lib/librte_security/rte_security.c

   1 /* SPDX-License-Identifier: BSD-3-Clause
   2  * Copyright 2017 NXP.
   3  * Copyright(c) 2017 Intel Corporation.
   4  * Copyright (c) 2020 Samsung Electronics Co., Ltd All Rights Reserved
   5  */
   6
   7 #include <rte_malloc.h>
   8 #include <rte_dev.h>
   9 #include "rte_compat.h"
  10 #include "rte_security.h"
  11 #include "rte_security_driver.h"
  12
  13 /* Macro to check for invalid pointers */
  14 #define RTE_PTR_OR_ERR_RET(ptr, retval) do {    \
  15         if ((ptr) == NULL)                      \
  16                 return retval;                  \
  17 } while (0)
  18
  19 /* Macro to check for invalid pointers chains */
  20 #define RTE_PTR_CHAIN3_OR_ERR_RET(p1, p2, p3, retval, last_retval) do { \
  21         RTE_PTR_OR_ERR_RET(p1, retval);                                 \
  22         RTE_PTR_OR_ERR_RET(p1->p2, retval);                             \
  23         RTE_PTR_OR_ERR_RET(p1->p2->p3, last_retval);                    \
  24 } while (0)
  25
  26 struct rte_security_session *
  27 rte_security_session_create(struct rte_security_ctx *instance,
  28                             struct rte_security_session_conf *conf,
  29                             struct rte_mempool *mp)
  30 {
  31         struct rte_security_session *sess = NULL;
  32
  33         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_create, NULL, NULL);
  34         RTE_PTR_OR_ERR_RET(conf, NULL);
  35         RTE_PTR_OR_ERR_RET(mp, NULL);
  36
  37         if (rte_mempool_get(mp, (void **)&sess))
  38                 return NULL;
  39
  40         if (instance->ops->session_create(instance->device, conf, sess, mp)) {
  41                 rte_mempool_put(mp, (void *)sess);
  42                 return NULL;
  43         }
  44         instance->sess_cnt++;
  45
  46         return sess;
  47 }
  48
  49 int
  50 rte_security_session_update(struct rte_security_ctx *instance,
  51                             struct rte_security_session *sess,
  52                             struct rte_security_session_conf *conf)
  53 {
  54         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_update, -EINVAL,
  55                         -ENOTSUP);
  56         RTE_PTR_OR_ERR_RET(sess, -EINVAL);
  57         RTE_PTR_OR_ERR_RET(conf, -EINVAL);
  58
  59         return instance->ops->session_update(instance->device, sess, conf);
  60 }
  61
  62 unsigned int
  63 rte_security_session_get_size(struct rte_security_ctx *instance)
  64 {
  65         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_get_size, 0, 0);
  66
  67         return instance->ops->session_get_size(instance->device);
  68 }
  69
  70 int
  71 rte_security_session_stats_get(struct rte_security_ctx *instance,
  72                                struct rte_security_session *sess,
  73                                struct rte_security_stats *stats)
  74 {
  75         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_stats_get, -EINVAL,
  76                         -ENOTSUP);
  77         /* Parameter sess can be NULL in case of getting global statistics. */
  78         RTE_PTR_OR_ERR_RET(stats, -EINVAL);
  79
  80         return instance->ops->session_stats_get(instance->device, sess, stats);
  81 }
  82
  83 int
  84 rte_security_session_destroy(struct rte_security_ctx *instance,
  85                              struct rte_security_session *sess)
  86 {
  87         int ret;
  88
  89         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_destroy, -EINVAL,
  90                         -ENOTSUP);
  91         RTE_PTR_OR_ERR_RET(sess, -EINVAL);
  92
  93         if (instance->sess_cnt)
  94                 instance->sess_cnt--;
  95
  96         ret = instance->ops->session_destroy(instance->device, sess);
  97         if (!ret)
  98                 rte_mempool_put(rte_mempool_from_obj(sess), (void *)sess);
  99
 100         return ret;
 101 }
 102
 103 int
 104 rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
 105                               struct rte_security_session *sess,
 106                               struct rte_mbuf *m, void *params)
 107 {
 108 #ifdef RTE_DEBUG
 109         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, set_pkt_metadata, -EINVAL,
 110                         -ENOTSUP);
 111         RTE_PTR_OR_ERR_RET(sess, -EINVAL);
 112 #endif
 113         return instance->ops->set_pkt_metadata(instance->device,
 114                                                sess, m, params);
 115 }
 116
 117 void *
 118 rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md)
 119 {
 120         void *userdata = NULL;
 121
 122 #ifdef RTE_DEBUG
 123         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, get_userdata, NULL, NULL);
 124 #endif
 125         if (instance->ops->get_userdata(instance->device, md, &userdata))
 126                 return NULL;
 127
 128         return userdata;
 129 }
 130
 131 const struct rte_security_capability *
 132 rte_security_capabilities_get(struct rte_security_ctx *instance)
 133 {
 134         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, capabilities_get, NULL, NULL);
 135
 136         return instance->ops->capabilities_get(instance->device);
 137 }
 138
 139 const struct rte_security_capability *
 140 rte_security_capability_get(struct rte_security_ctx *instance,
 141                             struct rte_security_capability_idx *idx)
 142 {
 143         const struct rte_security_capability *capabilities;
 144         const struct rte_security_capability *capability;
 145         uint16_t i = 0;
 146
 147         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, capabilities_get, NULL, NULL);
 148         RTE_PTR_OR_ERR_RET(idx, NULL);
 149
 150         capabilities = instance->ops->capabilities_get(instance->device);
 151
 152         if (capabilities == NULL)
 153                 return NULL;
 154
 155         while ((capability = &capabilities[i++])->action
 156                         != RTE_SECURITY_ACTION_TYPE_NONE) {
 157                 if (capability->action == idx->action &&
 158                                 capability->protocol == idx->protocol) {
 159                         if (idx->protocol == RTE_SECURITY_PROTOCOL_IPSEC) {
 160                                 if (capability->ipsec.proto ==
 161                                                 idx->ipsec.proto &&
 162                                         capability->ipsec.mode ==
 163                                                         idx->ipsec.mode &&
 164                                         capability->ipsec.direction ==
 165                                                         idx->ipsec.direction)
 166                                         return capability;
 167                         } else if (idx->protocol == RTE_SECURITY_PROTOCOL_PDCP) {
 168                                 if (capability->pdcp.domain ==
 169                                                         idx->pdcp.domain)
 170                                         return capability;
 171                         }
 172                 }
 173         }
 174
 175         return NULL;
 176 }