The accelerated algo. is in use when the code is run on a h/w box which has the C2xxx SoC with QAT 1.5.
*O/p from /proc/crypto*: name : authenc(hmac(sha512),cbc(des3_ede)) driver : icp_qat_des3_cbc_sha512_hmac module : icp_qat_netkey priority : 4001 refcnt : 1 selftest : passed type : aead async : yes blocksize : 8 ivsize : 8 maxauthsize : 64 geniv : <built-in> *Now, in case where the code in run on linux box:*name : authenc(hmac(sha256),cbc(aes)) driver : authenc(hmac(sha256-generic),cbc(aes-asm)) module : authenc priority : 2000 refcnt : 9 selftest : passed type : aead async : no blocksize : 16 ivsize : 16 maxauthsize : 32 geniv : <built-in> I will rephrase my question. I think it was not asked clearly in the previous email. So, I have used cryptodev-linux module (http://cryptodev-linux.org/) for FIPS validation to access the /dev/crypto interface and running user space code (example under cryptodev-linux-1.8/examples/ ). This took car of the FIPs validation when the code was running on the linux box as the linux kernel code did the encrypt decrypt. I need to do the same FIPS validation on the h/w box which has C2xxx SoC with QAT 1.5. I am not sure how to access drivers to get o/p for fips validation for various alogo's. I was under the impression, using cryptodev-linux module would do it by detecting the code is run on h/w and the kernel would handoff the encrypt/decrypt operations to the h/w. In short, can we use cryptodev-linux module to access C2xxx SoC. or any other library like cryptodev-linux to access it? Thank you, -- Chirag On Thu, Feb 2, 2017 at 7:39 AM, Phil Sutter <p...@nwl.cc> wrote: > Hi, > > On Thu, Feb 02, 2017 at 06:53:55AM -0800, Chirag Shahani wrote: > > Thanks for your reply. > > > > Yes. The QAT 1.5 module is loaded. I verified that by: > > > > cat /proc/icp_c2xxx_dev0/version > > +--------------------------------------------------+ > > | Hardware and Software versions for device 0 > > | > > +--------------------------------------------------+ > > Hardware Version: B0 SKU1 > > Firmware Version: > > 1.3.0 > > MMP Version: > > 1.0.0 > > Driver Version: > > 1.3.0 > > +--------------------------------------------------+ > > > > lsmod also shows the o/p, that the driver is loaded. > > lsmod | grep icp > > The following is displayed: > > # icp_qat_netkey 6748 0 > > # icp_qa_al 1334748 2 icp_qat_netkey > > > > Also, when I started IPSec traffic, the counters were increasing. > > > > How can I confirm that the upstream has support for C2xxx? > > It would be great if you can point me to the piece of code in upstream > > which has support for any other acceleration. I can maybe research from > > there on how can I add support for C2xxx? > > To see whether some accelerated algorithm is in use, have a look at > /proc/crypto (ideally compare before loading the module and after your > IPsec test). QAT drivers reside within drivers/crypto/qat within Linux > kernel sources. You might want to have a look if something in there > supports your engine. > > Cheers, Phil >
_______________________________________________ Cryptodev-linux-devel mailing list Cryptodev-linux-devel@gna.org https://mail.gna.org/listinfo/cryptodev-linux-devel
