From: Akhil Goyal Date: Wed, 25 Oct 2017 15:07:18 +0000 (+0530) Subject: cryptodev: support security APIs X-Git-Tag: spdx-start~1183 X-Git-Url: http://git.droids-corp.org/?p=dpdk.git;a=commitdiff_plain;h=eadb4fa1e1fe3382350082028e05e48541f8a17d cryptodev: support security APIs Security ops are added to crypto device to support protocol offloaded security operations. Signed-off-by: Akhil Goyal Signed-off-by: Declan Doherty --- diff --git a/doc/guides/cryptodevs/features/default.ini b/doc/guides/cryptodevs/features/default.ini index c98717ab34..18d66cb901 100644 --- a/doc/guides/cryptodevs/features/default.ini +++ b/doc/guides/cryptodevs/features/default.ini @@ -10,6 +10,7 @@ Symmetric crypto = Asymmetric crypto = Sym operation chaining = HW Accelerated = +Protocol offload = CPU SSE = CPU AVX = CPU AVX2 = diff --git a/lib/librte_cryptodev/rte_crypto.h b/lib/librte_cryptodev/rte_crypto.h index 3ef9e41ced..eeed9ee251 100644 --- a/lib/librte_cryptodev/rte_crypto.h +++ b/lib/librte_cryptodev/rte_crypto.h @@ -86,7 +86,8 @@ enum rte_crypto_op_status { */ enum rte_crypto_op_sess_type { RTE_CRYPTO_OP_WITH_SESSION, /**< Session based crypto operation */ - RTE_CRYPTO_OP_SESSIONLESS /**< Session-less crypto operation */ + RTE_CRYPTO_OP_SESSIONLESS, /**< Session-less crypto operation */ + RTE_CRYPTO_OP_SECURITY_SESSION /**< Security session crypto operation */ }; /** diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h index 0a0ea59de1..5992063708 100644 --- a/lib/librte_cryptodev/rte_crypto_sym.h +++ b/lib/librte_cryptodev/rte_crypto_sym.h @@ -508,6 +508,8 @@ struct rte_crypto_sym_op { /**< Handle for the initialised session context */ struct rte_crypto_sym_xform *xform; /**< Session-less API crypto operation parameters */ + struct rte_security_session *sec_session; + /**< Handle for the initialised security session context */ }; RTE_STD_C11 diff --git a/lib/librte_cryptodev/rte_cryptodev.c b/lib/librte_cryptodev/rte_cryptodev.c index 21da40ee8f..80632117e0 100644 --- a/lib/librte_cryptodev/rte_cryptodev.c +++ b/lib/librte_cryptodev/rte_cryptodev.c @@ -488,6 +488,16 @@ rte_cryptodev_devices_get(const char *driver_name, uint8_t *devices, return count; } +void * +rte_cryptodev_get_sec_ctx(uint8_t dev_id) +{ + if (rte_crypto_devices[dev_id].feature_flags & + RTE_CRYPTODEV_FF_SECURITY) + return rte_crypto_devices[dev_id].security_ctx; + + return NULL; +} + int rte_cryptodev_socket_id(uint8_t dev_id) { diff --git a/lib/librte_cryptodev/rte_cryptodev.h b/lib/librte_cryptodev/rte_cryptodev.h index a74d9b92bd..a0d3a12abc 100644 --- a/lib/librte_cryptodev/rte_cryptodev.h +++ b/lib/librte_cryptodev/rte_cryptodev.h @@ -350,6 +350,8 @@ rte_cryptodev_get_aead_algo_enum(enum rte_crypto_aead_algorithm *algo_enum, /**< Utilises CPU NEON instructions */ #define RTE_CRYPTODEV_FF_CPU_ARM_CE (1ULL << 11) /**< Utilises ARM CPU Cryptographic Extensions */ +#define RTE_CRYPTODEV_FF_SECURITY (1ULL << 12) +/**< Support Security Protocol Processing */ /** @@ -773,11 +775,17 @@ struct rte_cryptodev { struct rte_cryptodev_cb_list link_intr_cbs; /**< User application callback for interrupts if present */ + void *security_ctx; + /**< Context for security ops */ + __extension__ uint8_t attached : 1; /**< Flag indicating the device is attached */ } __rte_cache_aligned; +void * +rte_cryptodev_get_sec_ctx(uint8_t dev_id); + /** * * The data part, with no function pointers, associated with each device. diff --git a/lib/librte_cryptodev/rte_cryptodev_version.map b/lib/librte_cryptodev/rte_cryptodev_version.map index 4355166a91..e82296c90b 100644 --- a/lib/librte_cryptodev/rte_cryptodev_version.map +++ b/lib/librte_cryptodev/rte_cryptodev_version.map @@ -79,6 +79,7 @@ DPDK_17.08 { DPDK_17.11 { global: + rte_cryptodev_get_sec_ctx; rte_cryptodev_name_get; rte_cryptodev_pmd_create; rte_cryptodev_pmd_destroy;