ifndef _QEMU_VIRTIO_CRYPTO_H
+#define _QEMU_VIRTIO_CRYPTO_H
+
+#include "standard-headers/linux/virtio_crypto.h"
+#include "hw/virtio/virtio.h"
+#include "sysemu/iothread.h"
+#include "sysemu/cryptodev.h"
+
+
+#define DEBUG_VIRTIO_CRYPTO 0
+
+#define DPRINTF(fmt, ...) \
+do { \
+ if (DEBUG_VIRTIO_CRYPTO) { \
+ fprintf(stderr, "virtio_crypto: " fmt, ##__VA_ARGS__); \
+ } \
+} while (0)
+
+
+#define TYPE_VIRTIO_CRYPTO "virtio-crypto-device"
+#define VIRTIO_CRYPTO(obj) \
+ OBJECT_CHECK(VirtIOCrypto, (obj), TYPE_VIRTIO_CRYPTO)
+#define VIRTIO_CRYPTO_GET_PARENT_CLASS(obj) \
+ OBJECT_GET_PARENT_CLASS(obj, TYPE_VIRTIO_CRYPTO)
+
+
+typedef struct VirtIOCryptoConf {
+ QCryptoCryptoDevBackend *cryptodev;
+} VirtIOCryptoConf;
+
+struct VirtIOCrypto;
+
+typedef struct VirtIOCryptoReq {
+ VirtQueueElement elem;
+ /* flags of operation, such as type of algorithm */
+ uint32_t flags;
+ /* address of in data (Device to Driver) */
+ void *idata_hva;
+ VirtQueue *vq;
+ struct VirtIOCrypto *vcrypto;
+ union {
+ QCryptoCryptoDevBackendSymOpInfo *sym_op_info;
+ } u;
+} VirtIOCryptoReq;
+
+typedef struct VirtIOCrypto {
+ VirtIODevice parent_obj;
+
+ VirtQueue *ctrl_vq;
+
+ VirtIOCryptoConf conf;
+ QCryptoCryptoDevBackend *cryptodev;
+
+ uint32_t max_queues;
+ uint32_t status;
+
+ int multiqueue;
+ uint32_t curr_queues;
+ size_t config_size;
+} VirtIOCrypto;
+
+#endif /* _QEMU_VIRTIO_CRYPTO_H */
diff --git a/include/standard-headers/linux/virtio_ids.h b/include/standard-headers/linux/virtio_ids.h
index 3228d58..fe74e42 100644
--- a/include/standard-headers/linux/virtio_ids.h
+++ b/include/standard-headers/linux/virtio_ids.h
@@ -42,5 +42,5 @@
#define VIRTIO_ID_GPU 16 /* virtio GPU */
#define VIRTIO_ID_INPUT 18 /* virtio input */
#define VIRTIO_ID_VSOCK 19 /* virtio vsock transport */
-
+#define VIRTIO_ID_CRYPTO 20 /* virtio crypto */
#endif /* _LINUX_VIRTIO_IDS_H */
--
1.7.12.4
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [Qemu-devel] [PATCH v5 06/14] virtio-crypto-pci: add virtio crypto pci support
2016-10-06 11:36 [Qemu-devel] [PATCH v5 00/14] virtio-crypto: introduce framework and device emulation Gonglei
` (4 preceding siblings ...)
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 05/14] virtio-crypto: add virtio crypto device emulation Gonglei
@ 2016-10-06 11:36 ` Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 07/14] virtio-crypto: set capacity of algorithms supported Gonglei
` (7 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Gonglei @ 2016-10-06 11:36 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, Gonglei
This patch adds virtio-crypto-pci, which is the pci proxy for the virtio
crypto device.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
hw/virtio/Makefile.objs | 1 +
hw/virtio/virtio-crypto-pci.c | 77 +++++++++++++++++++++++++++++++++++++++++++
hw/virtio/virtio-pci.h | 15 +++++++++
3 files changed, 93 insertions(+)
create mode 100644 hw/virtio/virtio-crypto-pci.c
diff --git a/hw/virtio/Makefile.objs b/hw/virtio/Makefile.objs
index 968f392..95c4c30 100644
--- a/hw/virtio/Makefile.objs
+++ b/hw/virtio/Makefile.objs
@@ -8,3 +8,4 @@ obj-$(CONFIG_LINUX) += vhost.o vhost-backend.o vhost-user.o
obj-$(CONFIG_VHOST_VSOCK) += vhost-vsock.o
obj-y += virtio-crypto.o
+obj-$(CONFIG_VIRTIO_PCI) += virtio-crypto-pci.o
diff --git a/hw/virtio/virtio-crypto-pci.c b/hw/virtio/virtio-crypto-pci.c
new file mode 100644
index 0000000..21d9984
--- /dev/null
+++ b/hw/virtio/virtio-crypto-pci.c
@@ -0,0 +1,77 @@
+/*
+ * Virtio crypto device
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * (at your option) any later version. See the COPYING file in the
+ * top-level directory.
+ *
+ */
+#include "qemu/osdep.h"
+#include "hw/pci/pci.h"
+#include "hw/virtio/virtio.h"
+#include "hw/virtio/virtio-bus.h"
+#include "hw/virtio/virtio-pci.h"
+#include "hw/virtio/virtio-crypto.h"
+#include "qapi/error.h"
+
+static Property virtio_crypto_pci_properties[] = {
+ DEFINE_PROP_BIT("ioeventfd", VirtIOPCIProxy, flags,
+ VIRTIO_PCI_FLAG_USE_IOEVENTFD_BIT, true),
+ DEFINE_PROP_UINT32("vectors", VirtIOPCIProxy, nvectors, 2),
+ DEFINE_PROP_END_OF_LIST(),
+};
+
+static void virtio_crypto_pci_realize(VirtIOPCIProxy *vpci_dev, Error **errp)
+{
+ VirtIOCryptoPCI *vcrypto = VIRTIO_CRYPTO_PCI(vpci_dev);
+ DeviceState *vdev = DEVICE(&vcrypto->vdev);
+
+ qdev_set_parent_bus(vdev, BUS(&vpci_dev->bus));
+ virtio_pci_force_virtio_1(vpci_dev);
+ object_property_set_bool(OBJECT(vdev), true, "realized", errp);
+ object_property_set_link(OBJECT(vcrypto),
+ OBJECT(vcrypto->vdev.conf.cryptodev), "cryptodev",
+ NULL);
+}
+
+static void virtio_crypto_pci_class_init(ObjectClass *klass, void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(klass);
+ VirtioPCIClass *k = VIRTIO_PCI_CLASS(klass);
+ PCIDeviceClass *pcidev_k = PCI_DEVICE_CLASS(klass);
+
+ k->realize = virtio_crypto_pci_realize;
+ set_bit(DEVICE_CATEGORY_MISC, dc->categories);
+ dc->props = virtio_crypto_pci_properties;
+
+ pcidev_k->class_id = PCI_CLASS_OTHERS;
+}
+
+static void virtio_crypto_initfn(Object *obj)
+{
+ VirtIOCryptoPCI *dev = VIRTIO_CRYPTO_PCI(obj);
+
+ virtio_instance_init_common(obj, &dev->vdev, sizeof(dev->vdev),
+ TYPE_VIRTIO_CRYPTO);
+ object_property_add_alias(obj, "cryptodev", OBJECT(&dev->vdev),
+ "cryptodev", &error_abort);
+}
+
+static const TypeInfo virtio_crypto_pci_info = {
+ .name = TYPE_VIRTIO_CRYPTO_PCI,
+ .parent = TYPE_VIRTIO_PCI,
+ .instance_size = sizeof(VirtIOCryptoPCI),
+ .instance_init = virtio_crypto_initfn,
+ .class_init = virtio_crypto_pci_class_init,
+};
+
+static void virtio_crypto_pci_register_types(void)
+{
+ type_register_static(&virtio_crypto_pci_info);
+}
+type_init(virtio_crypto_pci_register_types)
diff --git a/hw/virtio/virtio-pci.h b/hw/virtio/virtio-pci.h
index 541cbdb..c493692 100644
--- a/hw/virtio/virtio-pci.h
+++ b/hw/virtio/virtio-pci.h
@@ -25,6 +25,8 @@
#include "hw/virtio/virtio-bus.h"
#include "hw/virtio/virtio-input.h"
#include "hw/virtio/virtio-gpu.h"
+#include "hw/virtio/virtio-crypto.h"
+
#ifdef CONFIG_VIRTFS
#include "hw/9pfs/virtio-9p.h"
#endif
@@ -48,6 +50,7 @@ typedef struct VirtIOInputHIDPCI VirtIOInputHIDPCI;
typedef struct VirtIOInputHostPCI VirtIOInputHostPCI;
typedef struct VirtIOGPUPCI VirtIOGPUPCI;
typedef struct VHostVSockPCI VHostVSockPCI;
+typedef struct VirtIOCryptoPCI VirtIOCryptoPCI;
/* virtio-pci-bus */
@@ -352,6 +355,18 @@ struct VHostVSockPCI {
};
#endif
+/*
+ * virtio-crypto-pci: This extends VirtioPCIProxy.
+ */
+#define TYPE_VIRTIO_CRYPTO_PCI "virtio-crypto-pci"
+#define VIRTIO_CRYPTO_PCI(obj) \
+ OBJECT_CHECK(VirtIOCryptoPCI, (obj), TYPE_VIRTIO_CRYPTO_PCI)
+
+struct VirtIOCryptoPCI {
+ VirtIOPCIProxy parent_obj;
+ VirtIOCrypto vdev;
+};
+
/* Virtio ABI version, if we increment this, we break the guest driver. */
#define VIRTIO_PCI_ABI_VERSION 0
--
1.7.12.4
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [Qemu-devel] [PATCH v5 07/14] virtio-crypto: set capacity of algorithms supported
2016-10-06 11:36 [Qemu-devel] [PATCH v5 00/14] virtio-crypto: introduce framework and device emulation Gonglei
` (5 preceding siblings ...)
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 06/14] virtio-crypto-pci: add virtio crypto pci support Gonglei
@ 2016-10-06 11:36 ` Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 08/14] virtio-crypto: add control queue handler Gonglei
` (6 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Gonglei @ 2016-10-06 11:36 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, Gonglei
Expose the capacity of algorithms supported by
virtio crypto device to the frontend driver using
pci configuration space.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
hw/virtio/virtio-crypto.c | 40 ++++++++++++++++++++++++++++++++++++++-
include/hw/virtio/virtio-crypto.h | 14 ++++++++++++++
2 files changed, 53 insertions(+), 1 deletion(-)
diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
index 82d93b3..a23a25a 100644
--- a/hw/virtio/virtio-crypto.c
+++ b/hw/virtio/virtio-crypto.c
@@ -62,6 +62,22 @@ static void virtio_crypto_reset(VirtIODevice *vdev)
}
}
+static void virtio_crypto_init_config(VirtIODevice *vdev)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(vdev);
+
+ vcrypto->conf.crypto_services =
+ vcrypto->conf.cryptodev->conf.crypto_services;
+ vcrypto->conf.cipher_algo_l =
+ vcrypto->conf.cryptodev->conf.cipher_algo_l;
+ vcrypto->conf.cipher_algo_h =
+ vcrypto->conf.cryptodev->conf.cipher_algo_h;
+ vcrypto->conf.hash_algo = vcrypto->conf.cryptodev->conf.hash_algo;
+ vcrypto->conf.mac_algo_l = vcrypto->conf.cryptodev->conf.mac_algo_l;
+ vcrypto->conf.mac_algo_h = vcrypto->conf.cryptodev->conf.mac_algo_h;
+ vcrypto->conf.aead_algo = vcrypto->conf.cryptodev->conf.aead_algo;
+}
+
static void virtio_crypto_device_realize(DeviceState *dev, Error **errp)
{
VirtIODevice *vdev = VIRTIO_DEVICE(dev);
@@ -95,6 +111,8 @@ static void virtio_crypto_device_realize(DeviceState *dev, Error **errp)
} else {
vcrypto->status |= VIRTIO_CRYPTO_S_HW_READY;
}
+
+ virtio_crypto_init_config(vdev);
}
static void virtio_crypto_device_unrealize(DeviceState *dev, Error **errp)
@@ -116,7 +134,27 @@ static Property virtio_crypto_properties[] = {
static void virtio_crypto_get_config(VirtIODevice *vdev, uint8_t *config)
{
-
+ VirtIOCrypto *c = VIRTIO_CRYPTO(vdev);
+ struct virtio_crypto_config crypto_cfg;
+
+ virtio_stl_p(vdev, &crypto_cfg.status, c->status);
+ virtio_stl_p(vdev, &crypto_cfg.max_dataqueues, c->max_queues);
+ virtio_stl_p(vdev, &crypto_cfg.crypto_services,
+ c->conf.crypto_services);
+ virtio_stl_p(vdev, &crypto_cfg.cipher_algo_l,
+ c->conf.cipher_algo_l);
+ virtio_stl_p(vdev, &crypto_cfg.cipher_algo_h,
+ c->conf.cipher_algo_h);
+ virtio_stl_p(vdev, &crypto_cfg.hash_algo,
+ c->conf.hash_algo);
+ virtio_stl_p(vdev, &crypto_cfg.mac_algo_l,
+ c->conf.mac_algo_l);
+ virtio_stl_p(vdev, &crypto_cfg.mac_algo_h,
+ c->conf.mac_algo_h);
+ virtio_stl_p(vdev, &crypto_cfg.aead_algo,
+ c->conf.aead_algo);
+
+ memcpy(config, &crypto_cfg, c->config_size);
}
static void virtio_crypto_class_init(ObjectClass *klass, void *data)
diff --git a/include/hw/virtio/virtio-crypto.h b/include/hw/virtio/virtio-crypto.h
index 1c72234..ebf7232 100644
--- a/include/hw/virtio/virtio-crypto.h
+++ b/include/hw/virtio/virtio-crypto.h
@@ -39,6 +39,20 @@ do { \
typedef struct VirtIOCryptoConf {
QCryptoCryptoDevBackend *cryptodev;
+
+ /* Supported service mask */
+ uint32_t crypto_services;
+
+ /* Detailed algorithms mask */
+ uint32_t cipher_algo_l;
+ uint32_t cipher_algo_h;
+ uint32_t hash_algo;
+ uint32_t mac_algo_l;
+ uint32_t mac_algo_h;
+ uint32_t asym_algo;
+ uint32_t kdf_algo;
+ uint32_t aead_algo;
+ uint32_t primitive_algo;
} VirtIOCryptoConf;
struct VirtIOCrypto;
--
1.7.12.4
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [Qemu-devel] [PATCH v5 08/14] virtio-crypto: add control queue handler
2016-10-06 11:36 [Qemu-devel] [PATCH v5 00/14] virtio-crypto: introduce framework and device emulation Gonglei
` (6 preceding siblings ...)
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 07/14] virtio-crypto: set capacity of algorithms supported Gonglei
@ 2016-10-06 11:36 ` Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 09/14] virtio-crypto: add data queue processing handler Gonglei
` (5 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Gonglei @ 2016-10-06 11:36 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, Gonglei
Realize the symmetric algorithm control queue handler,
including plain cipher and chainning algorithms.
Currently the control queue is used to create and
close session for symmetric algorithm.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
hw/virtio/virtio-crypto.c | 277 +++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 276 insertions(+), 1 deletion(-)
diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
index a23a25a..1c12678 100644
--- a/hw/virtio/virtio-crypto.c
+++ b/hw/virtio/virtio-crypto.c
@@ -23,6 +23,281 @@
#define VIRTIO_CRYPTO_VM_VERSION 1
+/*
+ * Transfer virtqueue index to crypto queue index.
+ * The control virtqueue is after the data virtqueues
+ * so the input value doesn't need to be adjusted
+ */
+static inline int virtio_crypto_vq2q(int queue_index)
+{
+ return queue_index;
+}
+
+static int
+virtio_crypto_cipher_session_helper(VirtIODevice *vdev,
+ QCryptoCryptoDevBackendSymSessionInfo *info,
+ struct virtio_crypto_cipher_session_para *cipher_para,
+ struct iovec *iov, unsigned int *out_num)
+{
+ unsigned int num = *out_num;
+
+ info->cipher_alg = virtio_ldl_p(vdev, &cipher_para->algo);
+ info->key_len = virtio_ldl_p(vdev, &cipher_para->keylen);
+ info->direction = virtio_ldl_p(vdev, &cipher_para->op);
+ DPRINTF("cipher_alg=%" PRIu32 ", info->direction=%" PRIu32 "\n",
+ info->cipher_alg, info->direction);
+ /* Get cipher key */
+ if (info->key_len > 0) {
+ size_t s;
+ DPRINTF("keylen=%" PRIu32 "\n", info->key_len);
+
+ info->cipher_key = g_malloc(info->key_len);
+ s = iov_to_buf(iov, num, 0, info->cipher_key, info->key_len);
+ if (unlikely(s != info->key_len)) {
+ virtio_error(vdev, "virtio-crypto cipher key incorrect");
+ return -1;
+ }
+ iov_discard_front(&iov, &num, info->key_len);
+ *out_num = num;
+ }
+
+ return 0;
+}
+
+static int64_t
+virtio_crypto_create_sym_session(VirtIOCrypto *vcrypto,
+ struct virtio_crypto_sym_create_session_req *sess_req,
+ uint32_t queue_id,
+ uint32_t opcode,
+ struct iovec *iov, unsigned int out_num)
+{
+ VirtIODevice *vdev = VIRTIO_DEVICE(vcrypto);
+ QCryptoCryptoDevBackendSymSessionInfo info;
+ int64_t session_id;
+ int queue_index;
+ uint32_t op_type;
+ Error *local_err = NULL;
+ int ret;
+
+ memset(&info, 0, sizeof(info));
+ op_type = virtio_ldl_p(vdev, &sess_req->op_type);
+ info.op_type = op_type;
+ info.op_code = opcode;
+
+ if (op_type == VIRTIO_CRYPTO_SYM_OP_CIPHER) {
+ ret = virtio_crypto_cipher_session_helper(vdev, &info,
+ &sess_req->u.cipher.para,
+ iov, &out_num);
+ if (ret < 0) {
+ return -1;
+ }
+ } else if (op_type == VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING) {
+ size_t s;
+ /* cipher part */
+ ret = virtio_crypto_cipher_session_helper(vdev, &info,
+ &sess_req->u.chain.para.cipher_param,
+ iov, &out_num);
+ if (ret < 0) {
+ return -1;
+ }
+ /* hash part */
+ info.alg_chain_order = virtio_ldl_p(vdev,
+ &sess_req->u.chain.para.alg_chain_order);
+ info.add_len = virtio_ldl_p(vdev, &sess_req->u.chain.para.aad_len);
+ info.hash_mode = virtio_ldl_p(vdev, &sess_req->u.chain.para.hash_mode);
+ if (info.hash_mode == VIRTIO_CRYPTO_SYM_HASH_MODE_AUTH) {
+ info.hash_alg = virtio_ldl_p(vdev,
+ &sess_req->u.chain.para.u.mac_param.algo);
+ info.auth_key_len = virtio_ldl_p(vdev,
+ &sess_req->u.chain.para.u.mac_param.auth_key_len);
+ info.hash_result_len = virtio_ldl_p(vdev,
+ &sess_req->u.chain.para.u.mac_param.hash_result_len);
+ /* get auth key */
+ if (info.auth_key_len > 0) {
+ DPRINTF("auth_keylen=%" PRIu32 "\n", info.auth_key_len);
+ info.auth_key = g_malloc(info.auth_key_len);
+ s = iov_to_buf(iov, out_num, 0, info.auth_key,
+ info.auth_key_len);
+ if (unlikely(s != info.auth_key_len)) {
+ virtio_error(vdev,
+ "virtio-crypto authenticated key incorrect");
+ goto err;
+ }
+ iov_discard_front(&iov, &out_num, info.auth_key_len);
+ }
+ } else if (info.hash_mode == VIRTIO_CRYPTO_SYM_HASH_MODE_PLAIN) {
+ info.hash_alg = virtio_ldl_p(vdev,
+ &sess_req->u.chain.para.u.hash_param.algo);
+ info.hash_result_len = virtio_ldl_p(vdev,
+ &sess_req->u.chain.para.u.hash_param.hash_result_len);
+ } else {
+ /* VIRTIO_CRYPTO_SYM_HASH_MODE_NESTED */
+ virtio_error(vdev, "unsupported hash mode");
+ goto err;
+ }
+ } else {
+ /* VIRTIO_CRYPTO_SYM_OP_NONE */
+ virtio_error(vdev, "unsupported cipher type");
+ goto err;
+ }
+
+ queue_index = virtio_crypto_vq2q(queue_id);
+ session_id = qcrypto_cryptodev_backend_sym_create_session(
+ vcrypto->cryptodev,
+ &info, queue_index, &local_err);
+ if (session_id >= 0) {
+ DPRINTF("create session_id=%" PRIu64 " successfully\n",
+ session_id);
+
+ g_free(info.cipher_key);
+ g_free(info.auth_key);
+ return session_id;
+ } else {
+ if (local_err) {
+ error_report_err(local_err);
+ }
+ }
+
+err:
+ g_free(info.cipher_key);
+ g_free(info.auth_key);
+ return -1;
+}
+
+static uint32_t
+virtio_crypto_handle_close_session(VirtIOCrypto *vcrypto,
+ struct virtio_crypto_destroy_session_req *close_sess_req,
+ uint32_t queue_id)
+{
+ VirtIODevice *vdev = VIRTIO_DEVICE(vcrypto);
+ int ret;
+ uint64_t session_id;
+ uint32_t status;
+ Error *local_err = NULL;
+
+ session_id = virtio_ldq_p(vdev, &close_sess_req->session_id);
+ DPRINTF("close session, id=%" PRIu64 "\n", session_id);
+
+ ret = qcrypto_cryptodev_backend_sym_close_session(
+ vcrypto->cryptodev, session_id, queue_id, &local_err);
+ if (ret == 0) {
+ status = VIRTIO_CRYPTO_OK;
+ } else {
+ if (local_err) {
+ error_report_err(local_err);
+ } else {
+ error_report("destroy session failed");
+ }
+ status = VIRTIO_CRYPTO_ERR;
+ }
+
+ return status;
+}
+
+static void virtio_crypto_handle_ctrl(VirtIODevice *vdev, VirtQueue *vq)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(vdev);
+ struct virtio_crypto_op_ctrl_req ctrl;
+ VirtQueueElement *elem;
+ size_t in_len;
+ struct iovec *in_iov;
+ struct iovec *out_iov;
+ unsigned in_num;
+ unsigned out_num;
+ uint32_t queue_id;
+ uint32_t opcode;
+ struct virtio_crypto_session_input *input;
+ int64_t session_id;
+ uint32_t status;
+ size_t s;
+
+ for (;;) {
+ elem = virtqueue_pop(vq, sizeof(VirtQueueElement));
+ if (!elem) {
+ break;
+ }
+ if (elem->out_num < 1 || elem->in_num < 1) {
+ virtio_error(vdev, "virtio-crypto ctrl missing headers");
+ g_free(elem);
+ break;
+ }
+
+ out_num = elem->out_num;
+ out_iov = elem->out_sg;
+ in_num = elem->in_num;
+ in_iov = elem->in_sg;
+ if (unlikely(iov_to_buf(out_iov, out_num, 0, &ctrl, sizeof(ctrl))
+ != sizeof(ctrl))) {
+ virtio_error(vdev, "virtio-crypto request ctrl_hdr too short");
+ g_free(elem);
+ break;
+ }
+ iov_discard_front(&out_iov, &out_num, sizeof(ctrl));
+
+ opcode = virtio_ldl_p(vdev, &ctrl.header.opcode);
+ queue_id = virtio_ldl_p(vdev, &ctrl.header.queue_id);
+
+ switch (opcode) {
+ case VIRTIO_CRYPTO_CIPHER_CREATE_SESSION:
+ in_len = iov_size(in_iov, in_num);
+ input = (void *)in_iov[in_num - 1].iov_base
+ + in_iov[in_num - 1].iov_len
+ - sizeof(*input);
+ iov_discard_back(in_iov, &in_num, sizeof(*input));
+
+ session_id = virtio_crypto_create_sym_session(vcrypto,
+ &ctrl.u.sym_create_session,
+ queue_id, opcode,
+ out_iov, out_num);
+ if (session_id < 0) {
+ input->status = VIRTIO_CRYPTO_ERR;
+ } else {
+ input->session_id = session_id;
+ input->status = VIRTIO_CRYPTO_OK;
+ }
+
+ virtqueue_push(vq, elem, in_len);
+ virtio_notify(vdev, vq);
+ break;
+ case VIRTIO_CRYPTO_CIPHER_DESTROY_SESSION:
+ case VIRTIO_CRYPTO_HASH_DESTROY_SESSION:
+ case VIRTIO_CRYPTO_MAC_DESTROY_SESSION:
+ case VIRTIO_CRYPTO_AEAD_DESTROY_SESSION:
+ status = virtio_crypto_handle_close_session(vcrypto,
+ &ctrl.u.destroy_session, queue_id);
+
+ s = iov_from_buf(in_iov, in_num, 0, &status, sizeof(status));
+ if (unlikely(s != sizeof(status))) {
+ virtio_error(vdev, "virtio-crypto status incorrect");
+ break;
+ }
+ virtqueue_push(vq, elem, sizeof(status));
+ virtio_notify(vdev, vq);
+ break;
+ case VIRTIO_CRYPTO_HASH_CREATE_SESSION:
+ case VIRTIO_CRYPTO_MAC_CREATE_SESSION:
+ case VIRTIO_CRYPTO_AEAD_CREATE_SESSION:
+ in_len = iov_size(in_iov, in_num);
+ input = (void *)in_iov[in_num - 1].iov_base
+ + in_iov[in_num - 1].iov_len
+ - sizeof(*input);
+ error_report("virtio-crypto unsupported ctrl opcode: %d", opcode);
+
+ input->status = VIRTIO_CRYPTO_NOTSUPP;
+ virtqueue_push(vq, elem, in_len);
+ virtio_notify(vdev, vq);
+
+ break;
+ default:
+ virtio_error(vdev, "virtio-crypto unsupported ctrl opcode: %u",
+ opcode);
+ break;
+ } /* end switch case */
+
+ g_free(elem);
+ } /* end for loop */
+}
+
static uint64_t virtio_crypto_get_features(VirtIODevice *vdev,
uint64_t features,
Error **errp)
@@ -105,7 +380,7 @@ static void virtio_crypto_device_realize(DeviceState *dev, Error **errp)
virtio_add_queue(vdev, 1024, NULL);
}
- vcrypto->ctrl_vq = virtio_add_queue(vdev, 64, NULL);
+ vcrypto->ctrl_vq = virtio_add_queue(vdev, 64, virtio_crypto_handle_ctrl);
if (!vcrypto->cryptodev->ready) {
vcrypto->status &= ~VIRTIO_CRYPTO_S_HW_READY;
} else {
--
1.7.12.4
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [Qemu-devel] [PATCH v5 09/14] virtio-crypto: add data queue processing handler
2016-10-06 11:36 [Qemu-devel] [PATCH v5 00/14] virtio-crypto: introduce framework and device emulation Gonglei
` (7 preceding siblings ...)
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 08/14] virtio-crypto: add control queue handler Gonglei
@ 2016-10-06 11:36 ` Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 10/14] cryptodev: introduce an unified wrapper for crypto operation Gonglei
` (4 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Gonglei @ 2016-10-06 11:36 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, Gonglei
Introduces VirtIOCryptoReq structure to store
crypto request so that we can support sync and async
crypto operation in the future.
At present, we only support cipher and algorithm
chainning.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
hw/virtio/virtio-crypto.c | 326 +++++++++++++++++++++++++++++++++++++-
include/hw/virtio/virtio-crypto.h | 11 +-
2 files changed, 334 insertions(+), 3 deletions(-)
diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
index 1c12678..de67e05 100644
--- a/hw/virtio/virtio-crypto.c
+++ b/hw/virtio/virtio-crypto.c
@@ -298,6 +298,330 @@ static void virtio_crypto_handle_ctrl(VirtIODevice *vdev, VirtQueue *vq)
} /* end for loop */
}
+static void virtio_crypto_init_request(VirtIOCrypto *vcrypto, VirtQueue *vq,
+ VirtIOCryptoReq *req)
+{
+ req->vcrypto = vcrypto;
+ req->vq = vq;
+ req->in = NULL;
+}
+
+static void virtio_crypto_free_request(VirtIOCryptoReq *req)
+{
+ if (req) {
+ if (req->flags == QCRYPTO_CRYPTODEV_BACKEND_ALG_SYM) {
+ g_free(req->u.sym_op_info);
+ }
+ g_free(req);
+ }
+}
+
+static void
+virtio_crypto_sym_input_data_helper(VirtIODevice *vdev,
+ VirtIOCryptoReq *req,
+ uint32_t status,
+ QCryptoCryptoDevBackendSymOpInfo *sym_op_info)
+{
+ size_t s, len;
+
+ if (status != VIRTIO_CRYPTO_OK) {
+ return;
+ }
+
+ len = sym_op_info->dst_len;
+ /* Save the cipher result */
+ s = iov_from_buf(req->in_iov, req->in_num, 0, sym_op_info->dst, len);
+ if (s != len) {
+ virtio_error(vdev, "virtio-crypto dest data incorrect");
+ return;
+ }
+
+ iov_discard_front(&req->in_iov, &req->in_num, len);
+
+ if (sym_op_info->op_type ==
+ VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING) {
+ /* Save the digest result */
+ s = iov_from_buf(req->in_iov, req->in_num, 0,
+ sym_op_info->digest_result,
+ sym_op_info->digest_result_len);
+ if (s != len) {
+ virtio_error(vdev, "virtio-crypto digest result incorrect");
+ }
+ }
+}
+
+static void virtio_crypto_req_complete(VirtIOCryptoReq *req, uint32_t status)
+{
+ VirtIOCrypto *vcrypto = req->vcrypto;
+ VirtIODevice *vdev = VIRTIO_DEVICE(vcrypto);
+
+ if (req->flags == QCRYPTO_CRYPTODEV_BACKEND_ALG_SYM) {
+ virtio_crypto_sym_input_data_helper(vdev, req, status,
+ req->u.sym_op_info);
+ }
+ stl_he_p(&req->in->status, status);
+ virtqueue_push(req->vq, &req->elem, req->in_len);
+ virtio_notify(vdev, req->vq);
+}
+
+static VirtIOCryptoReq *
+virtio_crypto_get_request(VirtIOCrypto *s, VirtQueue *vq)
+{
+ VirtIOCryptoReq *req = virtqueue_pop(vq, sizeof(VirtIOCryptoReq));
+
+ if (req) {
+ virtio_crypto_init_request(s, vq, req);
+ }
+ return req;
+}
+
+static QCryptoCryptoDevBackendSymOpInfo *
+virtio_crypto_sym_op_helper(VirtIODevice *vdev,
+ struct virtio_crypto_cipher_para *para,
+ uint32_t aad_len,
+ struct iovec *iov, unsigned int out_num,
+ uint32_t hash_result_len,
+ uint32_t hash_start_src_offset)
+{
+ QCryptoCryptoDevBackendSymOpInfo *op_info;
+ uint32_t src_len, dst_len;
+ uint32_t iv_len;
+ size_t max_len, curr_size = 0;
+ size_t s;
+
+ iv_len = virtio_ldl_p(vdev, ¶->iv_len);
+ src_len = virtio_ldl_p(vdev, ¶->src_data_len);
+ dst_len = virtio_ldl_p(vdev, ¶->dst_data_len);
+
+ max_len = iv_len + aad_len + src_len + dst_len + hash_result_len;
+ op_info = g_malloc0(sizeof(QCryptoCryptoDevBackendSymOpInfo) + max_len);
+ op_info->iv_len = iv_len;
+ op_info->src_len = src_len;
+ op_info->dst_len = dst_len;
+ op_info->aad_len = aad_len;
+ op_info->digest_result_len = hash_result_len;
+ op_info->hash_start_src_offset = hash_start_src_offset;
+ /* Handle the initilization vector */
+ if (op_info->iv_len > 0) {
+ DPRINTF("iv_len=%" PRIu32 "\n", op_info->iv_len);
+ op_info->iv = op_info->data + curr_size;
+
+ s = iov_to_buf(iov, out_num, 0, op_info->iv, op_info->iv_len);
+ if (unlikely(s != op_info->iv_len)) {
+ virtio_error(vdev, "virtio-crypto iv incorrect");
+ goto err;
+ }
+ iov_discard_front(&iov, &out_num, op_info->iv_len);
+ curr_size += op_info->iv_len;
+ }
+
+ /* Handle additional authentication data if exist */
+ if (op_info->aad_len > 0) {
+ DPRINTF("aad_len=%" PRIu32 "\n", op_info->aad_len);
+ op_info->aad_data = op_info->data + curr_size;
+
+ s = iov_to_buf(iov, out_num, 0, op_info->aad_data, op_info->aad_len);
+ if (unlikely(s != op_info->aad_len)) {
+ virtio_error(vdev, "virtio-crypto additional auth data incorrect");
+ goto err;
+ }
+ iov_discard_front(&iov, &out_num, op_info->aad_len);
+
+ curr_size += op_info->aad_len;
+ }
+
+ /* Handle the source data */
+ if (op_info->src_len > 0) {
+ DPRINTF("src_len=%" PRIu32 "\n", op_info->src_len);
+ op_info->src = op_info->data + curr_size;
+
+ s = iov_to_buf(iov, out_num, 0, op_info->src, op_info->src_len);
+ if (unlikely(s != op_info->src_len)) {
+ virtio_error(vdev, "virtio-crypto source data incorrect");
+ goto err;
+ }
+ iov_discard_front(&iov, &out_num, op_info->src_len);
+
+ curr_size += op_info->src_len;
+ }
+
+ /* Handle the destination data */
+ op_info->dst = op_info->data + curr_size;
+ curr_size += op_info->dst_len;
+
+ DPRINTF("dst_len=%" PRIu32 "\n", op_info->dst_len);
+
+ /* Handle the hash digest result */
+ if (hash_result_len > 0) {
+ DPRINTF("hash_result_len=%" PRIu32 "\n", hash_result_len);
+ op_info->digest_result = op_info->data + curr_size;
+ }
+
+ return op_info;
+
+err:
+ g_free(op_info);
+ return NULL;
+}
+
+static int
+virtio_crypto_handle_sym_req(VirtIOCrypto *vcrypto,
+ struct virtio_crypto_sym_data_req *req,
+ QCryptoCryptoDevBackendSymOpInfo **sym_op_info,
+ struct iovec *iov, unsigned int out_num)
+{
+ VirtIODevice *vdev = VIRTIO_DEVICE(vcrypto);
+ uint32_t op_type;
+ QCryptoCryptoDevBackendSymOpInfo *op_info;
+
+ op_type = virtio_ldl_p(vdev, &req->op_type);
+
+ if (op_type == VIRTIO_CRYPTO_SYM_OP_CIPHER) {
+ op_info = virtio_crypto_sym_op_helper(vdev, &req->u.cipher.para,
+ 0, iov, out_num, 0, 0);
+ if (!op_info) {
+ return -1;
+ }
+ op_info->op_type = op_type;
+ } else if (op_type == VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING) {
+ uint32_t aad_len, hash_result_len;
+ uint32_t hash_start_src_offset;
+
+ aad_len = virtio_ldl_p(vdev, &req->u.chain.para.aad_len);
+ hash_result_len = virtio_ldl_p(vdev,
+ &req->u.chain.para.hash_result_len);
+ hash_start_src_offset = virtio_ldl_p(vdev,
+ &req->u.chain.para.hash_start_src_offset);
+ /* cipher part */
+ op_info = virtio_crypto_sym_op_helper(vdev, &req->u.chain.para.cipher,
+ aad_len, iov, out_num,
+ hash_result_len,
+ hash_start_src_offset);
+ if (!op_info) {
+ return -1;
+ }
+ op_info->op_type = op_type;
+ } else {
+ /* VIRTIO_CRYPTO_SYM_OP_NONE */
+ error_report("unsupported cipher type");
+ return -1;
+ }
+
+ *sym_op_info = op_info;
+
+ return 0;
+}
+
+static int
+virtio_crypto_handle_request(VirtIOCryptoReq *request)
+{
+ VirtIOCrypto *vcrypto = request->vcrypto;
+ VirtIODevice *vdev = VIRTIO_DEVICE(vcrypto);
+ VirtQueueElement *elem = &request->elem;
+ int queue_index = virtio_crypto_vq2q(virtio_get_queue_index(request->vq));
+ struct virtio_crypto_op_data_req req;
+ int ret;
+ struct iovec *in_iov;
+ struct iovec *out_iov;
+ unsigned in_num;
+ unsigned out_num;
+ uint32_t opcode, status = VIRTIO_CRYPTO_ERR;
+ uint64_t session_id;
+ QCryptoCryptoDevBackendSymOpInfo *sym_op_info = NULL;
+ Error *local_err = NULL;
+
+ if (elem->out_num < 1 || elem->in_num < 1) {
+ virtio_error(vdev, "virtio-crypto dataq missing headers");
+ return -1;
+ }
+
+ out_num = elem->out_num;
+ out_iov = elem->out_sg;
+ in_num = elem->in_num;
+ in_iov = elem->in_sg;
+ if (unlikely(iov_to_buf(out_iov, out_num, 0, &req, sizeof(req))
+ != sizeof(req))) {
+ virtio_error(vdev, "virtio-crypto request outhdr too short");
+ return -1;
+ }
+ iov_discard_front(&out_iov, &out_num, sizeof(req));
+
+ if (in_iov[in_num - 1].iov_len <
+ sizeof(struct virtio_crypto_inhdr)) {
+ virtio_error(vdev, "virtio-crypto request inhdr too short");
+ return -1;
+ }
+
+ request->in_len = iov_size(in_iov, in_num);
+ request->in = (void *)in_iov[in_num - 1].iov_base
+ + in_iov[in_num - 1].iov_len
+ - sizeof(struct virtio_crypto_inhdr);
+ iov_discard_back(in_iov, &in_num, sizeof(struct virtio_crypto_inhdr));
+
+ /*
+ * The length of operation result, including dest_data
+ * and digest_result if exist.
+ */
+ request->in_num = in_num;
+ request->in_iov = in_iov;
+
+ opcode = virtio_ldl_p(vdev, &req.header.opcode);
+ session_id = virtio_ldq_p(vdev, &req.header.session_id);
+
+ switch (opcode) {
+ case VIRTIO_CRYPTO_CIPHER_ENCRYPT:
+ case VIRTIO_CRYPTO_CIPHER_DECRYPT:
+ ret = virtio_crypto_handle_sym_req(vcrypto,
+ &req.u.sym_req,
+ &sym_op_info,
+ out_iov, out_num);
+ if (ret < 0) {
+ return -1;
+ }
+ sym_op_info->session_id = session_id;
+
+ /* Set request's parameter */
+ request->flags = QCRYPTO_CRYPTODEV_BACKEND_ALG_SYM;
+ request->u.sym_op_info = sym_op_info;
+ ret = qcrypto_cryptodev_backend_sym_operation(vcrypto->cryptodev,
+ sym_op_info, queue_index, &local_err);
+ if (ret < 0) {
+ status = VIRTIO_CRYPTO_ERR;
+ if (local_err) {
+ error_report_err(local_err);
+ }
+ } else { /* ret >= 0 */
+ status = VIRTIO_CRYPTO_OK;
+ }
+ virtio_crypto_req_complete(request, status);
+ virtio_crypto_free_request(request);
+ break;
+ case VIRTIO_CRYPTO_HASH:
+ case VIRTIO_CRYPTO_MAC:
+ case VIRTIO_CRYPTO_AEAD_ENCRYPT:
+ case VIRTIO_CRYPTO_AEAD_DECRYPT:
+ default:
+ virtio_error(vdev, "virtio-crypto unsupported dataq opcode: %u",
+ opcode);
+ return -1;
+ }
+
+ return 0;
+}
+
+static void virtio_crypto_handle_dataq(VirtIODevice *vdev, VirtQueue *vq)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(vdev);
+ VirtIOCryptoReq *req;
+
+ while ((req = virtio_crypto_get_request(vcrypto, vq))) {
+ if (virtio_crypto_handle_request(req) < 0) {
+ virtio_crypto_free_request(req);
+ break;
+ }
+ }
+}
+
static uint64_t virtio_crypto_get_features(VirtIODevice *vdev,
uint64_t features,
Error **errp)
@@ -377,7 +701,7 @@ static void virtio_crypto_device_realize(DeviceState *dev, Error **errp)
vcrypto->curr_queues = 1;
for (i = 0; i < vcrypto->max_queues; i++) {
- virtio_add_queue(vdev, 1024, NULL);
+ virtio_add_queue(vdev, 1024, virtio_crypto_handle_dataq);
}
vcrypto->ctrl_vq = virtio_add_queue(vdev, 64, virtio_crypto_handle_ctrl);
diff --git a/include/hw/virtio/virtio-crypto.h b/include/hw/virtio/virtio-crypto.h
index ebf7232..c46e9a9 100644
--- a/include/hw/virtio/virtio-crypto.h
+++ b/include/hw/virtio/virtio-crypto.h
@@ -36,6 +36,11 @@ do { \
#define VIRTIO_CRYPTO_GET_PARENT_CLASS(obj) \
OBJECT_GET_PARENT_CLASS(obj, TYPE_VIRTIO_CRYPTO)
+/* This is the last element of the write scatter-gather list */
+struct virtio_crypto_inhdr
+{
+ uint32_t status;
+};
typedef struct VirtIOCryptoConf {
QCryptoCryptoDevBackend *cryptodev;
@@ -61,8 +66,10 @@ typedef struct VirtIOCryptoReq {
VirtQueueElement elem;
/* flags of operation, such as type of algorithm */
uint32_t flags;
- /* address of in data (Device to Driver) */
- void *idata_hva;
+ struct virtio_crypto_inhdr *in;
+ struct iovec *in_iov; /* Head address of dest iovec */
+ unsigned int in_num; /* Number of dest iovec */
+ size_t in_len;
VirtQueue *vq;
struct VirtIOCrypto *vcrypto;
union {
--
1.7.12.4
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [Qemu-devel] [PATCH v5 10/14] cryptodev: introduce an unified wrapper for crypto operation
2016-10-06 11:36 [Qemu-devel] [PATCH v5 00/14] virtio-crypto: introduce framework and device emulation Gonglei
` (8 preceding siblings ...)
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 09/14] virtio-crypto: add data queue processing handler Gonglei
@ 2016-10-06 11:36 ` Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 11/14] virtio-crypto: emulate virtio crypto as a legacy device by default Gonglei
` (3 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Gonglei @ 2016-10-06 11:36 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, Gonglei
We use an opaque point to the VirtIOCryptoReq which
can support different packets based on different
algorithms.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
backends/cryptodev-builtin.c | 2 +-
backends/cryptodev.c | 28 ++++++++++++++++++++++++++--
hw/virtio/virtio-crypto.c | 10 +++++-----
include/sysemu/cryptodev.h | 13 +++++++------
4 files changed, 39 insertions(+), 14 deletions(-)
diff --git a/backends/cryptodev-builtin.c b/backends/cryptodev-builtin.c
index 1592208..8b57e49 100644
--- a/backends/cryptodev-builtin.c
+++ b/backends/cryptodev-builtin.c
@@ -286,7 +286,7 @@ static int cryptodev_builtin_sym_operation(
return -VIRTIO_CRYPTO_ERR;
}
}
- return 0;
+ return VIRTIO_CRYPTO_OK;
}
static void cryptodev_builtin_cleanup(
diff --git a/backends/cryptodev.c b/backends/cryptodev.c
index e4c066a..744f12c 100644
--- a/backends/cryptodev.c
+++ b/backends/cryptodev.c
@@ -30,6 +30,8 @@
#include "qapi-visit.h"
#include "qemu/config-file.h"
#include "qom/object_interfaces.h"
+#include "hw/virtio/virtio-crypto.h"
+
static QTAILQ_HEAD(, QCryptoCryptoDevBackendClientState) crypto_clients;
@@ -105,7 +107,7 @@ int qcrypto_cryptodev_backend_sym_close_session(
return -1;
}
-int qcrypto_cryptodev_backend_sym_operation(
+static int qcrypto_cryptodev_backend_sym_operation(
QCryptoCryptoDevBackend *backend,
QCryptoCryptoDevBackendSymOpInfo *op_info,
uint32_t queue_index, Error **errp)
@@ -117,7 +119,29 @@ int qcrypto_cryptodev_backend_sym_operation(
return bc->do_sym_op(backend, op_info, queue_index, errp);
}
- return -1;
+ return -VIRTIO_CRYPTO_ERR;
+}
+
+int qcrypto_cryptodev_backend_crypto_operation(
+ QCryptoCryptoDevBackend *backend,
+ void *opaque,
+ uint32_t queue_index, Error **errp)
+{
+ VirtIOCryptoReq *req = opaque;
+
+ if (req->flags == QCRYPTO_CRYPTODEV_BACKEND_ALG_SYM) {
+ QCryptoCryptoDevBackendSymOpInfo *op_info;
+ op_info = req->u.sym_op_info;
+
+ return qcrypto_cryptodev_backend_sym_operation(backend,
+ op_info, queue_index, errp);
+ } else {
+ error_setg(errp, "Unsupported cryptodev alg type: %" PRIu32 "",
+ req->flags);
+ return -VIRTIO_CRYPTO_NOTSUPP;
+ }
+
+ return -VIRTIO_CRYPTO_ERR;
}
static void
diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
index de67e05..53673f5 100644
--- a/hw/virtio/virtio-crypto.c
+++ b/hw/virtio/virtio-crypto.c
@@ -583,15 +583,15 @@ virtio_crypto_handle_request(VirtIOCryptoReq *request)
/* Set request's parameter */
request->flags = QCRYPTO_CRYPTODEV_BACKEND_ALG_SYM;
request->u.sym_op_info = sym_op_info;
- ret = qcrypto_cryptodev_backend_sym_operation(vcrypto->cryptodev,
- sym_op_info, queue_index, &local_err);
+ ret = qcrypto_cryptodev_backend_crypto_operation(vcrypto->cryptodev,
+ request, queue_index, &local_err);
if (ret < 0) {
- status = VIRTIO_CRYPTO_ERR;
+ status = -ret;
if (local_err) {
error_report_err(local_err);
}
- } else { /* ret >= 0 */
- status = VIRTIO_CRYPTO_OK;
+ } else { /* ret == VIRTIO_CRYPTO_OK */
+ status = ret;
}
virtio_crypto_req_complete(request, status);
virtio_crypto_free_request(request);
diff --git a/include/sysemu/cryptodev.h b/include/sysemu/cryptodev.h
index 70565b5..6ba0f14 100644
--- a/include/sysemu/cryptodev.h
+++ b/include/sysemu/cryptodev.h
@@ -264,20 +264,21 @@ int qcrypto_cryptodev_backend_sym_close_session(
uint32_t queue_index, Error **errp);
/**
- * qcrypto_cryptodev_backend_sym_operation:
+ * qcrypto_cryptodev_backend_crypto_operation:
* @backend: the cryptodev backend object
- * @op_info: parameters needed by symmetric crypto operation
+ * @opaque: pointer to a VirtIOCryptoReq object
* @queue_index: queue index of cryptodev backend client
* @errp: pointer to a NULL-initialized error object
*
- * Do symmetric crypto operation, such as encryption and
+ * Do crypto operation, such as encryption and
* decryption
*
- * Returns: 0 on success, or Negative on error
+ * Returns: VIRTIO_CRYPTO_OK on success,
+ * or -VIRTIO_CRYPTO_* on error
*/
-int qcrypto_cryptodev_backend_sym_operation(
+int qcrypto_cryptodev_backend_crypto_operation(
QCryptoCryptoDevBackend *backend,
- QCryptoCryptoDevBackendSymOpInfo *op_info,
+ void *opaque,
uint32_t queue_index, Error **errp);
#endif /* QCRYPTO_CRYPTODEV_H */
--
1.7.12.4
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [Qemu-devel] [PATCH v5 11/14] virtio-crypto: emulate virtio crypto as a legacy device by default
2016-10-06 11:36 [Qemu-devel] [PATCH v5 00/14] virtio-crypto: introduce framework and device emulation Gonglei
` (9 preceding siblings ...)
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 10/14] cryptodev: introduce an unified wrapper for crypto operation Gonglei
@ 2016-10-06 11:36 ` Gonglei
2016-10-09 23:48 ` Michael S. Tsirkin
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 12/14] virtio-crypto-test: add qtest case for virtio-crypto Gonglei
` (2 subsequent siblings)
13 siblings, 1 reply; 19+ messages in thread
From: Gonglei @ 2016-10-06 11:36 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, Gonglei
the scenario of virtio crypto device is mostly NFV, which require
the existing Guest can't need to do any changes to support virtio
crypto, so that they can easily migrate the existing network units
to VM. That's also a basic requirement came from our customers
in production environment.
For virtio crypto driver, we can both support virtio-1.0 or earlier. But
Virtio pci driver module can't discovery the virtio-1.0 devices in most
existing Guests. If we want do this, we have to require the customers
change the virtio pci module for existing guests influence all virtio
devices, which is impossible.
So, let's emulate the virtio crypto device as a legacy virtio
device by default. Using 0x1014 as virtio crypto pci device ID
because virtio crypto ID is 20 (0x14).
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
docs/specs/pci-ids.txt | 2 ++
hw/virtio/virtio-crypto-pci.c | 4 +++-
include/hw/pci/pci.h | 2 ++
3 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/docs/specs/pci-ids.txt b/docs/specs/pci-ids.txt
index fd27c67..662d4f8 100644
--- a/docs/specs/pci-ids.txt
+++ b/docs/specs/pci-ids.txt
@@ -22,6 +22,7 @@ maintained as part of the virtio specification.
1af4:1004 SCSI host bus adapter device (legacy)
1af4:1005 entropy generator device (legacy)
1af4:1009 9p filesystem device (legacy)
+1af4:1014 crypto device (legacy)
1af4:1041 network device (modern)
1af4:1042 block device (modern)
@@ -32,6 +33,7 @@ maintained as part of the virtio specification.
1af4:1049 9p filesystem device (modern)
1af4:1050 virtio gpu device (modern)
1af4:1052 virtio input device (modern)
+1af4:1054 crypto device (modern)
1af4:10f0 Available for experimental usage without registration. Must get
to official ID when the code leaves the test lab (i.e. when seeking
diff --git a/hw/virtio/virtio-crypto-pci.c b/hw/virtio/virtio-crypto-pci.c
index 21d9984..30c10f0 100644
--- a/hw/virtio/virtio-crypto-pci.c
+++ b/hw/virtio/virtio-crypto-pci.c
@@ -32,7 +32,6 @@ static void virtio_crypto_pci_realize(VirtIOPCIProxy *vpci_dev, Error **errp)
DeviceState *vdev = DEVICE(&vcrypto->vdev);
qdev_set_parent_bus(vdev, BUS(&vpci_dev->bus));
- virtio_pci_force_virtio_1(vpci_dev);
object_property_set_bool(OBJECT(vdev), true, "realized", errp);
object_property_set_link(OBJECT(vcrypto),
OBJECT(vcrypto->vdev.conf.cryptodev), "cryptodev",
@@ -49,6 +48,9 @@ static void virtio_crypto_pci_class_init(ObjectClass *klass, void *data)
set_bit(DEVICE_CATEGORY_MISC, dc->categories);
dc->props = virtio_crypto_pci_properties;
+ pcidev_k->vendor_id = PCI_VENDOR_ID_REDHAT_QUMRANET;
+ pcidev_k->device_id = PCI_DEVICE_ID_VIRTIO_CRYPTO;
+ pcidev_k->revision = 0;
pcidev_k->class_id = PCI_CLASS_OTHERS;
}
diff --git a/include/hw/pci/pci.h b/include/hw/pci/pci.h
index 772692f..5881101 100644
--- a/include/hw/pci/pci.h
+++ b/include/hw/pci/pci.h
@@ -83,6 +83,8 @@
#define PCI_DEVICE_ID_VIRTIO_RNG 0x1005
#define PCI_DEVICE_ID_VIRTIO_9P 0x1009
#define PCI_DEVICE_ID_VIRTIO_VSOCK 0x1012
+#define PCI_DEVICE_ID_VIRTIO_CRYPTO 0x1014
+
#define PCI_VENDOR_ID_REDHAT 0x1b36
#define PCI_DEVICE_ID_REDHAT_BRIDGE 0x0001
--
1.7.12.4
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [Qemu-devel] [PATCH v5 12/14] virtio-crypto-test: add qtest case for virtio-crypto
2016-10-06 11:36 [Qemu-devel] [PATCH v5 00/14] virtio-crypto: introduce framework and device emulation Gonglei
` (10 preceding siblings ...)
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 11/14] virtio-crypto: emulate virtio crypto as a legacy device by default Gonglei
@ 2016-10-06 11:36 ` Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 13/14] virtio-crypto: add myself as virtio-crypto and cryptodev backends maintainer Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 14/14] cryptodev: rename cryptodev stuff Gonglei
13 siblings, 0 replies; 19+ messages in thread
From: Gonglei @ 2016-10-06 11:36 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, Gonglei
We can simply test the functions of virtio crypto
device, including session creation, session closing,
cipher encryption and decryption.
Quick usage:
# make tests/virtio-crypto-test && ./tests/virtio-crypto-test
CC tests/virtio-crypto-test.o
LINK tests/virtio-crypto-test
/x86_64/virtio/crypto/pci/basic: OK
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
tests/Makefile.include | 3 +
tests/virtio-crypto-test.c | 427 +++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 430 insertions(+)
create mode 100644 tests/virtio-crypto-test.c
diff --git a/tests/Makefile.include b/tests/Makefile.include
index 8162f6f..b1baa5c 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -152,6 +152,8 @@ check-qtest-virtio-y += tests/virtio-serial-test$(EXESUF)
gcov-files-virtio-y += i386-softmmu/hw/char/virtio-serial-bus.c
check-qtest-virtio-y += $(check-qtest-virtioserial-y)
gcov-files-virtio-y += $(gcov-files-virtioserial-y)
+check-qtest-virtio-y += tests/virtio-crypto-test$(EXESUF)
+gcov-files-virtio-y += i386-softmmu/hw/virtio/virtio-crypto.c
check-qtest-pci-y += tests/e1000-test$(EXESUF)
gcov-files-pci-y += hw/net/e1000.c
@@ -638,6 +640,7 @@ tests/virtio-scsi-test$(EXESUF): tests/virtio-scsi-test.o $(libqos-virtio-obj-y)
tests/virtio-9p-test$(EXESUF): tests/virtio-9p-test.o $(libqos-virtio-obj-y)
tests/virtio-serial-test$(EXESUF): tests/virtio-serial-test.o
tests/virtio-console-test$(EXESUF): tests/virtio-console-test.o
+tests/virtio-crypto-test$(EXESUF): tests/virtio-crypto-test.o $(libqos-virtio-obj-y)
tests/tpci200-test$(EXESUF): tests/tpci200-test.o
tests/display-vga-test$(EXESUF): tests/display-vga-test.o
tests/ipoctal232-test$(EXESUF): tests/ipoctal232-test.o
diff --git a/tests/virtio-crypto-test.c b/tests/virtio-crypto-test.c
new file mode 100644
index 0000000..858d56e
--- /dev/null
+++ b/tests/virtio-crypto-test.c
@@ -0,0 +1,427 @@
+/*
+ * QTest testcase for VirtIO Crypto Device
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include <stdlib.h>
+
+#include "qemu/osdep.h"
+#include "libqtest.h"
+#include "libqos/virtio.h"
+#include "libqos/virtio-pci.h"
+#include "libqos/virtio-mmio.h"
+#include "libqos/pci-pc.h"
+#include "libqos/malloc.h"
+#include "libqos/malloc-pc.h"
+#include "libqos/malloc-generic.h"
+#include "qemu/bswap.h"
+#include "standard-headers/linux/virtio_ids.h"
+#include "standard-headers/linux/virtio_config.h"
+#include "standard-headers/linux/virtio_ring.h"
+#include "standard-headers/linux/virtio_crypto.h"
+#include "standard-headers/linux/virtio_pci.h"
+
+#define QVIRTIO_CRYPTO_TIMEOUT_US (30 * 1000 * 1000)
+
+#define PCI_SLOT_HP 0x06
+#define PCI_SLOT 0x04
+#define PCI_FN 0x00
+
+/*
+ * VirtIOCryptoCipherTestData: structure to describe a cipher test
+ * @key: A pointer to a key used by the test
+ * @key_len: The length of @key
+ * @iv: A pointer to the IV/Counter used by the test
+ * @iv_len: The length of @iv
+ * @input: A pointer to data used as input
+ * @ilen The length of data in @input
+ * @output: A pointer to what the test need to produce
+ * @olen: The length of data in @output
+ * @algo: The type of algorithm, refer to VIRTIO_CRYPTO_CIPHER_AES_*
+ */
+typedef struct VirtIOCryptoCipherTestData {
+ unsigned short algo;
+ const char *key;
+ const char *iv;
+ const char *input;
+ const char *output;
+ unsigned char key_len;
+ unsigned char iv_len;
+ unsigned short ilen;
+ unsigned short olen;
+} VirtIOCryptoCipherTestData;
+
+
+static VirtIOCryptoCipherTestData cipher_test_data[] = {
+ { /* From RFC 3602 */
+ .algo = VIRTIO_CRYPTO_CIPHER_AES_CBC,
+ .key = "\x06\xa9\x21\x40\x36\xb8\xa1\x5b"
+ "\x51\x2e\x03\xd5\x34\x12\x00\x06",
+ .key_len = 16,
+ .iv = "\x3d\xaf\xba\x42\x9d\x9e\xb4\x30"
+ "\xb4\x22\xda\x80\x2c\x9f\xac\x41",
+ .iv_len = 16,
+ .input = "Single block msg",
+ .ilen = 16,
+ .output = "\xe3\x53\x77\x9c\x10\x79\xae\xb8"
+ "\x27\x08\x94\x2d\xbe\x77\x18\x1a",
+ .olen = 16,
+ },
+};
+
+static QPCIBus *virtio_crypto_test_start(void)
+{
+ char *cmdline;
+
+ cmdline = g_strdup_printf(
+ "-object cryptodev-backend-builtin,id=cryptodev0 "
+ "-device virtio-crypto-pci,id=crypto0,"
+ "cryptodev=cryptodev0");
+
+ qtest_start(cmdline);
+ g_free(cmdline);
+
+ return qpci_init_pc();
+}
+
+static void test_end(void)
+{
+ qtest_end();
+}
+
+static QVirtioPCIDevice *virtio_crypto_pci_init(QPCIBus *bus, int slot)
+{
+ QVirtioPCIDevice *dev;
+
+ dev = qvirtio_pci_device_find(bus, VIRTIO_ID_CRYPTO);
+ g_assert(dev != NULL);
+ g_assert_cmphex(dev->vdev.device_type, ==, VIRTIO_ID_CRYPTO);
+
+ qvirtio_pci_device_enable(dev);
+ qvirtio_reset(&qvirtio_pci, &dev->vdev);
+ qvirtio_set_acknowledge(&qvirtio_pci, &dev->vdev);
+ qvirtio_set_driver(&qvirtio_pci, &dev->vdev);
+
+ return dev;
+}
+
+static uint64_t
+virtio_crypto_ctrl_request(QGuestAllocator *alloc,
+ struct virtio_crypto_op_ctrl_req *req)
+{
+ uint64_t addr;
+
+ addr = guest_alloc(alloc, sizeof(*req));
+
+ memwrite(addr, req, sizeof(*req));
+
+ return addr;
+}
+
+static uint64_t
+virtio_crypto_data_request(QGuestAllocator *alloc,
+ struct virtio_crypto_op_data_req *req)
+{
+ uint64_t addr;
+
+ addr = guest_alloc(alloc, sizeof(*req));
+
+ memwrite(addr, req, sizeof(*req));
+
+ return addr;
+}
+
+static void
+virtio_crypto_driver_init(const QVirtioBus *bus, QVirtioDevice *dev)
+{
+ /* Read configure space to get supported crypto services */
+
+ qvirtio_set_driver_ok(bus, dev);
+}
+
+static uint64_t
+virtio_crypto_create_session(const QVirtioBus *bus, QVirtioDevice *dev,
+ QGuestAllocator *alloc, QVirtQueue *vq,
+ VirtIOCryptoCipherTestData *data,
+ int encrypt)
+{
+ uint32_t free_head;
+ struct virtio_crypto_op_ctrl_req ctrl;
+ struct virtio_crypto_session_input input;
+ uint32_t key_len = data->key_len;
+ uint64_t req_addr;
+ uint64_t key_addr, input_addr; /* cipher key guest physical address */
+ uint64_t session_id;
+ QVRingIndirectDesc *indirect;
+
+ /* Create an encryption session */
+ ctrl.header.opcode = VIRTIO_CRYPTO_CIPHER_CREATE_SESSION;
+ ctrl.header.algo = data->algo;
+ /* Set the default dataqueue id to 0 */
+ ctrl.header.queue_id = 0;
+
+ /* Pad cipher's parameters */
+ ctrl.u.sym_create_session.op_type = VIRTIO_CRYPTO_SYM_OP_CIPHER;
+ ctrl.u.sym_create_session.u.cipher.para.algo = ctrl.header.algo;
+ ctrl.u.sym_create_session.u.cipher.para.keylen = key_len;
+ if (encrypt) {
+ ctrl.u.sym_create_session.u.cipher.para.op = VIRTIO_CRYPTO_OP_ENCRYPT;
+ } else {
+ ctrl.u.sym_create_session.u.cipher.para.op = VIRTIO_CRYPTO_OP_DECRYPT;
+ }
+
+ req_addr = virtio_crypto_ctrl_request(alloc, &ctrl);
+
+ /* Pad cipher's output data */
+ key_addr = guest_alloc(alloc, key_len);
+ memwrite(key_addr, data->key, key_len);
+
+ input.status = VIRTIO_CRYPTO_ERR;
+ input_addr = guest_alloc(alloc, sizeof(input));
+ memwrite(input_addr, &input, sizeof(input));
+
+ indirect = qvring_indirect_desc_setup(dev, alloc, 3);
+ qvring_indirect_desc_add(indirect, req_addr, sizeof(ctrl), false);
+ qvring_indirect_desc_add(indirect, key_addr, key_len, false);
+ qvring_indirect_desc_add(indirect, input_addr, sizeof(input), true);
+ free_head = qvirtqueue_add_indirect(vq, indirect);
+
+ qvirtqueue_kick(bus, dev, vq, free_head);
+
+ qvirtio_wait_queue_isr(bus, dev, vq, QVIRTIO_CRYPTO_TIMEOUT_US);
+
+ /* calculate the offset of input data */
+
+ memread(input_addr, &input, sizeof(input));
+
+ /* Verify the result */
+ g_assert_cmpint(input.status, ==, VIRTIO_CRYPTO_OK);
+
+ session_id = input.session_id;
+
+ g_free(indirect);
+ guest_free(alloc, input_addr);
+ guest_free(alloc, key_addr);
+ guest_free(alloc, req_addr);
+
+ return session_id;
+}
+
+static void
+virtio_crypto_close_session(const QVirtioBus *bus, QVirtioDevice *dev,
+ QGuestAllocator *alloc, QVirtQueue *vq,
+ uint64_t session_id)
+{
+ uint32_t free_head;
+ struct virtio_crypto_op_ctrl_req ctrl;
+ uint64_t req_addr, status_addr;
+ uint32_t status;
+ QVRingIndirectDesc *indirect;
+
+ /* Create an encryption session */
+ ctrl.header.opcode = VIRTIO_CRYPTO_CIPHER_DESTROY_SESSION;
+ /* Set the default dataqueue id to 0 */
+ ctrl.header.queue_id = 0;
+
+ ctrl.u.destroy_session.session_id = session_id;
+
+ req_addr = virtio_crypto_ctrl_request(alloc, &ctrl);
+
+ status_addr = guest_alloc(alloc, sizeof(status));
+ writel(status_addr, VIRTIO_CRYPTO_ERR);
+
+ indirect = qvring_indirect_desc_setup(dev, alloc, 2);
+ qvring_indirect_desc_add(indirect, req_addr, sizeof(ctrl), false);
+ qvring_indirect_desc_add(indirect, status_addr, sizeof(status), true);
+ free_head = qvirtqueue_add_indirect(vq, indirect);
+
+ qvirtqueue_kick(bus, dev, vq, free_head);
+
+ qvirtio_wait_queue_isr(bus, dev, vq, QVIRTIO_CRYPTO_TIMEOUT_US);
+
+ /* Verify the result */
+ status = readl(status_addr);
+ g_assert_cmpint(status, ==, VIRTIO_CRYPTO_OK);
+
+ g_free(indirect);
+ guest_free(alloc, req_addr);
+ guest_free(alloc, status_addr);
+}
+
+
+static void
+virtio_crypto_test_cipher(const QVirtioBus *bus, QVirtioDevice *dev,
+ QGuestAllocator *alloc, QVirtQueue *ctrlq,
+ QVirtQueue *vq, VirtIOCryptoCipherTestData *data,
+ int encrypt)
+{
+ uint32_t free_head;
+ struct virtio_crypto_op_data_req req;
+ uint64_t req_addr, status_addr;
+ uint64_t iv_addr, src_addr, dst_addr;
+ uint64_t session_id;
+ char *output;
+ uint32_t src_len, dst_len, status;
+ QVRingIndirectDesc *indirect;
+
+ /* Create a session */
+ session_id = virtio_crypto_create_session(bus, dev, alloc,
+ ctrlq, data, encrypt);
+
+ /* Head of operation */
+ req.header.session_id = session_id;
+ if (encrypt) {
+ req.header.opcode = VIRTIO_CRYPTO_CIPHER_ENCRYPT;
+ } else {
+ req.header.opcode = VIRTIO_CRYPTO_CIPHER_DECRYPT;
+ }
+
+ req.u.sym_req.op_type = VIRTIO_CRYPTO_SYM_OP_CIPHER;
+ req.u.sym_req.u.cipher.para.iv_len = data->iv_len;
+ req.u.sym_req.u.cipher.para.src_data_len = data->ilen;
+ req.u.sym_req.u.cipher.para.dst_data_len = data->olen;
+
+ req_addr = virtio_crypto_data_request(alloc, &req);
+
+ /* IV */
+ if (data->iv_len > 0) {
+ iv_addr = guest_alloc(alloc, data->iv_len);
+ memwrite(iv_addr, data->iv, data->iv_len);
+ }
+
+ if (encrypt) {
+ src_len = data->ilen;
+ dst_len = data->olen;
+ /* Source data is the input data which is a single buffer */
+ src_addr = guest_alloc(alloc, src_len);
+ memwrite(src_addr, data->input, src_len);
+ } else {
+ src_len = data->olen;
+ dst_len = data->ilen;
+ /* Source data is the output data which is a single buffer */
+ src_addr = guest_alloc(alloc, src_len);
+ memwrite(src_addr, data->output, src_len);
+ }
+
+ dst_addr = guest_alloc(alloc, dst_len);
+
+ status_addr = guest_alloc(alloc, sizeof(status));
+ writel(status_addr, VIRTIO_CRYPTO_ERR);
+
+ indirect = qvring_indirect_desc_setup(dev, alloc, 5);
+ qvring_indirect_desc_add(indirect, req_addr, sizeof(req), false);
+ qvring_indirect_desc_add(indirect, iv_addr, data->iv_len, false);
+ qvring_indirect_desc_add(indirect, src_addr, src_len, false);
+ qvring_indirect_desc_add(indirect, dst_addr, dst_len, true);
+ qvring_indirect_desc_add(indirect, status_addr, sizeof(status), true);
+ free_head = qvirtqueue_add_indirect(vq, indirect);
+
+ qvirtqueue_kick(bus, dev, vq, free_head);
+
+ qvirtio_wait_queue_isr(bus, dev, vq, QVIRTIO_CRYPTO_TIMEOUT_US);
+
+ /* Verify the result */
+ status = readl(status_addr);
+ g_assert_cmpint(status, ==, VIRTIO_CRYPTO_OK);
+
+ output = g_malloc0(dst_len);
+ memread(dst_addr, output, dst_len);
+ if (encrypt) {
+ g_assert_cmpstr(output, ==, data->output);
+ } else {
+ g_assert_cmpstr(output, ==, data->input);
+ }
+ g_free(output);
+
+ g_free(indirect);
+
+ if (data->iv_len > 0) {
+ guest_free(alloc, iv_addr);
+ }
+ guest_free(alloc, src_addr);
+ guest_free(alloc, dst_addr);
+ guest_free(alloc, req_addr);
+ guest_free(alloc, status_addr);
+
+ /* Close the session */
+ virtio_crypto_close_session(bus, dev, alloc, ctrlq, session_id);
+}
+
+static void virtio_crypto_pci_basic(void)
+{
+ QVirtioPCIDevice *dev;
+ QPCIBus *bus;
+ QGuestAllocator *alloc;
+ QVirtQueuePCI *dataq, *controlq;
+ size_t i;
+ uint32_t features;
+
+ bus = virtio_crypto_test_start();
+ dev = virtio_crypto_pci_init(bus, PCI_SLOT);
+
+ alloc = pc_alloc_init();
+
+ features = qvirtio_get_features(&qvirtio_pci, &dev->vdev);
+ g_assert_cmphex(features & (1u << VIRTIO_RING_F_INDIRECT_DESC), !=, 0);
+ features = features & ~(QVIRTIO_F_BAD_FEATURE |
+ (1u << VIRTIO_RING_F_EVENT_IDX));
+ qvirtio_set_features(&qvirtio_pci, &dev->vdev, features);
+
+ dataq = (QVirtQueuePCI *)qvirtqueue_setup(&qvirtio_pci, &dev->vdev,
+ alloc, 0);
+ controlq = (QVirtQueuePCI *)qvirtqueue_setup(&qvirtio_pci, &dev->vdev,
+ alloc, 1);
+
+ virtio_crypto_driver_init(&qvirtio_pci, &dev->vdev);
+
+ for (i = 0; i < G_N_ELEMENTS(cipher_test_data); i++) {
+ /* Step 1: Encryption */
+ virtio_crypto_test_cipher(&qvirtio_pci, &dev->vdev, alloc,
+ &controlq->vq, &dataq->vq,
+ &cipher_test_data[i], 1);
+ /* Step 2: Decryption */
+ virtio_crypto_test_cipher(&qvirtio_pci, &dev->vdev, alloc,
+ &controlq->vq, &dataq->vq,
+ &cipher_test_data[i], 0);
+ }
+
+ /* End test */
+ qvirtqueue_cleanup(&qvirtio_pci, &dataq->vq, alloc);
+ qvirtqueue_cleanup(&qvirtio_pci, &controlq->vq, alloc);
+ pc_alloc_uninit(alloc);
+ qvirtio_pci_device_disable(dev);
+ g_free(dev);
+ qpci_free_pc(bus);
+ test_end();
+}
+
+int main(int argc, char **argv)
+{
+ const char *qemu;
+ const char *arch;
+ int ret;
+
+ qemu = getenv("QTEST_QEMU_BINARY");
+ if (qemu == NULL) {
+ ret = setenv("QTEST_QEMU_BINARY",
+ "x86_64-softmmu/qemu-system-x86_64", 0);
+ g_assert(ret == 0);
+ }
+
+ arch = qtest_get_arch();
+
+ g_test_init(&argc, &argv, NULL);
+
+ if (strcmp(arch, "i386") == 0 || strcmp(arch, "x86_64") == 0) {
+ qtest_add_func("/virtio/crypto/pci/basic", virtio_crypto_pci_basic);
+ }
+
+ return g_test_run();
+}
--
1.7.12.4
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [Qemu-devel] [PATCH v5 13/14] virtio-crypto: add myself as virtio-crypto and cryptodev backends maintainer
2016-10-06 11:36 [Qemu-devel] [PATCH v5 00/14] virtio-crypto: introduce framework and device emulation Gonglei
` (11 preceding siblings ...)
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 12/14] virtio-crypto-test: add qtest case for virtio-crypto Gonglei
@ 2016-10-06 11:36 ` Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 14/14] cryptodev: rename cryptodev stuff Gonglei
13 siblings, 0 replies; 19+ messages in thread
From: Gonglei @ 2016-10-06 11:36 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, Gonglei
This patch including two parts: Cryptodev Backends
and virtio-crypto stuff. I can maintain cryptodev backends
which introduced by myself. For virtio-crypto stuff, I can
share the work with Michael (The whole virtio supporter).
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
MAINTAINERS | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index f3c1f7f..1d5d6c3 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -963,6 +963,14 @@ F: include/sysemu/rng*.h
F: backends/rng*.c
F: tests/virtio-rng-test.c
+virtio-crypto
+M: Gonglei <arei.gonglei@huawei.com>
+S: Supported
+F: hw/virtio/virtio-crypto.c
+F: hw/virtio/virtio-crypto-pci.c
+F: include/hw/virtio/virtio-crypto.h
+F: tests/virtio-crypto-test.c
+
nvme
M: Keith Busch <keith.busch@intel.com>
L: qemu-block@nongnu.org
@@ -1199,6 +1207,12 @@ S: Maintained
F: backends/hostmem*.c
F: include/sysemu/hostmem.h
+Cryptodev Backends
+M: Gonglei <arei.gonglei@huawei.com>
+S: Maintained
+F: include/sysemu/cryptodev*.h
+F: backends/cryptodev*.c
+
QAPI
M: Markus Armbruster <armbru@redhat.com>
M: Michael Roth <mdroth@linux.vnet.ibm.com>
--
1.7.12.4
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [Qemu-devel] [PATCH v5 14/14] cryptodev: rename cryptodev stuff
2016-10-06 11:36 [Qemu-devel] [PATCH v5 00/14] virtio-crypto: introduce framework and device emulation Gonglei
` (12 preceding siblings ...)
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 13/14] virtio-crypto: add myself as virtio-crypto and cryptodev backends maintainer Gonglei
@ 2016-10-06 11:36 ` Gonglei
2016-10-06 19:47 ` Eric Blake
13 siblings, 1 reply; 19+ messages in thread
From: Gonglei @ 2016-10-06 11:36 UTC (permalink / raw)
To: qemu-devel, virtio-dev
Cc: luonengjun, mst, stefanha, pbonzini, berrange, weidong.huang,
wu.wubin, mike.caraman, agraf, xin.zeng, claudio.fontana, nmorey,
vincent.jardin, jianjay.zhou, hanweidong, peter.huangpeng,
arei.gonglei, Gonglei
Remove qcrypto and/or QCRYPTO prefix in order to
make the name shorter because it doesn't repeat
any information.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
backends/cryptodev-builtin.c | 84 ++++++++++++------------
backends/cryptodev.c | 106 +++++++++++++++---------------
hw/virtio/virtio-crypto.c | 32 ++++-----
include/hw/virtio/virtio-crypto.h | 6 +-
include/sysemu/cryptodev.h | 132 +++++++++++++++++++-------------------
5 files changed, 180 insertions(+), 180 deletions(-)
diff --git a/backends/cryptodev-builtin.c b/backends/cryptodev-builtin.c
index 8b57e49..dc0a364 100644
--- a/backends/cryptodev-builtin.c
+++ b/backends/cryptodev-builtin.c
@@ -30,41 +30,41 @@
/**
- * @TYPE_QCRYPTO_CRYPTODEV_BACKEND_BUILTIN:
+ * @TYPE_CRYPTODEV_BACKEND_BUILTIN:
* name of backend that uses QEMU cipher API
*/
-#define TYPE_QCRYPTO_CRYPTODEV_BACKEND_BUILTIN "cryptodev-backend-builtin"
+#define TYPE_CRYPTODEV_BACKEND_BUILTIN "cryptodev-backend-builtin"
-#define QCRYPTO_CRYPTODEV_BACKEND_BUILTIN(obj) \
- OBJECT_CHECK(QCryptoCryptoDevBackendBuiltin, \
- (obj), TYPE_QCRYPTO_CRYPTODEV_BACKEND_BUILTIN)
+#define CRYPTODEV_BACKEND_BUILTIN(obj) \
+ OBJECT_CHECK(CryptoDevBackendBuiltin, \
+ (obj), TYPE_CRYPTODEV_BACKEND_BUILTIN)
-typedef struct QCryptoCryptoDevBackendBuiltin
- QCryptoCryptoDevBackendBuiltin;
+typedef struct CryptoDevBackendBuiltin
+ CryptoDevBackendBuiltin;
-typedef struct QCryptoCryptoDevBackendBuiltinSession {
+typedef struct CryptoDevBackendBuiltinSession {
QCryptoCipher *cipher;
uint8_t direction; /* encryption or decryption */
uint8_t type; /* cipher? hash? aead? */
- QTAILQ_ENTRY(QCryptoCryptoDevBackendBuiltinSession) next;
-} QCryptoCryptoDevBackendBuiltinSession;
+ QTAILQ_ENTRY(CryptoDevBackendBuiltinSession) next;
+} CryptoDevBackendBuiltinSession;
/* Max number of symmetric sessions */
#define MAX_NUM_SESSIONS 256
-struct QCryptoCryptoDevBackendBuiltin {
- QCryptoCryptoDevBackend parent_obj;
+struct CryptoDevBackendBuiltin {
+ CryptoDevBackend parent_obj;
- QCryptoCryptoDevBackendBuiltinSession *sessions[MAX_NUM_SESSIONS];
+ CryptoDevBackendBuiltinSession *sessions[MAX_NUM_SESSIONS];
};
static void cryptodev_builtin_init(
- QCryptoCryptoDevBackend *backend, Error **errp)
+ CryptoDevBackend *backend, Error **errp)
{
/* Only support one queue */
int queues = backend->conf.peers.queues;
- QCryptoCryptoDevBackendClientState *cc;
+ CryptoDevBackendClient *cc;
if (queues != 1) {
error_setg(errp,
@@ -72,7 +72,7 @@ static void cryptodev_builtin_init(
return;
}
- cc = qcrypto_cryptodev_backend_new_client(
+ cc = cryptodev_backend_new_client(
"cryptodev-builtin", NULL);
cc->info_str = g_strdup_printf("cryptodev-builtin0");
cc->queue_index = 0;
@@ -88,7 +88,7 @@ static void cryptodev_builtin_init(
static int
cryptodev_builtin_get_unused_session_index(
- QCryptoCryptoDevBackendBuiltin *builtin)
+ CryptoDevBackendBuiltin *builtin)
{
size_t i;
@@ -121,15 +121,15 @@ cryptodev_builtin_get_aes_algo(uint32_t key_len, Error **errp)
}
static int cryptodev_builtin_create_cipher_session(
- QCryptoCryptoDevBackendBuiltin *builtin,
- QCryptoCryptoDevBackendSymSessionInfo *sess_info,
+ CryptoDevBackendBuiltin *builtin,
+ CryptoDevBackendSymSessionInfo *sess_info,
Error **errp)
{
int algo;
int mode;
QCryptoCipher *cipher;
int index;
- QCryptoCryptoDevBackendBuiltinSession *sess;
+ CryptoDevBackendBuiltinSession *sess;
if (sess_info->op_type != VIRTIO_CRYPTO_SYM_OP_CIPHER) {
error_setg(errp, "Unsupported optype :%u", sess_info->op_type);
@@ -186,7 +186,7 @@ static int cryptodev_builtin_create_cipher_session(
return -1;
}
- sess = g_new0(QCryptoCryptoDevBackendBuiltinSession, 1);
+ sess = g_new0(CryptoDevBackendBuiltinSession, 1);
sess->cipher = cipher;
sess->direction = sess_info->direction;
sess->type = sess_info->op_type;
@@ -197,12 +197,12 @@ static int cryptodev_builtin_create_cipher_session(
}
static int64_t cryptodev_builtin_sym_create_session(
- QCryptoCryptoDevBackend *backend,
- QCryptoCryptoDevBackendSymSessionInfo *sess_info,
+ CryptoDevBackend *backend,
+ CryptoDevBackendSymSessionInfo *sess_info,
uint32_t queue_index, Error **errp)
{
- QCryptoCryptoDevBackendBuiltin *builtin =
- QCRYPTO_CRYPTODEV_BACKEND_BUILTIN(backend);
+ CryptoDevBackendBuiltin *builtin =
+ CRYPTODEV_BACKEND_BUILTIN(backend);
int64_t session_id = -1;
int ret;
@@ -228,12 +228,12 @@ static int64_t cryptodev_builtin_sym_create_session(
}
static int cryptodev_builtin_sym_close_session(
- QCryptoCryptoDevBackend *backend,
+ CryptoDevBackend *backend,
uint64_t session_id,
uint32_t queue_index, Error **errp)
{
- QCryptoCryptoDevBackendBuiltin *builtin =
- QCRYPTO_CRYPTODEV_BACKEND_BUILTIN(backend);
+ CryptoDevBackendBuiltin *builtin =
+ CRYPTODEV_BACKEND_BUILTIN(backend);
if (session_id >= MAX_NUM_SESSIONS ||
builtin->sessions[session_id] == NULL) {
@@ -249,13 +249,13 @@ static int cryptodev_builtin_sym_close_session(
}
static int cryptodev_builtin_sym_operation(
- QCryptoCryptoDevBackend *backend,
- QCryptoCryptoDevBackendSymOpInfo *op_info,
+ CryptoDevBackend *backend,
+ CryptoDevBackendSymOpInfo *op_info,
uint32_t queue_index, Error **errp)
{
- QCryptoCryptoDevBackendBuiltin *builtin =
- QCRYPTO_CRYPTODEV_BACKEND_BUILTIN(backend);
- QCryptoCryptoDevBackendBuiltinSession *sess;
+ CryptoDevBackendBuiltin *builtin =
+ CRYPTODEV_BACKEND_BUILTIN(backend);
+ CryptoDevBackendBuiltinSession *sess;
int ret;
if (op_info->session_id >= MAX_NUM_SESSIONS ||
@@ -290,14 +290,14 @@ static int cryptodev_builtin_sym_operation(
}
static void cryptodev_builtin_cleanup(
- QCryptoCryptoDevBackend *backend,
+ CryptoDevBackend *backend,
Error **errp)
{
- QCryptoCryptoDevBackendBuiltin *builtin =
- QCRYPTO_CRYPTODEV_BACKEND_BUILTIN(backend);
+ CryptoDevBackendBuiltin *builtin =
+ CRYPTODEV_BACKEND_BUILTIN(backend);
size_t i;
int queues = backend->conf.peers.queues;
- QCryptoCryptoDevBackendClientState *cc;
+ CryptoDevBackendClient *cc;
for (i = 0; i < MAX_NUM_SESSIONS; i++) {
if (builtin->sessions[i] != NULL) {
@@ -311,7 +311,7 @@ static void cryptodev_builtin_cleanup(
for (i = 0; i < queues; i++) {
cc = backend->conf.peers.ccs[i];
if (cc) {
- qcrypto_cryptodev_backend_free_client(cc);
+ cryptodev_backend_free_client(cc);
backend->conf.peers.ccs[i] = NULL;
}
}
@@ -320,7 +320,7 @@ static void cryptodev_builtin_cleanup(
static void
cryptodev_builtin_class_init(ObjectClass *oc, void *data)
{
- QCryptoCryptoDevBackendClass *bc = QCRYPTO_CRYPTODEV_BACKEND_CLASS(oc);
+ CryptoDevBackendClass *bc = CRYPTODEV_BACKEND_CLASS(oc);
bc->init = cryptodev_builtin_init;
bc->cleanup = cryptodev_builtin_cleanup;
@@ -330,10 +330,10 @@ cryptodev_builtin_class_init(ObjectClass *oc, void *data)
}
static const TypeInfo cryptodev_builtin_info = {
- .name = TYPE_QCRYPTO_CRYPTODEV_BACKEND_BUILTIN,
- .parent = TYPE_QCRYPTO_CRYPTODEV_BACKEND,
+ .name = TYPE_CRYPTODEV_BACKEND_BUILTIN,
+ .parent = TYPE_CRYPTODEV_BACKEND,
.class_init = cryptodev_builtin_class_init,
- .instance_size = sizeof(QCryptoCryptoDevBackendBuiltin),
+ .instance_size = sizeof(CryptoDevBackendBuiltin),
};
static void
diff --git a/backends/cryptodev.c b/backends/cryptodev.c
index 744f12c..4a49f97 100644
--- a/backends/cryptodev.c
+++ b/backends/cryptodev.c
@@ -33,16 +33,16 @@
#include "hw/virtio/virtio-crypto.h"
-static QTAILQ_HEAD(, QCryptoCryptoDevBackendClientState) crypto_clients;
+static QTAILQ_HEAD(, CryptoDevBackendClient) crypto_clients;
-QCryptoCryptoDevBackendClientState *
-qcrypto_cryptodev_backend_new_client(const char *model,
+CryptoDevBackendClient *
+cryptodev_backend_new_client(const char *model,
const char *name)
{
- QCryptoCryptoDevBackendClientState *cc;
+ CryptoDevBackendClient *cc;
- cc = g_malloc0(sizeof(QCryptoCryptoDevBackendClientState));
+ cc = g_malloc0(sizeof(CryptoDevBackendClient));
cc->model = g_strdup(model);
if (name) {
cc->name = g_strdup(name);
@@ -53,8 +53,8 @@ qcrypto_cryptodev_backend_new_client(const char *model,
return cc;
}
-void qcrypto_cryptodev_backend_free_client(
- QCryptoCryptoDevBackendClientState *cc)
+void cryptodev_backend_free_client(
+ CryptoDevBackendClient *cc)
{
QTAILQ_REMOVE(&crypto_clients, cc, next);
g_free(cc->name);
@@ -63,12 +63,12 @@ void qcrypto_cryptodev_backend_free_client(
g_free(cc);
}
-void qcrypto_cryptodev_backend_cleanup(
- QCryptoCryptoDevBackend *backend,
+void cryptodev_backend_cleanup(
+ CryptoDevBackend *backend,
Error **errp)
{
- QCryptoCryptoDevBackendClass *bc =
- QCRYPTO_CRYPTODEV_BACKEND_GET_CLASS(backend);
+ CryptoDevBackendClass *bc =
+ CRYPTODEV_BACKEND_GET_CLASS(backend);
if (bc->cleanup) {
bc->cleanup(backend, errp);
@@ -77,13 +77,13 @@ void qcrypto_cryptodev_backend_cleanup(
backend->ready = false;
}
-int64_t qcrypto_cryptodev_backend_sym_create_session(
- QCryptoCryptoDevBackend *backend,
- QCryptoCryptoDevBackendSymSessionInfo *sess_info,
+int64_t cryptodev_backend_sym_create_session(
+ CryptoDevBackend *backend,
+ CryptoDevBackendSymSessionInfo *sess_info,
uint32_t queue_index, Error **errp)
{
- QCryptoCryptoDevBackendClass *bc =
- QCRYPTO_CRYPTODEV_BACKEND_GET_CLASS(backend);
+ CryptoDevBackendClass *bc =
+ CRYPTODEV_BACKEND_GET_CLASS(backend);
if (bc->create_session) {
return bc->create_session(backend, sess_info, queue_index, errp);
@@ -92,13 +92,13 @@ int64_t qcrypto_cryptodev_backend_sym_create_session(
return -1;
}
-int qcrypto_cryptodev_backend_sym_close_session(
- QCryptoCryptoDevBackend *backend,
+int cryptodev_backend_sym_close_session(
+ CryptoDevBackend *backend,
uint64_t session_id,
uint32_t queue_index, Error **errp)
{
- QCryptoCryptoDevBackendClass *bc =
- QCRYPTO_CRYPTODEV_BACKEND_GET_CLASS(backend);
+ CryptoDevBackendClass *bc =
+ CRYPTODEV_BACKEND_GET_CLASS(backend);
if (bc->close_session) {
return bc->close_session(backend, session_id, queue_index, errp);
@@ -107,13 +107,13 @@ int qcrypto_cryptodev_backend_sym_close_session(
return -1;
}
-static int qcrypto_cryptodev_backend_sym_operation(
- QCryptoCryptoDevBackend *backend,
- QCryptoCryptoDevBackendSymOpInfo *op_info,
+static int cryptodev_backend_sym_operation(
+ CryptoDevBackend *backend,
+ CryptoDevBackendSymOpInfo *op_info,
uint32_t queue_index, Error **errp)
{
- QCryptoCryptoDevBackendClass *bc =
- QCRYPTO_CRYPTODEV_BACKEND_GET_CLASS(backend);
+ CryptoDevBackendClass *bc =
+ CRYPTODEV_BACKEND_GET_CLASS(backend);
if (bc->do_sym_op) {
return bc->do_sym_op(backend, op_info, queue_index, errp);
@@ -122,18 +122,18 @@ static int qcrypto_cryptodev_backend_sym_operation(
return -VIRTIO_CRYPTO_ERR;
}
-int qcrypto_cryptodev_backend_crypto_operation(
- QCryptoCryptoDevBackend *backend,
+int cryptodev_backend_crypto_operation(
+ CryptoDevBackend *backend,
void *opaque,
uint32_t queue_index, Error **errp)
{
VirtIOCryptoReq *req = opaque;
- if (req->flags == QCRYPTO_CRYPTODEV_BACKEND_ALG_SYM) {
- QCryptoCryptoDevBackendSymOpInfo *op_info;
+ if (req->flags == CRYPTODEV_BACKEND_ALG_SYM) {
+ CryptoDevBackendSymOpInfo *op_info;
op_info = req->u.sym_op_info;
- return qcrypto_cryptodev_backend_sym_operation(backend,
+ return cryptodev_backend_sym_operation(backend,
op_info, queue_index, errp);
} else {
error_setg(errp, "Unsupported cryptodev alg type: %" PRIu32 "",
@@ -145,20 +145,20 @@ int qcrypto_cryptodev_backend_crypto_operation(
}
static void
-qcrypto_cryptodev_backend_get_queues(Object *obj, Visitor *v, const char *name,
+cryptodev_backend_get_queues(Object *obj, Visitor *v, const char *name,
void *opaque, Error **errp)
{
- QCryptoCryptoDevBackend *backend = QCRYPTO_CRYPTODEV_BACKEND(obj);
+ CryptoDevBackend *backend = CRYPTODEV_BACKEND(obj);
uint32_t value = backend->conf.peers.queues;
visit_type_uint32(v, name, &value, errp);
}
static void
-qcrypto_cryptodev_backend_set_queues(Object *obj, Visitor *v, const char *name,
+cryptodev_backend_set_queues(Object *obj, Visitor *v, const char *name,
void *opaque, Error **errp)
{
- QCryptoCryptoDevBackend *backend = QCRYPTO_CRYPTODEV_BACKEND(obj);
+ CryptoDevBackend *backend = CRYPTODEV_BACKEND(obj);
Error *local_err = NULL;
uint32_t value;
@@ -177,10 +177,10 @@ out:
}
static void
-qcrypto_cryptodev_backend_complete(UserCreatable *uc, Error **errp)
+cryptodev_backend_complete(UserCreatable *uc, Error **errp)
{
- QCryptoCryptoDevBackend *backend = QCRYPTO_CRYPTODEV_BACKEND(uc);
- QCryptoCryptoDevBackendClass *bc = QCRYPTO_CRYPTODEV_BACKEND_GET_CLASS(uc);
+ CryptoDevBackend *backend = CRYPTODEV_BACKEND(uc);
+ CryptoDevBackendClass *bc = CRYPTODEV_BACKEND_GET_CLASS(uc);
Error *local_err = NULL;
if (bc->init) {
@@ -197,39 +197,39 @@ out:
error_propagate(errp, local_err);
}
-static void qcrypto_cryptodev_backend_instance_init(Object *obj)
+static void cryptodev_backend_instance_init(Object *obj)
{
object_property_add(obj, "queues", "int",
- qcrypto_cryptodev_backend_get_queues,
- qcrypto_cryptodev_backend_set_queues,
+ cryptodev_backend_get_queues,
+ cryptodev_backend_set_queues,
NULL, NULL, NULL);
/* Initialize devices' queues property to 1 */
object_property_set_int(obj, 1, "queues", NULL);
}
-static void qcrypto_cryptodev_backend_finalize(Object *obj)
+static void cryptodev_backend_finalize(Object *obj)
{
}
static void
-qcrypto_cryptodev_backend_class_init(ObjectClass *oc, void *data)
+cryptodev_backend_class_init(ObjectClass *oc, void *data)
{
UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc);
- ucc->complete = qcrypto_cryptodev_backend_complete;
+ ucc->complete = cryptodev_backend_complete;
QTAILQ_INIT(&crypto_clients);
}
-static const TypeInfo qcrypto_cryptodev_backend_info = {
- .name = TYPE_QCRYPTO_CRYPTODEV_BACKEND,
+static const TypeInfo cryptodev_backend_info = {
+ .name = TYPE_CRYPTODEV_BACKEND,
.parent = TYPE_OBJECT,
- .instance_size = sizeof(QCryptoCryptoDevBackend),
- .instance_init = qcrypto_cryptodev_backend_instance_init,
- .instance_finalize = qcrypto_cryptodev_backend_finalize,
- .class_size = sizeof(QCryptoCryptoDevBackendClass),
- .class_init = qcrypto_cryptodev_backend_class_init,
+ .instance_size = sizeof(CryptoDevBackend),
+ .instance_init = cryptodev_backend_instance_init,
+ .instance_finalize = cryptodev_backend_finalize,
+ .class_size = sizeof(CryptoDevBackendClass),
+ .class_init = cryptodev_backend_class_init,
.interfaces = (InterfaceInfo[]) {
{ TYPE_USER_CREATABLE },
{ }
@@ -237,9 +237,9 @@ static const TypeInfo qcrypto_cryptodev_backend_info = {
};
static void
-qcrypto_cryptodev_backend_register_types(void)
+cryptodev_backend_register_types(void)
{
- type_register_static(&qcrypto_cryptodev_backend_info);
+ type_register_static(&cryptodev_backend_info);
}
-type_init(qcrypto_cryptodev_backend_register_types);
+type_init(cryptodev_backend_register_types);
diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
index 53673f5..1e52bb5 100644
--- a/hw/virtio/virtio-crypto.c
+++ b/hw/virtio/virtio-crypto.c
@@ -35,7 +35,7 @@ static inline int virtio_crypto_vq2q(int queue_index)
static int
virtio_crypto_cipher_session_helper(VirtIODevice *vdev,
- QCryptoCryptoDevBackendSymSessionInfo *info,
+ CryptoDevBackendSymSessionInfo *info,
struct virtio_crypto_cipher_session_para *cipher_para,
struct iovec *iov, unsigned int *out_num)
{
@@ -72,7 +72,7 @@ virtio_crypto_create_sym_session(VirtIOCrypto *vcrypto,
struct iovec *iov, unsigned int out_num)
{
VirtIODevice *vdev = VIRTIO_DEVICE(vcrypto);
- QCryptoCryptoDevBackendSymSessionInfo info;
+ CryptoDevBackendSymSessionInfo info;
int64_t session_id;
int queue_index;
uint32_t op_type;
@@ -142,7 +142,7 @@ virtio_crypto_create_sym_session(VirtIOCrypto *vcrypto,
}
queue_index = virtio_crypto_vq2q(queue_id);
- session_id = qcrypto_cryptodev_backend_sym_create_session(
+ session_id = cryptodev_backend_sym_create_session(
vcrypto->cryptodev,
&info, queue_index, &local_err);
if (session_id >= 0) {
@@ -178,7 +178,7 @@ virtio_crypto_handle_close_session(VirtIOCrypto *vcrypto,
session_id = virtio_ldq_p(vdev, &close_sess_req->session_id);
DPRINTF("close session, id=%" PRIu64 "\n", session_id);
- ret = qcrypto_cryptodev_backend_sym_close_session(
+ ret = cryptodev_backend_sym_close_session(
vcrypto->cryptodev, session_id, queue_id, &local_err);
if (ret == 0) {
status = VIRTIO_CRYPTO_OK;
@@ -309,7 +309,7 @@ static void virtio_crypto_init_request(VirtIOCrypto *vcrypto, VirtQueue *vq,
static void virtio_crypto_free_request(VirtIOCryptoReq *req)
{
if (req) {
- if (req->flags == QCRYPTO_CRYPTODEV_BACKEND_ALG_SYM) {
+ if (req->flags == CRYPTODEV_BACKEND_ALG_SYM) {
g_free(req->u.sym_op_info);
}
g_free(req);
@@ -320,7 +320,7 @@ static void
virtio_crypto_sym_input_data_helper(VirtIODevice *vdev,
VirtIOCryptoReq *req,
uint32_t status,
- QCryptoCryptoDevBackendSymOpInfo *sym_op_info)
+ CryptoDevBackendSymOpInfo *sym_op_info)
{
size_t s, len;
@@ -355,7 +355,7 @@ static void virtio_crypto_req_complete(VirtIOCryptoReq *req, uint32_t status)
VirtIOCrypto *vcrypto = req->vcrypto;
VirtIODevice *vdev = VIRTIO_DEVICE(vcrypto);
- if (req->flags == QCRYPTO_CRYPTODEV_BACKEND_ALG_SYM) {
+ if (req->flags == CRYPTODEV_BACKEND_ALG_SYM) {
virtio_crypto_sym_input_data_helper(vdev, req, status,
req->u.sym_op_info);
}
@@ -375,7 +375,7 @@ virtio_crypto_get_request(VirtIOCrypto *s, VirtQueue *vq)
return req;
}
-static QCryptoCryptoDevBackendSymOpInfo *
+static CryptoDevBackendSymOpInfo *
virtio_crypto_sym_op_helper(VirtIODevice *vdev,
struct virtio_crypto_cipher_para *para,
uint32_t aad_len,
@@ -383,7 +383,7 @@ virtio_crypto_sym_op_helper(VirtIODevice *vdev,
uint32_t hash_result_len,
uint32_t hash_start_src_offset)
{
- QCryptoCryptoDevBackendSymOpInfo *op_info;
+ CryptoDevBackendSymOpInfo *op_info;
uint32_t src_len, dst_len;
uint32_t iv_len;
size_t max_len, curr_size = 0;
@@ -394,7 +394,7 @@ virtio_crypto_sym_op_helper(VirtIODevice *vdev,
dst_len = virtio_ldl_p(vdev, ¶->dst_data_len);
max_len = iv_len + aad_len + src_len + dst_len + hash_result_len;
- op_info = g_malloc0(sizeof(QCryptoCryptoDevBackendSymOpInfo) + max_len);
+ op_info = g_malloc0(sizeof(CryptoDevBackendSymOpInfo) + max_len);
op_info->iv_len = iv_len;
op_info->src_len = src_len;
op_info->dst_len = dst_len;
@@ -467,12 +467,12 @@ err:
static int
virtio_crypto_handle_sym_req(VirtIOCrypto *vcrypto,
struct virtio_crypto_sym_data_req *req,
- QCryptoCryptoDevBackendSymOpInfo **sym_op_info,
+ CryptoDevBackendSymOpInfo **sym_op_info,
struct iovec *iov, unsigned int out_num)
{
VirtIODevice *vdev = VIRTIO_DEVICE(vcrypto);
uint32_t op_type;
- QCryptoCryptoDevBackendSymOpInfo *op_info;
+ CryptoDevBackendSymOpInfo *op_info;
op_type = virtio_ldl_p(vdev, &req->op_type);
@@ -527,7 +527,7 @@ virtio_crypto_handle_request(VirtIOCryptoReq *request)
unsigned out_num;
uint32_t opcode, status = VIRTIO_CRYPTO_ERR;
uint64_t session_id;
- QCryptoCryptoDevBackendSymOpInfo *sym_op_info = NULL;
+ CryptoDevBackendSymOpInfo *sym_op_info = NULL;
Error *local_err = NULL;
if (elem->out_num < 1 || elem->in_num < 1) {
@@ -581,9 +581,9 @@ virtio_crypto_handle_request(VirtIOCryptoReq *request)
sym_op_info->session_id = session_id;
/* Set request's parameter */
- request->flags = QCRYPTO_CRYPTODEV_BACKEND_ALG_SYM;
+ request->flags = CRYPTODEV_BACKEND_ALG_SYM;
request->u.sym_op_info = sym_op_info;
- ret = qcrypto_cryptodev_backend_crypto_operation(vcrypto->cryptodev,
+ ret = cryptodev_backend_crypto_operation(vcrypto->cryptodev,
request, queue_index, &local_err);
if (ret < 0) {
status = -ret;
@@ -781,7 +781,7 @@ static void virtio_crypto_instance_init(Object *obj)
vcrypto->config_size = sizeof(struct virtio_crypto_config);
object_property_add_link(obj, "cryptodev",
- TYPE_QCRYPTO_CRYPTODEV_BACKEND,
+ TYPE_CRYPTODEV_BACKEND,
(Object **)&vcrypto->conf.cryptodev,
qdev_prop_allow_set_link_before_realize,
OBJ_PROP_LINK_UNREF_ON_RELEASE, NULL);
diff --git a/include/hw/virtio/virtio-crypto.h b/include/hw/virtio/virtio-crypto.h
index c46e9a9..ff3abfe 100644
--- a/include/hw/virtio/virtio-crypto.h
+++ b/include/hw/virtio/virtio-crypto.h
@@ -43,7 +43,7 @@ struct virtio_crypto_inhdr
};
typedef struct VirtIOCryptoConf {
- QCryptoCryptoDevBackend *cryptodev;
+ CryptoDevBackend *cryptodev;
/* Supported service mask */
uint32_t crypto_services;
@@ -73,7 +73,7 @@ typedef struct VirtIOCryptoReq {
VirtQueue *vq;
struct VirtIOCrypto *vcrypto;
union {
- QCryptoCryptoDevBackendSymOpInfo *sym_op_info;
+ CryptoDevBackendSymOpInfo *sym_op_info;
} u;
} VirtIOCryptoReq;
@@ -83,7 +83,7 @@ typedef struct VirtIOCrypto {
VirtQueue *ctrl_vq;
VirtIOCryptoConf conf;
- QCryptoCryptoDevBackend *cryptodev;
+ CryptoDevBackend *cryptodev;
uint32_t max_queues;
uint32_t status;
diff --git a/include/sysemu/cryptodev.h b/include/sysemu/cryptodev.h
index 6ba0f14..dc06d7e 100644
--- a/include/sysemu/cryptodev.h
+++ b/include/sysemu/cryptodev.h
@@ -27,42 +27,42 @@
#include "qemu-common.h"
/**
- * QCryptoCryptoDevBackend:
+ * CryptoDevBackend:
*
- * The QCryptoCryptoDevBackend object is an interface
+ * The CryptoDevBackend object is an interface
* for different cryptodev backends, which provides crypto
* operation wrapper.
*
*/
-#define TYPE_QCRYPTO_CRYPTODEV_BACKEND "cryptodev-backend"
+#define TYPE_CRYPTODEV_BACKEND "cryptodev-backend"
-#define QCRYPTO_CRYPTODEV_BACKEND(obj) \
- OBJECT_CHECK(QCryptoCryptoDevBackend, \
- (obj), TYPE_QCRYPTO_CRYPTODEV_BACKEND)
-#define QCRYPTO_CRYPTODEV_BACKEND_GET_CLASS(obj) \
- OBJECT_GET_CLASS(QCryptoCryptoDevBackendClass, \
- (obj), TYPE_QCRYPTO_CRYPTODEV_BACKEND)
-#define QCRYPTO_CRYPTODEV_BACKEND_CLASS(klass) \
- OBJECT_CLASS_CHECK(QCryptoCryptoDevBackendClass, \
- (klass), TYPE_QCRYPTO_CRYPTODEV_BACKEND)
+#define CRYPTODEV_BACKEND(obj) \
+ OBJECT_CHECK(CryptoDevBackend, \
+ (obj), TYPE_CRYPTODEV_BACKEND)
+#define CRYPTODEV_BACKEND_GET_CLASS(obj) \
+ OBJECT_GET_CLASS(CryptoDevBackendClass, \
+ (obj), TYPE_CRYPTODEV_BACKEND)
+#define CRYPTODEV_BACKEND_CLASS(klass) \
+ OBJECT_CLASS_CHECK(CryptoDevBackendClass, \
+ (klass), TYPE_CRYPTODEV_BACKEND)
#define MAX_CRYPTO_QUEUE_NUM 64
-typedef struct QCryptoCryptoDevBackendConf QCryptoCryptoDevBackendConf;
-typedef struct QCryptoCryptoDevBackendPeers QCryptoCryptoDevBackendPeers;
-typedef struct QCryptoCryptoDevBackendClientState
- QCryptoCryptoDevBackendClientState;
-typedef struct QCryptoCryptoDevBackend QCryptoCryptoDevBackend;
+typedef struct CryptoDevBackendConf CryptoDevBackendConf;
+typedef struct CryptoDevBackendPeers CryptoDevBackendPeers;
+typedef struct CryptoDevBackendClient
+ CryptoDevBackendClient;
+typedef struct CryptoDevBackend CryptoDevBackend;
-enum QCryptoCryptoDevBackendAlgType {
- QCRYPTO_CRYPTODEV_BACKEND_ALG_SYM,
- QCRYPTO_CRYPTODEV_BACKEND_ALG__MAX,
+enum CryptoDevBackendAlgType {
+ CRYPTODEV_BACKEND_ALG_SYM,
+ CRYPTODEV_BACKEND_ALG__MAX,
};
/**
- * QCryptoCryptoDevBackendSymSessionInfo:
+ * CryptoDevBackendSymSessionInfo:
*
* @op_code: operation code (refer to virtio_crypto.h)
* @cipher_alg: algorithm type of CIPHER
@@ -80,7 +80,7 @@ enum QCryptoCryptoDevBackendAlgType {
* @auth_key: point to an authenticated key of MAC
*
*/
-typedef struct QCryptoCryptoDevBackendSymSessionInfo {
+typedef struct CryptoDevBackendSymSessionInfo {
/* corresponding with virtio crypto spec */
uint32_t op_code;
uint32_t cipher_alg;
@@ -95,13 +95,13 @@ typedef struct QCryptoCryptoDevBackendSymSessionInfo {
uint8_t alg_chain_order;
uint8_t *cipher_key;
uint8_t *auth_key;
-} QCryptoCryptoDevBackendSymSessionInfo;
+} CryptoDevBackendSymSessionInfo;
/**
- * QCryptoCryptoDevBackendSymOpInfo:
+ * CryptoDevBackendSymOpInfo:
*
* @session_id: session index which was previously
- * created by qcrypto_cryptodev_backend_sym_create_session()
+ * created by cryptodev_backend_sym_create_session()
* @aad_len: byte length of additional authenticated data
* @iv_len: byte length of initialization vector or counter
* @src_len: byte length of source data
@@ -118,7 +118,7 @@ typedef struct QCryptoCryptoDevBackendSymSessionInfo {
* @data[0]: point to the extensional memory by one memory allocation
*
*/
-typedef struct QCryptoCryptoDevBackendSymOpInfo {
+typedef struct CryptoDevBackendSymOpInfo {
uint64_t session_id;
uint32_t aad_len;
uint32_t iv_len;
@@ -133,41 +133,41 @@ typedef struct QCryptoCryptoDevBackendSymOpInfo {
uint8_t *aad_data;
uint8_t *digest_result;
uint8_t data[0];
-} QCryptoCryptoDevBackendSymOpInfo;
+} CryptoDevBackendSymOpInfo;
-typedef struct QCryptoCryptoDevBackendClass {
+typedef struct CryptoDevBackendClass {
ObjectClass parent_class;
- void (*init)(QCryptoCryptoDevBackend *backend, Error **errp);
- void (*cleanup)(QCryptoCryptoDevBackend *backend, Error **errp);
+ void (*init)(CryptoDevBackend *backend, Error **errp);
+ void (*cleanup)(CryptoDevBackend *backend, Error **errp);
- int64_t (*create_session)(QCryptoCryptoDevBackend *backend,
- QCryptoCryptoDevBackendSymSessionInfo *sess_info,
+ int64_t (*create_session)(CryptoDevBackend *backend,
+ CryptoDevBackendSymSessionInfo *sess_info,
uint32_t queue_index, Error **errp);
- int (*close_session)(QCryptoCryptoDevBackend *backend,
+ int (*close_session)(CryptoDevBackend *backend,
uint64_t session_id,
uint32_t queue_index, Error **errp);
- int (*do_sym_op)(QCryptoCryptoDevBackend *backend,
- QCryptoCryptoDevBackendSymOpInfo *op_info,
+ int (*do_sym_op)(CryptoDevBackend *backend,
+ CryptoDevBackendSymOpInfo *op_info,
uint32_t queue_index, Error **errp);
-} QCryptoCryptoDevBackendClass;
+} CryptoDevBackendClass;
-struct QCryptoCryptoDevBackendClientState {
+struct CryptoDevBackendClient {
char *model;
char *name;
char *info_str;
unsigned int queue_index;
- QTAILQ_ENTRY(QCryptoCryptoDevBackendClientState) next;
+ QTAILQ_ENTRY(CryptoDevBackendClient) next;
};
-struct QCryptoCryptoDevBackendPeers {
- QCryptoCryptoDevBackendClientState *ccs[MAX_CRYPTO_QUEUE_NUM];
+struct CryptoDevBackendPeers {
+ CryptoDevBackendClient *ccs[MAX_CRYPTO_QUEUE_NUM];
uint32_t queues;
};
-struct QCryptoCryptoDevBackendConf {
- QCryptoCryptoDevBackendPeers peers;
+struct CryptoDevBackendConf {
+ CryptoDevBackendPeers peers;
/* Supported service mask */
uint32_t crypto_services;
@@ -184,15 +184,15 @@ struct QCryptoCryptoDevBackendConf {
uint32_t primitive_algo;
};
-struct QCryptoCryptoDevBackend {
+struct CryptoDevBackend {
Object parent_obj;
bool ready;
- QCryptoCryptoDevBackendConf conf;
+ CryptoDevBackendConf conf;
};
/**
- * qcrypto_cryptodev_backend_new_client:
+ * cryptodev_backend_new_client:
* @model: the cryptodev backend model
* @name: the cryptodev backend name, can be NULL
*
@@ -200,38 +200,38 @@ struct QCryptoCryptoDevBackend {
* with the @name in the model @model.
*
* The returned object must be released with
- * qcrypto_cryptodev_backend_free_client() when no
+ * cryptodev_backend_free_client() when no
* longer required
*
* Returns: a new cryptodev backend client object
*/
-QCryptoCryptoDevBackendClientState *
-qcrypto_cryptodev_backend_new_client(const char *model,
+CryptoDevBackendClient *
+cryptodev_backend_new_client(const char *model,
const char *name);
/**
- * qcrypto_cryptodev_backend_free_client:
+ * cryptodev_backend_free_client:
* @cc: the cryptodev backend client object
*
* Release the memory associated with @cc that
- * was previously allocated by qcrypto_cryptodev_backend_new_client()
+ * was previously allocated by cryptodev_backend_new_client()
*/
-void qcrypto_cryptodev_backend_free_client(
- QCryptoCryptoDevBackendClientState *cc);
+void cryptodev_backend_free_client(
+ CryptoDevBackendClient *cc);
/**
- * qcrypto_cryptodev_backend_cleanup:
+ * cryptodev_backend_cleanup:
* @backend: the cryptodev backend object
* @errp: pointer to a NULL-initialized error object
*
* Clean the resouce associated with @backend that realizaed
* by the specific backend's init() callback
*/
-void qcrypto_cryptodev_backend_cleanup(
- QCryptoCryptoDevBackend *backend,
+void cryptodev_backend_cleanup(
+ CryptoDevBackend *backend,
Error **errp);
/**
- * qcrypto_cryptodev_backend_sym_create_session:
+ * cryptodev_backend_sym_create_session:
* @backend: the cryptodev backend object
* @sess_info: parameters needed by session creating
* @queue_index: queue index of cryptodev backend client
@@ -241,30 +241,30 @@ void qcrypto_cryptodev_backend_cleanup(
*
* Returns: session id on success, or -1 on error
*/
-int64_t qcrypto_cryptodev_backend_sym_create_session(
- QCryptoCryptoDevBackend *backend,
- QCryptoCryptoDevBackendSymSessionInfo *sess_info,
+int64_t cryptodev_backend_sym_create_session(
+ CryptoDevBackend *backend,
+ CryptoDevBackendSymSessionInfo *sess_info,
uint32_t queue_index, Error **errp);
/**
- * qcrypto_cryptodev_backend_sym_close_session:
+ * cryptodev_backend_sym_close_session:
* @backend: the cryptodev backend object
* @session_id: the session id
* @queue_index: queue index of cryptodev backend client
* @errp: pointer to a NULL-initialized error object
*
* Close a session for symmetric algorithms which was previously
- * created by qcrypto_cryptodev_backend_sym_create_session()
+ * created by cryptodev_backend_sym_create_session()
*
* Returns: 0 on success, or Negative on error
*/
-int qcrypto_cryptodev_backend_sym_close_session(
- QCryptoCryptoDevBackend *backend,
+int cryptodev_backend_sym_close_session(
+ CryptoDevBackend *backend,
uint64_t session_id,
uint32_t queue_index, Error **errp);
/**
- * qcrypto_cryptodev_backend_crypto_operation:
+ * cryptodev_backend_crypto_operation:
* @backend: the cryptodev backend object
* @opaque: pointer to a VirtIOCryptoReq object
* @queue_index: queue index of cryptodev backend client
@@ -276,8 +276,8 @@ int qcrypto_cryptodev_backend_sym_close_session(
* Returns: VIRTIO_CRYPTO_OK on success,
* or -VIRTIO_CRYPTO_* on error
*/
-int qcrypto_cryptodev_backend_crypto_operation(
- QCryptoCryptoDevBackend *backend,
+int cryptodev_backend_crypto_operation(
+ CryptoDevBackend *backend,
void *opaque,
uint32_t queue_index, Error **errp);
--
1.7.12.4
^ permalink raw reply related [flat|nested] 19+ messages in thread
* Re: [Qemu-devel] [PATCH v5 14/14] cryptodev: rename cryptodev stuff
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 14/14] cryptodev: rename cryptodev stuff Gonglei
@ 2016-10-06 19:47 ` Eric Blake
2016-10-08 1:30 ` Gonglei (Arei)
0 siblings, 1 reply; 19+ messages in thread
From: Eric Blake @ 2016-10-06 19:47 UTC (permalink / raw)
To: Gonglei, qemu-devel, virtio-dev
Cc: weidong.huang, claudio.fontana, mst, xin.zeng, hanweidong,
luonengjun, agraf, nmorey, mike.caraman, stefanha, jianjay.zhou,
pbonzini, peter.huangpeng, vincent.jardin, wu.wubin,
arei.gonglei
[-- Attachment #1: Type: text/plain, Size: 586 bytes --]
On 10/06/2016 06:36 AM, Gonglei wrote:
> Remove qcrypto and/or QCRYPTO prefix in order to
> make the name shorter because it doesn't repeat
> any information.
>
> Signed-off-by: Gonglei <arei.gonglei@huawei.com>
> ---
> backends/cryptodev-builtin.c | 84 ++++++++++++------------
This file is new as part of your series. Please rebase this to avoid
the churn, by making it use the correct naming from the get-go rather
than an after-the-fact correction.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 604 bytes --]
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [Qemu-devel] [PATCH v5 14/14] cryptodev: rename cryptodev stuff
2016-10-06 19:47 ` Eric Blake
@ 2016-10-08 1:30 ` Gonglei (Arei)
0 siblings, 0 replies; 19+ messages in thread
From: Gonglei (Arei) @ 2016-10-08 1:30 UTC (permalink / raw)
To: Eric Blake, qemu-devel, virtio-dev
Cc: Huangweidong (C),
Claudio Fontana, mst, xin.zeng, Hanweidong (Randy),
Luonengjun, agraf, nmorey, mike.caraman, stefanha, Zhoujian (jay,
Euler), pbonzini, Huangpeng (Peter), vincent.jardin, Wubin (H),
arei.gonglei
Hi Eric,
> -----Original Message-----
> From: Eric Blake [mailto:eblake@redhat.com]
> Sent: Friday, October 07, 2016 3:48 AM
> Subject: Re: [Qemu-devel] [PATCH v5 14/14] cryptodev: rename cryptodev stuff
>
> On 10/06/2016 06:36 AM, Gonglei wrote:
> > Remove qcrypto and/or QCRYPTO prefix in order to
> > make the name shorter because it doesn't repeat
> > any information.
> >
> > Signed-off-by: Gonglei <arei.gonglei@huawei.com>
> > ---
> > backends/cryptodev-builtin.c | 84 ++++++++++++------------
>
> This file is new as part of your series. Please rebase this to avoid
> the churn, by making it use the correct naming from the get-go rather
> than an after-the-fact correction.
>
You are absolutely right, I will rebase it, thanks :)
Regards,
-Gonglei
> --
> Eric Blake eblake redhat com +1-919-301-3266
> Libvirt virtualization library http://libvirt.org
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [Qemu-devel] [PATCH v5 11/14] virtio-crypto: emulate virtio crypto as a legacy device by default
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 11/14] virtio-crypto: emulate virtio crypto as a legacy device by default Gonglei
@ 2016-10-09 23:48 ` Michael S. Tsirkin
2016-10-10 0:24 ` Gonglei (Arei)
0 siblings, 1 reply; 19+ messages in thread
From: Michael S. Tsirkin @ 2016-10-09 23:48 UTC (permalink / raw)
To: Gonglei
Cc: qemu-devel, virtio-dev, luonengjun, stefanha, pbonzini, berrange,
weidong.huang, wu.wubin, mike.caraman, agraf, xin.zeng,
claudio.fontana, nmorey, vincent.jardin, jianjay.zhou,
hanweidong, peter.huangpeng, arei.gonglei
On Thu, Oct 06, 2016 at 07:36:44PM +0800, Gonglei wrote:
> the scenario of virtio crypto device is mostly NFV, which require
> the existing Guest can't need to do any changes to support virtio
> crypto, so that they can easily migrate the existing network units
> to VM. That's also a basic requirement came from our customers
> in production environment.
>
> For virtio crypto driver, we can both support virtio-1.0 or earlier. But
> Virtio pci driver module can't discovery the virtio-1.0 devices in most
> existing Guests. If we want do this, we have to require the customers
> change the virtio pci module for existing guests influence all virtio
> devices, which is impossible.
>
> So, let's emulate the virtio crypto device as a legacy virtio
> device by default. Using 0x1014 as virtio crypto pci device ID
> because virtio crypto ID is 20 (0x14).
>
> Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Sorry, I don't think this makes any sense.
You certainly can have two drivers: one for legacy and one for modern
devices. It only gets difficult if you try to support transitional
devices.
Pls drop this patch.
> ---
> docs/specs/pci-ids.txt | 2 ++
> hw/virtio/virtio-crypto-pci.c | 4 +++-
> include/hw/pci/pci.h | 2 ++
> 3 files changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/docs/specs/pci-ids.txt b/docs/specs/pci-ids.txt
> index fd27c67..662d4f8 100644
> --- a/docs/specs/pci-ids.txt
> +++ b/docs/specs/pci-ids.txt
> @@ -22,6 +22,7 @@ maintained as part of the virtio specification.
> 1af4:1004 SCSI host bus adapter device (legacy)
> 1af4:1005 entropy generator device (legacy)
> 1af4:1009 9p filesystem device (legacy)
> +1af4:1014 crypto device (legacy)
>
> 1af4:1041 network device (modern)
> 1af4:1042 block device (modern)
> @@ -32,6 +33,7 @@ maintained as part of the virtio specification.
> 1af4:1049 9p filesystem device (modern)
> 1af4:1050 virtio gpu device (modern)
> 1af4:1052 virtio input device (modern)
> +1af4:1054 crypto device (modern)
>
> 1af4:10f0 Available for experimental usage without registration. Must get
> to official ID when the code leaves the test lab (i.e. when seeking
> diff --git a/hw/virtio/virtio-crypto-pci.c b/hw/virtio/virtio-crypto-pci.c
> index 21d9984..30c10f0 100644
> --- a/hw/virtio/virtio-crypto-pci.c
> +++ b/hw/virtio/virtio-crypto-pci.c
> @@ -32,7 +32,6 @@ static void virtio_crypto_pci_realize(VirtIOPCIProxy *vpci_dev, Error **errp)
> DeviceState *vdev = DEVICE(&vcrypto->vdev);
>
> qdev_set_parent_bus(vdev, BUS(&vpci_dev->bus));
> - virtio_pci_force_virtio_1(vpci_dev);
> object_property_set_bool(OBJECT(vdev), true, "realized", errp);
> object_property_set_link(OBJECT(vcrypto),
> OBJECT(vcrypto->vdev.conf.cryptodev), "cryptodev",
> @@ -49,6 +48,9 @@ static void virtio_crypto_pci_class_init(ObjectClass *klass, void *data)
> set_bit(DEVICE_CATEGORY_MISC, dc->categories);
> dc->props = virtio_crypto_pci_properties;
>
> + pcidev_k->vendor_id = PCI_VENDOR_ID_REDHAT_QUMRANET;
> + pcidev_k->device_id = PCI_DEVICE_ID_VIRTIO_CRYPTO;
> + pcidev_k->revision = 0;
> pcidev_k->class_id = PCI_CLASS_OTHERS;
> }
>
> diff --git a/include/hw/pci/pci.h b/include/hw/pci/pci.h
> index 772692f..5881101 100644
> --- a/include/hw/pci/pci.h
> +++ b/include/hw/pci/pci.h
> @@ -83,6 +83,8 @@
> #define PCI_DEVICE_ID_VIRTIO_RNG 0x1005
> #define PCI_DEVICE_ID_VIRTIO_9P 0x1009
> #define PCI_DEVICE_ID_VIRTIO_VSOCK 0x1012
> +#define PCI_DEVICE_ID_VIRTIO_CRYPTO 0x1014
> +
>
> #define PCI_VENDOR_ID_REDHAT 0x1b36
> #define PCI_DEVICE_ID_REDHAT_BRIDGE 0x0001
> --
> 1.7.12.4
>
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [Qemu-devel] [PATCH v5 11/14] virtio-crypto: emulate virtio crypto as a legacy device by default
2016-10-09 23:48 ` Michael S. Tsirkin
@ 2016-10-10 0:24 ` Gonglei (Arei)
0 siblings, 0 replies; 19+ messages in thread
From: Gonglei (Arei) @ 2016-10-10 0:24 UTC (permalink / raw)
To: Michael S. Tsirkin
Cc: qemu-devel, virtio-dev, Luonengjun, stefanha, pbonzini, berrange,
Huangweidong (C), Wubin (H),
mike.caraman, agraf, xin.zeng, Claudio Fontana, nmorey,
vincent.jardin, Zhoujian (jay, Euler), Hanweidong (Randy),
Huangpeng (Peter),
arei.gonglei
Hi Michael,
Happy to listen to your voice :)
> -----Original Message-----
> From: Michael S. Tsirkin [mailto:mst@redhat.com]
> Sent: Monday, October 10, 2016 7:48 AM
> Subject: Re: [PATCH v5 11/14] virtio-crypto: emulate virtio crypto as a legacy
> device by default
>
> On Thu, Oct 06, 2016 at 07:36:44PM +0800, Gonglei wrote:
> > the scenario of virtio crypto device is mostly NFV, which require
> > the existing Guest can't need to do any changes to support virtio
> > crypto, so that they can easily migrate the existing network units
> > to VM. That's also a basic requirement came from our customers
> > in production environment.
> >
> > For virtio crypto driver, we can both support virtio-1.0 or earlier. But
> > Virtio pci driver module can't discovery the virtio-1.0 devices in most
> > existing Guests. If we want do this, we have to require the customers
> > change the virtio pci module for existing guests influence all virtio
> > devices, which is impossible.
> >
> > So, let's emulate the virtio crypto device as a legacy virtio
> > device by default. Using 0x1014 as virtio crypto pci device ID
> > because virtio crypto ID is 20 (0x14).
> >
> > Signed-off-by: Gonglei <arei.gonglei@huawei.com>
>
> Sorry, I don't think this makes any sense.
>
> You certainly can have two drivers: one for legacy and one for modern
> devices.
Oh, This is indeed a solution.
> It only gets difficult if you try to support transitional
> devices.
>
> Pls drop this patch.
>
OK, then I have to temporarily drop the patch 12/14 as well because libqtest
doesn't support virtio-1.0 device yet.
Regards,
-Gonglei
> > ---
> > docs/specs/pci-ids.txt | 2 ++
> > hw/virtio/virtio-crypto-pci.c | 4 +++-
> > include/hw/pci/pci.h | 2 ++
> > 3 files changed, 7 insertions(+), 1 deletion(-)
> >
> > diff --git a/docs/specs/pci-ids.txt b/docs/specs/pci-ids.txt
> > index fd27c67..662d4f8 100644
> > --- a/docs/specs/pci-ids.txt
> > +++ b/docs/specs/pci-ids.txt
> > @@ -22,6 +22,7 @@ maintained as part of the virtio specification.
> > 1af4:1004 SCSI host bus adapter device (legacy)
> > 1af4:1005 entropy generator device (legacy)
> > 1af4:1009 9p filesystem device (legacy)
> > +1af4:1014 crypto device (legacy)
> >
> > 1af4:1041 network device (modern)
> > 1af4:1042 block device (modern)
> > @@ -32,6 +33,7 @@ maintained as part of the virtio specification.
> > 1af4:1049 9p filesystem device (modern)
> > 1af4:1050 virtio gpu device (modern)
> > 1af4:1052 virtio input device (modern)
> > +1af4:1054 crypto device (modern)
> >
> > 1af4:10f0 Available for experimental usage without registration. Must
> get
> > to official ID when the code leaves the test lab (i.e. when seeking
> > diff --git a/hw/virtio/virtio-crypto-pci.c b/hw/virtio/virtio-crypto-pci.c
> > index 21d9984..30c10f0 100644
> > --- a/hw/virtio/virtio-crypto-pci.c
> > +++ b/hw/virtio/virtio-crypto-pci.c
> > @@ -32,7 +32,6 @@ static void virtio_crypto_pci_realize(VirtIOPCIProxy
> *vpci_dev, Error **errp)
> > DeviceState *vdev = DEVICE(&vcrypto->vdev);
> >
> > qdev_set_parent_bus(vdev, BUS(&vpci_dev->bus));
> > - virtio_pci_force_virtio_1(vpci_dev);
> > object_property_set_bool(OBJECT(vdev), true, "realized", errp);
> > object_property_set_link(OBJECT(vcrypto),
> > OBJECT(vcrypto->vdev.conf.cryptodev), "cryptodev",
> > @@ -49,6 +48,9 @@ static void virtio_crypto_pci_class_init(ObjectClass
> *klass, void *data)
> > set_bit(DEVICE_CATEGORY_MISC, dc->categories);
> > dc->props = virtio_crypto_pci_properties;
> >
> > + pcidev_k->vendor_id = PCI_VENDOR_ID_REDHAT_QUMRANET;
> > + pcidev_k->device_id = PCI_DEVICE_ID_VIRTIO_CRYPTO;
> > + pcidev_k->revision = 0;
> > pcidev_k->class_id = PCI_CLASS_OTHERS;
> > }
> >
> > diff --git a/include/hw/pci/pci.h b/include/hw/pci/pci.h
> > index 772692f..5881101 100644
> > --- a/include/hw/pci/pci.h
> > +++ b/include/hw/pci/pci.h
> > @@ -83,6 +83,8 @@
> > #define PCI_DEVICE_ID_VIRTIO_RNG 0x1005
> > #define PCI_DEVICE_ID_VIRTIO_9P 0x1009
> > #define PCI_DEVICE_ID_VIRTIO_VSOCK 0x1012
> > +#define PCI_DEVICE_ID_VIRTIO_CRYPTO 0x1014
> > +
> >
> > #define PCI_VENDOR_ID_REDHAT 0x1b36
> > #define PCI_DEVICE_ID_REDHAT_BRIDGE 0x0001
> > --
> > 1.7.12.4
> >
^ permalink raw reply [flat|nested] 19+ messages in thread
end of thread, other threads:[~2016-10-10 0:25 UTC | newest]
Thread overview: 19+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-10-06 11:36 [Qemu-devel] [PATCH v5 00/14] virtio-crypto: introduce framework and device emulation Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 01/14] cryptodev: introduce cryptodev backend interface Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 02/14] cryptodev: add symmetric algorithm operation stuff Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 03/14] virtio-crypto: introduce virtio_crypto.h Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 04/14] cryptodev: introduce a new cryptodev backend Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 05/14] virtio-crypto: add virtio crypto device emulation Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 06/14] virtio-crypto-pci: add virtio crypto pci support Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 07/14] virtio-crypto: set capacity of algorithms supported Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 08/14] virtio-crypto: add control queue handler Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 09/14] virtio-crypto: add data queue processing handler Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 10/14] cryptodev: introduce an unified wrapper for crypto operation Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 11/14] virtio-crypto: emulate virtio crypto as a legacy device by default Gonglei
2016-10-09 23:48 ` Michael S. Tsirkin
2016-10-10 0:24 ` Gonglei (Arei)
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 12/14] virtio-crypto-test: add qtest case for virtio-crypto Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 13/14] virtio-crypto: add myself as virtio-crypto and cryptodev backends maintainer Gonglei
2016-10-06 11:36 ` [Qemu-devel] [PATCH v5 14/14] cryptodev: rename cryptodev stuff Gonglei
2016-10-06 19:47 ` Eric Blake
2016-10-08 1:30 ` Gonglei (Arei)
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.