[qemu.git] / backends / cryptodev-builtin.c

/*
 * QEMU Cryptodev backend for QEMU cipher APIs
 *
 * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
 *
 * Authors:
 *    Gonglei <[email protected]>
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
 *
 */

#include "qemu/osdep.h"
#include "sysemu/cryptodev.h"
#include "hw/boards.h"
#include "qapi/error.h"
#include "standard-headers/linux/virtio_crypto.h"
#include "crypto/cipher.h"


/**
 * @TYPE_CRYPTODEV_BACKEND_BUILTIN:
 * name of backend that uses QEMU cipher API
 */
#define TYPE_CRYPTODEV_BACKEND_BUILTIN "cryptodev-backend-builtin"

#define CRYPTODEV_BACKEND_BUILTIN(obj) \
    OBJECT_CHECK(CryptoDevBackendBuiltin, \
                 (obj), TYPE_CRYPTODEV_BACKEND_BUILTIN)

typedef struct CryptoDevBackendBuiltin
                         CryptoDevBackendBuiltin;

typedef struct CryptoDevBackendBuiltinSession {
    QCryptoCipher *cipher;
    uint8_t direction; /* encryption or decryption */
    uint8_t type; /* cipher? hash? aead? */
    QTAILQ_ENTRY(CryptoDevBackendBuiltinSession) next;
} CryptoDevBackendBuiltinSession;

/* Max number of symmetric sessions */
#define MAX_NUM_SESSIONS 256

#define CRYPTODEV_BUITLIN_MAX_AUTH_KEY_LEN    512
#define CRYPTODEV_BUITLIN_MAX_CIPHER_KEY_LEN  64

struct CryptoDevBackendBuiltin {
    CryptoDevBackend parent_obj;

    CryptoDevBackendBuiltinSession *sessions[MAX_NUM_SESSIONS];
};

static void cryptodev_builtin_init(
             CryptoDevBackend *backend, Error **errp)
{
    /* Only support one queue */
    int queues = backend->conf.peers.queues;
    CryptoDevBackendClient *cc;

    if (queues != 1) {
        error_setg(errp,
                  "Only support one queue in cryptdov-builtin backend");
        return;
    }

    cc = cryptodev_backend_new_client(
              "cryptodev-builtin", NULL);
    cc->info_str = g_strdup_printf("cryptodev-builtin0");
    cc->queue_index = 0;
    cc->type = CRYPTODEV_BACKEND_TYPE_BUILTIN;
    backend->conf.peers.ccs[0] = cc;

    backend->conf.crypto_services =
                         1u << VIRTIO_CRYPTO_SERVICE_CIPHER |
                         1u << VIRTIO_CRYPTO_SERVICE_HASH |
                         1u << VIRTIO_CRYPTO_SERVICE_MAC;
    backend->conf.cipher_algo_l = 1u << VIRTIO_CRYPTO_CIPHER_AES_CBC;
    backend->conf.hash_algo = 1u << VIRTIO_CRYPTO_HASH_SHA1;
    /*
     * Set the Maximum length of crypto request.
     * Why this value? Just avoid to overflow when
     * memory allocation for each crypto request.
     */
    backend->conf.max_size = LONG_MAX - sizeof(CryptoDevBackendSymOpInfo);
    backend->conf.max_cipher_key_len = CRYPTODEV_BUITLIN_MAX_CIPHER_KEY_LEN;
    backend->conf.max_auth_key_len = CRYPTODEV_BUITLIN_MAX_AUTH_KEY_LEN;

    cryptodev_backend_set_ready(backend, true);
}

static int
cryptodev_builtin_get_unused_session_index(
                 CryptoDevBackendBuiltin *builtin)
{
    size_t i;

    for (i = 0; i < MAX_NUM_SESSIONS; i++) {
        if (builtin->sessions[i] == NULL) {
            return i;
        }
    }

    return -1;
}

#define AES_KEYSIZE_128 16
#define AES_KEYSIZE_192 24
#define AES_KEYSIZE_256 32
#define AES_KEYSIZE_128_XTS AES_KEYSIZE_256
#define AES_KEYSIZE_256_XTS 64

static int
cryptodev_builtin_get_aes_algo(uint32_t key_len, int mode, Error **errp)
{
    int algo;

    if (key_len == AES_KEYSIZE_128) {
        algo = QCRYPTO_CIPHER_ALG_AES_128;
    } else if (key_len == AES_KEYSIZE_192) {
        algo = QCRYPTO_CIPHER_ALG_AES_192;
    } else if (key_len == AES_KEYSIZE_256) { /* equals AES_KEYSIZE_128_XTS */
        if (mode == QCRYPTO_CIPHER_MODE_XTS) {
            algo = QCRYPTO_CIPHER_ALG_AES_128;
        } else {
            algo = QCRYPTO_CIPHER_ALG_AES_256;
        }
    } else if (key_len == AES_KEYSIZE_256_XTS) {
        if (mode == QCRYPTO_CIPHER_MODE_XTS) {
            algo = QCRYPTO_CIPHER_ALG_AES_256;
        } else {
            goto err;
        }
    } else {
        goto err;
    }

    return algo;

err:
   error_setg(errp, "Unsupported key length :%u", key_len);
   return -1;
}

static int cryptodev_builtin_create_cipher_session(
                    CryptoDevBackendBuiltin *builtin,
                    CryptoDevBackendSymSessionInfo *sess_info,
                    Error **errp)
{
    int algo;
    int mode;
    QCryptoCipher *cipher;
    int index;
    CryptoDevBackendBuiltinSession *sess;

    if (sess_info->op_type != VIRTIO_CRYPTO_SYM_OP_CIPHER) {
        error_setg(errp, "Unsupported optype :%u", sess_info->op_type);
        return -1;
    }

    index = cryptodev_builtin_get_unused_session_index(builtin);
    if (index < 0) {
        error_setg(errp, "Total number of sessions created exceeds %u",
                  MAX_NUM_SESSIONS);
        return -1;
    }

    switch (sess_info->cipher_alg) {
    case VIRTIO_CRYPTO_CIPHER_AES_ECB:
        mode = QCRYPTO_CIPHER_MODE_ECB;
        algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
                                                    mode, errp);
        if (algo < 0)  {
            return -1;
        }
        break;
    case VIRTIO_CRYPTO_CIPHER_AES_CBC:
        mode = QCRYPTO_CIPHER_MODE_CBC;
        algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
                                                    mode, errp);
        if (algo < 0)  {
            return -1;
        }
        break;
    case VIRTIO_CRYPTO_CIPHER_AES_CTR:
        mode = QCRYPTO_CIPHER_MODE_CTR;
        algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
                                                    mode, errp);
        if (algo < 0)  {
            return -1;
        }
        break;
    case VIRTIO_CRYPTO_CIPHER_AES_XTS:
        mode = QCRYPTO_CIPHER_MODE_XTS;
        algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
                                                    mode, errp);
        if (algo < 0)  {
            return -1;
        }
        break;
    case VIRTIO_CRYPTO_CIPHER_3DES_ECB:
        mode = QCRYPTO_CIPHER_MODE_ECB;
        algo = QCRYPTO_CIPHER_ALG_3DES;
        break;
    case VIRTIO_CRYPTO_CIPHER_3DES_CBC:
        mode = QCRYPTO_CIPHER_MODE_CBC;
        algo = QCRYPTO_CIPHER_ALG_3DES;
        break;
    case VIRTIO_CRYPTO_CIPHER_3DES_CTR:
        mode = QCRYPTO_CIPHER_MODE_CTR;
        algo = QCRYPTO_CIPHER_ALG_3DES;
        break;
    default:
        error_setg(errp, "Unsupported cipher alg :%u",
                   sess_info->cipher_alg);
        return -1;
    }

    cipher = qcrypto_cipher_new(algo, mode,
                               sess_info->cipher_key,
                               sess_info->key_len,
                               errp);
    if (!cipher) {
        return -1;
    }

    sess = g_new0(CryptoDevBackendBuiltinSession, 1);
    sess->cipher = cipher;
    sess->direction = sess_info->direction;
    sess->type = sess_info->op_type;

    builtin->sessions[index] = sess;

    return index;
}

static int64_t cryptodev_builtin_sym_create_session(
           CryptoDevBackend *backend,
           CryptoDevBackendSymSessionInfo *sess_info,
           uint32_t queue_index, Error **errp)
{
    CryptoDevBackendBuiltin *builtin =
                      CRYPTODEV_BACKEND_BUILTIN(backend);
    int64_t session_id = -1;
    int ret;

    switch (sess_info->op_code) {
    case VIRTIO_CRYPTO_CIPHER_CREATE_SESSION:
        ret = cryptodev_builtin_create_cipher_session(
                           builtin, sess_info, errp);
        if (ret < 0) {
            return ret;
        } else {
            session_id = ret;
        }
        break;
    case VIRTIO_CRYPTO_HASH_CREATE_SESSION:
    case VIRTIO_CRYPTO_MAC_CREATE_SESSION:
    default:
        error_setg(errp, "Unsupported opcode :%" PRIu32 "",
                   sess_info->op_code);
        return -1;
    }

    return session_id;
}

static int cryptodev_builtin_sym_close_session(
           CryptoDevBackend *backend,
           uint64_t session_id,
           uint32_t queue_index, Error **errp)
{
    CryptoDevBackendBuiltin *builtin =
                      CRYPTODEV_BACKEND_BUILTIN(backend);

    if (session_id >= MAX_NUM_SESSIONS ||
              builtin->sessions[session_id] == NULL) {
        error_setg(errp, "Cannot find a valid session id: %" PRIu64 "",
                      session_id);
        return -1;
    }

    qcrypto_cipher_free(builtin->sessions[session_id]->cipher);
    g_free(builtin->sessions[session_id]);
    builtin->sessions[session_id] = NULL;
    return 0;
}

static int cryptodev_builtin_sym_operation(
                 CryptoDevBackend *backend,
                 CryptoDevBackendSymOpInfo *op_info,
                 uint32_t queue_index, Error **errp)
{
    CryptoDevBackendBuiltin *builtin =
                      CRYPTODEV_BACKEND_BUILTIN(backend);
    CryptoDevBackendBuiltinSession *sess;
    int ret;

    if (op_info->session_id >= MAX_NUM_SESSIONS ||
              builtin->sessions[op_info->session_id] == NULL) {
        error_setg(errp, "Cannot find a valid session id: %" PRIu64 "",
                   op_info->session_id);
        return -VIRTIO_CRYPTO_INVSESS;
    }

    if (op_info->op_type == VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING) {
        error_setg(errp,
               "Algorithm chain is unsupported for cryptdoev-builtin");
        return -VIRTIO_CRYPTO_NOTSUPP;
    }

    sess = builtin->sessions[op_info->session_id];

    if (op_info->iv_len > 0) {
        ret = qcrypto_cipher_setiv(sess->cipher, op_info->iv,
                                   op_info->iv_len, errp);
        if (ret < 0) {
            return -VIRTIO_CRYPTO_ERR;
        }
    }

    if (sess->direction == VIRTIO_CRYPTO_OP_ENCRYPT) {
        ret = qcrypto_cipher_encrypt(sess->cipher, op_info->src,
                                     op_info->dst, op_info->src_len, errp);
        if (ret < 0) {
            return -VIRTIO_CRYPTO_ERR;
        }
    } else {
        ret = qcrypto_cipher_decrypt(sess->cipher, op_info->src,
                                     op_info->dst, op_info->src_len, errp);
        if (ret < 0) {
            return -VIRTIO_CRYPTO_ERR;
        }
    }
    return VIRTIO_CRYPTO_OK;
}

static void cryptodev_builtin_cleanup(
             CryptoDevBackend *backend,
             Error **errp)
{
    CryptoDevBackendBuiltin *builtin =
                      CRYPTODEV_BACKEND_BUILTIN(backend);
    size_t i;
    int queues = backend->conf.peers.queues;
    CryptoDevBackendClient *cc;

    for (i = 0; i < MAX_NUM_SESSIONS; i++) {
        if (builtin->sessions[i] != NULL) {
            cryptodev_builtin_sym_close_session(
                    backend, i, 0, errp);
        }
    }

    for (i = 0; i < queues; i++) {
        cc = backend->conf.peers.ccs[i];
        if (cc) {
            cryptodev_backend_free_client(cc);
            backend->conf.peers.ccs[i] = NULL;
        }
    }

    cryptodev_backend_set_ready(backend, false);
}

static void
cryptodev_builtin_class_init(ObjectClass *oc, void *data)
{
    CryptoDevBackendClass *bc = CRYPTODEV_BACKEND_CLASS(oc);

    bc->init = cryptodev_builtin_init;
    bc->cleanup = cryptodev_builtin_cleanup;
    bc->create_session = cryptodev_builtin_sym_create_session;
    bc->close_session = cryptodev_builtin_sym_close_session;
    bc->do_sym_op = cryptodev_builtin_sym_operation;
}

static const TypeInfo cryptodev_builtin_info = {
    .name = TYPE_CRYPTODEV_BACKEND_BUILTIN,
    .parent = TYPE_CRYPTODEV_BACKEND,
    .class_init = cryptodev_builtin_class_init,
    .instance_size = sizeof(CryptoDevBackendBuiltin),
};

static void
cryptodev_builtin_register_types(void)
{
    type_register_static(&cryptodev_builtin_info);
}

type_init(cryptodev_builtin_register_types);
Commit	Line	Data
1653a5f3 GA	1	/*
	2	* QEMU Cryptodev backend for QEMU cipher APIs
	3	*
	4	* Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
	5	*
	6	* Authors:
	7	* Gonglei <[email protected]>
	8	*
	9	* This library is free software; you can redistribute it and/or
	10	* modify it under the terms of the GNU Lesser General Public
	11	* License as published by the Free Software Foundation; either
	12	* version 2 of the License, or (at your option) any later version.
	13	*
	14	* This library is distributed in the hope that it will be useful,
	15	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	16	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	17	* Lesser General Public License for more details.
	18	*
	19	* You should have received a copy of the GNU Lesser General Public
	20	* License along with this library; if not, see <http://www.gnu.org/licenses/>.
	21	*
	22	*/
	23
	24	#include "qemu/osdep.h"
	25	#include "sysemu/cryptodev.h"
	26	#include "hw/boards.h"
	27	#include "qapi/error.h"
	28	#include "standard-headers/linux/virtio_crypto.h"
	29	#include "crypto/cipher.h"
	30
	31
	32	/**
	33	* @TYPE_CRYPTODEV_BACKEND_BUILTIN:
	34	* name of backend that uses QEMU cipher API
	35	*/
	36	#define TYPE_CRYPTODEV_BACKEND_BUILTIN "cryptodev-backend-builtin"
	37
	38	#define CRYPTODEV_BACKEND_BUILTIN(obj) \
	39	OBJECT_CHECK(CryptoDevBackendBuiltin, \
	40	(obj), TYPE_CRYPTODEV_BACKEND_BUILTIN)
	41
	42	typedef struct CryptoDevBackendBuiltin
	43	CryptoDevBackendBuiltin;
	44
	45	typedef struct CryptoDevBackendBuiltinSession {
	46	QCryptoCipher *cipher;
	47	uint8_t direction; /* encryption or decryption */
	48	uint8_t type; /* cipher? hash? aead? */
	49	QTAILQ_ENTRY(CryptoDevBackendBuiltinSession) next;
	50	} CryptoDevBackendBuiltinSession;
	51
	52	/* Max number of symmetric sessions */
	53	#define MAX_NUM_SESSIONS 256
	54
	55	#define CRYPTODEV_BUITLIN_MAX_AUTH_KEY_LEN 512
	56	#define CRYPTODEV_BUITLIN_MAX_CIPHER_KEY_LEN 64
	57
	58	struct CryptoDevBackendBuiltin {
	59	CryptoDevBackend parent_obj;
	60
	61	CryptoDevBackendBuiltinSession *sessions[MAX_NUM_SESSIONS];
	62	};
	63
	64	static void cryptodev_builtin_init(
65	CryptoDevBackend backend, Error *errp)
66	{
67	/* Only support one queue */
68	int queues = backend->conf.peers.queues;
69	CryptoDevBackendClient *cc;
70
71	if (queues != 1) {
72	error_setg(errp,
73	"Only support one queue in cryptdov-builtin backend");
74	return;
75	}
76
77	cc = cryptodev_backend_new_client(
78	"cryptodev-builtin", NULL);
79	cc->info_str = g_strdup_printf("cryptodev-builtin0");
80	cc->queue_index = 0;
5da73dab	81	cc->type = CRYPTODEV_BACKEND_TYPE_BUILTIN;
1653a5f3 GA	82	backend->conf.peers.ccs[0] = cc;
	83
	84	backend->conf.crypto_services =
	85	1u << VIRTIO_CRYPTO_SERVICE_CIPHER \|
	86	1u << VIRTIO_CRYPTO_SERVICE_HASH \|
	87	1u << VIRTIO_CRYPTO_SERVICE_MAC;
	88	backend->conf.cipher_algo_l = 1u << VIRTIO_CRYPTO_CIPHER_AES_CBC;
	89	backend->conf.hash_algo = 1u << VIRTIO_CRYPTO_HASH_SHA1;
	90	/*
	91	* Set the Maximum length of crypto request.
	92	* Why this value? Just avoid to overflow when
	93	* memory allocation for each crypto request.
	94	*/
	95	backend->conf.max_size = LONG_MAX - sizeof(CryptoDevBackendSymOpInfo);
	96	backend->conf.max_cipher_key_len = CRYPTODEV_BUITLIN_MAX_CIPHER_KEY_LEN;
	97	backend->conf.max_auth_key_len = CRYPTODEV_BUITLIN_MAX_AUTH_KEY_LEN;
6138dbda GA	98
6138dbda GA	99	cryptodev_backend_set_ready(backend, true);
1653a5f3 GA	100	}
	101
	102	static int
	103	cryptodev_builtin_get_unused_session_index(
	104	CryptoDevBackendBuiltin *builtin)
	105	{
	106	size_t i;
	107
	108	for (i = 0; i < MAX_NUM_SESSIONS; i++) {
	109	if (builtin->sessions[i] == NULL) {
	110	return i;
	111	}
	112	}
	113
	114	return -1;
	115	}
	116
465f2fed LM	117	#define AES_KEYSIZE_128 16
	118	#define AES_KEYSIZE_192 24
	119	#define AES_KEYSIZE_256 32
	120	#define AES_KEYSIZE_128_XTS AES_KEYSIZE_256
	121	#define AES_KEYSIZE_256_XTS 64
	122
1653a5f3	123	static int
465f2fed	124	cryptodev_builtin_get_aes_algo(uint32_t key_len, int mode, Error **errp)
1653a5f3 GA	125	{
	126	int algo;
	127
465f2fed	128	if (key_len == AES_KEYSIZE_128) {
1653a5f3	129	algo = QCRYPTO_CIPHER_ALG_AES_128;
465f2fed	130	} else if (key_len == AES_KEYSIZE_192) {
1653a5f3	131	algo = QCRYPTO_CIPHER_ALG_AES_192;
465f2fed LM	132	} else if (key_len == AES_KEYSIZE_256) { /* equals AES_KEYSIZE_128_XTS */
	133	if (mode == QCRYPTO_CIPHER_MODE_XTS) {
	134	algo = QCRYPTO_CIPHER_ALG_AES_128;
	135	} else {
	136	algo = QCRYPTO_CIPHER_ALG_AES_256;
	137	}
	138	} else if (key_len == AES_KEYSIZE_256_XTS) {
	139	if (mode == QCRYPTO_CIPHER_MODE_XTS) {
	140	algo = QCRYPTO_CIPHER_ALG_AES_256;
	141	} else {
	142	goto err;
	143	}
1653a5f3	144	} else {
465f2fed	145	goto err;
1653a5f3 GA	146	}
	147
	148	return algo;
465f2fed LM	149
	150	err:
	151	error_setg(errp, "Unsupported key length :%u", key_len);
	152	return -1;
1653a5f3 GA	153	}
	154
	155	static int cryptodev_builtin_create_cipher_session(
	156	CryptoDevBackendBuiltin *builtin,
	157	CryptoDevBackendSymSessionInfo *sess_info,
	158	Error **errp)
	159	{
	160	int algo;
	161	int mode;
	162	QCryptoCipher *cipher;
	163	int index;
	164	CryptoDevBackendBuiltinSession *sess;
	165
	166	if (sess_info->op_type != VIRTIO_CRYPTO_SYM_OP_CIPHER) {
	167	error_setg(errp, "Unsupported optype :%u", sess_info->op_type);
	168	return -1;
	169	}
	170
	171	index = cryptodev_builtin_get_unused_session_index(builtin);
	172	if (index < 0) {
	173	error_setg(errp, "Total number of sessions created exceeds %u",
	174	MAX_NUM_SESSIONS);
	175	return -1;
	176	}
	177
	178	switch (sess_info->cipher_alg) {
	179	case VIRTIO_CRYPTO_CIPHER_AES_ECB:
465f2fed	180	mode = QCRYPTO_CIPHER_MODE_ECB;
1653a5f3	181	algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
465f2fed	182	mode, errp);
1653a5f3 GA	183	if (algo < 0) {
	184	return -1;
	185	}
1653a5f3 GA	186	break;
1653a5f3 GA	187	case VIRTIO_CRYPTO_CIPHER_AES_CBC:
465f2fed	188	mode = QCRYPTO_CIPHER_MODE_CBC;
1653a5f3	189	algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
465f2fed	190	mode, errp);
1653a5f3 GA	191	if (algo < 0) {
	192	return -1;
	193	}
1653a5f3 GA	194	break;
1653a5f3 GA	195	case VIRTIO_CRYPTO_CIPHER_AES_CTR:
465f2fed	196	mode = QCRYPTO_CIPHER_MODE_CTR;
1653a5f3	197	algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
465f2fed	198	mode, errp);
1653a5f3 GA	199	if (algo < 0) {
	200	return -1;
	201	}
1653a5f3	202	break;
eaa57403 LM	203	case VIRTIO_CRYPTO_CIPHER_AES_XTS:
	204	mode = QCRYPTO_CIPHER_MODE_XTS;
	205	algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
	206	mode, errp);
	207	if (algo < 0) {
	208	return -1;
	209	}
	210	break;
48ae36c0 LM	211	case VIRTIO_CRYPTO_CIPHER_3DES_ECB:
	212	mode = QCRYPTO_CIPHER_MODE_ECB;
	213	algo = QCRYPTO_CIPHER_ALG_3DES;
	214	break;
	215	case VIRTIO_CRYPTO_CIPHER_3DES_CBC:
	216	mode = QCRYPTO_CIPHER_MODE_CBC;
	217	algo = QCRYPTO_CIPHER_ALG_3DES;
	218	break;
	219	case VIRTIO_CRYPTO_CIPHER_3DES_CTR:
	220	mode = QCRYPTO_CIPHER_MODE_CTR;
	221	algo = QCRYPTO_CIPHER_ALG_3DES;
	222	break;
1653a5f3 GA	223	default:
	224	error_setg(errp, "Unsupported cipher alg :%u",
	225	sess_info->cipher_alg);
	226	return -1;
	227	}
	228
	229	cipher = qcrypto_cipher_new(algo, mode,
	230	sess_info->cipher_key,
	231	sess_info->key_len,
	232	errp);
	233	if (!cipher) {
	234	return -1;
	235	}
	236
	237	sess = g_new0(CryptoDevBackendBuiltinSession, 1);
	238	sess->cipher = cipher;
	239	sess->direction = sess_info->direction;
	240	sess->type = sess_info->op_type;
	241
	242	builtin->sessions[index] = sess;
	243
	244	return index;
	245	}
	246
	247	static int64_t cryptodev_builtin_sym_create_session(
	248	CryptoDevBackend *backend,
	249	CryptoDevBackendSymSessionInfo *sess_info,
	250	uint32_t queue_index, Error **errp)
	251	{
	252	CryptoDevBackendBuiltin *builtin =
	253	CRYPTODEV_BACKEND_BUILTIN(backend);
	254	int64_t session_id = -1;
	255	int ret;
	256
	257	switch (sess_info->op_code) {
	258	case VIRTIO_CRYPTO_CIPHER_CREATE_SESSION:
	259	ret = cryptodev_builtin_create_cipher_session(
	260	builtin, sess_info, errp);
	261	if (ret < 0) {
	262	return ret;
	263	} else {
	264	session_id = ret;
	265	}
	266	break;
	267	case VIRTIO_CRYPTO_HASH_CREATE_SESSION:
	268	case VIRTIO_CRYPTO_MAC_CREATE_SESSION:
	269	default:
	270	error_setg(errp, "Unsupported opcode :%" PRIu32 "",
	271	sess_info->op_code);
	272	return -1;
	273	}
	274
	275	return session_id;
	276	}
	277
	278	static int cryptodev_builtin_sym_close_session(
	279	CryptoDevBackend *backend,
	280	uint64_t session_id,
	281	uint32_t queue_index, Error **errp)
	282	{
	283	CryptoDevBackendBuiltin *builtin =
	284	CRYPTODEV_BACKEND_BUILTIN(backend);
	285
	286	if (session_id >= MAX_NUM_SESSIONS \|\|
287	builtin->sessions[session_id] == NULL) {
288	error_setg(errp, "Cannot find a valid session id: %" PRIu64 "",
289	session_id);
290	return -1;
291	}
292
293	qcrypto_cipher_free(builtin->sessions[session_id]->cipher);
294	g_free(builtin->sessions[session_id]);
295	builtin->sessions[session_id] = NULL;
296	return 0;
297	}
298
299	static int cryptodev_builtin_sym_operation(
300	CryptoDevBackend *backend,
301	CryptoDevBackendSymOpInfo *op_info,
302	uint32_t queue_index, Error **errp)
303	{
304	CryptoDevBackendBuiltin *builtin =
305	CRYPTODEV_BACKEND_BUILTIN(backend);
306	CryptoDevBackendBuiltinSession *sess;
307	int ret;
308
309	if (op_info->session_id >= MAX_NUM_SESSIONS \|\|
310	builtin->sessions[op_info->session_id] == NULL) {
311	error_setg(errp, "Cannot find a valid session id: %" PRIu64 "",
312	op_info->session_id);
313	return -VIRTIO_CRYPTO_INVSESS;
314	}
315
316	if (op_info->op_type == VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING) {
317	error_setg(errp,
318	"Algorithm chain is unsupported for cryptdoev-builtin");
319	return -VIRTIO_CRYPTO_NOTSUPP;
320	}
321
322	sess = builtin->sessions[op_info->session_id];
323
50d19cf3 LM	324	if (op_info->iv_len > 0) {
	325	ret = qcrypto_cipher_setiv(sess->cipher, op_info->iv,
	326	op_info->iv_len, errp);
	327	if (ret < 0) {
	328	return -VIRTIO_CRYPTO_ERR;
	329	}
1653a5f3 GA	330	}
	331
	332	if (sess->direction == VIRTIO_CRYPTO_OP_ENCRYPT) {
	333	ret = qcrypto_cipher_encrypt(sess->cipher, op_info->src,
	334	op_info->dst, op_info->src_len, errp);
	335	if (ret < 0) {
	336	return -VIRTIO_CRYPTO_ERR;
	337	}
	338	} else {
	339	ret = qcrypto_cipher_decrypt(sess->cipher, op_info->src,
	340	op_info->dst, op_info->src_len, errp);
	341	if (ret < 0) {
	342	return -VIRTIO_CRYPTO_ERR;
	343	}
	344	}
	345	return VIRTIO_CRYPTO_OK;
	346	}
	347
	348	static void cryptodev_builtin_cleanup(
	349	CryptoDevBackend *backend,
	350	Error **errp)
	351	{
	352	CryptoDevBackendBuiltin *builtin =
	353	CRYPTODEV_BACKEND_BUILTIN(backend);
	354	size_t i;
	355	int queues = backend->conf.peers.queues;
	356	CryptoDevBackendClient *cc;
	357
	358	for (i = 0; i < MAX_NUM_SESSIONS; i++) {
	359	if (builtin->sessions[i] != NULL) {
	360	cryptodev_builtin_sym_close_session(
	361	backend, i, 0, errp);
	362	}
	363	}
	364
1653a5f3 GA	365	for (i = 0; i < queues; i++) {
	366	cc = backend->conf.peers.ccs[i];
	367	if (cc) {
	368	cryptodev_backend_free_client(cc);
	369	backend->conf.peers.ccs[i] = NULL;
	370	}
	371	}
6138dbda GA	372
6138dbda GA	373	cryptodev_backend_set_ready(backend, false);
1653a5f3 GA	374	}
	375
	376	static void
	377	cryptodev_builtin_class_init(ObjectClass oc, void data)
	378	{
	379	CryptoDevBackendClass *bc = CRYPTODEV_BACKEND_CLASS(oc);
	380
	381	bc->init = cryptodev_builtin_init;
	382	bc->cleanup = cryptodev_builtin_cleanup;
	383	bc->create_session = cryptodev_builtin_sym_create_session;
	384	bc->close_session = cryptodev_builtin_sym_close_session;
	385	bc->do_sym_op = cryptodev_builtin_sym_operation;
	386	}
	387
	388	static const TypeInfo cryptodev_builtin_info = {
	389	.name = TYPE_CRYPTODEV_BACKEND_BUILTIN,
	390	.parent = TYPE_CRYPTODEV_BACKEND,
	391	.class_init = cryptodev_builtin_class_init,
	392	.instance_size = sizeof(CryptoDevBackendBuiltin),
	393	};
	394
	395	static void
	396	cryptodev_builtin_register_types(void)
	397	{
	398	type_register_static(&cryptodev_builtin_info);
	399	}
	400
	401	type_init(cryptodev_builtin_register_types);