1 /* 2 * QEMU Cryptodev backend for QEMU cipher APIs 3 * 4 * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD. 5 * 6 * Authors: 7 * Gonglei <arei.gonglei@huawei.com> 8 * 9 * This library is free software; you can redistribute it and/or 10 * modify it under the terms of the GNU Lesser General Public 11 * License as published by the Free Software Foundation; either 12 * version 2 of the License, or (at your option) any later version. 13 * 14 * This library is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 17 * Lesser General Public License for more details. 18 * 19 * You should have received a copy of the GNU Lesser General Public 20 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 21 * 22 */ 23 24 #include "qemu/osdep.h" 25 #include "qapi/error.h" 26 #include "qapi/qmp/qerror.h" 27 #include "qemu/error-report.h" 28 #include "hw/virtio/vhost-user.h" 29 #include "standard-headers/linux/virtio_crypto.h" 30 #include "sysemu/cryptodev-vhost.h" 31 #include "chardev/char-fe.h" 32 #include "sysemu/cryptodev-vhost-user.h" 33 #include "qom/object.h" 34 35 36 /** 37 * @TYPE_CRYPTODEV_BACKEND_VHOST_USER: 38 * name of backend that uses vhost user server 39 */ 40 #define TYPE_CRYPTODEV_BACKEND_VHOST_USER "cryptodev-vhost-user" 41 42 typedef struct CryptoDevBackendVhostUser CryptoDevBackendVhostUser; 43 #define CRYPTODEV_BACKEND_VHOST_USER(obj) \ 44 OBJECT_CHECK(CryptoDevBackendVhostUser, \ 45 (obj), TYPE_CRYPTODEV_BACKEND_VHOST_USER) 46 47 48 struct CryptoDevBackendVhostUser { 49 CryptoDevBackend parent_obj; 50 51 VhostUserState vhost_user; 52 CharBackend chr; 53 char *chr_name; 54 bool opened; 55 CryptoDevBackendVhost *vhost_crypto[MAX_CRYPTO_QUEUE_NUM]; 56 }; 57 58 static int 59 cryptodev_vhost_user_running( 60 CryptoDevBackendVhost *crypto) 61 { 62 return crypto ? 1 : 0; 63 } 64 65 CryptoDevBackendVhost * 66 cryptodev_vhost_user_get_vhost( 67 CryptoDevBackendClient *cc, 68 CryptoDevBackend *b, 69 uint16_t queue) 70 { 71 CryptoDevBackendVhostUser *s = 72 CRYPTODEV_BACKEND_VHOST_USER(b); 73 assert(cc->type == CRYPTODEV_BACKEND_TYPE_VHOST_USER); 74 assert(queue < MAX_CRYPTO_QUEUE_NUM); 75 76 return s->vhost_crypto[queue]; 77 } 78 79 static void cryptodev_vhost_user_stop(int queues, 80 CryptoDevBackendVhostUser *s) 81 { 82 size_t i; 83 84 for (i = 0; i < queues; i++) { 85 if (!cryptodev_vhost_user_running(s->vhost_crypto[i])) { 86 continue; 87 } 88 89 cryptodev_vhost_cleanup(s->vhost_crypto[i]); 90 s->vhost_crypto[i] = NULL; 91 } 92 } 93 94 static int 95 cryptodev_vhost_user_start(int queues, 96 CryptoDevBackendVhostUser *s) 97 { 98 CryptoDevBackendVhostOptions options; 99 CryptoDevBackend *b = CRYPTODEV_BACKEND(s); 100 int max_queues; 101 size_t i; 102 103 for (i = 0; i < queues; i++) { 104 if (cryptodev_vhost_user_running(s->vhost_crypto[i])) { 105 continue; 106 } 107 108 options.opaque = &s->vhost_user; 109 options.backend_type = VHOST_BACKEND_TYPE_USER; 110 options.cc = b->conf.peers.ccs[i]; 111 s->vhost_crypto[i] = cryptodev_vhost_init(&options); 112 if (!s->vhost_crypto[i]) { 113 error_report("failed to init vhost_crypto for queue %zu", i); 114 goto err; 115 } 116 117 if (i == 0) { 118 max_queues = 119 cryptodev_vhost_get_max_queues(s->vhost_crypto[i]); 120 if (queues > max_queues) { 121 error_report("you are asking more queues than supported: %d", 122 max_queues); 123 goto err; 124 } 125 } 126 } 127 128 return 0; 129 130 err: 131 cryptodev_vhost_user_stop(i + 1, s); 132 return -1; 133 } 134 135 static Chardev * 136 cryptodev_vhost_claim_chardev(CryptoDevBackendVhostUser *s, 137 Error **errp) 138 { 139 Chardev *chr; 140 141 if (s->chr_name == NULL) { 142 error_setg(errp, QERR_INVALID_PARAMETER_VALUE, 143 "chardev", "a valid character device"); 144 return NULL; 145 } 146 147 chr = qemu_chr_find(s->chr_name); 148 if (chr == NULL) { 149 error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND, 150 "Device '%s' not found", s->chr_name); 151 return NULL; 152 } 153 154 return chr; 155 } 156 157 static void cryptodev_vhost_user_event(void *opaque, QEMUChrEvent event) 158 { 159 CryptoDevBackendVhostUser *s = opaque; 160 CryptoDevBackend *b = CRYPTODEV_BACKEND(s); 161 int queues = b->conf.peers.queues; 162 163 assert(queues < MAX_CRYPTO_QUEUE_NUM); 164 165 switch (event) { 166 case CHR_EVENT_OPENED: 167 if (cryptodev_vhost_user_start(queues, s) < 0) { 168 exit(1); 169 } 170 b->ready = true; 171 break; 172 case CHR_EVENT_CLOSED: 173 b->ready = false; 174 cryptodev_vhost_user_stop(queues, s); 175 break; 176 case CHR_EVENT_BREAK: 177 case CHR_EVENT_MUX_IN: 178 case CHR_EVENT_MUX_OUT: 179 /* Ignore */ 180 break; 181 } 182 } 183 184 static void cryptodev_vhost_user_init( 185 CryptoDevBackend *backend, Error **errp) 186 { 187 int queues = backend->conf.peers.queues; 188 size_t i; 189 Error *local_err = NULL; 190 Chardev *chr; 191 CryptoDevBackendClient *cc; 192 CryptoDevBackendVhostUser *s = 193 CRYPTODEV_BACKEND_VHOST_USER(backend); 194 195 chr = cryptodev_vhost_claim_chardev(s, &local_err); 196 if (local_err) { 197 error_propagate(errp, local_err); 198 return; 199 } 200 201 s->opened = true; 202 203 for (i = 0; i < queues; i++) { 204 cc = cryptodev_backend_new_client( 205 "cryptodev-vhost-user", NULL); 206 cc->info_str = g_strdup_printf("cryptodev-vhost-user%zu to %s ", 207 i, chr->label); 208 cc->queue_index = i; 209 cc->type = CRYPTODEV_BACKEND_TYPE_VHOST_USER; 210 211 backend->conf.peers.ccs[i] = cc; 212 213 if (i == 0) { 214 if (!qemu_chr_fe_init(&s->chr, chr, errp)) { 215 return; 216 } 217 } 218 } 219 220 if (!vhost_user_init(&s->vhost_user, &s->chr, errp)) { 221 return; 222 } 223 224 qemu_chr_fe_set_handlers(&s->chr, NULL, NULL, 225 cryptodev_vhost_user_event, NULL, s, NULL, true); 226 227 backend->conf.crypto_services = 228 1u << VIRTIO_CRYPTO_SERVICE_CIPHER | 229 1u << VIRTIO_CRYPTO_SERVICE_HASH | 230 1u << VIRTIO_CRYPTO_SERVICE_MAC; 231 backend->conf.cipher_algo_l = 1u << VIRTIO_CRYPTO_CIPHER_AES_CBC; 232 backend->conf.hash_algo = 1u << VIRTIO_CRYPTO_HASH_SHA1; 233 234 backend->conf.max_size = UINT64_MAX; 235 backend->conf.max_cipher_key_len = VHOST_USER_MAX_CIPHER_KEY_LEN; 236 backend->conf.max_auth_key_len = VHOST_USER_MAX_AUTH_KEY_LEN; 237 } 238 239 static int64_t cryptodev_vhost_user_sym_create_session( 240 CryptoDevBackend *backend, 241 CryptoDevBackendSymSessionInfo *sess_info, 242 uint32_t queue_index, Error **errp) 243 { 244 CryptoDevBackendClient *cc = 245 backend->conf.peers.ccs[queue_index]; 246 CryptoDevBackendVhost *vhost_crypto; 247 uint64_t session_id = 0; 248 int ret; 249 250 vhost_crypto = cryptodev_vhost_user_get_vhost(cc, backend, queue_index); 251 if (vhost_crypto) { 252 struct vhost_dev *dev = &(vhost_crypto->dev); 253 ret = dev->vhost_ops->vhost_crypto_create_session(dev, 254 sess_info, 255 &session_id); 256 if (ret < 0) { 257 return -1; 258 } else { 259 return session_id; 260 } 261 } 262 return -1; 263 } 264 265 static int cryptodev_vhost_user_sym_close_session( 266 CryptoDevBackend *backend, 267 uint64_t session_id, 268 uint32_t queue_index, Error **errp) 269 { 270 CryptoDevBackendClient *cc = 271 backend->conf.peers.ccs[queue_index]; 272 CryptoDevBackendVhost *vhost_crypto; 273 int ret; 274 275 vhost_crypto = cryptodev_vhost_user_get_vhost(cc, backend, queue_index); 276 if (vhost_crypto) { 277 struct vhost_dev *dev = &(vhost_crypto->dev); 278 ret = dev->vhost_ops->vhost_crypto_close_session(dev, 279 session_id); 280 if (ret < 0) { 281 return -1; 282 } else { 283 return 0; 284 } 285 } 286 return -1; 287 } 288 289 static void cryptodev_vhost_user_cleanup( 290 CryptoDevBackend *backend, 291 Error **errp) 292 { 293 CryptoDevBackendVhostUser *s = 294 CRYPTODEV_BACKEND_VHOST_USER(backend); 295 size_t i; 296 int queues = backend->conf.peers.queues; 297 CryptoDevBackendClient *cc; 298 299 cryptodev_vhost_user_stop(queues, s); 300 301 for (i = 0; i < queues; i++) { 302 cc = backend->conf.peers.ccs[i]; 303 if (cc) { 304 cryptodev_backend_free_client(cc); 305 backend->conf.peers.ccs[i] = NULL; 306 } 307 } 308 309 vhost_user_cleanup(&s->vhost_user); 310 } 311 312 static void cryptodev_vhost_user_set_chardev(Object *obj, 313 const char *value, Error **errp) 314 { 315 CryptoDevBackendVhostUser *s = 316 CRYPTODEV_BACKEND_VHOST_USER(obj); 317 318 if (s->opened) { 319 error_setg(errp, QERR_PERMISSION_DENIED); 320 } else { 321 g_free(s->chr_name); 322 s->chr_name = g_strdup(value); 323 } 324 } 325 326 static char * 327 cryptodev_vhost_user_get_chardev(Object *obj, Error **errp) 328 { 329 CryptoDevBackendVhostUser *s = 330 CRYPTODEV_BACKEND_VHOST_USER(obj); 331 Chardev *chr = qemu_chr_fe_get_driver(&s->chr); 332 333 if (chr && chr->label) { 334 return g_strdup(chr->label); 335 } 336 337 return NULL; 338 } 339 340 static void cryptodev_vhost_user_instance_int(Object *obj) 341 { 342 object_property_add_str(obj, "chardev", 343 cryptodev_vhost_user_get_chardev, 344 cryptodev_vhost_user_set_chardev); 345 } 346 347 static void cryptodev_vhost_user_finalize(Object *obj) 348 { 349 CryptoDevBackendVhostUser *s = 350 CRYPTODEV_BACKEND_VHOST_USER(obj); 351 352 qemu_chr_fe_deinit(&s->chr, false); 353 354 g_free(s->chr_name); 355 } 356 357 static void 358 cryptodev_vhost_user_class_init(ObjectClass *oc, void *data) 359 { 360 CryptoDevBackendClass *bc = CRYPTODEV_BACKEND_CLASS(oc); 361 362 bc->init = cryptodev_vhost_user_init; 363 bc->cleanup = cryptodev_vhost_user_cleanup; 364 bc->create_session = cryptodev_vhost_user_sym_create_session; 365 bc->close_session = cryptodev_vhost_user_sym_close_session; 366 bc->do_sym_op = NULL; 367 } 368 369 static const TypeInfo cryptodev_vhost_user_info = { 370 .name = TYPE_CRYPTODEV_BACKEND_VHOST_USER, 371 .parent = TYPE_CRYPTODEV_BACKEND, 372 .class_init = cryptodev_vhost_user_class_init, 373 .instance_init = cryptodev_vhost_user_instance_int, 374 .instance_finalize = cryptodev_vhost_user_finalize, 375 .instance_size = sizeof(CryptoDevBackendVhostUser), 376 }; 377 378 static void 379 cryptodev_vhost_user_register_types(void) 380 { 381 type_register_static(&cryptodev_vhost_user_info); 382 } 383 384 type_init(cryptodev_vhost_user_register_types); 385