accel: Add crypto operation support

New library isa-l-crypto has been added, it is used by accel library in crypto operations.

New functions `spdk_accel_submit_encrypt` and `spdk_accel_submit_decrypt` were added.

### bdev

Both of interleaved and separated metadata are now supported by the malloc bdev module.

    "framework_monitor_context_switch",

    "spdk_kill_instance",

    "accel_get_opc_assignments",

    "accel_crypto_key_create",

    "accel_crypto_keys_get",

    "ioat_scan_accel_module",

    "dsa_scan_accel_module",

    "bdev_virtio_attach_controller",

}

~~~

### accel_crypto_key_create {#rpc_accel_crypto_key_create}

Create a crypt key which will be used in accel framework

#### Parameters

Name       | Optional | Type        | Description

-----------|----------| ----------- | -----------------

cipher     | Required | string      | crypto cipher to use

key        | Required | string      | Key in **hex** form

key2       | Optional | string      | Optional 2nd part of the key or a tweak in **hex** form

name       | Required | string      | The key name

#### Example

Example request:

~~~json

{

  "jsonrpc": "2.0",

  "method": "accel_crypto_key_create",

  "id": 1,

  "params": {

    "cipher": "AES_XTS",

    "key": "00112233445566778899001122334455",

    "key2": "00112233445566778899001122334455",

    "name": "super_key"

  }

}

~~~

Example response:

~~~json

{

  "jsonrpc": "2.0",

  "id": 1,

  "result": true

}

~~~

### accel_crypto_keys_get {#rpc_accel_crypto_keys_get}

Get information about existing crypto keys

#### Parameters

Name                    | Optional | Type        | Description

----------------------- |----------| ----------- | -----------------

key_name                | Optional | string      | If specified, return info about a specific key

#### Example

Example request:

~~~json

{

  "jsonrpc": "2.0",

  "method": "accel_crypto_keys_get",

  "id": 1

}

~~~

Example response:

~~~json

{

  "jsonrpc": "2.0",

  "id": 1,

  "result": [

    {

      "name": "test_dek",

      "cipher": "AES_XTS",

      "key": "00112233445566778899001122334455",

      "key2": "11223344556677889900112233445500"

    },

    {

      "name": "test_dek2",

      "cipher": "AES_XTS",

      "key": "11223344556677889900112233445500",

      "key2": "22334455667788990011223344550011"

    }

  ]

}

~~~

### dsa_scan_accel_module {#rpc_dsa_scan_accel_module}

Set config and enable dsa accel module offload.

/*   SPDX-License-Identifier: BSD-3-Clause

 *   Copyright (C) 2020 Intel Corporation.

 *   Copyright (c) 2022 NVIDIA CORPORATION & AFFILIATES

 *   All rights reserved.

 */

extern "C" {

#endif

/** Data Encryption Key identifier */

struct spdk_accel_crypto_key;

/* Flags for accel operations */

#define ACCEL_FLAG_PERSISTENT (1 << 0)

struct spdk_accel_crypto_key_create_param {

	char *cipher;	/**< Cipher to be used for crypto operations */

	char *hex_key;	/**< Hexlified key */

	char *hex_key2;	/**< Hexlified key2 */

	char *key_name;	/**< Key name */

};

enum accel_opcode {

	ACCEL_OPC_COPY			= 0,

	ACCEL_OPC_FILL			= 1,

	ACCEL_OPC_COPY_CRC32C		= 5,

	ACCEL_OPC_COMPRESS		= 6,

	ACCEL_OPC_DECOMPRESS		= 7,

	ACCEL_OPC_LAST			= 8,

	ACCEL_OPC_ENCRYPT		= 8,

	ACCEL_OPC_DECRYPT		= 9,

	ACCEL_OPC_LAST			= 10,

};

/**

 */

struct spdk_io_channel *spdk_accel_get_io_channel(void);

/**

 * Create a crypto key with given parameters. Accel module copies content of \b param structure

 *

 * \param param Key parameters

 * \return 0 on success, negated errno on error

 */

int spdk_accel_crypto_key_create(const struct spdk_accel_crypto_key_create_param *param);

/**

 * Destroy a crypto key

 *

 * \param key Key to destroy

 * \return 0 on success, negated errno on error

 */

int spdk_accel_crypto_key_destroy(struct spdk_accel_crypto_key *key);

/**

 * Find a crypto key structure by name

 * \param name Key name

 * \return Crypto key structure or NULL

 */

struct spdk_accel_crypto_key *spdk_accel_crypto_key_get(const char *name);

/**

 * Submit a copy request.

 *

void spdk_accel_put_buf(struct spdk_io_channel *ch, void *buf,

			struct spdk_memory_domain *domain, void *domain_ctx);

/**

 * Build and submit a data encryption request.

 *

 * This function will build the encryption request and submit it. \b nbytes must be multiple of \b block_size.

 * \b iv is used to encrypt the first logical block of size \b block_size. If \b src_iovs describes more than

 * one logical block then \b iv will be incremented for each next logical block.

 * Data Encryption Key identifier should be created before calling this function using methods specific to the accel

 * module being used.

 *

 * \param ch I/O channel associated with this call

 * \param key Data Encryption Key identifier

 * \param dst_iovs The io vector array which stores the dst data and len.

 * \param dst_iovcnt The size of the destination io vectors.

 * \param src_iovs The io vector array which stores the src data and len.

 * \param src_iovcnt The size of the source io vectors.

 * \param iv Initialization vector (tweak) used for encryption

 * \param block_size Logical block size, if src contains more than 1 logical block, subsequent logical blocks will be

 * encrypted with incremented \b iv

 * \param flags Accel framework flags for operations.

 * \param cb_fn Callback function which will be called when the request is complete.

 * \param cb_arg Opaque value which will be passed back as the arg parameter in the completion callback.

 *

 * \return 0 on success, negative errno on failure.

 */

int spdk_accel_submit_encrypt(struct spdk_io_channel *ch, struct spdk_accel_crypto_key *key,

			      struct iovec *dst_iovs, uint32_t dst_iovcnt,

			      struct iovec *src_iovs, uint32_t src_iovcnt,

			      uint64_t iv, uint32_t block_size, int flags,

			      spdk_accel_completion_cb cb_fn, void *cb_arg);

/**

 * Build and submit a data decryption request.

 *

 * This function will build the decryption request and submit it. \b nbytes must be multiple of \b block_size.

 * \b iv is used to decrypt the first logical block of size \b block_size. If \b src_iovs describes more than

 * one logical block then \b iv will be incremented for each next logical block.

 * Data Encryption Key identifier should be created before calling this function using methods specific to the accel

 * module being used.

 *

 * \param ch I/O channel associated with this call

 * \param key Data Encryption Key identifier

 * \param dst_iovs The io vector array which stores the dst data and len.

 * \param dst_iovcnt The size of the destination io vectors.

 * \param src_iovs The io vector array which stores the src data and len.

 * \param src_iovcnt The size of the source io vectors.

 * \param iv Initialization vector (tweak) used for decryption. Should be the same as \b iv used for encryption of a

 * data block

 * \param block_size Logical block size, if src contains more than 1 logical block, subsequent logical blocks will be

 * decrypted with incremented \b iv

 * \param flags Accel framework flags for operations.

 * \param cb_fn Callback function which will be called when the request is complete.

 * \param cb_arg Opaque value which will be passed back as the arg parameter in the completion callback.

 *

 * \return 0 on success, negative errno on failure.

 */

int spdk_accel_submit_decrypt(struct spdk_io_channel *ch, struct spdk_accel_crypto_key *key,

			      struct iovec *dst_iovs, uint32_t dst_iovcnt,

			      struct iovec *src_iovs, uint32_t src_iovcnt,

			      uint64_t iv, uint32_t block_size, int flags,

			      spdk_accel_completion_cb cb_fn, void *cb_arg);

/**

 * Return the name of the module assigned to a specific opcode.

 *

/*   SPDX-License-Identifier: BSD-3-Clause

 *   Copyright (C) 2020 Intel Corporation.

 *   Copyright (c) 2022 NVIDIA CORPORATION & AFFILIATES

 *   All rights reserved.

 */

#include "spdk/queue.h"

#include "spdk/config.h"

struct spdk_accel_module_if;

struct spdk_accel_task;

void spdk_accel_task_complete(struct spdk_accel_task *task, int status);

/** Some reasonable key length used with strnlen() */

#define SPDK_ACCEL_CRYPTO_KEY_MAX_HEX_LENGTH (256 + 1)

struct spdk_accel_crypto_key {

	void *priv;					/**< Module private data */

	char *key;					/**< Key in binary form */

	size_t key_size;				/**< Key size in bytes */

	char *key2;					/**< Key2 in binary form */

	size_t key2_size;				/**< Key2 size in bytes */

	struct spdk_accel_module_if *module_if;			/**< Accel module the key belongs to */

	struct spdk_accel_crypto_key_create_param param;	/**< User input parameters */

	TAILQ_ENTRY(spdk_accel_crypto_key) link;

};

struct spdk_accel_task {

	struct accel_io_channel		*accel_ch;

	spdk_accel_completion_cb	cb_fn;

		void				*dst2;

		uint32_t			seed;

		uint64_t			fill_pattern;

		struct spdk_accel_crypto_key	*crypto_key;

	};

	union {

		uint32_t		*crc_dst;

		uint32_t		*output_size;

		uint32_t		block_size; /* for crypto op */

	};

	enum accel_opcode		op_code;

	uint64_t			nbytes;

	uint64_t			nbytes_dst;

	union {

		uint64_t		nbytes_dst; /* for compress op */

		uint64_t		iv; /* Initialization vector (tweak) for crypto op */

	};

	int				flags;

	int				status;

	TAILQ_ENTRY(spdk_accel_task)	link;

	struct spdk_io_channel *(*get_io_channel)(void);

	int (*submit_tasks)(struct spdk_io_channel *ch, struct spdk_accel_task *accel_task);

	/**

	 * Create crypto key function. Module is responsible to fill all necessary parameters in

	 * \b spdk_accel_crypto_key structure

	 */

	int (*crypto_key_init)(struct spdk_accel_crypto_key *key);

	void (*crypto_key_deinit)(struct spdk_accel_crypto_key *key);

	TAILQ_ENTRY(spdk_accel_module_if)	tailq;

};

#  SPDX-License-Identifier: BSD-3-Clause

#  Copyright (C) 2015 Intel Corporation.

#  Copyright (c) 2022 NVIDIA CORPORATION & AFFILIATES

#  All rights reserved.

#

LOCAL_SYS_LIBS = -L$(ISAL_DIR)/.libs -lisal

endif

ifeq ($(CONFIG_ISAL_CRYPTO), y)

LOCAL_SYS_LIBS = -L$(ISAL_CRYPTO_DIR)/.libs -lisal_crypto

endif

SPDK_MAP_FILE = $(abspath $(CURDIR)/spdk_accel.map)

include $(SPDK_ROOT_DIR)/mk/spdk.lib.mk