1 /* SPDX-License-Identifier: BSD-3-Clause
3 * Copyright(c) 2017 Intel Corporation.
4 * Copyright (c) 2020 Samsung Electronics Co., Ltd All Rights Reserved
7 #include <rte_malloc.h>
9 #include "rte_compat.h"
10 #include "rte_security.h"
11 #include "rte_security_driver.h"
13 /* Macro to check for invalid pointers */
14 #define RTE_PTR_OR_ERR_RET(ptr, retval) do { \
19 /* Macro to check for invalid pointers chains */
20 #define RTE_PTR_CHAIN3_OR_ERR_RET(p1, p2, p3, retval, last_retval) do { \
21 RTE_PTR_OR_ERR_RET(p1, retval); \
22 RTE_PTR_OR_ERR_RET(p1->p2, retval); \
23 RTE_PTR_OR_ERR_RET(p1->p2->p3, last_retval); \
26 struct rte_security_session *
27 rte_security_session_create(struct rte_security_ctx *instance,
28 struct rte_security_session_conf *conf,
29 struct rte_mempool *mp,
30 struct rte_mempool *priv_mp)
32 struct rte_security_session *sess = NULL;
34 RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_create, NULL, NULL);
35 RTE_PTR_OR_ERR_RET(conf, NULL);
36 RTE_PTR_OR_ERR_RET(mp, NULL);
37 RTE_PTR_OR_ERR_RET(priv_mp, NULL);
39 if (rte_mempool_get(mp, (void **)&sess))
42 if (instance->ops->session_create(instance->device, conf,
44 rte_mempool_put(mp, (void *)sess);
53 rte_security_session_update(struct rte_security_ctx *instance,
54 struct rte_security_session *sess,
55 struct rte_security_session_conf *conf)
57 RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_update, -EINVAL,
59 RTE_PTR_OR_ERR_RET(sess, -EINVAL);
60 RTE_PTR_OR_ERR_RET(conf, -EINVAL);
62 return instance->ops->session_update(instance->device, sess, conf);
66 rte_security_session_get_size(struct rte_security_ctx *instance)
68 RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_get_size, 0, 0);
70 return instance->ops->session_get_size(instance->device);
74 rte_security_session_stats_get(struct rte_security_ctx *instance,
75 struct rte_security_session *sess,
76 struct rte_security_stats *stats)
78 RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_stats_get, -EINVAL,
80 /* Parameter sess can be NULL in case of getting global statistics. */
81 RTE_PTR_OR_ERR_RET(stats, -EINVAL);
83 return instance->ops->session_stats_get(instance->device, sess, stats);
87 rte_security_session_destroy(struct rte_security_ctx *instance,
88 struct rte_security_session *sess)
92 RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_destroy, -EINVAL,
94 RTE_PTR_OR_ERR_RET(sess, -EINVAL);
96 ret = instance->ops->session_destroy(instance->device, sess);
100 rte_mempool_put(rte_mempool_from_obj(sess), (void *)sess);
102 if (instance->sess_cnt)
103 instance->sess_cnt--;
109 rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
110 struct rte_security_session *sess,
111 struct rte_mbuf *m, void *params)
114 RTE_PTR_OR_ERR_RET(sess, -EINVAL);
115 RTE_PTR_OR_ERR_RET(instance, -EINVAL);
116 RTE_PTR_OR_ERR_RET(instance->ops, -EINVAL);
118 RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->set_pkt_metadata, -ENOTSUP);
119 return instance->ops->set_pkt_metadata(instance->device,
124 rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md)
126 void *userdata = NULL;
129 RTE_PTR_OR_ERR_RET(instance, NULL);
130 RTE_PTR_OR_ERR_RET(instance->ops, NULL);
132 RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->get_userdata, NULL);
133 if (instance->ops->get_userdata(instance->device, md, &userdata))
139 const struct rte_security_capability *
140 rte_security_capabilities_get(struct rte_security_ctx *instance)
142 RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, capabilities_get, NULL, NULL);
144 return instance->ops->capabilities_get(instance->device);
147 const struct rte_security_capability *
148 rte_security_capability_get(struct rte_security_ctx *instance,
149 struct rte_security_capability_idx *idx)
151 const struct rte_security_capability *capabilities;
152 const struct rte_security_capability *capability;
155 RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, capabilities_get, NULL, NULL);
156 RTE_PTR_OR_ERR_RET(idx, NULL);
158 capabilities = instance->ops->capabilities_get(instance->device);
160 if (capabilities == NULL)
163 while ((capability = &capabilities[i++])->action
164 != RTE_SECURITY_ACTION_TYPE_NONE) {
165 if (capability->action == idx->action &&
166 capability->protocol == idx->protocol) {
167 if (idx->protocol == RTE_SECURITY_PROTOCOL_IPSEC) {
168 if (capability->ipsec.proto ==
170 capability->ipsec.mode ==
172 capability->ipsec.direction ==
173 idx->ipsec.direction)
175 } else if (idx->protocol == RTE_SECURITY_PROTOCOL_PDCP) {
176 if (capability->pdcp.domain ==
179 } else if (idx->protocol ==
180 RTE_SECURITY_PROTOCOL_DOCSIS) {
181 if (capability->docsis.direction ==
182 idx->docsis.direction)