Skip to content

Commit

Permalink
Merge pull request #47040 from hualongfeng/qat_batch_mode
Browse files Browse the repository at this point in the history 
Crypto: Add QAT batch mode

Reviewed-by: Casey Bodley <cbodley@redhat.com>
  • Loading branch information
@cbodley
cbodley committed Mar 11, 2023
2 parents 2732527 + c097b24 commit e64a0de
Show file tree
Hide file tree
Showing 20 changed files with 640 additions and 391 deletions.
17 changes: 15 additions & 2 deletions src/crypto/crypto_accel.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,21 +17,34 @@
#include <cstddef>
#include "include/Context.h"

class optional_yield;

class CryptoAccel;
typedef std::shared_ptr<CryptoAccel> CryptoAccelRef;

class CryptoAccel {
public:
CryptoAccel() {}
CryptoAccel(const size_t chunk_size, const size_t max_requests) {}
virtual ~CryptoAccel() {}

static const int AES_256_IVSIZE = 128/8;
static const int AES_256_KEYSIZE = 256/8;
virtual bool cbc_encrypt(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char (&iv)[AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE]) = 0;
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y) = 0;
virtual bool cbc_decrypt(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char (&iv)[AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE]) = 0;
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y) = 0;
virtual bool cbc_encrypt_batch(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char iv[][AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y) = 0;
virtual bool cbc_decrypt_batch(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char iv[][AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y) = 0;
};
#endif
5 changes: 4 additions & 1 deletion src/crypto/crypto_plugin.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
#include "ostream"

#include "crypto/crypto_accel.h"
#include <boost/asio/io_context.hpp>
// -----------------------------------------------------------------------------

class CryptoPlugin : public ceph::Plugin {
Expand All @@ -31,6 +32,8 @@ class CryptoPlugin : public ceph::Plugin {
~CryptoPlugin()
{}
virtual int factory(CryptoAccelRef *cs,
std::ostream *ss) = 0;
std::ostream *ss,
const size_t chunk_size,
const size_t max_requests) = 0;
};
#endif
3 changes: 3 additions & 0 deletions src/crypto/isa-l/CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,9 @@ endif(HAVE_NASM_X64)

add_library(ceph_crypto_isal SHARED ${isal_crypto_plugin_srcs})
target_include_directories(ceph_crypto_isal PRIVATE ${isal_dir}/include)

target_link_libraries(ceph_crypto_isal PRIVATE spawn)

set_target_properties(ceph_crypto_isal PROPERTIES
VERSION 1.0.0
SOVERSION 1
Expand Down
10 changes: 6 additions & 4 deletions src/crypto/isa-l/isal_crypto_accel.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,10 @@

bool ISALCryptoAccel::cbc_encrypt(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char (&iv)[AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE])
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y)
{
if ((size % AES_256_IVSIZE) != 0) {
if (unlikely((size % AES_256_IVSIZE) != 0)) {
return false;
}
alignas(16) struct cbc_key_data keys_blk;
Expand All @@ -31,9 +32,10 @@ bool ISALCryptoAccel::cbc_encrypt(unsigned char* out, const unsigned char* in, s
}
bool ISALCryptoAccel::cbc_decrypt(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char (&iv)[AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE])
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y)
{
if ((size % AES_256_IVSIZE) != 0) {
if (unlikely((size % AES_256_IVSIZE) != 0)) {
return false;
}
alignas(16) struct cbc_key_data keys_blk;
Expand Down
15 changes: 13 additions & 2 deletions src/crypto/isa-l/isal_crypto_accel.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
#ifndef ISAL_CRYPTO_ACCEL_H
#define ISAL_CRYPTO_ACCEL_H
#include "crypto/crypto_accel.h"
#include "common/async/yield_context.h"

class ISALCryptoAccel : public CryptoAccel {
public:
Expand All @@ -23,9 +24,19 @@ class ISALCryptoAccel : public CryptoAccel {

bool cbc_encrypt(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char (&iv)[AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE]) override;
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y) override;
bool cbc_decrypt(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char (&iv)[AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE]) override;
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y) override;
bool cbc_encrypt_batch(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char iv[][AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y) override { return false; }
bool cbc_decrypt_batch(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char iv[][AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y) override { return false; }
};
#endif
4 changes: 3 additions & 1 deletion src/crypto/isa-l/isal_crypto_plugin.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,9 @@ class ISALCryptoPlugin : public CryptoPlugin {
~ISALCryptoPlugin()
{}
virtual int factory(CryptoAccelRef *cs,
std::ostream *ss)
std::ostream *ss,
const size_t chunk_size,
const size_t max_requests)
{
if (cryptoaccel == nullptr)
{
Expand Down
3 changes: 2 additions & 1 deletion src/crypto/openssl/CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,8 @@ set(openssl_crypto_plugin_srcs
add_library(ceph_crypto_openssl SHARED ${openssl_crypto_plugin_srcs})
target_link_libraries(ceph_crypto_openssl
PRIVATE OpenSSL::Crypto
$<$<PLATFORM_ID:Windows>:ceph-common>)
$<$<PLATFORM_ID:Windows>:ceph-common>
spawn)
target_include_directories(ceph_crypto_openssl PRIVATE ${OPENSSL_INCLUDE_DIR})
add_dependencies(crypto_plugins ceph_crypto_openssl)
set_target_properties(ceph_crypto_openssl PROPERTIES INSTALL_RPATH "")
Expand Down
10 changes: 6 additions & 4 deletions src/crypto/openssl/openssl_crypto_accel.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,9 +77,10 @@ bool evp_transform(unsigned char* out, const unsigned char* in, size_t size,

bool OpenSSLCryptoAccel::cbc_encrypt(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char (&iv)[AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE])
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y)
{
if ((size % AES_256_IVSIZE) != 0) {
if (unlikely((size % AES_256_IVSIZE) != 0)) {
return false;
}

Expand All @@ -91,9 +92,10 @@ bool OpenSSLCryptoAccel::cbc_encrypt(unsigned char* out, const unsigned char* in

bool OpenSSLCryptoAccel::cbc_decrypt(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char (&iv)[AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE])
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y)
{
if ((size % AES_256_IVSIZE) != 0) {
if (unlikely((size % AES_256_IVSIZE) != 0)) {
return false;
}

Expand Down
15 changes: 13 additions & 2 deletions src/crypto/openssl/openssl_crypto_accel.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
#define OPENSSL_CRYPTO_ACCEL_H

#include "crypto/crypto_accel.h"
#include "common/async/yield_context.h"

class OpenSSLCryptoAccel : public CryptoAccel {
public:
Expand All @@ -24,9 +25,19 @@ class OpenSSLCryptoAccel : public CryptoAccel {

bool cbc_encrypt(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char (&iv)[AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE]) override;
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y) override;
bool cbc_decrypt(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char (&iv)[AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE]) override;
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y) override;
bool cbc_encrypt_batch(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char iv[][AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y) override { return false; }
bool cbc_decrypt_batch(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char iv[][AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y) override { return false; }
};
#endif
5 changes: 4 additions & 1 deletion src/crypto/openssl/openssl_crypto_plugin.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,10 @@ class OpenSSLCryptoPlugin : public CryptoPlugin {
public:
explicit OpenSSLCryptoPlugin(CephContext* cct) : CryptoPlugin(cct)
{}
int factory(CryptoAccelRef *cs, std::ostream *ss) override {
int factory(CryptoAccelRef *cs,
std::ostream *ss,
const size_t chunk_size,
const size_t max_requests) override {
if (cryptoaccel == nullptr)
cryptoaccel = CryptoAccelRef(new OpenSSLCryptoAccel);

Expand Down
3 changes: 2 additions & 1 deletion src/crypto/qat/CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,8 @@ add_dependencies(crypto_plugins ceph_crypto_qat)

target_link_libraries(ceph_crypto_qat PRIVATE
QatDrv::qat_s
QatDrv::usdm_drv_s)
QatDrv::usdm_drv_s
spawn)

add_dependencies(crypto_plugins ceph_crypto_qat)
set_target_properties(ceph_crypto_qat PROPERTIES VERSION 1.0.0 SOVERSION 1)
Expand Down
37 changes: 21 additions & 16 deletions src/crypto/qat/qat_crypto_accel.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,28 +15,33 @@

#include "crypto/qat/qat_crypto_accel.h"

bool QccCryptoAccel::cbc_encrypt(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char (&iv)[AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE])
{
if ((size % AES_256_IVSIZE) != 0) {



bool QccCryptoAccel::cbc_encrypt_batch(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char iv[][AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y) {
if (unlikely((size % AES_256_IVSIZE) != 0)) {
return false;
}

return qcccrypto.perform_op(out, in, size,
const_cast<unsigned char *>(&iv[0]),
const_cast<unsigned char *>(&key[0]), CPA_CY_SYM_CIPHER_DIRECTION_ENCRYPT);
return qcccrypto.perform_op_batch(out, in, size,
const_cast<unsigned char *>(&iv[0][0]),
const_cast<unsigned char *>(&key[0]),
CPA_CY_SYM_CIPHER_DIRECTION_ENCRYPT, y);
}

bool QccCryptoAccel::cbc_decrypt(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char (&iv)[AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE])
{
if ((size % AES_256_IVSIZE) != 0) {
bool QccCryptoAccel::cbc_decrypt_batch(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char iv[][AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y) {
if (unlikely((size % AES_256_IVSIZE) != 0)) {
return false;
}

return qcccrypto.perform_op(out, in, size,
const_cast<unsigned char *>(&iv[0]),
const_cast<unsigned char *>(&key[0]), CPA_CY_SYM_CIPHER_DIRECTION_DECRYPT);
return qcccrypto.perform_op_batch(out, in, size,
const_cast<unsigned char *>(&iv[0][0]),
const_cast<unsigned char *>(&key[0]),
CPA_CY_SYM_CIPHER_DIRECTION_DECRYPT, y);
}
17 changes: 14 additions & 3 deletions src/crypto/qat/qat_crypto_accel.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,18 +18,29 @@

#include "crypto/crypto_accel.h"
#include "crypto/qat/qcccrypto.h"
#include "common/async/yield_context.h"

class QccCryptoAccel : public CryptoAccel {
public:
QccCrypto qcccrypto;
QccCryptoAccel() { qcccrypto.init(); };
QccCryptoAccel(const size_t chunk_size, const size_t max_requests):qcccrypto() { qcccrypto.init(chunk_size, max_requests); };
~QccCryptoAccel() { qcccrypto.destroy(); };

bool cbc_encrypt(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char (&iv)[AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE]) override;
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y) override { return false; }
bool cbc_decrypt(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char (&iv)[AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE]) override;
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y) override { return false; }
bool cbc_encrypt_batch(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char iv[][AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y) override;
bool cbc_decrypt_batch(unsigned char* out, const unsigned char* in, size_t size,
const unsigned char iv[][AES_256_IVSIZE],
const unsigned char (&key)[AES_256_KEYSIZE],
optional_yield y) override;
};
#endif
4 changes: 2 additions & 2 deletions src/crypto/qat/qat_crypto_plugin.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,11 +29,11 @@ class QccCryptoPlugin : public CryptoPlugin {
{}
~QccCryptoPlugin()
{}
virtual int factory(CryptoAccelRef *cs, std::ostream *ss)
virtual int factory(CryptoAccelRef *cs, std::ostream *ss, const size_t chunk_size, const size_t max_requests)
{
std::lock_guard<std::mutex> l(qat_init);
if (cryptoaccel == nullptr)
cryptoaccel = CryptoAccelRef(new QccCryptoAccel);
cryptoaccel = CryptoAccelRef(new QccCryptoAccel(chunk_size, max_requests));

*cs = cryptoaccel;
return 0;
Expand Down

0 comments on commit e64a0de

Please sign in to comment.