1 /* SPDX-License-Identifier: BSD-3-Clause 2 * Copyright(c) 2015-2017 Intel Corporation. 3 */ 4 5 #ifndef _RTE_CRYPTODEV_H_ 6 #define _RTE_CRYPTODEV_H_ 7 8 /** 9 * @file rte_cryptodev.h 10 * 11 * RTE Cryptographic Device APIs 12 * 13 * Defines RTE Crypto Device APIs for the provisioning of cipher and 14 * authentication operations. 15 */ 16 17 #ifdef __cplusplus 18 extern "C" { 19 #endif 20 21 #include "rte_kvargs.h" 22 #include "rte_crypto.h" 23 #include "rte_dev.h" 24 #include <rte_common.h> 25 #include <rte_config.h> 26 27 extern const char **rte_cyptodev_names; 28 29 /* Logging Macros */ 30 31 #define CDEV_LOG_ERR(...) \ 32 RTE_LOG(ERR, CRYPTODEV, \ 33 RTE_FMT("%s() line %u: " RTE_FMT_HEAD(__VA_ARGS__,) "\n", \ 34 __func__, __LINE__, RTE_FMT_TAIL(__VA_ARGS__,))) 35 36 #define CDEV_LOG_INFO(...) \ 37 RTE_LOG(INFO, CRYPTODEV, \ 38 RTE_FMT(RTE_FMT_HEAD(__VA_ARGS__,) "\n", \ 39 RTE_FMT_TAIL(__VA_ARGS__,))) 40 41 #define CDEV_LOG_DEBUG(...) \ 42 RTE_LOG(DEBUG, CRYPTODEV, \ 43 RTE_FMT("%s() line %u: " RTE_FMT_HEAD(__VA_ARGS__,) "\n", \ 44 __func__, __LINE__, RTE_FMT_TAIL(__VA_ARGS__,))) 45 46 #define CDEV_PMD_TRACE(...) \ 47 RTE_LOG(DEBUG, CRYPTODEV, \ 48 RTE_FMT("[%s] %s: " RTE_FMT_HEAD(__VA_ARGS__,) "\n", \ 49 dev, __func__, RTE_FMT_TAIL(__VA_ARGS__,))) 50 51 /** 52 * A macro that points to an offset from the start 53 * of the crypto operation structure (rte_crypto_op) 54 * 55 * The returned pointer is cast to type t. 56 * 57 * @param c 58 * The crypto operation. 59 * @param o 60 * The offset from the start of the crypto operation. 61 * @param t 62 * The type to cast the result into. 63 */ 64 #define rte_crypto_op_ctod_offset(c, t, o) \ 65 ((t)((char *)(c) + (o))) 66 67 /** 68 * A macro that returns the physical address that points 69 * to an offset from the start of the crypto operation 70 * (rte_crypto_op) 71 * 72 * @param c 73 * The crypto operation. 74 * @param o 75 * The offset from the start of the crypto operation 76 * to calculate address from. 77 */ 78 #define rte_crypto_op_ctophys_offset(c, o) \ 79 (rte_iova_t)((c)->phys_addr + (o)) 80 81 /** 82 * Crypto parameters range description 83 */ 84 struct rte_crypto_param_range { 85 uint16_t min; /**< minimum size */ 86 uint16_t max; /**< maximum size */ 87 uint16_t increment; 88 /**< if a range of sizes are supported, 89 * this parameter is used to indicate 90 * increments in byte size that are supported 91 * between the minimum and maximum 92 */ 93 }; 94 95 /** 96 * Symmetric Crypto Capability 97 */ 98 struct rte_cryptodev_symmetric_capability { 99 enum rte_crypto_sym_xform_type xform_type; 100 /**< Transform type : Authentication / Cipher / AEAD */ 101 RTE_STD_C11 102 union { 103 struct { 104 enum rte_crypto_auth_algorithm algo; 105 /**< authentication algorithm */ 106 uint16_t block_size; 107 /**< algorithm block size */ 108 struct rte_crypto_param_range key_size; 109 /**< auth key size range */ 110 struct rte_crypto_param_range digest_size; 111 /**< digest size range */ 112 struct rte_crypto_param_range aad_size; 113 /**< Additional authentication data size range */ 114 struct rte_crypto_param_range iv_size; 115 /**< Initialisation vector data size range */ 116 } auth; 117 /**< Symmetric Authentication transform capabilities */ 118 struct { 119 enum rte_crypto_cipher_algorithm algo; 120 /**< cipher algorithm */ 121 uint16_t block_size; 122 /**< algorithm block size */ 123 struct rte_crypto_param_range key_size; 124 /**< cipher key size range */ 125 struct rte_crypto_param_range iv_size; 126 /**< Initialisation vector data size range */ 127 } cipher; 128 /**< Symmetric Cipher transform capabilities */ 129 struct { 130 enum rte_crypto_aead_algorithm algo; 131 /**< AEAD algorithm */ 132 uint16_t block_size; 133 /**< algorithm block size */ 134 struct rte_crypto_param_range key_size; 135 /**< AEAD key size range */ 136 struct rte_crypto_param_range digest_size; 137 /**< digest size range */ 138 struct rte_crypto_param_range aad_size; 139 /**< Additional authentication data size range */ 140 struct rte_crypto_param_range iv_size; 141 /**< Initialisation vector data size range */ 142 } aead; 143 }; 144 }; 145 146 /** 147 * Asymmetric Xform Crypto Capability 148 * 149 */ 150 struct rte_cryptodev_asymmetric_xform_capability { 151 enum rte_crypto_asym_xform_type xform_type; 152 /**< Transform type: RSA/MODEXP/DH/DSA/MODINV */ 153 154 uint32_t op_types; 155 /**< bitmask for supported rte_crypto_asym_op_type */ 156 157 __extension__ 158 union { 159 struct rte_crypto_param_range modlen; 160 /**< Range of modulus length supported by modulus based xform. 161 * Value 0 mean implementation default 162 */ 163 }; 164 }; 165 166 /** 167 * Asymmetric Crypto Capability 168 * 169 */ 170 struct rte_cryptodev_asymmetric_capability { 171 struct rte_cryptodev_asymmetric_xform_capability xform_capa; 172 }; 173 174 175 /** Structure used to capture a capability of a crypto device */ 176 struct rte_cryptodev_capabilities { 177 enum rte_crypto_op_type op; 178 /**< Operation type */ 179 180 RTE_STD_C11 181 union { 182 struct rte_cryptodev_symmetric_capability sym; 183 /**< Symmetric operation capability parameters */ 184 struct rte_cryptodev_asymmetric_capability asym; 185 /**< Asymmetric operation capability parameters */ 186 }; 187 }; 188 189 /** Structure used to describe crypto algorithms */ 190 struct rte_cryptodev_sym_capability_idx { 191 enum rte_crypto_sym_xform_type type; 192 union { 193 enum rte_crypto_cipher_algorithm cipher; 194 enum rte_crypto_auth_algorithm auth; 195 enum rte_crypto_aead_algorithm aead; 196 } algo; 197 }; 198 199 /** 200 * Structure used to describe asymmetric crypto xforms 201 * Each xform maps to one asym algorithm. 202 * 203 */ 204 struct rte_cryptodev_asym_capability_idx { 205 enum rte_crypto_asym_xform_type type; 206 /**< Asymmetric xform (algo) type */ 207 }; 208 209 /** 210 * Provide capabilities available for defined device and algorithm 211 * 212 * @param dev_id The identifier of the device. 213 * @param idx Description of crypto algorithms. 214 * 215 * @return 216 * - Return description of the symmetric crypto capability if exist. 217 * - Return NULL if the capability not exist. 218 */ 219 const struct rte_cryptodev_symmetric_capability * 220 rte_cryptodev_sym_capability_get(uint8_t dev_id, 221 const struct rte_cryptodev_sym_capability_idx *idx); 222 223 /** 224 * Provide capabilities available for defined device and xform 225 * 226 * @param dev_id The identifier of the device. 227 * @param idx Description of asym crypto xform. 228 * 229 * @return 230 * - Return description of the asymmetric crypto capability if exist. 231 * - Return NULL if the capability not exist. 232 */ 233 __rte_experimental 234 const struct rte_cryptodev_asymmetric_xform_capability * 235 rte_cryptodev_asym_capability_get(uint8_t dev_id, 236 const struct rte_cryptodev_asym_capability_idx *idx); 237 238 /** 239 * Check if key size and initial vector are supported 240 * in crypto cipher capability 241 * 242 * @param capability Description of the symmetric crypto capability. 243 * @param key_size Cipher key size. 244 * @param iv_size Cipher initial vector size. 245 * 246 * @return 247 * - Return 0 if the parameters are in range of the capability. 248 * - Return -1 if the parameters are out of range of the capability. 249 */ 250 int 251 rte_cryptodev_sym_capability_check_cipher( 252 const struct rte_cryptodev_symmetric_capability *capability, 253 uint16_t key_size, uint16_t iv_size); 254 255 /** 256 * Check if key size and initial vector are supported 257 * in crypto auth capability 258 * 259 * @param capability Description of the symmetric crypto capability. 260 * @param key_size Auth key size. 261 * @param digest_size Auth digest size. 262 * @param iv_size Auth initial vector size. 263 * 264 * @return 265 * - Return 0 if the parameters are in range of the capability. 266 * - Return -1 if the parameters are out of range of the capability. 267 */ 268 int 269 rte_cryptodev_sym_capability_check_auth( 270 const struct rte_cryptodev_symmetric_capability *capability, 271 uint16_t key_size, uint16_t digest_size, uint16_t iv_size); 272 273 /** 274 * Check if key, digest, AAD and initial vector sizes are supported 275 * in crypto AEAD capability 276 * 277 * @param capability Description of the symmetric crypto capability. 278 * @param key_size AEAD key size. 279 * @param digest_size AEAD digest size. 280 * @param aad_size AEAD AAD size. 281 * @param iv_size AEAD IV size. 282 * 283 * @return 284 * - Return 0 if the parameters are in range of the capability. 285 * - Return -1 if the parameters are out of range of the capability. 286 */ 287 int 288 rte_cryptodev_sym_capability_check_aead( 289 const struct rte_cryptodev_symmetric_capability *capability, 290 uint16_t key_size, uint16_t digest_size, uint16_t aad_size, 291 uint16_t iv_size); 292 293 /** 294 * Check if op type is supported 295 * 296 * @param capability Description of the asymmetric crypto capability. 297 * @param op_type op type 298 * 299 * @return 300 * - Return 1 if the op type is supported 301 * - Return 0 if unsupported 302 */ 303 __rte_experimental 304 int 305 rte_cryptodev_asym_xform_capability_check_optype( 306 const struct rte_cryptodev_asymmetric_xform_capability *capability, 307 enum rte_crypto_asym_op_type op_type); 308 309 /** 310 * Check if modulus length is in supported range 311 * 312 * @param capability Description of the asymmetric crypto capability. 313 * @param modlen modulus length. 314 * 315 * @return 316 * - Return 0 if the parameters are in range of the capability. 317 * - Return -1 if the parameters are out of range of the capability. 318 */ 319 __rte_experimental 320 int 321 rte_cryptodev_asym_xform_capability_check_modlen( 322 const struct rte_cryptodev_asymmetric_xform_capability *capability, 323 uint16_t modlen); 324 325 /** 326 * Provide the cipher algorithm enum, given an algorithm string 327 * 328 * @param algo_enum A pointer to the cipher algorithm 329 * enum to be filled 330 * @param algo_string Authentication algo string 331 * 332 * @return 333 * - Return -1 if string is not valid 334 * - Return 0 is the string is valid 335 */ 336 int 337 rte_cryptodev_get_cipher_algo_enum(enum rte_crypto_cipher_algorithm *algo_enum, 338 const char *algo_string); 339 340 /** 341 * Provide the authentication algorithm enum, given an algorithm string 342 * 343 * @param algo_enum A pointer to the authentication algorithm 344 * enum to be filled 345 * @param algo_string Authentication algo string 346 * 347 * @return 348 * - Return -1 if string is not valid 349 * - Return 0 is the string is valid 350 */ 351 int 352 rte_cryptodev_get_auth_algo_enum(enum rte_crypto_auth_algorithm *algo_enum, 353 const char *algo_string); 354 355 /** 356 * Provide the AEAD algorithm enum, given an algorithm string 357 * 358 * @param algo_enum A pointer to the AEAD algorithm 359 * enum to be filled 360 * @param algo_string AEAD algorithm string 361 * 362 * @return 363 * - Return -1 if string is not valid 364 * - Return 0 is the string is valid 365 */ 366 int 367 rte_cryptodev_get_aead_algo_enum(enum rte_crypto_aead_algorithm *algo_enum, 368 const char *algo_string); 369 370 /** 371 * Provide the Asymmetric xform enum, given an xform string 372 * 373 * @param xform_enum A pointer to the xform type 374 * enum to be filled 375 * @param xform_string xform string 376 * 377 * @return 378 * - Return -1 if string is not valid 379 * - Return 0 if the string is valid 380 */ 381 __rte_experimental 382 int 383 rte_cryptodev_asym_get_xform_enum(enum rte_crypto_asym_xform_type *xform_enum, 384 const char *xform_string); 385 386 387 /** Macro used at end of crypto PMD list */ 388 #define RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() \ 389 { RTE_CRYPTO_OP_TYPE_UNDEFINED } 390 391 392 /** 393 * Crypto device supported feature flags 394 * 395 * Note: 396 * New features flags should be added to the end of the list 397 * 398 * Keep these flags synchronised with rte_cryptodev_get_feature_name() 399 */ 400 #define RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO (1ULL << 0) 401 /**< Symmetric crypto operations are supported */ 402 #define RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO (1ULL << 1) 403 /**< Asymmetric crypto operations are supported */ 404 #define RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING (1ULL << 2) 405 /**< Chaining symmetric crypto operations are supported */ 406 #define RTE_CRYPTODEV_FF_CPU_SSE (1ULL << 3) 407 /**< Utilises CPU SIMD SSE instructions */ 408 #define RTE_CRYPTODEV_FF_CPU_AVX (1ULL << 4) 409 /**< Utilises CPU SIMD AVX instructions */ 410 #define RTE_CRYPTODEV_FF_CPU_AVX2 (1ULL << 5) 411 /**< Utilises CPU SIMD AVX2 instructions */ 412 #define RTE_CRYPTODEV_FF_CPU_AESNI (1ULL << 6) 413 /**< Utilises CPU AES-NI instructions */ 414 #define RTE_CRYPTODEV_FF_HW_ACCELERATED (1ULL << 7) 415 /**< Operations are off-loaded to an 416 * external hardware accelerator 417 */ 418 #define RTE_CRYPTODEV_FF_CPU_AVX512 (1ULL << 8) 419 /**< Utilises CPU SIMD AVX512 instructions */ 420 #define RTE_CRYPTODEV_FF_IN_PLACE_SGL (1ULL << 9) 421 /**< In-place Scatter-gather (SGL) buffers, with multiple segments, 422 * are supported 423 */ 424 #define RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT (1ULL << 10) 425 /**< Out-of-place Scatter-gather (SGL) buffers are 426 * supported in input and output 427 */ 428 #define RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT (1ULL << 11) 429 /**< Out-of-place Scatter-gather (SGL) buffers are supported 430 * in input, combined with linear buffers (LB), with a 431 * single segment in output 432 */ 433 #define RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT (1ULL << 12) 434 /**< Out-of-place Scatter-gather (SGL) buffers are supported 435 * in output, combined with linear buffers (LB) in input 436 */ 437 #define RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT (1ULL << 13) 438 /**< Out-of-place linear buffers (LB) are supported in input and output */ 439 #define RTE_CRYPTODEV_FF_CPU_NEON (1ULL << 14) 440 /**< Utilises CPU NEON instructions */ 441 #define RTE_CRYPTODEV_FF_CPU_ARM_CE (1ULL << 15) 442 /**< Utilises ARM CPU Cryptographic Extensions */ 443 #define RTE_CRYPTODEV_FF_SECURITY (1ULL << 16) 444 /**< Support Security Protocol Processing */ 445 #define RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP (1ULL << 17) 446 /**< Support RSA Private Key OP with exponent */ 447 #define RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT (1ULL << 18) 448 /**< Support RSA Private Key OP with CRT (quintuple) Keys */ 449 #define RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED (1ULL << 19) 450 /**< Support encrypted-digest operations where digest is appended to data */ 451 #define RTE_CRYPTODEV_FF_ASYM_SESSIONLESS (1ULL << 20) 452 /**< Support asymmetric session-less operations */ 453 454 455 /** 456 * Get the name of a crypto device feature flag 457 * 458 * @param flag The mask describing the flag. 459 * 460 * @return 461 * The name of this flag, or NULL if it's not a valid feature flag. 462 */ 463 464 extern const char * 465 rte_cryptodev_get_feature_name(uint64_t flag); 466 467 /** Crypto device information */ 468 struct rte_cryptodev_info { 469 const char *driver_name; /**< Driver name. */ 470 uint8_t driver_id; /**< Driver identifier */ 471 struct rte_device *device; /**< Generic device information. */ 472 473 uint64_t feature_flags; 474 /**< Feature flags exposes HW/SW features for the given device */ 475 476 const struct rte_cryptodev_capabilities *capabilities; 477 /**< Array of devices supported capabilities */ 478 479 unsigned max_nb_queue_pairs; 480 /**< Maximum number of queues pairs supported by device. */ 481 482 uint16_t min_mbuf_headroom_req; 483 /**< Minimum mbuf headroom required by device */ 484 485 uint16_t min_mbuf_tailroom_req; 486 /**< Minimum mbuf tailroom required by device */ 487 488 struct { 489 unsigned max_nb_sessions; 490 /**< Maximum number of sessions supported by device. 491 * If 0, the device does not have any limitation in 492 * number of sessions that can be used. 493 */ 494 } sym; 495 }; 496 497 #define RTE_CRYPTODEV_DETACHED (0) 498 #define RTE_CRYPTODEV_ATTACHED (1) 499 500 /** Definitions of Crypto device event types */ 501 enum rte_cryptodev_event_type { 502 RTE_CRYPTODEV_EVENT_UNKNOWN, /**< unknown event type */ 503 RTE_CRYPTODEV_EVENT_ERROR, /**< error interrupt event */ 504 RTE_CRYPTODEV_EVENT_MAX /**< max value of this enum */ 505 }; 506 507 /** Crypto device queue pair configuration structure. */ 508 struct rte_cryptodev_qp_conf { 509 uint32_t nb_descriptors; /**< Number of descriptors per queue pair */ 510 struct rte_mempool *mp_session; 511 /**< The mempool for creating session in sessionless mode */ 512 struct rte_mempool *mp_session_private; 513 /**< The mempool for creating sess private data in sessionless mode */ 514 }; 515 516 /** 517 * Typedef for application callback function to be registered by application 518 * software for notification of device events 519 * 520 * @param dev_id Crypto device identifier 521 * @param event Crypto device event to register for notification of. 522 * @param cb_arg User specified parameter to be passed as to passed to 523 * users callback function. 524 */ 525 typedef void (*rte_cryptodev_cb_fn)(uint8_t dev_id, 526 enum rte_cryptodev_event_type event, void *cb_arg); 527 528 529 /** Crypto Device statistics */ 530 struct rte_cryptodev_stats { 531 uint64_t enqueued_count; 532 /**< Count of all operations enqueued */ 533 uint64_t dequeued_count; 534 /**< Count of all operations dequeued */ 535 536 uint64_t enqueue_err_count; 537 /**< Total error count on operations enqueued */ 538 uint64_t dequeue_err_count; 539 /**< Total error count on operations dequeued */ 540 }; 541 542 #define RTE_CRYPTODEV_NAME_MAX_LEN (64) 543 /**< Max length of name of crypto PMD */ 544 545 /** 546 * Get the device identifier for the named crypto device. 547 * 548 * @param name device name to select the device structure. 549 * 550 * @return 551 * - Returns crypto device identifier on success. 552 * - Return -1 on failure to find named crypto device. 553 */ 554 extern int 555 rte_cryptodev_get_dev_id(const char *name); 556 557 /** 558 * Get the crypto device name given a device identifier. 559 * 560 * @param dev_id 561 * The identifier of the device 562 * 563 * @return 564 * - Returns crypto device name. 565 * - Returns NULL if crypto device is not present. 566 */ 567 extern const char * 568 rte_cryptodev_name_get(uint8_t dev_id); 569 570 /** 571 * Get the total number of crypto devices that have been successfully 572 * initialised. 573 * 574 * @return 575 * - The total number of usable crypto devices. 576 */ 577 extern uint8_t 578 rte_cryptodev_count(void); 579 580 /** 581 * Get number of crypto device defined type. 582 * 583 * @param driver_id driver identifier. 584 * 585 * @return 586 * Returns number of crypto device. 587 */ 588 extern uint8_t 589 rte_cryptodev_device_count_by_driver(uint8_t driver_id); 590 591 /** 592 * Get number and identifiers of attached crypto devices that 593 * use the same crypto driver. 594 * 595 * @param driver_name driver name. 596 * @param devices output devices identifiers. 597 * @param nb_devices maximal number of devices. 598 * 599 * @return 600 * Returns number of attached crypto device. 601 */ 602 uint8_t 603 rte_cryptodev_devices_get(const char *driver_name, uint8_t *devices, 604 uint8_t nb_devices); 605 /* 606 * Return the NUMA socket to which a device is connected 607 * 608 * @param dev_id 609 * The identifier of the device 610 * @return 611 * The NUMA socket id to which the device is connected or 612 * a default of zero if the socket could not be determined. 613 * -1 if returned is the dev_id value is out of range. 614 */ 615 extern int 616 rte_cryptodev_socket_id(uint8_t dev_id); 617 618 /** Crypto device configuration structure */ 619 struct rte_cryptodev_config { 620 int socket_id; /**< Socket to allocate resources on */ 621 uint16_t nb_queue_pairs; 622 /**< Number of queue pairs to configure on device */ 623 uint64_t ff_disable; 624 /**< Feature flags to be disabled. Only the following features are 625 * allowed to be disabled, 626 * - RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO 627 * - RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO 628 * - RTE_CRYTPODEV_FF_SECURITY 629 */ 630 }; 631 632 /** 633 * Configure a device. 634 * 635 * This function must be invoked first before any other function in the 636 * API. This function can also be re-invoked when a device is in the 637 * stopped state. 638 * 639 * @param dev_id The identifier of the device to configure. 640 * @param config The crypto device configuration structure. 641 * 642 * @return 643 * - 0: Success, device configured. 644 * - <0: Error code returned by the driver configuration function. 645 */ 646 extern int 647 rte_cryptodev_configure(uint8_t dev_id, struct rte_cryptodev_config *config); 648 649 /** 650 * Start an device. 651 * 652 * The device start step is the last one and consists of setting the configured 653 * offload features and in starting the transmit and the receive units of the 654 * device. 655 * On success, all basic functions exported by the API (link status, 656 * receive/transmit, and so on) can be invoked. 657 * 658 * @param dev_id 659 * The identifier of the device. 660 * @return 661 * - 0: Success, device started. 662 * - <0: Error code of the driver device start function. 663 */ 664 extern int 665 rte_cryptodev_start(uint8_t dev_id); 666 667 /** 668 * Stop an device. The device can be restarted with a call to 669 * rte_cryptodev_start() 670 * 671 * @param dev_id The identifier of the device. 672 */ 673 extern void 674 rte_cryptodev_stop(uint8_t dev_id); 675 676 /** 677 * Close an device. The device cannot be restarted! 678 * 679 * @param dev_id The identifier of the device. 680 * 681 * @return 682 * - 0 on successfully closing device 683 * - <0 on failure to close device 684 */ 685 extern int 686 rte_cryptodev_close(uint8_t dev_id); 687 688 /** 689 * Allocate and set up a receive queue pair for a device. 690 * 691 * 692 * @param dev_id The identifier of the device. 693 * @param queue_pair_id The index of the queue pairs to set up. The 694 * value must be in the range [0, nb_queue_pair 695 * - 1] previously supplied to 696 * rte_cryptodev_configure(). 697 * @param qp_conf The pointer to the configuration data to be 698 * used for the queue pair. 699 * @param socket_id The *socket_id* argument is the socket 700 * identifier in case of NUMA. The value can be 701 * *SOCKET_ID_ANY* if there is no NUMA constraint 702 * for the DMA memory allocated for the receive 703 * queue pair. 704 * 705 * @return 706 * - 0: Success, queue pair correctly set up. 707 * - <0: Queue pair configuration failed 708 */ 709 extern int 710 rte_cryptodev_queue_pair_setup(uint8_t dev_id, uint16_t queue_pair_id, 711 const struct rte_cryptodev_qp_conf *qp_conf, int socket_id); 712 713 /** 714 * Get the number of queue pairs on a specific crypto device 715 * 716 * @param dev_id Crypto device identifier. 717 * @return 718 * - The number of configured queue pairs. 719 */ 720 extern uint16_t 721 rte_cryptodev_queue_pair_count(uint8_t dev_id); 722 723 724 /** 725 * Retrieve the general I/O statistics of a device. 726 * 727 * @param dev_id The identifier of the device. 728 * @param stats A pointer to a structure of type 729 * *rte_cryptodev_stats* to be filled with the 730 * values of device counters. 731 * @return 732 * - Zero if successful. 733 * - Non-zero otherwise. 734 */ 735 extern int 736 rte_cryptodev_stats_get(uint8_t dev_id, struct rte_cryptodev_stats *stats); 737 738 /** 739 * Reset the general I/O statistics of a device. 740 * 741 * @param dev_id The identifier of the device. 742 */ 743 extern void 744 rte_cryptodev_stats_reset(uint8_t dev_id); 745 746 /** 747 * Retrieve the contextual information of a device. 748 * 749 * @param dev_id The identifier of the device. 750 * @param dev_info A pointer to a structure of type 751 * *rte_cryptodev_info* to be filled with the 752 * contextual information of the device. 753 * 754 * @note The capabilities field of dev_info is set to point to the first 755 * element of an array of struct rte_cryptodev_capabilities. The element after 756 * the last valid element has it's op field set to 757 * RTE_CRYPTO_OP_TYPE_UNDEFINED. 758 */ 759 extern void 760 rte_cryptodev_info_get(uint8_t dev_id, struct rte_cryptodev_info *dev_info); 761 762 763 /** 764 * Register a callback function for specific device id. 765 * 766 * @param dev_id Device id. 767 * @param event Event interested. 768 * @param cb_fn User supplied callback function to be called. 769 * @param cb_arg Pointer to the parameters for the registered 770 * callback. 771 * 772 * @return 773 * - On success, zero. 774 * - On failure, a negative value. 775 */ 776 extern int 777 rte_cryptodev_callback_register(uint8_t dev_id, 778 enum rte_cryptodev_event_type event, 779 rte_cryptodev_cb_fn cb_fn, void *cb_arg); 780 781 /** 782 * Unregister a callback function for specific device id. 783 * 784 * @param dev_id The device identifier. 785 * @param event Event interested. 786 * @param cb_fn User supplied callback function to be called. 787 * @param cb_arg Pointer to the parameters for the registered 788 * callback. 789 * 790 * @return 791 * - On success, zero. 792 * - On failure, a negative value. 793 */ 794 extern int 795 rte_cryptodev_callback_unregister(uint8_t dev_id, 796 enum rte_cryptodev_event_type event, 797 rte_cryptodev_cb_fn cb_fn, void *cb_arg); 798 799 800 typedef uint16_t (*dequeue_pkt_burst_t)(void *qp, 801 struct rte_crypto_op **ops, uint16_t nb_ops); 802 /**< Dequeue processed packets from queue pair of a device. */ 803 804 typedef uint16_t (*enqueue_pkt_burst_t)(void *qp, 805 struct rte_crypto_op **ops, uint16_t nb_ops); 806 /**< Enqueue packets for processing on queue pair of a device. */ 807 808 809 810 811 struct rte_cryptodev_callback; 812 813 /** Structure to keep track of registered callbacks */ 814 TAILQ_HEAD(rte_cryptodev_cb_list, rte_cryptodev_callback); 815 816 /** The data structure associated with each crypto device. */ 817 struct rte_cryptodev { 818 dequeue_pkt_burst_t dequeue_burst; 819 /**< Pointer to PMD receive function. */ 820 enqueue_pkt_burst_t enqueue_burst; 821 /**< Pointer to PMD transmit function. */ 822 823 struct rte_cryptodev_data *data; 824 /**< Pointer to device data */ 825 struct rte_cryptodev_ops *dev_ops; 826 /**< Functions exported by PMD */ 827 uint64_t feature_flags; 828 /**< Feature flags exposes HW/SW features for the given device */ 829 struct rte_device *device; 830 /**< Backing device */ 831 832 uint8_t driver_id; 833 /**< Crypto driver identifier*/ 834 835 struct rte_cryptodev_cb_list link_intr_cbs; 836 /**< User application callback for interrupts if present */ 837 838 void *security_ctx; 839 /**< Context for security ops */ 840 841 __extension__ 842 uint8_t attached : 1; 843 /**< Flag indicating the device is attached */ 844 } __rte_cache_aligned; 845 846 void * 847 rte_cryptodev_get_sec_ctx(uint8_t dev_id); 848 849 /** 850 * 851 * The data part, with no function pointers, associated with each device. 852 * 853 * This structure is safe to place in shared memory to be common among 854 * different processes in a multi-process configuration. 855 */ 856 struct rte_cryptodev_data { 857 uint8_t dev_id; 858 /**< Device ID for this instance */ 859 uint8_t socket_id; 860 /**< Socket ID where memory is allocated */ 861 char name[RTE_CRYPTODEV_NAME_MAX_LEN]; 862 /**< Unique identifier name */ 863 864 __extension__ 865 uint8_t dev_started : 1; 866 /**< Device state: STARTED(1)/STOPPED(0) */ 867 868 struct rte_mempool *session_pool; 869 /**< Session memory pool */ 870 void **queue_pairs; 871 /**< Array of pointers to queue pairs. */ 872 uint16_t nb_queue_pairs; 873 /**< Number of device queue pairs. */ 874 875 void *dev_private; 876 /**< PMD-specific private data */ 877 } __rte_cache_aligned; 878 879 extern struct rte_cryptodev *rte_cryptodevs; 880 /** 881 * 882 * Dequeue a burst of processed crypto operations from a queue on the crypto 883 * device. The dequeued operation are stored in *rte_crypto_op* structures 884 * whose pointers are supplied in the *ops* array. 885 * 886 * The rte_cryptodev_dequeue_burst() function returns the number of ops 887 * actually dequeued, which is the number of *rte_crypto_op* data structures 888 * effectively supplied into the *ops* array. 889 * 890 * A return value equal to *nb_ops* indicates that the queue contained 891 * at least *nb_ops* operations, and this is likely to signify that other 892 * processed operations remain in the devices output queue. Applications 893 * implementing a "retrieve as many processed operations as possible" policy 894 * can check this specific case and keep invoking the 895 * rte_cryptodev_dequeue_burst() function until a value less than 896 * *nb_ops* is returned. 897 * 898 * The rte_cryptodev_dequeue_burst() function does not provide any error 899 * notification to avoid the corresponding overhead. 900 * 901 * @param dev_id The symmetric crypto device identifier 902 * @param qp_id The index of the queue pair from which to 903 * retrieve processed packets. The value must be 904 * in the range [0, nb_queue_pair - 1] previously 905 * supplied to rte_cryptodev_configure(). 906 * @param ops The address of an array of pointers to 907 * *rte_crypto_op* structures that must be 908 * large enough to store *nb_ops* pointers in it. 909 * @param nb_ops The maximum number of operations to dequeue. 910 * 911 * @return 912 * - The number of operations actually dequeued, which is the number 913 * of pointers to *rte_crypto_op* structures effectively supplied to the 914 * *ops* array. 915 */ 916 static inline uint16_t 917 rte_cryptodev_dequeue_burst(uint8_t dev_id, uint16_t qp_id, 918 struct rte_crypto_op **ops, uint16_t nb_ops) 919 { 920 struct rte_cryptodev *dev = &rte_cryptodevs[dev_id]; 921 922 nb_ops = (*dev->dequeue_burst) 923 (dev->data->queue_pairs[qp_id], ops, nb_ops); 924 925 return nb_ops; 926 } 927 928 /** 929 * Enqueue a burst of operations for processing on a crypto device. 930 * 931 * The rte_cryptodev_enqueue_burst() function is invoked to place 932 * crypto operations on the queue *qp_id* of the device designated by 933 * its *dev_id*. 934 * 935 * The *nb_ops* parameter is the number of operations to process which are 936 * supplied in the *ops* array of *rte_crypto_op* structures. 937 * 938 * The rte_cryptodev_enqueue_burst() function returns the number of 939 * operations it actually enqueued for processing. A return value equal to 940 * *nb_ops* means that all packets have been enqueued. 941 * 942 * @param dev_id The identifier of the device. 943 * @param qp_id The index of the queue pair which packets are 944 * to be enqueued for processing. The value 945 * must be in the range [0, nb_queue_pairs - 1] 946 * previously supplied to 947 * *rte_cryptodev_configure*. 948 * @param ops The address of an array of *nb_ops* pointers 949 * to *rte_crypto_op* structures which contain 950 * the crypto operations to be processed. 951 * @param nb_ops The number of operations to process. 952 * 953 * @return 954 * The number of operations actually enqueued on the crypto device. The return 955 * value can be less than the value of the *nb_ops* parameter when the 956 * crypto devices queue is full or if invalid parameters are specified in 957 * a *rte_crypto_op*. 958 */ 959 static inline uint16_t 960 rte_cryptodev_enqueue_burst(uint8_t dev_id, uint16_t qp_id, 961 struct rte_crypto_op **ops, uint16_t nb_ops) 962 { 963 struct rte_cryptodev *dev = &rte_cryptodevs[dev_id]; 964 965 return (*dev->enqueue_burst)( 966 dev->data->queue_pairs[qp_id], ops, nb_ops); 967 } 968 969 970 /** Cryptodev symmetric crypto session 971 * Each session is derived from a fixed xform chain. Therefore each session 972 * has a fixed algo, key, op-type, digest_len etc. 973 */ 974 struct rte_cryptodev_sym_session { 975 uint64_t opaque_data; 976 /**< Can be used for external metadata */ 977 uint16_t nb_drivers; 978 /**< number of elements in sess_data array */ 979 uint16_t user_data_sz; 980 /**< session user data will be placed after sess_data */ 981 __extension__ struct { 982 void *data; 983 uint16_t refcnt; 984 } sess_data[0]; 985 /**< Driver specific session material, variable size */ 986 }; 987 988 /** Cryptodev asymmetric crypto session */ 989 struct rte_cryptodev_asym_session { 990 __extension__ void *sess_private_data[0]; 991 /**< Private asymmetric session material */ 992 }; 993 994 /** 995 * Create a symmetric session mempool. 996 * 997 * @param name 998 * The unique mempool name. 999 * @param nb_elts 1000 * The number of elements in the mempool. 1001 * @param elt_size 1002 * The size of the element. This value will be ignored if it is smaller than 1003 * the minimum session header size required for the system. For the user who 1004 * want to use the same mempool for sym session and session private data it 1005 * can be the maximum value of all existing devices' private data and session 1006 * header sizes. 1007 * @param cache_size 1008 * The number of per-lcore cache elements 1009 * @param priv_size 1010 * The private data size of each session. 1011 * @param socket_id 1012 * The *socket_id* argument is the socket identifier in the case of 1013 * NUMA. The value can be *SOCKET_ID_ANY* if there is no NUMA 1014 * constraint for the reserved zone. 1015 * 1016 * @return 1017 * - On success return size of the session 1018 * - On failure returns 0 1019 */ 1020 __rte_experimental 1021 struct rte_mempool * 1022 rte_cryptodev_sym_session_pool_create(const char *name, uint32_t nb_elts, 1023 uint32_t elt_size, uint32_t cache_size, uint16_t priv_size, 1024 int socket_id); 1025 1026 /** 1027 * Create symmetric crypto session header (generic with no private data) 1028 * 1029 * @param mempool Symmetric session mempool to allocate session 1030 * objects from 1031 * @return 1032 * - On success return pointer to sym-session 1033 * - On failure returns NULL 1034 */ 1035 struct rte_cryptodev_sym_session * 1036 rte_cryptodev_sym_session_create(struct rte_mempool *mempool); 1037 1038 /** 1039 * Create asymmetric crypto session header (generic with no private data) 1040 * 1041 * @param mempool mempool to allocate asymmetric session 1042 * objects from 1043 * @return 1044 * - On success return pointer to asym-session 1045 * - On failure returns NULL 1046 */ 1047 __rte_experimental 1048 struct rte_cryptodev_asym_session * 1049 rte_cryptodev_asym_session_create(struct rte_mempool *mempool); 1050 1051 /** 1052 * Frees symmetric crypto session header, after checking that all 1053 * the device private data has been freed, returning it 1054 * to its original mempool. 1055 * 1056 * @param sess Session header to be freed. 1057 * 1058 * @return 1059 * - 0 if successful. 1060 * - -EINVAL if session is NULL. 1061 * - -EBUSY if not all device private data has been freed. 1062 */ 1063 int 1064 rte_cryptodev_sym_session_free(struct rte_cryptodev_sym_session *sess); 1065 1066 /** 1067 * Frees asymmetric crypto session header, after checking that all 1068 * the device private data has been freed, returning it 1069 * to its original mempool. 1070 * 1071 * @param sess Session header to be freed. 1072 * 1073 * @return 1074 * - 0 if successful. 1075 * - -EINVAL if session is NULL. 1076 * - -EBUSY if not all device private data has been freed. 1077 */ 1078 __rte_experimental 1079 int 1080 rte_cryptodev_asym_session_free(struct rte_cryptodev_asym_session *sess); 1081 1082 /** 1083 * Fill out private data for the device id, based on its device type. 1084 * 1085 * @param dev_id ID of device that we want the session to be used on 1086 * @param sess Session where the private data will be attached to 1087 * @param xforms Symmetric crypto transform operations to apply on flow 1088 * processed with this session 1089 * @param mempool Mempool where the private data is allocated. 1090 * 1091 * @return 1092 * - On success, zero. 1093 * - -EINVAL if input parameters are invalid. 1094 * - -ENOTSUP if crypto device does not support the crypto transform or 1095 * does not support symmetric operations. 1096 * - -ENOMEM if the private session could not be allocated. 1097 */ 1098 int 1099 rte_cryptodev_sym_session_init(uint8_t dev_id, 1100 struct rte_cryptodev_sym_session *sess, 1101 struct rte_crypto_sym_xform *xforms, 1102 struct rte_mempool *mempool); 1103 1104 /** 1105 * Initialize asymmetric session on a device with specific asymmetric xform 1106 * 1107 * @param dev_id ID of device that we want the session to be used on 1108 * @param sess Session to be set up on a device 1109 * @param xforms Asymmetric crypto transform operations to apply on flow 1110 * processed with this session 1111 * @param mempool Mempool to be used for internal allocation. 1112 * 1113 * @return 1114 * - On success, zero. 1115 * - -EINVAL if input parameters are invalid. 1116 * - -ENOTSUP if crypto device does not support the crypto transform. 1117 * - -ENOMEM if the private session could not be allocated. 1118 */ 1119 __rte_experimental 1120 int 1121 rte_cryptodev_asym_session_init(uint8_t dev_id, 1122 struct rte_cryptodev_asym_session *sess, 1123 struct rte_crypto_asym_xform *xforms, 1124 struct rte_mempool *mempool); 1125 1126 /** 1127 * Frees private data for the device id, based on its device type, 1128 * returning it to its mempool. It is the application's responsibility 1129 * to ensure that private session data is not cleared while there are 1130 * still in-flight operations using it. 1131 * 1132 * @param dev_id ID of device that uses the session. 1133 * @param sess Session containing the reference to the private data 1134 * 1135 * @return 1136 * - 0 if successful. 1137 * - -EINVAL if device is invalid or session is NULL. 1138 * - -ENOTSUP if crypto device does not support symmetric operations. 1139 */ 1140 int 1141 rte_cryptodev_sym_session_clear(uint8_t dev_id, 1142 struct rte_cryptodev_sym_session *sess); 1143 1144 /** 1145 * Frees resources held by asymmetric session during rte_cryptodev_session_init 1146 * 1147 * @param dev_id ID of device that uses the asymmetric session. 1148 * @param sess Asymmetric session setup on device using 1149 * rte_cryptodev_session_init 1150 * @return 1151 * - 0 if successful. 1152 * - -EINVAL if device is invalid or session is NULL. 1153 */ 1154 __rte_experimental 1155 int 1156 rte_cryptodev_asym_session_clear(uint8_t dev_id, 1157 struct rte_cryptodev_asym_session *sess); 1158 1159 /** 1160 * Get the size of the header session, for all registered drivers excluding 1161 * the user data size. 1162 * 1163 * @return 1164 * Size of the symmetric header session. 1165 */ 1166 unsigned int 1167 rte_cryptodev_sym_get_header_session_size(void); 1168 1169 /** 1170 * Get the size of the header session from created session. 1171 * 1172 * @param sess 1173 * The sym cryptodev session pointer 1174 * 1175 * @return 1176 * - If sess is not NULL, return the size of the header session including 1177 * the private data size defined within sess. 1178 * - If sess is NULL, return 0. 1179 */ 1180 __rte_experimental 1181 unsigned int 1182 rte_cryptodev_sym_get_existing_header_session_size( 1183 struct rte_cryptodev_sym_session *sess); 1184 1185 /** 1186 * Get the size of the asymmetric session header, for all registered drivers. 1187 * 1188 * @return 1189 * Size of the asymmetric header session. 1190 */ 1191 __rte_experimental 1192 unsigned int 1193 rte_cryptodev_asym_get_header_session_size(void); 1194 1195 /** 1196 * Get the size of the private symmetric session data 1197 * for a device. 1198 * 1199 * @param dev_id The device identifier. 1200 * 1201 * @return 1202 * - Size of the private data, if successful 1203 * - 0 if device is invalid or does not have private 1204 * symmetric session 1205 */ 1206 unsigned int 1207 rte_cryptodev_sym_get_private_session_size(uint8_t dev_id); 1208 1209 /** 1210 * Get the size of the private data for asymmetric session 1211 * on device 1212 * 1213 * @param dev_id The device identifier. 1214 * 1215 * @return 1216 * - Size of the asymmetric private data, if successful 1217 * - 0 if device is invalid or does not have private session 1218 */ 1219 __rte_experimental 1220 unsigned int 1221 rte_cryptodev_asym_get_private_session_size(uint8_t dev_id); 1222 1223 /** 1224 * Provide driver identifier. 1225 * 1226 * @param name 1227 * The pointer to a driver name. 1228 * @return 1229 * The driver type identifier or -1 if no driver found 1230 */ 1231 int rte_cryptodev_driver_id_get(const char *name); 1232 1233 /** 1234 * Provide driver name. 1235 * 1236 * @param driver_id 1237 * The driver identifier. 1238 * @return 1239 * The driver name or null if no driver found 1240 */ 1241 const char *rte_cryptodev_driver_name_get(uint8_t driver_id); 1242 1243 /** 1244 * Store user data in a session. 1245 * 1246 * @param sess Session pointer allocated by 1247 * *rte_cryptodev_sym_session_create*. 1248 * @param data Pointer to the user data. 1249 * @param size Size of the user data. 1250 * 1251 * @return 1252 * - On success, zero. 1253 * - On failure, a negative value. 1254 */ 1255 __rte_experimental 1256 int 1257 rte_cryptodev_sym_session_set_user_data( 1258 struct rte_cryptodev_sym_session *sess, 1259 void *data, 1260 uint16_t size); 1261 1262 /** 1263 * Get user data stored in a session. 1264 * 1265 * @param sess Session pointer allocated by 1266 * *rte_cryptodev_sym_session_create*. 1267 * 1268 * @return 1269 * - On success return pointer to user data. 1270 * - On failure returns NULL. 1271 */ 1272 __rte_experimental 1273 void * 1274 rte_cryptodev_sym_session_get_user_data( 1275 struct rte_cryptodev_sym_session *sess); 1276 1277 #ifdef __cplusplus 1278 } 1279 #endif 1280 1281 #endif /* _RTE_CRYPTODEV_H_ */ 1282