The vhost_crypto sample application implemented a simple Crypto device, which used as the backend of Qemu vhost-user-crypto device. Similar with vhost-user-net and vhost-user-scsi device, the sample application used domain socket to communicate with Qemu, and the virtio ring was processed by vhost_crypto sample application.
This section shows the steps how to start a VM with the crypto device as fast data path for critical application.
To compile the sample application see Compiling the Sample Applications.
The application is located in the examples sub-directory.
./vhost_crypto [EAL options] --
--config (lcore,cdev-id,queue-id)[,(lcore,cdev-id,queue-id)]
--socket-file lcore,PATH
[--zero-copy]
[--guest-polling]
where,
The application requires that crypto devices capable of performing the specified crypto operation are available on application initialization. This means that HW crypto device/s must be bound to a DPDK driver or a SW crypto device/s (virtual crypto PMD) must be created (using –vdev).
qemu-system-x86_64 -machine accel=kvm \
-m $mem -object memory-backend-file,id=mem,size=$mem,\
mem-path=/dev/hugepages,share=on -numa node,memdev=mem \
-drive file=os.img,if=none,id=disk \
-device ide-hd,drive=disk,bootindex=0 \
-chardev socket,id={chardev_id},path={PATH} \
-object cryptodev-vhost-user,id={obj_id},chardev={chardev_id} \
-device virtio-crypto-pci,id={dev_id},cryptodev={obj_id} \
...
Note
You must check whether your Qemu can support “vhost-user-crypto” or not.