Implementing in-kernel AES crypto acceleration on ppc (POWER8+)

From: Shawn Anastasio <sanastasio_at_raptorengineering.com>
Date: Thu, 03 Aug 2023 17:51:57 UTC
Hello all,

Raptor Engineering is interested in adding support for in-kernel AES
acceleration on ppc64 via the VMX crypto instructions added in ISA
2.07B, and I wanted to reach out to the community with a few questions.

1. As I understand it, FreeBSD already has support for in-kernel crypto
   acceleration on x86 and ARM via the aesni and armv8_crypto drivers
   respectively that each implement the cryptodev interface. Am I
   correct in understanding that adding AES acceleration for Power would
   just involve creating another driver here, or are there other pieces
   of the puzzle that I've missed?

2. I see that both the aesni and armv8 drivers make use of the
   fpu_kern_enter/fpu_kern_leave functions to guard access to vector
   registers, but it appears that these functions aren't implemented on
   ppc. Is that correct, or does an in-kernel facility for safely
   accessing vector registers on ppc already exist?

3. For the accelerated AES implementation itself, I've noticed that
   cryptogams[*] contains an implementation that is both widely deployed
   (and thus tested and likely to be correct) and also BSD licensed.
   Would it be acceptable to import the relevant routines to the FreeBSD
   kernel and have the new cryptodev driver simply call into them, or
   are there other considerations involved?

4. Is there a userspace test framework for the cryptodev API that could
   be used to validate and benchmark the new implementation, or would I
   have to write that myself? It appears that OpenSSL had support for
   /dev/crypto at one point, but I'm not sure that is the case any
   longer.

My apologies for the large number of questions, but I look forward to
hearing back and working with the FreeBSD community to get this
implemented.

Thanks,
Shawn Anastasio

[*] https://github.com/dot-asm/cryptogams