[Qemu-devel] [PATCH v3 0/4] cryptodev: add vhost support

[Qemu-devel] [PATCH v3 0/4] cryptodev: add vhost support

[Jay Zhou]

From: Gonglei <arei.gonglei@huawei.com>

I posted the RFC verion a few months ago for DPDK
vhost-crypto implmention, and now it's time to send
the formal version. Because we need an user space scheme
for better performance.

The vhost user crypto server side patches had been
sent to DPDK community, pls see

[RFC PATCH 0/6] lib/librte_vhost: introduce new vhost_user crypto backend
support
http://dpdk.org/ml/archives/dev/2017-November/081048.html

You also can get virtio-crypto polling mode driver from:

[PATCH] virtio: add new driver for crypto devices
http://dpdk.org/ml/archives/dev/2017-November/081985.html

Gonglei (4):
  cryptodev: add vhost-user as a new cryptodev backend
  cryptodev: add vhost support
  cryptodev-vhost-user: add crypto session handler
  cryptodev-vhost-user: set the key length

 backends/Makefile.objs                |   4 +
 backends/cryptodev-builtin.c          |   1 +
 backends/cryptodev-vhost-user.c       | 381 ++++++++++++++++++++++++++++++++++
 backends/cryptodev-vhost.c            | 297 ++++++++++++++++++++++++++
 docs/interop/vhost-user.txt           |  26 +++
 hw/virtio/Makefile.objs               |   2 +-
 hw/virtio/vhost-user.c                | 104 ++++++++++
 hw/virtio/virtio-crypto.c             |  70 +++++++
 include/hw/virtio/vhost-backend.h     |   8 +
 include/hw/virtio/virtio-crypto.h     |   1 +
 include/sysemu/cryptodev-vhost-user.h |  47 +++++
 include/sysemu/cryptodev-vhost.h      | 154 ++++++++++++++
 include/sysemu/cryptodev.h            |   8 +
 qemu-options.hx                       |  21 ++
 vl.c                                  |   4 +
 15 files changed, 1127 insertions(+), 1 deletion(-)
 create mode 100644 backends/cryptodev-vhost-user.c
 create mode 100644 backends/cryptodev-vhost.c
 create mode 100644 include/sysemu/cryptodev-vhost-user.h
 create mode 100644 include/sysemu/cryptodev-vhost.h

--
1.8.3.1

[Qemu-devel] [PATCH v3 1/4] cryptodev: add vhost-user as a new cryptodev backend

[Jay Zhou]

From: Gonglei <arei.gonglei@huawei.com>

Usage:
 -chardev socket,id=charcrypto0,path=/path/to/your/socket
 -object cryptodev-vhost-user,id=cryptodev0,chardev=charcrypto0
 -device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
---
 backends/Makefile.objs           |   4 +
 backends/cryptodev-vhost-user.c  | 333 +++++++++++++++++++++++++++++++++++++++
 backends/cryptodev-vhost.c       |  73 +++++++++
 include/sysemu/cryptodev-vhost.h | 154 ++++++++++++++++++
 qemu-options.hx                  |  21 +++
 vl.c                             |   4 +
 6 files changed, 589 insertions(+)
 create mode 100644 backends/cryptodev-vhost-user.c
 create mode 100644 backends/cryptodev-vhost.c
 create mode 100644 include/sysemu/cryptodev-vhost.h

diff --git a/backends/Makefile.objs b/backends/Makefile.objs
index 0400799..9e1fb76 100644
--- a/backends/Makefile.objs
+++ b/backends/Makefile.objs
@@ -8,3 +8,7 @@ common-obj-$(CONFIG_LINUX) += hostmem-file.o
 
 common-obj-y += cryptodev.o
 common-obj-y += cryptodev-builtin.o
+
+ifeq ($(CONFIG_VIRTIO),y)
+common-obj-$(CONFIG_LINUX) += cryptodev-vhost.o cryptodev-vhost-user.o
+endif
diff --git a/backends/cryptodev-vhost-user.c b/backends/cryptodev-vhost-user.c
new file mode 100644
index 0000000..4e63ece
--- /dev/null
+++ b/backends/cryptodev-vhost-user.c
@@ -0,0 +1,333 @@
+/*
+ * QEMU Cryptodev backend for QEMU cipher APIs
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ *    Gonglei <arei.gonglei@huawei.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "hw/boards.h"
+#include "qapi/error.h"
+#include "qapi/qmp/qerror.h"
+#include "qemu/error-report.h"
+#include "standard-headers/linux/virtio_crypto.h"
+#include "sysemu/cryptodev-vhost.h"
+#include "chardev/char-fe.h"
+
+
+/**
+ * @TYPE_CRYPTODEV_BACKEND_VHOST_USER:
+ * name of backend that uses vhost user server
+ */
+#define TYPE_CRYPTODEV_BACKEND_VHOST_USER "cryptodev-vhost-user"
+
+#define CRYPTODEV_BACKEND_VHOST_USER(obj) \
+    OBJECT_CHECK(CryptoDevBackendVhostUser, \
+                 (obj), TYPE_CRYPTODEV_BACKEND_VHOST_USER)
+
+
+typedef struct CryptoDevBackendVhostUser {
+    CryptoDevBackend parent_obj;
+
+    CharBackend chr;
+    char *chr_name;
+    bool opened;
+    CryptoDevBackendVhost *vhost_crypto[MAX_CRYPTO_QUEUE_NUM];
+} CryptoDevBackendVhostUser;
+
+static int
+cryptodev_vhost_user_running(
+             CryptoDevBackendVhost *crypto)
+{
+    return crypto ? 1 : 0;
+}
+
+static void cryptodev_vhost_user_stop(int queues,
+                          CryptoDevBackendVhostUser *s)
+{
+    size_t i;
+
+    for (i = 0; i < queues; i++) {
+        if (!cryptodev_vhost_user_running(s->vhost_crypto[i])) {
+            continue;
+        }
+
+        if (s->vhost_crypto) {
+            cryptodev_vhost_cleanup(s->vhost_crypto[i]);
+            s->vhost_crypto[i] = NULL;
+        }
+    }
+}
+
+static int
+cryptodev_vhost_user_start(int queues,
+                         CryptoDevBackendVhostUser *s)
+{
+    CryptoDevBackendVhostOptions options;
+    CryptoDevBackend *b = CRYPTODEV_BACKEND(s);
+    int max_queues;
+    size_t i;
+
+    for (i = 0; i < queues; i++) {
+        if (cryptodev_vhost_user_running(s->vhost_crypto[i])) {
+            continue;
+        }
+
+        options.opaque = &s->chr;
+        options.backend_type = VHOST_BACKEND_TYPE_USER;
+        options.cc = b->conf.peers.ccs[i];
+        s->vhost_crypto[i] = cryptodev_vhost_init(&options);
+        if (!s->vhost_crypto[i]) {
+            error_report("failed to init vhost_crypto for queue %lu", i);
+            goto err;
+        }
+
+        if (i == 0) {
+            max_queues =
+              cryptodev_vhost_get_max_queues(s->vhost_crypto[i]);
+            if (queues > max_queues) {
+                error_report("you are asking more queues than supported: %d",
+                             max_queues);
+                goto err;
+            }
+        }
+    }
+
+    return 0;
+
+err:
+    cryptodev_vhost_user_stop(i + 1, s);
+    return -1;
+}
+
+static Chardev *
+cryptodev_vhost_claim_chardev(CryptoDevBackendVhostUser *s,
+                                    Error **errp)
+{
+    Chardev *chr;
+
+    if (s->chr_name == NULL) {
+        error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
+                   "chardev", "a valid character device");
+        return NULL;
+    }
+
+    chr = qemu_chr_find(s->chr_name);
+    if (chr == NULL) {
+        error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND,
+                  "Device '%s' not found", s->chr_name);
+        return NULL;
+    }
+
+    return chr;
+}
+
+static void cryptodev_vhost_user_event(void *opaque, int event)
+{
+    CryptoDevBackendVhostUser *s = opaque;
+    CryptoDevBackend *b = CRYPTODEV_BACKEND(s);
+    Error *err = NULL;
+    int queues = b->conf.peers.queues;
+
+    assert(queues < MAX_CRYPTO_QUEUE_NUM);
+
+    switch (event) {
+    case CHR_EVENT_OPENED:
+        if (cryptodev_vhost_user_start(queues, s) < 0) {
+            exit(1);
+        }
+        b->ready = true;
+        break;
+    case CHR_EVENT_CLOSED:
+        b->ready = false;
+        cryptodev_vhost_user_stop(queues, s);
+        break;
+    }
+
+    if (err) {
+        error_report_err(err);
+    }
+}
+
+static void cryptodev_vhost_user_init(
+             CryptoDevBackend *backend, Error **errp)
+{
+    int queues = backend->conf.peers.queues;
+    size_t i;
+    Error *local_err = NULL;
+    Chardev *chr;
+    CryptoDevBackendClient *cc;
+    CryptoDevBackendVhostUser *s =
+                      CRYPTODEV_BACKEND_VHOST_USER(backend);
+
+    chr = cryptodev_vhost_claim_chardev(s, &local_err);
+    if (local_err) {
+        error_propagate(errp, local_err);
+        return;
+    }
+
+    s->opened = true;
+
+    for (i = 0; i < queues; i++) {
+        cc = cryptodev_backend_new_client(
+                  "cryptodev-vhost-user", NULL);
+        cc->info_str = g_strdup_printf("cryptodev-vhost-user%lu to %s ",
+                                       i, chr->label);
+        cc->queue_index = i;
+
+        backend->conf.peers.ccs[i] = cc;
+
+        if (i == 0) {
+            if (!qemu_chr_fe_init(&s->chr, chr, &local_err)) {
+                error_propagate(errp, local_err);
+                return;
+            }
+        }
+    }
+
+    qemu_chr_fe_set_handlers(&s->chr, NULL, NULL,
+                     cryptodev_vhost_user_event, NULL, s, NULL, true);
+
+    backend->conf.crypto_services =
+                         1u << VIRTIO_CRYPTO_SERVICE_CIPHER |
+                         1u << VIRTIO_CRYPTO_SERVICE_HASH |
+                         1u << VIRTIO_CRYPTO_SERVICE_MAC;
+    backend->conf.cipher_algo_l = 1u << VIRTIO_CRYPTO_CIPHER_AES_CBC;
+    backend->conf.hash_algo = 1u << VIRTIO_CRYPTO_HASH_SHA1;
+}
+
+static int64_t cryptodev_vhost_user_sym_create_session(
+           CryptoDevBackend *backend,
+           CryptoDevBackendSymSessionInfo *sess_info,
+           uint32_t queue_index, Error **errp)
+{
+    return 0;
+}
+
+static int cryptodev_vhost_user_sym_close_session(
+           CryptoDevBackend *backend,
+           uint64_t session_id,
+           uint32_t queue_index, Error **errp)
+{
+    return 0;
+}
+
+static int cryptodev_vhost_user_sym_operation(
+                 CryptoDevBackend *backend,
+                 CryptoDevBackendSymOpInfo *op_info,
+                 uint32_t queue_index, Error **errp)
+{
+    return VIRTIO_CRYPTO_OK;
+}
+
+static void cryptodev_vhost_user_cleanup(
+             CryptoDevBackend *backend,
+             Error **errp)
+{
+    CryptoDevBackendVhostUser *s =
+                      CRYPTODEV_BACKEND_VHOST_USER(backend);
+    size_t i;
+    int queues = backend->conf.peers.queues;
+    CryptoDevBackendClient *cc;
+
+    cryptodev_vhost_user_stop(queues, s);
+
+    for (i = 0; i < queues; i++) {
+        cc = backend->conf.peers.ccs[i];
+        if (cc) {
+            cryptodev_backend_free_client(cc);
+            backend->conf.peers.ccs[i] = NULL;
+        }
+    }
+}
+
+static void cryptodev_vhost_user_set_chardev(Object *obj,
+                                    const char *value, Error **errp)
+{
+    CryptoDevBackendVhostUser *s =
+                      CRYPTODEV_BACKEND_VHOST_USER(obj);
+
+    if (s->opened) {
+        error_setg(errp, QERR_PERMISSION_DENIED);
+    } else {
+        g_free(s->chr_name);
+        s->chr_name = g_strdup(value);
+    }
+}
+
+static char *
+cryptodev_vhost_user_get_chardev(Object *obj, Error **errp)
+{
+    CryptoDevBackendVhostUser *s =
+                      CRYPTODEV_BACKEND_VHOST_USER(obj);
+    Chardev *chr = qemu_chr_fe_get_driver(&s->chr);
+
+    if (chr && chr->label) {
+        return g_strdup(chr->label);
+    }
+
+    return NULL;
+}
+
+static void cryptodev_vhost_user_instance_int(Object *obj)
+{
+    object_property_add_str(obj, "chardev",
+                            cryptodev_vhost_user_get_chardev,
+                            cryptodev_vhost_user_set_chardev,
+                            NULL);
+}
+
+static void cryptodev_vhost_user_finalize(Object *obj)
+{
+    CryptoDevBackendVhostUser *s =
+                      CRYPTODEV_BACKEND_VHOST_USER(obj);
+
+    qemu_chr_fe_deinit(&s->chr, false);
+
+    g_free(s->chr_name);
+}
+
+static void
+cryptodev_vhost_user_class_init(ObjectClass *oc, void *data)
+{
+    CryptoDevBackendClass *bc = CRYPTODEV_BACKEND_CLASS(oc);
+
+    bc->init = cryptodev_vhost_user_init;
+    bc->cleanup = cryptodev_vhost_user_cleanup;
+    bc->create_session = cryptodev_vhost_user_sym_create_session;
+    bc->close_session = cryptodev_vhost_user_sym_close_session;
+    bc->do_sym_op = cryptodev_vhost_user_sym_operation;
+}
+
+static const TypeInfo cryptodev_vhost_user_info = {
+    .name = TYPE_CRYPTODEV_BACKEND_VHOST_USER,
+    .parent = TYPE_CRYPTODEV_BACKEND,
+    .class_init = cryptodev_vhost_user_class_init,
+    .instance_init = cryptodev_vhost_user_instance_int,
+    .instance_finalize = cryptodev_vhost_user_finalize,
+    .instance_size = sizeof(CryptoDevBackendVhostUser),
+};
+
+static void
+cryptodev_vhost_user_register_types(void)
+{
+    type_register_static(&cryptodev_vhost_user_info);
+}
+
+type_init(cryptodev_vhost_user_register_types);
diff --git a/backends/cryptodev-vhost.c b/backends/cryptodev-vhost.c
new file mode 100644
index 0000000..2c7df3f
--- /dev/null
+++ b/backends/cryptodev-vhost.c
@@ -0,0 +1,73 @@
+/*
+ * QEMU Cryptodev backend for QEMU cipher APIs
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ *    Gonglei <arei.gonglei@huawei.com>
+ *    Jay Zhou <jianjay.zhou@huawei.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "qapi/qmp/qerror.h"
+#include "sysemu/cryptodev-vhost.h"
+
+
+uint64_t
+cryptodev_vhost_get_max_queues(
+                        CryptoDevBackendVhost *crypto)
+{
+    return crypto->dev.max_queues;
+}
+
+void cryptodev_vhost_cleanup(CryptoDevBackendVhost *crypto)
+{
+    vhost_dev_cleanup(&crypto->dev);
+    g_free(crypto);
+}
+
+struct CryptoDevBackendVhost *
+cryptodev_vhost_init(
+             CryptoDevBackendVhostOptions *options)
+{
+    int r;
+    CryptoDevBackendVhost *crypto;
+
+    crypto = g_new(CryptoDevBackendVhost, 1);
+    crypto->dev.max_queues = 1;
+    crypto->dev.nvqs = 1;
+    crypto->dev.vqs = crypto->vqs;
+
+    crypto->cc = options->cc;
+
+    crypto->dev.protocol_features = 0;
+    crypto->backend = -1;
+
+    /* vhost-user needs vq_index to initiate a specific queue pair */
+    crypto->dev.vq_index = crypto->cc->queue_index * crypto->dev.nvqs;
+
+    r = vhost_dev_init(&crypto->dev, options->opaque, options->backend_type, 0);
+    if (r < 0) {
+        goto fail;
+    }
+
+    return crypto;
+fail:
+    g_free(crypto);
+    return NULL;
+}
diff --git a/include/sysemu/cryptodev-vhost.h b/include/sysemu/cryptodev-vhost.h
new file mode 100644
index 0000000..fb26b86
--- /dev/null
+++ b/include/sysemu/cryptodev-vhost.h
@@ -0,0 +1,154 @@
+/*
+ * QEMU Crypto Device Common Vhost Implement
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ *    Gonglei <arei.gonglei@huawei.com>
+ *    Jay Zhou <jianjay.zhou@huawei.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+#ifndef CRYPTODEV_VHOST_H
+#define CRYPTODEV_VHOST_H
+
+#include "qemu-common.h"
+#include "hw/virtio/vhost.h"
+#include "hw/virtio/vhost-backend.h"
+#include "chardev/char.h"
+
+#include "sysemu/cryptodev.h"
+
+
+typedef struct CryptoDevBackendVhostOptions {
+    VhostBackendType backend_type;
+    void *opaque;
+    int total_queues;
+    CryptoDevBackendClient *cc;
+} CryptoDevBackendVhostOptions;
+
+typedef struct CryptoDevBackendVhost {
+    struct vhost_dev dev;
+    struct vhost_virtqueue vqs[1];
+    int backend;
+    CryptoDevBackendClient *cc;
+} CryptoDevBackendVhost;
+
+/**
+ * cryptodev_vhost_get_max_queues:
+ * @crypto: the cryptodev backend common vhost object
+ *
+ * Get the maximum queue number of @crypto.
+ *
+ *
+ * Returns: the maximum queue number
+ */
+uint64_t
+cryptodev_vhost_get_max_queues(
+                        CryptoDevBackendVhost *crypto);
+
+
+/**
+ * cryptodev_vhost_init:
+ * @options: the common vhost object's option
+ *
+ * Creates a new cryptodev backend common vhost object
+ *
+ ** The returned object must be released with
+ * cryptodev_vhost_cleanup() when no
+ * longer required
+ *
+ * Returns: the cryptodev backend common vhost object
+ */
+struct CryptoDevBackendVhost *
+cryptodev_vhost_init(
+             CryptoDevBackendVhostOptions *options);
+
+/**
+ * cryptodev_vhost_cleanup:
+ * @crypto: the cryptodev backend common vhost object
+ *
+ * Clean the resouce associated with @crypto that realizaed
+ * by cryptodev_vhost_init()
+ *
+ */
+void cryptodev_vhost_cleanup(
+                        CryptoDevBackendVhost *crypto);
+
+/**
+ * cryptodev_get_vhost:
+ * @cc: the client object for each queue
+ * @b: the cryptodev backend common vhost object
+ * @queue: the cryptodev backend queue index
+ *
+ * Gets a new cryptodev backend common vhost object based on
+ * @b and @queue
+ *
+ * Returns: the cryptodev backend common vhost object
+ */
+CryptoDevBackendVhost *
+cryptodev_get_vhost(CryptoDevBackendClient *cc,
+                            CryptoDevBackend *b,
+                            uint16_t queue);
+/**
+ * cryptodev_vhost_start:
+ * @dev: the virtio crypto object
+ * @total_queues: the total count of queue
+ *
+ * Starts the vhost crypto logic
+ *
+ * Returns: 0 for success, negative for errors
+ */
+int cryptodev_vhost_start(VirtIODevice *dev, int total_queues);
+
+/**
+ * cryptodev_vhost_stop:
+ * @dev: the virtio crypto object
+ * @total_queues: the total count of queue
+ *
+ * Stops the vhost crypto logic
+ *
+ */
+void cryptodev_vhost_stop(VirtIODevice *dev, int total_queues);
+
+/**
+ * cryptodev_vhost_virtqueue_mask:
+ * @dev: the virtio crypto object
+ * @queue: the cryptodev backend queue index
+ * @idx: the virtqueue index
+ * @mask: mask or not (true or false)
+ *
+ * Mask/unmask events for @idx virtqueue on @dev device
+ *
+ */
+void cryptodev_vhost_virtqueue_mask(VirtIODevice *dev,
+                                           int queue,
+                                           int idx, bool mask);
+
+/**
+ * cryptodev_vhost_virtqueue_pending:
+ * @dev: the virtio crypto object
+ * @queue: the cryptodev backend queue index
+ * @idx: the virtqueue index
+ *
+ * Test and clear event pending status for @idx virtqueue on @dev device.
+ * Should be called after unmask to avoid losing events.
+ *
+ * Returns: true for success, false for errors
+ */
+bool cryptodev_vhost_virtqueue_pending(VirtIODevice *dev,
+                                              int queue, int idx);
+
+#endif /* CRYPTODEV_VHOST_H */
diff --git a/qemu-options.hx b/qemu-options.hx
index 678181c..97db5bc 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -4170,6 +4170,27 @@ which specify the queue number of cryptodev backend, the default of
    [...]
 @end example
 
+@item -object cryptodev-vhost-user,id=@var{id},chardev=@var{chardevid}[,queues=@var{queues}]
+
+Creates a vhost-user cryptodev backend, backed by a chardev @var{chardevid}.
+The @var{id} parameter is a unique ID that will be used to reference this
+cryptodev backend from the @option{virtio-crypto} device.
+The chardev should be a unix domain socket backed one. The vhost-user uses
+a specifically defined protocol to pass vhost ioctl replacement messages
+to an application on the other end of the socket.
+The @var{queues} parameter is optional, which specify the queue number
+of cryptodev backend for multiqueue vhost-user, the default of @var{queues} is 1.
+
+@example
+
+ # qemu-system-x86_64 \
+   [...] \
+       -chardev socket,id=chardev0,path=/path/to/socket \
+       -object cryptodev-vhost-user,id=cryptodev0,chardev=chardev0 \
+       -device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0 \
+   [...]
+@end example
+
 @item -object secret,id=@var{id},data=@var{string},format=@var{raw|base64}[,keyid=@var{secretid},iv=@var{string}]
 @item -object secret,id=@var{id},file=@var{filename},format=@var{raw|base64}[,keyid=@var{secretid},iv=@var{string}]
 
diff --git a/vl.c b/vl.c
index f1c52fe..3e9d86f 100644
--- a/vl.c
+++ b/vl.c
@@ -2867,6 +2867,10 @@ static bool object_create_initial(const char *type)
         return false;
     }
 
+    if (g_str_equal(type, "cryptodev-vhost-user")) {
+        return false;
+    }
+
     /*
      * return false for concrete netfilters since
      * they depend on netdevs already existing
-- 
1.8.3.1

[Qemu-devel] [PATCH v3 2/4] cryptodev: add vhost support

[Jay Zhou]

From: Gonglei <arei.gonglei@huawei.com>

Impliment the vhost-crypto's funtions, such as startup,
stop and notification etc. Introduce an enum
QCryptoCryptoDevBackendOptionsType in order to
identify the cryptodev vhost backend is vhost-user
or vhost-kernel-module (If exist).

At this point, the cryptdoev-vhost-user works.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
---
 backends/cryptodev-builtin.c          |   1 +
 backends/cryptodev-vhost-user.c       |  16 +++
 backends/cryptodev-vhost.c            | 224 ++++++++++++++++++++++++++++++++++
 hw/virtio/Makefile.objs               |   2 +-
 hw/virtio/virtio-crypto.c             |  70 +++++++++++
 include/hw/virtio/virtio-crypto.h     |   1 +
 include/sysemu/cryptodev-vhost-user.h |  44 +++++++
 include/sysemu/cryptodev.h            |   8 ++
 8 files changed, 365 insertions(+), 1 deletion(-)
 create mode 100644 include/sysemu/cryptodev-vhost-user.h

diff --git a/backends/cryptodev-builtin.c b/backends/cryptodev-builtin.c
index 657c0ba..9fb0bd5 100644
--- a/backends/cryptodev-builtin.c
+++ b/backends/cryptodev-builtin.c
@@ -78,6 +78,7 @@ static void cryptodev_builtin_init(
               "cryptodev-builtin", NULL);
     cc->info_str = g_strdup_printf("cryptodev-builtin0");
     cc->queue_index = 0;
+    cc->type = CRYPTODEV_BACKEND_TYPE_BUILTIN;
     backend->conf.peers.ccs[0] = cc;
 
     backend->conf.crypto_services =
diff --git a/backends/cryptodev-vhost-user.c b/backends/cryptodev-vhost-user.c
index 4e63ece..0b1f049 100644
--- a/backends/cryptodev-vhost-user.c
+++ b/backends/cryptodev-vhost-user.c
@@ -29,6 +29,7 @@
 #include "standard-headers/linux/virtio_crypto.h"
 #include "sysemu/cryptodev-vhost.h"
 #include "chardev/char-fe.h"
+#include "sysemu/cryptodev-vhost-user.h"
 
 
 /**
@@ -58,6 +59,20 @@ cryptodev_vhost_user_running(
     return crypto ? 1 : 0;
 }
 
+CryptoDevBackendVhost *
+cryptodev_vhost_user_get_vhost(
+                         CryptoDevBackendClient *cc,
+                         CryptoDevBackend *b,
+                         uint16_t queue)
+{
+    CryptoDevBackendVhostUser *s =
+                      CRYPTODEV_BACKEND_VHOST_USER(b);
+    assert(cc->type == CRYPTODEV_BACKEND_TYPE_VHOST_USER);
+    assert(queue < MAX_CRYPTO_QUEUE_NUM);
+
+    return s->vhost_crypto[queue];
+}
+
 static void cryptodev_vhost_user_stop(int queues,
                           CryptoDevBackendVhostUser *s)
 {
@@ -190,6 +205,7 @@ static void cryptodev_vhost_user_init(
         cc->info_str = g_strdup_printf("cryptodev-vhost-user%lu to %s ",
                                        i, chr->label);
         cc->queue_index = i;
+        cc->type = CRYPTODEV_BACKEND_TYPE_VHOST_USER;
 
         backend->conf.peers.ccs[i] = cc;
 
diff --git a/backends/cryptodev-vhost.c b/backends/cryptodev-vhost.c
index 2c7df3f..830fb53 100644
--- a/backends/cryptodev-vhost.c
+++ b/backends/cryptodev-vhost.c
@@ -25,7 +25,11 @@
 #include "qemu/osdep.h"
 #include "qapi/error.h"
 #include "qapi/qmp/qerror.h"
+#include "qemu/error-report.h"
 #include "sysemu/cryptodev-vhost.h"
+#include "hw/virtio/virtio-crypto.h"
+#include "hw/virtio/virtio-bus.h"
+#include "sysemu/cryptodev-vhost-user.h"
 
 
 uint64_t
@@ -71,3 +75,223 @@ fail:
     g_free(crypto);
     return NULL;
 }
+
+static int
+cryptodev_vhost_start_one(CryptoDevBackendVhost *crypto,
+                                  VirtIODevice *dev)
+{
+    int r;
+
+    crypto->dev.nvqs = 1;
+    crypto->dev.vqs = crypto->vqs;
+
+    r = vhost_dev_enable_notifiers(&crypto->dev, dev);
+    if (r < 0) {
+        goto fail_notifiers;
+    }
+
+    r = vhost_dev_start(&crypto->dev, dev);
+    if (r < 0) {
+        goto fail_start;
+    }
+
+    return 0;
+
+fail_start:
+    vhost_dev_disable_notifiers(&crypto->dev, dev);
+fail_notifiers:
+    return r;
+}
+
+static void
+cryptodev_vhost_stop_one(CryptoDevBackendVhost *crypto,
+                                 VirtIODevice *dev)
+{
+    vhost_dev_stop(&crypto->dev, dev);
+    vhost_dev_disable_notifiers(&crypto->dev, dev);
+}
+
+CryptoDevBackendVhost *
+cryptodev_get_vhost(CryptoDevBackendClient *cc,
+                            CryptoDevBackend *b,
+                            uint16_t queue)
+{
+    CryptoDevBackendVhost *vhost_crypto = NULL;
+
+    if (!cc) {
+        return NULL;
+    }
+
+    switch (cc->type) {
+    case CRYPTODEV_BACKEND_TYPE_VHOST_USER:
+        vhost_crypto = cryptodev_vhost_user_get_vhost(cc, b, queue);
+        break;
+    default:
+        break;
+    }
+
+    return vhost_crypto;
+}
+
+static void
+cryptodev_vhost_set_vq_index(CryptoDevBackendVhost *crypto,
+                                     int vq_index)
+{
+    crypto->dev.vq_index = vq_index;
+}
+
+static int
+vhost_set_vring_enable(CryptoDevBackendClient *cc,
+                            CryptoDevBackend *b,
+                            uint16_t queue, int enable)
+{
+    CryptoDevBackendVhost *crypto =
+                       cryptodev_get_vhost(cc, b, queue);
+    const VhostOps *vhost_ops;
+
+    cc->vring_enable = enable;
+
+    if (!crypto) {
+        return 0;
+    }
+
+    vhost_ops = crypto->dev.vhost_ops;
+    if (vhost_ops->vhost_set_vring_enable) {
+        return vhost_ops->vhost_set_vring_enable(&crypto->dev, enable);
+    }
+
+    return 0;
+}
+
+int cryptodev_vhost_start(VirtIODevice *dev, int total_queues)
+{
+    VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(dev);
+    BusState *qbus = BUS(qdev_get_parent_bus(DEVICE(dev)));
+    VirtioBusState *vbus = VIRTIO_BUS(qbus);
+    VirtioBusClass *k = VIRTIO_BUS_GET_CLASS(vbus);
+    int r, e;
+    int i;
+    CryptoDevBackend *b = vcrypto->cryptodev;
+    CryptoDevBackendVhost *vhost_crypto;
+    CryptoDevBackendClient *cc;
+
+    if (!k->set_guest_notifiers) {
+        error_report("binding does not support guest notifiers");
+        return -ENOSYS;
+    }
+
+    for (i = 0; i < total_queues; i++) {
+        cc = b->conf.peers.ccs[i];
+
+        vhost_crypto = cryptodev_get_vhost(cc, b, i);
+        cryptodev_vhost_set_vq_index(vhost_crypto, i);
+
+        /* Suppress the masking guest notifiers on vhost user
+         * because vhost user doesn't interrupt masking/unmasking
+         * properly.
+         */
+        if (cc->type == CRYPTODEV_BACKEND_TYPE_VHOST_USER) {
+            dev->use_guest_notifier_mask = false;
+        }
+     }
+
+    r = k->set_guest_notifiers(qbus->parent, total_queues, true);
+    if (r < 0) {
+        error_report("error binding guest notifier: %d", -r);
+        goto err;
+    }
+
+    for (i = 0; i < total_queues; i++) {
+        cc = b->conf.peers.ccs[i];
+
+        vhost_crypto = cryptodev_get_vhost(cc, b, i);
+        r = cryptodev_vhost_start_one(vhost_crypto, dev);
+
+        if (r < 0) {
+            goto err_start;
+        }
+
+        if (cc->vring_enable) {
+            /* restore vring enable state */
+            r = vhost_set_vring_enable(cc, b, i, cc->vring_enable);
+
+            if (r < 0) {
+                goto err_start;
+            }
+        }
+    }
+
+    return 0;
+
+err_start:
+    while (--i >= 0) {
+        cc = b->conf.peers.ccs[i];
+        vhost_crypto = cryptodev_get_vhost(cc, b, i);
+        cryptodev_vhost_stop_one(vhost_crypto, dev);
+    }
+    e = k->set_guest_notifiers(qbus->parent, total_queues, false);
+    if (e < 0) {
+        error_report("vhost guest notifier cleanup failed: %d", e);
+    }
+err:
+    return r;
+}
+
+void cryptodev_vhost_stop(VirtIODevice *dev, int total_queues)
+{
+    BusState *qbus = BUS(qdev_get_parent_bus(DEVICE(dev)));
+    VirtioBusState *vbus = VIRTIO_BUS(qbus);
+    VirtioBusClass *k = VIRTIO_BUS_GET_CLASS(vbus);
+    VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(dev);
+    CryptoDevBackend *b = vcrypto->cryptodev;
+    CryptoDevBackendVhost *vhost_crypto;
+    CryptoDevBackendClient *cc;
+    size_t i;
+    int r;
+
+    for (i = 0; i < total_queues; i++) {
+        cc = b->conf.peers.ccs[i];
+
+        vhost_crypto = cryptodev_get_vhost(cc, b, i);
+        cryptodev_vhost_stop_one(vhost_crypto, dev);
+    }
+
+    r = k->set_guest_notifiers(qbus->parent, total_queues, false);
+    if (r < 0) {
+        error_report("vhost guest notifier cleanup failed: %d", r);
+    }
+    assert(r >= 0);
+}
+
+void cryptodev_vhost_virtqueue_mask(VirtIODevice *dev,
+                                           int queue,
+                                           int idx, bool mask)
+{
+    VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(dev);
+    CryptoDevBackend *b = vcrypto->cryptodev;
+    CryptoDevBackendVhost *vhost_crypto;
+    CryptoDevBackendClient *cc;
+
+    assert(queue < MAX_CRYPTO_QUEUE_NUM);
+
+    cc = b->conf.peers.ccs[queue];
+    vhost_crypto = cryptodev_get_vhost(cc, b, queue);
+
+    vhost_virtqueue_mask(&vhost_crypto->dev, dev, idx, mask);
+}
+
+bool cryptodev_vhost_virtqueue_pending(VirtIODevice *dev,
+                                              int queue, int idx)
+{
+    VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(dev);
+    CryptoDevBackend *b = vcrypto->cryptodev;
+    CryptoDevBackendVhost *vhost_crypto;
+    CryptoDevBackendClient *cc;
+
+    assert(queue < MAX_CRYPTO_QUEUE_NUM);
+
+    cc = b->conf.peers.ccs[queue];
+    vhost_crypto = cryptodev_get_vhost(cc, b, queue);
+
+    return vhost_virtqueue_pending(&vhost_crypto->dev, idx);
+}
diff --git a/hw/virtio/Makefile.objs b/hw/virtio/Makefile.objs
index 765d363..c65dca2 100644
--- a/hw/virtio/Makefile.objs
+++ b/hw/virtio/Makefile.objs
@@ -7,7 +7,7 @@ common-obj-y += virtio-mmio.o
 obj-y += virtio.o virtio-balloon.o 
 obj-$(CONFIG_LINUX) += vhost.o vhost-backend.o vhost-user.o
 obj-$(CONFIG_VHOST_VSOCK) += vhost-vsock.o
-obj-y += virtio-crypto.o
+obj-$(CONFIG_LINUX) += virtio-crypto.o
 obj-$(CONFIG_VIRTIO_PCI) += virtio-crypto-pci.o
 endif
 
diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
index 19c82e0..9a9fa49 100644
--- a/hw/virtio/virtio-crypto.c
+++ b/hw/virtio/virtio-crypto.c
@@ -20,6 +20,7 @@
 #include "hw/virtio/virtio-crypto.h"
 #include "hw/virtio/virtio-access.h"
 #include "standard-headers/linux/virtio_ids.h"
+#include "sysemu/cryptodev-vhost.h"
 
 #define VIRTIO_CRYPTO_VM_VERSION 1
 
@@ -880,6 +881,72 @@ static void virtio_crypto_get_config(VirtIODevice *vdev, uint8_t *config)
     memcpy(config, &crypto_cfg, c->config_size);
 }
 
+static bool virtio_crypto_started(VirtIOCrypto *c, uint8_t status)
+{
+    VirtIODevice *vdev = VIRTIO_DEVICE(c);
+    return (status & VIRTIO_CONFIG_S_DRIVER_OK) &&
+        (c->status & VIRTIO_CRYPTO_S_HW_READY) && vdev->vm_running;
+}
+
+static void virtio_crypto_vhost_status(VirtIOCrypto *c, uint8_t status)
+{
+    VirtIODevice *vdev = VIRTIO_DEVICE(c);
+    int queues = c->multiqueue ? c->max_queues : 1;
+    CryptoDevBackend *b = c->cryptodev;
+    CryptoDevBackendClient *cc = b->conf.peers.ccs[0];
+
+    if (!cryptodev_get_vhost(cc, b, 0)) {
+        return;
+    }
+
+    if ((virtio_crypto_started(c, status)) == !!c->vhost_started) {
+        return;
+    }
+
+    if (!c->vhost_started) {
+        int r;
+
+        c->vhost_started = 1;
+        r = cryptodev_vhost_start(vdev, queues);
+        if (r < 0) {
+            error_report("unable to start vhost crypto: %d: "
+                         "falling back on userspace virtio", -r);
+            c->vhost_started = 0;
+        }
+    } else {
+        cryptodev_vhost_stop(vdev, queues);
+        c->vhost_started = 0;
+    }
+}
+
+static void virtio_crypto_set_status(VirtIODevice *vdev, uint8_t status)
+{
+    VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(vdev);
+
+    virtio_crypto_vhost_status(vcrypto, status);
+}
+
+static void virtio_crypto_guest_notifier_mask(VirtIODevice *vdev, int idx,
+                                           bool mask)
+{
+    VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(vdev);
+    int queue = virtio_crypto_vq2q(idx);
+
+    assert(vcrypto->vhost_started);
+
+    cryptodev_vhost_virtqueue_mask(vdev, queue, idx, mask);
+}
+
+static bool virtio_crypto_guest_notifier_pending(VirtIODevice *vdev, int idx)
+{
+    VirtIOCrypto *vcrypto = VIRTIO_CRYPTO(vdev);
+    int queue = virtio_crypto_vq2q(idx);
+
+    assert(vcrypto->vhost_started);
+
+    return cryptodev_vhost_virtqueue_pending(vdev, queue, idx);
+}
+
 static void virtio_crypto_class_init(ObjectClass *klass, void *data)
 {
     DeviceClass *dc = DEVICE_CLASS(klass);
@@ -893,6 +960,9 @@ static void virtio_crypto_class_init(ObjectClass *klass, void *data)
     vdc->get_config = virtio_crypto_get_config;
     vdc->get_features = virtio_crypto_get_features;
     vdc->reset = virtio_crypto_reset;
+    vdc->set_status = virtio_crypto_set_status;
+    vdc->guest_notifier_mask = virtio_crypto_guest_notifier_mask;
+    vdc->guest_notifier_pending = virtio_crypto_guest_notifier_pending;
 }
 
 static void virtio_crypto_instance_init(Object *obj)
diff --git a/include/hw/virtio/virtio-crypto.h b/include/hw/virtio/virtio-crypto.h
index a00a0bf..ca3a049 100644
--- a/include/hw/virtio/virtio-crypto.h
+++ b/include/hw/virtio/virtio-crypto.h
@@ -96,6 +96,7 @@ typedef struct VirtIOCrypto {
     int multiqueue;
     uint32_t curr_queues;
     size_t config_size;
+    uint8_t vhost_started;
 } VirtIOCrypto;
 
 #endif /* _QEMU_VIRTIO_CRYPTO_H */
diff --git a/include/sysemu/cryptodev-vhost-user.h b/include/sysemu/cryptodev-vhost-user.h
new file mode 100644
index 0000000..937217b
--- /dev/null
+++ b/include/sysemu/cryptodev-vhost-user.h
@@ -0,0 +1,44 @@
+/*
+ * QEMU Crypto Device Common Vhost User Implement
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ *    Gonglei <arei.gonglei@huawei.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+#ifndef CRYPTODEV_VHOST_USER_H
+#define CRYPTODEV_VHOST_USER_H
+
+
+/**
+ * cryptodev_vhost_user_get_vhost:
+ * @cc: the client object for each queue
+ * @b: the cryptodev backend common vhost object
+ * @queue: the queue index
+ *
+ * Gets a new cryptodev backend common vhost object based on
+ * @b and @queue
+ *
+ * Returns: the cryptodev backend common vhost object
+ */
+CryptoDevBackendVhost *
+cryptodev_vhost_user_get_vhost(
+                         CryptoDevBackendClient *cc,
+                         CryptoDevBackend *b,
+                         uint16_t queue);
+
+#endif /* CRYPTODEV_VHOST_USER_H */
diff --git a/include/sysemu/cryptodev.h b/include/sysemu/cryptodev.h
index a9d0d1e..faeb6f8 100644
--- a/include/sysemu/cryptodev.h
+++ b/include/sysemu/cryptodev.h
@@ -163,12 +163,20 @@ typedef struct CryptoDevBackendClass {
                      uint32_t queue_index, Error **errp);
 } CryptoDevBackendClass;
 
+typedef enum CryptoDevBackendOptionsType {
+    CRYPTODEV_BACKEND_TYPE_NONE = 0,
+    CRYPTODEV_BACKEND_TYPE_BUILTIN = 1,
+    CRYPTODEV_BACKEND_TYPE_VHOST_USER = 2,
+    CRYPTODEV_BACKEND_TYPE__MAX,
+} CryptoDevBackendOptionsType;
 
 struct CryptoDevBackendClient {
+    CryptoDevBackendOptionsType type;
     char *model;
     char *name;
     char *info_str;
     unsigned int queue_index;
+    int vring_enable;
     QTAILQ_ENTRY(CryptoDevBackendClient) next;
 };
 
-- 
1.8.3.1

[Qemu-devel] [PATCH v3 3/4] cryptodev-vhost-user: add crypto session handler

[Jay Zhou]

From: Gonglei <arei.gonglei@huawei.com>

Introduce two vhost-user meassges: VHOST_USER_CREATE_CRYPTO_SESSION
and VHOST_USER_CLOSE_CRYPTO_SESSION. At this point, the QEMU side
support crypto operation in cryptodev host-user backend.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
---
 backends/cryptodev-vhost-user.c   |  50 ++++++++++++++----
 docs/interop/vhost-user.txt       |  26 ++++++++++
 hw/virtio/vhost-user.c            | 104 ++++++++++++++++++++++++++++++++++++++
 include/hw/virtio/vhost-backend.h |   8 +++
 4 files changed, 177 insertions(+), 11 deletions(-)

diff --git a/backends/cryptodev-vhost-user.c b/backends/cryptodev-vhost-user.c
index 0b1f049..061c0e5 100644
--- a/backends/cryptodev-vhost-user.c
+++ b/backends/cryptodev-vhost-user.c
@@ -233,7 +233,26 @@ static int64_t cryptodev_vhost_user_sym_create_session(
            CryptoDevBackendSymSessionInfo *sess_info,
            uint32_t queue_index, Error **errp)
 {
-    return 0;
+    CryptoDevBackendClient *cc =
+                   backend->conf.peers.ccs[queue_index];
+    CryptoDevBackendVhost *vhost_crypto;
+    uint64_t session_id = 0;
+    int ret;
+
+    vhost_crypto = cryptodev_vhost_user_get_vhost(cc,
+                                           backend, queue_index);
+    if (vhost_crypto) {
+        struct vhost_dev *dev = &(vhost_crypto->dev);
+        ret = dev->vhost_ops->vhost_crypto_create_session(dev,
+                                                       sess_info,
+                                                        &session_id);
+        if (ret < 0) {
+            return -1;
+        } else {
+            return session_id;
+        }
+    }
+    return -1;
 }
 
 static int cryptodev_vhost_user_sym_close_session(
@@ -241,15 +260,24 @@ static int cryptodev_vhost_user_sym_close_session(
            uint64_t session_id,
            uint32_t queue_index, Error **errp)
 {
-    return 0;
-}
-
-static int cryptodev_vhost_user_sym_operation(
-                 CryptoDevBackend *backend,
-                 CryptoDevBackendSymOpInfo *op_info,
-                 uint32_t queue_index, Error **errp)
-{
-    return VIRTIO_CRYPTO_OK;
+    CryptoDevBackendClient *cc =
+                  backend->conf.peers.ccs[queue_index];
+    CryptoDevBackendVhost *vhost_crypto;
+    int ret;
+
+    vhost_crypto = cryptodev_vhost_user_get_vhost(cc,
+                                              backend, queue_index);
+    if (vhost_crypto) {
+        struct vhost_dev *dev = &(vhost_crypto->dev);
+        ret = dev->vhost_ops->vhost_crypto_close_session(dev,
+                                                       session_id);
+        if (ret < 0) {
+            return -1;
+        } else {
+            return 0;
+        }
+    }
+    return -1;
 }
 
 static void cryptodev_vhost_user_cleanup(
@@ -328,7 +356,7 @@ cryptodev_vhost_user_class_init(ObjectClass *oc, void *data)
     bc->cleanup = cryptodev_vhost_user_cleanup;
     bc->create_session = cryptodev_vhost_user_sym_create_session;
     bc->close_session = cryptodev_vhost_user_sym_close_session;
-    bc->do_sym_op = cryptodev_vhost_user_sym_operation;
+    bc->do_sym_op = NULL;
 }
 
 static const TypeInfo cryptodev_vhost_user_info = {
diff --git a/docs/interop/vhost-user.txt b/docs/interop/vhost-user.txt
index d49444e..a5a6f89 100644
--- a/docs/interop/vhost-user.txt
+++ b/docs/interop/vhost-user.txt
@@ -354,6 +354,7 @@ Protocol features
 #define VHOST_USER_PROTOCOL_F_MTU            4
 #define VHOST_USER_PROTOCOL_F_SLAVE_REQ      5
 #define VHOST_USER_PROTOCOL_F_CROSS_ENDIAN   6
+#define VHOST_USER_PROTOCOL_F_CRYPTO_SESSION 7
 
 Master message types
 --------------------
@@ -623,6 +624,31 @@ Master message types
       and expect this message once (per VQ) during device configuration
       (ie. before the master starts the VQ).
 
+ * VHOST_USER_CREATE_CRYPTO_SESSION
+
+      Id: 23
+      Equivalent ioctl: N/A
+      Master payload: crypto session description
+      Slave payload: crypto session description
+
+      Create a session for crypto operation. The server side must return the
+      session id, 0 or positive for success, negative for failure.
+      This request should be sent only when VHOST_USER_PROTOCOL_F_CRYPTO_SESSION
+      feature has been successfully negotiated.
+      It's a required feature for crypto devices.
+
+ * VHOST_USER_CLOSE_CRYPTO_SESSION
+
+      Id: 24
+      Equivalent ioctl: N/A
+      Master payload: u64
+
+      Close a session for crypto operation which was previously
+      created by VHOST_USER_CREATE_CRYPTO_SESSION.
+      This request should be sent only when VHOST_USER_PROTOCOL_F_CRYPTO_SESSION
+      feature has been successfully negotiated.
+      It's a required feature for crypto devices.
+
 Slave message types
 -------------------
 
diff --git a/hw/virtio/vhost-user.c b/hw/virtio/vhost-user.c
index 093675e..f779512 100644
--- a/hw/virtio/vhost-user.c
+++ b/hw/virtio/vhost-user.c
@@ -17,6 +17,7 @@
 #include "sysemu/kvm.h"
 #include "qemu/error-report.h"
 #include "qemu/sockets.h"
+#include "sysemu/cryptodev.h"
 
 #include <sys/ioctl.h>
 #include <sys/socket.h>
@@ -34,6 +35,7 @@ enum VhostUserProtocolFeature {
     VHOST_USER_PROTOCOL_F_NET_MTU = 4,
     VHOST_USER_PROTOCOL_F_SLAVE_REQ = 5,
     VHOST_USER_PROTOCOL_F_CROSS_ENDIAN = 6,
+    VHOST_USER_PROTOCOL_F_CRYPTO_SESSION = 7,
 
     VHOST_USER_PROTOCOL_F_MAX
 };
@@ -65,6 +67,8 @@ typedef enum VhostUserRequest {
     VHOST_USER_SET_SLAVE_REQ_FD = 21,
     VHOST_USER_IOTLB_MSG = 22,
     VHOST_USER_SET_VRING_ENDIAN = 23,
+    VHOST_USER_CREATE_CRYPTO_SESSION = 24,
+    VHOST_USER_CLOSE_CRYPTO_SESSION = 25,
     VHOST_USER_MAX
 } VhostUserRequest;
 
@@ -92,6 +96,17 @@ typedef struct VhostUserLog {
     uint64_t mmap_offset;
 } VhostUserLog;
 
+#define VHOST_CRYPTO_SYM_HMAC_MAX_KEY_LEN    512
+#define VHOST_CRYPTO_SYM_CIPHER_MAX_KEY_LEN  64
+
+typedef struct VhostUserCryptoSession {
+    /* session id for success, -1 on errors */
+    int64_t session_id;
+    CryptoDevBackendSymSessionInfo session_setup_data;
+    uint8_t key[VHOST_CRYPTO_SYM_CIPHER_MAX_KEY_LEN];
+    uint8_t auth_key[VHOST_CRYPTO_SYM_HMAC_MAX_KEY_LEN];
+} VhostUserCryptoSession;
+
 typedef struct VhostUserMsg {
     VhostUserRequest request;
 
@@ -109,6 +124,7 @@ typedef struct VhostUserMsg {
         VhostUserMemory memory;
         VhostUserLog log;
         struct vhost_iotlb_msg iotlb;
+        VhostUserCryptoSession session;
     } payload;
 } QEMU_PACKED VhostUserMsg;
 
@@ -922,6 +938,92 @@ static void vhost_user_set_iotlb_callback(struct vhost_dev *dev, int enabled)
     /* No-op as the receive channel is not dedicated to IOTLB messages. */
 }
 
+static int vhost_user_crypto_create_session(struct vhost_dev *dev,
+                              void *session_info,
+                              uint64_t *session_id)
+{
+    bool crypto_session = virtio_has_feature(dev->protocol_features,
+                                       VHOST_USER_PROTOCOL_F_CRYPTO_SESSION);
+    CryptoDevBackendSymSessionInfo *sess_info = session_info;
+    VhostUserMsg msg = {
+        .request = VHOST_USER_CREATE_CRYPTO_SESSION,
+        .flags = VHOST_USER_VERSION,
+        .size = sizeof(msg.payload.session),
+    };
+
+    assert(dev->vhost_ops->backend_type == VHOST_BACKEND_TYPE_USER);
+
+    if (!crypto_session) {
+        error_report("vhost-user trying to send unhandled ioctl");
+        return -1;
+    }
+
+    memcpy(&msg.payload.session.session_setup_data, sess_info,
+              sizeof(CryptoDevBackendSymSessionInfo));
+    if (sess_info->key_len) {
+        memcpy(&msg.payload.session.key, sess_info->cipher_key,
+               sess_info->key_len);
+    }
+    if (sess_info->auth_key_len > 0) {
+        memcpy(&msg.payload.session.auth_key, sess_info->auth_key,
+               sess_info->auth_key_len);
+    }
+    if (vhost_user_write(dev, &msg, NULL, 0) < 0) {
+        error_report("vhost_user_write() return -1, create session failed");
+        return -1;
+    }
+
+    if (vhost_user_read(dev, &msg) < 0) {
+        error_report("vhost_user_read() return -1, create session failed");
+        return -1;
+    }
+
+    if (msg.request != VHOST_USER_CREATE_CRYPTO_SESSION) {
+        error_report("Received unexpected msg type. Expected %d received %d",
+                     VHOST_USER_CREATE_CRYPTO_SESSION, msg.request);
+        return -1;
+    }
+
+    if (msg.size != sizeof(msg.payload.session)) {
+        error_report("Received bad msg size.");
+        return -1;
+    }
+
+    if (msg.payload.session.session_id < 0) {
+        error_report("Bad session id: %" PRId64 "",
+                              msg.payload.session.session_id);
+        return -1;
+    }
+    *session_id = msg.payload.session.session_id;
+
+    return 0;
+}
+
+static int
+vhost_user_crypto_close_session(struct vhost_dev *dev, uint64_t session_id)
+{
+    bool crypto_session = virtio_has_feature(dev->protocol_features,
+                                       VHOST_USER_PROTOCOL_F_CRYPTO_SESSION);
+    VhostUserMsg msg = {
+        .request = VHOST_USER_CLOSE_CRYPTO_SESSION,
+        .flags = VHOST_USER_VERSION,
+        .size = sizeof(msg.payload.u64),
+    };
+    msg.payload.u64 = session_id;
+
+    if (!crypto_session) {
+        error_report("vhost-user trying to send unhandled ioctl");
+        return -1;
+    }
+
+    if (vhost_user_write(dev, &msg, NULL, 0) < 0) {
+        error_report("vhost_user_write() return -1, close session failed");
+        return -1;
+    }
+
+    return 0;
+}
+
 const VhostOps user_ops = {
         .backend_type = VHOST_BACKEND_TYPE_USER,
         .vhost_backend_init = vhost_user_init,
@@ -948,4 +1050,6 @@ const VhostOps user_ops = {
         .vhost_net_set_mtu = vhost_user_net_set_mtu,
         .vhost_set_iotlb_callback = vhost_user_set_iotlb_callback,
         .vhost_send_device_iotlb_msg = vhost_user_send_device_iotlb_msg,
+        .vhost_crypto_create_session = vhost_user_crypto_create_session,
+        .vhost_crypto_close_session = vhost_user_crypto_close_session,
 };
diff --git a/include/hw/virtio/vhost-backend.h b/include/hw/virtio/vhost-backend.h
index a7a5f22..21d9479 100644
--- a/include/hw/virtio/vhost-backend.h
+++ b/include/hw/virtio/vhost-backend.h
@@ -85,6 +85,12 @@ typedef void (*vhost_set_iotlb_callback_op)(struct vhost_dev *dev,
 typedef int (*vhost_send_device_iotlb_msg_op)(struct vhost_dev *dev,
                                               struct vhost_iotlb_msg *imsg);
 
+typedef int (*vhost_crypto_create_session_op)(struct vhost_dev *dev,
+                                      void *session_info,
+                                      uint64_t *session_id);
+typedef int (*vhost_crypto_close_session_op)(struct vhost_dev *dev,
+                                      uint64_t session_id);
+
 typedef struct VhostOps {
     VhostBackendType backend_type;
     vhost_backend_init vhost_backend_init;
@@ -118,6 +124,8 @@ typedef struct VhostOps {
     vhost_vsock_set_running_op vhost_vsock_set_running;
     vhost_set_iotlb_callback_op vhost_set_iotlb_callback;
     vhost_send_device_iotlb_msg_op vhost_send_device_iotlb_msg;
+    vhost_crypto_create_session_op vhost_crypto_create_session;
+    vhost_crypto_close_session_op vhost_crypto_close_session;
 } VhostOps;
 
 extern const VhostOps user_ops;
-- 
1.8.3.1

[Qemu-devel] [PATCH v3 4/4] cryptodev-vhost-user: set the key length

[Jay Zhou]

From: Gonglei <arei.gonglei@huawei.com>

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
---
 backends/cryptodev-vhost-user.c       | 4 ++++
 include/sysemu/cryptodev-vhost-user.h | 3 +++
 2 files changed, 7 insertions(+)

diff --git a/backends/cryptodev-vhost-user.c b/backends/cryptodev-vhost-user.c
index 061c0e5..c7a9848 100644
--- a/backends/cryptodev-vhost-user.c
+++ b/backends/cryptodev-vhost-user.c
@@ -226,6 +226,10 @@ static void cryptodev_vhost_user_init(
                          1u << VIRTIO_CRYPTO_SERVICE_MAC;
     backend->conf.cipher_algo_l = 1u << VIRTIO_CRYPTO_CIPHER_AES_CBC;
     backend->conf.hash_algo = 1u << VIRTIO_CRYPTO_HASH_SHA1;
+
+    backend->conf.max_size = UINT64_MAX;
+    backend->conf.max_cipher_key_len = VHOST_USER_MAX_AUTH_KEY_LEN;
+    backend->conf.max_auth_key_len = VHOST_USER_MAX_AUTH_KEY_LEN;
 }
 
 static int64_t cryptodev_vhost_user_sym_create_session(
diff --git a/include/sysemu/cryptodev-vhost-user.h b/include/sysemu/cryptodev-vhost-user.h
index 937217b..6debf53 100644
--- a/include/sysemu/cryptodev-vhost-user.h
+++ b/include/sysemu/cryptodev-vhost-user.h
@@ -23,6 +23,9 @@
 #ifndef CRYPTODEV_VHOST_USER_H
 #define CRYPTODEV_VHOST_USER_H
 
+#define VHOST_USER_MAX_AUTH_KEY_LEN    512
+#define VHOST_USER_MAX_CIPHER_KEY_LEN  64
+
 
 /**
  * cryptodev_vhost_user_get_vhost:
-- 
1.8.3.1

Re: [Qemu-devel] [PATCH v3 0/4] cryptodev: add vhost support

[Zhoujian (jay)]

VHOST_USER_CREATE_CRYPTO_SESSION and VHOST_USER_CLOSE_CRYPTO_SESSION are new
added messages, they should be sent only when
VHOST_USER_PROTOCOL_F_CRYPTO_SESSION feature has been successfully negotiated.

The differs between v2 and v3 are listed below, pls review, thanks!

---
diff --git a/docs/interop/vhost-user.txt b/docs/interop/vhost-user.txt
index f43c63d..3aec685 100644
--- a/docs/interop/vhost-user.txt
+++ b/docs/interop/vhost-user.txt
@@ -327,6 +327,7 @@ Protocol features
 #define VHOST_USER_PROTOCOL_F_MTU            4
 #define VHOST_USER_PROTOCOL_F_SLAVE_REQ      5
 #define VHOST_USER_PROTOCOL_F_CROSS_ENDIAN   6
+#define VHOST_USER_PROTOCOL_F_CRYPTO_SESSION 7
 
 Master message types
 --------------------
@@ -605,6 +606,9 @@ Master message types
 
       Create a session for crypto operation. The server side must return the
       session id, 0 or positive for success, negative for failure.
+      This request should be sent only when VHOST_USER_PROTOCOL_F_CRYPTO_SESSION
+      feature has been successfully negotiated.
+      It's a required feature for crypto devices.
 
  * VHOST_USER_CLOSE_CRYPTO_SESSION
 
@@ -614,6 +618,9 @@ Master message types
 
       Close a session for crypto operation which was previously
       created by VHOST_USER_CREATE_CRYPTO_SESSION.
+      This request should be sent only when VHOST_USER_PROTOCOL_F_CRYPTO_SESSION
+      feature has been successfully negotiated.
+      It's a required feature for crypto devices.
 
 Slave message types
 -------------------
diff --git a/hw/virtio/vhost-user.c b/hw/virtio/vhost-user.c
index 7865c6d..f779512 100644
--- a/hw/virtio/vhost-user.c
+++ b/hw/virtio/vhost-user.c
@@ -35,6 +35,7 @@ enum VhostUserProtocolFeature {
     VHOST_USER_PROTOCOL_F_NET_MTU = 4,
     VHOST_USER_PROTOCOL_F_SLAVE_REQ = 5,
     VHOST_USER_PROTOCOL_F_CROSS_ENDIAN = 6,
+    VHOST_USER_PROTOCOL_F_CRYPTO_SESSION = 7,
 
     VHOST_USER_PROTOCOL_F_MAX
 };
@@ -941,6 +942,8 @@ static int vhost_user_crypto_create_session(struct vhost_dev *dev,
                               void *session_info,
                               uint64_t *session_id)
 {
+    bool crypto_session = virtio_has_feature(dev->protocol_features,
+                                       VHOST_USER_PROTOCOL_F_CRYPTO_SESSION);
     CryptoDevBackendSymSessionInfo *sess_info = session_info;
     VhostUserMsg msg = {
         .request = VHOST_USER_CREATE_CRYPTO_SESSION,
@@ -950,6 +953,11 @@ static int vhost_user_crypto_create_session(struct vhost_dev *dev,
 
     assert(dev->vhost_ops->backend_type == VHOST_BACKEND_TYPE_USER);
 
+    if (!crypto_session) {
+        error_report("vhost-user trying to send unhandled ioctl");
+        return -1;
+    }
+
     memcpy(&msg.payload.session.session_setup_data, sess_info,
               sizeof(CryptoDevBackendSymSessionInfo));
     if (sess_info->key_len) {
@@ -994,6 +1002,8 @@ static int vhost_user_crypto_create_session(struct vhost_dev *dev,
 static int
 vhost_user_crypto_close_session(struct vhost_dev *dev, uint64_t session_id)
 {
+    bool crypto_session = virtio_has_feature(dev->protocol_features,
+                                       VHOST_USER_PROTOCOL_F_CRYPTO_SESSION);
     VhostUserMsg msg = {
         .request = VHOST_USER_CLOSE_CRYPTO_SESSION,
         .flags = VHOST_USER_VERSION,
@@ -1001,6 +1011,11 @@ vhost_user_crypto_close_session(struct vhost_dev *dev, uint64_t session_id)
     };
     msg.payload.u64 = session_id;
 
+    if (!crypto_session) {
+        error_report("vhost-user trying to send unhandled ioctl");
+        return -1;
+    }
+
     if (vhost_user_write(dev, &msg, NULL, 0) < 0) {
         error_report("vhost_user_write() return -1, close session failed");
         return -1;


> -----Original Message-----
> From: Zhoujian (jay)
> Sent: Tuesday, January 16, 2018 10:07 PM
> To: qemu-devel@nongnu.org
> Cc: mst@redhat.com; pbonzini@redhat.com; Huangweidong (C)
> <weidong.huang@huawei.com>; stefanha@redhat.com; Zhoujian (jay)
> <jianjay.zhou@huawei.com>; pasic@linux.vnet.ibm.com; longpeng
> <longpeng2@huawei.com>; xin.zeng@intel.com; roy.fan.zhang@intel.com; Gonglei
> (Arei) <arei.gonglei@huawei.com>
> Subject: [PATCH v3 0/4] cryptodev: add vhost support
> 
> From: Gonglei <arei.gonglei@huawei.com>
> 
> I posted the RFC verion a few months ago for DPDK vhost-crypto implmention,
> and now it's time to send the formal version. Because we need an user space
> scheme for better performance.
> 
> The vhost user crypto server side patches had been sent to DPDK community,
> pls see
> 
> [RFC PATCH 0/6] lib/librte_vhost: introduce new vhost_user crypto backend
> support http://dpdk.org/ml/archives/dev/2017-November/081048.html
> 
> You also can get virtio-crypto polling mode driver from:
> 
> [PATCH] virtio: add new driver for crypto devices
> http://dpdk.org/ml/archives/dev/2017-November/081985.html
> 
> Gonglei (4):
>   cryptodev: add vhost-user as a new cryptodev backend
>   cryptodev: add vhost support
>   cryptodev-vhost-user: add crypto session handler
>   cryptodev-vhost-user: set the key length
> 
>  backends/Makefile.objs                |   4 +
>  backends/cryptodev-builtin.c          |   1 +
>  backends/cryptodev-vhost-user.c       | 381
> ++++++++++++++++++++++++++++++++++
>  backends/cryptodev-vhost.c            | 297 ++++++++++++++++++++++++++
>  docs/interop/vhost-user.txt           |  26 +++
>  hw/virtio/Makefile.objs               |   2 +-
>  hw/virtio/vhost-user.c                | 104 ++++++++++
>  hw/virtio/virtio-crypto.c             |  70 +++++++
>  include/hw/virtio/vhost-backend.h     |   8 +
>  include/hw/virtio/virtio-crypto.h     |   1 +
>  include/sysemu/cryptodev-vhost-user.h |  47 +++++
>  include/sysemu/cryptodev-vhost.h      | 154 ++++++++++++++
>  include/sysemu/cryptodev.h            |   8 +
>  qemu-options.hx                       |  21 ++
>  vl.c                                  |   4 +
>  15 files changed, 1127 insertions(+), 1 deletion(-)  create mode 100644
> backends/cryptodev-vhost-user.c  create mode 100644 backends/cryptodev-
> vhost.c  create mode 100644 include/sysemu/cryptodev-vhost-user.h
>  create mode 100644 include/sysemu/cryptodev-vhost.h
> 
> --
> 1.8.3.1
> 

Re: [Qemu-devel] [PATCH v3 0/4] cryptodev: add vhost support

[Michael S. Tsirkin]

On Tue, Jan 16, 2018 at 02:21:32PM +0000, Zhoujian (jay) wrote:
> VHOST_USER_CREATE_CRYPTO_SESSION and VHOST_USER_CLOSE_CRYPTO_SESSION are new
> added messages, they should be sent only when
> VHOST_USER_PROTOCOL_F_CRYPTO_SESSION feature has been successfully negotiated.
> 
> The differs between v2 and v3 are listed below, pls review, thanks!
> 
> ---
> diff --git a/docs/interop/vhost-user.txt b/docs/interop/vhost-user.txt
> index f43c63d..3aec685 100644
> --- a/docs/interop/vhost-user.txt
> +++ b/docs/interop/vhost-user.txt
> @@ -327,6 +327,7 @@ Protocol features
>  #define VHOST_USER_PROTOCOL_F_MTU            4
>  #define VHOST_USER_PROTOCOL_F_SLAVE_REQ      5
>  #define VHOST_USER_PROTOCOL_F_CROSS_ENDIAN   6
> +#define VHOST_USER_PROTOCOL_F_CRYPTO_SESSION 7
>  
>  Master message types
>  --------------------
> @@ -605,6 +606,9 @@ Master message types
>  
>        Create a session for crypto operation. The server side must return the
>        session id, 0 or positive for success, negative for failure.
> +      This request should be sent only when VHOST_USER_PROTOCOL_F_CRYPTO_SESSION
> +      feature has been successfully negotiated.
> +      It's a required feature for crypto devices.
>  
>   * VHOST_USER_CLOSE_CRYPTO_SESSION
>  
> @@ -614,6 +618,9 @@ Master message types
>  
>        Close a session for crypto operation which was previously
>        created by VHOST_USER_CREATE_CRYPTO_SESSION.
> +      This request should be sent only when VHOST_USER_PROTOCOL_F_CRYPTO_SESSION
> +      feature has been successfully negotiated.
> +      It's a required feature for crypto devices.
>  
>  Slave message types
>  -------------------
> diff --git a/hw/virtio/vhost-user.c b/hw/virtio/vhost-user.c
> index 7865c6d..f779512 100644
> --- a/hw/virtio/vhost-user.c
> +++ b/hw/virtio/vhost-user.c
> @@ -35,6 +35,7 @@ enum VhostUserProtocolFeature {
>      VHOST_USER_PROTOCOL_F_NET_MTU = 4,
>      VHOST_USER_PROTOCOL_F_SLAVE_REQ = 5,
>      VHOST_USER_PROTOCOL_F_CROSS_ENDIAN = 6,
> +    VHOST_USER_PROTOCOL_F_CRYPTO_SESSION = 7,
>  
>      VHOST_USER_PROTOCOL_F_MAX
>  };
> @@ -941,6 +942,8 @@ static int vhost_user_crypto_create_session(struct vhost_dev *dev,
>                                void *session_info,
>                                uint64_t *session_id)
>  {
> +    bool crypto_session = virtio_has_feature(dev->protocol_features,
> +                                       VHOST_USER_PROTOCOL_F_CRYPTO_SESSION);
>      CryptoDevBackendSymSessionInfo *sess_info = session_info;
>      VhostUserMsg msg = {
>          .request = VHOST_USER_CREATE_CRYPTO_SESSION,
> @@ -950,6 +953,11 @@ static int vhost_user_crypto_create_session(struct vhost_dev *dev,
>  
>      assert(dev->vhost_ops->backend_type == VHOST_BACKEND_TYPE_USER);
>  
> +    if (!crypto_session) {
> +        error_report("vhost-user trying to send unhandled ioctl");
> +        return -1;
> +    }
> +
>      memcpy(&msg.payload.session.session_setup_data, sess_info,
>                sizeof(CryptoDevBackendSymSessionInfo));
>      if (sess_info->key_len) {
> @@ -994,6 +1002,8 @@ static int vhost_user_crypto_create_session(struct vhost_dev *dev,
>  static int
>  vhost_user_crypto_close_session(struct vhost_dev *dev, uint64_t session_id)
>  {
> +    bool crypto_session = virtio_has_feature(dev->protocol_features,
> +                                       VHOST_USER_PROTOCOL_F_CRYPTO_SESSION);
>      VhostUserMsg msg = {
>          .request = VHOST_USER_CLOSE_CRYPTO_SESSION,
>          .flags = VHOST_USER_VERSION,
> @@ -1001,6 +1011,11 @@ vhost_user_crypto_close_session(struct vhost_dev *dev, uint64_t session_id)
>      };
>      msg.payload.u64 = session_id;
>  
> +    if (!crypto_session) {
> +        error_report("vhost-user trying to send unhandled ioctl");
> +        return -1;
> +    }
> +
>      if (vhost_user_write(dev, &msg, NULL, 0) < 0) {
>          error_report("vhost_user_write() return -1, close session failed");
>          return -1;
> 

Documentation and error messages could be improved, but I think this
is reasonable enough to put upstream and improve on top.


> > -----Original Message-----
> > From: Zhoujian (jay)
> > Sent: Tuesday, January 16, 2018 10:07 PM
> > To: qemu-devel@nongnu.org
> > Cc: mst@redhat.com; pbonzini@redhat.com; Huangweidong (C)
> > <weidong.huang@huawei.com>; stefanha@redhat.com; Zhoujian (jay)
> > <jianjay.zhou@huawei.com>; pasic@linux.vnet.ibm.com; longpeng
> > <longpeng2@huawei.com>; xin.zeng@intel.com; roy.fan.zhang@intel.com; Gonglei
> > (Arei) <arei.gonglei@huawei.com>
> > Subject: [PATCH v3 0/4] cryptodev: add vhost support
> > 
> > From: Gonglei <arei.gonglei@huawei.com>
> > 
> > I posted the RFC verion a few months ago for DPDK vhost-crypto implmention,
> > and now it's time to send the formal version. Because we need an user space
> > scheme for better performance.
> > 
> > The vhost user crypto server side patches had been sent to DPDK community,
> > pls see
> > 
> > [RFC PATCH 0/6] lib/librte_vhost: introduce new vhost_user crypto backend
> > support http://dpdk.org/ml/archives/dev/2017-November/081048.html
> > 
> > You also can get virtio-crypto polling mode driver from:
> > 
> > [PATCH] virtio: add new driver for crypto devices
> > http://dpdk.org/ml/archives/dev/2017-November/081985.html
> > 
> > Gonglei (4):
> >   cryptodev: add vhost-user as a new cryptodev backend
> >   cryptodev: add vhost support
> >   cryptodev-vhost-user: add crypto session handler
> >   cryptodev-vhost-user: set the key length
> > 
> >  backends/Makefile.objs                |   4 +
> >  backends/cryptodev-builtin.c          |   1 +
> >  backends/cryptodev-vhost-user.c       | 381
> > ++++++++++++++++++++++++++++++++++
> >  backends/cryptodev-vhost.c            | 297 ++++++++++++++++++++++++++
> >  docs/interop/vhost-user.txt           |  26 +++
> >  hw/virtio/Makefile.objs               |   2 +-
> >  hw/virtio/vhost-user.c                | 104 ++++++++++
> >  hw/virtio/virtio-crypto.c             |  70 +++++++
> >  include/hw/virtio/vhost-backend.h     |   8 +
> >  include/hw/virtio/virtio-crypto.h     |   1 +
> >  include/sysemu/cryptodev-vhost-user.h |  47 +++++
> >  include/sysemu/cryptodev-vhost.h      | 154 ++++++++++++++
> >  include/sysemu/cryptodev.h            |   8 +
> >  qemu-options.hx                       |  21 ++
> >  vl.c                                  |   4 +
> >  15 files changed, 1127 insertions(+), 1 deletion(-)  create mode 100644
> > backends/cryptodev-vhost-user.c  create mode 100644 backends/cryptodev-
> > vhost.c  create mode 100644 include/sysemu/cryptodev-vhost-user.h
> >  create mode 100644 include/sysemu/cryptodev-vhost.h
> > 
> > --
> > 1.8.3.1
> > 

Re: [Qemu-devel] [PATCH v3 1/4] cryptodev: add vhost-user as a new cryptodev backend

[Michael S. Tsirkin]

On Tue, Jan 16, 2018 at 10:06:50PM +0800, Jay Zhou wrote:
> From: Gonglei <arei.gonglei@huawei.com>
> 
> Usage:
>  -chardev socket,id=charcrypto0,path=/path/to/your/socket
>  -object cryptodev-vhost-user,id=cryptodev0,chardev=charcrypto0
>  -device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0
> 
> Signed-off-by: Gonglei <arei.gonglei@huawei.com>
> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
> Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
> ---
>  backends/Makefile.objs           |   4 +
>  backends/cryptodev-vhost-user.c  | 333 +++++++++++++++++++++++++++++++++++++++
>  backends/cryptodev-vhost.c       |  73 +++++++++
>  include/sysemu/cryptodev-vhost.h | 154 ++++++++++++++++++
>  qemu-options.hx                  |  21 +++
>  vl.c                             |   4 +
>  6 files changed, 589 insertions(+)
>  create mode 100644 backends/cryptodev-vhost-user.c
>  create mode 100644 backends/cryptodev-vhost.c
>  create mode 100644 include/sysemu/cryptodev-vhost.h
> 
> diff --git a/backends/Makefile.objs b/backends/Makefile.objs
> index 0400799..9e1fb76 100644
> --- a/backends/Makefile.objs
> +++ b/backends/Makefile.objs
> @@ -8,3 +8,7 @@ common-obj-$(CONFIG_LINUX) += hostmem-file.o
>  
>  common-obj-y += cryptodev.o
>  common-obj-y += cryptodev-builtin.o
> +
> +ifeq ($(CONFIG_VIRTIO),y)
> +common-obj-$(CONFIG_LINUX) += cryptodev-vhost.o cryptodev-vhost-user.o
> +endif

Shouldn't this depend on CONFIG_VHOST_USER?


> diff --git a/backends/cryptodev-vhost-user.c b/backends/cryptodev-vhost-user.c
> new file mode 100644
> index 0000000..4e63ece
> --- /dev/null
> +++ b/backends/cryptodev-vhost-user.c
> @@ -0,0 +1,333 @@
> +/*
> + * QEMU Cryptodev backend for QEMU cipher APIs
> + *
> + * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
> + *
> + * Authors:
> + *    Gonglei <arei.gonglei@huawei.com>
> + *
> + * This library is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU Lesser General Public
> + * License as published by the Free Software Foundation; either
> + * version 2 of the License, or (at your option) any later version.
> + *
> + * This library is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> + * Lesser General Public License for more details.
> + *
> + * You should have received a copy of the GNU Lesser General Public
> + * License along with this library; if not, see <http://www.gnu.org/licenses/>.
> + *
> + */
> +
> +#include "qemu/osdep.h"
> +#include "hw/boards.h"
> +#include "qapi/error.h"
> +#include "qapi/qmp/qerror.h"
> +#include "qemu/error-report.h"
> +#include "standard-headers/linux/virtio_crypto.h"
> +#include "sysemu/cryptodev-vhost.h"
> +#include "chardev/char-fe.h"
> +
> +
> +/**
> + * @TYPE_CRYPTODEV_BACKEND_VHOST_USER:
> + * name of backend that uses vhost user server
> + */
> +#define TYPE_CRYPTODEV_BACKEND_VHOST_USER "cryptodev-vhost-user"
> +
> +#define CRYPTODEV_BACKEND_VHOST_USER(obj) \
> +    OBJECT_CHECK(CryptoDevBackendVhostUser, \
> +                 (obj), TYPE_CRYPTODEV_BACKEND_VHOST_USER)
> +
> +
> +typedef struct CryptoDevBackendVhostUser {
> +    CryptoDevBackend parent_obj;
> +
> +    CharBackend chr;
> +    char *chr_name;
> +    bool opened;
> +    CryptoDevBackendVhost *vhost_crypto[MAX_CRYPTO_QUEUE_NUM];
> +} CryptoDevBackendVhostUser;
> +
> +static int
> +cryptodev_vhost_user_running(
> +             CryptoDevBackendVhost *crypto)
> +{
> +    return crypto ? 1 : 0;
> +}
> +
> +static void cryptodev_vhost_user_stop(int queues,
> +                          CryptoDevBackendVhostUser *s)
> +{
> +    size_t i;
> +
> +    for (i = 0; i < queues; i++) {
> +        if (!cryptodev_vhost_user_running(s->vhost_crypto[i])) {
> +            continue;
> +        }
> +
> +        if (s->vhost_crypto) {
> +            cryptodev_vhost_cleanup(s->vhost_crypto[i]);
> +            s->vhost_crypto[i] = NULL;
> +        }
> +    }
> +}
> +
> +static int
> +cryptodev_vhost_user_start(int queues,
> +                         CryptoDevBackendVhostUser *s)
> +{
> +    CryptoDevBackendVhostOptions options;
> +    CryptoDevBackend *b = CRYPTODEV_BACKEND(s);
> +    int max_queues;
> +    size_t i;
> +
> +    for (i = 0; i < queues; i++) {
> +        if (cryptodev_vhost_user_running(s->vhost_crypto[i])) {
> +            continue;
> +        }
> +
> +        options.opaque = &s->chr;
> +        options.backend_type = VHOST_BACKEND_TYPE_USER;
> +        options.cc = b->conf.peers.ccs[i];
> +        s->vhost_crypto[i] = cryptodev_vhost_init(&options);
> +        if (!s->vhost_crypto[i]) {
> +            error_report("failed to init vhost_crypto for queue %lu", i);
> +            goto err;
> +        }
> +
> +        if (i == 0) {
> +            max_queues =
> +              cryptodev_vhost_get_max_queues(s->vhost_crypto[i]);
> +            if (queues > max_queues) {
> +                error_report("you are asking more queues than supported: %d",
> +                             max_queues);
> +                goto err;
> +            }
> +        }
> +    }
> +
> +    return 0;
> +
> +err:
> +    cryptodev_vhost_user_stop(i + 1, s);
> +    return -1;
> +}
> +
> +static Chardev *
> +cryptodev_vhost_claim_chardev(CryptoDevBackendVhostUser *s,
> +                                    Error **errp)
> +{
> +    Chardev *chr;
> +
> +    if (s->chr_name == NULL) {
> +        error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
> +                   "chardev", "a valid character device");
> +        return NULL;
> +    }
> +
> +    chr = qemu_chr_find(s->chr_name);
> +    if (chr == NULL) {
> +        error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND,
> +                  "Device '%s' not found", s->chr_name);
> +        return NULL;
> +    }
> +
> +    return chr;
> +}
> +
> +static void cryptodev_vhost_user_event(void *opaque, int event)
> +{
> +    CryptoDevBackendVhostUser *s = opaque;
> +    CryptoDevBackend *b = CRYPTODEV_BACKEND(s);
> +    Error *err = NULL;
> +    int queues = b->conf.peers.queues;
> +
> +    assert(queues < MAX_CRYPTO_QUEUE_NUM);
> +
> +    switch (event) {
> +    case CHR_EVENT_OPENED:
> +        if (cryptodev_vhost_user_start(queues, s) < 0) {
> +            exit(1);
> +        }
> +        b->ready = true;
> +        break;
> +    case CHR_EVENT_CLOSED:
> +        b->ready = false;
> +        cryptodev_vhost_user_stop(queues, s);
> +        break;
> +    }
> +
> +    if (err) {
> +        error_report_err(err);
> +    }
> +}
> +
> +static void cryptodev_vhost_user_init(
> +             CryptoDevBackend *backend, Error **errp)
> +{
> +    int queues = backend->conf.peers.queues;
> +    size_t i;
> +    Error *local_err = NULL;
> +    Chardev *chr;
> +    CryptoDevBackendClient *cc;
> +    CryptoDevBackendVhostUser *s =
> +                      CRYPTODEV_BACKEND_VHOST_USER(backend);
> +
> +    chr = cryptodev_vhost_claim_chardev(s, &local_err);
> +    if (local_err) {
> +        error_propagate(errp, local_err);
> +        return;
> +    }
> +
> +    s->opened = true;
> +
> +    for (i = 0; i < queues; i++) {
> +        cc = cryptodev_backend_new_client(
> +                  "cryptodev-vhost-user", NULL);
> +        cc->info_str = g_strdup_printf("cryptodev-vhost-user%lu to %s ",
> +                                       i, chr->label);
> +        cc->queue_index = i;
> +
> +        backend->conf.peers.ccs[i] = cc;
> +
> +        if (i == 0) {
> +            if (!qemu_chr_fe_init(&s->chr, chr, &local_err)) {
> +                error_propagate(errp, local_err);
> +                return;
> +            }
> +        }
> +    }
> +
> +    qemu_chr_fe_set_handlers(&s->chr, NULL, NULL,
> +                     cryptodev_vhost_user_event, NULL, s, NULL, true);
> +
> +    backend->conf.crypto_services =
> +                         1u << VIRTIO_CRYPTO_SERVICE_CIPHER |
> +                         1u << VIRTIO_CRYPTO_SERVICE_HASH |
> +                         1u << VIRTIO_CRYPTO_SERVICE_MAC;
> +    backend->conf.cipher_algo_l = 1u << VIRTIO_CRYPTO_CIPHER_AES_CBC;
> +    backend->conf.hash_algo = 1u << VIRTIO_CRYPTO_HASH_SHA1;
> +}
> +
> +static int64_t cryptodev_vhost_user_sym_create_session(
> +           CryptoDevBackend *backend,
> +           CryptoDevBackendSymSessionInfo *sess_info,
> +           uint32_t queue_index, Error **errp)
> +{
> +    return 0;
> +}
> +
> +static int cryptodev_vhost_user_sym_close_session(
> +           CryptoDevBackend *backend,
> +           uint64_t session_id,
> +           uint32_t queue_index, Error **errp)
> +{
> +    return 0;
> +}
> +
> +static int cryptodev_vhost_user_sym_operation(
> +                 CryptoDevBackend *backend,
> +                 CryptoDevBackendSymOpInfo *op_info,
> +                 uint32_t queue_index, Error **errp)
> +{
> +    return VIRTIO_CRYPTO_OK;
> +}
> +
> +static void cryptodev_vhost_user_cleanup(
> +             CryptoDevBackend *backend,
> +             Error **errp)
> +{
> +    CryptoDevBackendVhostUser *s =
> +                      CRYPTODEV_BACKEND_VHOST_USER(backend);
> +    size_t i;
> +    int queues = backend->conf.peers.queues;
> +    CryptoDevBackendClient *cc;
> +
> +    cryptodev_vhost_user_stop(queues, s);
> +
> +    for (i = 0; i < queues; i++) {
> +        cc = backend->conf.peers.ccs[i];
> +        if (cc) {
> +            cryptodev_backend_free_client(cc);
> +            backend->conf.peers.ccs[i] = NULL;
> +        }
> +    }
> +}
> +
> +static void cryptodev_vhost_user_set_chardev(Object *obj,
> +                                    const char *value, Error **errp)
> +{
> +    CryptoDevBackendVhostUser *s =
> +                      CRYPTODEV_BACKEND_VHOST_USER(obj);
> +
> +    if (s->opened) {
> +        error_setg(errp, QERR_PERMISSION_DENIED);
> +    } else {
> +        g_free(s->chr_name);
> +        s->chr_name = g_strdup(value);
> +    }
> +}
> +
> +static char *
> +cryptodev_vhost_user_get_chardev(Object *obj, Error **errp)
> +{
> +    CryptoDevBackendVhostUser *s =
> +                      CRYPTODEV_BACKEND_VHOST_USER(obj);
> +    Chardev *chr = qemu_chr_fe_get_driver(&s->chr);
> +
> +    if (chr && chr->label) {
> +        return g_strdup(chr->label);
> +    }
> +
> +    return NULL;
> +}
> +
> +static void cryptodev_vhost_user_instance_int(Object *obj)
> +{
> +    object_property_add_str(obj, "chardev",
> +                            cryptodev_vhost_user_get_chardev,
> +                            cryptodev_vhost_user_set_chardev,
> +                            NULL);
> +}
> +
> +static void cryptodev_vhost_user_finalize(Object *obj)
> +{
> +    CryptoDevBackendVhostUser *s =
> +                      CRYPTODEV_BACKEND_VHOST_USER(obj);
> +
> +    qemu_chr_fe_deinit(&s->chr, false);
> +
> +    g_free(s->chr_name);
> +}
> +
> +static void
> +cryptodev_vhost_user_class_init(ObjectClass *oc, void *data)
> +{
> +    CryptoDevBackendClass *bc = CRYPTODEV_BACKEND_CLASS(oc);
> +
> +    bc->init = cryptodev_vhost_user_init;
> +    bc->cleanup = cryptodev_vhost_user_cleanup;
> +    bc->create_session = cryptodev_vhost_user_sym_create_session;
> +    bc->close_session = cryptodev_vhost_user_sym_close_session;
> +    bc->do_sym_op = cryptodev_vhost_user_sym_operation;
> +}
> +
> +static const TypeInfo cryptodev_vhost_user_info = {
> +    .name = TYPE_CRYPTODEV_BACKEND_VHOST_USER,
> +    .parent = TYPE_CRYPTODEV_BACKEND,
> +    .class_init = cryptodev_vhost_user_class_init,
> +    .instance_init = cryptodev_vhost_user_instance_int,
> +    .instance_finalize = cryptodev_vhost_user_finalize,
> +    .instance_size = sizeof(CryptoDevBackendVhostUser),
> +};
> +
> +static void
> +cryptodev_vhost_user_register_types(void)
> +{
> +    type_register_static(&cryptodev_vhost_user_info);
> +}
> +
> +type_init(cryptodev_vhost_user_register_types);
> diff --git a/backends/cryptodev-vhost.c b/backends/cryptodev-vhost.c
> new file mode 100644
> index 0000000..2c7df3f
> --- /dev/null
> +++ b/backends/cryptodev-vhost.c
> @@ -0,0 +1,73 @@
> +/*
> + * QEMU Cryptodev backend for QEMU cipher APIs
> + *
> + * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
> + *
> + * Authors:
> + *    Gonglei <arei.gonglei@huawei.com>
> + *    Jay Zhou <jianjay.zhou@huawei.com>
> + *
> + * This library is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU Lesser General Public
> + * License as published by the Free Software Foundation; either
> + * version 2 of the License, or (at your option) any later version.
> + *
> + * This library is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> + * Lesser General Public License for more details.
> + *
> + * You should have received a copy of the GNU Lesser General Public
> + * License along with this library; if not, see <http://www.gnu.org/licenses/>.
> + *
> + */
> +
> +#include "qemu/osdep.h"
> +#include "qapi/error.h"
> +#include "qapi/qmp/qerror.h"
> +#include "sysemu/cryptodev-vhost.h"
> +
> +
> +uint64_t
> +cryptodev_vhost_get_max_queues(
> +                        CryptoDevBackendVhost *crypto)
> +{
> +    return crypto->dev.max_queues;
> +}
> +
> +void cryptodev_vhost_cleanup(CryptoDevBackendVhost *crypto)
> +{
> +    vhost_dev_cleanup(&crypto->dev);
> +    g_free(crypto);
> +}
> +
> +struct CryptoDevBackendVhost *
> +cryptodev_vhost_init(
> +             CryptoDevBackendVhostOptions *options)
> +{
> +    int r;
> +    CryptoDevBackendVhost *crypto;
> +
> +    crypto = g_new(CryptoDevBackendVhost, 1);
> +    crypto->dev.max_queues = 1;
> +    crypto->dev.nvqs = 1;
> +    crypto->dev.vqs = crypto->vqs;
> +
> +    crypto->cc = options->cc;
> +
> +    crypto->dev.protocol_features = 0;
> +    crypto->backend = -1;
> +
> +    /* vhost-user needs vq_index to initiate a specific queue pair */
> +    crypto->dev.vq_index = crypto->cc->queue_index * crypto->dev.nvqs;
> +
> +    r = vhost_dev_init(&crypto->dev, options->opaque, options->backend_type, 0);
> +    if (r < 0) {
> +        goto fail;
> +    }
> +
> +    return crypto;
> +fail:
> +    g_free(crypto);
> +    return NULL;
> +}
> diff --git a/include/sysemu/cryptodev-vhost.h b/include/sysemu/cryptodev-vhost.h
> new file mode 100644
> index 0000000..fb26b86
> --- /dev/null
> +++ b/include/sysemu/cryptodev-vhost.h
> @@ -0,0 +1,154 @@
> +/*
> + * QEMU Crypto Device Common Vhost Implement
> + *
> + * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
> + *
> + * Authors:
> + *    Gonglei <arei.gonglei@huawei.com>
> + *    Jay Zhou <jianjay.zhou@huawei.com>
> + *
> + * This library is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU Lesser General Public
> + * License as published by the Free Software Foundation; either
> + * version 2 of the License, or (at your option) any later version.
> + *
> + * This library is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> + * Lesser General Public License for more details.
> + *
> + * You should have received a copy of the GNU Lesser General Public
> + * License along with this library; if not, see <http://www.gnu.org/licenses/>.
> + *
> + */
> +#ifndef CRYPTODEV_VHOST_H
> +#define CRYPTODEV_VHOST_H
> +
> +#include "qemu-common.h"
> +#include "hw/virtio/vhost.h"
> +#include "hw/virtio/vhost-backend.h"
> +#include "chardev/char.h"
> +
> +#include "sysemu/cryptodev.h"
> +
> +
> +typedef struct CryptoDevBackendVhostOptions {
> +    VhostBackendType backend_type;
> +    void *opaque;
> +    int total_queues;
> +    CryptoDevBackendClient *cc;
> +} CryptoDevBackendVhostOptions;
> +
> +typedef struct CryptoDevBackendVhost {
> +    struct vhost_dev dev;
> +    struct vhost_virtqueue vqs[1];
> +    int backend;
> +    CryptoDevBackendClient *cc;
> +} CryptoDevBackendVhost;
> +
> +/**
> + * cryptodev_vhost_get_max_queues:
> + * @crypto: the cryptodev backend common vhost object
> + *
> + * Get the maximum queue number of @crypto.
> + *
> + *
> + * Returns: the maximum queue number
> + */
> +uint64_t
> +cryptodev_vhost_get_max_queues(
> +                        CryptoDevBackendVhost *crypto);
> +
> +
> +/**
> + * cryptodev_vhost_init:
> + * @options: the common vhost object's option
> + *
> + * Creates a new cryptodev backend common vhost object
> + *
> + ** The returned object must be released with
> + * cryptodev_vhost_cleanup() when no
> + * longer required
> + *
> + * Returns: the cryptodev backend common vhost object
> + */
> +struct CryptoDevBackendVhost *
> +cryptodev_vhost_init(
> +             CryptoDevBackendVhostOptions *options);
> +
> +/**
> + * cryptodev_vhost_cleanup:
> + * @crypto: the cryptodev backend common vhost object
> + *
> + * Clean the resouce associated with @crypto that realizaed
> + * by cryptodev_vhost_init()
> + *
> + */
> +void cryptodev_vhost_cleanup(
> +                        CryptoDevBackendVhost *crypto);
> +
> +/**
> + * cryptodev_get_vhost:
> + * @cc: the client object for each queue
> + * @b: the cryptodev backend common vhost object
> + * @queue: the cryptodev backend queue index
> + *
> + * Gets a new cryptodev backend common vhost object based on
> + * @b and @queue
> + *
> + * Returns: the cryptodev backend common vhost object
> + */
> +CryptoDevBackendVhost *
> +cryptodev_get_vhost(CryptoDevBackendClient *cc,
> +                            CryptoDevBackend *b,
> +                            uint16_t queue);
> +/**
> + * cryptodev_vhost_start:
> + * @dev: the virtio crypto object
> + * @total_queues: the total count of queue
> + *
> + * Starts the vhost crypto logic
> + *
> + * Returns: 0 for success, negative for errors
> + */
> +int cryptodev_vhost_start(VirtIODevice *dev, int total_queues);
> +
> +/**
> + * cryptodev_vhost_stop:
> + * @dev: the virtio crypto object
> + * @total_queues: the total count of queue
> + *
> + * Stops the vhost crypto logic
> + *
> + */
> +void cryptodev_vhost_stop(VirtIODevice *dev, int total_queues);
> +
> +/**
> + * cryptodev_vhost_virtqueue_mask:
> + * @dev: the virtio crypto object
> + * @queue: the cryptodev backend queue index
> + * @idx: the virtqueue index
> + * @mask: mask or not (true or false)
> + *
> + * Mask/unmask events for @idx virtqueue on @dev device
> + *
> + */
> +void cryptodev_vhost_virtqueue_mask(VirtIODevice *dev,
> +                                           int queue,
> +                                           int idx, bool mask);
> +
> +/**
> + * cryptodev_vhost_virtqueue_pending:
> + * @dev: the virtio crypto object
> + * @queue: the cryptodev backend queue index
> + * @idx: the virtqueue index
> + *
> + * Test and clear event pending status for @idx virtqueue on @dev device.
> + * Should be called after unmask to avoid losing events.
> + *
> + * Returns: true for success, false for errors
> + */
> +bool cryptodev_vhost_virtqueue_pending(VirtIODevice *dev,
> +                                              int queue, int idx);
> +
> +#endif /* CRYPTODEV_VHOST_H */
> diff --git a/qemu-options.hx b/qemu-options.hx
> index 678181c..97db5bc 100644
> --- a/qemu-options.hx
> +++ b/qemu-options.hx
> @@ -4170,6 +4170,27 @@ which specify the queue number of cryptodev backend, the default of
>     [...]
>  @end example
>  
> +@item -object cryptodev-vhost-user,id=@var{id},chardev=@var{chardevid}[,queues=@var{queues}]
> +
> +Creates a vhost-user cryptodev backend, backed by a chardev @var{chardevid}.
> +The @var{id} parameter is a unique ID that will be used to reference this
> +cryptodev backend from the @option{virtio-crypto} device.
> +The chardev should be a unix domain socket backed one. The vhost-user uses
> +a specifically defined protocol to pass vhost ioctl replacement messages
> +to an application on the other end of the socket.
> +The @var{queues} parameter is optional, which specify the queue number
> +of cryptodev backend for multiqueue vhost-user, the default of @var{queues} is 1.
> +
> +@example
> +
> + # qemu-system-x86_64 \
> +   [...] \
> +       -chardev socket,id=chardev0,path=/path/to/socket \
> +       -object cryptodev-vhost-user,id=cryptodev0,chardev=chardev0 \
> +       -device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0 \
> +   [...]
> +@end example
> +
>  @item -object secret,id=@var{id},data=@var{string},format=@var{raw|base64}[,keyid=@var{secretid},iv=@var{string}]
>  @item -object secret,id=@var{id},file=@var{filename},format=@var{raw|base64}[,keyid=@var{secretid},iv=@var{string}]
>  
> diff --git a/vl.c b/vl.c
> index f1c52fe..3e9d86f 100644
> --- a/vl.c
> +++ b/vl.c
> @@ -2867,6 +2867,10 @@ static bool object_create_initial(const char *type)
>          return false;
>      }
>  
> +    if (g_str_equal(type, "cryptodev-vhost-user")) {
> +        return false;
> +    }
> +
>      /*
>       * return false for concrete netfilters since
>       * they depend on netdevs already existing
> -- 
> 1.8.3.1
> 

Re: [Qemu-devel] [PATCH v3 1/4] cryptodev: add vhost-user as a new cryptodev backend

[Zhoujian (jay)]

> -----Original Message-----
> From: Qemu-devel [mailto:qemu-devel-
> bounces+jianjay.zhou=huawei.com@nongnu.org] On Behalf Of Michael S. Tsirkin
> Sent: Wednesday, January 17, 2018 12:41 AM
> To: Zhoujian (jay) <jianjay.zhou@huawei.com>
> Cc: pasic@linux.vnet.ibm.com; Huangweidong (C) <weidong.huang@huawei.com>;
> xin.zeng@intel.com; qemu-devel@nongnu.org; Gonglei (Arei)
> <arei.gonglei@huawei.com>; roy.fan.zhang@intel.com; stefanha@redhat.com;
> pbonzini@redhat.com; longpeng <longpeng2@huawei.com>
> Subject: Re: [Qemu-devel] [PATCH v3 1/4] cryptodev: add vhost-user as a new
> cryptodev backend
> 
> On Tue, Jan 16, 2018 at 10:06:50PM +0800, Jay Zhou wrote:
> > From: Gonglei <arei.gonglei@huawei.com>
> >
> > Usage:
> >  -chardev socket,id=charcrypto0,path=/path/to/your/socket
> >  -object cryptodev-vhost-user,id=cryptodev0,chardev=charcrypto0
> >  -device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0
> >
> > Signed-off-by: Gonglei <arei.gonglei@huawei.com>
> > Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
> > Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
> > ---
> >  backends/Makefile.objs           |   4 +
> >  backends/cryptodev-vhost-user.c  | 333
> +++++++++++++++++++++++++++++++++++++++
> >  backends/cryptodev-vhost.c       |  73 +++++++++
> >  include/sysemu/cryptodev-vhost.h | 154 ++++++++++++++++++
> >  qemu-options.hx                  |  21 +++
> >  vl.c                             |   4 +
> >  6 files changed, 589 insertions(+)
> >  create mode 100644 backends/cryptodev-vhost-user.c  create mode
> > 100644 backends/cryptodev-vhost.c  create mode 100644
> > include/sysemu/cryptodev-vhost.h
> >
> > diff --git a/backends/Makefile.objs b/backends/Makefile.objs index
> > 0400799..9e1fb76 100644
> > --- a/backends/Makefile.objs
> > +++ b/backends/Makefile.objs
> > @@ -8,3 +8,7 @@ common-obj-$(CONFIG_LINUX) += hostmem-file.o
> >
> >  common-obj-y += cryptodev.o
> >  common-obj-y += cryptodev-builtin.o
> > +
> > +ifeq ($(CONFIG_VIRTIO),y)
> > +common-obj-$(CONFIG_LINUX) += cryptodev-vhost.o
> > +cryptodev-vhost-user.o endif
> 
> Shouldn't this depend on CONFIG_VHOST_USER?

Yes, you're right. Will fix it soon.

Regards,
Jay

> 
> 
> > diff --git a/backends/cryptodev-vhost-user.c
> > b/backends/cryptodev-vhost-user.c new file mode 100644 index
> > 0000000..4e63ece
> > --- /dev/null
> > +++ b/backends/cryptodev-vhost-user.c
> > @@ -0,0 +1,333 @@
> > +/*
> > + * QEMU Cryptodev backend for QEMU cipher APIs
> > + *
> > + * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
> > + *
> > + * Authors:
> > + *    Gonglei <arei.gonglei@huawei.com>
> > + *
> > + * This library is free software; you can redistribute it and/or
> > + * modify it under the terms of the GNU Lesser General Public
> > + * License as published by the Free Software Foundation; either
> > + * version 2 of the License, or (at your option) any later version.
> > + *
> > + * This library is distributed in the hope that it will be useful,
> > + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> > + * Lesser General Public License for more details.
> > + *
> > + * You should have received a copy of the GNU Lesser General Public
> > + * License along with this library; if not, see
> <http://www.gnu.org/licenses/>.
> > + *
> > + */
> > +
> > +#include "qemu/osdep.h"
> > +#include "hw/boards.h"
> > +#include "qapi/error.h"
> > +#include "qapi/qmp/qerror.h"
> > +#include "qemu/error-report.h"
> > +#include "standard-headers/linux/virtio_crypto.h"
> > +#include "sysemu/cryptodev-vhost.h"
> > +#include "chardev/char-fe.h"
> > +
> > +
> > +/**
> > + * @TYPE_CRYPTODEV_BACKEND_VHOST_USER:
> > + * name of backend that uses vhost user server  */ #define
> > +TYPE_CRYPTODEV_BACKEND_VHOST_USER "cryptodev-vhost-user"
> > +
> > +#define CRYPTODEV_BACKEND_VHOST_USER(obj) \
> > +    OBJECT_CHECK(CryptoDevBackendVhostUser, \
> > +                 (obj), TYPE_CRYPTODEV_BACKEND_VHOST_USER)
> > +
> > +
> > +typedef struct CryptoDevBackendVhostUser {
> > +    CryptoDevBackend parent_obj;
> > +
> > +    CharBackend chr;
> > +    char *chr_name;
> > +    bool opened;
> > +    CryptoDevBackendVhost *vhost_crypto[MAX_CRYPTO_QUEUE_NUM];
> > +} CryptoDevBackendVhostUser;
> > +
> > +static int
> > +cryptodev_vhost_user_running(
> > +             CryptoDevBackendVhost *crypto) {
> > +    return crypto ? 1 : 0;
> > +}
> > +
> > +static void cryptodev_vhost_user_stop(int queues,
> > +                          CryptoDevBackendVhostUser *s) {
> > +    size_t i;
> > +
> > +    for (i = 0; i < queues; i++) {
> > +        if (!cryptodev_vhost_user_running(s->vhost_crypto[i])) {
> > +            continue;
> > +        }
> > +
> > +        if (s->vhost_crypto) {
> > +            cryptodev_vhost_cleanup(s->vhost_crypto[i]);
> > +            s->vhost_crypto[i] = NULL;
> > +        }
> > +    }
> > +}
> > +
> > +static int
> > +cryptodev_vhost_user_start(int queues,
> > +                         CryptoDevBackendVhostUser *s) {
> > +    CryptoDevBackendVhostOptions options;
> > +    CryptoDevBackend *b = CRYPTODEV_BACKEND(s);
> > +    int max_queues;
> > +    size_t i;
> > +
> > +    for (i = 0; i < queues; i++) {
> > +        if (cryptodev_vhost_user_running(s->vhost_crypto[i])) {
> > +            continue;
> > +        }
> > +
> > +        options.opaque = &s->chr;
> > +        options.backend_type = VHOST_BACKEND_TYPE_USER;
> > +        options.cc = b->conf.peers.ccs[i];
> > +        s->vhost_crypto[i] = cryptodev_vhost_init(&options);
> > +        if (!s->vhost_crypto[i]) {
> > +            error_report("failed to init vhost_crypto for queue %lu", i);
> > +            goto err;
> > +        }
> > +
> > +        if (i == 0) {
> > +            max_queues =
> > +              cryptodev_vhost_get_max_queues(s->vhost_crypto[i]);
> > +            if (queues > max_queues) {
> > +                error_report("you are asking more queues than
> supported: %d",
> > +                             max_queues);
> > +                goto err;
> > +            }
> > +        }
> > +    }
> > +
> > +    return 0;
> > +
> > +err:
> > +    cryptodev_vhost_user_stop(i + 1, s);
> > +    return -1;
> > +}
> > +
> > +static Chardev *
> > +cryptodev_vhost_claim_chardev(CryptoDevBackendVhostUser *s,
> > +                                    Error **errp) {
> > +    Chardev *chr;
> > +
> > +    if (s->chr_name == NULL) {
> > +        error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
> > +                   "chardev", "a valid character device");
> > +        return NULL;
> > +    }
> > +
> > +    chr = qemu_chr_find(s->chr_name);
> > +    if (chr == NULL) {
> > +        error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND,
> > +                  "Device '%s' not found", s->chr_name);
> > +        return NULL;
> > +    }
> > +
> > +    return chr;
> > +}
> > +
> > +static void cryptodev_vhost_user_event(void *opaque, int event) {
> > +    CryptoDevBackendVhostUser *s = opaque;
> > +    CryptoDevBackend *b = CRYPTODEV_BACKEND(s);
> > +    Error *err = NULL;
> > +    int queues = b->conf.peers.queues;
> > +
> > +    assert(queues < MAX_CRYPTO_QUEUE_NUM);
> > +
> > +    switch (event) {
> > +    case CHR_EVENT_OPENED:
> > +        if (cryptodev_vhost_user_start(queues, s) < 0) {
> > +            exit(1);
> > +        }
> > +        b->ready = true;
> > +        break;
> > +    case CHR_EVENT_CLOSED:
> > +        b->ready = false;
> > +        cryptodev_vhost_user_stop(queues, s);
> > +        break;
> > +    }
> > +
> > +    if (err) {
> > +        error_report_err(err);
> > +    }
> > +}
> > +
> > +static void cryptodev_vhost_user_init(
> > +             CryptoDevBackend *backend, Error **errp) {
> > +    int queues = backend->conf.peers.queues;
> > +    size_t i;
> > +    Error *local_err = NULL;
> > +    Chardev *chr;
> > +    CryptoDevBackendClient *cc;
> > +    CryptoDevBackendVhostUser *s =
> > +                      CRYPTODEV_BACKEND_VHOST_USER(backend);
> > +
> > +    chr = cryptodev_vhost_claim_chardev(s, &local_err);
> > +    if (local_err) {
> > +        error_propagate(errp, local_err);
> > +        return;
> > +    }
> > +
> > +    s->opened = true;
> > +
> > +    for (i = 0; i < queues; i++) {
> > +        cc = cryptodev_backend_new_client(
> > +                  "cryptodev-vhost-user", NULL);
> > +        cc->info_str = g_strdup_printf("cryptodev-vhost-user%lu to %s ",
> > +                                       i, chr->label);
> > +        cc->queue_index = i;
> > +
> > +        backend->conf.peers.ccs[i] = cc;
> > +
> > +        if (i == 0) {
> > +            if (!qemu_chr_fe_init(&s->chr, chr, &local_err)) {
> > +                error_propagate(errp, local_err);
> > +                return;
> > +            }
> > +        }
> > +    }
> > +
> > +    qemu_chr_fe_set_handlers(&s->chr, NULL, NULL,
> > +                     cryptodev_vhost_user_event, NULL, s, NULL,
> > + true);
> > +
> > +    backend->conf.crypto_services =
> > +                         1u << VIRTIO_CRYPTO_SERVICE_CIPHER |
> > +                         1u << VIRTIO_CRYPTO_SERVICE_HASH |
> > +                         1u << VIRTIO_CRYPTO_SERVICE_MAC;
> > +    backend->conf.cipher_algo_l = 1u << VIRTIO_CRYPTO_CIPHER_AES_CBC;
> > +    backend->conf.hash_algo = 1u << VIRTIO_CRYPTO_HASH_SHA1; }
> > +
> > +static int64_t cryptodev_vhost_user_sym_create_session(
> > +           CryptoDevBackend *backend,
> > +           CryptoDevBackendSymSessionInfo *sess_info,
> > +           uint32_t queue_index, Error **errp) {
> > +    return 0;
> > +}
> > +
> > +static int cryptodev_vhost_user_sym_close_session(
> > +           CryptoDevBackend *backend,
> > +           uint64_t session_id,
> > +           uint32_t queue_index, Error **errp) {
> > +    return 0;
> > +}
> > +
> > +static int cryptodev_vhost_user_sym_operation(
> > +                 CryptoDevBackend *backend,
> > +                 CryptoDevBackendSymOpInfo *op_info,
> > +                 uint32_t queue_index, Error **errp) {
> > +    return VIRTIO_CRYPTO_OK;
> > +}
> > +
> > +static void cryptodev_vhost_user_cleanup(
> > +             CryptoDevBackend *backend,
> > +             Error **errp)
> > +{
> > +    CryptoDevBackendVhostUser *s =
> > +                      CRYPTODEV_BACKEND_VHOST_USER(backend);
> > +    size_t i;
> > +    int queues = backend->conf.peers.queues;
> > +    CryptoDevBackendClient *cc;
> > +
> > +    cryptodev_vhost_user_stop(queues, s);
> > +
> > +    for (i = 0; i < queues; i++) {
> > +        cc = backend->conf.peers.ccs[i];
> > +        if (cc) {
> > +            cryptodev_backend_free_client(cc);
> > +            backend->conf.peers.ccs[i] = NULL;
> > +        }
> > +    }
> > +}
> > +
> > +static void cryptodev_vhost_user_set_chardev(Object *obj,
> > +                                    const char *value, Error **errp)
> > +{
> > +    CryptoDevBackendVhostUser *s =
> > +                      CRYPTODEV_BACKEND_VHOST_USER(obj);
> > +
> > +    if (s->opened) {
> > +        error_setg(errp, QERR_PERMISSION_DENIED);
> > +    } else {
> > +        g_free(s->chr_name);
> > +        s->chr_name = g_strdup(value);
> > +    }
> > +}
> > +
> > +static char *
> > +cryptodev_vhost_user_get_chardev(Object *obj, Error **errp) {
> > +    CryptoDevBackendVhostUser *s =
> > +                      CRYPTODEV_BACKEND_VHOST_USER(obj);
> > +    Chardev *chr = qemu_chr_fe_get_driver(&s->chr);
> > +
> > +    if (chr && chr->label) {
> > +        return g_strdup(chr->label);
> > +    }
> > +
> > +    return NULL;
> > +}
> > +
> > +static void cryptodev_vhost_user_instance_int(Object *obj) {
> > +    object_property_add_str(obj, "chardev",
> > +                            cryptodev_vhost_user_get_chardev,
> > +                            cryptodev_vhost_user_set_chardev,
> > +                            NULL);
> > +}
> > +
> > +static void cryptodev_vhost_user_finalize(Object *obj) {
> > +    CryptoDevBackendVhostUser *s =
> > +                      CRYPTODEV_BACKEND_VHOST_USER(obj);
> > +
> > +    qemu_chr_fe_deinit(&s->chr, false);
> > +
> > +    g_free(s->chr_name);
> > +}
> > +
> > +static void
> > +cryptodev_vhost_user_class_init(ObjectClass *oc, void *data) {
> > +    CryptoDevBackendClass *bc = CRYPTODEV_BACKEND_CLASS(oc);
> > +
> > +    bc->init = cryptodev_vhost_user_init;
> > +    bc->cleanup = cryptodev_vhost_user_cleanup;
> > +    bc->create_session = cryptodev_vhost_user_sym_create_session;
> > +    bc->close_session = cryptodev_vhost_user_sym_close_session;
> > +    bc->do_sym_op = cryptodev_vhost_user_sym_operation;
> > +}
> > +
> > +static const TypeInfo cryptodev_vhost_user_info = {
> > +    .name = TYPE_CRYPTODEV_BACKEND_VHOST_USER,
> > +    .parent = TYPE_CRYPTODEV_BACKEND,
> > +    .class_init = cryptodev_vhost_user_class_init,
> > +    .instance_init = cryptodev_vhost_user_instance_int,
> > +    .instance_finalize = cryptodev_vhost_user_finalize,
> > +    .instance_size = sizeof(CryptoDevBackendVhostUser),
> > +};
> > +
> > +static void
> > +cryptodev_vhost_user_register_types(void)
> > +{
> > +    type_register_static(&cryptodev_vhost_user_info);
> > +}
> > +
> > +type_init(cryptodev_vhost_user_register_types);
> > diff --git a/backends/cryptodev-vhost.c b/backends/cryptodev-vhost.c
> > new file mode 100644 index 0000000..2c7df3f
> > --- /dev/null
> > +++ b/backends/cryptodev-vhost.c
> > @@ -0,0 +1,73 @@
> > +/*
> > + * QEMU Cryptodev backend for QEMU cipher APIs
> > + *
> > + * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
> > + *
> > + * Authors:
> > + *    Gonglei <arei.gonglei@huawei.com>
> > + *    Jay Zhou <jianjay.zhou@huawei.com>
> > + *
> > + * This library is free software; you can redistribute it and/or
> > + * modify it under the terms of the GNU Lesser General Public
> > + * License as published by the Free Software Foundation; either
> > + * version 2 of the License, or (at your option) any later version.
> > + *
> > + * This library is distributed in the hope that it will be useful,
> > + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> > + * Lesser General Public License for more details.
> > + *
> > + * You should have received a copy of the GNU Lesser General Public
> > + * License along with this library; if not, see
> <http://www.gnu.org/licenses/>.
> > + *
> > + */
> > +
> > +#include "qemu/osdep.h"
> > +#include "qapi/error.h"
> > +#include "qapi/qmp/qerror.h"
> > +#include "sysemu/cryptodev-vhost.h"
> > +
> > +
> > +uint64_t
> > +cryptodev_vhost_get_max_queues(
> > +                        CryptoDevBackendVhost *crypto) {
> > +    return crypto->dev.max_queues;
> > +}
> > +
> > +void cryptodev_vhost_cleanup(CryptoDevBackendVhost *crypto) {
> > +    vhost_dev_cleanup(&crypto->dev);
> > +    g_free(crypto);
> > +}
> > +
> > +struct CryptoDevBackendVhost *
> > +cryptodev_vhost_init(
> > +             CryptoDevBackendVhostOptions *options) {
> > +    int r;
> > +    CryptoDevBackendVhost *crypto;
> > +
> > +    crypto = g_new(CryptoDevBackendVhost, 1);
> > +    crypto->dev.max_queues = 1;
> > +    crypto->dev.nvqs = 1;
> > +    crypto->dev.vqs = crypto->vqs;
> > +
> > +    crypto->cc = options->cc;
> > +
> > +    crypto->dev.protocol_features = 0;
> > +    crypto->backend = -1;
> > +
> > +    /* vhost-user needs vq_index to initiate a specific queue pair */
> > +    crypto->dev.vq_index = crypto->cc->queue_index *
> > + crypto->dev.nvqs;
> > +
> > +    r = vhost_dev_init(&crypto->dev, options->opaque, options-
> >backend_type, 0);
> > +    if (r < 0) {
> > +        goto fail;
> > +    }
> > +
> > +    return crypto;
> > +fail:
> > +    g_free(crypto);
> > +    return NULL;
> > +}
> > diff --git a/include/sysemu/cryptodev-vhost.h
> > b/include/sysemu/cryptodev-vhost.h
> > new file mode 100644
> > index 0000000..fb26b86
> > --- /dev/null
> > +++ b/include/sysemu/cryptodev-vhost.h
> > @@ -0,0 +1,154 @@
> > +/*
> > + * QEMU Crypto Device Common Vhost Implement
> > + *
> > + * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
> > + *
> > + * Authors:
> > + *    Gonglei <arei.gonglei@huawei.com>
> > + *    Jay Zhou <jianjay.zhou@huawei.com>
> > + *
> > + * This library is free software; you can redistribute it and/or
> > + * modify it under the terms of the GNU Lesser General Public
> > + * License as published by the Free Software Foundation; either
> > + * version 2 of the License, or (at your option) any later version.
> > + *
> > + * This library is distributed in the hope that it will be useful,
> > + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> > + * Lesser General Public License for more details.
> > + *
> > + * You should have received a copy of the GNU Lesser General Public
> > + * License along with this library; if not, see
> <http://www.gnu.org/licenses/>.
> > + *
> > + */
> > +#ifndef CRYPTODEV_VHOST_H
> > +#define CRYPTODEV_VHOST_H
> > +
> > +#include "qemu-common.h"
> > +#include "hw/virtio/vhost.h"
> > +#include "hw/virtio/vhost-backend.h"
> > +#include "chardev/char.h"
> > +
> > +#include "sysemu/cryptodev.h"
> > +
> > +
> > +typedef struct CryptoDevBackendVhostOptions {
> > +    VhostBackendType backend_type;
> > +    void *opaque;
> > +    int total_queues;
> > +    CryptoDevBackendClient *cc;
> > +} CryptoDevBackendVhostOptions;
> > +
> > +typedef struct CryptoDevBackendVhost {
> > +    struct vhost_dev dev;
> > +    struct vhost_virtqueue vqs[1];
> > +    int backend;
> > +    CryptoDevBackendClient *cc;
> > +} CryptoDevBackendVhost;
> > +
> > +/**
> > + * cryptodev_vhost_get_max_queues:
> > + * @crypto: the cryptodev backend common vhost object
> > + *
> > + * Get the maximum queue number of @crypto.
> > + *
> > + *
> > + * Returns: the maximum queue number
> > + */
> > +uint64_t
> > +cryptodev_vhost_get_max_queues(
> > +                        CryptoDevBackendVhost *crypto);
> > +
> > +
> > +/**
> > + * cryptodev_vhost_init:
> > + * @options: the common vhost object's option
> > + *
> > + * Creates a new cryptodev backend common vhost object
> > + *
> > + ** The returned object must be released with
> > + * cryptodev_vhost_cleanup() when no
> > + * longer required
> > + *
> > + * Returns: the cryptodev backend common vhost object  */ struct
> > +CryptoDevBackendVhost * cryptodev_vhost_init(
> > +             CryptoDevBackendVhostOptions *options);
> > +
> > +/**
> > + * cryptodev_vhost_cleanup:
> > + * @crypto: the cryptodev backend common vhost object
> > + *
> > + * Clean the resouce associated with @crypto that realizaed
> > + * by cryptodev_vhost_init()
> > + *
> > + */
> > +void cryptodev_vhost_cleanup(
> > +                        CryptoDevBackendVhost *crypto);
> > +
> > +/**
> > + * cryptodev_get_vhost:
> > + * @cc: the client object for each queue
> > + * @b: the cryptodev backend common vhost object
> > + * @queue: the cryptodev backend queue index
> > + *
> > + * Gets a new cryptodev backend common vhost object based on
> > + * @b and @queue
> > + *
> > + * Returns: the cryptodev backend common vhost object  */
> > +CryptoDevBackendVhost * cryptodev_get_vhost(CryptoDevBackendClient
> > +*cc,
> > +                            CryptoDevBackend *b,
> > +                            uint16_t queue);
> > +/**
> > + * cryptodev_vhost_start:
> > + * @dev: the virtio crypto object
> > + * @total_queues: the total count of queue
> > + *
> > + * Starts the vhost crypto logic
> > + *
> > + * Returns: 0 for success, negative for errors  */ int
> > +cryptodev_vhost_start(VirtIODevice *dev, int total_queues);
> > +
> > +/**
> > + * cryptodev_vhost_stop:
> > + * @dev: the virtio crypto object
> > + * @total_queues: the total count of queue
> > + *
> > + * Stops the vhost crypto logic
> > + *
> > + */
> > +void cryptodev_vhost_stop(VirtIODevice *dev, int total_queues);
> > +
> > +/**
> > + * cryptodev_vhost_virtqueue_mask:
> > + * @dev: the virtio crypto object
> > + * @queue: the cryptodev backend queue index
> > + * @idx: the virtqueue index
> > + * @mask: mask or not (true or false)
> > + *
> > + * Mask/unmask events for @idx virtqueue on @dev device
> > + *
> > + */
> > +void cryptodev_vhost_virtqueue_mask(VirtIODevice *dev,
> > +                                           int queue,
> > +                                           int idx, bool mask);
> > +
> > +/**
> > + * cryptodev_vhost_virtqueue_pending:
> > + * @dev: the virtio crypto object
> > + * @queue: the cryptodev backend queue index
> > + * @idx: the virtqueue index
> > + *
> > + * Test and clear event pending status for @idx virtqueue on @dev device.
> > + * Should be called after unmask to avoid losing events.
> > + *
> > + * Returns: true for success, false for errors  */ bool
> > +cryptodev_vhost_virtqueue_pending(VirtIODevice *dev,
> > +                                              int queue, int idx);
> > +
> > +#endif /* CRYPTODEV_VHOST_H */
> > diff --git a/qemu-options.hx b/qemu-options.hx index 678181c..97db5bc
> > 100644
> > --- a/qemu-options.hx
> > +++ b/qemu-options.hx
> > @@ -4170,6 +4170,27 @@ which specify the queue number of cryptodev backend,
> the default of
> >     [...]
> >  @end example
> >
> > +@item -object
> > +cryptodev-vhost-user,id=@var{id},chardev=@var{chardevid}[,queues=@var
> > +{queues}]
> > +
> > +Creates a vhost-user cryptodev backend, backed by a chardev
> @var{chardevid}.
> > +The @var{id} parameter is a unique ID that will be used to reference
> > +this cryptodev backend from the @option{virtio-crypto} device.
> > +The chardev should be a unix domain socket backed one. The vhost-user
> > +uses a specifically defined protocol to pass vhost ioctl replacement
> > +messages to an application on the other end of the socket.
> > +The @var{queues} parameter is optional, which specify the queue
> > +number of cryptodev backend for multiqueue vhost-user, the default of
> @var{queues} is 1.
> > +
> > +@example
> > +
> > + # qemu-system-x86_64 \
> > +   [...] \
> > +       -chardev socket,id=chardev0,path=/path/to/socket \
> > +       -object cryptodev-vhost-user,id=cryptodev0,chardev=chardev0 \
> > +       -device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0 \
> > +   [...]
> > +@end example
> > +
> >  @item -object
> > secret,id=@var{id},data=@var{string},format=@var{raw|base64}[,keyid=@v
> > ar{secretid},iv=@var{string}]  @item -object
> > secret,id=@var{id},file=@var{filename},format=@var{raw|base64}[,keyid=
> > @var{secretid},iv=@var{string}]
> >
> > diff --git a/vl.c b/vl.c
> > index f1c52fe..3e9d86f 100644
> > --- a/vl.c
> > +++ b/vl.c
> > @@ -2867,6 +2867,10 @@ static bool object_create_initial(const char *type)
> >          return false;
> >      }
> >
> > +    if (g_str_equal(type, "cryptodev-vhost-user")) {
> > +        return false;
> > +    }
> > +
> >      /*
> >       * return false for concrete netfilters since
> >       * they depend on netdevs already existing
> > --
> > 1.8.3.1
> >

Re: [Qemu-devel] [PATCH v3 1/4] cryptodev: add vhost-user as a new cryptodev backend

[Gonglei (Arei)]

> -----Original Message-----
> From: Zhoujian (jay)
> Sent: Wednesday, January 17, 2018 1:01 PM
> To: Michael S. Tsirkin
> Cc: pasic@linux.vnet.ibm.com; Huangweidong (C); xin.zeng@intel.com;
> qemu-devel@nongnu.org; Gonglei (Arei); roy.fan.zhang@intel.com;
> stefanha@redhat.com; pbonzini@redhat.com; longpeng
> Subject: RE: [Qemu-devel] [PATCH v3 1/4] cryptodev: add vhost-user as a new
> cryptodev backend
> 
> > -----Original Message-----
> > From: Qemu-devel [mailto:qemu-devel-
> > bounces+jianjay.zhou=huawei.com@nongnu.org] On Behalf Of Michael S.
> Tsirkin
> > Sent: Wednesday, January 17, 2018 12:41 AM
> > To: Zhoujian (jay) <jianjay.zhou@huawei.com>
> > Cc: pasic@linux.vnet.ibm.com; Huangweidong (C)
> <weidong.huang@huawei.com>;
> > xin.zeng@intel.com; qemu-devel@nongnu.org; Gonglei (Arei)
> > <arei.gonglei@huawei.com>; roy.fan.zhang@intel.com;
> stefanha@redhat.com;
> > pbonzini@redhat.com; longpeng <longpeng2@huawei.com>
> > Subject: Re: [Qemu-devel] [PATCH v3 1/4] cryptodev: add vhost-user as a new
> > cryptodev backend
> >
> > On Tue, Jan 16, 2018 at 10:06:50PM +0800, Jay Zhou wrote:
> > > From: Gonglei <arei.gonglei@huawei.com>
> > >
> > > Usage:
> > >  -chardev socket,id=charcrypto0,path=/path/to/your/socket
> > >  -object cryptodev-vhost-user,id=cryptodev0,chardev=charcrypto0
> > >  -device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0
> > >
> > > Signed-off-by: Gonglei <arei.gonglei@huawei.com>
> > > Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
> > > Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
> > > ---
> > >  backends/Makefile.objs           |   4 +
> > >  backends/cryptodev-vhost-user.c  | 333
> > +++++++++++++++++++++++++++++++++++++++
> > >  backends/cryptodev-vhost.c       |  73 +++++++++
> > >  include/sysemu/cryptodev-vhost.h | 154 ++++++++++++++++++
> > >  qemu-options.hx                  |  21 +++
> > >  vl.c                             |   4 +
> > >  6 files changed, 589 insertions(+)
> > >  create mode 100644 backends/cryptodev-vhost-user.c  create mode
> > > 100644 backends/cryptodev-vhost.c  create mode 100644
> > > include/sysemu/cryptodev-vhost.h
> > >
> > > diff --git a/backends/Makefile.objs b/backends/Makefile.objs index
> > > 0400799..9e1fb76 100644
> > > --- a/backends/Makefile.objs
> > > +++ b/backends/Makefile.objs
> > > @@ -8,3 +8,7 @@ common-obj-$(CONFIG_LINUX) += hostmem-file.o
> > >
> > >  common-obj-y += cryptodev.o
> > >  common-obj-y += cryptodev-builtin.o
> > > +
> > > +ifeq ($(CONFIG_VIRTIO),y)
> > > +common-obj-$(CONFIG_LINUX) += cryptodev-vhost.o
> > > +cryptodev-vhost-user.o endif
> >
> > Shouldn't this depend on CONFIG_VHOST_USER?
> 
> Yes, you're right. Will fix it soon.
> 
Hi Michael,

Can we apply this patch set firstly and then fix it on the top with other comments?

Thanks,
-Gonglei

Re: [Qemu-devel] [PATCH v3 3/4] cryptodev-vhost-user: add crypto session handler

[Zhang, Roy Fan]

Hi Jay,

Excellent work! The patch, although need some minor rework, has improved the performance.
Some comments:

1. you need to set up capabilities for virtio_crypto PMD. As in Qemu vhost crypto proxy backend only AESCBC and SHA1 are supported (in cryptodev_vhost_user_init() definition), I believe in this version these two algorithms shall be enough.  Actually for the same reason I suggest you to remove all AES_CTR test cases in the virtio_crypto PMD functional test, as they will fail when vhost_user crypto backend is used.

You may use driver/crypto/qat/qat_crypto_capabilities.h as example. The const capabilities array shall be returned to the application when virtio_crypto_dev_info_get() is called.
2. there is a bug in virtio_crypto_queue_setup(), you declared " uint32_t i, j;" while i may be used uninitialized later.

Regards,
Fan


> -----Original Message-----
> From: Jay Zhou [mailto:jianjay.zhou@huawei.com]
> Sent: Tuesday, January 16, 2018 2:07 PM
> To: qemu-devel@nongnu.org
> Cc: mst@redhat.com; pbonzini@redhat.com; weidong.huang@huawei.com;
> stefanha@redhat.com; jianjay.zhou@huawei.com;
> pasic@linux.vnet.ibm.com; longpeng2@huawei.com; Zeng, Xin
> <xin.zeng@intel.com>; Zhang, Roy Fan <roy.fan.zhang@intel.com>;
> arei.gonglei@huawei.com
> Subject: [PATCH v3 3/4] cryptodev-vhost-user: add crypto session handler
>