Add crypto capabilities scope for zsda device.
Signed-off-by: Hanxiao Li <li.hanx...@zte.com.cn>
---
doc/guides/cryptodevs/features/zsda.ini | 51 ++++++++
doc/guides/cryptodevs/zsda.rst | 26 ++++
doc/guides/rel_notes/release_25_07.rst | 8 ++
.../crypto/zsda/zsda_crypto_capabilities.h | 111 ++++++++++++++++++
drivers/crypto/zsda/zsda_crypto_pmd.c | 29 ++++-
5 files changed, 224 insertions(+), 1 deletion(-)
create mode 100644 doc/guides/cryptodevs/features/zsda.ini
create mode 100644 drivers/crypto/zsda/zsda_crypto_capabilities.h
diff --git a/doc/guides/cryptodevs/features/zsda.ini
b/doc/guides/cryptodevs/features/zsda.ini
new file mode 100644
index 0000000000..b0f10f8de9
--- /dev/null
+++ b/doc/guides/cryptodevs/features/zsda.ini
@@ -0,0 +1,51 @@
+;
+; Supported features of the 'zsda' crypto driver.
+;
+; Refer to default.ini for the full list of available PMD features.
+;
+[Features]
+Symmetric crypto = Y
+HW Accelerated = Y
+In Place SGL = Y
+OOP SGL In SGL Out = Y
+OOP SGL In LB Out = Y
+OOP LB In SGL Out = Y
+OOP LB In LB Out = Y
+
+;
+; Supported crypto algorithms of the 'zsda' crypto driver.
+;
+[Cipher]
+AES XTS (128) = Y
+AES XTS (256) = Y
+SM4 XTS = Y
+
+;
+; Supported authentication algorithms of the 'zsda' crypto driver.
+;
+[Auth]
+SHA1 = Y
+SHA224 = Y
+SHA256 = Y
+SHA384 = Y
+SHA512 = Y
+SM3 = Y
+
+
+;
+; Supported AEAD algorithms of the 'zsda' crypto driver.
+;
+[AEAD]
+
+
+;
+; Supported Asymmetric algorithms of the 'zsda' crypto driver.
+;
+[Asymmetric]
+
+
+;
+; Supported Operating systems of the 'zsda' crypto driver.
+;
+[OS]
+Linux = Y
diff --git a/doc/guides/cryptodevs/zsda.rst b/doc/guides/cryptodevs/zsda.rst
index 0a7aeb2d50..2b7de0422d 100644
--- a/doc/guides/cryptodevs/zsda.rst
+++ b/doc/guides/cryptodevs/zsda.rst
@@ -13,14 +13,40 @@ support for the following hardware accelerator devices:
Features
--------
+The ZSDA SYM PMD has support for:
+
+Cipher algorithms:
+
+* ``RTE_CRYPTO_CIPHER_AES_XTS``
+* ``RTE_CRYPTO_CIPHER_SM4_XTS``
+
+Hash algorithms:
+
+* ``RTE_CRYPTO_AUTH_SHA1``
+* ``RTE_CRYPTO_AUTH_SHA224``
+* ``RTE_CRYPTO_AUTH_SHA256``
+* ``RTE_CRYPTO_AUTH_SHA384``
+* ``RTE_CRYPTO_AUTH_SHA512``
+* ``RTE_CRYPTO_AUTH_SM3``
+
Limitations
-----------
+* Only supports the session-oriented API implementation (session-less APIs are
+ not supported).
+* No BSD and Windows support.
+* Queue-pairs are thread-safe on Intel CPUs but Queues are not (that is, within
+ a single queue-pair all enqueues to the TX queue must be done from one thread
+ and all dequeues from the RX queue must be done from one thread, but enqueues
+ and dequeues may be done in different threads.)
+
Installation
------------
+The ZSDA crypto service is built by default with a standard DPDK build.
+
Testing
-------
diff --git a/doc/guides/rel_notes/release_25_07.rst
b/doc/guides/rel_notes/release_25_07.rst
index 093b85d206..8cd5d53ef3 100644
--- a/doc/guides/rel_notes/release_25_07.rst
+++ b/doc/guides/rel_notes/release_25_07.rst
@@ -56,6 +56,14 @@ New Features
=======================================================
+* **Added ZTE Storage Data Accelerator (ZSDA) crypto driver.**
+
+ Added a crypto driver for ZSDA devices
+ to support some encrypt, decrypt and hash algorithm.
+
+ See the :doc:`../cryptodevs/zsda` guide for more details on the new driver.
+
+
Removed Items
-------------
diff --git a/drivers/crypto/zsda/zsda_crypto_capabilities.h
b/drivers/crypto/zsda/zsda_crypto_capabilities.h
new file mode 100644
index 0000000000..d00bdd2468
--- /dev/null
+++ b/drivers/crypto/zsda/zsda_crypto_capabilities.h
@@ -0,0 +1,111 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2025 ZTE Corporation
+ */
+
+#ifndef _ZSDA_SYM_CAPABILITIES_H_
+#define _ZSDA_SYM_CAPABILITIES_H_
+
+static const struct rte_cryptodev_capabilities zsda_crypto_dev_capabilities[]
= {
+ {/* SHA1 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ { .auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA1,
+ .block_size = 64,
+ .key_size = {.min = 0, .max = 0, .increment =
0},
+ .digest_size = {.min = 20, .max = 20,
.increment = 2},
+ .iv_size = {0} },
+ } },
+ }
+ },
+ {/* SHA224 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ { .auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA224,
+ .block_size = 64,
+ .key_size = {.min = 0, .max = 0, .increment =
0},
+ .digest_size = {.min = 28, .max = 28,
.increment = 0},
+ .iv_size = {0} },
+ } },
+ }
+ },
+ {/* SHA256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ { .auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA256,
+ .block_size = 64,
+ .key_size = {.min = 0, .max = 0, .increment =
0},
+ .digest_size = {.min = 32, .max = 32,
.increment = 0},
+ .iv_size = {0} },
+ } },
+ }
+ },
+ {/* SHA384 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ { .auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA384,
+ .block_size = 128,
+ .key_size = {.min = 0, .max = 0, .increment =
0},
+ .digest_size = {.min = 48, .max = 48,
.increment = 0},
+ .iv_size = {0} },
+ } },
+ }
+ },
+ {/* SHA512 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ { .auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA512,
+ .block_size = 128,
+ .key_size = {.min = 0, .max = 0, .increment =
0},
+ .digest_size = {.min = 64, .max = 64,
.increment = 0},
+ .iv_size = {0} },
+ } },
+ }
+ },
+ {/* SM3 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ { .auth = {
+ .algo = RTE_CRYPTO_AUTH_SM3,
+ .block_size = 64,
+ .key_size = {.min = 0, .max = 0, .increment =
0},
+ .digest_size = {.min = 32, .max = 32,
.increment = 0},
+ .iv_size = {0} },
+ } },
+ }
+ },
+ {/* AES XTS */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ { .cipher = {
+ .algo = RTE_CRYPTO_CIPHER_AES_XTS,
+ .block_size = 16,
+ .key_size = {.min = 32, .max = 64, .increment =
32},
+ .iv_size = {.min = 16, .max = 16, .increment =
0} },
+ } },
+ }
+ },
+ {/* SM4 XTS */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ { .sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ { .cipher = {
+ .algo = RTE_CRYPTO_CIPHER_SM4_XTS,
+ .block_size = 16,
+ .key_size = {.min = 32, .max = 32, .increment =
0},
+ .iv_size = {.min = 16, .max = 16, .increment =
0} },
+ } },
+ }
+ }
+};
+#endif /* _ZSDA_SYM_CAPABILITIES_H_ */
diff --git a/drivers/crypto/zsda/zsda_crypto_pmd.c
b/drivers/crypto/zsda/zsda_crypto_pmd.c
index e2b22a881b..30f01faf61 100644
--- a/drivers/crypto/zsda/zsda_crypto_pmd.c
+++ b/drivers/crypto/zsda/zsda_crypto_pmd.c
@@ -7,6 +7,7 @@
#include "zsda_crypto_pmd.h"
#include "zsda_crypto_session.h"
#include "zsda_crypto.h"
+#include "zsda_crypto_capabilities.h"
uint8_t zsda_crypto_driver_id;
@@ -264,8 +265,11 @@ zsda_crypto_dev_create(struct zsda_pci_device
*zsda_pci_dev)
};
char name[RTE_CRYPTODEV_NAME_MAX_LEN];
+ char capa_memz_name[RTE_CRYPTODEV_NAME_MAX_LEN];
struct rte_cryptodev *cryptodev;
struct zsda_crypto_dev_private *crypto_dev_priv;
+ const struct rte_cryptodev_capabilities *capabilities;
+ uint64_t capa_size;
if (rte_eal_process_type() != RTE_PROC_PRIMARY)
return ZSDA_SUCCESS;
@@ -292,12 +296,35 @@ zsda_crypto_dev_create(struct zsda_pci_device
*zsda_pci_dev)
cryptodev->enqueue_burst = zsda_crypto_enqueue_op_burst;
cryptodev->dequeue_burst = zsda_crypto_dequeue_op_burst;
- cryptodev->feature_flags = 0;
+ cryptodev->feature_flags = RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO |
+ RTE_CRYPTODEV_FF_SYM_SESSIONLESS |
+ RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT |
+ RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT |
+ RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
+ RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |
+ RTE_CRYPTODEV_FF_HW_ACCELERATED;
+ capabilities = zsda_crypto_dev_capabilities;
crypto_dev_priv = cryptodev->data->dev_private;
crypto_dev_priv->zsda_pci_dev = zsda_pci_dev;
crypto_dev_priv->cryptodev = cryptodev;
+ capa_size = sizeof(zsda_crypto_dev_capabilities);
+
+ snprintf(capa_memz_name, RTE_CRYPTODEV_NAME_MAX_LEN,
"ZSDA_CRYPTO_CAPA");
+ crypto_dev_priv->capa_mz = rte_memzone_lookup(capa_memz_name);
+ if (crypto_dev_priv->capa_mz == NULL)
+ crypto_dev_priv->capa_mz = rte_memzone_reserve(
+ capa_memz_name, capa_size, rte_socket_id(), 0);
+
+ if (crypto_dev_priv->capa_mz == NULL) {
+ ZSDA_LOG(ERR, "Failed! crypto_dev_priv->capa_mz");
+ goto error;
+ }
+
+ memcpy(crypto_dev_priv->capa_mz->addr, capabilities, capa_size);
+ crypto_dev_priv->zsda_crypto_capabilities =
crypto_dev_priv->capa_mz->addr;
+
zsda_pci_dev->crypto_dev_priv = crypto_dev_priv;
return ZSDA_SUCCESS;
--
2.27.0
