[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v15 0/2] virtio-crypto: virtio crypto device spe
From: |
Gonglei (Arei) |
Subject: |
Re: [Qemu-devel] [PATCH v15 0/2] virtio-crypto: virtio crypto device specification |
Date: |
Wed, 4 Jan 2017 10:10:05 +0000 |
Hi all,
I attach the diff files between v14 and v15 for better review.
diff --git a/virtio-crypto.tex b/virtio-crypto.tex
index 9f7faf0..884ee95 100644
--- a/virtio-crypto.tex
+++ b/virtio-crypto.tex
@@ -2,8 +2,8 @@
The virtio crypto device is a virtual cryptography device as well as a kind of
virtual hardware accelerator for virtual machines. The encryption and
-decryption requests are placed in the data queue and are ultimately handled by
the
-backend crypto accelerators. The second queue is the control queue used to
create
+decryption requests are placed in any of the data active queues and are
ultimately handled by the
+backend crypto accelerators. The second kind of queue is the control queue
used to create
or destroy sessions for symmetric algorithms and will control some advanced
features in the future. The virtio crypto device provides the following crypto
services: CIPHER, MAC, HASH, and AEAD.
@@ -26,7 +26,7 @@ N is set by \field{max_dataqueues}.
\subsection{Feature bits}\label{sec:Device Types / Crypto Device / Feature
bits}
-Undefined currently.
+None currently defined.
\subsection{Device configuration layout}\label{sec:Device Types / Crypto
Device / Device configuration layout}
@@ -54,13 +54,14 @@ struct virtio_crypto_config {
};
\end{lstlisting}
-The value of the \field{status} field is VIRTIO_CRYPTO_S_HW_READY or
VIRTIO_CRYPTO_S_STARTED.
+The value of the \field{status} field is VIRTIO_CRYPTO_S_HW_READY or
~VIRTIO_CRYPTO_S_HW_READY.
\begin{lstlisting}
#define VIRTIO_CRYPTO_S_HW_READY (1 << 0)
-#define VIRTIO_CRYPTO_S_STARTED (1 << 1)
\end{lstlisting}
+The VIRTIO_CRYPTO_S_HW_READY flag is used to show whether the hardware is
ready to work or not.
+
The following driver-read-only fields include \field{max_dataqueues}, which
specifies the
maximum number of data virtqueues (dataq1\ldots dataqN), and
\field{crypto_services},
which indicates the crypto services the virtio crypto supports.
@@ -172,7 +173,7 @@ Any other value is reserved for future use.
\item The driver MUST read the ready \field{status} from the bottom bit of
status to check whether the hardware-backed
implementation is ready or not, and the driver MUST reread it after the
device reset.
\item The driver MUST NOT transmit any packets to the device if the ready
\field{status} is not set.
-\item The driver MAY read \field{max_dataqueues} field to discover the number
of data queues the device supports.
+\item The driver MUST read \field{max_dataqueues} field to discover the number
of data queues the device supports.
\item The driver MUST read \field{crypto_services} field to discover which
services the device is able to offer.
\item The driver MUST read the detailed algorithms fields based on
\field{crypto_services} field.
\item The driver SHOULD read \field{max_size} to discover the maximum size of
crypto request the device supports.
===============The below diff shows the changes of add non-session mode support:
diff --git a/virtio-crypto.tex b/virtio-crypto.tex
index 884ee95..44819f9 100644
--- a/virtio-crypto.tex
+++ b/virtio-crypto.tex
@@ -26,7 +26,10 @@ N is set by \field{max_dataqueues}.
\subsection{Feature bits}\label{sec:Device Types / Crypto Device / Feature
bits}
-None currently defined.
+VIRTIO_CRYPTO_F_CIPHER_SESSION_MODE (1) Session mode is available for CIPHER
service.
+VIRTIO_CRYPTO_F_HASH_SESSION_MODE (2) Session mode is available for HASH
service.
+VIRTIO_CRYPTO_F_MAC_SESSION_MODE (3) Session mode is available for MAC service.
+VIRTIO_CRYPTO_F_AEAD_SESSION_MODE (4) Session mode is available for AEAD
service.
\subsection{Device configuration layout}\label{sec:Device Types / Crypto
Device / Device configuration layout}
@@ -208,6 +211,9 @@ Operation parameters are algorithm-specific parameters,
output data is the
data that should be utilized in operations, and input data is equal to
"operation result + result data".
+The device can support both session mode (See \ref{sec:Device Types / Crypto
Device / Device Operation / Control Virtqueue / Session operation}) and
non-session mode, for example,
+As VIRTIO_CRYPTO_F_CIPHER_SESSION feature bit is negotiated, the driver can
use session mode for CIPHER service, otherwise it can only use non-session mode.
+
\begin{note}
The basic unit of all data length the byte.
\end{note}
@@ -263,6 +269,8 @@ struct virtio_crypto_op_header {
le32 algo;
/* session_id should be service-specific algorithms */
le64 session_id;
+#define VIRTIO_CRYPTO_FLAG_SESSION_MODE 1
+#define VIRTIO_CRYPTO_FLAG_NONE_SESSION_MODE 2
/* control flag to control the request */
le32 flag;
le32 padding;
@@ -501,11 +509,11 @@ struct virtio_crypto_aead_session_para {
le32 algo;
/* length of key */
le32 key_len;
- /* hash result length */
- le32 hash_result_len;
+ /* Authentication tag length */
+ le32 tag_len;
/* The length of the additional authenticated data (AAD) in bytes */
le32 aad_len;
- /* encryption or decryption, See above VIRTIO_CRYPTO_* */
+ /* encryption or decryption, See above VIRTIO_CRYPTO_OP_* */
le32 op;
le32 padding;
};
@@ -588,10 +596,16 @@ struct virtio_crypto_inhdr {
\begin{lstlisting}
struct virtio_crypto_hash_para {
+ struct {
+ /* See VIRTIO_CRYPTO_HASH_* above */
+ le32 algo;
+ } sess_para;
+
/* length of source data */
le32 src_data_len;
/* hash result length */
le32 hash_result_len;
+ le32 reserved;
};
struct virtio_crypto_hash_data_req {
@@ -617,9 +631,11 @@ The output data here includes the source data and the
input data includes the ha
\drivernormative{\paragraph}{HASH Service Operation}{Device Types / Crypto
Device / Device Operation / HASH Service Operation}
\begin{itemize*}
-\item The driver MUST set the \field{session_id} in struct
virtio_crypto_op_header to a valid value which assigned by the device when a
session is created.
+\item If the VIRTIO_CRYPTO_F_HASH_SESSION_MODE feature bit is negotiated and
the driver uses the session mode, then the driver MUST set the
\field{session_id} in struct virtio_crypto_op_header
+ to a valid value which assigned by the device when a session is created
and MUST set \field{flag} field to VIRTIO_CRYPTO_FLAG_SESSION_MODE.
+\item If the VIRTIO_CRYPTO_F_HASH_SESSION_MODE feature bit is not negotiated
or the driver doesn't use the session mode, then the driver MUST set
\field{flag} field in struct virtio_crypto_op_header
+ to VIRTIO_CRYPTO_FLAG_SESSION_NONE_MODE and MUST set fields in struct
virtio_crypto_hash_para.sess_para.
\item The driver MUST set \field{opcode} in struct virtio_crypto_op_header to
VIRTIO_CRYPTO_HASH.
-\item The driver MUST set the \field{queue_id} field to show used dataq in
struct virtio_crypto_op_header.
\end{itemize*}
\devicenormative{\paragraph}{HASH Service Operation}{Device Types / Crypto
Device / Device Operation / HASH Service Operation}
@@ -633,12 +649,24 @@ The output data here includes the source data and the
input data includes the ha
\begin{lstlisting}
struct virtio_crypto_mac_para {
- struct virtio_crypto_hash_para hash;
+ struct {
+ /* See VIRTIO_CRYPTO_MAC_* above */
+ le32 algo;
+ /* length of authenticated key */
+ le32 auth_key_len;
+ } sess_para;
+
+ /* length of source data */
+ le32 src_data_len;
+ /* hash result length */
+ le32 hash_result_len;
};
struct virtio_crypto_mac_data_req {
/* Device-readable part */
struct virtio_crypto_mac_para para;
+ /* The authenticated key */
+ u8 auth_key[auth_key_len];
/* Source data */
u8 src_data[src_data_len];
@@ -659,9 +687,11 @@ The output data here includes the source data and the
input data includes the ha
\drivernormative{\paragraph}{MAC Service Operation}{Device Types / Crypto
Device / Device Operation / MAC Service Operation}
\begin{itemize*}
-\item The driver MUST set the \field{session_id} in struct
virtio_crypto_op_header to a valid value which assigned by the device when a
session is created.
+\item If the VIRTIO_CRYPTO_F_MAC_SESSION_MODE feature bit is negotiated and
the driver uses the session mode, then the driver MUST set the
\field{session_id} in struct virtio_crypto_op_header
+ to a valid value which assigned by the device when a session is created
and MUST set \field{flag} field to VIRTIO_CRYPTO_FLAG_SESSION_MODE.
+\item If the VIRTIO_CRYPTO_F_MAC_SESSION_MODE feature bit is not negotiated or
the driver doesn't use the session mode, then the driver MUST set \field{flag}
field in struct virtio_crypto_op_header
+ to VIRTIO_CRYPTO_FLAG_SESSION_NONE_MODE and MUST set fields in struct
virtio_crypto_mac_para.sess_para.
\item The driver MUST set \field{opcode} in struct virtio_crypto_op_header to
VIRTIO_CRYPTO_MAC.
-\item The driver MUST set the \field{queue_id} field to show used dataq in
struct virtio_crypto_op_header.
\end{itemize*}
\devicenormative{\paragraph}{MAC Service Operation}{Device Types / Crypto
Device / Device Operation / MAC Service Operation}
@@ -677,6 +707,16 @@ The packet of plain CIPHER service is as follows:
\begin{lstlisting}
struct virtio_crypto_cipher_para {
+ struct {
+ /* See VIRTIO_CRYPTO_CIPHER* above */
+ le32 algo;
+ /* length of key */
+ le32 keylen;
+
+ /* See VIRTIO_CRYPTO_OP_* above */
+ le32 op;
+ } sess_para;
+
/*
* Byte Length of valid IV/Counter data pointed to by the below iv data.
*
@@ -691,12 +731,13 @@ struct virtio_crypto_cipher_para {
le32 src_data_len;
/* length of destination data */
le32 dst_data_len;
- le32 padding;
};
struct virtio_crypto_cipher_data_req {
/* Device-readable part */
struct virtio_crypto_cipher_para para;
+ /* The cipher key */
+ u8 cipher_key[keylen];
/*
* Initialization Vector or Counter data.
*
@@ -724,6 +765,31 @@ The packet of algorithm chaining is as follows:
\begin{lstlisting}
struct virtio_crypto_alg_chain_data_para {
+ struct {
+ /* See VIRTIO_CRYPTO_SYM_ALG_CHAIN_ORDER_* above */
+ le32 alg_chain_order;
+ /* length of the additional authenticated data in bytes */
+ le32 aad_len;
+
+ struct {
+ /* See VIRTIO_CRYPTO_CIPHER* above */
+ le32 algo;
+ /* length of key */
+ le32 keylen;
+ /* See VIRTIO_CRYPTO_OP_* above */
+ le32 op;
+ } cipher;
+
+ struct {
+ /* See VIRTIO_CRYPTO_HASH_* or VIRTIO_CRYPTO_MAC_* above */
+ le32 algo;
+ /* length of authenticated key */
+ le32 auth_key_len;
+ /* See VIRTIO_CRYPTO_SYM_HASH_MODE_* above */
+ le32 hash_mode;
+ } hash;
+ } sess_para;
+
le32 iv_len;
/* Length of source data */
le32 src_data_len;
@@ -747,6 +813,10 @@ struct virtio_crypto_alg_chain_data_para {
struct virtio_crypto_alg_chain_data_req {
/* Device-readable part */
struct virtio_crypto_alg_chain_data_para para;
+ /* The cipher key */
+ u8 cipher_key[keylen];
+ /* The auth key */
+ u8 auth_key[auth_key_len];
/* Initialization Vector or Counter data */
u8 iv[iv_len];
/* Source data */
@@ -783,11 +853,11 @@ struct virtio_crypto_sym_data_req {
Each data request uses virtio_crypto_sym_data_req structure to store
information
used to run the CIPHER operations.
-The information includes the hash parameters stored by \field{para}, output
data and input data.
+The information includes the cipher parameters stored by \field{para}, output
data and input data.
In the first virtio_crypto_cipher_para structure, \field{iv_len} specifies the
length of the initialization vector or counter,
\field{src_data_len} specifies the length of the source data, and
\field{dst_data_len} specifies the
length of the destination data.
-For plain CIPHER operations, the output data here includes the IV/Counter data
and source data, and the input data includes the destination data used to save
the results of the CIPHER operations.
+For plain CIPHER operations, the output data here includes the IV/Counter data
and source data, and the input data includes the destination data used to save
the results of the CIPHER operations.
For algorithms chain, the output data here includes the IV/Counter data,
source data and additional authenticated data if exists.
The input data includes both destination data and hash result data used to
store the results of the HASH/MAC operations.
@@ -796,21 +866,24 @@ The input data includes both destination data and hash
result data used to store
\drivernormative{\paragraph}{Symmetric algorithms Operation}{Device Types /
Crypto Device / Device Operation / Symmetric algorithms Operation}
\begin{itemize*}
-\item The driver MUST set the \field{session_id} in struct
virtio_crypto_op_header to a valid value which assigned by the device when a
session is created.
+\item If the VIRTIO_CRYPTO_F_CIPHER_SESSION_MODE feature bit is negotiated and
the driver uses the session mode, then the driver MUST set the
\field{session_id} in struct virtio_crypto_op_header
+ to a valid value which assigned by the device when a session is created
and MUST set \field{flag} field to VIRTIO_CRYPTO_FLAG_SESSION_MODE.
+\item If the VIRTIO_CRYPTO_F_CIPHER_SESSION_MODE feature bit is not negotiated
or the driver doesn't use the session mode, then the driver MUST set
\field{flag} field in struct virtio_crypto_op_header
+ to VIRTIO_CRYPTO_FLAG_SESSION_NONE_MODE and MUST set fields in struct
virtio_crypto_cipher_para.sess_para or struct
virtio_crypto_alg_chain_data_para.sess_para.
\item The driver MUST set \field{opcode} in struct virtio_crypto_op_header to
VIRTIO_CRYPTO_CIPHER_ENCRYPT or VIRTIO_CRYPTO_CIPHER_DECRYPT.
-\item The driver MUST set the \field{queue_id} field to show used dataq in
struct virtio_crypto_op_header.
-\item The driver MUST specify the fields of struct
virtio_crypto_cipher_data_req in struct virtio_crypto_sym_data_req if the
created session is based on VIRTIO_CRYPTO_SYM_OP_CIPHER.
-\item The driver MUST specify the fields of both struct
virtio_crypto_cipher_data_req and struct virtio_crypto_mac_data_req in struct
virtio_crypto_sym_data_req if the created session
-\item is of the VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING type and in the
VIRTIO_CRYPTO_SYM_HASH_MODE_AUTH mode.
+\item The driver MUST specify the fields of struct
virtio_crypto_cipher_data_req in struct virtio_crypto_sym_data_req if the
packet is based on VIRTIO_CRYPTO_SYM_OP_CIPHER.
+\item The driver MUST specify the fields of both struct
virtio_crypto_cipher_data_req and struct virtio_crypto_mac_data_req in struct
virtio_crypto_sym_data_req if the packet
+ is of the VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING type and in the
VIRTIO_CRYPTO_SYM_HASH_MODE_AUTH mode.
\end{itemize*}
\devicenormative{\paragraph}{Symmetric algorithms Operation}{Device Types /
Crypto Device / Device Operation / Symmetric algorithms Operation}
\begin{itemize*}
+\item The device MUST parse \field{flag} field in struct
virtio_crypto_op_header in order to decide which mode the driver uses.
\item The device MUST parse the virtio_crypto_sym_data_req based on the
\field{opcode} in general header.
-\item The device SHOULD only parse fields of struct
virtio_crypto_cipher_data_req in struct virtio_crypto_sym_data_req if the
created session is VIRTIO_CRYPTO_SYM_OP_CIPHER type.
-\item The device MUST parse fields of both struct
virtio_crypto_cipher_data_req and struct virtio_crypto_mac_data_req in struct
virtio_crypto_sym_data_req if the created
-session is of the VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING operation type and
in the VIRTIO_CRYPTO_SYM_HASH_MODE_AUTH mode.
+\item The device SHOULD only parse fields of struct
virtio_crypto_cipher_data_req in struct virtio_crypto_sym_data_req if the
packet is VIRTIO_CRYPTO_SYM_OP_CIPHER type.
+\item The device MUST parse fields of both struct
virtio_crypto_cipher_data_req and struct virtio_crypto_mac_data_req in struct
virtio_crypto_sym_data_req if the packet
+ is of the VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING operation type and in
the VIRTIO_CRYPTO_SYM_HASH_MODE_AUTH mode.
\item The device MUST copy the result of cryptographic operation to the
dst_data[] in both plain CIPHER mode and algorithms chain mode.
\item The device MUST check the \field{para}.\field{add_len} is bigger than 0
before parse the additional authenticated data in plain algorithms chain mode.
\item The device MUST copy the result of HASH/MAC operation to the
hash_result[] is of the VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING type.
@@ -819,7 +892,7 @@ session is of the VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING
operation type and in
\paragraph{Steps of Operation}\label{sec:Device Types / Crypto Device / Device
Operation / Symmetric algorithms Operation / Steps of Operation}
-\subparagraph{Step1: Create session}\label{sec:Device Types / Crypto Device /
Device Operation / Symmetric algorithms Operation / Steps of Operation / Step1:
Create session}
+\subparagraph{Step1: Create session}\label{sec:Device Types / Crypto Device /
Device Operation / Symmetric algorithms Operation / Steps of Operation / Step1:
Create session if using session mode}
\begin{enumerate}
\item The driver specifies information in struct virtio_crypto_op_ctrl_req,
including the algorithm name, key, keylen etc;
@@ -848,7 +921,7 @@ session is of the VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING
operation type and in
\item The device sets the \field{status} in struct virtio_crypto_inhdr;
\item The device updates and flushes the Used Ring to return the cryptographic
results to the driver;
\item The device notifies the driver (Or the driver actively polls the dataq's
Used Ring);
-\item The driver saves the cryptographic result.
+\item The driver saves the cryptographic results.
\end{enumerate}
\begin{note}
@@ -862,6 +935,15 @@ session is of the VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING
operation type and in
\begin{lstlisting}
struct virtio_crypto_aead_para {
+ struct {
+ /* See VIRTIO_CRYPTO_AEAD_* above */
+ le32 algo;
+ /* length of key */
+ le32 key_len;
+ /* encrypt or decrypt, See above VIRTIO_CRYPTO_OP_* */
+ le32 op;
+ } sess_para;
+
/*
* Byte Length of valid IV data.
*
@@ -871,20 +953,21 @@ struct virtio_crypto_aead_para {
* range 7 to 13 inclusive.
*/
le32 iv_len;
+ /* Authentication tag length */
+ le32 tag_len;
/* length of additional auth data */
le32 aad_len;
/* length of source data */
le32 src_data_len;
- /* length of dst data */
+ /* length of dst data, this should be at least src_data_len + tag_len */
le32 dst_data_len;
- /* Length of the hash result */
- le32 hash_result_len;
- le32 reserver;
};
struct virtio_crypto_aead_data_req {
/* Device-readable part */
struct virtio_crypto_aead_para para;
+ /* The cipher key */
+ u8 key[key_len];
/*
* Initialization Vector data.
*
@@ -906,10 +989,9 @@ struct virtio_crypto_aead_data_req {
u8 aad[aad_len];
/* Device-writable part */
- /* Destination data */
+ /* Pointer to output data */
u8 dst_data[dst_data_len];
- /* Hash result data */
- u8 hash_result[hash_result_len];
+
struct virtio_crypto_inhdr inhdr;
};
\end{lstlisting}
@@ -918,10 +1000,9 @@ Each data request uses virtio_crypto_aead_data_req
structure to store informatio
used to run the AEAD operations.
The information includes the hash parameters stored by \field{para}, output
data and input data.
-In the first virtio_crypto_aead_para structure, \field{iv_len} specifies the
length of the initialization vector.
+In the first virtio_crypto_aead_para structure, \field{iv_len} specifies the
length of the initialization vector. \field{tag_len} specifies the length of
the authentication tag;
\field{aad_len} specifies the length of additional authentication data,
\field{src_data_len} specifies the
-length of the source data; \field{dst_data_len} specifies the length of the
destination data.
-The output data here includes the IV data and source data, and the input data
includes the destination data used to save the results of the CIPHER operations.
+length of the source data; \field{dst_data_len} specifies the length of the
destination data, which is at least \field{src_data_len} + \field{tag_len}.
The output data here includes the IV/Counter data, source data and additional
authenticated data if exists.
The input data includes both destination data used to save the results of the
AEAD operations.
@@ -930,9 +1011,11 @@ The input data includes both destination data used to
save the results of the AE
\drivernormative{\paragraph}{AEAD Service Operation}{Device Types / Crypto
Device / Device Operation / AEAD Service Operation}
\begin{itemize*}
-\item The driver MUST set the \field{session_id} in struct
virtio_crypto_op_header to a valid value which assigned by the device when a
session is created.
+\item If the VIRTIO_CRYPTO_F_AEAD_SESSION_MODE feature bit is negotiated and
the driver uses the session mode, then the driver MUST set the
\field{session_id} in struct virtio_crypto_op_header
+ to a valid value which assigned by the device when a session is created
and MUST set \field{flag} field to VIRTIO_CRYPTO_FLAG_SESSION_MODE.
+\item If the VIRTIO_CRYPTO_F_AEAD_SESSION_MODE feature bit is not negotiated
or the driver doesn't use the session mode, then the driver MUST set
\field{flag} field in struct virtio_crypto_op_header
+ to VIRTIO_CRYPTO_FLAG_SESSION_NONE_MODE and MUST set fields in struct
virtio_crypto_aead_para.sess_para.
\item The driver MUST set \field{opcode} in struct virtio_crypto_op_header to
VIRTIO_CRYPTO_AEAD_ENCRYPT or VIRTIO_CRYPTO_AEAD_DECRYPT.
-\item The driver MUST set the \field{queue_id} field to show used dataq in
struct virtio_crypto_op_header.
\end{itemize*}
\devicenormative{\paragraph}{AEAD Service Operation}{Device Types / Crypto
Device / Device Operation / AEAD Service Operation}
@@ -940,7 +1023,7 @@ The input data includes both destination data used to save
the results of the AE
\begin{itemize*}
\item The device MUST parse the virtio_crypto_aead_data_req based on the
\field{opcode} in general header.
\item The device MUST copy the result of cryptographic operation to the
dst_data[].
-\item The device MUST copy the hash result to the hash_result[].
+\item The device MUST copy the authentication tag to the dst_data[] offset the
cipher result.
\item The device MUST set the \field{status} field in struct
virtio_crypto_inhdr to one of the values of enum VIRITO_CRYPTO_STATUS.
\item When the \field{opcode} is VIRTIO_CRYPTO_AEAD_DECRYPT, the device MUST
verify and return the verification result to the driver, and if the
verification result is incorrect, VIRTIO_CRYPTO_BADMSG (bad message) MUST be
returned to the driver.
\end{itemize*}
\ No newline at end of file
Regards,
-Gonglei
> -----Original Message-----
> From: Gonglei (Arei)
> Sent: Wednesday, January 04, 2017 6:03 PM
> To: address@hidden; address@hidden
> Cc: Luonengjun; address@hidden; address@hidden;
> address@hidden; address@hidden; Jani Kokkonen;
> address@hidden; address@hidden; address@hidden;
> address@hidden; address@hidden; address@hidden;
> Huangweidong (C); address@hidden; address@hidden; Claudio Fontana;
> Zhoujian (jay, Euler); address@hidden; address@hidden; Wubin (H);
> Shiqing Fan; address@hidden; address@hidden; Gonglei
> (Arei)
> Subject: [PATCH v15 0/2] virtio-crypto: virtio crypto device specification
>
> Changes since v14:
> - drop VIRTIO_CRYPTO_S_STARTED status [Halil & Cornelia]
> - correct a sentence about dataqueue and controlq in the first paragraph.
> [Halil]
> - change a MAY to MUST about max_dataqueues. [Halil]
> - add non-session mode support
> 1) add four features for different crypto services to identify wheather
> support session mode.
> 2) extend virtio_crypto_*_para structures, for example, add the content of
> struct virtio_crypto_cipher_session_para into struct
> virtio_crypto_cipher_para.
> 3) use the flag property of struct virtio_crypto_op_header to identify the
> type of crypto request. Aka Is it a session-based or non-session request
>
> For pervious versions of virtio crypto spec, Pls see:
>
> [v14]:
> https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg02212.html
>
> [v13]:
> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg07348.html
>
> For more information, please see:
> http://qemu-project.org/Features/VirtioCrypto
>
> Please help to review, thanks.
>
> Gonglei (2):
> virtio-crypto: Add virtio crypto device specification
> virtio-crypto: Add conformance clauses
>
> conformance.tex | 30 ++
> content.tex | 2 +
> virtio-crypto.tex | 1029
> +++++++++++++++++++++++++++++++++++++++++++++++++++++
> 3 files changed, 1061 insertions(+)
> create mode 100644 virtio-crypto.tex
>
> --
> 1.7.12.4
>
- [Qemu-devel] [PATCH v15 0/2] virtio-crypto: virtio crypto device specification, Gonglei, 2017/01/04
- [Qemu-devel] [PATCH v15 1/2] virtio-crypto: Add virtio crypto device specification, Gonglei, 2017/01/04
- Re: [Qemu-devel] [PATCH v15 0/2] virtio-crypto: virtio crypto device specification,
Gonglei (Arei) <=
- Re: [Qemu-devel] [PATCH v15 0/2] virtio-crypto: virtio crypto device specification, Halil Pasic, 2017/01/12
- Re: [Qemu-devel] [virtio-dev] Re: [PATCH v15 0/2] virtio-crypto: virtio crypto device specification, Gonglei (Arei), 2017/01/12
- Re: [Qemu-devel] [virtio-dev] Re: [PATCH v15 0/2] virtio-crypto: virtio crypto device specification, Michael S. Tsirkin, 2017/01/12
- Re: [Qemu-devel] [virtio-dev] Re: [PATCH v15 0/2] virtio-crypto: virtio crypto device specification, Gonglei (Arei), 2017/01/12
- Re: [Qemu-devel] [virtio-dev] Re: [PATCH v15 0/2] virtio-crypto: virtio crypto device specification, Michael S. Tsirkin, 2017/01/13
- Re: [Qemu-devel] [virtio-dev] Re: [PATCH v15 0/2] virtio-crypto: virtio crypto device specification, Gonglei (Arei), 2017/01/13
- Re: [Qemu-devel] [virtio-dev] Re: [PATCH v15 0/2] virtio-crypto: virtio crypto device specification, Gonglei (Arei), 2017/01/16
- Re: [Qemu-devel] [virtio-dev] Re: [PATCH v15 0/2] virtio-crypto: virtio crypto device specification, Halil Pasic, 2017/01/16
- Re: [Qemu-devel] [virtio-dev] Re: [PATCH v15 0/2] virtio-crypto: virtio crypto device specification, Gonglei (Arei), 2017/01/16
- Re: [Qemu-devel] [virtio-dev] RE: [virtio-dev] Re: [PATCH v15 0/2] virtio-crypto: virtio crypto device specification, Halil Pasic, 2017/01/18