cryptodev: support security APIs

Security ops are added to crypto device to support
protocol offloaded security operations.

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Signed-off-by: Declan Doherty <declan.doherty@intel.com>

diff --git a/doc/guides/cryptodevs/features/default.ini b/doc/guides/cryptodevs/features/default.ini
index c98717a..18d66cb 100644 (file)
--- a/doc/guides/cryptodevs/features/default.ini
+++ b/doc/guides/cryptodevs/features/default.ini
@@ -10,6 +10,7 @@ Symmetric crypto       =
 Asymmetric crypto      =
 Sym operation chaining =
 HW Accelerated         =
+Protocol offload       =
 CPU SSE                =
 CPU AVX                =
 CPU AVX2               =

diff --git a/lib/librte_cryptodev/rte_crypto.h b/lib/librte_cryptodev/rte_crypto.h
index 3ef9e41..eeed9ee 100644 (file)
--- a/lib/librte_cryptodev/rte_crypto.h
+++ b/lib/librte_cryptodev/rte_crypto.h
@@ -86,7 +86,8 @@ enum rte_crypto_op_status {
  */
 enum rte_crypto_op_sess_type {
        RTE_CRYPTO_OP_WITH_SESSION,     /**< Session based crypto operation */
-       RTE_CRYPTO_OP_SESSIONLESS       /**< Session-less crypto operation */
+       RTE_CRYPTO_OP_SESSIONLESS,      /**< Session-less crypto operation */
+       RTE_CRYPTO_OP_SECURITY_SESSION  /**< Security session crypto operation */
 };
 
 /**

diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h
index 0a0ea59..5992063 100644 (file)
--- a/lib/librte_cryptodev/rte_crypto_sym.h
+++ b/lib/librte_cryptodev/rte_crypto_sym.h
@@ -508,6 +508,8 @@ struct rte_crypto_sym_op {
                /**< Handle for the initialised session context */
                struct rte_crypto_sym_xform *xform;
                /**< Session-less API crypto operation parameters */
+               struct rte_security_session *sec_session;
+               /**< Handle for the initialised security session context */
        };
 
        RTE_STD_C11

diff --git a/lib/librte_cryptodev/rte_cryptodev.c b/lib/librte_cryptodev/rte_cryptodev.c
index 21da40e..8063211 100644 (file)
--- a/lib/librte_cryptodev/rte_cryptodev.c
+++ b/lib/librte_cryptodev/rte_cryptodev.c
@@ -488,6 +488,16 @@ rte_cryptodev_devices_get(const char *driver_name, uint8_t *devices,
        return count;
 }
 
+void *
+rte_cryptodev_get_sec_ctx(uint8_t dev_id)
+{
+       if (rte_crypto_devices[dev_id].feature_flags &
+                       RTE_CRYPTODEV_FF_SECURITY)
+               return rte_crypto_devices[dev_id].security_ctx;
+
+       return NULL;
+}
+
 int
 rte_cryptodev_socket_id(uint8_t dev_id)
 {

diff --git a/lib/librte_cryptodev/rte_cryptodev.h b/lib/librte_cryptodev/rte_cryptodev.h
index a74d9b9..a0d3a12 100644 (file)
--- a/lib/librte_cryptodev/rte_cryptodev.h
+++ b/lib/librte_cryptodev/rte_cryptodev.h
@@ -350,6 +350,8 @@ rte_cryptodev_get_aead_algo_enum(enum rte_crypto_aead_algorithm *algo_enum,
 /**< Utilises CPU NEON instructions */
 #define        RTE_CRYPTODEV_FF_CPU_ARM_CE             (1ULL << 11)
 /**< Utilises ARM CPU Cryptographic Extensions */
+#define        RTE_CRYPTODEV_FF_SECURITY               (1ULL << 12)
+/**< Support Security Protocol Processing */
 
 
 /**
@@ -773,11 +775,17 @@ struct rte_cryptodev {
        struct rte_cryptodev_cb_list link_intr_cbs;
        /**< User application callback for interrupts if present */
 
+       void *security_ctx;
+       /**< Context for security ops */
+
        __extension__
        uint8_t attached : 1;
        /**< Flag indicating the device is attached */
 } __rte_cache_aligned;
 
+void *
+rte_cryptodev_get_sec_ctx(uint8_t dev_id);
+
 /**
  *
  * The data part, with no function pointers, associated with each device.

diff --git a/lib/librte_cryptodev/rte_cryptodev_version.map b/lib/librte_cryptodev/rte_cryptodev_version.map
index 4355166..e82296c 100644 (file)
--- a/lib/librte_cryptodev/rte_cryptodev_version.map
+++ b/lib/librte_cryptodev/rte_cryptodev_version.map
@@ -79,6 +79,7 @@ DPDK_17.08 {
 DPDK_17.11 {
        global:
 
+       rte_cryptodev_get_sec_ctx;
        rte_cryptodev_name_get;
        rte_cryptodev_pmd_create;
        rte_cryptodev_pmd_destroy;