diff mbox

[v15,0/2] virtio-crypto: virtio crypto device specification

Message ID 33183CC9F5247A488A2544077AF19020DA174989@DGGEMA505-MBX.china.huawei.com (mailing list archive)
State New, archived
Headers show

Commit Message

Gonglei (Arei) Jan. 4, 2017, 10:10 a.m. UTC
Hi all,

I attach the diff files between v14 and v15 for better review.




Regards,
-Gonglei


> -----Original Message-----
> From: Gonglei (Arei)
> Sent: Wednesday, January 04, 2017 6:03 PM
> To: qemu-devel@nongnu.org; virtio-dev@lists.oasis-open.org
> Cc: Luonengjun; mst@redhat.com; cornelia.huck@de.ibm.com;
> stefanha@redhat.com; denglingli@chinamobile.com; Jani Kokkonen;
> Ola.Liljedahl@arm.com; Varun.Sethi@freescale.com; xin.zeng@intel.com;
> brian.a.keating@intel.com; liang.j.ma@intel.com; john.griffin@intel.com;
> Huangweidong (C); mike.caraman@nxp.com; agraf@suse.de; Claudio Fontana;
> Zhoujian (jay, Euler); nmorey@kalray.eu; vincent.jardin@6wind.com; Wubin (H);
> Shiqing Fan; arei.gonglei@hotmail.com; pasic@linux.vnet.ibm.com; Gonglei
> (Arei)
> Subject: [PATCH v15 0/2] virtio-crypto: virtio crypto device specification
> 
> Changes since v14:
>  - drop VIRTIO_CRYPTO_S_STARTED status [Halil & Cornelia]
>  - correct a sentence about dataqueue and controlq in the first paragraph.
> [Halil]
>  - change a MAY to MUST about max_dataqueues. [Halil]
>  - add non-session mode support
>    1) add four features for different crypto services to identify wheather
> support session mode.
>    2) extend virtio_crypto_*_para structures, for example, add the content of
>      struct virtio_crypto_cipher_session_para into struct
> virtio_crypto_cipher_para.
>    3) use the flag property of struct virtio_crypto_op_header to identify the
>      type of crypto request. Aka Is it a session-based or non-session request
> 
> For pervious versions of virtio crypto spec, Pls see:
> 
> [v14]:
> https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg02212.html
> 
> [v13]:
> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg07348.html
> 
> For more information, please see:
>  http://qemu-project.org/Features/VirtioCrypto
> 
> Please help to review, thanks.
> 
> Gonglei (2):
>   virtio-crypto: Add virtio crypto device specification
>   virtio-crypto: Add conformance clauses
> 
>  conformance.tex   |   30 ++
>  content.tex       |    2 +
>  virtio-crypto.tex | 1029
> +++++++++++++++++++++++++++++++++++++++++++++++++++++
>  3 files changed, 1061 insertions(+)
>  create mode 100644 virtio-crypto.tex
> 
> --
> 1.7.12.4
>

Comments

Halil Pasic Jan. 12, 2017, 11:58 a.m. UTC | #1
On 01/04/2017 11:10 AM, Gonglei (Arei) wrote:
> Hi all,
> 
> I attach the diff files between v14 and v15 for better review.
> 
Hi,

only had a quick look. Will try to come back to this later.

> diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> index 9f7faf0..884ee95 100644
> --- a/virtio-crypto.tex
> +++ b/virtio-crypto.tex
> @@ -2,8 +2,8 @@
>  
>  The virtio crypto device is a virtual cryptography device as well as a kind of
>  virtual hardware accelerator for virtual machines. The encryption and
> -decryption requests are placed in the data queue and are ultimately handled by the
> -backend crypto accelerators. The second queue is the control queue used to create 
> +decryption requests are placed in any of the data active queues and are ultimately handled by the
s/data active/active data/
> +backend crypto accelerators. The second kind of queue is the control queue used to create 
>  or destroy sessions for symmetric algorithms and will control some advanced
>  features in the future. The virtio crypto device provides the following crypto
>  services: CIPHER, MAC, HASH, and AEAD.

[..]

> ===============The below diff shows the changes of add non-session mode support:
> 
> diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> index 884ee95..44819f9 100644
> --- a/virtio-crypto.tex
> +++ b/virtio-crypto.tex
> @@ -26,7 +26,10 @@ N is set by \field{max_dataqueues}.
>  
>  \subsection{Feature bits}\label{sec:Device Types / Crypto Device / Feature bits}
>  
> -None currently defined.
> +VIRTIO_CRYPTO_F_CIPHER_SESSION_MODE (1) Session mode is available for CIPHER service.
> +VIRTIO_CRYPTO_F_HASH_SESSION_MODE (2) Session mode is available for HASH service.
> +VIRTIO_CRYPTO_F_MAC_SESSION_MODE (3) Session mode is available for MAC service.
> +VIRTIO_CRYPTO_F_AEAD_SESSION_MODE (4) Session mode is available for AEAD service.
>  
>  \subsection{Device configuration layout}\label{sec:Device Types / Crypto Device / Device configuration layout}
>  
> @@ -208,6 +211,9 @@ Operation parameters are algorithm-specific parameters, output data is the
>  data that should be utilized in operations, and input data is equal to
>  "operation result + result data".
>  
> +The device can support both session mode (See \ref{sec:Device Types / Crypto Device / Device Operation / Control Virtqueue / Session operation}) and non-session mode, for example,
> +As VIRTIO_CRYPTO_F_CIPHER_SESSION feature bit is negotiated, the driver can use session mode for CIPHER service, otherwise it can only use non-session mode.
> +

As far as I understand you are adding non-session mode to the mix but
providing feature bits for session mode. Would this render the the current
implementation non-compliant?

Halil
Gonglei (Arei) Jan. 12, 2017, 12:26 p.m. UTC | #2
Hi,


> 
> On 01/04/2017 11:10 AM, Gonglei (Arei) wrote:
> > Hi all,
> >
> > I attach the diff files between v14 and v15 for better review.
> >
> Hi,
> 
> only had a quick look. Will try to come back to this later.
> 
That's cool.

> > diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> > index 9f7faf0..884ee95 100644
> > --- a/virtio-crypto.tex
> > +++ b/virtio-crypto.tex
> > @@ -2,8 +2,8 @@
> >
> >  The virtio crypto device is a virtual cryptography device as well as a kind of
> >  virtual hardware accelerator for virtual machines. The encryption and
> > -decryption requests are placed in the data queue and are ultimately handled
> by the
> > -backend crypto accelerators. The second queue is the control queue used to
> create
> > +decryption requests are placed in any of the data active queues and are
> ultimately handled by the
> s/data active/active data/
> > +backend crypto accelerators. The second kind of queue is the control queue
> used to create
> >  or destroy sessions for symmetric algorithms and will control some
> advanced
> >  features in the future. The virtio crypto device provides the following crypto
> >  services: CIPHER, MAC, HASH, and AEAD.
> 
> [..]
> 
> > ===============The below diff shows the changes of add non-session mode
> support:
> >
> > diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> > index 884ee95..44819f9 100644
> > --- a/virtio-crypto.tex
> > +++ b/virtio-crypto.tex
> > @@ -26,7 +26,10 @@ N is set by \field{max_dataqueues}.
> >
> >  \subsection{Feature bits}\label{sec:Device Types / Crypto Device / Feature
> bits}
> >
> > -None currently defined.
> > +VIRTIO_CRYPTO_F_CIPHER_SESSION_MODE (1) Session mode is available
> for CIPHER service.
> > +VIRTIO_CRYPTO_F_HASH_SESSION_MODE (2) Session mode is available for
> HASH service.
> > +VIRTIO_CRYPTO_F_MAC_SESSION_MODE (3) Session mode is available for
> MAC service.
> > +VIRTIO_CRYPTO_F_AEAD_SESSION_MODE (4) Session mode is available for
> AEAD service.
> >
> >  \subsection{Device configuration layout}\label{sec:Device Types / Crypto
> Device / Device configuration layout}
> >
> > @@ -208,6 +211,9 @@ Operation parameters are algorithm-specific
> parameters, output data is the
> >  data that should be utilized in operations, and input data is equal to
> >  "operation result + result data".
> >
> > +The device can support both session mode (See \ref{sec:Device Types /
> Crypto Device / Device Operation / Control Virtqueue / Session operation}) and
> non-session mode, for example,
> > +As VIRTIO_CRYPTO_F_CIPHER_SESSION feature bit is negotiated, the driver
> can use session mode for CIPHER service, otherwise it can only use non-session
> mode.
> > +
> 
> As far as I understand you are adding non-session mode to the mix but
> providing feature bits for session mode. Would this render the the current
> implementation non-compliant?
> 
You are right, shall we use feature bits for non-session mode for compliancy?
Or because the spec is on the fly, and some structures in the virtio_crypto.h need to
be modified, can we keep the compliancy completely?

Thanks,
-Gonglei
Michael S. Tsirkin Jan. 12, 2017, 7:45 p.m. UTC | #3
On Thu, Jan 12, 2017 at 12:26:24PM +0000, Gonglei (Arei) wrote:
> Hi,
> 
> 
> > 
> > On 01/04/2017 11:10 AM, Gonglei (Arei) wrote:
> > > Hi all,
> > >
> > > I attach the diff files between v14 and v15 for better review.
> > >
> > Hi,
> > 
> > only had a quick look. Will try to come back to this later.
> > 
> That's cool.
> 
> > > diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> > > index 9f7faf0..884ee95 100644
> > > --- a/virtio-crypto.tex
> > > +++ b/virtio-crypto.tex
> > > @@ -2,8 +2,8 @@
> > >
> > >  The virtio crypto device is a virtual cryptography device as well as a kind of
> > >  virtual hardware accelerator for virtual machines. The encryption and
> > > -decryption requests are placed in the data queue and are ultimately handled
> > by the
> > > -backend crypto accelerators. The second queue is the control queue used to
> > create
> > > +decryption requests are placed in any of the data active queues and are
> > ultimately handled by the
> > s/data active/active data/
> > > +backend crypto accelerators. The second kind of queue is the control queue
> > used to create
> > >  or destroy sessions for symmetric algorithms and will control some
> > advanced
> > >  features in the future. The virtio crypto device provides the following crypto
> > >  services: CIPHER, MAC, HASH, and AEAD.
> > 
> > [..]
> > 
> > > ===============The below diff shows the changes of add non-session mode
> > support:
> > >
> > > diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> > > index 884ee95..44819f9 100644
> > > --- a/virtio-crypto.tex
> > > +++ b/virtio-crypto.tex
> > > @@ -26,7 +26,10 @@ N is set by \field{max_dataqueues}.
> > >
> > >  \subsection{Feature bits}\label{sec:Device Types / Crypto Device / Feature
> > bits}
> > >
> > > -None currently defined.
> > > +VIRTIO_CRYPTO_F_CIPHER_SESSION_MODE (1) Session mode is available
> > for CIPHER service.
> > > +VIRTIO_CRYPTO_F_HASH_SESSION_MODE (2) Session mode is available for
> > HASH service.
> > > +VIRTIO_CRYPTO_F_MAC_SESSION_MODE (3) Session mode is available for
> > MAC service.
> > > +VIRTIO_CRYPTO_F_AEAD_SESSION_MODE (4) Session mode is available for
> > AEAD service.
> > >
> > >  \subsection{Device configuration layout}\label{sec:Device Types / Crypto
> > Device / Device configuration layout}
> > >
> > > @@ -208,6 +211,9 @@ Operation parameters are algorithm-specific
> > parameters, output data is the
> > >  data that should be utilized in operations, and input data is equal to
> > >  "operation result + result data".
> > >
> > > +The device can support both session mode (See \ref{sec:Device Types /
> > Crypto Device / Device Operation / Control Virtqueue / Session operation}) and
> > non-session mode, for example,
> > > +As VIRTIO_CRYPTO_F_CIPHER_SESSION feature bit is negotiated, the driver
> > can use session mode for CIPHER service, otherwise it can only use non-session
> > mode.
> > > +
> > 
> > As far as I understand you are adding non-session mode to the mix but
> > providing feature bits for session mode. Would this render the the current
> > implementation non-compliant?
> > 
> You are right, shall we use feature bits for non-session mode for compliancy?
> Or because the spec is on the fly, and some structures in the virtio_crypto.h need to
> be modified, can we keep the compliancy completely?
> 
> Thanks,
> -Gonglei

Since there's a linux driver upstream you must at least
keep compatibility with that.
Gonglei (Arei) Jan. 13, 2017, 2:54 a.m. UTC | #4
> 
> On Thu, Jan 12, 2017 at 12:26:24PM +0000, Gonglei (Arei) wrote:
> > Hi,
> >
> >
> > >
> > > On 01/04/2017 11:10 AM, Gonglei (Arei) wrote:
> > > > Hi all,
> > > >
> > > > I attach the diff files between v14 and v15 for better review.
> > > >
> > > Hi,
> > >
> > > only had a quick look. Will try to come back to this later.
> > >
> > That's cool.
> >
> > > > diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> > > > index 9f7faf0..884ee95 100644
> > > > --- a/virtio-crypto.tex
> > > > +++ b/virtio-crypto.tex
> > > > @@ -2,8 +2,8 @@
> > > >
> > > >  The virtio crypto device is a virtual cryptography device as well as a kind
> of
> > > >  virtual hardware accelerator for virtual machines. The encryption and
> > > > -decryption requests are placed in the data queue and are ultimately
> handled
> > > by the
> > > > -backend crypto accelerators. The second queue is the control queue used
> to
> > > create
> > > > +decryption requests are placed in any of the data active queues and are
> > > ultimately handled by the
> > > s/data active/active data/
> > > > +backend crypto accelerators. The second kind of queue is the control
> queue
> > > used to create
> > > >  or destroy sessions for symmetric algorithms and will control some
> > > advanced
> > > >  features in the future. The virtio crypto device provides the following
> crypto
> > > >  services: CIPHER, MAC, HASH, and AEAD.
> > >
> > > [..]
> > >
> > > > ===============The below diff shows the changes of add non-session
> mode
> > > support:
> > > >
> > > > diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> > > > index 884ee95..44819f9 100644
> > > > --- a/virtio-crypto.tex
> > > > +++ b/virtio-crypto.tex
> > > > @@ -26,7 +26,10 @@ N is set by \field{max_dataqueues}.
> > > >
> > > >  \subsection{Feature bits}\label{sec:Device Types / Crypto Device /
> Feature
> > > bits}
> > > >
> > > > -None currently defined.
> > > > +VIRTIO_CRYPTO_F_CIPHER_SESSION_MODE (1) Session mode is
> available
> > > for CIPHER service.
> > > > +VIRTIO_CRYPTO_F_HASH_SESSION_MODE (2) Session mode is available
> for
> > > HASH service.
> > > > +VIRTIO_CRYPTO_F_MAC_SESSION_MODE (3) Session mode is available
> for
> > > MAC service.
> > > > +VIRTIO_CRYPTO_F_AEAD_SESSION_MODE (4) Session mode is available
> for
> > > AEAD service.
> > > >
> > > >  \subsection{Device configuration layout}\label{sec:Device Types /
> Crypto
> > > Device / Device configuration layout}
> > > >
> > > > @@ -208,6 +211,9 @@ Operation parameters are algorithm-specific
> > > parameters, output data is the
> > > >  data that should be utilized in operations, and input data is equal to
> > > >  "operation result + result data".
> > > >
> > > > +The device can support both session mode (See \ref{sec:Device Types /
> > > Crypto Device / Device Operation / Control Virtqueue / Session operation})
> and
> > > non-session mode, for example,
> > > > +As VIRTIO_CRYPTO_F_CIPHER_SESSION feature bit is negotiated, the
> driver
> > > can use session mode for CIPHER service, otherwise it can only use
> non-session
> > > mode.
> > > > +
> > >
> > > As far as I understand you are adding non-session mode to the mix but
> > > providing feature bits for session mode. Would this render the the current
> > > implementation non-compliant?
> > >
> > You are right, shall we use feature bits for non-session mode for compliancy?
> > Or because the spec is on the fly, and some structures in the virtio_crypto.h
> need to
> > be modified, can we keep the compliancy completely?
> >
> > Thanks,
> > -Gonglei
> 
> Since there's a linux driver upstream you must at least
> keep compatibility with that.
> 
Sure. We use feature bits for non-session mode then.
For structures modification, do we need to do some specific
actions for compatibility?  Take CIPHER service as an example:

The present structure:

struct virtio_crypto_cipher_para {
    /*
     * Byte Length of valid IV/Counter data pointed to by the below iv data.
     *
     * For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or for
     *   SNOW3G in UEA2 mode, this is the length of the IV (which
     *   must be the same as the block length of the cipher).
     * For block ciphers in CTR mode, this is the length of the counter
     *   (which must be the same as the block length of the cipher).
     */
    le32 iv_len;
    /* length of source data */
    le32 src_data_len;
    /* length of destination data */
    le32 dst_data_len;
};

The future structure if supporting non-session based operations:

struct virtio_crypto_cipher_para {
    struct {
        /* See VIRTIO_CRYPTO_CIPHER* above */
        le32 algo;
        /* length of key */
        le32 keylen;

        /* See VIRTIO_CRYPTO_OP_* above */
        le32 op;
    } sess_para;

    /*
     * Byte Length of valid IV/Counter data pointed to by the below iv data.
     *
     * For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or for
     *   SNOW3G in UEA2 mode, this is the length of the IV (which
     *   must be the same as the block length of the cipher).
     * For block ciphers in CTR mode, this is the length of the counter
     *   (which must be the same as the block length of the cipher).
     */
    le32 iv_len;
    /* length of source data */
    le32 src_data_len;
    /* length of destination data */
    le32 dst_data_len;
};

Thanks,
-Gonglei
Michael S. Tsirkin Jan. 13, 2017, 4:02 p.m. UTC | #5
On Fri, Jan 13, 2017 at 02:54:29AM +0000, Gonglei (Arei) wrote:
> 
> > 
> > On Thu, Jan 12, 2017 at 12:26:24PM +0000, Gonglei (Arei) wrote:
> > > Hi,
> > >
> > >
> > > >
> > > > On 01/04/2017 11:10 AM, Gonglei (Arei) wrote:
> > > > > Hi all,
> > > > >
> > > > > I attach the diff files between v14 and v15 for better review.
> > > > >
> > > > Hi,
> > > >
> > > > only had a quick look. Will try to come back to this later.
> > > >
> > > That's cool.
> > >
> > > > > diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> > > > > index 9f7faf0..884ee95 100644
> > > > > --- a/virtio-crypto.tex
> > > > > +++ b/virtio-crypto.tex
> > > > > @@ -2,8 +2,8 @@
> > > > >
> > > > >  The virtio crypto device is a virtual cryptography device as well as a kind
> > of
> > > > >  virtual hardware accelerator for virtual machines. The encryption and
> > > > > -decryption requests are placed in the data queue and are ultimately
> > handled
> > > > by the
> > > > > -backend crypto accelerators. The second queue is the control queue used
> > to
> > > > create
> > > > > +decryption requests are placed in any of the data active queues and are
> > > > ultimately handled by the
> > > > s/data active/active data/
> > > > > +backend crypto accelerators. The second kind of queue is the control
> > queue
> > > > used to create
> > > > >  or destroy sessions for symmetric algorithms and will control some
> > > > advanced
> > > > >  features in the future. The virtio crypto device provides the following
> > crypto
> > > > >  services: CIPHER, MAC, HASH, and AEAD.
> > > >
> > > > [..]
> > > >
> > > > > ===============The below diff shows the changes of add non-session
> > mode
> > > > support:
> > > > >
> > > > > diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> > > > > index 884ee95..44819f9 100644
> > > > > --- a/virtio-crypto.tex
> > > > > +++ b/virtio-crypto.tex
> > > > > @@ -26,7 +26,10 @@ N is set by \field{max_dataqueues}.
> > > > >
> > > > >  \subsection{Feature bits}\label{sec:Device Types / Crypto Device /
> > Feature
> > > > bits}
> > > > >
> > > > > -None currently defined.
> > > > > +VIRTIO_CRYPTO_F_CIPHER_SESSION_MODE (1) Session mode is
> > available
> > > > for CIPHER service.
> > > > > +VIRTIO_CRYPTO_F_HASH_SESSION_MODE (2) Session mode is available
> > for
> > > > HASH service.
> > > > > +VIRTIO_CRYPTO_F_MAC_SESSION_MODE (3) Session mode is available
> > for
> > > > MAC service.
> > > > > +VIRTIO_CRYPTO_F_AEAD_SESSION_MODE (4) Session mode is available
> > for
> > > > AEAD service.
> > > > >
> > > > >  \subsection{Device configuration layout}\label{sec:Device Types /
> > Crypto
> > > > Device / Device configuration layout}
> > > > >
> > > > > @@ -208,6 +211,9 @@ Operation parameters are algorithm-specific
> > > > parameters, output data is the
> > > > >  data that should be utilized in operations, and input data is equal to
> > > > >  "operation result + result data".
> > > > >
> > > > > +The device can support both session mode (See \ref{sec:Device Types /
> > > > Crypto Device / Device Operation / Control Virtqueue / Session operation})
> > and
> > > > non-session mode, for example,
> > > > > +As VIRTIO_CRYPTO_F_CIPHER_SESSION feature bit is negotiated, the
> > driver
> > > > can use session mode for CIPHER service, otherwise it can only use
> > non-session
> > > > mode.
> > > > > +
> > > >
> > > > As far as I understand you are adding non-session mode to the mix but
> > > > providing feature bits for session mode. Would this render the the current
> > > > implementation non-compliant?
> > > >
> > > You are right, shall we use feature bits for non-session mode for compliancy?
> > > Or because the spec is on the fly, and some structures in the virtio_crypto.h
> > need to
> > > be modified, can we keep the compliancy completely?
> > >
> > > Thanks,
> > > -Gonglei
> > 
> > Since there's a linux driver upstream you must at least
> > keep compatibility with that.
> > 
> Sure. We use feature bits for non-session mode then.
> For structures modification, do we need to do some specific
> actions for compatibility?  Take CIPHER service as an example:
> 
> The present structure:
> 
> struct virtio_crypto_cipher_para {
>     /*
>      * Byte Length of valid IV/Counter data pointed to by the below iv data.
>      *
>      * For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or for
>      *   SNOW3G in UEA2 mode, this is the length of the IV (which
>      *   must be the same as the block length of the cipher).
>      * For block ciphers in CTR mode, this is the length of the counter
>      *   (which must be the same as the block length of the cipher).
>      */
>     le32 iv_len;
>     /* length of source data */
>     le32 src_data_len;
>     /* length of destination data */
>     le32 dst_data_len;
> };
> 
> The future structure if supporting non-session based operations:
> 
> struct virtio_crypto_cipher_para {
>     struct {
>         /* See VIRTIO_CRYPTO_CIPHER* above */
>         le32 algo;
>         /* length of key */
>         le32 keylen;
> 
>         /* See VIRTIO_CRYPTO_OP_* above */
>         le32 op;
>     } sess_para;
> 
>     /*
>      * Byte Length of valid IV/Counter data pointed to by the below iv data.
>      *
>      * For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or for
>      *   SNOW3G in UEA2 mode, this is the length of the IV (which
>      *   must be the same as the block length of the cipher).
>      * For block ciphers in CTR mode, this is the length of the counter
>      *   (which must be the same as the block length of the cipher).
>      */
>     le32 iv_len;
>     /* length of source data */
>     le32 src_data_len;
>     /* length of destination data */
>     le32 dst_data_len;
> };
> 
> Thanks,
> -Gonglei

So you will have to maintain both structures for when non-session based
feature is and aren't present. You will have to give them different
names, too.
Gonglei (Arei) Jan. 14, 2017, 1:20 a.m. UTC | #6
> 
> On Fri, Jan 13, 2017 at 02:54:29AM +0000, Gonglei (Arei) wrote:
> >
> > >
> > > On Thu, Jan 12, 2017 at 12:26:24PM +0000, Gonglei (Arei) wrote:
> > > > Hi,
> > > >
> > > >
> > > > >
> > > > > On 01/04/2017 11:10 AM, Gonglei (Arei) wrote:
> > > > > > Hi all,
> > > > > >
> > > > > > I attach the diff files between v14 and v15 for better review.
> > > > > >
> > > > > Hi,
> > > > >
> > > > > only had a quick look. Will try to come back to this later.
> > > > >
> > > > That's cool.
> > > >
> > > > > > diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> > > > > > index 9f7faf0..884ee95 100644
> > > > > > --- a/virtio-crypto.tex
> > > > > > +++ b/virtio-crypto.tex
> > > > > > @@ -2,8 +2,8 @@
> > > > > >
> > > > > >  The virtio crypto device is a virtual cryptography device as well as a
> kind
> > > of
> > > > > >  virtual hardware accelerator for virtual machines. The encryption
> and
> > > > > > -decryption requests are placed in the data queue and are ultimately
> > > handled
> > > > > by the
> > > > > > -backend crypto accelerators. The second queue is the control queue
> used
> > > to
> > > > > create
> > > > > > +decryption requests are placed in any of the data active queues and
> are
> > > > > ultimately handled by the
> > > > > s/data active/active data/
> > > > > > +backend crypto accelerators. The second kind of queue is the control
> > > queue
> > > > > used to create
> > > > > >  or destroy sessions for symmetric algorithms and will control some
> > > > > advanced
> > > > > >  features in the future. The virtio crypto device provides the following
> > > crypto
> > > > > >  services: CIPHER, MAC, HASH, and AEAD.
> > > > >
> > > > > [..]
> > > > >
> > > > > > ===============The below diff shows the changes of add
> non-session
> > > mode
> > > > > support:
> > > > > >
> > > > > > diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> > > > > > index 884ee95..44819f9 100644
> > > > > > --- a/virtio-crypto.tex
> > > > > > +++ b/virtio-crypto.tex
> > > > > > @@ -26,7 +26,10 @@ N is set by \field{max_dataqueues}.
> > > > > >
> > > > > >  \subsection{Feature bits}\label{sec:Device Types / Crypto Device /
> > > Feature
> > > > > bits}
> > > > > >
> > > > > > -None currently defined.
> > > > > > +VIRTIO_CRYPTO_F_CIPHER_SESSION_MODE (1) Session mode is
> > > available
> > > > > for CIPHER service.
> > > > > > +VIRTIO_CRYPTO_F_HASH_SESSION_MODE (2) Session mode is
> available
> > > for
> > > > > HASH service.
> > > > > > +VIRTIO_CRYPTO_F_MAC_SESSION_MODE (3) Session mode is
> available
> > > for
> > > > > MAC service.
> > > > > > +VIRTIO_CRYPTO_F_AEAD_SESSION_MODE (4) Session mode is
> available
> > > for
> > > > > AEAD service.
> > > > > >
> > > > > >  \subsection{Device configuration layout}\label{sec:Device Types /
> > > Crypto
> > > > > Device / Device configuration layout}
> > > > > >
> > > > > > @@ -208,6 +211,9 @@ Operation parameters are algorithm-specific
> > > > > parameters, output data is the
> > > > > >  data that should be utilized in operations, and input data is equal to
> > > > > >  "operation result + result data".
> > > > > >
> > > > > > +The device can support both session mode (See \ref{sec:Device Types
> /
> > > > > Crypto Device / Device Operation / Control Virtqueue / Session
> operation})
> > > and
> > > > > non-session mode, for example,
> > > > > > +As VIRTIO_CRYPTO_F_CIPHER_SESSION feature bit is negotiated,
> the
> > > driver
> > > > > can use session mode for CIPHER service, otherwise it can only use
> > > non-session
> > > > > mode.
> > > > > > +
> > > > >
> > > > > As far as I understand you are adding non-session mode to the mix but
> > > > > providing feature bits for session mode. Would this render the the
> current
> > > > > implementation non-compliant?
> > > > >
> > > > You are right, shall we use feature bits for non-session mode for
> compliancy?
> > > > Or because the spec is on the fly, and some structures in the
> virtio_crypto.h
> > > need to
> > > > be modified, can we keep the compliancy completely?
> > > >
> > > > Thanks,
> > > > -Gonglei
> > >
> > > Since there's a linux driver upstream you must at least
> > > keep compatibility with that.
> > >
> > Sure. We use feature bits for non-session mode then.
> > For structures modification, do we need to do some specific
> > actions for compatibility?  Take CIPHER service as an example:
> >
> > The present structure:
> >
> > struct virtio_crypto_cipher_para {
> >     /*
> >      * Byte Length of valid IV/Counter data pointed to by the below iv data.
> >      *
> >      * For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or for
> >      *   SNOW3G in UEA2 mode, this is the length of the IV (which
> >      *   must be the same as the block length of the cipher).
> >      * For block ciphers in CTR mode, this is the length of the counter
> >      *   (which must be the same as the block length of the cipher).
> >      */
> >     le32 iv_len;
> >     /* length of source data */
> >     le32 src_data_len;
> >     /* length of destination data */
> >     le32 dst_data_len;
> > };
> >
> > The future structure if supporting non-session based operations:
> >
> > struct virtio_crypto_cipher_para {
> >     struct {
> >         /* See VIRTIO_CRYPTO_CIPHER* above */
> >         le32 algo;
> >         /* length of key */
> >         le32 keylen;
> >
> >         /* See VIRTIO_CRYPTO_OP_* above */
> >         le32 op;
> >     } sess_para;
> >
> >     /*
> >      * Byte Length of valid IV/Counter data pointed to by the below iv data.
> >      *
> >      * For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or for
> >      *   SNOW3G in UEA2 mode, this is the length of the IV (which
> >      *   must be the same as the block length of the cipher).
> >      * For block ciphers in CTR mode, this is the length of the counter
> >      *   (which must be the same as the block length of the cipher).
> >      */
> >     le32 iv_len;
> >     /* length of source data */
> >     le32 src_data_len;
> >     /* length of destination data */
> >     le32 dst_data_len;
> > };
> >
> > Thanks,
> > -Gonglei
> 
> So you will have to maintain both structures for when non-session based
> feature is and aren't present. You will have to give them different
> names, too.
> 
OK, I get your point. :)

Thanks,
-Gonglei
Gonglei (Arei) Jan. 16, 2017, 12:43 p.m. UTC | #7
Hi Michael and others,

I'd like to redefine struct virtio_crypto_op_data_req is as below: 

struct virtio_crypto_op_data_req {
    struct virtio_crypto_op_header header;

    union {
        struct virtio_crypto_sym_data_req   sym_req;
        struct virtio_crypto_hash_data_req  hash_req;
        struct virtio_crypto_mac_data_req   mac_req;
        struct virtio_crypto_aead_data_req  aead_req;
        struct virtio_crypto_sym_data_req_non_sess   sym_non_sess_req;
        struct virtio_crypto_hash_data_req_non_sess  hash_non_sess_req;
        struct virtio_crypto_mac_data_req_non_sess   mac_non_sess_req;
        struct virtio_crypto_aead_data_req_non_sess  aead_non_sess_req;
		__u8 padding[72];
    } u;
};

The length of union in the structure will be changed, which from current 48 byte to 72 byte.

We couldn't redefine a structure named virtio_crypto_op_data_req_non_sess,
Because the feature bits are for crypto services, not for the wrapper packet request.

It's impossible to mixed use struct virtio_crypto_op_data_req and 
struct named virtio_crypto_op_data_req_non_sess for one data virtqueue.

For driver compabity, I can submit patches for linux dirver and Qemu to change the length
of struct virtio_crypto_op_data_req.u

Is the approach available?

Thanks,
-Gonglei


> -----Original Message-----
> From: Gonglei (Arei)
> Sent: Saturday, January 14, 2017 9:21 AM
> To: 'Michael S. Tsirkin'
> Cc: Halil Pasic; qemu-devel@nongnu.org; virtio-dev@lists.oasis-open.org;
> Huangweidong (C); john.griffin@intel.com; cornelia.huck@de.ibm.com;
> Zhoujian (jay, Euler); Varun.Sethi@freescale.com; denglingli@chinamobile.com;
> arei.gonglei@hotmail.com; agraf@suse.de; nmorey@kalray.eu;
> vincent.jardin@6wind.com; Ola.Liljedahl@arm.com; Luonengjun;
> xin.zeng@intel.com; liang.j.ma@intel.com; stefanha@redhat.com; Shiqing Fan;
> Jani Kokkonen; brian.a.keating@intel.com; Claudio Fontana;
> mike.caraman@nxp.com; Wubin (H)
> Subject: RE: [virtio-dev] Re: [Qemu-devel] [PATCH v15 0/2] virtio-crypto: virtio
> crypto device specification
> 
> >
> > On Fri, Jan 13, 2017 at 02:54:29AM +0000, Gonglei (Arei) wrote:
> > >
> > > >
> > > > On Thu, Jan 12, 2017 at 12:26:24PM +0000, Gonglei (Arei) wrote:
> > > > > Hi,
> > > > >
> > > > >
> > > > > >
> > > > > > On 01/04/2017 11:10 AM, Gonglei (Arei) wrote:
> > > > > > > Hi all,
> > > > > > >
> > > > > > > I attach the diff files between v14 and v15 for better review.
> > > > > > >
> > > > > > Hi,
> > > > > >
> > > > > > only had a quick look. Will try to come back to this later.
> > > > > >
> > > > > That's cool.
> > > > >
> > > > > > > diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> > > > > > > index 9f7faf0..884ee95 100644
> > > > > > > --- a/virtio-crypto.tex
> > > > > > > +++ b/virtio-crypto.tex
> > > > > > > @@ -2,8 +2,8 @@
> > > > > > >
> > > > > > >  The virtio crypto device is a virtual cryptography device as well as a
> > kind
> > > > of
> > > > > > >  virtual hardware accelerator for virtual machines. The encryption
> > and
> > > > > > > -decryption requests are placed in the data queue and are ultimately
> > > > handled
> > > > > > by the
> > > > > > > -backend crypto accelerators. The second queue is the control queue
> > used
> > > > to
> > > > > > create
> > > > > > > +decryption requests are placed in any of the data active queues and
> > are
> > > > > > ultimately handled by the
> > > > > > s/data active/active data/
> > > > > > > +backend crypto accelerators. The second kind of queue is the
> control
> > > > queue
> > > > > > used to create
> > > > > > >  or destroy sessions for symmetric algorithms and will control some
> > > > > > advanced
> > > > > > >  features in the future. The virtio crypto device provides the
> following
> > > > crypto
> > > > > > >  services: CIPHER, MAC, HASH, and AEAD.
> > > > > >
> > > > > > [..]
> > > > > >
> > > > > > > ===============The below diff shows the changes of add
> > non-session
> > > > mode
> > > > > > support:
> > > > > > >
> > > > > > > diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> > > > > > > index 884ee95..44819f9 100644
> > > > > > > --- a/virtio-crypto.tex
> > > > > > > +++ b/virtio-crypto.tex
> > > > > > > @@ -26,7 +26,10 @@ N is set by \field{max_dataqueues}.
> > > > > > >
> > > > > > >  \subsection{Feature bits}\label{sec:Device Types / Crypto Device /
> > > > Feature
> > > > > > bits}
> > > > > > >
> > > > > > > -None currently defined.
> > > > > > > +VIRTIO_CRYPTO_F_CIPHER_SESSION_MODE (1) Session mode is
> > > > available
> > > > > > for CIPHER service.
> > > > > > > +VIRTIO_CRYPTO_F_HASH_SESSION_MODE (2) Session mode is
> > available
> > > > for
> > > > > > HASH service.
> > > > > > > +VIRTIO_CRYPTO_F_MAC_SESSION_MODE (3) Session mode is
> > available
> > > > for
> > > > > > MAC service.
> > > > > > > +VIRTIO_CRYPTO_F_AEAD_SESSION_MODE (4) Session mode is
> > available
> > > > for
> > > > > > AEAD service.
> > > > > > >
> > > > > > >  \subsection{Device configuration layout}\label{sec:Device Types /
> > > > Crypto
> > > > > > Device / Device configuration layout}
> > > > > > >
> > > > > > > @@ -208,6 +211,9 @@ Operation parameters are
> algorithm-specific
> > > > > > parameters, output data is the
> > > > > > >  data that should be utilized in operations, and input data is equal
> to
> > > > > > >  "operation result + result data".
> > > > > > >
> > > > > > > +The device can support both session mode (See \ref{sec:Device
> Types
> > /
> > > > > > Crypto Device / Device Operation / Control Virtqueue / Session
> > operation})
> > > > and
> > > > > > non-session mode, for example,
> > > > > > > +As VIRTIO_CRYPTO_F_CIPHER_SESSION feature bit is negotiated,
> > the
> > > > driver
> > > > > > can use session mode for CIPHER service, otherwise it can only use
> > > > non-session
> > > > > > mode.
> > > > > > > +
> > > > > >
> > > > > > As far as I understand you are adding non-session mode to the mix but
> > > > > > providing feature bits for session mode. Would this render the the
> > current
> > > > > > implementation non-compliant?
> > > > > >
> > > > > You are right, shall we use feature bits for non-session mode for
> > compliancy?
> > > > > Or because the spec is on the fly, and some structures in the
> > virtio_crypto.h
> > > > need to
> > > > > be modified, can we keep the compliancy completely?
> > > > >
> > > > > Thanks,
> > > > > -Gonglei
> > > >
> > > > Since there's a linux driver upstream you must at least
> > > > keep compatibility with that.
> > > >
> > > Sure. We use feature bits for non-session mode then.
> > > For structures modification, do we need to do some specific
> > > actions for compatibility?  Take CIPHER service as an example:
> > >
> > > The present structure:
> > >
> > > struct virtio_crypto_cipher_para {
> > >     /*
> > >      * Byte Length of valid IV/Counter data pointed to by the below iv
> data.
> > >      *
> > >      * For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or
> for
> > >      *   SNOW3G in UEA2 mode, this is the length of the IV (which
> > >      *   must be the same as the block length of the cipher).
> > >      * For block ciphers in CTR mode, this is the length of the counter
> > >      *   (which must be the same as the block length of the cipher).
> > >      */
> > >     le32 iv_len;
> > >     /* length of source data */
> > >     le32 src_data_len;
> > >     /* length of destination data */
> > >     le32 dst_data_len;
> > > };
> > >
> > > The future structure if supporting non-session based operations:
> > >
> > > struct virtio_crypto_cipher_para {
> > >     struct {
> > >         /* See VIRTIO_CRYPTO_CIPHER* above */
> > >         le32 algo;
> > >         /* length of key */
> > >         le32 keylen;
> > >
> > >         /* See VIRTIO_CRYPTO_OP_* above */
> > >         le32 op;
> > >     } sess_para;
> > >
> > >     /*
> > >      * Byte Length of valid IV/Counter data pointed to by the below iv
> data.
> > >      *
> > >      * For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or
> for
> > >      *   SNOW3G in UEA2 mode, this is the length of the IV (which
> > >      *   must be the same as the block length of the cipher).
> > >      * For block ciphers in CTR mode, this is the length of the counter
> > >      *   (which must be the same as the block length of the cipher).
> > >      */
> > >     le32 iv_len;
> > >     /* length of source data */
> > >     le32 src_data_len;
> > >     /* length of destination data */
> > >     le32 dst_data_len;
> > > };
> > >
> > > Thanks,
> > > -Gonglei
> >
> > So you will have to maintain both structures for when non-session based
> > feature is and aren't present. You will have to give them different
> > names, too.
> >
> OK, I get your point. :)
> 
> Thanks,
> -Gonglei
Halil Pasic Jan. 16, 2017, 1:58 p.m. UTC | #8
On 01/16/2017 01:43 PM, Gonglei (Arei) wrote:
> Hi Michael and others,
> 
> I'd like to redefine struct virtio_crypto_op_data_req is as below: 
> 
> struct virtio_crypto_op_data_req {
>     struct virtio_crypto_op_header header;
> 
>     union {
>         struct virtio_crypto_sym_data_req   sym_req;
>         struct virtio_crypto_hash_data_req  hash_req;
>         struct virtio_crypto_mac_data_req   mac_req;
>         struct virtio_crypto_aead_data_req  aead_req;
>         struct virtio_crypto_sym_data_req_non_sess   sym_non_sess_req;
>         struct virtio_crypto_hash_data_req_non_sess  hash_non_sess_req;
>         struct virtio_crypto_mac_data_req_non_sess   mac_non_sess_req;
>         struct virtio_crypto_aead_data_req_non_sess  aead_non_sess_req;
> 		__u8 padding[72];
>     } u;
> };
> 
> The length of union in the structure will be changed, which from current 48 byte to 72 byte.
> 
> We couldn't redefine a structure named virtio_crypto_op_data_req_non_sess,
> Because the feature bits are for crypto services, not for the wrapper packet request.
> 

You mean virtio_crypto_op_data_req.virtio_crypto_op_header.flags
are conceptually meant for something else and using that field woulb
be misuse?


> It's impossible to mixed use struct virtio_crypto_op_data_req and 
> struct named virtio_crypto_op_data_req_non_sess for one data virtqueue.
> 

I do not understand what are you trying to say here. I think you
should tell us what is the new feature and how it is guarded.

Would this mean that session or non-session mode will be tied
to the whole device, or to one data-queue. If it's data-queue
level how is it controlled (e.g. control queue)?

I guess virtio_crypto_op_data_req.virtio_crypto_op_header.session_id
would become meaningless in case of non_sess?

> For driver compabity, I can submit patches for linux dirver and Qemu to change the length
> of struct virtio_crypto_op_data_req.u
> 
> Is the approach available?
>

In general and AFAIU any new behavior is possible, iff it
is appropriately guarded by some negotiation mechanism and
does not break per-existing code which knows nothing about
the new stuff.

I would not mind seeing a spec re-spin with a proper
proposal for session-less or stateless or whatever mode.

Cheers,
Halil
 
> Thanks,
> -Gonglei
> 
> 
>> -----Original Message-----
>> From: Gonglei (Arei)
>> Sent: Saturday, January 14, 2017 9:21 AM
>> To: 'Michael S. Tsirkin'
>> Cc: Halil Pasic; qemu-devel@nongnu.org; virtio-dev@lists.oasis-open.org;
>> Huangweidong (C); john.griffin@intel.com; cornelia.huck@de.ibm.com;
>> Zhoujian (jay, Euler); Varun.Sethi@freescale.com; denglingli@chinamobile.com;
>> arei.gonglei@hotmail.com; agraf@suse.de; nmorey@kalray.eu;
>> vincent.jardin@6wind.com; Ola.Liljedahl@arm.com; Luonengjun;
>> xin.zeng@intel.com; liang.j.ma@intel.com; stefanha@redhat.com; Shiqing Fan;
>> Jani Kokkonen; brian.a.keating@intel.com; Claudio Fontana;
>> mike.caraman@nxp.com; Wubin (H)
>> Subject: RE: [virtio-dev] Re: [Qemu-devel] [PATCH v15 0/2] virtio-crypto: virtio
>> crypto device specification
>>
>>>
>>> On Fri, Jan 13, 2017 at 02:54:29AM +0000, Gonglei (Arei) wrote:
>>>>
>>>>>
>>>>> On Thu, Jan 12, 2017 at 12:26:24PM +0000, Gonglei (Arei) wrote:
>>>>>> Hi,
>>>>>>
>>>>>>
>>>>>>>
>>>>>>> On 01/04/2017 11:10 AM, Gonglei (Arei) wrote:
>>>>>>>> Hi all,
>>>>>>>>
>>>>>>>> I attach the diff files between v14 and v15 for better review.
>>>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> only had a quick look. Will try to come back to this later.
>>>>>>>
>>>>>> That's cool.
>>>>>>
>>>>>>>> diff --git a/virtio-crypto.tex b/virtio-crypto.tex
>>>>>>>> index 9f7faf0..884ee95 100644
>>>>>>>> --- a/virtio-crypto.tex
>>>>>>>> +++ b/virtio-crypto.tex
>>>>>>>> @@ -2,8 +2,8 @@
>>>>>>>>
>>>>>>>>  The virtio crypto device is a virtual cryptography device as well as a
>>> kind
>>>>> of
>>>>>>>>  virtual hardware accelerator for virtual machines. The encryption
>>> and
>>>>>>>> -decryption requests are placed in the data queue and are ultimately
>>>>> handled
>>>>>>> by the
>>>>>>>> -backend crypto accelerators. The second queue is the control queue
>>> used
>>>>> to
>>>>>>> create
>>>>>>>> +decryption requests are placed in any of the data active queues and
>>> are
>>>>>>> ultimately handled by the
>>>>>>> s/data active/active data/
>>>>>>>> +backend crypto accelerators. The second kind of queue is the
>> control
>>>>> queue
>>>>>>> used to create
>>>>>>>>  or destroy sessions for symmetric algorithms and will control some
>>>>>>> advanced
>>>>>>>>  features in the future. The virtio crypto device provides the
>> following
>>>>> crypto
>>>>>>>>  services: CIPHER, MAC, HASH, and AEAD.
>>>>>>>
>>>>>>> [..]
>>>>>>>
>>>>>>>> ===============The below diff shows the changes of add
>>> non-session
>>>>> mode
>>>>>>> support:
>>>>>>>>
>>>>>>>> diff --git a/virtio-crypto.tex b/virtio-crypto.tex
>>>>>>>> index 884ee95..44819f9 100644
>>>>>>>> --- a/virtio-crypto.tex
>>>>>>>> +++ b/virtio-crypto.tex
>>>>>>>> @@ -26,7 +26,10 @@ N is set by \field{max_dataqueues}.
>>>>>>>>
>>>>>>>>  \subsection{Feature bits}\label{sec:Device Types / Crypto Device /
>>>>> Feature
>>>>>>> bits}
>>>>>>>>
>>>>>>>> -None currently defined.
>>>>>>>> +VIRTIO_CRYPTO_F_CIPHER_SESSION_MODE (1) Session mode is
>>>>> available
>>>>>>> for CIPHER service.
>>>>>>>> +VIRTIO_CRYPTO_F_HASH_SESSION_MODE (2) Session mode is
>>> available
>>>>> for
>>>>>>> HASH service.
>>>>>>>> +VIRTIO_CRYPTO_F_MAC_SESSION_MODE (3) Session mode is
>>> available
>>>>> for
>>>>>>> MAC service.
>>>>>>>> +VIRTIO_CRYPTO_F_AEAD_SESSION_MODE (4) Session mode is
>>> available
>>>>> for
>>>>>>> AEAD service.
>>>>>>>>
>>>>>>>>  \subsection{Device configuration layout}\label{sec:Device Types /
>>>>> Crypto
>>>>>>> Device / Device configuration layout}
>>>>>>>>
>>>>>>>> @@ -208,6 +211,9 @@ Operation parameters are
>> algorithm-specific
>>>>>>> parameters, output data is the
>>>>>>>>  data that should be utilized in operations, and input data is equal
>> to
>>>>>>>>  "operation result + result data".
>>>>>>>>
>>>>>>>> +The device can support both session mode (See \ref{sec:Device
>> Types
>>> /
>>>>>>> Crypto Device / Device Operation / Control Virtqueue / Session
>>> operation})
>>>>> and
>>>>>>> non-session mode, for example,
>>>>>>>> +As VIRTIO_CRYPTO_F_CIPHER_SESSION feature bit is negotiated,
>>> the
>>>>> driver
>>>>>>> can use session mode for CIPHER service, otherwise it can only use
>>>>> non-session
>>>>>>> mode.
>>>>>>>> +
>>>>>>>
>>>>>>> As far as I understand you are adding non-session mode to the mix but
>>>>>>> providing feature bits for session mode. Would this render the the
>>> current
>>>>>>> implementation non-compliant?
>>>>>>>
>>>>>> You are right, shall we use feature bits for non-session mode for
>>> compliancy?
>>>>>> Or because the spec is on the fly, and some structures in the
>>> virtio_crypto.h
>>>>> need to
>>>>>> be modified, can we keep the compliancy completely?
>>>>>>
>>>>>> Thanks,
>>>>>> -Gonglei
>>>>>
>>>>> Since there's a linux driver upstream you must at least
>>>>> keep compatibility with that.
>>>>>
>>>> Sure. We use feature bits for non-session mode then.
>>>> For structures modification, do we need to do some specific
>>>> actions for compatibility?  Take CIPHER service as an example:
>>>>
>>>> The present structure:
>>>>
>>>> struct virtio_crypto_cipher_para {
>>>>     /*
>>>>      * Byte Length of valid IV/Counter data pointed to by the below iv
>> data.
>>>>      *
>>>>      * For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or
>> for
>>>>      *   SNOW3G in UEA2 mode, this is the length of the IV (which
>>>>      *   must be the same as the block length of the cipher).
>>>>      * For block ciphers in CTR mode, this is the length of the counter
>>>>      *   (which must be the same as the block length of the cipher).
>>>>      */
>>>>     le32 iv_len;
>>>>     /* length of source data */
>>>>     le32 src_data_len;
>>>>     /* length of destination data */
>>>>     le32 dst_data_len;
>>>> };
>>>>
>>>> The future structure if supporting non-session based operations:
>>>>
>>>> struct virtio_crypto_cipher_para {
>>>>     struct {
>>>>         /* See VIRTIO_CRYPTO_CIPHER* above */
>>>>         le32 algo;
>>>>         /* length of key */
>>>>         le32 keylen;
>>>>
>>>>         /* See VIRTIO_CRYPTO_OP_* above */
>>>>         le32 op;
>>>>     } sess_para;
>>>>
>>>>     /*
>>>>      * Byte Length of valid IV/Counter data pointed to by the below iv
>> data.
>>>>      *
>>>>      * For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or
>> for
>>>>      *   SNOW3G in UEA2 mode, this is the length of the IV (which
>>>>      *   must be the same as the block length of the cipher).
>>>>      * For block ciphers in CTR mode, this is the length of the counter
>>>>      *   (which must be the same as the block length of the cipher).
>>>>      */
>>>>     le32 iv_len;
>>>>     /* length of source data */
>>>>     le32 src_data_len;
>>>>     /* length of destination data */
>>>>     le32 dst_data_len;
>>>> };
>>>>
>>>> Thanks,
>>>> -Gonglei
>>>
>>> So you will have to maintain both structures for when non-session based
>>> feature is and aren't present. You will have to give them different
>>> names, too.
>>>
>> OK, I get your point. :)
>>
>> Thanks,
>> -Gonglei
> 
>
Gonglei (Arei) Jan. 17, 2017, 2:49 a.m. UTC | #9
Hi Halil,

> 
> On 01/16/2017 01:43 PM, Gonglei (Arei) wrote:
> > Hi Michael and others,
> >
> > I'd like to redefine struct virtio_crypto_op_data_req is as below:
> >
> > struct virtio_crypto_op_data_req {
> >     struct virtio_crypto_op_header header;
> >
> >     union {
> >         struct virtio_crypto_sym_data_req   sym_req;
> >         struct virtio_crypto_hash_data_req  hash_req;
> >         struct virtio_crypto_mac_data_req   mac_req;
> >         struct virtio_crypto_aead_data_req  aead_req;
> >         struct virtio_crypto_sym_data_req_non_sess
> sym_non_sess_req;
> >         struct virtio_crypto_hash_data_req_non_sess
> hash_non_sess_req;
> >         struct virtio_crypto_mac_data_req_non_sess
> mac_non_sess_req;
> >         struct virtio_crypto_aead_data_req_non_sess
> aead_non_sess_req;
> > 		__u8 padding[72];
> >     } u;
> > };
> >
> > The length of union in the structure will be changed, which from current 48
> byte to 72 byte.
> >
> > We couldn't redefine a structure named
> virtio_crypto_op_data_req_non_sess,
> > Because the feature bits are for crypto services, not for the wrapper packet
> request.
> >
> 
> You mean virtio_crypto_op_data_req.virtio_crypto_op_header.flags
> are conceptually meant for something else and using that field woulb
> be misuse?
> 
Nope...
> 
> > It's impossible to mixed use struct virtio_crypto_op_data_req and
> > struct named virtio_crypto_op_data_req_non_sess for one data virtqueue.
> >
> 
> I do not understand what are you trying to say here. I think you
> should tell us what is the new feature and how it is guarded.
> 
> Would this mean that session or non-session mode will be tied
> to the whole device, or to one data-queue. If it's data-queue
> level how is it controlled (e.g. control queue)?
> 
... I'm so sorry for confusing explanation. Let me try to explain it more clear.

1 ) The first idea: For support non-session mode crypto operations, I introduce 4 feature bits
for different crypto services, they are:

VIRTIO_CRYPTO_F_CIPHER_NON_SESSION_MODE (1) non-session mode is available for CIPHER service.
VIRTIO_CRYPTO_F_HASH_NON_SESSION_MODE (2) non-session mode is available for HASH service.
VIRTIO_CRYPTO_F_MAC_NON_SESSION_MODE (3) non-session mode is available for MAC service.
VIRTIO_CRYPTO_F_AEAD_NON_SESSION_MODE (4) non-session mode is available for AEAD service.

but not only one feature bit, something like:

VIRTIO_CRYPTO_F_ NON_SESSION_MODE (1) non-session mode is available.

Meanwhile, I define 4 new non-session mode structures for different crypto
services in order to keep compatibility to pre-existing driver.

-*Advantages*:

a) We can support different modes for different crypto services
according to which features are negotiated.

b) The driver can still use the session mode when VIRTIO_CRYPTO_F_*_NON_SESSION_MODE are negotiated,
which is under control by virtio_crypto_op_data_req.virtio_crypto_op_header.flags.

- *Disadvantages*:

The current crypto packets of all
crypto services (CIPHER, HASH, MAC and AEAD) are wrapped in structure
virtio_crypto_op_data_req by an union in the data plane.

It will change the length of the union and break the pre-existing code
if still lay all non-session mode structures in strut virtio_crypto_op_data_req
like this:

struct virtio_crypto_op_data_req {
    struct virtio_crypto_op_header header;

    union {
        struct virtio_crypto_sym_data_req   sym_req;
        struct virtio_crypto_hash_data_req  hash_req;
        struct virtio_crypto_mac_data_req   mac_req;
        struct virtio_crypto_aead_data_req  aead_req;
        struct virtio_crypto_sym_data_req_non_sess   sym_non_sess_req;
        struct virtio_crypto_hash_data_req_non_sess  hash_non_sess_req;
        struct virtio_crypto_mac_data_req_non_sess   mac_non_sess_req;
        struct virtio_crypto_aead_data_req_non_sess  aead_non_sess_req;
		__u8 padding[72];
    } u;
};

So I should submit patches to fix them.

2) Another idea is define a non-session mode structure for strut virtio_crypto_op_data_req.

struct virtio_crypto_op_data_req_non_sess {
    struct virtio_crypto_op_header header;

    union {
        struct virtio_crypto_sym_data_req_non_sess   sym_non_sess_req;
        struct virtio_crypto_hash_data_req_non_sess  hash_non_sess_req;
        struct virtio_crypto_mac_data_req_non_sess   mac_non_sess_req;
        struct virtio_crypto_aead_data_req_non_sess  aead_non_sess_req;
		__u8 padding[72];
    } u;
};

And keep the pre-existing strut virtio_crypto_op_data_req:

struct virtio_crypto_op_data_req {
    struct virtio_crypto_op_header header;

    union {
        struct virtio_crypto_sym_data_req   sym_req;
        struct virtio_crypto_hash_data_req  hash_req;
        struct virtio_crypto_mac_data_req   mac_req;
        struct virtio_crypto_aead_data_req  aead_req;
		__u8 padding[48];
    } u;
};

- *Advantages*: 

Don't break the pre-existing code.

- *Disadvantages*: 

Can't support feature bits for different crypto services,
only the whole device. That means we should only use the below feature
bit:

VIRTIO_CRYPTO_F_ NON_SESSION_MODE (1) non-session mode is available.


3) The last idea is define a mixed structure for strut virtio_crypto_op_data_req.

struct virtio_crypto_op_data_req_mixed {
    struct virtio_crypto_op_header header;

    union {
        struct virtio_crypto_sym_data_req   sym_req;
        struct virtio_crypto_hash_data_req  hash_req;
        struct virtio_crypto_mac_data_req   mac_req;
        struct virtio_crypto_aead_data_req  aead_req;
        struct virtio_crypto_sym_data_req_non_sess   sym_non_sess_req;
        struct virtio_crypto_hash_data_req_non_sess  hash_non_sess_req;
        struct virtio_crypto_mac_data_req_non_sess   mac_non_sess_req;
        struct virtio_crypto_aead_data_req_non_sess  aead_non_sess_req;
		__u8 padding[72];
    } u;
};

And keep the pre-existing strut virtio_crypto_op_data_req:

struct virtio_crypto_op_data_req {
    struct virtio_crypto_op_header header;

    union {
        struct virtio_crypto_sym_data_req   sym_req;
        struct virtio_crypto_hash_data_req  hash_req;
        struct virtio_crypto_mac_data_req   mac_req;
        struct virtio_crypto_aead_data_req  aead_req;
		__u8 padding[48];
    } u;
};

That means we should use below five feature bits:

VIRTIO_CRYPTO_F_ NON_SESSION_MODE (0) non-session mode is available.
VIRTIO_CRYPTO_F_CIPHER_NON_SESSION_MODE (1) non-session mode is available for CIPHER service.
VIRTIO_CRYPTO_F_HASH_NON_SESSION_MODE (2) non-session mode is available for HASH service.
VIRTIO_CRYPTO_F_MAC_NON_SESSION_MODE (3) non-session mode is available for MAC service.
VIRTIO_CRYPTO_F_AEAD_NON_SESSION_MODE (4) non-session mode is available for AEAD service.

-*Advantages*:

Both idea 1) and 2).

-*Disadvantages*:

None.

What's your opinion? Thanks a lot!


> I guess virtio_crypto_op_data_req.virtio_crypto_op_header.session_id
> would become meaningless in case of non_sess?
> 
That's true.

> > For driver compabity, I can submit patches for linux dirver and Qemu to
> change the length
> > of struct virtio_crypto_op_data_req.u
> >
> > Is the approach available?
> >
> 
> In general and AFAIU any new behavior is possible, iff it
> is appropriately guarded by some negotiation mechanism and
> does not break per-existing code which knows nothing about
> the new stuff.
> 
> I would not mind seeing a spec re-spin with a proper
> proposal for session-less or stateless or whatever mode.
> 

Thanks,
-Gonglei

> Cheers,
> Halil
> 
> > Thanks,
> > -Gonglei
> >
> >
> >> -----Original Message-----
> >> From: Gonglei (Arei)
> >> Sent: Saturday, January 14, 2017 9:21 AM
> >> Subject: RE: [virtio-dev] Re: [Qemu-devel] [PATCH v15 0/2] virtio-crypto:
> virtio
> >> crypto device specification
> >>
> >>>
> >>> On Fri, Jan 13, 2017 at 02:54:29AM +0000, Gonglei (Arei) wrote:
> >>>>
> >>>>>
> >>>>> On Thu, Jan 12, 2017 at 12:26:24PM +0000, Gonglei (Arei) wrote:
> >>>>>> Hi,
> >>>>>>
> >>>>>>
> >>>>>>>
> >>>>>>> On 01/04/2017 11:10 AM, Gonglei (Arei) wrote:
> >>>>>>>> Hi all,
> >>>>>>>>
> >>>>>>>> I attach the diff files between v14 and v15 for better review.
> >>>>>>>>
> >>>>>>> Hi,
> >>>>>>>
> >>>>>>> only had a quick look. Will try to come back to this later.
> >>>>>>>
> >>>>>> That's cool.
> >>>>>>
> >>>>>>>> diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> >>>>>>>> index 9f7faf0..884ee95 100644
> >>>>>>>> --- a/virtio-crypto.tex
> >>>>>>>> +++ b/virtio-crypto.tex
> >>>>>>>> @@ -2,8 +2,8 @@
> >>>>>>>>
> >>>>>>>>  The virtio crypto device is a virtual cryptography device as well as a
> >>> kind
> >>>>> of
> >>>>>>>>  virtual hardware accelerator for virtual machines. The encryption
> >>> and
> >>>>>>>> -decryption requests are placed in the data queue and are ultimately
> >>>>> handled
> >>>>>>> by the
> >>>>>>>> -backend crypto accelerators. The second queue is the control queue
> >>> used
> >>>>> to
> >>>>>>> create
> >>>>>>>> +decryption requests are placed in any of the data active queues and
> >>> are
> >>>>>>> ultimately handled by the
> >>>>>>> s/data active/active data/
> >>>>>>>> +backend crypto accelerators. The second kind of queue is the
> >> control
> >>>>> queue
> >>>>>>> used to create
> >>>>>>>>  or destroy sessions for symmetric algorithms and will control some
> >>>>>>> advanced
> >>>>>>>>  features in the future. The virtio crypto device provides the
> >> following
> >>>>> crypto
> >>>>>>>>  services: CIPHER, MAC, HASH, and AEAD.
> >>>>>>>
> >>>>>>> [..]
> >>>>>>>
> >>>>>>>> ===============The below diff shows the changes of add
> >>> non-session
> >>>>> mode
> >>>>>>> support:
> >>>>>>>>
> >>>>>>>> diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> >>>>>>>> index 884ee95..44819f9 100644
> >>>>>>>> --- a/virtio-crypto.tex
> >>>>>>>> +++ b/virtio-crypto.tex
> >>>>>>>> @@ -26,7 +26,10 @@ N is set by \field{max_dataqueues}.
> >>>>>>>>
> >>>>>>>>  \subsection{Feature bits}\label{sec:Device Types / Crypto Device /
> >>>>> Feature
> >>>>>>> bits}
> >>>>>>>>
> >>>>>>>> -None currently defined.
> >>>>>>>> +VIRTIO_CRYPTO_F_CIPHER_SESSION_MODE (1) Session mode is
> >>>>> available
> >>>>>>> for CIPHER service.
> >>>>>>>> +VIRTIO_CRYPTO_F_HASH_SESSION_MODE (2) Session mode is
> >>> available
> >>>>> for
> >>>>>>> HASH service.
> >>>>>>>> +VIRTIO_CRYPTO_F_MAC_SESSION_MODE (3) Session mode is
> >>> available
> >>>>> for
> >>>>>>> MAC service.
> >>>>>>>> +VIRTIO_CRYPTO_F_AEAD_SESSION_MODE (4) Session mode is
> >>> available
> >>>>> for
> >>>>>>> AEAD service.
> >>>>>>>>
> >>>>>>>>  \subsection{Device configuration layout}\label{sec:Device Types /
> >>>>> Crypto
> >>>>>>> Device / Device configuration layout}
> >>>>>>>>
> >>>>>>>> @@ -208,6 +211,9 @@ Operation parameters are
> >> algorithm-specific
> >>>>>>> parameters, output data is the
> >>>>>>>>  data that should be utilized in operations, and input data is equal
> >> to
> >>>>>>>>  "operation result + result data".
> >>>>>>>>
> >>>>>>>> +The device can support both session mode (See \ref{sec:Device
> >> Types
> >>> /
> >>>>>>> Crypto Device / Device Operation / Control Virtqueue / Session
> >>> operation})
> >>>>> and
> >>>>>>> non-session mode, for example,
> >>>>>>>> +As VIRTIO_CRYPTO_F_CIPHER_SESSION feature bit is negotiated,
> >>> the
> >>>>> driver
> >>>>>>> can use session mode for CIPHER service, otherwise it can only use
> >>>>> non-session
> >>>>>>> mode.
> >>>>>>>> +
> >>>>>>>
> >>>>>>> As far as I understand you are adding non-session mode to the mix but
> >>>>>>> providing feature bits for session mode. Would this render the the
> >>> current
> >>>>>>> implementation non-compliant?
> >>>>>>>
> >>>>>> You are right, shall we use feature bits for non-session mode for
> >>> compliancy?
> >>>>>> Or because the spec is on the fly, and some structures in the
> >>> virtio_crypto.h
> >>>>> need to
> >>>>>> be modified, can we keep the compliancy completely?
> >>>>>>
> >>>>>> Thanks,
> >>>>>> -Gonglei
> >>>>>
> >>>>> Since there's a linux driver upstream you must at least
> >>>>> keep compatibility with that.
> >>>>>
> >>>> Sure. We use feature bits for non-session mode then.
> >>>> For structures modification, do we need to do some specific
> >>>> actions for compatibility?  Take CIPHER service as an example:
> >>>>
> >>>> The present structure:
> >>>>
> >>>> struct virtio_crypto_cipher_para {
> >>>>     /*
> >>>>      * Byte Length of valid IV/Counter data pointed to by the below iv
> >> data.
> >>>>      *
> >>>>      * For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or
> >> for
> >>>>      *   SNOW3G in UEA2 mode, this is the length of the IV (which
> >>>>      *   must be the same as the block length of the cipher).
> >>>>      * For block ciphers in CTR mode, this is the length of the counter
> >>>>      *   (which must be the same as the block length of the cipher).
> >>>>      */
> >>>>     le32 iv_len;
> >>>>     /* length of source data */
> >>>>     le32 src_data_len;
> >>>>     /* length of destination data */
> >>>>     le32 dst_data_len;
> >>>> };
> >>>>
> >>>> The future structure if supporting non-session based operations:
> >>>>
> >>>> struct virtio_crypto_cipher_para {
> >>>>     struct {
> >>>>         /* See VIRTIO_CRYPTO_CIPHER* above */
> >>>>         le32 algo;
> >>>>         /* length of key */
> >>>>         le32 keylen;
> >>>>
> >>>>         /* See VIRTIO_CRYPTO_OP_* above */
> >>>>         le32 op;
> >>>>     } sess_para;
> >>>>
> >>>>     /*
> >>>>      * Byte Length of valid IV/Counter data pointed to by the below iv
> >> data.
> >>>>      *
> >>>>      * For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or
> >> for
> >>>>      *   SNOW3G in UEA2 mode, this is the length of the IV (which
> >>>>      *   must be the same as the block length of the cipher).
> >>>>      * For block ciphers in CTR mode, this is the length of the counter
> >>>>      *   (which must be the same as the block length of the cipher).
> >>>>      */
> >>>>     le32 iv_len;
> >>>>     /* length of source data */
> >>>>     le32 src_data_len;
> >>>>     /* length of destination data */
> >>>>     le32 dst_data_len;
> >>>> };
> >>>>
> >>>> Thanks,
> >>>> -Gonglei
> >>>
> >>> So you will have to maintain both structures for when non-session based
> >>> feature is and aren't present. You will have to give them different
> >>> names, too.
> >>>
> >> OK, I get your point. :)
> >>
> >> Thanks,
> >> -Gonglei
> >
> >
Halil Pasic Jan. 18, 2017, 5:16 p.m. UTC | #10
On 01/17/2017 03:49 AM, Gonglei (Arei) wrote:
> Hi Halil,
> 
>>
>> On 01/16/2017 01:43 PM, Gonglei (Arei) wrote:
>>> Hi Michael and others,
>>>
>>> I'd like to redefine struct virtio_crypto_op_data_req is as below:
>>>
>>> struct virtio_crypto_op_data_req {
>>>     struct virtio_crypto_op_header header;
>>>
>>>     union {
>>>         struct virtio_crypto_sym_data_req   sym_req;
>>>         struct virtio_crypto_hash_data_req  hash_req;
>>>         struct virtio_crypto_mac_data_req   mac_req;
>>>         struct virtio_crypto_aead_data_req  aead_req;
>>>         struct virtio_crypto_sym_data_req_non_sess
>> sym_non_sess_req;
>>>         struct virtio_crypto_hash_data_req_non_sess
>> hash_non_sess_req;
>>>         struct virtio_crypto_mac_data_req_non_sess
>> mac_non_sess_req;
>>>         struct virtio_crypto_aead_data_req_non_sess
>> aead_non_sess_req;
>>> 		__u8 padding[72];
>>>     } u;
>>> };
>>>
>>> The length of union in the structure will be changed, which from current 48
>> byte to 72 byte.

Quoting seems broken :(

>>>
>>> We couldn't redefine a structure named
>> virtio_crypto_op_data_req_non_sess,
>>> Because the feature bits are for crypto services, not for the wrapper packet
>> request.
>>>
>>
>> You mean virtio_crypto_op_data_req.virtio_crypto_op_header.flags
>> are conceptually meant for something else and using that field woulb
>> be misuse?
>>
> Nope...
>>

I'm having huge difficulties following you. Please tell me what was
the intended meaning of the sentence I commented! About which
flags are you talking?

>>> It's impossible to mixed use struct virtio_crypto_op_data_req and
>>> struct named virtio_crypto_op_data_req_non_sess for one data virtqueue.
>>>
>>
>> I do not understand what are you trying to say here. I think you
>> should tell us what is the new feature and how it is guarded.
>>
>> Would this mean that session or non-session mode will be tied
>> to the whole device, or to one data-queue. If it's data-queue
>> level how is it controlled (e.g. control queue)?
>>
> ... I'm so sorry for confusing explanation. Let me try to explain it more clear.

Which explanation? Now I see three ideas as a more clear explanation
where I figured we are discussing one idea.

> 
> 1 ) The first idea: For support non-session mode crypto operations, I introduce 4 feature bits
> for different crypto services, they are:
> 
> VIRTIO_CRYPTO_F_CIPHER_NON_SESSION_MODE (1) non-session mode is available for CIPHER service.
> VIRTIO_CRYPTO_F_HASH_NON_SESSION_MODE (2) non-session mode is available for HASH service.
> VIRTIO_CRYPTO_F_MAC_NON_SESSION_MODE (3) non-session mode is available for MAC service.
> VIRTIO_CRYPTO_F_AEAD_NON_SESSION_MODE (4) non-session mode is available for AEAD service.
> 
> but not only one feature bit, something like:
> 
> VIRTIO_CRYPTO_F_ NON_SESSION_MODE (1) non-session mode is available.
> 
> Meanwhile, I define 4 new non-session mode structures for different crypto
> services in order to keep compatibility to pre-existing driver.
> 
> -*Advantages*:
> 
> a) We can support different modes for different crypto services
> according to which features are negotiated.
> 
> b) The driver can still use the session mode when VIRTIO_CRYPTO_F_*_NON_SESSION_MODE are negotiated,
> which is under control by virtio_crypto_op_data_req.virtio_crypto_op_header.flags.
> 
> - *Disadvantages*:
> 
> The current crypto packets of all
> crypto services (CIPHER, HASH, MAC and AEAD) are wrapped in structure
> virtio_crypto_op_data_req by an union in the data plane.
> 
> It will change the length of the union and break the pre-existing code
> if still lay all non-session mode structures in strut virtio_crypto_op_data_req
> like this:
> 
> struct virtio_crypto_op_data_req {
>     struct virtio_crypto_op_header header;
> 
>     union {
>         struct virtio_crypto_sym_data_req   sym_req;
>         struct virtio_crypto_hash_data_req  hash_req;
>         struct virtio_crypto_mac_data_req   mac_req;
>         struct virtio_crypto_aead_data_req  aead_req;
>         struct virtio_crypto_sym_data_req_non_sess   sym_non_sess_req;
>         struct virtio_crypto_hash_data_req_non_sess  hash_non_sess_req;
>         struct virtio_crypto_mac_data_req_non_sess   mac_non_sess_req;
>         struct virtio_crypto_aead_data_req_non_sess  aead_non_sess_req;
> 		__u8 padding[72];
>     } u;
> };

Yeah if you say a request has to look like this regardless
of negotiated features, then you render the currently upstream
code non-conform. That's pretty much a decisive disadvantage!

> 
> So I should submit patches to fix them.

And IMHO you can not fix that with patches because it's already
released -- and you would have to travel back in time to fix
it in time.

> 
> 2) Another idea is define a non-session mode structure for strut virtio_crypto_op_data_req.
> 
> struct virtio_crypto_op_data_req_non_sess {
>     struct virtio_crypto_op_header header;
> 
>     union {
>         struct virtio_crypto_sym_data_req_non_sess   sym_non_sess_req;
>         struct virtio_crypto_hash_data_req_non_sess  hash_non_sess_req;
>         struct virtio_crypto_mac_data_req_non_sess   mac_non_sess_req;
>         struct virtio_crypto_aead_data_req_non_sess  aead_non_sess_req;
> 		__u8 padding[72];
>     } u;
> };
> 
> And keep the pre-existing strut virtio_crypto_op_data_req:
> 
> struct virtio_crypto_op_data_req {
>     struct virtio_crypto_op_header header;
> 
>     union {
>         struct virtio_crypto_sym_data_req   sym_req;
>         struct virtio_crypto_hash_data_req  hash_req;
>         struct virtio_crypto_mac_data_req   mac_req;
>         struct virtio_crypto_aead_data_req  aead_req;
> 		__u8 padding[48];
>     } u;
> };
> 
> - *Advantages*: 
> 
> Don't break the pre-existing code.
> 
> - *Disadvantages*: 
> 
> Can't support feature bits for different crypto services,
> only the whole device. That means we should only use the below feature

I do not see why, and I do not see why should we want to have
separate feature bits for each service.

> bit:
> 
> VIRTIO_CRYPTO_F_ NON_SESSION_MODE (1) non-session mode is available.
> 
> 
> 3) The last idea is define a mixed structure for strut virtio_crypto_op_data_req.
> 
> struct virtio_crypto_op_data_req_mixed {
>     struct virtio_crypto_op_header header;
> 
>     union {
>         struct virtio_crypto_sym_data_req   sym_req;
>         struct virtio_crypto_hash_data_req  hash_req;
>         struct virtio_crypto_mac_data_req   mac_req;
>         struct virtio_crypto_aead_data_req  aead_req;
>         struct virtio_crypto_sym_data_req_non_sess   sym_non_sess_req;
>         struct virtio_crypto_hash_data_req_non_sess  hash_non_sess_req;
>         struct virtio_crypto_mac_data_req_non_sess   mac_non_sess_req;
>         struct virtio_crypto_aead_data_req_non_sess  aead_non_sess_req;
> 		__u8 padding[72];
>     } u;
> };
> 
> And keep the pre-existing strut virtio_crypto_op_data_req:
> 
> struct virtio_crypto_op_data_req {
>     struct virtio_crypto_op_header header;
> 
>     union {
>         struct virtio_crypto_sym_data_req   sym_req;
>         struct virtio_crypto_hash_data_req  hash_req;
>         struct virtio_crypto_mac_data_req   mac_req;
>         struct virtio_crypto_aead_data_req  aead_req;
> 		__u8 padding[48];
>     } u;
> };
> 
> That means we should use below five feature bits:
> 
> VIRTIO_CRYPTO_F_ NON_SESSION_MODE (0) non-session mode is available.
> VIRTIO_CRYPTO_F_CIPHER_NON_SESSION_MODE (1) non-session mode is available for CIPHER service.
> VIRTIO_CRYPTO_F_HASH_NON_SESSION_MODE (2) non-session mode is available for HASH service.
> VIRTIO_CRYPTO_F_MAC_NON_SESSION_MODE (3) non-session mode is available for MAC service.
> VIRTIO_CRYPTO_F_AEAD_NON_SESSION_MODE (4) non-session mode is available for AEAD service.
> 
> -*Advantages*:
> 
> Both idea 1) and 2).
> 
> -*Disadvantages*:
> 
> None.
> 
> What's your opinion? Thanks a lot!
> 
> 

You kindly forget to tell us how it is to be decided which of the unioned
types is actually relevant for an instance. And also forget to tell
us which struct is used under which circumstances (that is feature
bits).

Well it does not matter. Have seen v16 and there you went for idea 3,
and decided to use virtio_crypto_op_header.flags to decide if we
have a session based or a stateless request at hand if feature bits
allow both. I will try to do a proper review there.

My opinion is that you should be more precise when describing
your ideas if you want to hear a more constrictive opinion than
this one. 

Cheers,
Halil
Gonglei (Arei) Jan. 19, 2017, 1:43 a.m. UTC | #11
> 
> On 01/17/2017 03:49 AM, Gonglei (Arei) wrote:
> > Hi Halil,
> >
> >>
> >> On 01/16/2017 01:43 PM, Gonglei (Arei) wrote:
> >>> Hi Michael and others,
> >>>
> >>> I'd like to redefine struct virtio_crypto_op_data_req is as below:
> >>>
> >>> struct virtio_crypto_op_data_req {
> >>>     struct virtio_crypto_op_header header;
> >>>
> >>>     union {
> >>>         struct virtio_crypto_sym_data_req   sym_req;
> >>>         struct virtio_crypto_hash_data_req  hash_req;
> >>>         struct virtio_crypto_mac_data_req   mac_req;
> >>>         struct virtio_crypto_aead_data_req  aead_req;
> >>>         struct virtio_crypto_sym_data_req_non_sess
> >> sym_non_sess_req;
> >>>         struct virtio_crypto_hash_data_req_non_sess
> >> hash_non_sess_req;
> >>>         struct virtio_crypto_mac_data_req_non_sess
> >> mac_non_sess_req;
> >>>         struct virtio_crypto_aead_data_req_non_sess
> >> aead_non_sess_req;
> >>> 		__u8 padding[72];
> >>>     } u;
> >>> };
> >>>
> >>> The length of union in the structure will be changed, which from current 48
> >> byte to 72 byte.
> 
> Quoting seems broken :(
> 
> >>>
> >>> We couldn't redefine a structure named
> >> virtio_crypto_op_data_req_non_sess,
> >>> Because the feature bits are for crypto services, not for the wrapper
> packet
> >> request.
> >>>
> >>
> >> You mean virtio_crypto_op_data_req.virtio_crypto_op_header.flags
> >> are conceptually meant for something else and using that field woulb
> >> be misuse?
> >>
> > Nope...
> >>
> 
> I'm having huge difficulties following you. Please tell me what was
> the intended meaning of the sentence I commented! About which
> flags are you talking?
> 
> >>> It's impossible to mixed use struct virtio_crypto_op_data_req and
> >>> struct named virtio_crypto_op_data_req_non_sess for one data virtqueue.
> >>>
> >>
> >> I do not understand what are you trying to say here. I think you
> >> should tell us what is the new feature and how it is guarded.
> >>
> >> Would this mean that session or non-session mode will be tied
> >> to the whole device, or to one data-queue. If it's data-queue
> >> level how is it controlled (e.g. control queue)?
> >>
> > ... I'm so sorry for confusing explanation. Let me try to explain it more clear.
> 
> Which explanation? Now I see three ideas as a more clear explanation
> where I figured we are discussing one idea.
> 
> >
> > 1 ) The first idea: For support non-session mode crypto operations, I introduce
> 4 feature bits
> > for different crypto services, they are:
> >
> > VIRTIO_CRYPTO_F_CIPHER_NON_SESSION_MODE (1) non-session mode is
> available for CIPHER service.
> > VIRTIO_CRYPTO_F_HASH_NON_SESSION_MODE (2) non-session mode is
> available for HASH service.
> > VIRTIO_CRYPTO_F_MAC_NON_SESSION_MODE (3) non-session mode is
> available for MAC service.
> > VIRTIO_CRYPTO_F_AEAD_NON_SESSION_MODE (4) non-session mode is
> available for AEAD service.
> >
> > but not only one feature bit, something like:
> >
> > VIRTIO_CRYPTO_F_ NON_SESSION_MODE (1) non-session mode is available.
> >
> > Meanwhile, I define 4 new non-session mode structures for different crypto
> > services in order to keep compatibility to pre-existing driver.
> >
> > -*Advantages*:
> >
> > a) We can support different modes for different crypto services
> > according to which features are negotiated.
> >
> > b) The driver can still use the session mode when
> VIRTIO_CRYPTO_F_*_NON_SESSION_MODE are negotiated,
> > which is under control by
> virtio_crypto_op_data_req.virtio_crypto_op_header.flags.
> >
> > - *Disadvantages*:
> >
> > The current crypto packets of all
> > crypto services (CIPHER, HASH, MAC and AEAD) are wrapped in structure
> > virtio_crypto_op_data_req by an union in the data plane.
> >
> > It will change the length of the union and break the pre-existing code
> > if still lay all non-session mode structures in strut virtio_crypto_op_data_req
> > like this:
> >
> > struct virtio_crypto_op_data_req {
> >     struct virtio_crypto_op_header header;
> >
> >     union {
> >         struct virtio_crypto_sym_data_req   sym_req;
> >         struct virtio_crypto_hash_data_req  hash_req;
> >         struct virtio_crypto_mac_data_req   mac_req;
> >         struct virtio_crypto_aead_data_req  aead_req;
> >         struct virtio_crypto_sym_data_req_non_sess
> sym_non_sess_req;
> >         struct virtio_crypto_hash_data_req_non_sess
> hash_non_sess_req;
> >         struct virtio_crypto_mac_data_req_non_sess
> mac_non_sess_req;
> >         struct virtio_crypto_aead_data_req_non_sess
> aead_non_sess_req;
> > 		__u8 padding[72];
> >     } u;
> > };
> 
> Yeah if you say a request has to look like this regardless
> of negotiated features, then you render the currently upstream
> code non-conform. That's pretty much a decisive disadvantage!
> 
> >
> > So I should submit patches to fix them.
> 
> And IMHO you can not fix that with patches because it's already
> released -- and you would have to travel back in time to fix
> it in time.
> 
> >
> > 2) Another idea is define a non-session mode structure for strut
> virtio_crypto_op_data_req.
> >
> > struct virtio_crypto_op_data_req_non_sess {
> >     struct virtio_crypto_op_header header;
> >
> >     union {
> >         struct virtio_crypto_sym_data_req_non_sess
> sym_non_sess_req;
> >         struct virtio_crypto_hash_data_req_non_sess
> hash_non_sess_req;
> >         struct virtio_crypto_mac_data_req_non_sess
> mac_non_sess_req;
> >         struct virtio_crypto_aead_data_req_non_sess
> aead_non_sess_req;
> > 		__u8 padding[72];
> >     } u;
> > };
> >
> > And keep the pre-existing strut virtio_crypto_op_data_req:
> >
> > struct virtio_crypto_op_data_req {
> >     struct virtio_crypto_op_header header;
> >
> >     union {
> >         struct virtio_crypto_sym_data_req   sym_req;
> >         struct virtio_crypto_hash_data_req  hash_req;
> >         struct virtio_crypto_mac_data_req   mac_req;
> >         struct virtio_crypto_aead_data_req  aead_req;
> > 		__u8 padding[48];
> >     } u;
> > };
> >
> > - *Advantages*:
> >
> > Don't break the pre-existing code.
> >
> > - *Disadvantages*:
> >
> > Can't support feature bits for different crypto services,
> > only the whole device. That means we should only use the below feature
> 
> I do not see why, and I do not see why should we want to have
> separate feature bits for each service.
> 

That's because we need fine control so that we can know use session or
non-session based packet structure for each crypto services.

> > bit:
> >
> > VIRTIO_CRYPTO_F_ NON_SESSION_MODE (1) non-session mode is available.
> >
> >
> > 3) The last idea is define a mixed structure for strut
> virtio_crypto_op_data_req.
> >
> > struct virtio_crypto_op_data_req_mixed {
> >     struct virtio_crypto_op_header header;
> >
> >     union {
> >         struct virtio_crypto_sym_data_req   sym_req;
> >         struct virtio_crypto_hash_data_req  hash_req;
> >         struct virtio_crypto_mac_data_req   mac_req;
> >         struct virtio_crypto_aead_data_req  aead_req;
> >         struct virtio_crypto_sym_data_req_non_sess
> sym_non_sess_req;
> >         struct virtio_crypto_hash_data_req_non_sess
> hash_non_sess_req;
> >         struct virtio_crypto_mac_data_req_non_sess
> mac_non_sess_req;
> >         struct virtio_crypto_aead_data_req_non_sess
> aead_non_sess_req;
> > 		__u8 padding[72];
> >     } u;
> > };
> >
> > And keep the pre-existing strut virtio_crypto_op_data_req:
> >
> > struct virtio_crypto_op_data_req {
> >     struct virtio_crypto_op_header header;
> >
> >     union {
> >         struct virtio_crypto_sym_data_req   sym_req;
> >         struct virtio_crypto_hash_data_req  hash_req;
> >         struct virtio_crypto_mac_data_req   mac_req;
> >         struct virtio_crypto_aead_data_req  aead_req;
> > 		__u8 padding[48];
> >     } u;
> > };
> >
> > That means we should use below five feature bits:
> >
> > VIRTIO_CRYPTO_F_ NON_SESSION_MODE (0) non-session mode is available.
> > VIRTIO_CRYPTO_F_CIPHER_NON_SESSION_MODE (1) non-session mode is
> available for CIPHER service.
> > VIRTIO_CRYPTO_F_HASH_NON_SESSION_MODE (2) non-session mode is
> available for HASH service.
> > VIRTIO_CRYPTO_F_MAC_NON_SESSION_MODE (3) non-session mode is
> available for MAC service.
> > VIRTIO_CRYPTO_F_AEAD_NON_SESSION_MODE (4) non-session mode is
> available for AEAD service.
> >
> > -*Advantages*:
> >
> > Both idea 1) and 2).
> >
> > -*Disadvantages*:
> >
> > None.
> >
> > What's your opinion? Thanks a lot!
> >
> >
> 
> You kindly forget to tell us how it is to be decided which of the unioned
> types is actually relevant for an instance. And also forget to tell
> us which struct is used under which circumstances (that is feature
> bits).
> 
Exactly, there're some descriptions in v16. 

> Well it does not matter. Have seen v16 and there you went for idea 3,
> and decided to use virtio_crypto_op_header.flags to decide if we
> have a session based or a stateless request at hand if feature bits
> allow both. I will try to do a proper review there.
> 
Yes. Looking forward to your feedback, thanks!

> My opinion is that you should be more precise when describing
> your ideas if you want to hear a more constrictive opinion than
> this one.
> 
Sure, sorry about that.

Thanks,
-Gonglei
diff mbox

Patch

diff --git a/virtio-crypto.tex b/virtio-crypto.tex
index 9f7faf0..884ee95 100644
--- a/virtio-crypto.tex
+++ b/virtio-crypto.tex
@@ -2,8 +2,8 @@ 
 
 The virtio crypto device is a virtual cryptography device as well as a kind of
 virtual hardware accelerator for virtual machines. The encryption and
-decryption requests are placed in the data queue and are ultimately handled by the
-backend crypto accelerators. The second queue is the control queue used to create 
+decryption requests are placed in any of the data active queues and are ultimately handled by the
+backend crypto accelerators. The second kind of queue is the control queue used to create 
 or destroy sessions for symmetric algorithms and will control some advanced
 features in the future. The virtio crypto device provides the following crypto
 services: CIPHER, MAC, HASH, and AEAD.
@@ -26,7 +26,7 @@  N is set by \field{max_dataqueues}.
 
 \subsection{Feature bits}\label{sec:Device Types / Crypto Device / Feature bits}
 
-Undefined currently.
+None currently defined.
 
 \subsection{Device configuration layout}\label{sec:Device Types / Crypto Device / Device configuration layout}
 
@@ -54,13 +54,14 @@  struct virtio_crypto_config {
 };
 \end{lstlisting}
 
-The value of the \field{status} field is VIRTIO_CRYPTO_S_HW_READY or VIRTIO_CRYPTO_S_STARTED.
+The value of the \field{status} field is VIRTIO_CRYPTO_S_HW_READY or ~VIRTIO_CRYPTO_S_HW_READY.
 
 \begin{lstlisting}
 #define VIRTIO_CRYPTO_S_HW_READY  (1 << 0)
-#define VIRTIO_CRYPTO_S_STARTED  (1 << 1)
 \end{lstlisting}
 
+The VIRTIO_CRYPTO_S_HW_READY flag is used to show whether the hardware is ready to work or not.
+
 The following driver-read-only fields include \field{max_dataqueues}, which specifies the
 maximum number of data virtqueues (dataq1\ldots dataqN), and \field{crypto_services},
 which indicates the crypto services the virtio crypto supports.
@@ -172,7 +173,7 @@  Any other value is reserved for future use.
 \item The driver MUST read the ready \field{status} from the bottom bit of status to check whether the hardware-backed
       implementation is ready or not, and the driver MUST reread it after the device reset. 
 \item The driver MUST NOT transmit any packets to the device if the ready \field{status} is not set.
-\item The driver MAY read \field{max_dataqueues} field to discover the number of data queues the device supports.
+\item The driver MUST read \field{max_dataqueues} field to discover the number of data queues the device supports.
 \item The driver MUST read \field{crypto_services} field to discover which services the device is able to offer.
 \item The driver MUST read the detailed algorithms fields based on \field{crypto_services} field.
 \item The driver SHOULD read \field{max_size} to discover the maximum size of crypto request the device supports.


===============The below diff shows the changes of add non-session mode support:

diff --git a/virtio-crypto.tex b/virtio-crypto.tex
index 884ee95..44819f9 100644
--- a/virtio-crypto.tex
+++ b/virtio-crypto.tex
@@ -26,7 +26,10 @@  N is set by \field{max_dataqueues}.
 
 \subsection{Feature bits}\label{sec:Device Types / Crypto Device / Feature bits}
 
-None currently defined.
+VIRTIO_CRYPTO_F_CIPHER_SESSION_MODE (1) Session mode is available for CIPHER service.
+VIRTIO_CRYPTO_F_HASH_SESSION_MODE (2) Session mode is available for HASH service.
+VIRTIO_CRYPTO_F_MAC_SESSION_MODE (3) Session mode is available for MAC service.
+VIRTIO_CRYPTO_F_AEAD_SESSION_MODE (4) Session mode is available for AEAD service.
 
 \subsection{Device configuration layout}\label{sec:Device Types / Crypto Device / Device configuration layout}
 
@@ -208,6 +211,9 @@  Operation parameters are algorithm-specific parameters, output data is the
 data that should be utilized in operations, and input data is equal to
 "operation result + result data".
 
+The device can support both session mode (See \ref{sec:Device Types / Crypto Device / Device Operation / Control Virtqueue / Session operation}) and non-session mode, for example,
+As VIRTIO_CRYPTO_F_CIPHER_SESSION feature bit is negotiated, the driver can use session mode for CIPHER service, otherwise it can only use non-session mode.
+
 \begin{note}
 The basic unit of all data length the byte.
 \end{note}
@@ -263,6 +269,8 @@  struct virtio_crypto_op_header {
     le32 algo;
     /* session_id should be service-specific algorithms */
     le64 session_id;
+#define VIRTIO_CRYPTO_FLAG_SESSION_MODE 1
+#define VIRTIO_CRYPTO_FLAG_NONE_SESSION_MODE 2
     /* control flag to control the request */
     le32 flag;
     le32 padding;
@@ -501,11 +509,11 @@  struct virtio_crypto_aead_session_para {
     le32 algo;
     /* length of key */
     le32 key_len;
-    /* hash result length */
-    le32 hash_result_len;
+    /* Authentication tag length */
+    le32 tag_len;
     /* The length of the additional authenticated data (AAD) in bytes */
     le32 aad_len;
-    /* encryption or decryption, See above VIRTIO_CRYPTO_* */
+    /* encryption or decryption, See above VIRTIO_CRYPTO_OP_* */
     le32 op;
     le32 padding;
 };
@@ -588,10 +596,16 @@  struct virtio_crypto_inhdr {
 
 \begin{lstlisting}
 struct virtio_crypto_hash_para {
+    struct {
+        /* See VIRTIO_CRYPTO_HASH_* above */
+        le32 algo;
+    } sess_para;
+
     /* length of source data */
     le32 src_data_len;
     /* hash result length */
     le32 hash_result_len;
+    le32 reserved;
 };
 
 struct virtio_crypto_hash_data_req {
@@ -617,9 +631,11 @@  The output data here includes the source data and the input data includes the ha
 \drivernormative{\paragraph}{HASH Service Operation}{Device Types / Crypto Device / Device Operation / HASH Service Operation}
 
 \begin{itemize*}
-\item The driver MUST set the \field{session_id} in struct virtio_crypto_op_header to a valid value which assigned by the device when a session is created.
+\item If the VIRTIO_CRYPTO_F_HASH_SESSION_MODE feature bit is negotiated and the driver uses the session mode, then the driver MUST set the \field{session_id} in struct virtio_crypto_op_header
+      to a valid value which assigned by the device when a session is created and MUST set \field{flag} field to VIRTIO_CRYPTO_FLAG_SESSION_MODE.
+\item If the VIRTIO_CRYPTO_F_HASH_SESSION_MODE feature bit is not negotiated or the driver doesn't use the session mode, then the driver MUST set \field{flag} field in struct virtio_crypto_op_header
+      to VIRTIO_CRYPTO_FLAG_SESSION_NONE_MODE and MUST set fields in struct virtio_crypto_hash_para.sess_para.
 \item The driver MUST set \field{opcode} in struct virtio_crypto_op_header to VIRTIO_CRYPTO_HASH.
-\item The driver MUST set the \field{queue_id} field to show used dataq in struct virtio_crypto_op_header.
 \end{itemize*}
 
 \devicenormative{\paragraph}{HASH Service Operation}{Device Types / Crypto Device / Device Operation / HASH Service Operation}
@@ -633,12 +649,24 @@  The output data here includes the source data and the input data includes the ha
 
 \begin{lstlisting}
 struct virtio_crypto_mac_para {
-    struct virtio_crypto_hash_para hash;
+    struct {
+        /* See VIRTIO_CRYPTO_MAC_* above */
+        le32 algo;
+        /* length of authenticated key */
+        le32 auth_key_len;
+    } sess_para;
+
+    /* length of source data */
+    le32 src_data_len;
+    /* hash result length */
+    le32 hash_result_len;
 };
 
 struct virtio_crypto_mac_data_req {
     /* Device-readable part */
     struct virtio_crypto_mac_para para;
+    /* The authenticated key */
+    u8 auth_key[auth_key_len];
     /* Source data */
     u8 src_data[src_data_len];
 
@@ -659,9 +687,11 @@  The output data here includes the source data and the input data includes the ha
 \drivernormative{\paragraph}{MAC Service Operation}{Device Types / Crypto Device / Device Operation / MAC Service Operation}
 
 \begin{itemize*}
-\item The driver MUST set the \field{session_id} in struct virtio_crypto_op_header to a valid value which assigned by the device when a session is created.
+\item If the VIRTIO_CRYPTO_F_MAC_SESSION_MODE feature bit is negotiated and the driver uses the session mode, then the driver MUST set the \field{session_id} in struct virtio_crypto_op_header
+      to a valid value which assigned by the device when a session is created and MUST set \field{flag} field to VIRTIO_CRYPTO_FLAG_SESSION_MODE.
+\item If the VIRTIO_CRYPTO_F_MAC_SESSION_MODE feature bit is not negotiated or the driver doesn't use the session mode, then the driver MUST set \field{flag} field in struct virtio_crypto_op_header
+      to VIRTIO_CRYPTO_FLAG_SESSION_NONE_MODE and MUST set fields in struct virtio_crypto_mac_para.sess_para.
 \item The driver MUST set \field{opcode} in struct virtio_crypto_op_header to VIRTIO_CRYPTO_MAC.
-\item The driver MUST set the \field{queue_id} field to show used dataq in struct virtio_crypto_op_header.
 \end{itemize*}
 
 \devicenormative{\paragraph}{MAC Service Operation}{Device Types / Crypto Device / Device Operation / MAC Service Operation}
@@ -677,6 +707,16 @@  The packet of plain CIPHER service is as follows:
 
 \begin{lstlisting}
 struct virtio_crypto_cipher_para {
+    struct {
+        /* See VIRTIO_CRYPTO_CIPHER* above */
+        le32 algo;
+        /* length of key */
+        le32 keylen;
+
+        /* See VIRTIO_CRYPTO_OP_* above */
+        le32 op;
+    } sess_para;
+
     /*
      * Byte Length of valid IV/Counter data pointed to by the below iv data.
      *
@@ -691,12 +731,13 @@  struct virtio_crypto_cipher_para {
     le32 src_data_len;
     /* length of destination data */
     le32 dst_data_len;
-    le32 padding;
 };
 
 struct virtio_crypto_cipher_data_req {
     /* Device-readable part */
     struct virtio_crypto_cipher_para para;
+    /* The cipher key */
+    u8 cipher_key[keylen];
     /*
      * Initialization Vector or Counter data.
      *
@@ -724,6 +765,31 @@  The packet of algorithm chaining is as follows:
 
 \begin{lstlisting}
 struct virtio_crypto_alg_chain_data_para {
+    struct {
+        /* See VIRTIO_CRYPTO_SYM_ALG_CHAIN_ORDER_* above */
+        le32 alg_chain_order;
+        /* length of the additional authenticated data in bytes */
+        le32 aad_len;
+
+        struct {
+            /* See VIRTIO_CRYPTO_CIPHER* above */
+            le32 algo;
+            /* length of key */
+            le32 keylen;
+            /* See VIRTIO_CRYPTO_OP_* above */
+            le32 op;
+        } cipher;
+
+        struct {
+            /* See VIRTIO_CRYPTO_HASH_* or VIRTIO_CRYPTO_MAC_* above */
+            le32 algo;
+            /* length of authenticated key */
+            le32 auth_key_len;
+            /* See VIRTIO_CRYPTO_SYM_HASH_MODE_* above */
+            le32 hash_mode;
+        } hash;
+    } sess_para;
+
     le32 iv_len;
     /* Length of source data */
     le32 src_data_len;
@@ -747,6 +813,10 @@  struct virtio_crypto_alg_chain_data_para {
 struct virtio_crypto_alg_chain_data_req {
     /* Device-readable part */
     struct virtio_crypto_alg_chain_data_para para;
+    /* The cipher key */
+    u8 cipher_key[keylen];
+    /* The auth key */
+    u8 auth_key[auth_key_len];
     /* Initialization Vector or Counter data */
     u8 iv[iv_len];
     /* Source data */
@@ -783,11 +853,11 @@  struct virtio_crypto_sym_data_req {
 Each data request uses virtio_crypto_sym_data_req structure to store information
 used to run the CIPHER operations. 
 
-The information includes the hash parameters stored by \field{para}, output data and input data.
+The information includes the cipher parameters stored by \field{para}, output data and input data.
 In the first virtio_crypto_cipher_para structure, \field{iv_len} specifies the length of the initialization vector or counter,
 \field{src_data_len} specifies the length of the source data, and \field{dst_data_len} specifies the
 length of the destination data. 
-For plain CIPHER operations, the output data here includes the IV/Counter data and source data, and the input data includes the destination data used to save the results of the CIPHER operations.
+For plain CIPHER operations, the output data here includes the IV/Counter data and source data, and the input data includes the destination data used to save the results of the CIPHER operations. 
 
 For algorithms chain, the output data here includes the IV/Counter data, source data and additional authenticated data if exists.
 The input data includes both destination data and hash result data used to store the results of the HASH/MAC operations.
@@ -796,21 +866,24 @@  The input data includes both destination data and hash result data used to store
 \drivernormative{\paragraph}{Symmetric algorithms Operation}{Device Types / Crypto Device / Device Operation / Symmetric algorithms Operation}
 
 \begin{itemize*}
-\item The driver MUST set the \field{session_id} in struct virtio_crypto_op_header to a valid value which assigned by the device when a session is created.
+\item If the VIRTIO_CRYPTO_F_CIPHER_SESSION_MODE feature bit is negotiated and the driver uses the session mode, then the driver MUST set the \field{session_id} in struct virtio_crypto_op_header
+      to a valid value which assigned by the device when a session is created and MUST set \field{flag} field to VIRTIO_CRYPTO_FLAG_SESSION_MODE.
+\item If the VIRTIO_CRYPTO_F_CIPHER_SESSION_MODE feature bit is not negotiated or the driver doesn't use the session mode, then the driver MUST set \field{flag} field in struct virtio_crypto_op_header
+      to VIRTIO_CRYPTO_FLAG_SESSION_NONE_MODE and MUST set fields in struct virtio_crypto_cipher_para.sess_para or struct virtio_crypto_alg_chain_data_para.sess_para.
 \item The driver MUST set \field{opcode} in struct virtio_crypto_op_header to VIRTIO_CRYPTO_CIPHER_ENCRYPT or VIRTIO_CRYPTO_CIPHER_DECRYPT.
-\item The driver MUST set the \field{queue_id} field to show used dataq in struct virtio_crypto_op_header.
-\item The driver MUST specify the fields of struct virtio_crypto_cipher_data_req in struct virtio_crypto_sym_data_req if the created session is based on VIRTIO_CRYPTO_SYM_OP_CIPHER.
-\item The driver MUST specify the fields of both struct virtio_crypto_cipher_data_req and struct virtio_crypto_mac_data_req in struct virtio_crypto_sym_data_req if the created session
-\item is of the VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING type and in the VIRTIO_CRYPTO_SYM_HASH_MODE_AUTH mode.
+\item The driver MUST specify the fields of struct virtio_crypto_cipher_data_req in struct virtio_crypto_sym_data_req if the packet is based on VIRTIO_CRYPTO_SYM_OP_CIPHER.
+\item The driver MUST specify the fields of both struct virtio_crypto_cipher_data_req and struct virtio_crypto_mac_data_req in struct virtio_crypto_sym_data_req if the packet
+      is of the VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING type and in the VIRTIO_CRYPTO_SYM_HASH_MODE_AUTH mode.
 \end{itemize*}
 
 \devicenormative{\paragraph}{Symmetric algorithms Operation}{Device Types / Crypto Device / Device Operation / Symmetric algorithms Operation}
 
 \begin{itemize*}
+\item The device MUST parse \field{flag} field in struct virtio_crypto_op_header in order to decide which mode the driver uses.
 \item The device MUST parse the virtio_crypto_sym_data_req based on the \field{opcode} in general header.
-\item The device SHOULD only parse fields of struct virtio_crypto_cipher_data_req in struct virtio_crypto_sym_data_req if the created session is VIRTIO_CRYPTO_SYM_OP_CIPHER type.
-\item The device MUST parse fields of both struct virtio_crypto_cipher_data_req and struct virtio_crypto_mac_data_req in struct virtio_crypto_sym_data_req if the created
-session is of the VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING operation type and in the VIRTIO_CRYPTO_SYM_HASH_MODE_AUTH mode.
+\item The device SHOULD only parse fields of struct virtio_crypto_cipher_data_req in struct virtio_crypto_sym_data_req if the packet is VIRTIO_CRYPTO_SYM_OP_CIPHER type.
+\item The device MUST parse fields of both struct virtio_crypto_cipher_data_req and struct virtio_crypto_mac_data_req in struct virtio_crypto_sym_data_req if the packet
+      is of the VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING operation type and in the VIRTIO_CRYPTO_SYM_HASH_MODE_AUTH mode.
 \item The device MUST copy the result of cryptographic operation to the dst_data[] in both plain CIPHER mode and algorithms chain mode.
 \item The device MUST check the \field{para}.\field{add_len} is bigger than 0 before parse the additional authenticated data in plain algorithms chain mode.
 \item The device MUST copy the result of HASH/MAC operation to the hash_result[] is of the VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING type.
@@ -819,7 +892,7 @@  session is of the VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING operation type and in
 
 \paragraph{Steps of Operation}\label{sec:Device Types / Crypto Device / Device Operation / Symmetric algorithms Operation / Steps of Operation}
 
-\subparagraph{Step1: Create session}\label{sec:Device Types / Crypto Device / Device Operation / Symmetric algorithms Operation / Steps of Operation / Step1: Create session}
+\subparagraph{Step1: Create session}\label{sec:Device Types / Crypto Device / Device Operation / Symmetric algorithms Operation / Steps of Operation / Step1: Create session if using session mode}
 
 \begin{enumerate}
 \item The driver specifies information in struct virtio_crypto_op_ctrl_req, including the algorithm name, key, keylen etc;
@@ -848,7 +921,7 @@  session is of the VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING operation type and in
 \item The device sets the \field{status} in struct virtio_crypto_inhdr;
 \item The device updates and flushes the Used Ring to return the cryptographic results to the driver;
 \item The device notifies the driver (Or the driver actively polls the dataq's Used Ring);
-\item The driver saves the cryptographic result.
+\item The driver saves the cryptographic results.
 \end{enumerate}
 
 \begin{note}
@@ -862,6 +935,15 @@  session is of the VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING operation type and in
 
 \begin{lstlisting}
 struct virtio_crypto_aead_para {
+    struct {
+        /* See VIRTIO_CRYPTO_AEAD_* above */
+        le32 algo;
+        /* length of key */
+        le32 key_len;
+        /* encrypt or decrypt, See above VIRTIO_CRYPTO_OP_* */
+        le32 op;
+    } sess_para;
+
     /*
      * Byte Length of valid IV data.
      *
@@ -871,20 +953,21 @@  struct virtio_crypto_aead_para {
      *   range 7 to 13 inclusive.
      */
     le32 iv_len;
+    /* Authentication tag length */
+    le32 tag_len;
     /* length of additional auth data */
     le32 aad_len;
     /* length of source data */
     le32 src_data_len;
-    /* length of dst data */
+    /* length of dst data, this should be at least src_data_len + tag_len */
     le32 dst_data_len;
-    /* Length of the hash result */
-    le32 hash_result_len;
-    le32 reserver;
 };
 
 struct virtio_crypto_aead_data_req {
     /* Device-readable part */
     struct virtio_crypto_aead_para para;
+    /* The cipher key */
+    u8 key[key_len];
     /*
      * Initialization Vector data.
      *
@@ -906,10 +989,9 @@  struct virtio_crypto_aead_data_req {
     u8 aad[aad_len];
 
     /* Device-writable part */
-    /* Destination data */
+    /* Pointer to output data */
     u8 dst_data[dst_data_len];
-    /* Hash result data */
-    u8 hash_result[hash_result_len];
+
     struct virtio_crypto_inhdr inhdr;
 };
 \end{lstlisting}
@@ -918,10 +1000,9 @@  Each data request uses virtio_crypto_aead_data_req structure to store informatio
 used to run the AEAD operations. 
 
 The information includes the hash parameters stored by \field{para}, output data and input data.
-In the first virtio_crypto_aead_para structure, \field{iv_len} specifies the length of the initialization vector.
+In the first virtio_crypto_aead_para structure, \field{iv_len} specifies the length of the initialization vector. \field{tag_len} specifies the length of the authentication tag;
 \field{aad_len} specifies the length of additional authentication data, \field{src_data_len} specifies the
-length of the source data; \field{dst_data_len} specifies the length of the destination data.
-The output data here includes the IV data and source data, and the input data includes the destination data used to save the results of the CIPHER operations.
+length of the source data; \field{dst_data_len} specifies the length of the destination data, which is at least \field{src_data_len} + \field{tag_len}.
 
 The output data here includes the IV/Counter data, source data and additional authenticated data if exists.
 The input data includes both destination data used to save the results of the AEAD operations.
@@ -930,9 +1011,11 @@  The input data includes both destination data used to save the results of the AE
 \drivernormative{\paragraph}{AEAD Service Operation}{Device Types / Crypto Device / Device Operation / AEAD Service Operation}
 
 \begin{itemize*}
-\item The driver MUST set the \field{session_id} in struct virtio_crypto_op_header to a valid value which assigned by the device when a session is created.
+\item If the VIRTIO_CRYPTO_F_AEAD_SESSION_MODE feature bit is negotiated and the driver uses the session mode, then the driver MUST set the \field{session_id} in struct virtio_crypto_op_header
+      to a valid value which assigned by the device when a session is created and MUST set \field{flag} field to VIRTIO_CRYPTO_FLAG_SESSION_MODE.
+\item If the VIRTIO_CRYPTO_F_AEAD_SESSION_MODE feature bit is not negotiated or the driver doesn't use the session mode, then the driver MUST set \field{flag} field in struct virtio_crypto_op_header
+      to VIRTIO_CRYPTO_FLAG_SESSION_NONE_MODE and MUST set fields in struct virtio_crypto_aead_para.sess_para.
 \item The driver MUST set \field{opcode} in struct virtio_crypto_op_header to VIRTIO_CRYPTO_AEAD_ENCRYPT or VIRTIO_CRYPTO_AEAD_DECRYPT.
-\item The driver MUST set the \field{queue_id} field to show used dataq in struct virtio_crypto_op_header.
 \end{itemize*}
 
 \devicenormative{\paragraph}{AEAD Service Operation}{Device Types / Crypto Device / Device Operation / AEAD Service Operation}
@@ -940,7 +1023,7 @@  The input data includes both destination data used to save the results of the AE
 \begin{itemize*}
 \item The device MUST parse the virtio_crypto_aead_data_req based on the \field{opcode} in general header.
 \item The device MUST copy the result of cryptographic operation to the dst_data[].
-\item The device MUST copy the hash result to the hash_result[].
+\item The device MUST copy the authentication tag to the dst_data[] offset the cipher result.
 \item The device MUST set the \field{status} field in struct virtio_crypto_inhdr to one of the values of enum VIRITO_CRYPTO_STATUS.
 \item When the \field{opcode} is VIRTIO_CRYPTO_AEAD_DECRYPT, the device MUST verify and return the verification result to the driver, and if the verification result is incorrect, VIRTIO_CRYPTO_BADMSG (bad message) MUST be returned to the driver.
 \end{itemize*}
\ No newline at end of file