* [Qemu-devel] [PATCH v2 0/4] cryptodev: add vhost support
@ 2017-12-30 8:52 Jay Zhou
2017-12-30 8:52 ` [Qemu-devel] [PATCH v2 1/4] cryptodev: add vhost-user as a new cryptodev backend Jay Zhou
` (3 more replies)
0 siblings, 4 replies; 7+ messages in thread
From: Jay Zhou @ 2017-12-30 8:52 UTC (permalink / raw)
To: qemu-devel
Cc: mst, pbonzini, weidong.huang, stefanha, jianjay.zhou, pasic,
longpeng2, xin.zeng, roy.fan.zhang, arei.gonglei
From: Gonglei <arei.gonglei@huawei.com>
I posted the RFC verion five months ago for DPDK
vhost-crypto implmention, and now it's time to send
the formal version. Because we need an user space scheme
for better performance.
The vhost user crypto server side patches had been
sent to DPDK community, pls see
[RFC PATCH 0/6] lib/librte_vhost: introduce new vhost_user crypto backend
support
http://dpdk.org/ml/archives/dev/2017-November/081048.html
You also can get virtio-crypto polling mode driver from:
[PATCH] virtio: add new driver for crypto devices
http://dpdk.org/ml/archives/dev/2017-November/081985.html
Gonglei (4):
cryptodev: add vhost-user as a new cryptodev backend
cryptodev: add vhost support
cryptodev-vhost-user: add crypto session handler
cryptodev-vhost-user: set the key length
backends/Makefile.objs | 4 +
backends/cryptodev-builtin.c | 1 +
backends/cryptodev-vhost-user.c | 381 ++++++++++++++++++++++++++++++++++
backends/cryptodev-vhost.c | 297 ++++++++++++++++++++++++++
docs/interop/vhost-user.txt | 19 ++
hw/virtio/Makefile.objs | 2 +-
hw/virtio/vhost-user.c | 89 ++++++++
hw/virtio/virtio-crypto.c | 70 +++++++
include/hw/virtio/vhost-backend.h | 8 +
include/hw/virtio/virtio-crypto.h | 1 +
include/sysemu/cryptodev-vhost-user.h | 47 +++++
include/sysemu/cryptodev-vhost.h | 154 ++++++++++++++
include/sysemu/cryptodev.h | 8 +
qemu-options.hx | 21 ++
vl.c | 4 +
15 files changed, 1105 insertions(+), 1 deletion(-)
create mode 100644 backends/cryptodev-vhost-user.c
create mode 100644 backends/cryptodev-vhost.c
create mode 100644 include/sysemu/cryptodev-vhost-user.h
create mode 100644 include/sysemu/cryptodev-vhost.h
--
1.8.3.1
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Qemu-devel] [PATCH v2 1/4] cryptodev: add vhost-user as a new cryptodev backend
2017-12-30 8:52 [Qemu-devel] [PATCH v2 0/4] cryptodev: add vhost support Jay Zhou
@ 2017-12-30 8:52 ` Jay Zhou
2017-12-30 8:52 ` [Qemu-devel] [PATCH v2 2/4] cryptodev: add vhost support Jay Zhou
` (2 subsequent siblings)
3 siblings, 0 replies; 7+ messages in thread
From: Jay Zhou @ 2017-12-30 8:52 UTC (permalink / raw)
To: qemu-devel
Cc: mst, pbonzini, weidong.huang, stefanha, jianjay.zhou, pasic,
longpeng2, xin.zeng, roy.fan.zhang, arei.gonglei
From: Gonglei <arei.gonglei@huawei.com>
Usage:
-chardev socket,id=charcrypto0,path=/path/to/your/socket
-object cryptodev-vhost-user,id=cryptodev0,chardev=charcrypto0
-device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
---
backends/Makefile.objs | 4 +
backends/cryptodev-vhost-user.c | 333 +++++++++++++++++++++++++++++++++++++++
backends/cryptodev-vhost.c | 73 +++++++++
include/sysemu/cryptodev-vhost.h | 154 ++++++++++++++++++
qemu-options.hx | 21 +++
vl.c | 4 +
6 files changed, 589 insertions(+)
create mode 100644 backends/cryptodev-vhost-user.c
create mode 100644 backends/cryptodev-vhost.c
create mode 100644 include/sysemu/cryptodev-vhost.h
diff --git a/backends/Makefile.objs b/backends/Makefile.objs
index 0400799..9e1fb76 100644
--- a/backends/Makefile.objs
+++ b/backends/Makefile.objs
@@ -8,3 +8,7 @@ common-obj-$(CONFIG_LINUX) += hostmem-file.o
common-obj-y += cryptodev.o
common-obj-y += cryptodev-builtin.o
+
+ifeq ($(CONFIG_VIRTIO),y)
+common-obj-$(CONFIG_LINUX) += cryptodev-vhost.o cryptodev-vhost-user.o
+endif
diff --git a/backends/cryptodev-vhost-user.c b/backends/cryptodev-vhost-user.c
new file mode 100644
index 0000000..4e63ece
--- /dev/null
+++ b/backends/cryptodev-vhost-user.c
@@ -0,0 +1,333 @@
+/*
+ * QEMU Cryptodev backend for QEMU cipher APIs
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "hw/boards.h"
+#include "qapi/error.h"
+#include "qapi/qmp/qerror.h"
+#include "qemu/error-report.h"
+#include "standard-headers/linux/virtio_crypto.h"
+#include "sysemu/cryptodev-vhost.h"
+#include "chardev/char-fe.h"
+
+
+/**
+ * @TYPE_CRYPTODEV_BACKEND_VHOST_USER:
+ * name of backend that uses vhost user server
+ */
+#define TYPE_CRYPTODEV_BACKEND_VHOST_USER "cryptodev-vhost-user"
+
+#define CRYPTODEV_BACKEND_VHOST_USER(obj) \
+ OBJECT_CHECK(CryptoDevBackendVhostUser, \
+ (obj), TYPE_CRYPTODEV_BACKEND_VHOST_USER)
+
+
+typedef struct CryptoDevBackendVhostUser {
+ CryptoDevBackend parent_obj;
+
+ CharBackend chr;
+ char *chr_name;
+ bool opened;
+ CryptoDevBackendVhost *vhost_crypto[MAX_CRYPTO_QUEUE_NUM];
+} CryptoDevBackendVhostUser;
+
+static int
+cryptodev_vhost_user_running(
+ CryptoDevBackendVhost *crypto)
+{
+ return crypto ? 1 : 0;
+}
+
+static void cryptodev_vhost_user_stop(int queues,
+ CryptoDevBackendVhostUser *s)
+{
+ size_t i;
+
+ for (i = 0; i < queues; i++) {
+ if (!cryptodev_vhost_user_running(s->vhost_crypto[i])) {
+ continue;
+ }
+
+ if (s->vhost_crypto) {
+ cryptodev_vhost_cleanup(s->vhost_crypto[i]);
+ s->vhost_crypto[i] = NULL;
+ }
+ }
+}
+
+static int
+cryptodev_vhost_user_start(int queues,
+ CryptoDevBackendVhostUser *s)
+{
+ CryptoDevBackendVhostOptions options;
+ CryptoDevBackend *b = CRYPTODEV_BACKEND(s);
+ int max_queues;
+ size_t i;
+
+ for (i = 0; i < queues; i++) {
+ if (cryptodev_vhost_user_running(s->vhost_crypto[i])) {
+ continue;
+ }
+
+ options.opaque = &s->chr;
+ options.backend_type = VHOST_BACKEND_TYPE_USER;
+ options.cc = b->conf.peers.ccs[i];
+ s->vhost_crypto[i] = cryptodev_vhost_init(&options);
+ if (!s->vhost_crypto[i]) {
+ error_report("failed to init vhost_crypto for queue %lu", i);
+ goto err;
+ }
+
+ if (i == 0) {
+ max_queues =
+ cryptodev_vhost_get_max_queues(s->vhost_crypto[i]);
+ if (queues > max_queues) {
+ error_report("you are asking more queues than supported: %d",
+ max_queues);
+ goto err;
+ }
+ }
+ }
+
+ return 0;
+
+err:
+ cryptodev_vhost_user_stop(i + 1, s);
+ return -1;
+}
+
+static Chardev *
+cryptodev_vhost_claim_chardev(CryptoDevBackendVhostUser *s,
+ Error **errp)
+{
+ Chardev *chr;
+
+ if (s->chr_name == NULL) {
+ error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
+ "chardev", "a valid character device");
+ return NULL;
+ }
+
+ chr = qemu_chr_find(s->chr_name);
+ if (chr == NULL) {
+ error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND,
+ "Device '%s' not found", s->chr_name);
+ return NULL;
+ }
+
+ return chr;
+}
+
+static void cryptodev_vhost_user_event(void *opaque, int event)
+{
+ CryptoDevBackendVhostUser *s = opaque;
+ CryptoDevBackend *b = CRYPTODEV_BACKEND(s);
+ Error *err = NULL;
+ int queues = b->conf.peers.queues;
+
+ assert(queues < MAX_CRYPTO_QUEUE_NUM);
+
+ switch (event) {
+ case CHR_EVENT_OPENED:
+ if (cryptodev_vhost_user_start(queues, s) < 0) {
+ exit(1);
+ }
+ b->ready = true;
+ break;
+ case CHR_EVENT_CLOSED:
+ b->ready = false;
+ cryptodev_vhost_user_stop(queues, s);
+ break;
+ }
+
+ if (err) {
+ error_report_err(err);
+ }
+}
+
+static void cryptodev_vhost_user_init(
+ CryptoDevBackend *backend, Error **errp)
+{
+ int queues = backend->conf.peers.queues;
+ size_t i;
+ Error *local_err = NULL;
+ Chardev *chr;
+ CryptoDevBackendClient *cc;
+ CryptoDevBackendVhostUser *s =
+ CRYPTODEV_BACKEND_VHOST_USER(backend);
+
+ chr = cryptodev_vhost_claim_chardev(s, &local_err);
+ if (local_err) {
+ error_propagate(errp, local_err);
+ return;
+ }
+
+ s->opened = true;
+
+ for (i = 0; i < queues; i++) {
+ cc = cryptodev_backend_new_client(
+ "cryptodev-vhost-user", NULL);
+ cc->info_str = g_strdup_printf("cryptodev-vhost-user%lu to %s ",
+ i, chr->label);
+ cc->queue_index = i;
+
+ backend->conf.peers.ccs[i] = cc;
+
+ if (i == 0) {
+ if (!qemu_chr_fe_init(&s->chr, chr, &local_err)) {
+ error_propagate(errp, local_err);
+ return;
+ }
+ }
+ }
+
+ qemu_chr_fe_set_handlers(&s->chr, NULL, NULL,
+ cryptodev_vhost_user_event, NULL, s, NULL, true);
+
+ backend->conf.crypto_services =
+ 1u << VIRTIO_CRYPTO_SERVICE_CIPHER |
+ 1u << VIRTIO_CRYPTO_SERVICE_HASH |
+ 1u << VIRTIO_CRYPTO_SERVICE_MAC;
+ backend->conf.cipher_algo_l = 1u << VIRTIO_CRYPTO_CIPHER_AES_CBC;
+ backend->conf.hash_algo = 1u << VIRTIO_CRYPTO_HASH_SHA1;
+}
+
+static int64_t cryptodev_vhost_user_sym_create_session(
+ CryptoDevBackend *backend,
+ CryptoDevBackendSymSessionInfo *sess_info,
+ uint32_t queue_index, Error **errp)
+{
+ return 0;
+}
+
+static int cryptodev_vhost_user_sym_close_session(
+ CryptoDevBackend *backend,
+ uint64_t session_id,
+ uint32_t queue_index, Error **errp)
+{
+ return 0;
+}
+
+static int cryptodev_vhost_user_sym_operation(
+ CryptoDevBackend *backend,
+ CryptoDevBackendSymOpInfo *op_info,
+ uint32_t queue_index, Error **errp)
+{
+ return VIRTIO_CRYPTO_OK;
+}
+
+static void cryptodev_vhost_user_cleanup(
+ CryptoDevBackend *backend,
+ Error **errp)
+{
+ CryptoDevBackendVhostUser *s =
+ CRYPTODEV_BACKEND_VHOST_USER(backend);
+ size_t i;
+ int queues = backend->conf.peers.queues;
+ CryptoDevBackendClient *cc;
+
+ cryptodev_vhost_user_stop(queues, s);
+
+ for (i = 0; i < queues; i++) {
+ cc = backend->conf.peers.ccs[i];
+ if (cc) {
+ cryptodev_backend_free_client(cc);
+ backend->conf.peers.ccs[i] = NULL;
+ }
+ }
+}
+
+static void cryptodev_vhost_user_set_chardev(Object *obj,
+ const char *value, Error **errp)
+{
+ CryptoDevBackendVhostUser *s =
+ CRYPTODEV_BACKEND_VHOST_USER(obj);
+
+ if (s->opened) {
+ error_setg(errp, QERR_PERMISSION_DENIED);
+ } else {
+ g_free(s->chr_name);
+ s->chr_name = g_strdup(value);
+ }
+}
+
+static char *
+cryptodev_vhost_user_get_chardev(Object *obj, Error **errp)
+{
+ CryptoDevBackendVhostUser *s =
+ CRYPTODEV_BACKEND_VHOST_USER(obj);
+ Chardev *chr = qemu_chr_fe_get_driver(&s->chr);
+
+ if (chr && chr->label) {
+ return g_strdup(chr->label);
+ }
+
+ return NULL;
+}
+
+static void cryptodev_vhost_user_instance_int(Object *obj)
+{
+ object_property_add_str(obj, "chardev",
+ cryptodev_vhost_user_get_chardev,
+ cryptodev_vhost_user_set_chardev,
+ NULL);
+}
+
+static void cryptodev_vhost_user_finalize(Object *obj)
+{
+ CryptoDevBackendVhostUser *s =
+ CRYPTODEV_BACKEND_VHOST_USER(obj);
+
+ qemu_chr_fe_deinit(&s->chr, false);
+
+ g_free(s->chr_name);
+}
+
+static void
+cryptodev_vhost_user_class_init(ObjectClass *oc, void *data)
+{
+ CryptoDevBackendClass *bc = CRYPTODEV_BACKEND_CLASS(oc);
+
+ bc->init = cryptodev_vhost_user_init;
+ bc->cleanup = cryptodev_vhost_user_cleanup;
+ bc->create_session = cryptodev_vhost_user_sym_create_session;
+ bc->close_session = cryptodev_vhost_user_sym_close_session;
+ bc->do_sym_op = cryptodev_vhost_user_sym_operation;
+}
+
+static const TypeInfo cryptodev_vhost_user_info = {
+ .name = TYPE_CRYPTODEV_BACKEND_VHOST_USER,
+ .parent = TYPE_CRYPTODEV_BACKEND,
+ .class_init = cryptodev_vhost_user_class_init,
+ .instance_init = cryptodev_vhost_user_instance_int,
+ .instance_finalize = cryptodev_vhost_user_finalize,
+ .instance_size = sizeof(CryptoDevBackendVhostUser),
+};
+
+static void
+cryptodev_vhost_user_register_types(void)
+{
+ type_register_static(&cryptodev_vhost_user_info);
+}
+
+type_init(cryptodev_vhost_user_register_types);
diff --git a/backends/cryptodev-vhost.c b/backends/cryptodev-vhost.c
new file mode 100644
index 0000000..2c7df3f
--- /dev/null
+++ b/backends/cryptodev-vhost.c
@@ -0,0 +1,73 @@
+/*
+ * QEMU Cryptodev backend for QEMU cipher APIs
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ * Jay Zhou <jianjay.zhou@huawei.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "qapi/qmp/qerror.h"
+#include "sysemu/cryptodev-vhost.h"
+
+
+uint64_t
+cryptodev_vhost_get_max_queues(
+ CryptoDevBackendVhost *crypto)
+{
+ return crypto->dev.max_queues;
+}
+
+void cryptodev_vhost_cleanup(CryptoDevBackendVhost *crypto)
+{
+ vhost_dev_cleanup(&crypto->dev);
+ g_free(crypto);
+}
+
+struct CryptoDevBackendVhost *
+cryptodev_vhost_init(
+ CryptoDevBackendVhostOptions *options)
+{
+ int r;
+ CryptoDevBackendVhost *crypto;
+
+ crypto = g_new(CryptoDevBackendVhost, 1);
+ crypto->dev.max_queues = 1;
+ crypto->dev.nvqs = 1;
+ crypto->dev.vqs = crypto->vqs;
+
+ crypto->cc = options->cc;
+
+ crypto->dev.protocol_features = 0;
+ crypto->backend = -1;
+
+ /* vhost-user needs vq_index to initiate a specific queue pair */
+ crypto->dev.vq_index = crypto->cc->queue_index * crypto->dev.nvqs;
+
+ r = vhost_dev_init(&crypto->dev, options->opaque, options->backend_type, 0);
+ if (r < 0) {
+ goto fail;
+ }
+
+ return crypto;
+fail:
+ g_free(crypto);
+ return NULL;
+}
diff --git a/include/sysemu/cryptodev-vhost.h b/include/sysemu/cryptodev-vhost.h
new file mode 100644
index 0000000..fb26b86
--- /dev/null
+++ b/include/sysemu/cryptodev-vhost.h
@@ -0,0 +1,154 @@
+/*
+ * QEMU Crypto Device Common Vhost Implement
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ * Jay Zhou <jianjay.zhou@huawei.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+#ifndef CRYPTODEV_VHOST_H
+#define CRYPTODEV_VHOST_H
+
+#include "qemu-common.h"
+#include "hw/virtio/vhost.h"
+#include "hw/virtio/vhost-backend.h"
+#include "chardev/char.h"
+
+#include "sysemu/cryptodev.h"
+
+
+typedef struct CryptoDevBackendVhostOptions {
+ VhostBackendType backend_type;
+ void *opaque;
+ int total_queues;
+ CryptoDevBackendClient *cc;
+} CryptoDevBackendVhostOptions;
+
+typedef struct CryptoDevBackendVhost {
+ struct vhost_dev dev;
+ struct vhost_virtqueue vqs[1];
+ int backend;
+ CryptoDevBackendClient *cc;
+} CryptoDevBackendVhost;
+
+/**
+ * cryptodev_vhost_get_max_queues:
+ * @crypto: the cryptodev backend common vhost object
+ *
+ * Get the maximum queue number of @crypto.
+ *
+ *
+ * Returns: the maximum queue number
+ */
+uint64_t
+cryptodev_vhost_get_max_queues(
+ CryptoDevBackendVhost *crypto);
+
+
+/**
+ * cryptodev_vhost_init:
+ * @options: the common vhost object's option
+ *
+ * Creates a new cryptodev backend common vhost object
+ *
+ ** The returned object must be released with
+ * cryptodev_vhost_cleanup() when no
+ * longer required
+ *
+ * Returns: the cryptodev backend common vhost object
+ */
+struct CryptoDevBackendVhost *
+cryptodev_vhost_init(
+ CryptoDevBackendVhostOptions *options);
+
+/**
+ * cryptodev_vhost_cleanup:
+ * @crypto: the cryptodev backend common vhost object
+ *
+ * Clean the resouce associated with @crypto that realizaed
+ * by cryptodev_vhost_init()
+ *
+ */
+void cryptodev_vhost_cleanup(
+ CryptoDevBackendVhost *crypto);
+
+/**
+ * cryptodev_get_vhost:
+ * @cc: the client object for each queue
+ * @b: the cryptodev backend common vhost object
+ * @queue: the cryptodev backend queue index
+ *
+ * Gets a new cryptodev backend common vhost object based on
+ * @b and @queue
+ *
+ * Returns: the cryptodev backend common vhost object
+ */
+CryptoDevBackendVhost *
+cryptodev_get_vhost(CryptoDevBackendClient *cc,
+ CryptoDevBackend *b,
+ uint16_t queue);
+/**
+ * cryptodev_vhost_start:
+ * @dev: the virtio crypto object
+ * @total_queues: the total count of queue
+ *
+ * Starts the vhost crypto logic
+ *
+ * Returns: 0 for success, negative for errors
+ */
+int cryptodev_vhost_start(VirtIODevice *dev, int total_queues);
+
+/**
+ * cryptodev_vhost_stop:
+ * @dev: the virtio crypto object
+ * @total_queues: the total count of queue
+ *
+ * Stops the vhost crypto logic
+ *
+ */
+void cryptodev_vhost_stop(VirtIODevice *dev, int total_queues);
+
+/**
+ * cryptodev_vhost_virtqueue_mask:
+ * @dev: the virtio crypto object
+ * @queue: the cryptodev backend queue index
+ * @idx: the virtqueue index
+ * @mask: mask or not (true or false)
+ *
+ * Mask/unmask events for @idx virtqueue on @dev device
+ *
+ */
+void cryptodev_vhost_virtqueue_mask(VirtIODevice *dev,
+ int queue,
+ int idx, bool mask);
+
+/**
+ * cryptodev_vhost_virtqueue_pending:
+ * @dev: the virtio crypto object
+ * @queue: the cryptodev backend queue index
+ * @idx: the virtqueue index
+ *
+ * Test and clear event pending status for @idx virtqueue on @dev device.
+ * Should be called after unmask to avoid losing events.
+ *
+ * Returns: true for success, false for errors
+ */
+bool cryptodev_vhost_virtqueue_pending(VirtIODevice *dev,
+ int queue, int idx);
+
+#endif /* CRYPTODEV_VHOST_H */
diff --git a/qemu-options.hx b/qemu-options.hx
index 3728e9b..3d6dadb 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -4387,6 +4387,27 @@ which specify the queue number of cryptodev backend, the default of
[...]
@end example
+@item -object cryptodev-vhost-user,id=@var{id},chardev=@var{chardevid}[,queues=@var{queues}]
+
+Creates a vhost-user cryptodev backend, backed by a chardev @var{chardevid}.
+The @var{id} parameter is a unique ID that will be used to reference this
+cryptodev backend from the @option{virtio-crypto} device.
+The chardev should be a unix domain socket backed one. The vhost-user uses
+a specifically defined protocol to pass vhost ioctl replacement messages
+to an application on the other end of the socket.
+The @var{queues} parameter is optional, which specify the queue number
+of cryptodev backend for multiqueue vhost-user, the default of @var{queues} is 1.
+
+@example
+
+ # qemu-system-x86_64 \
+ [...] \
+ -chardev socket,id=chardev0,path=/path/to/socket \
+ -object cryptodev-vhost-user,id=cryptodev0,chardev=chardev0 \
+ -device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0 \
+ [...]
+@end example
+
@item -object secret,id=@var{id},data=@var{string},format=@var{raw|base64}[,keyid=@var{secretid},iv=@var{string}]
@item -object secret,id=@var{id},file=@var{filename},format=@var{raw|base64}[,keyid=@var{secretid},iv=@var{string}]
diff --git a/vl.c b/vl.c
index 1ad1c04..3041e21 100644
--- a/vl.c
+++ b/vl.c
@@ -2912,6 +2912,10 @@ static bool object_create_initial(const char *type)
return false;
}
+ if (g_str_equal(type, "cryptodev-vhost-user")) {
+ return false;
+ }
+
/*
* return false for concrete netfilters since
* they depend on netdevs already existing
--
1.8.3.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [Qemu-devel] [PATCH v2 2/4] cryptodev: add vhost support
2017-12-30 8:52 [Qemu-devel] [PATCH v2 0/4] cryptodev: add vhost support Jay Zhou
2017-12-30 8:52 ` [Qemu-devel] [PATCH v2 1/4] cryptodev: add vhost-user as a new cryptodev backend Jay Zhou
@ 2017-12-30 8:52 ` Jay Zhou
2017-12-30 8:52 ` [Qemu-devel] [PATCH v2 3/4] cryptodev-vhost-user: add crypto session handler Jay Zhou
2017-12-30 8:52 ` [Qemu-devel] [PATCH v2 4/4] cryptodev-vhost-user: set the key length Jay Zhou
3 siblings, 0 replies; 7+ messages in thread
From: Jay Zhou @ 2017-12-30 8:52 UTC (permalink / raw)
To: qemu-devel
Cc: mst, pbonzini, weidong.huang, stefanha, jianjay.zhou, pasic,
longpeng2, xin.zeng, roy.fan.zhang, arei.gonglei
From: Gonglei <arei.gonglei@huawei.com>
Impliment the vhost-crypto's funtions, such as startup,
stop and notification etc. Introduce an enum
QCryptoCryptoDevBackendOptionsType in order to
identify the cryptodev vhost backend is vhost-user
or vhost-kernel-module (If exist).
At this point, the cryptdoev-vhost-user works.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
---
backends/cryptodev-builtin.c | 1 +
backends/cryptodev-vhost-user.c | 16 +++
backends/cryptodev-vhost.c | 224 ++++++++++++++++++++++++++++++++++
hw/virtio/Makefile.objs | 2 +-
hw/virtio/virtio-crypto.c | 70 +++++++++++
include/hw/virtio/virtio-crypto.h | 1 +
include/sysemu/cryptodev-vhost-user.h | 44 +++++++
include/sysemu/cryptodev.h | 8 ++
8 files changed, 365 insertions(+), 1 deletion(-)
create mode 100644 include/sysemu/cryptodev-vhost-user.h
diff --git a/backends/cryptodev-builtin.c b/backends/cryptodev-builtin.c
index 657c0ba..9fb0bd5 100644
--- a/backends/cryptodev-builtin.c
+++ b/backends/cryptodev-builtin.c
@@ -78,6 +78,7 @@ static void cryptodev_builtin_init(
"cryptodev-builtin", NULL);
cc->info_str = g_strdup_printf("cryptodev-builtin0");
cc->queue_index = 0;
+ cc->type = CRYPTODEV_BACKEND_TYPE_BUILTIN;
backend->conf.peers.ccs[0] = cc;
backend->conf.crypto_services =
diff --git a/backends/cryptodev-vhost-user.c b/backends/cryptodev-vhost-user.c
index 4e63ece..0b1f049 100644
--- a/backends/cryptodev-vhost-user.c
+++ b/backends/cryptodev-vhost-user.c
@@ -29,6 +29,7 @@
#include "standard-headers/linux/virtio_crypto.h"
#include "sysemu/cryptodev-vhost.h"
#include "chardev/char-fe.h"
+#include "sysemu/cryptodev-vhost-user.h"
/**
@@ -58,6 +59,20 @@ cryptodev_vhost_user_running(
return crypto ? 1 : 0;
}
+CryptoDevBackendVhost *
+cryptodev_vhost_user_get_vhost(
+ CryptoDevBackendClient *cc,
+ CryptoDevBackend *b,
+ uint16_t queue)
+{
+ CryptoDevBackendVhostUser *s =
+ CRYPTODEV_BACKEND_VHOST_USER(b);
+ assert(cc->type == CRYPTODEV_BACKEND_TYPE_VHOST_USER);
+ assert(queue < MAX_CRYPTO_QUEUE_NUM);
+
+ return s->vhost_crypto[queue];
+}
+
static void cryptodev_vhost_user_stop(int queues,
CryptoDevBackendVhostUser *s)
{
@@ -190,6 +205,7 @@ static void cryptodev_vhost_user_init(
cc->info_str = g_strdup_printf("cryptodev-vhost-user%lu to %s ",
i, chr->label);
cc->queue_index = i;
+ cc->type = CRYPTODEV_BACKEND_TYPE_VHOST_USER;
backend->conf.peers.ccs[i] = cc;
diff --git a/backends/cryptodev-vhost.c b/backends/cryptodev-vhost.c
index 2c7df3f..830fb53 100644
--- a/backends/cryptodev-vhost.c
+++ b/backends/cryptodev-vhost.c
@@ -25,7 +25,11 @@
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "qapi/qmp/qerror.h"
+#include "qemu/error-report.h"
#include "sysemu/cryptodev-vhost.h"
+#include "hw/virtio/virtio-crypto.h"
+#include "hw/virtio/virtio-bus.h"
+#include "sysemu/cryptodev-vhost-user.h"
uint64_t
@@ -71,3 +75,223 @@ fail:
g_free(crypto);
return NULL;
}
+
+static int
+cryptodev_vhost_start_one(CryptoDevBackendVhost *crypto,
+ VirtIODevice *dev)
+{
+ int r;
+
+ crypto->dev.nvqs = 1;
+ crypto->dev.vqs = crypto->vqs;
+
+ r = vhost_dev_enable_notifiers(&crypto->dev, dev);
+ if (r < 0) {
+ goto fail_notifiers;
+ }
+
+ r = vhost_dev_start(&crypto->dev, dev);
+ if (r < 0) {
+ goto fail_start;
+ }
+
+ return 0;
+
+fail_start:
+ vhost_dev_disable_notifiers(&crypto->dev, dev);
+fail_notifiers:
+ return r;
+}
+
+static void
+cryptodev_vhost_stop_one(CryptoDevBackendVhost *crypto,
+ VirtIODevice *dev)
+{
+ vhost_dev_stop(&crypto->dev, dev);
+ vhost_dev_disable_notifiers(&crypto->dev, dev);
+}
+
+CryptoDevBackendVhost *
+cryptodev_get_vhost(CryptoDevBackendClient *cc,
+ CryptoDevBackend *b,
+ uint16_t queue)
+{
+ CryptoDevBackendVhost *vhost_crypto = NULL;
+
+ if (!cc) {
+ return NULL;
+ }
+
+ switch (cc->type) {
+ case CRYPTODEV_BACKEND_TYPE_VHOST_USER:
+ vhost_crypto = cryptodev_vhost_user_get_vhost(cc, b, queue);
+ break;
+ default:
+ break;
+ }
+
+ return vhost_crypto;
+}
+
+static void
+cryptodev_vhost_set_vq_index(CryptoDevBackendVhost *crypto,
+ int vq_index)
+{
+ crypto->dev.vq_index = vq_index;
+}
+
+static int
+vhost_set_vring_enable(CryptoDevBackendClient *cc,
+ CryptoDevBackend *b,
+ uint16_t queue, int enable)
+{
+ CryptoDevBackendVhost *crypto =
+ cryptodev_get_vhost(cc, b, queue);
+ const VhostOps *vhost_ops;
+
+ cc->vring_enable = enable;
+
+ if (!crypto) {
+ return 0;
+ }
+
+ vhost_ops = crypto->dev.vhost_ops;
+ if (vhost_ops->vhost_set_vring_enable) {
+ return vhost_ops->vhost_set_vring_enable(&crypto->dev, enable);
+ }
+
+ return 0;
+}
+
+int cryptodev_vhost_start(VirtIODevice *dev, int total_queues)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(dev);
+ BusState *qbus = BUS(qdev_get_parent_bus(DEVICE(dev)));
+ VirtioBusState *vbus = VIRTIO_BUS(qbus);
+ VirtioBusClass *k = VIRTIO_BUS_GET_CLASS(vbus);
+ int r, e;
+ int i;
+ CryptoDevBackend *b = vcrypto->cryptodev;
+ CryptoDevBackendVhost *vhost_crypto;
+ CryptoDevBackendClient *cc;
+
+ if (!k->set_guest_notifiers) {
+ error_report("binding does not support guest notifiers");
+ return -ENOSYS;
+ }
+
+ for (i = 0; i < total_queues; i++) {
+ cc = b->conf.peers.ccs[i];
+
+ vhost_crypto = cryptodev_get_vhost(cc, b, i);
+ cryptodev_vhost_set_vq_index(vhost_crypto, i);
+
+ /* Suppress the masking guest notifiers on vhost user
+ * because vhost user doesn't interrupt masking/unmasking
+ * properly.
+ */
+ if (cc->type == CRYPTODEV_BACKEND_TYPE_VHOST_USER) {
+ dev->use_guest_notifier_mask = false;
+ }
+ }
+
+ r = k->set_guest_notifiers(qbus->parent, total_queues, true);
+ if (r < 0) {
+ error_report("error binding guest notifier: %d", -r);
+ goto err;
+ }
+
+ for (i = 0; i < total_queues; i++) {
+ cc = b->conf.peers.ccs[i];
+
+ vhost_crypto = cryptodev_get_vhost(cc, b, i);
+ r = cryptodev_vhost_start_one(vhost_crypto, dev);
+
+ if (r < 0) {
+ goto err_start;
+ }
+
+ if (cc->vring_enable) {
+ /* restore vring enable state */
+ r = vhost_set_vring_enable(cc, b, i, cc->vring_enable);
+
+ if (r < 0) {
+ goto err_start;
+ }
+ }
+ }
+
+ return 0;
+
+err_start:
+ while (--i >= 0) {
+ cc = b->conf.peers.ccs[i];
+ vhost_crypto = cryptodev_get_vhost(cc, b, i);
+ cryptodev_vhost_stop_one(vhost_crypto, dev);
+ }
+ e = k->set_guest_notifiers(qbus->parent, total_queues, false);
+ if (e < 0) {
+ error_report("vhost guest notifier cleanup failed: %d", e);
+ }
+err:
+ return r;
+}
+
+void cryptodev_vhost_stop(VirtIODevice *dev, int total_queues)
+{
+ BusState *qbus = BUS(qdev_get_parent_bus(DEVICE(dev)));
+ VirtioBusState *vbus = VIRTIO_BUS(qbus);
+ VirtioBusClass *k = VIRTIO_BUS_GET_CLASS(vbus);
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(dev);
+ CryptoDevBackend *b = vcrypto->cryptodev;
+ CryptoDevBackendVhost *vhost_crypto;
+ CryptoDevBackendClient *cc;
+ size_t i;
+ int r;
+
+ for (i = 0; i < total_queues; i++) {
+ cc = b->conf.peers.ccs[i];
+
+ vhost_crypto = cryptodev_get_vhost(cc, b, i);
+ cryptodev_vhost_stop_one(vhost_crypto, dev);
+ }
+
+ r = k->set_guest_notifiers(qbus->parent, total_queues, false);
+ if (r < 0) {
+ error_report("vhost guest notifier cleanup failed: %d", r);
+ }
+ assert(r >= 0);
+}
+
+void cryptodev_vhost_virtqueue_mask(VirtIODevice *dev,
+ int queue,
+ int idx, bool mask)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(dev);
+ CryptoDevBackend *b = vcrypto->cryptodev;
+ CryptoDevBackendVhost *vhost_crypto;
+ CryptoDevBackendClient *cc;
+
+ assert(queue < MAX_CRYPTO_QUEUE_NUM);
+
+ cc = b->conf.peers.ccs[queue];
+ vhost_crypto = cryptodev_get_vhost(cc, b, queue);
+
+ vhost_virtqueue_mask(&vhost_crypto->dev, dev, idx, mask);
+}
+
+bool cryptodev_vhost_virtqueue_pending(VirtIODevice *dev,
+ int queue, int idx)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(dev);
+ CryptoDevBackend *b = vcrypto->cryptodev;
+ CryptoDevBackendVhost *vhost_crypto;
+ CryptoDevBackendClient *cc;
+
+ assert(queue < MAX_CRYPTO_QUEUE_NUM);
+
+ cc = b->conf.peers.ccs[queue];
+ vhost_crypto = cryptodev_get_vhost(cc, b, queue);
+
+ return vhost_virtqueue_pending(&vhost_crypto->dev, idx);
+}
diff --git a/hw/virtio/Makefile.objs b/hw/virtio/Makefile.objs
index 765d363..c65dca2 100644
--- a/hw/virtio/Makefile.objs
+++ b/hw/virtio/Makefile.objs
@@ -7,7 +7,7 @@ common-obj-y += virtio-mmio.o
obj-y += virtio.o virtio-balloon.o
obj-$(CONFIG_LINUX) += vhost.o vhost-backend.o vhost-user.o
obj-$(CONFIG_VHOST_VSOCK) += vhost-vsock.o
-obj-y += virtio-crypto.o
+obj-$(CONFIG_LINUX) += virtio-crypto.o
obj-$(CONFIG_VIRTIO_PCI) += virtio-crypto-pci.o
endif
diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
index 19c82e0..9a9fa49 100644
--- a/hw/virtio/virtio-crypto.c
+++ b/hw/virtio/virtio-crypto.c
@@ -20,6 +20,7 @@
#include "hw/virtio/virtio-crypto.h"
#include "hw/virtio/virtio-access.h"
#include "standard-headers/linux/virtio_ids.h"
+#include "sysemu/cryptodev-vhost.h"
#define VIRTIO_CRYPTO_VM_VERSION 1
@@ -880,6 +881,72 @@ static void virtio_crypto_get_config(VirtIODevice *vdev, uint8_t *config)
memcpy(config, &crypto_cfg, c->config_size);
}
+static bool virtio_crypto_started(VirtIOCrypto *c, uint8_t status)
+{
+ VirtIODevice *vdev = VIRTIO_DEVICE(c);
+ return (status & VIRTIO_CONFIG_S_DRIVER_OK) &&
+ (c->status & VIRTIO_CRYPTO_S_HW_READY) && vdev->vm_running;
+}
+
+static void virtio_crypto_vhost_status(VirtIOCrypto *c, uint8_t status)
+{
+ VirtIODevice *vdev = VIRTIO_DEVICE(c);
+ int queues = c->multiqueue ? c->max_queues : 1;
+ CryptoDevBackend *b = c->cryptodev;
+ CryptoDevBackendClient *cc = b->conf.peers.ccs[0];
+
+ if (!cryptodev_get_vhost(cc, b, 0)) {
+ return;
+ }
+
+ if ((virtio_crypto_started(c, status)) == !!c->vhost_started) {
+ return;
+ }
+
+ if (!c->vhost_started) {
+ int r;
+
+ c->vhost_started = 1;
+ r = cryptodev_vhost_start(vdev, queues);
+ if (r < 0) {
+ error_report("unable to start vhost crypto: %d: "
+ "falling back on userspace virtio", -r);
+ c->vhost_started = 0;
+ }
+ } else {
+ cryptodev_vhost_stop(vdev, queues);
+ c->vhost_started = 0;
+ }
+}
+
+static void virtio_crypto_set_status(VirtIODevice *vdev, uint8_t status)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(vdev);
+
+ virtio_crypto_vhost_status(vcrypto, status);
+}
+
+static void virtio_crypto_guest_notifier_mask(VirtIODevice *vdev, int idx,
+ bool mask)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(vdev);
+ int queue = virtio_crypto_vq2q(idx);
+
+ assert(vcrypto->vhost_started);
+
+ cryptodev_vhost_virtqueue_mask(vdev, queue, idx, mask);
+}
+
+static bool virtio_crypto_guest_notifier_pending(VirtIODevice *vdev, int idx)
+{
+ VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(vdev);
+ int queue = virtio_crypto_vq2q(idx);
+
+ assert(vcrypto->vhost_started);
+
+ return cryptodev_vhost_virtqueue_pending(vdev, queue, idx);
+}
+
static void virtio_crypto_class_init(ObjectClass *klass, void *data)
{
DeviceClass *dc = DEVICE_CLASS(klass);
@@ -893,6 +960,9 @@ static void virtio_crypto_class_init(ObjectClass *klass, void *data)
vdc->get_config = virtio_crypto_get_config;
vdc->get_features = virtio_crypto_get_features;
vdc->reset = virtio_crypto_reset;
+ vdc->set_status = virtio_crypto_set_status;
+ vdc->guest_notifier_mask = virtio_crypto_guest_notifier_mask;
+ vdc->guest_notifier_pending = virtio_crypto_guest_notifier_pending;
}
static void virtio_crypto_instance_init(Object *obj)
diff --git a/include/hw/virtio/virtio-crypto.h b/include/hw/virtio/virtio-crypto.h
index a00a0bf..ca3a049 100644
--- a/include/hw/virtio/virtio-crypto.h
+++ b/include/hw/virtio/virtio-crypto.h
@@ -96,6 +96,7 @@ typedef struct VirtIOCrypto {
int multiqueue;
uint32_t curr_queues;
size_t config_size;
+ uint8_t vhost_started;
} VirtIOCrypto;
#endif /* _QEMU_VIRTIO_CRYPTO_H */
diff --git a/include/sysemu/cryptodev-vhost-user.h b/include/sysemu/cryptodev-vhost-user.h
new file mode 100644
index 0000000..937217b
--- /dev/null
+++ b/include/sysemu/cryptodev-vhost-user.h
@@ -0,0 +1,44 @@
+/*
+ * QEMU Crypto Device Common Vhost User Implement
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Gonglei <arei.gonglei@huawei.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+#ifndef CRYPTODEV_VHOST_USER_H
+#define CRYPTODEV_VHOST_USER_H
+
+
+/**
+ * cryptodev_vhost_user_get_vhost:
+ * @cc: the client object for each queue
+ * @b: the cryptodev backend common vhost object
+ * @queue: the queue index
+ *
+ * Gets a new cryptodev backend common vhost object based on
+ * @b and @queue
+ *
+ * Returns: the cryptodev backend common vhost object
+ */
+CryptoDevBackendVhost *
+cryptodev_vhost_user_get_vhost(
+ CryptoDevBackendClient *cc,
+ CryptoDevBackend *b,
+ uint16_t queue);
+
+#endif /* CRYPTODEV_VHOST_USER_H */
diff --git a/include/sysemu/cryptodev.h b/include/sysemu/cryptodev.h
index a9d0d1e..faeb6f8 100644
--- a/include/sysemu/cryptodev.h
+++ b/include/sysemu/cryptodev.h
@@ -163,12 +163,20 @@ typedef struct CryptoDevBackendClass {
uint32_t queue_index, Error **errp);
} CryptoDevBackendClass;
+typedef enum CryptoDevBackendOptionsType {
+ CRYPTODEV_BACKEND_TYPE_NONE = 0,
+ CRYPTODEV_BACKEND_TYPE_BUILTIN = 1,
+ CRYPTODEV_BACKEND_TYPE_VHOST_USER = 2,
+ CRYPTODEV_BACKEND_TYPE__MAX,
+} CryptoDevBackendOptionsType;
struct CryptoDevBackendClient {
+ CryptoDevBackendOptionsType type;
char *model;
char *name;
char *info_str;
unsigned int queue_index;
+ int vring_enable;
QTAILQ_ENTRY(CryptoDevBackendClient) next;
};
--
1.8.3.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [Qemu-devel] [PATCH v2 3/4] cryptodev-vhost-user: add crypto session handler
2017-12-30 8:52 [Qemu-devel] [PATCH v2 0/4] cryptodev: add vhost support Jay Zhou
2017-12-30 8:52 ` [Qemu-devel] [PATCH v2 1/4] cryptodev: add vhost-user as a new cryptodev backend Jay Zhou
2017-12-30 8:52 ` [Qemu-devel] [PATCH v2 2/4] cryptodev: add vhost support Jay Zhou
@ 2017-12-30 8:52 ` Jay Zhou
2018-01-16 4:24 ` Michael S. Tsirkin
2017-12-30 8:52 ` [Qemu-devel] [PATCH v2 4/4] cryptodev-vhost-user: set the key length Jay Zhou
3 siblings, 1 reply; 7+ messages in thread
From: Jay Zhou @ 2017-12-30 8:52 UTC (permalink / raw)
To: qemu-devel
Cc: mst, pbonzini, weidong.huang, stefanha, jianjay.zhou, pasic,
longpeng2, xin.zeng, roy.fan.zhang, arei.gonglei
From: Gonglei <arei.gonglei@huawei.com>
Introduce two vhost-user meassges: VHOST_USER_CREATE_CRYPTO_SESSION
and VHOST_USER_CLOSE_CRYPTO_SESSION. At this point, the QEMU side
support crypto operation in cryptodev host-user backend.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
---
backends/cryptodev-vhost-user.c | 50 +++++++++++++++++-----
docs/interop/vhost-user.txt | 19 +++++++++
hw/virtio/vhost-user.c | 89 +++++++++++++++++++++++++++++++++++++++
include/hw/virtio/vhost-backend.h | 8 ++++
4 files changed, 155 insertions(+), 11 deletions(-)
diff --git a/backends/cryptodev-vhost-user.c b/backends/cryptodev-vhost-user.c
index 0b1f049..061c0e5 100644
--- a/backends/cryptodev-vhost-user.c
+++ b/backends/cryptodev-vhost-user.c
@@ -233,7 +233,26 @@ static int64_t cryptodev_vhost_user_sym_create_session(
CryptoDevBackendSymSessionInfo *sess_info,
uint32_t queue_index, Error **errp)
{
- return 0;
+ CryptoDevBackendClient *cc =
+ backend->conf.peers.ccs[queue_index];
+ CryptoDevBackendVhost *vhost_crypto;
+ uint64_t session_id = 0;
+ int ret;
+
+ vhost_crypto = cryptodev_vhost_user_get_vhost(cc,
+ backend, queue_index);
+ if (vhost_crypto) {
+ struct vhost_dev *dev = &(vhost_crypto->dev);
+ ret = dev->vhost_ops->vhost_crypto_create_session(dev,
+ sess_info,
+ &session_id);
+ if (ret < 0) {
+ return -1;
+ } else {
+ return session_id;
+ }
+ }
+ return -1;
}
static int cryptodev_vhost_user_sym_close_session(
@@ -241,15 +260,24 @@ static int cryptodev_vhost_user_sym_close_session(
uint64_t session_id,
uint32_t queue_index, Error **errp)
{
- return 0;
-}
-
-static int cryptodev_vhost_user_sym_operation(
- CryptoDevBackend *backend,
- CryptoDevBackendSymOpInfo *op_info,
- uint32_t queue_index, Error **errp)
-{
- return VIRTIO_CRYPTO_OK;
+ CryptoDevBackendClient *cc =
+ backend->conf.peers.ccs[queue_index];
+ CryptoDevBackendVhost *vhost_crypto;
+ int ret;
+
+ vhost_crypto = cryptodev_vhost_user_get_vhost(cc,
+ backend, queue_index);
+ if (vhost_crypto) {
+ struct vhost_dev *dev = &(vhost_crypto->dev);
+ ret = dev->vhost_ops->vhost_crypto_close_session(dev,
+ session_id);
+ if (ret < 0) {
+ return -1;
+ } else {
+ return 0;
+ }
+ }
+ return -1;
}
static void cryptodev_vhost_user_cleanup(
@@ -328,7 +356,7 @@ cryptodev_vhost_user_class_init(ObjectClass *oc, void *data)
bc->cleanup = cryptodev_vhost_user_cleanup;
bc->create_session = cryptodev_vhost_user_sym_create_session;
bc->close_session = cryptodev_vhost_user_sym_close_session;
- bc->do_sym_op = cryptodev_vhost_user_sym_operation;
+ bc->do_sym_op = NULL;
}
static const TypeInfo cryptodev_vhost_user_info = {
diff --git a/docs/interop/vhost-user.txt b/docs/interop/vhost-user.txt
index 954771d..f43c63d 100644
--- a/docs/interop/vhost-user.txt
+++ b/docs/interop/vhost-user.txt
@@ -596,6 +596,25 @@ Master message types
and expect this message once (per VQ) during device configuration
(ie. before the master starts the VQ).
+ * VHOST_USER_CREATE_CRYPTO_SESSION
+
+ Id: 23
+ Equivalent ioctl: N/A
+ Master payload: crypto session description
+ Slave payload: crypto session description
+
+ Create a session for crypto operation. The server side must return the
+ session id, 0 or positive for success, negative for failure.
+
+ * VHOST_USER_CLOSE_CRYPTO_SESSION
+
+ Id: 24
+ Equivalent ioctl: N/A
+ Master payload: u64
+
+ Close a session for crypto operation which was previously
+ created by VHOST_USER_CREATE_CRYPTO_SESSION.
+
Slave message types
-------------------
diff --git a/hw/virtio/vhost-user.c b/hw/virtio/vhost-user.c
index 093675e..7865c6d 100644
--- a/hw/virtio/vhost-user.c
+++ b/hw/virtio/vhost-user.c
@@ -17,6 +17,7 @@
#include "sysemu/kvm.h"
#include "qemu/error-report.h"
#include "qemu/sockets.h"
+#include "sysemu/cryptodev.h"
#include <sys/ioctl.h>
#include <sys/socket.h>
@@ -65,6 +66,8 @@ typedef enum VhostUserRequest {
VHOST_USER_SET_SLAVE_REQ_FD = 21,
VHOST_USER_IOTLB_MSG = 22,
VHOST_USER_SET_VRING_ENDIAN = 23,
+ VHOST_USER_CREATE_CRYPTO_SESSION = 24,
+ VHOST_USER_CLOSE_CRYPTO_SESSION = 25,
VHOST_USER_MAX
} VhostUserRequest;
@@ -92,6 +95,17 @@ typedef struct VhostUserLog {
uint64_t mmap_offset;
} VhostUserLog;
+#define VHOST_CRYPTO_SYM_HMAC_MAX_KEY_LEN 512
+#define VHOST_CRYPTO_SYM_CIPHER_MAX_KEY_LEN 64
+
+typedef struct VhostUserCryptoSession {
+ /* session id for success, -1 on errors */
+ int64_t session_id;
+ CryptoDevBackendSymSessionInfo session_setup_data;
+ uint8_t key[VHOST_CRYPTO_SYM_CIPHER_MAX_KEY_LEN];
+ uint8_t auth_key[VHOST_CRYPTO_SYM_HMAC_MAX_KEY_LEN];
+} VhostUserCryptoSession;
+
typedef struct VhostUserMsg {
VhostUserRequest request;
@@ -109,6 +123,7 @@ typedef struct VhostUserMsg {
VhostUserMemory memory;
VhostUserLog log;
struct vhost_iotlb_msg iotlb;
+ VhostUserCryptoSession session;
} payload;
} QEMU_PACKED VhostUserMsg;
@@ -922,6 +937,78 @@ static void vhost_user_set_iotlb_callback(struct vhost_dev *dev, int enabled)
/* No-op as the receive channel is not dedicated to IOTLB messages. */
}
+static int vhost_user_crypto_create_session(struct vhost_dev *dev,
+ void *session_info,
+ uint64_t *session_id)
+{
+ CryptoDevBackendSymSessionInfo *sess_info = session_info;
+ VhostUserMsg msg = {
+ .request = VHOST_USER_CREATE_CRYPTO_SESSION,
+ .flags = VHOST_USER_VERSION,
+ .size = sizeof(msg.payload.session),
+ };
+
+ assert(dev->vhost_ops->backend_type == VHOST_BACKEND_TYPE_USER);
+
+ memcpy(&msg.payload.session.session_setup_data, sess_info,
+ sizeof(CryptoDevBackendSymSessionInfo));
+ if (sess_info->key_len) {
+ memcpy(&msg.payload.session.key, sess_info->cipher_key,
+ sess_info->key_len);
+ }
+ if (sess_info->auth_key_len > 0) {
+ memcpy(&msg.payload.session.auth_key, sess_info->auth_key,
+ sess_info->auth_key_len);
+ }
+ if (vhost_user_write(dev, &msg, NULL, 0) < 0) {
+ error_report("vhost_user_write() return -1, create session failed");
+ return -1;
+ }
+
+ if (vhost_user_read(dev, &msg) < 0) {
+ error_report("vhost_user_read() return -1, create session failed");
+ return -1;
+ }
+
+ if (msg.request != VHOST_USER_CREATE_CRYPTO_SESSION) {
+ error_report("Received unexpected msg type. Expected %d received %d",
+ VHOST_USER_CREATE_CRYPTO_SESSION, msg.request);
+ return -1;
+ }
+
+ if (msg.size != sizeof(msg.payload.session)) {
+ error_report("Received bad msg size.");
+ return -1;
+ }
+
+ if (msg.payload.session.session_id < 0) {
+ error_report("Bad session id: %" PRId64 "",
+ msg.payload.session.session_id);
+ return -1;
+ }
+ *session_id = msg.payload.session.session_id;
+
+ return 0;
+}
+
+static int
+vhost_user_crypto_close_session(struct vhost_dev *dev, uint64_t session_id)
+{
+ VhostUserMsg msg = {
+ .request = VHOST_USER_CLOSE_CRYPTO_SESSION,
+ .flags = VHOST_USER_VERSION,
+ .size = sizeof(msg.payload.u64),
+ };
+ msg.payload.u64 = session_id;
+
+ if (vhost_user_write(dev, &msg, NULL, 0) < 0) {
+ error_report("vhost_user_write() return -1, close session failed");
+ return -1;
+ }
+
+ return 0;
+}
+
const VhostOps user_ops = {
.backend_type = VHOST_BACKEND_TYPE_USER,
.vhost_backend_init = vhost_user_init,
@@ -948,4 +1035,6 @@ const VhostOps user_ops = {
.vhost_net_set_mtu = vhost_user_net_set_mtu,
.vhost_set_iotlb_callback = vhost_user_set_iotlb_callback,
.vhost_send_device_iotlb_msg = vhost_user_send_device_iotlb_msg,
+ .vhost_crypto_create_session = vhost_user_crypto_create_session,
+ .vhost_crypto_close_session = vhost_user_crypto_close_session,
};
diff --git a/include/hw/virtio/vhost-backend.h b/include/hw/virtio/vhost-backend.h
index a7a5f22..21d9479 100644
--- a/include/hw/virtio/vhost-backend.h
+++ b/include/hw/virtio/vhost-backend.h
@@ -85,6 +85,12 @@ typedef void (*vhost_set_iotlb_callback_op)(struct vhost_dev *dev,
typedef int (*vhost_send_device_iotlb_msg_op)(struct vhost_dev *dev,
struct vhost_iotlb_msg *imsg);
+typedef int (*vhost_crypto_create_session_op)(struct vhost_dev *dev,
+ void *session_info,
+ uint64_t *session_id);
+typedef int (*vhost_crypto_close_session_op)(struct vhost_dev *dev,
+ uint64_t session_id);
+
typedef struct VhostOps {
VhostBackendType backend_type;
vhost_backend_init vhost_backend_init;
@@ -118,6 +124,8 @@ typedef struct VhostOps {
vhost_vsock_set_running_op vhost_vsock_set_running;
vhost_set_iotlb_callback_op vhost_set_iotlb_callback;
vhost_send_device_iotlb_msg_op vhost_send_device_iotlb_msg;
+ vhost_crypto_create_session_op vhost_crypto_create_session;
+ vhost_crypto_close_session_op vhost_crypto_close_session;
} VhostOps;
extern const VhostOps user_ops;
--
1.8.3.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [Qemu-devel] [PATCH v2 4/4] cryptodev-vhost-user: set the key length
2017-12-30 8:52 [Qemu-devel] [PATCH v2 0/4] cryptodev: add vhost support Jay Zhou
` (2 preceding siblings ...)
2017-12-30 8:52 ` [Qemu-devel] [PATCH v2 3/4] cryptodev-vhost-user: add crypto session handler Jay Zhou
@ 2017-12-30 8:52 ` Jay Zhou
3 siblings, 0 replies; 7+ messages in thread
From: Jay Zhou @ 2017-12-30 8:52 UTC (permalink / raw)
To: qemu-devel
Cc: mst, pbonzini, weidong.huang, stefanha, jianjay.zhou, pasic,
longpeng2, xin.zeng, roy.fan.zhang, arei.gonglei
From: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
backends/cryptodev-vhost-user.c | 4 ++++
include/sysemu/cryptodev-vhost-user.h | 3 +++
2 files changed, 7 insertions(+)
diff --git a/backends/cryptodev-vhost-user.c b/backends/cryptodev-vhost-user.c
index 061c0e5..c7a9848 100644
--- a/backends/cryptodev-vhost-user.c
+++ b/backends/cryptodev-vhost-user.c
@@ -226,6 +226,10 @@ static void cryptodev_vhost_user_init(
1u << VIRTIO_CRYPTO_SERVICE_MAC;
backend->conf.cipher_algo_l = 1u << VIRTIO_CRYPTO_CIPHER_AES_CBC;
backend->conf.hash_algo = 1u << VIRTIO_CRYPTO_HASH_SHA1;
+
+ backend->conf.max_size = UINT64_MAX;
+ backend->conf.max_cipher_key_len = VHOST_USER_MAX_AUTH_KEY_LEN;
+ backend->conf.max_auth_key_len = VHOST_USER_MAX_AUTH_KEY_LEN;
}
static int64_t cryptodev_vhost_user_sym_create_session(
diff --git a/include/sysemu/cryptodev-vhost-user.h b/include/sysemu/cryptodev-vhost-user.h
index 937217b..6debf53 100644
--- a/include/sysemu/cryptodev-vhost-user.h
+++ b/include/sysemu/cryptodev-vhost-user.h
@@ -23,6 +23,9 @@
#ifndef CRYPTODEV_VHOST_USER_H
#define CRYPTODEV_VHOST_USER_H
+#define VHOST_USER_MAX_AUTH_KEY_LEN 512
+#define VHOST_USER_MAX_CIPHER_KEY_LEN 64
+
/**
* cryptodev_vhost_user_get_vhost:
--
1.8.3.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [Qemu-devel] [PATCH v2 3/4] cryptodev-vhost-user: add crypto session handler
2017-12-30 8:52 ` [Qemu-devel] [PATCH v2 3/4] cryptodev-vhost-user: add crypto session handler Jay Zhou
@ 2018-01-16 4:24 ` Michael S. Tsirkin
2018-01-16 12:43 ` Zhoujian (jay)
0 siblings, 1 reply; 7+ messages in thread
From: Michael S. Tsirkin @ 2018-01-16 4:24 UTC (permalink / raw)
To: Jay Zhou
Cc: qemu-devel, pbonzini, weidong.huang, stefanha, pasic, longpeng2,
xin.zeng, roy.fan.zhang, arei.gonglei
On Sat, Dec 30, 2017 at 04:52:12PM +0800, Jay Zhou wrote:
> diff --git a/docs/interop/vhost-user.txt b/docs/interop/vhost-user.txt
> index 954771d..f43c63d 100644
> --- a/docs/interop/vhost-user.txt
> +++ b/docs/interop/vhost-user.txt
> @@ -596,6 +596,25 @@ Master message types
> and expect this message once (per VQ) during device configuration
> (ie. before the master starts the VQ).
>
> + * VHOST_USER_CREATE_CRYPTO_SESSION
> +
> + Id: 23
> + Equivalent ioctl: N/A
> + Master payload: crypto session description
> + Slave payload: crypto session description
> +
> + Create a session for crypto operation. The server side must return the
> + session id, 0 or positive for success, negative for failure.
> +
> + * VHOST_USER_CLOSE_CRYPTO_SESSION
> +
> + Id: 24
> + Equivalent ioctl: N/A
> + Master payload: u64
> +
> + Close a session for crypto operation which was previously
> + created by VHOST_USER_CREATE_CRYPTO_SESSION.
> +
> Slave message types
> -------------------
>
Sorry about a delayed response.
So an issue with this patchset is that you are adding
new messages unconditionally.
You must add a protocol bit whenever you add new messages.
If appropriate, you can document that it's a required feature for crypto
devices.
--
MST
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Qemu-devel] [PATCH v2 3/4] cryptodev-vhost-user: add crypto session handler
2018-01-16 4:24 ` Michael S. Tsirkin
@ 2018-01-16 12:43 ` Zhoujian (jay)
0 siblings, 0 replies; 7+ messages in thread
From: Zhoujian (jay) @ 2018-01-16 12:43 UTC (permalink / raw)
To: Michael S. Tsirkin
Cc: qemu-devel@nongnu.org, pbonzini@redhat.com, Huangweidong (C),
stefanha@redhat.com, pasic@linux.vnet.ibm.com, longpeng,
xin.zeng@intel.com, roy.fan.zhang@intel.com, Gonglei (Arei)
> -----Original Message-----
> From: Michael S. Tsirkin [mailto:mst@redhat.com]
> Sent: Tuesday, January 16, 2018 12:24 PM
> To: Zhoujian (jay) <jianjay.zhou@huawei.com>
> Cc: qemu-devel@nongnu.org; pbonzini@redhat.com; Huangweidong (C)
> <weidong.huang@huawei.com>; stefanha@redhat.com; pasic@linux.vnet.ibm.com;
> longpeng <longpeng2@huawei.com>; xin.zeng@intel.com; roy.fan.zhang@intel.com;
> Gonglei (Arei) <arei.gonglei@huawei.com>
> Subject: Re: [PATCH v2 3/4] cryptodev-vhost-user: add crypto session handler
>
> On Sat, Dec 30, 2017 at 04:52:12PM +0800, Jay Zhou wrote:
> > diff --git a/docs/interop/vhost-user.txt b/docs/interop/vhost-user.txt
> > index 954771d..f43c63d 100644
> > --- a/docs/interop/vhost-user.txt
> > +++ b/docs/interop/vhost-user.txt
> > @@ -596,6 +596,25 @@ Master message types
> > and expect this message once (per VQ) during device configuration
> > (ie. before the master starts the VQ).
> >
> > + * VHOST_USER_CREATE_CRYPTO_SESSION
> > +
> > + Id: 23
> > + Equivalent ioctl: N/A
> > + Master payload: crypto session description
> > + Slave payload: crypto session description
> > +
> > + Create a session for crypto operation. The server side must return
> the
> > + session id, 0 or positive for success, negative for failure.
> > +
> > + * VHOST_USER_CLOSE_CRYPTO_SESSION
> > +
> > + Id: 24
> > + Equivalent ioctl: N/A
> > + Master payload: u64
> > +
> > + Close a session for crypto operation which was previously
> > + created by VHOST_USER_CREATE_CRYPTO_SESSION.
> > +
> > Slave message types
> > -------------------
> >
>
>
> Sorry about a delayed response.
> So an issue with this patchset is that you are adding new messages
> unconditionally.
>
> You must add a protocol bit whenever you add new messages.
> If appropriate, you can document that it's a required feature for crypto
> devices.
OK, will do.
Regards,
Jay
>
>
> --
> MST
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2018-01-16 12:43 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-12-30 8:52 [Qemu-devel] [PATCH v2 0/4] cryptodev: add vhost support Jay Zhou
2017-12-30 8:52 ` [Qemu-devel] [PATCH v2 1/4] cryptodev: add vhost-user as a new cryptodev backend Jay Zhou
2017-12-30 8:52 ` [Qemu-devel] [PATCH v2 2/4] cryptodev: add vhost support Jay Zhou
2017-12-30 8:52 ` [Qemu-devel] [PATCH v2 3/4] cryptodev-vhost-user: add crypto session handler Jay Zhou
2018-01-16 4:24 ` Michael S. Tsirkin
2018-01-16 12:43 ` Zhoujian (jay)
2017-12-30 8:52 ` [Qemu-devel] [PATCH v2 4/4] cryptodev-vhost-user: set the key length Jay Zhou
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).