lib/librte_security/rte_security.c

   1 /* SPDX-License-Identifier: BSD-3-Clause
   2  * Copyright 2017 NXP.
   3  * Copyright(c) 2017 Intel Corporation.
   4  * Copyright (c) 2020 Samsung Electronics Co., Ltd All Rights Reserved
   5  */
   6
   7 #include <rte_malloc.h>
   8 #include <rte_dev.h>
   9 #include "rte_compat.h"
  10 #include "rte_security.h"
  11 #include "rte_security_driver.h"
  12
  13 /* Macro to check for invalid pointers */
  14 #define RTE_PTR_OR_ERR_RET(ptr, retval) do {    \
  15         if ((ptr) == NULL)                      \
  16                 return retval;                  \
  17 } while (0)
  18
  19 /* Macro to check for invalid pointers chains */
  20 #define RTE_PTR_CHAIN3_OR_ERR_RET(p1, p2, p3, retval, last_retval) do { \
  21         RTE_PTR_OR_ERR_RET(p1, retval);                                 \
  22         RTE_PTR_OR_ERR_RET(p1->p2, retval);                             \
  23         RTE_PTR_OR_ERR_RET(p1->p2->p3, last_retval);                    \
  24 } while (0)
  25
  26 struct rte_security_session *
  27 rte_security_session_create(struct rte_security_ctx *instance,
  28                             struct rte_security_session_conf *conf,
  29                             struct rte_mempool *mp,
  30                             struct rte_mempool *priv_mp)
  31 {
  32         struct rte_security_session *sess = NULL;
  33
  34         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_create, NULL, NULL);
  35         RTE_PTR_OR_ERR_RET(conf, NULL);
  36         RTE_PTR_OR_ERR_RET(mp, NULL);
  37         RTE_PTR_OR_ERR_RET(priv_mp, NULL);
  38
  39         if (rte_mempool_get(mp, (void **)&sess))
  40                 return NULL;
  41
  42         if (instance->ops->session_create(instance->device, conf,
  43                                 sess, priv_mp)) {
  44                 rte_mempool_put(mp, (void *)sess);
  45                 return NULL;
  46         }
  47         instance->sess_cnt++;
  48
  49         return sess;
  50 }
  51
  52 int
  53 rte_security_session_update(struct rte_security_ctx *instance,
  54                             struct rte_security_session *sess,
  55                             struct rte_security_session_conf *conf)
  56 {
  57         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_update, -EINVAL,
  58                         -ENOTSUP);
  59         RTE_PTR_OR_ERR_RET(sess, -EINVAL);
  60         RTE_PTR_OR_ERR_RET(conf, -EINVAL);
  61
  62         return instance->ops->session_update(instance->device, sess, conf);
  63 }
  64
  65 unsigned int
  66 rte_security_session_get_size(struct rte_security_ctx *instance)
  67 {
  68         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_get_size, 0, 0);
  69
  70         return instance->ops->session_get_size(instance->device);
  71 }
  72
  73 int
  74 rte_security_session_stats_get(struct rte_security_ctx *instance,
  75                                struct rte_security_session *sess,
  76                                struct rte_security_stats *stats)
  77 {
  78         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_stats_get, -EINVAL,
  79                         -ENOTSUP);
  80         /* Parameter sess can be NULL in case of getting global statistics. */
  81         RTE_PTR_OR_ERR_RET(stats, -EINVAL);
  82
  83         return instance->ops->session_stats_get(instance->device, sess, stats);
  84 }
  85
  86 int
  87 rte_security_session_destroy(struct rte_security_ctx *instance,
  88                              struct rte_security_session *sess)
  89 {
  90         int ret;
  91
  92         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_destroy, -EINVAL,
  93                         -ENOTSUP);
  94         RTE_PTR_OR_ERR_RET(sess, -EINVAL);
  95
  96         ret = instance->ops->session_destroy(instance->device, sess);
  97         if (ret != 0)
  98                 return ret;
  99
 100         rte_mempool_put(rte_mempool_from_obj(sess), (void *)sess);
 101
 102         if (instance->sess_cnt)
 103                 instance->sess_cnt--;
 104
 105         return 0;
 106 }
 107
 108 int
 109 rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
 110                               struct rte_security_session *sess,
 111                               struct rte_mbuf *m, void *params)
 112 {
 113 #ifdef RTE_DEBUG
 114         RTE_PTR_OR_ERR_RET(sess, -EINVAL);
 115         RTE_PTR_OR_ERR_RET(instance, -EINVAL);
 116         RTE_PTR_OR_ERR_RET(instance->ops, -EINVAL);
 117 #endif
 118         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->set_pkt_metadata, -ENOTSUP);
 119         return instance->ops->set_pkt_metadata(instance->device,
 120                                                sess, m, params);
 121 }
 122
 123 void *
 124 rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md)
 125 {
 126         void *userdata = NULL;
 127
 128 #ifdef RTE_DEBUG
 129         RTE_PTR_OR_ERR_RET(instance, NULL);
 130         RTE_PTR_OR_ERR_RET(instance->ops, NULL);
 131 #endif
 132         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->get_userdata, NULL);
 133         if (instance->ops->get_userdata(instance->device, md, &userdata))
 134                 return NULL;
 135
 136         return userdata;
 137 }
 138
 139 const struct rte_security_capability *
 140 rte_security_capabilities_get(struct rte_security_ctx *instance)
 141 {
 142         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, capabilities_get, NULL, NULL);
 143
 144         return instance->ops->capabilities_get(instance->device);
 145 }
 146
 147 const struct rte_security_capability *
 148 rte_security_capability_get(struct rte_security_ctx *instance,
 149                             struct rte_security_capability_idx *idx)
 150 {
 151         const struct rte_security_capability *capabilities;
 152         const struct rte_security_capability *capability;
 153         uint16_t i = 0;
 154
 155         RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, capabilities_get, NULL, NULL);
 156         RTE_PTR_OR_ERR_RET(idx, NULL);
 157
 158         capabilities = instance->ops->capabilities_get(instance->device);
 159
 160         if (capabilities == NULL)
 161                 return NULL;
 162
 163         while ((capability = &capabilities[i++])->action
 164                         != RTE_SECURITY_ACTION_TYPE_NONE) {
 165                 if (capability->action == idx->action &&
 166                                 capability->protocol == idx->protocol) {
 167                         if (idx->protocol == RTE_SECURITY_PROTOCOL_IPSEC) {
 168                                 if (capability->ipsec.proto ==
 169                                                 idx->ipsec.proto &&
 170                                         capability->ipsec.mode ==
 171                                                         idx->ipsec.mode &&
 172                                         capability->ipsec.direction ==
 173                                                         idx->ipsec.direction)
 174                                         return capability;
 175                         } else if (idx->protocol == RTE_SECURITY_PROTOCOL_PDCP) {
 176                                 if (capability->pdcp.domain ==
 177                                                         idx->pdcp.domain)
 178                                         return capability;
 179                         } else if (idx->protocol ==
 180                                                 RTE_SECURITY_PROTOCOL_DOCSIS) {
 181                                 if (capability->docsis.direction ==
 182                                                         idx->docsis.direction)
 183                                         return capability;
 184                         }
 185                 }
 186         }
 187
 188         return NULL;
 189 }