1 /* SPDX-License-Identifier: BSD-3-Clause
3 * Copyright(c) 2017 Intel Corporation.
4 * Copyright (c) 2020 Samsung Electronics Co., Ltd All Rights Reserved
7 #include <rte_malloc.h>
9 #include "rte_compat.h"
10 #include "rte_security.h"
11 #include "rte_security_driver.h"
13 /* Macro to check for invalid pointers */
14 #define RTE_PTR_OR_ERR_RET(ptr, retval) do { \
19 /* Macro to check for invalid pointers chains */
20 #define RTE_PTR_CHAIN3_OR_ERR_RET(p1, p2, p3, retval, last_retval) do { \
21 RTE_PTR_OR_ERR_RET(p1, retval); \
22 RTE_PTR_OR_ERR_RET(p1->p2, retval); \
23 RTE_PTR_OR_ERR_RET(p1->p2->p3, last_retval); \
26 struct rte_security_session *
27 rte_security_session_create(struct rte_security_ctx *instance,
28 struct rte_security_session_conf *conf,
29 struct rte_mempool *mp)
31 struct rte_security_session *sess = NULL;
33 RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_create, NULL, NULL);
34 RTE_PTR_OR_ERR_RET(conf, NULL);
35 RTE_PTR_OR_ERR_RET(mp, NULL);
37 if (rte_mempool_get(mp, (void **)&sess))
40 if (instance->ops->session_create(instance->device, conf, sess, mp)) {
41 rte_mempool_put(mp, (void *)sess);
50 rte_security_session_update(struct rte_security_ctx *instance,
51 struct rte_security_session *sess,
52 struct rte_security_session_conf *conf)
54 RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_update, -EINVAL,
56 RTE_PTR_OR_ERR_RET(sess, -EINVAL);
57 RTE_PTR_OR_ERR_RET(conf, -EINVAL);
59 return instance->ops->session_update(instance->device, sess, conf);
63 rte_security_session_get_size(struct rte_security_ctx *instance)
65 RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_get_size, 0, 0);
67 return instance->ops->session_get_size(instance->device);
71 rte_security_session_stats_get(struct rte_security_ctx *instance,
72 struct rte_security_session *sess,
73 struct rte_security_stats *stats)
75 RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_stats_get, -EINVAL,
77 /* Parameter sess can be NULL in case of getting global statistics. */
78 RTE_PTR_OR_ERR_RET(stats, -EINVAL);
80 return instance->ops->session_stats_get(instance->device, sess, stats);
84 rte_security_session_destroy(struct rte_security_ctx *instance,
85 struct rte_security_session *sess)
89 RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_destroy, -EINVAL,
91 RTE_PTR_OR_ERR_RET(sess, -EINVAL);
93 ret = instance->ops->session_destroy(instance->device, sess);
97 rte_mempool_put(rte_mempool_from_obj(sess), (void *)sess);
99 if (instance->sess_cnt)
100 instance->sess_cnt--;
106 rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
107 struct rte_security_session *sess,
108 struct rte_mbuf *m, void *params)
111 RTE_PTR_OR_ERR_RET(sess, -EINVAL);
112 RTE_PTR_OR_ERR_RET(instance, -EINVAL);
113 RTE_PTR_OR_ERR_RET(instance->ops, -EINVAL);
115 RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->set_pkt_metadata, -ENOTSUP);
116 return instance->ops->set_pkt_metadata(instance->device,
121 rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md)
123 void *userdata = NULL;
126 RTE_PTR_OR_ERR_RET(instance, NULL);
127 RTE_PTR_OR_ERR_RET(instance->ops, NULL);
129 RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->get_userdata, NULL);
130 if (instance->ops->get_userdata(instance->device, md, &userdata))
136 const struct rte_security_capability *
137 rte_security_capabilities_get(struct rte_security_ctx *instance)
139 RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, capabilities_get, NULL, NULL);
141 return instance->ops->capabilities_get(instance->device);
144 const struct rte_security_capability *
145 rte_security_capability_get(struct rte_security_ctx *instance,
146 struct rte_security_capability_idx *idx)
148 const struct rte_security_capability *capabilities;
149 const struct rte_security_capability *capability;
152 RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, capabilities_get, NULL, NULL);
153 RTE_PTR_OR_ERR_RET(idx, NULL);
155 capabilities = instance->ops->capabilities_get(instance->device);
157 if (capabilities == NULL)
160 while ((capability = &capabilities[i++])->action
161 != RTE_SECURITY_ACTION_TYPE_NONE) {
162 if (capability->action == idx->action &&
163 capability->protocol == idx->protocol) {
164 if (idx->protocol == RTE_SECURITY_PROTOCOL_IPSEC) {
165 if (capability->ipsec.proto ==
167 capability->ipsec.mode ==
169 capability->ipsec.direction ==
170 idx->ipsec.direction)
172 } else if (idx->protocol == RTE_SECURITY_PROTOCOL_PDCP) {
173 if (capability->pdcp.domain ==