From nobody Wed Oct 22 12:51:05 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1519713318965231.05725334112412; Mon, 26 Feb 2018 22:35:18 -0800 (PST) Received: from localhost ([::1]:35084 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eqYr4-0004U5-6P for importer@patchew.org; Tue, 27 Feb 2018 01:35:14 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:59085) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eqYpG-0003OV-BP for qemu-devel@nongnu.org; Tue, 27 Feb 2018 01:33:24 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eqYpE-0008SA-Hk for qemu-devel@nongnu.org; Tue, 27 Feb 2018 01:33:22 -0500 Received: from [45.249.212.35] (port=48067 helo=huawei.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eqYpD-0008RY-LA for qemu-devel@nongnu.org; Tue, 27 Feb 2018 01:33:20 -0500 Received: from DGGEMS413-HUB.china.huawei.com (unknown [172.30.72.58]) by Forcepoint Email with ESMTP id 791BF95A836A9; Tue, 27 Feb 2018 14:33:15 +0800 (CST) Received: from localhost (10.177.19.14) by DGGEMS413-HUB.china.huawei.com (10.3.19.213) with Microsoft SMTP Server id 14.3.361.1; Tue, 27 Feb 2018 14:33:06 +0800 From: Jay Zhou To: Date: Tue, 27 Feb 2018 14:32:59 +0800 Message-ID: <3535a36507f8aa7fe6aa2a529b3bc5ddbb3bd720.1519712347.git.arei.gonglei@huawei.com> X-Mailer: git-send-email 2.6.1.windows.1 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.177.19.14] X-CFilter-Loop: Reflected X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [fuzzy] X-Received-From: 45.249.212.35 Subject: [Qemu-devel] [PATCH v8 3/4] cryptodev-vhost-user: add crypto session handler X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: pasic@linux.vnet.ibm.com, weidong.huang@huawei.com, mst@redhat.com, wangxinxin.wang@huawei.com, xin.zeng@intel.com, arei.gonglei@huawei.com, roy.fan.zhang@intel.com, stefanha@redhat.com, jianjay.zhou@huawei.com, pbonzini@redhat.com, longpeng2@huawei.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Gonglei Introduce two vhost-user meassges: VHOST_USER_CREATE_CRYPTO_SESSION and VHOST_USER_CLOSE_CRYPTO_SESSION. At this point, the QEMU side support crypto operation in cryptodev host-user backend. Signed-off-by: Gonglei Signed-off-by: Longpeng(Mike) Signed-off-by: Jay Zhou --- backends/cryptodev-vhost-user.c | 48 ++++++++++++++---- docs/interop/vhost-user.txt | 26 ++++++++++ hw/virtio/vhost-user.c | 104 ++++++++++++++++++++++++++++++++++= ++++ include/hw/virtio/vhost-backend.h | 8 +++ 4 files changed, 175 insertions(+), 11 deletions(-) diff --git a/backends/cryptodev-vhost-user.c b/backends/cryptodev-vhost-use= r.c index 151a0e6..9cd06c4 100644 --- a/backends/cryptodev-vhost-user.c +++ b/backends/cryptodev-vhost-user.c @@ -231,7 +231,25 @@ static int64_t cryptodev_vhost_user_sym_create_session( CryptoDevBackendSymSessionInfo *sess_info, uint32_t queue_index, Error **errp) { - return 0; + CryptoDevBackendClient *cc =3D + backend->conf.peers.ccs[queue_index]; + CryptoDevBackendVhost *vhost_crypto; + uint64_t session_id =3D 0; + int ret; + + vhost_crypto =3D cryptodev_vhost_user_get_vhost(cc, backend, queue_ind= ex); + if (vhost_crypto) { + struct vhost_dev *dev =3D &(vhost_crypto->dev); + ret =3D dev->vhost_ops->vhost_crypto_create_session(dev, + sess_info, + &session_id); + if (ret < 0) { + return -1; + } else { + return session_id; + } + } + return -1; } =20 static int cryptodev_vhost_user_sym_close_session( @@ -239,15 +257,23 @@ static int cryptodev_vhost_user_sym_close_session( uint64_t session_id, uint32_t queue_index, Error **errp) { - return 0; -} - -static int cryptodev_vhost_user_sym_operation( - CryptoDevBackend *backend, - CryptoDevBackendSymOpInfo *op_info, - uint32_t queue_index, Error **errp) -{ - return VIRTIO_CRYPTO_OK; + CryptoDevBackendClient *cc =3D + backend->conf.peers.ccs[queue_index]; + CryptoDevBackendVhost *vhost_crypto; + int ret; + + vhost_crypto =3D cryptodev_vhost_user_get_vhost(cc, backend, queue_ind= ex); + if (vhost_crypto) { + struct vhost_dev *dev =3D &(vhost_crypto->dev); + ret =3D dev->vhost_ops->vhost_crypto_close_session(dev, + session_id); + if (ret < 0) { + return -1; + } else { + return 0; + } + } + return -1; } =20 static void cryptodev_vhost_user_cleanup( @@ -326,7 +352,7 @@ cryptodev_vhost_user_class_init(ObjectClass *oc, void *= data) bc->cleanup =3D cryptodev_vhost_user_cleanup; bc->create_session =3D cryptodev_vhost_user_sym_create_session; bc->close_session =3D cryptodev_vhost_user_sym_close_session; - bc->do_sym_op =3D cryptodev_vhost_user_sym_operation; + bc->do_sym_op =3D NULL; } =20 static const TypeInfo cryptodev_vhost_user_info =3D { diff --git a/docs/interop/vhost-user.txt b/docs/interop/vhost-user.txt index 9fcf48d..cb3a759 100644 --- a/docs/interop/vhost-user.txt +++ b/docs/interop/vhost-user.txt @@ -368,6 +368,7 @@ Protocol features #define VHOST_USER_PROTOCOL_F_MTU 4 #define VHOST_USER_PROTOCOL_F_SLAVE_REQ 5 #define VHOST_USER_PROTOCOL_F_CROSS_ENDIAN 6 +#define VHOST_USER_PROTOCOL_F_CRYPTO_SESSION 7 =20 Master message types -------------------- @@ -663,6 +664,31 @@ Master message types field, and slaves MUST NOT accept SET_CONFIG for read-only configuration space fields unless the live migration bit is set. =20 +* VHOST_USER_CREATE_CRYPTO_SESSION + + Id: 26 + Equivalent ioctl: N/A + Master payload: crypto session description + Slave payload: crypto session description + + Create a session for crypto operation. The server side must return the + session id, 0 or positive for success, negative for failure. + This request should be sent only when VHOST_USER_PROTOCOL_F_CRYPTO_SE= SSION + feature has been successfully negotiated. + It's a required feature for crypto devices. + +* VHOST_USER_CLOSE_CRYPTO_SESSION + + Id: 27 + Equivalent ioctl: N/A + Master payload: u64 + + Close a session for crypto operation which was previously + created by VHOST_USER_CREATE_CRYPTO_SESSION. + This request should be sent only when VHOST_USER_PROTOCOL_F_CRYPTO_SE= SSION + feature has been successfully negotiated. + It's a required feature for crypto devices. + Slave message types ------------------- =20 diff --git a/hw/virtio/vhost-user.c b/hw/virtio/vhost-user.c index 6eb9798..41ff5cf 100644 --- a/hw/virtio/vhost-user.c +++ b/hw/virtio/vhost-user.c @@ -17,6 +17,7 @@ #include "sysemu/kvm.h" #include "qemu/error-report.h" #include "qemu/sockets.h" +#include "sysemu/cryptodev.h" =20 #include #include @@ -39,6 +40,7 @@ enum VhostUserProtocolFeature { VHOST_USER_PROTOCOL_F_NET_MTU =3D 4, VHOST_USER_PROTOCOL_F_SLAVE_REQ =3D 5, VHOST_USER_PROTOCOL_F_CROSS_ENDIAN =3D 6, + VHOST_USER_PROTOCOL_F_CRYPTO_SESSION =3D 7, =20 VHOST_USER_PROTOCOL_F_MAX }; @@ -72,6 +74,8 @@ typedef enum VhostUserRequest { VHOST_USER_SET_VRING_ENDIAN =3D 23, VHOST_USER_GET_CONFIG =3D 24, VHOST_USER_SET_CONFIG =3D 25, + VHOST_USER_CREATE_CRYPTO_SESSION =3D 26, + VHOST_USER_CLOSE_CRYPTO_SESSION =3D 27, VHOST_USER_MAX } VhostUserRequest; =20 @@ -107,6 +111,17 @@ typedef struct VhostUserConfig { uint8_t region[VHOST_USER_MAX_CONFIG_SIZE]; } VhostUserConfig; =20 +#define VHOST_CRYPTO_SYM_HMAC_MAX_KEY_LEN 512 +#define VHOST_CRYPTO_SYM_CIPHER_MAX_KEY_LEN 64 + +typedef struct VhostUserCryptoSession { + /* session id for success, -1 on errors */ + int64_t session_id; + CryptoDevBackendSymSessionInfo session_setup_data; + uint8_t key[VHOST_CRYPTO_SYM_CIPHER_MAX_KEY_LEN]; + uint8_t auth_key[VHOST_CRYPTO_SYM_HMAC_MAX_KEY_LEN]; +} VhostUserCryptoSession; + static VhostUserConfig c __attribute__ ((unused)); #define VHOST_USER_CONFIG_HDR_SIZE (sizeof(c.offset) \ + sizeof(c.size) \ @@ -132,6 +147,7 @@ typedef union { VhostUserLog log; struct vhost_iotlb_msg iotlb; VhostUserConfig config; + VhostUserCryptoSession session; } VhostUserPayload; =20 typedef struct VhostUserMsg { @@ -1054,6 +1070,92 @@ static int vhost_user_set_config(struct vhost_dev *d= ev, const uint8_t *data, return 0; } =20 +static int vhost_user_crypto_create_session(struct vhost_dev *dev, + void *session_info, + uint64_t *session_id) +{ + bool crypto_session =3D virtio_has_feature(dev->protocol_features, + VHOST_USER_PROTOCOL_F_CRYPTO_SESSIO= N); + CryptoDevBackendSymSessionInfo *sess_info =3D session_info; + VhostUserMsg msg =3D { + .hdr.request =3D VHOST_USER_CREATE_CRYPTO_SESSION, + .hdr.flags =3D VHOST_USER_VERSION, + .hdr.size =3D sizeof(msg.payload.session), + }; + + assert(dev->vhost_ops->backend_type =3D=3D VHOST_BACKEND_TYPE_USER); + + if (!crypto_session) { + error_report("vhost-user trying to send unhandled ioctl"); + return -1; + } + + memcpy(&msg.payload.session.session_setup_data, sess_info, + sizeof(CryptoDevBackendSymSessionInfo)); + if (sess_info->key_len) { + memcpy(&msg.payload.session.key, sess_info->cipher_key, + sess_info->key_len); + } + if (sess_info->auth_key_len > 0) { + memcpy(&msg.payload.session.auth_key, sess_info->auth_key, + sess_info->auth_key_len); + } + if (vhost_user_write(dev, &msg, NULL, 0) < 0) { + error_report("vhost_user_write() return -1, create session failed"= ); + return -1; + } + + if (vhost_user_read(dev, &msg) < 0) { + error_report("vhost_user_read() return -1, create session failed"); + return -1; + } + + if (msg.hdr.request !=3D VHOST_USER_CREATE_CRYPTO_SESSION) { + error_report("Received unexpected msg type. Expected %d received %= d", + VHOST_USER_CREATE_CRYPTO_SESSION, msg.hdr.request); + return -1; + } + + if (msg.hdr.size !=3D sizeof(msg.payload.session)) { + error_report("Received bad msg size."); + return -1; + } + + if (msg.payload.session.session_id < 0) { + error_report("Bad session id: %" PRId64 "", + msg.payload.session.session_id); + return -1; + } + *session_id =3D msg.payload.session.session_id; + + return 0; +} + +static int +vhost_user_crypto_close_session(struct vhost_dev *dev, uint64_t session_id) +{ + bool crypto_session =3D virtio_has_feature(dev->protocol_features, + VHOST_USER_PROTOCOL_F_CRYPTO_SESSIO= N); + VhostUserMsg msg =3D { + .hdr.request =3D VHOST_USER_CLOSE_CRYPTO_SESSION, + .hdr.flags =3D VHOST_USER_VERSION, + .hdr.size =3D sizeof(msg.payload.u64), + }; + msg.payload.u64 =3D session_id; + + if (!crypto_session) { + error_report("vhost-user trying to send unhandled ioctl"); + return -1; + } + + if (vhost_user_write(dev, &msg, NULL, 0) < 0) { + error_report("vhost_user_write() return -1, close session failed"); + return -1; + } + + return 0; +} + const VhostOps user_ops =3D { .backend_type =3D VHOST_BACKEND_TYPE_USER, .vhost_backend_init =3D vhost_user_init, @@ -1082,4 +1184,6 @@ const VhostOps user_ops =3D { .vhost_send_device_iotlb_msg =3D vhost_user_send_device_iotlb_msg, .vhost_get_config =3D vhost_user_get_config, .vhost_set_config =3D vhost_user_set_config, + .vhost_crypto_create_session =3D vhost_user_crypto_create_session, + .vhost_crypto_close_session =3D vhost_user_crypto_close_session, }; diff --git a/include/hw/virtio/vhost-backend.h b/include/hw/virtio/vhost-ba= ckend.h index 592254f..5dac61f 100644 --- a/include/hw/virtio/vhost-backend.h +++ b/include/hw/virtio/vhost-backend.h @@ -95,6 +95,12 @@ typedef int (*vhost_set_config_op)(struct vhost_dev *dev= , const uint8_t *data, typedef int (*vhost_get_config_op)(struct vhost_dev *dev, uint8_t *config, uint32_t config_len); =20 +typedef int (*vhost_crypto_create_session_op)(struct vhost_dev *dev, + void *session_info, + uint64_t *session_id); +typedef int (*vhost_crypto_close_session_op)(struct vhost_dev *dev, + uint64_t session_id); + typedef struct VhostOps { VhostBackendType backend_type; vhost_backend_init vhost_backend_init; @@ -130,6 +136,8 @@ typedef struct VhostOps { vhost_send_device_iotlb_msg_op vhost_send_device_iotlb_msg; vhost_get_config_op vhost_get_config; vhost_set_config_op vhost_set_config; + vhost_crypto_create_session_op vhost_crypto_create_session; + vhost_crypto_close_session_op vhost_crypto_close_session; } VhostOps; =20 extern const VhostOps user_ops; --=20 1.8.3.1