From: "Michael S. Tsirkin" <mst@redhat.com>
To: qemu-devel@nongnu.org
Cc: Peter Maydell <peter.maydell@linaro.org>,
Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>,
"Gonglei (Arei)" <arei.gonglei@huawei.com>,
Zhenwei Pi <pizhenwei@bytedance.com>
Subject: [PULL 12/53] cryptodev-vhost-user: add asymmetric crypto support
Date: Mon, 26 Jun 2023 08:28:25 -0400 [thread overview]
Message-ID: <5c33f9783ace0b5e077060b220978d94fecb3e81.1687782442.git.mst@redhat.com> (raw)
In-Reply-To: <cover.1687782442.git.mst@redhat.com>
From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Add asymmetric crypto support in vhost_user backend.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Message-Id: <20230516083139.2349744-1-gmuthukrishn@marvell.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
---
backends/cryptodev-vhost-user.c | 9 ++--
hw/virtio/vhost-user.c | 75 +++++++++++++++++++++++++++------
2 files changed, 66 insertions(+), 18 deletions(-)
diff --git a/backends/cryptodev-vhost-user.c b/backends/cryptodev-vhost-user.c
index b1d9eb735f..c3283ba84a 100644
--- a/backends/cryptodev-vhost-user.c
+++ b/backends/cryptodev-vhost-user.c
@@ -232,9 +232,9 @@ static void cryptodev_vhost_user_init(
backend->conf.max_auth_key_len = VHOST_USER_MAX_AUTH_KEY_LEN;
}
-static int64_t cryptodev_vhost_user_sym_create_session(
+static int64_t cryptodev_vhost_user_crypto_create_session(
CryptoDevBackend *backend,
- CryptoDevBackendSymSessionInfo *sess_info,
+ CryptoDevBackendSessionInfo *sess_info,
uint32_t queue_index, Error **errp)
{
CryptoDevBackendClient *cc =
@@ -266,18 +266,17 @@ static int cryptodev_vhost_user_create_session(
void *opaque)
{
uint32_t op_code = sess_info->op_code;
- CryptoDevBackendSymSessionInfo *sym_sess_info;
int64_t ret;
Error *local_error = NULL;
int status;
switch (op_code) {
case VIRTIO_CRYPTO_CIPHER_CREATE_SESSION:
+ case VIRTIO_CRYPTO_AKCIPHER_CREATE_SESSION:
case VIRTIO_CRYPTO_HASH_CREATE_SESSION:
case VIRTIO_CRYPTO_MAC_CREATE_SESSION:
case VIRTIO_CRYPTO_AEAD_CREATE_SESSION:
- sym_sess_info = &sess_info->u.sym_sess_info;
- ret = cryptodev_vhost_user_sym_create_session(backend, sym_sess_info,
+ ret = cryptodev_vhost_user_crypto_create_session(backend, sess_info,
queue_index, &local_error);
break;
diff --git a/hw/virtio/vhost-user.c b/hw/virtio/vhost-user.c
index 74a2a28663..2ad75a7964 100644
--- a/hw/virtio/vhost-user.c
+++ b/hw/virtio/vhost-user.c
@@ -11,6 +11,7 @@
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "hw/virtio/vhost.h"
+#include "hw/virtio/virtio-crypto.h"
#include "hw/virtio/vhost-user.h"
#include "hw/virtio/vhost-backend.h"
#include "hw/virtio/virtio.h"
@@ -163,13 +164,24 @@ typedef struct VhostUserConfig {
#define VHOST_CRYPTO_SYM_HMAC_MAX_KEY_LEN 512
#define VHOST_CRYPTO_SYM_CIPHER_MAX_KEY_LEN 64
+#define VHOST_CRYPTO_ASYM_MAX_KEY_LEN 1024
typedef struct VhostUserCryptoSession {
+ uint64_t op_code;
+ union {
+ struct {
+ CryptoDevBackendSymSessionInfo session_setup_data;
+ uint8_t key[VHOST_CRYPTO_SYM_CIPHER_MAX_KEY_LEN];
+ uint8_t auth_key[VHOST_CRYPTO_SYM_HMAC_MAX_KEY_LEN];
+ } sym;
+ struct {
+ CryptoDevBackendAsymSessionInfo session_setup_data;
+ uint8_t key[VHOST_CRYPTO_ASYM_MAX_KEY_LEN];
+ } asym;
+ } u;
+
/* session id for success, -1 on errors */
int64_t session_id;
- CryptoDevBackendSymSessionInfo session_setup_data;
- uint8_t key[VHOST_CRYPTO_SYM_CIPHER_MAX_KEY_LEN];
- uint8_t auth_key[VHOST_CRYPTO_SYM_HMAC_MAX_KEY_LEN];
} VhostUserCryptoSession;
static VhostUserConfig c __attribute__ ((unused));
@@ -2357,7 +2369,7 @@ static int vhost_user_crypto_create_session(struct vhost_dev *dev,
int ret;
bool crypto_session = virtio_has_feature(dev->protocol_features,
VHOST_USER_PROTOCOL_F_CRYPTO_SESSION);
- CryptoDevBackendSymSessionInfo *sess_info = session_info;
+ CryptoDevBackendSessionInfo *backend_info = session_info;
VhostUserMsg msg = {
.hdr.request = VHOST_USER_CREATE_CRYPTO_SESSION,
.hdr.flags = VHOST_USER_VERSION,
@@ -2371,16 +2383,53 @@ static int vhost_user_crypto_create_session(struct vhost_dev *dev,
return -ENOTSUP;
}
- memcpy(&msg.payload.session.session_setup_data, sess_info,
- sizeof(CryptoDevBackendSymSessionInfo));
- if (sess_info->key_len) {
- memcpy(&msg.payload.session.key, sess_info->cipher_key,
- sess_info->key_len);
- }
- if (sess_info->auth_key_len > 0) {
- memcpy(&msg.payload.session.auth_key, sess_info->auth_key,
- sess_info->auth_key_len);
+ if (backend_info->op_code == VIRTIO_CRYPTO_AKCIPHER_CREATE_SESSION) {
+ CryptoDevBackendAsymSessionInfo *sess = &backend_info->u.asym_sess_info;
+ size_t keylen;
+
+ memcpy(&msg.payload.session.u.asym.session_setup_data, sess,
+ sizeof(CryptoDevBackendAsymSessionInfo));
+ if (sess->keylen) {
+ keylen = sizeof(msg.payload.session.u.asym.key);
+ if (sess->keylen > keylen) {
+ error_report("Unsupported asymmetric key size");
+ return -ENOTSUP;
+ }
+
+ memcpy(&msg.payload.session.u.asym.key, sess->key,
+ sess->keylen);
+ }
+ } else {
+ CryptoDevBackendSymSessionInfo *sess = &backend_info->u.sym_sess_info;
+ size_t keylen;
+
+ memcpy(&msg.payload.session.u.sym.session_setup_data, sess,
+ sizeof(CryptoDevBackendSymSessionInfo));
+ if (sess->key_len) {
+ keylen = sizeof(msg.payload.session.u.sym.key);
+ if (sess->key_len > keylen) {
+ error_report("Unsupported cipher key size");
+ return -ENOTSUP;
+ }
+
+ memcpy(&msg.payload.session.u.sym.key, sess->cipher_key,
+ sess->key_len);
+ }
+
+ if (sess->auth_key_len > 0) {
+ keylen = sizeof(msg.payload.session.u.sym.auth_key);
+ if (sess->auth_key_len > keylen) {
+ error_report("Unsupported auth key size");
+ return -ENOTSUP;
+ }
+
+ memcpy(&msg.payload.session.u.sym.auth_key, sess->auth_key,
+ sess->auth_key_len);
+ }
}
+
+ msg.payload.session.op_code = backend_info->op_code;
+ msg.payload.session.session_id = backend_info->session_id;
ret = vhost_user_write(dev, &msg, NULL, 0);
if (ret < 0) {
error_report("vhost_user_write() return %d, create session failed",
--
MST
next prev parent reply other threads:[~2023-06-26 12:29 UTC|newest]
Thread overview: 83+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-26 12:27 [PULL 00/53] virtio,pc,pci: fixes, features, cleanups Michael S. Tsirkin
2023-06-26 12:27 ` [PULL 01/53] bswap: Add the ability to store to an unaligned 24 bit field Michael S. Tsirkin
2023-06-26 12:27 ` [PULL 02/53] hw/cxl: QMP based poison injection support Michael S. Tsirkin
2023-06-26 12:27 ` [PULL 03/53] hw/cxl: Add poison injection via the mailbox Michael S. Tsirkin
2023-06-26 12:27 ` [PULL 04/53] hw/cxl: Add clear poison mailbox command support Michael S. Tsirkin
2024-05-03 12:45 ` Peter Maydell
2024-05-31 12:38 ` Peter Maydell
2024-05-31 16:23 ` Ira Weiny
2023-06-26 12:28 ` [PULL 05/53] hw/cxl/events: Add event status register Michael S. Tsirkin
2023-06-26 12:28 ` [PULL 06/53] hw/cxl: Move CXLRetCode definition to cxl_device.h Michael S. Tsirkin
2023-06-26 12:28 ` [PULL 07/53] hw/cxl/events: Wire up get/clear event mailbox commands Michael S. Tsirkin
2023-06-26 12:28 ` [PULL 08/53] hw/cxl/events: Add event interrupt support Michael S. Tsirkin
2023-06-26 12:28 ` [PULL 09/53] hw/cxl/events: Add injection of General Media Events Michael S. Tsirkin
2023-06-26 12:28 ` [PULL 10/53] hw/cxl/events: Add injection of DRAM events Michael S. Tsirkin
2023-06-26 12:28 ` [PULL 11/53] hw/cxl/events: Add injection of Memory Module Events Michael S. Tsirkin
2023-06-26 12:28 ` Michael S. Tsirkin [this message]
2023-06-26 12:28 ` [PULL 13/53] softmmu: Introduce qemu_target_page_mask() helper Michael S. Tsirkin
2023-06-26 12:28 ` [PULL 14/53] hw/scsi: Introduce VHOST_SCSI_COMMON symbol in Kconfig Michael S. Tsirkin
2023-06-26 12:28 ` [PULL 15/53] hw/scsi: Rearrange meson.build Michael S. Tsirkin
2023-06-26 12:28 ` [PULL 16/53] hw/scsi: Rename target-specific source set as 'specific_virtio_scsi_ss' Michael S. Tsirkin
2023-06-26 12:28 ` [PULL 17/53] hw/virtio: Introduce VHOST_VSOCK_COMMON symbol in Kconfig Michael S. Tsirkin
2023-06-26 12:28 ` [PULL 18/53] hw/virtio/virtio-mem: Use qemu_ram_get_fd() helper Michael S. Tsirkin
2023-06-26 12:28 ` [PULL 19/53] hw/virtio/vhost-vsock: Include missing 'virtio/virtio-bus.h' header Michael S. Tsirkin
2023-06-26 12:28 ` [PULL 20/53] hw/virtio/virtio-iommu: Use target-agnostic qemu_target_page_mask() Michael S. Tsirkin
2023-06-26 12:28 ` [PULL 21/53] hw/virtio: Remove unnecessary 'virtio-access.h' header Michael S. Tsirkin
2023-06-26 12:28 ` [PULL 22/53] hw/virtio: Build various target-agnostic objects just once Michael S. Tsirkin
2023-06-26 12:28 ` [PULL 23/53] vhost: release memory_listener object in error path Michael S. Tsirkin
2023-06-26 12:29 ` [PULL 24/53] vhost: release virtqueue objects " Michael S. Tsirkin
2023-06-26 12:29 ` [PULL 25/53] pci: ROM preallocation for incoming migration Michael S. Tsirkin
2023-06-26 12:29 ` [PULL 26/53] virtio-mem: Simplify bitmap handling and virtio_mem_set_block_state() Michael S. Tsirkin
2023-06-26 12:29 ` [PULL 27/53] vdpa: return errno in vhost_vdpa_get_vring_group error Michael S. Tsirkin
2023-06-26 12:29 ` [PULL 28/53] vdpa: move CVQ isolation check to net_init_vhost_vdpa Michael S. Tsirkin
2023-06-27 11:30 ` Peter Maydell
2023-09-15 14:52 ` Peter Maydell
2023-09-15 15:56 ` Eugenio Perez Martin
2023-06-26 12:29 ` [PULL 29/53] cryptodev: fix memory leak during stats query Michael S. Tsirkin
2023-06-26 12:29 ` [PULL 30/53] hw/acpi: Fix PM control register access Michael S. Tsirkin
2023-06-26 13:20 ` Igor Mammedov
2023-06-26 13:49 ` Michael S. Tsirkin
2023-06-26 12:29 ` [PULL 31/53] hw/i386/pc: Default to use SMBIOS 3.0 for newer machine models Michael S. Tsirkin
2023-11-28 13:57 ` Fiona Ebner
2023-11-28 14:13 ` Daniel P. Berrangé
2023-11-28 14:53 ` Fiona Ebner
2023-11-28 16:00 ` Michael S. Tsirkin
2023-11-28 16:04 ` Daniel P. Berrangé
2023-11-29 10:01 ` Igor Mammedov
2023-11-30 11:22 ` Igor Mammedov
2023-11-30 11:47 ` Gerd Hoffmann
2023-11-30 12:45 ` Fiona Ebner
2023-12-29 15:35 ` Igor Mammedov
2023-12-29 15:45 ` Michael S. Tsirkin
2024-01-03 8:51 ` Igor Mammedov
2023-06-26 12:29 ` [PULL 32/53] tests/data/acpi: update after SMBIOS 2.0 change Michael S. Tsirkin
2023-06-26 12:29 ` [PULL 33/53] pc: q35: Bump max_cpus to 1024 Michael S. Tsirkin
2023-06-26 12:29 ` [PULL 34/53] vdpa: do not block migration if device has cvq and x-svq=on Michael S. Tsirkin
2023-06-26 12:29 ` [PULL 35/53] vdpa: reorder vhost_vdpa_net_cvq_cmd_page_len function Michael S. Tsirkin
2023-06-26 12:29 ` [PULL 36/53] vdpa: map shadow vrings with MAP_SHARED Michael S. Tsirkin
2023-06-26 12:29 ` [PULL 37/53] include/hw/virtio: make some VirtIODevice const Michael S. Tsirkin
2023-06-26 12:29 ` [PULL 38/53] vdpa: reuse virtio_vdev_has_feature() Michael S. Tsirkin
2023-06-26 12:29 ` [PULL 39/53] hw/net/virtio-net: make some VirtIONet const Michael S. Tsirkin
2023-06-26 12:29 ` [PULL 40/53] virtio-net: expose virtio_net_supported_guest_offloads() Michael S. Tsirkin
2023-06-26 12:29 ` [PULL 41/53] vdpa: Add vhost_vdpa_net_load_offloads() Michael S. Tsirkin
2023-06-26 12:29 ` [PULL 42/53] vdpa: Allow VIRTIO_NET_F_CTRL_GUEST_OFFLOADS in SVQ Michael S. Tsirkin
2023-06-26 12:29 ` [PULL 43/53] vhost: fix vhost_dev_enable_notifiers() error case Michael S. Tsirkin
2023-06-26 12:30 ` [PULL 44/53] vdpa: mask _F_CTRL_GUEST_OFFLOADS for vhost vdpa devices Michael S. Tsirkin
2023-06-26 12:30 ` [PULL 45/53] vdpa: fix not using CVQ buffer in case of error Michael S. Tsirkin
2023-06-26 12:30 ` [PULL 46/53] hw/i386/pc: Clean up pc_machine_initfn Michael S. Tsirkin
2023-06-26 12:30 ` [PULL 47/53] virtio-scsi: avoid dangling host notifier in ->ioeventfd_stop() Michael S. Tsirkin
2023-06-26 12:30 ` [PULL 48/53] vhost-user: fully use new backend/frontend naming Michael S. Tsirkin
2023-06-26 12:30 ` [PULL 49/53] intel_iommu: Fix a potential issue in VFIO dirty page sync Michael S. Tsirkin
2023-06-26 12:30 ` [PULL 50/53] intel_iommu: Fix flag check in replay Michael S. Tsirkin
2023-06-26 12:30 ` [PULL 51/53] intel_iommu: Fix address space unmap Michael S. Tsirkin
2023-06-26 12:30 ` [PULL 52/53] vhost_net: add an assertion for TAP client backends Michael S. Tsirkin
2023-06-28 6:28 ` Cédric Le Goater
2023-06-28 6:45 ` Ani Sinha
2023-06-28 7:30 ` Cédric Le Goater
2023-06-28 10:33 ` Ani Sinha
2023-06-28 10:50 ` Michael S. Tsirkin
2023-06-26 12:30 ` [PULL 53/53] vhost-vdpa: do not cleanup the vdpa/vhost-net structures if peer nic is present Michael S. Tsirkin
2023-06-26 15:53 ` Michael Tokarev
2023-06-27 4:35 ` Ani Sinha
2023-06-26 13:51 ` [PULL 00/53] virtio,pc,pci: fixes, features, cleanups Michael S. Tsirkin
2023-06-26 15:32 ` Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5c33f9783ace0b5e077060b220978d94fecb3e81.1687782442.git.mst@redhat.com \
--to=mst@redhat.com \
--cc=arei.gonglei@huawei.com \
--cc=gmuthukrishn@marvell.com \
--cc=peter.maydell@linaro.org \
--cc=pizhenwei@bytedance.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).