lib/librte_security/rte_security.c

   1 /* SPDX-License-Identifier: BSD-3-Clause
   2  * Copyright 2017 NXP.
   3  * Copyright(c) 2017 Intel Corporation.
   4  * Copyright (c) 2020 Samsung Electronics Co., Ltd All Rights Reserved
   5  */
   6
   7 #include <rte_malloc.h>
   8 #include <rte_dev.h>
   9 #include "rte_compat.h"
  10 #include "rte_security.h"
  11 #include "rte_security_driver.h"
  12
  13 /* Macro to check for invalid pointers */
  14 #define RTE_PTR_OR_ERR_RET(ptr, retval) do {    \
  15         if ((ptr) == NULL)                      \
  16                 return retval;                  \
  17 } while (0)
  18
  19 /* Macro to check for invalid pointers chains */
  20 #define RTE_PTR_CHAIN3_OR_ERR_RET(p1, p2, p3, retval, last_retval) do { \
  21         RTE_PTR_OR_ERR_RET(p1, retval);                                 \
  22         RTE_PTR_OR_ERR_RET(p1->p2, retval);                             \
  23         RTE_PTR_OR_ERR_RET(p1->p2->p3, last_retval);                    \
  24 } while (0)
  25
  26 struct rte_security_session *
  27 rte_security_session_create(struct rte_security_ctx *instance,
  28                             struct rte_security_session_conf *conf,
  29                             struct rte_mempool *mp)
  30 {
  31         struct rte_security_session *sess = NULL;
  32
  33         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_create, NULL, NULL);
  34         RTE_PTR_OR_ERR_RET(conf, NULL);
  35         RTE_PTR_OR_ERR_RET(mp, NULL);
  36
  37         if (rte_mempool_get(mp, (void **)&sess))
  38                 return NULL;
  39
  40         if (instance->ops->session_create(instance->device, conf, sess, mp)) {
  41                 rte_mempool_put(mp, (void *)sess);
  42                 return NULL;
  43         }
  44         instance->sess_cnt++;
  45
  46         return sess;
  47 }
  48
  49 int
  50 rte_security_session_update(struct rte_security_ctx *instance,
  51                             struct rte_security_session *sess,
  52                             struct rte_security_session_conf *conf)
  53 {
  54         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_update, -EINVAL,
  55                         -ENOTSUP);
  56         RTE_PTR_OR_ERR_RET(sess, -EINVAL);
  57         RTE_PTR_OR_ERR_RET(conf, -EINVAL);
  58
  59         return instance->ops->session_update(instance->device, sess, conf);
  60 }
  61
  62 unsigned int
  63 rte_security_session_get_size(struct rte_security_ctx *instance)
  64 {
  65         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_get_size, 0, 0);
  66
  67         return instance->ops->session_get_size(instance->device);
  68 }
  69
  70 int
  71 rte_security_session_stats_get(struct rte_security_ctx *instance,
  72                                struct rte_security_session *sess,
  73                                struct rte_security_stats *stats)
  74 {
  75         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_stats_get, -EINVAL,
  76                         -ENOTSUP);
  77         /* Parameter sess can be NULL in case of getting global statistics. */
  78         RTE_PTR_OR_ERR_RET(stats, -EINVAL);
  79
  80         return instance->ops->session_stats_get(instance->device, sess, stats);
  81 }
  82
  83 int
  84 rte_security_session_destroy(struct rte_security_ctx *instance,
  85                              struct rte_security_session *sess)
  86 {
  87         int ret;
  88
  89         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_destroy, -EINVAL,
  90                         -ENOTSUP);
  91         RTE_PTR_OR_ERR_RET(sess, -EINVAL);
  92
  93         ret = instance->ops->session_destroy(instance->device, sess);
  94         if (ret != 0)
  95                 return ret;
  96
  97         rte_mempool_put(rte_mempool_from_obj(sess), (void *)sess);
  98
  99         if (instance->sess_cnt)
 100                 instance->sess_cnt--;
 101
 102         return 0;
 103 }
 104
 105 int
 106 rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
 107                               struct rte_security_session *sess,
 108                               struct rte_mbuf *m, void *params)
 109 {
 110 #ifdef RTE_DEBUG
 111         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, set_pkt_metadata, -EINVAL,
 112                         -ENOTSUP);
 113         RTE_PTR_OR_ERR_RET(sess, -EINVAL);
 114 #endif
 115         return instance->ops->set_pkt_metadata(instance->device,
 116                                                sess, m, params);
 117 }
 118
 119 void *
 120 rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md)
 121 {
 122         void *userdata = NULL;
 123
 124 #ifdef RTE_DEBUG
 125         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, get_userdata, NULL, NULL);
 126 #endif
 127         if (instance->ops->get_userdata(instance->device, md, &userdata))
 128                 return NULL;
 129
 130         return userdata;
 131 }
 132
 133 const struct rte_security_capability *
 134 rte_security_capabilities_get(struct rte_security_ctx *instance)
 135 {
 136         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, capabilities_get, NULL, NULL);
 137
 138         return instance->ops->capabilities_get(instance->device);
 139 }
 140
 141 const struct rte_security_capability *
 142 rte_security_capability_get(struct rte_security_ctx *instance,
 143                             struct rte_security_capability_idx *idx)
 144 {
 145         const struct rte_security_capability *capabilities;
 146         const struct rte_security_capability *capability;
 147         uint16_t i = 0;
 148
 149         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, capabilities_get, NULL, NULL);
 150         RTE_PTR_OR_ERR_RET(idx, NULL);
 151
 152         capabilities = instance->ops->capabilities_get(instance->device);
 153
 154         if (capabilities == NULL)
 155                 return NULL;
 156
 157         while ((capability = &capabilities[i++])->action
 158                         != RTE_SECURITY_ACTION_TYPE_NONE) {
 159                 if (capability->action == idx->action &&
 160                                 capability->protocol == idx->protocol) {
 161                         if (idx->protocol == RTE_SECURITY_PROTOCOL_IPSEC) {
 162                                 if (capability->ipsec.proto ==
 163                                                 idx->ipsec.proto &&
 164                                         capability->ipsec.mode ==
 165                                                         idx->ipsec.mode &&
 166                                         capability->ipsec.direction ==
 167                                                         idx->ipsec.direction)
 168                                         return capability;
 169                         } else if (idx->protocol == RTE_SECURITY_PROTOCOL_PDCP) {
 170                                 if (capability->pdcp.domain ==
 171                                                         idx->pdcp.domain)
 172                                         return capability;
 173                         }
 174                 }
 175         }
 176
 177         return NULL;
 178 }