Re: [Qemu-devel] [PATCH v9 00/12] virtio-crypto: introduce framework and device emulation

["Michael S. Tsirkin" <mst@redhat.com>]

Will do.
Meanwhile, could you please create and open the oasis tracker
in jira, so we can vote on it?


On Tue, Oct 25, 2016 at 11:20:35AM +0000, Gonglei (Arei) wrote:
> Hi Michael and Stefan,
> 
> Ping...
> 
> Would you please review and/or merge this feature for Qemu 2.8
> because the soft-freeze period draw near.
> 
> Thanks,
> -Gonglei
> 
> 
> > -----Original Message-----
> > From: Gonglei (Arei)
> > Sent: Thursday, October 20, 2016 7:46 PM
> > Subject: [PATCH v9 00/12] virtio-crypto: introduce framework and device
> > emulation
> > 
> > Hi,
> > 
> > The virtio crypto is a virtual crypto device as well as a kind
> > of virtual hardware accelerator for virtual machines. The
> > encryption and decryption requests are placed in the data
> > queue and handled by the real crypto accelerators finally.
> > The second queue is the control queue used to create or
> > destroy sessions for symmetric algorithms and control
> > some advanced features in the future. The virtio crypto
> > device provides the following crypto services: CIPHER,
> > MAC, HASH, AEAD etc.
> > 
> > TODO:
> >  - add vhost-user as a high performance cryptodev backend.
> >  - more crypto services support.
> >  - mirgration support.
> > 
> > Changes since v8:
> >  - fix a incorrect check condition in patch 9/12
> >  - add bh as the asynchronous handler for virtio-crypto's
> >    data virtqueue in patch 11/12  [Stefan]
> > 
> > Changes since v7:
> >  - handle endianess problems in input path [Stefan]
> >  - fix two possiable memory leak  [Stefan]
> >  - use the iov_*() functions on in_iov/in_num instead of directly accessing the
> > iovecs
> >  - handle possible integer overflow [Stefan]
> >  - fix a typo  [Stefan]
> >  - define struct virtio_crypto_inhdr in virtio_crypto.h [Stefan]
> >  - use uint8_t instead of uint32_t for status in struct virtio_crypto_inhdr
> >  - remove unused field in VirtIOCryptoConf. [Stefan]
> >  - squash the VIRTIO_CRYPTO_OK changes into the patches that introduced
> > the old code. [Stefan]
> >  - squash the previous patch 12 to patch 3 and patch 9 so that we can import
> > the final version of
> >    external header file from Linux. [Stefan]
> > 
> > Changes since v6:
> >  - add copyright and license for virtio_crypto.h [Eric]
> >  - add/remove (bracket pair for macro definition in virtio_crypto.h  [Eric]
> >  - add missing dc->vmsd and fix a typo in patch 5
> >  - fix a checkpatch.pl complaint
> >  - rebase on the QEMU master branch
> > 
> > Changes since v5:
> >  - rebase the patch 14 in v5, using the correct at the beginning of whole patch
> > series. [Eric]
> >  - perfect algorithm chain support in patch 12.
> >  - more friendly error handler in both controlq and dataq.
> >  - drop patch "virtio-crypto: emulate virtio crypto as a legacy device by default"
> > because
> >   we shouldn't support transitional virtio devices any more. [Michael]
> >  - drop patch "virtio-crypto-test: add qtest case for virtio-crypto" because
> >   libqtest doesn't support virtio-1.0 device yet.
> >  - rebase the patch set based on Michael's pull request:
> >     [PULL 00/33] virtio, pc: fixes and features
> > 
> > Changes since v4: (Thanks to Stefan)
> >  - drop scatter-gather I/O identification in virtio crypto spec and corresponding
> > code [Stefan]
> >  - remove qcrypto perfix for cryptdov stuff [Stefan]
> >  - use virtio_error() in virtio-crypto device's functions. [Stefan]
> >  - fix endianness handling. [Stefan]
> >  - use VMSTATE_VIRTIO_DEVICE() instead of calling register_savevm().
> > [Stefan]
> >  - redefine DPRINTF in virtio-crypto.h [Stefan]
> >  - fix some typos [Stefan]
> >  - fix other farraginous problems suggested by Stefan.
> > 
> > Changes since v3:
> >  - rename cryptodev-gcrypt to cryptodev-buitlin. [Daniel]
> >  - move cryptodev stuff from crypto/ directory to backends/ directory
> >    in order to keep the crypto subsystem influence by syetem
> >    emulators. [Daniel]
> >  - emulate virtio-crypto device as a legacy device by default in patch 11
> >  - introduce virtio-crypto qtest case in patch 12
> >  - add myself as cryptdoev backends mainatainer and vitio-crypto
> >    co-maintainer in patch 13
> >  - add CRT support for cryptodev-builtin, it based on my previous crypto
> >    patch serial queued by Daniel.
> >    https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg06607.html
> >  - add queue_index for qcrypto_cryptodev_backend_sym_close_session()
> > 
> > Changes since v2:
> >  According to Daniel's comments:
> >  - drop cryptodev kernel module as a cryptodev backend
> >  - rename crypto stuff to cryptodev stuff
> >  - change some files' license to GPLv2+
> >  - remove cryptodev command line instead of QOM to define the cryptodev
> > backend
> >  - rename all functions and structures in crypto sub-directory.
> >  - add full inline documentation for cryptodev.h
> >  And:
> >  - drop crypto-queue.c [Paolo]
> >  - merge some patches
> > 
> > Great thanks to Daniel and Paolo. Please review again, thanks!
> > 
> > Changes since v1:
> >  - rmmove mixed endian-ness handler for virtio-crypto device, just
> >    use little-endian. [mst]
> >  - add sg list support according virtio-crypto spec v10 (will be posted soon).
> >  - fix a memory leak in session handler.
> >  - add a feature page link in qemu.org
> > (http://qemu-project.org/Features/VirtioCrypto)
> >  - fix some trivial problems, sush as 's/Since 2.7/Since 2.8/g' in
> > qapi-schema.json
> >  - rebase the latest qemu master tree.
> > 
> > 
> > This patch series realize the framework and emulation of a new
> > virtio crypto device, which is similar with virtio net device.
> > 
> >  - I introduce the cryptodev backend as the client of virtio crypto device
> >    which can be realized by different methods, such as
> > cryptodev-backend-gcrypt in my series,
> >    vhost-crypto kernel module, vhost-user etc.
> >  - The patch set abides by the virtio crypto speccification.
> >  - The virtio crypto support symmetric algorithms (including CIPHER and
> > algorithm chainning)
> >    at present, except HASH, MAC and AEAD services.
> >  - unsupport hot plug/unplug cryptodev backend at this moment.
> > 
> > Firstly build QEMU with libgcrypt cryptography support.
> > 
> > QEMU can then be started using the following parameters:
> > 
> > qemu-system-x86_64 \
> >     [...] \
> >         -object cryptodev-backend-builtin,id=cryptodev0 \
> >         -device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0 \
> >     [...]
> > 
> > The front-end linux kernel driver (Experimental at present) is publicly accessible
> > from:
> > 
> >    https://github.com/gongleiarei/virtio-crypto-linux-driver.git
> > 
> > After insmod virtio-crypto.ko, you can use cryptodev-linux test the crypto
> > function
> > in the guest. For example:
> > 
> > linux-guest:/home/gonglei/cryptodev-linux/tests # ./cipher -
> > requested cipher CRYPTO_AES_CBC, got cbc(aes) with driver
> > virtio_crypto_aes_cbc
> > AES Test passed
> > requested cipher CRYPTO_AES_CBC, got cbc(aes) with driver
> > virtio_crypto_aes_cbc
> > requested cipher CRYPTO_AES_CBC, got cbc(aes) with driver
> > virtio_crypto_aes_cbc
> > Test passed
> > 
> > QEMU code also can be accessible from:
> > 
> >  https://github.com/gongleiarei/qemu.git
> > 
> >  branch virtio-crypto
> > 
> > For more information, please see:
> >  http://qemu-project.org/Features/VirtioCrypto
> > 
> > 
> > Gonglei (12):
> >   cryptodev: introduce cryptodev backend interface
> >   cryptodev: add symmetric algorithm operation stuff
> >   virtio-crypto: introduce virtio_crypto.h
> >   cryptodev: introduce a new cryptodev backend
> >   virtio-crypto: add virtio crypto device emulation
> >   virtio-crypto-pci: add virtio crypto pci support
> >   virtio-crypto: set capacity of algorithms supported
> >   virtio-crypto: add control queue handler
> >   virtio-crypto: add data queue processing handler
> >   cryptodev: introduce an unified wrapper for crypto operation
> >   virtio-crypto: using bh to handle dataq's requests
> >   virtio-crypto: add myself as virtio-crypto and cryptodev backends
> >     maintainer
> > 
> >  MAINTAINERS                                    |  13 +
> >  backends/Makefile.objs                         |   3 +
> >  backends/cryptodev-builtin.c                   | 351 ++++++++++
> >  backends/cryptodev.c                           | 245 +++++++
> >  hw/virtio/Makefile.objs                        |   2 +
> >  hw/virtio/virtio-crypto-pci.c                  |  77 +++
> >  hw/virtio/virtio-crypto.c                      | 884
> > +++++++++++++++++++++++++
> >  hw/virtio/virtio-pci.h                         |  15 +
> >  include/hw/virtio/virtio-crypto.h              |  94 +++
> >  include/standard-headers/linux/virtio_crypto.h | 420 ++++++++++++
> >  include/standard-headers/linux/virtio_ids.h    |   2 +-
> >  include/sysemu/cryptodev.h                     | 295 +++++++++
> >  qemu-options.hx                                |  18 +
> >  13 files changed, 2418 insertions(+), 1 deletion(-)
> >  create mode 100644 backends/cryptodev-builtin.c
> >  create mode 100644 backends/cryptodev.c
> >  create mode 100644 hw/virtio/virtio-crypto-pci.c
> >  create mode 100644 hw/virtio/virtio-crypto.c
> >  create mode 100644 include/hw/virtio/virtio-crypto.h
> >  create mode 100644 include/standard-headers/linux/virtio_crypto.h
> >  create mode 100644 include/sysemu/cryptodev.h
> > 
> > --
> > 1.8.3.1
> >