do {
/* Copy CPT command to LMTLINE */
- roc_lmt_mov((void *)lmtline, &inst, 2);
+ roc_lmt_mov64((void *)lmtline, &inst);
lmt_status = roc_lmt_submit_ldeor(io_addr);
} while (lmt_status == 0);
struct roc_ie_on_sa_ctl *ctl)
{
struct rte_crypto_sym_xform *cipher_xform, *auth_xform;
- int aes_key_len;
+ int aes_key_len = 0;
- if (ipsec->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
- ctl->direction = ROC_IE_SA_DIR_OUTBOUND;
- cipher_xform = crypto_xform;
- auth_xform = crypto_xform->next;
- } else if (ipsec->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {
- ctl->direction = ROC_IE_SA_DIR_INBOUND;
+ if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
auth_xform = crypto_xform;
cipher_xform = crypto_xform->next;
} else {
- return -EINVAL;
+ cipher_xform = crypto_xform;
+ auth_xform = crypto_xform->next;
}
+ if (ipsec->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS)
+ ctl->direction = ROC_IE_SA_DIR_OUTBOUND;
+ else
+ ctl->direction = ROC_IE_SA_DIR_INBOUND;
+
if (ipsec->mode == RTE_SECURITY_IPSEC_SA_MODE_TUNNEL) {
if (ipsec->tunnel.type == RTE_SECURITY_IPSEC_TUNNEL_IPV4)
ctl->outer_ip_ver = ROC_IE_SA_IP_VERSION_4;
return -EINVAL;
}
- ctl->inner_ip_ver = ctl->outer_ip_ver;
-
- if (ipsec->mode == RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT)
+ if (ipsec->mode == RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT) {
ctl->ipsec_mode = ROC_IE_SA_MODE_TRANSPORT;
- else if (ipsec->mode == RTE_SECURITY_IPSEC_SA_MODE_TUNNEL)
+ ctl->outer_ip_ver = ROC_IE_SA_IP_VERSION_4;
+ } else if (ipsec->mode == RTE_SECURITY_IPSEC_SA_MODE_TUNNEL)
ctl->ipsec_mode = ROC_IE_SA_MODE_TUNNEL;
else
return -EINVAL;
return -EINVAL;
if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
- if (crypto_xform->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) {
+ switch (crypto_xform->aead.algo) {
+ case RTE_CRYPTO_AEAD_AES_GCM:
ctl->enc_type = ROC_IE_ON_SA_ENC_AES_GCM;
aes_key_len = crypto_xform->aead.key.length;
- } else {
+ break;
+ default:
+ plt_err("Unsupported AEAD algorithm");
return -ENOTSUP;
}
- } else if (cipher_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CBC) {
- ctl->enc_type = ROC_IE_ON_SA_ENC_AES_CBC;
- aes_key_len = cipher_xform->cipher.key.length;
} else {
- return -ENOTSUP;
- }
-
- switch (aes_key_len) {
- case 16:
- ctl->aes_key_len = ROC_IE_SA_AES_KEY_LEN_128;
- break;
- case 24:
- ctl->aes_key_len = ROC_IE_SA_AES_KEY_LEN_192;
- break;
- case 32:
- ctl->aes_key_len = ROC_IE_SA_AES_KEY_LEN_256;
- break;
- default:
- return -EINVAL;
- }
+ if (cipher_xform != NULL) {
+ switch (cipher_xform->cipher.algo) {
+ case RTE_CRYPTO_CIPHER_NULL:
+ ctl->enc_type = ROC_IE_ON_SA_ENC_NULL;
+ break;
+ case RTE_CRYPTO_CIPHER_AES_CBC:
+ ctl->enc_type = ROC_IE_ON_SA_ENC_AES_CBC;
+ aes_key_len = cipher_xform->cipher.key.length;
+ break;
+ case RTE_CRYPTO_CIPHER_AES_CTR:
+ ctl->enc_type = ROC_IE_ON_SA_ENC_AES_CTR;
+ aes_key_len = cipher_xform->cipher.key.length;
+ break;
+ default:
+ plt_err("Unsupported cipher algorithm");
+ return -ENOTSUP;
+ }
+ }
- if (crypto_xform->type != RTE_CRYPTO_SYM_XFORM_AEAD) {
switch (auth_xform->auth.algo) {
case RTE_CRYPTO_AUTH_NULL:
ctl->auth_type = ROC_IE_ON_SA_AUTH_NULL;
break;
case RTE_CRYPTO_AUTH_AES_GMAC:
ctl->auth_type = ROC_IE_ON_SA_AUTH_AES_GMAC;
+ aes_key_len = auth_xform->auth.key.length;
break;
case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
ctl->auth_type = ROC_IE_ON_SA_AUTH_AES_XCBC_128;
break;
default:
+ plt_err("Unsupported auth algorithm");
return -ENOTSUP;
}
}
+ /* Set AES key length */
+ if (ctl->enc_type == ROC_IE_ON_SA_ENC_AES_CBC ||
+ ctl->enc_type == ROC_IE_ON_SA_ENC_AES_CCM ||
+ ctl->enc_type == ROC_IE_ON_SA_ENC_AES_CTR ||
+ ctl->enc_type == ROC_IE_ON_SA_ENC_AES_GCM ||
+ ctl->auth_type == ROC_IE_ON_SA_AUTH_AES_GMAC) {
+ switch (aes_key_len) {
+ case 16:
+ ctl->aes_key_len = ROC_IE_SA_AES_KEY_LEN_128;
+ break;
+ case 24:
+ ctl->aes_key_len = ROC_IE_SA_AES_KEY_LEN_192;
+ break;
+ case 32:
+ ctl->aes_key_len = ROC_IE_SA_AES_KEY_LEN_256;
+ break;
+ default:
+ plt_err("Invalid AES key length");
+ return -EINVAL;
+ }
+ }
+
if (ipsec->options.esn)
ctl->esn_en = 1;
if (ipsec->options.udp_encap == 1)
ctl->encap_type = ROC_IE_ON_SA_ENCAP_UDP;
+ ctl->copy_df = ipsec->options.copy_df;
+
ctl->spi = rte_cpu_to_be_32(ipsec->spi);
rte_io_wmb();
struct rte_crypto_sym_xform *crypto_xform,
struct roc_ie_on_common_sa *common_sa)
{
- struct rte_crypto_sym_xform *cipher_xform;
+ struct rte_crypto_sym_xform *cipher_xform, *auth_xform;
const uint8_t *cipher_key;
int cipher_key_len = 0;
int ret;
- if (ipsec->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS)
- cipher_xform = crypto_xform->next;
- else
- cipher_xform = crypto_xform;
-
ret = ipsec_sa_ctl_set(ipsec, crypto_xform, &common_sa->ctl);
if (ret)
return ret;
+ if (ipsec->esn.value) {
+ common_sa->esn_low = ipsec->esn.low;
+ common_sa->esn_hi = ipsec->esn.hi;
+ }
+
+ if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
+ auth_xform = crypto_xform;
+ cipher_xform = crypto_xform->next;
+ } else {
+ cipher_xform = crypto_xform;
+ auth_xform = crypto_xform->next;
+ }
+
if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
if (crypto_xform->aead.algo == RTE_CRYPTO_AEAD_AES_GCM)
memcpy(common_sa->iv.gcm.nonce, &ipsec->salt, 4);
cipher_key = crypto_xform->aead.key.data;
cipher_key_len = crypto_xform->aead.key.length;
} else {
- cipher_key = cipher_xform->cipher.key.data;
- cipher_key_len = cipher_xform->cipher.key.length;
+ if (cipher_xform) {
+ cipher_key = cipher_xform->cipher.key.data;
+ cipher_key_len = cipher_xform->cipher.key.length;
+ }
+
+ if (auth_xform->auth.algo == RTE_CRYPTO_AUTH_AES_GMAC) {
+ memcpy(common_sa->iv.gcm.nonce, &ipsec->salt, 4);
+ cipher_key = auth_xform->auth.key.data;
+ cipher_key_len = auth_xform->auth.key.length;
+ }
}
if (cipher_key_len != 0)
memcpy(common_sa->cipher_key, cipher_key, cipher_key_len);
- else
- return -EINVAL;
return 0;
}
struct rte_crypto_sym_xform *crypto_xform,
struct rte_security_session *sec_sess)
{
- struct rte_crypto_sym_xform *auth_xform = crypto_xform->next;
struct roc_ie_on_ip_template *template = NULL;
struct roc_cpt *roc_cpt = qp->lf.roc_cpt;
+ struct rte_crypto_sym_xform *auth_xform;
+ union roc_on_ipsec_outb_param1 param1;
struct cnxk_cpt_inst_tmpl *inst_tmpl;
struct roc_ie_on_outb_sa *out_sa;
struct cn9k_sec_session *sess;
sa->seq_lo = 1;
sa->seq_hi = 0;
+ if (ipsec->esn.value)
+ sa->esn = ipsec->esn.value;
+
+ if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AUTH)
+ auth_xform = crypto_xform;
+ else
+ auth_xform = crypto_xform->next;
+
ret = fill_ipsec_common_sa(ipsec, crypto_xform, &out_sa->common_sa);
if (ret)
return ret;
return ret;
if (ctl->enc_type == ROC_IE_ON_SA_ENC_AES_GCM ||
- ctl->auth_type == ROC_IE_ON_SA_AUTH_NULL) {
+ ctl->auth_type == ROC_IE_ON_SA_AUTH_NULL ||
+ ctl->auth_type == ROC_IE_ON_SA_AUTH_AES_GMAC) {
template = &out_sa->aes_gcm.template;
ctx_len = offsetof(struct roc_ie_on_outb_sa, aes_gcm.template);
- } else if (ctl->auth_type == ROC_IE_ON_SA_AUTH_SHA1) {
- template = &out_sa->sha1.template;
- ctx_len = offsetof(struct roc_ie_on_outb_sa, sha1.template);
- } else if (ctl->auth_type == ROC_IE_ON_SA_AUTH_SHA2_256) {
- template = &out_sa->sha2.template;
- ctx_len = offsetof(struct roc_ie_on_outb_sa, sha2.template);
} else {
- return -EINVAL;
+ switch (ctl->auth_type) {
+ case ROC_IE_ON_SA_AUTH_SHA1:
+ template = &out_sa->sha1.template;
+ ctx_len = offsetof(struct roc_ie_on_outb_sa,
+ sha1.template);
+ break;
+ case ROC_IE_ON_SA_AUTH_SHA2_256:
+ case ROC_IE_ON_SA_AUTH_SHA2_384:
+ case ROC_IE_ON_SA_AUTH_SHA2_512:
+ template = &out_sa->sha2.template;
+ ctx_len = offsetof(struct roc_ie_on_outb_sa,
+ sha2.template);
+ break;
+ case ROC_IE_ON_SA_AUTH_AES_XCBC_128:
+ template = &out_sa->aes_xcbc.template;
+ ctx_len = offsetof(struct roc_ie_on_outb_sa,
+ aes_xcbc.template);
+ break;
+ default:
+ plt_err("Unsupported auth algorithm");
+ return -EINVAL;
+ }
}
ip4 = (struct rte_ipv4_hdr *)&template->ip4.ipv4_hdr;
template->ip4.udp_src = rte_be_to_cpu_16(4500);
template->ip4.udp_dst = rte_be_to_cpu_16(4500);
} else {
- ip4->next_proto_id = IPPROTO_ESP;
+ if (ipsec->proto == RTE_SECURITY_IPSEC_SA_PROTO_AH)
+ ip4->next_proto_id = IPPROTO_AH;
+ else
+ ip4->next_proto_id = IPPROTO_ESP;
}
if (ipsec->mode == RTE_SECURITY_IPSEC_SA_MODE_TUNNEL) {
if (ipsec->tunnel.type == RTE_SECURITY_IPSEC_TUNNEL_IPV4) {
+ uint16_t frag_off = 0;
ctx_len += sizeof(template->ip4);
ip4->version_ihl = RTE_IPV4_VHL_DEF;
ip4->time_to_live = ipsec->tunnel.ipv4.ttl;
ip4->type_of_service |= (ipsec->tunnel.ipv4.dscp << 2);
if (ipsec->tunnel.ipv4.df)
- ip4->fragment_offset = BIT(14);
+ frag_off |= RTE_IPV4_HDR_DF_FLAG;
+ ip4->fragment_offset = rte_cpu_to_be_16(frag_off);
+
memcpy(&ip4->src_addr, &ipsec->tunnel.ipv4.src_ip,
sizeof(struct in_addr));
memcpy(&ip4->dst_addr, &ipsec->tunnel.ipv4.dst_ip,
ctx_len += RTE_ALIGN_CEIL(ctx_len, 8);
- if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
- sa->cipher_iv_off = crypto_xform->aead.iv.offset;
- sa->cipher_iv_len = crypto_xform->aead.iv.length;
- } else {
- sa->cipher_iv_off = crypto_xform->cipher.iv.offset;
- sa->cipher_iv_len = crypto_xform->cipher.iv.length;
-
+ if (crypto_xform->type != RTE_CRYPTO_SYM_XFORM_AEAD) {
auth_key = auth_xform->auth.key.data;
auth_key_len = auth_xform->auth.key.length;
- if (auth_xform->auth.algo == RTE_CRYPTO_AUTH_SHA1_HMAC)
+ switch (auth_xform->auth.algo) {
+ case RTE_CRYPTO_AUTH_AES_GMAC:
+ case RTE_CRYPTO_AUTH_NULL:
+ break;
+ case RTE_CRYPTO_AUTH_SHA1_HMAC:
memcpy(out_sa->sha1.hmac_key, auth_key, auth_key_len);
- else if (auth_xform->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC)
+ break;
+ case RTE_CRYPTO_AUTH_SHA256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA512_HMAC:
memcpy(out_sa->sha2.hmac_key, auth_key, auth_key_len);
+ break;
+ case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
+ memcpy(out_sa->aes_xcbc.key, auth_key, auth_key_len);
+ break;
+ default:
+ plt_err("Unsupported auth algorithm %u",
+ auth_xform->auth.algo);
+ return -ENOTSUP;
+ }
}
inst_tmpl = &sa->inst;
w4.u64 = 0;
w4.s.opcode_major = ROC_IE_ON_MAJOR_OP_PROCESS_OUTBOUND_IPSEC;
w4.s.opcode_minor = ctx_len >> 3;
- w4.s.param1 = BIT(9);
- w4.s.param1 |= ROC_IE_ON_PER_PKT_IV;
+
+ param1.u16 = 0;
+ param1.s.ikev2 = 1;
+
+ sa->custom_hdr_len = sizeof(struct roc_ie_on_outb_hdr) -
+ ROC_IE_ON_MAX_IV_LEN;
+
+#ifdef LA_IPSEC_DEBUG
+ /* Use IV from application in debug mode */
+ if (ipsec->options.iv_gen_disable == 1) {
+ param1.s.per_pkt_iv = ROC_IE_ON_IV_SRC_FROM_DPTR;
+ sa->custom_hdr_len = sizeof(struct roc_ie_on_outb_hdr);
+
+ if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
+ sa->cipher_iv_off = crypto_xform->aead.iv.offset;
+ sa->cipher_iv_len = crypto_xform->aead.iv.length;
+ } else if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
+ sa->cipher_iv_off = crypto_xform->cipher.iv.offset;
+ sa->cipher_iv_len = crypto_xform->cipher.iv.length;
+ } else {
+ sa->cipher_iv_off = crypto_xform->auth.iv.offset;
+ sa->cipher_iv_len = crypto_xform->auth.iv.length;
+ }
+ }
+#else
+ if (ipsec->options.iv_gen_disable != 0) {
+ plt_err("Application provided IV is not supported");
+ return -ENOTSUP;
+ }
+#endif
+
+ w4.s.param1 = param1.u16;
+
inst_tmpl->w4 = w4.u64;
w7.u64 = 0;
{
struct rte_crypto_sym_xform *auth_xform = crypto_xform;
struct roc_cpt *roc_cpt = qp->lf.roc_cpt;
+ union roc_on_ipsec_inb_param2 param2;
struct cnxk_cpt_inst_tmpl *inst_tmpl;
struct roc_ie_on_inb_sa *in_sa;
struct cn9k_sec_session *sess;
return ret;
if (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD ||
- auth_xform->auth.algo == RTE_CRYPTO_AUTH_NULL) {
+ auth_xform->auth.algo == RTE_CRYPTO_AUTH_NULL ||
+ auth_xform->auth.algo == RTE_CRYPTO_AUTH_AES_GMAC) {
ctx_len = offsetof(struct roc_ie_on_inb_sa,
sha1_or_gcm.hmac_key[0]);
} else {
auth_key = auth_xform->auth.key.data;
auth_key_len = auth_xform->auth.key.length;
- if (auth_xform->auth.algo == RTE_CRYPTO_AUTH_SHA1_HMAC) {
+ switch (auth_xform->auth.algo) {
+ case RTE_CRYPTO_AUTH_NULL:
+ break;
+ case RTE_CRYPTO_AUTH_SHA1_HMAC:
memcpy(in_sa->sha1_or_gcm.hmac_key, auth_key,
auth_key_len);
ctx_len = offsetof(struct roc_ie_on_inb_sa,
sha1_or_gcm.selector);
- } else if (auth_xform->auth.algo ==
- RTE_CRYPTO_AUTH_SHA256_HMAC) {
+ break;
+ case RTE_CRYPTO_AUTH_SHA256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA512_HMAC:
memcpy(in_sa->sha2.hmac_key, auth_key, auth_key_len);
ctx_len = offsetof(struct roc_ie_on_inb_sa,
sha2.selector);
+ break;
+ case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
+ memcpy(in_sa->aes_xcbc.key, auth_key, auth_key_len);
+ ctx_len = offsetof(struct roc_ie_on_inb_sa,
+ aes_xcbc.selector);
+ break;
+ default:
+ plt_err("Unsupported auth algorithm %u",
+ auth_xform->auth.algo);
+ return -ENOTSUP;
}
}
w4.u64 = 0;
w4.s.opcode_major = ROC_IE_ON_MAJOR_OP_PROCESS_INBOUND_IPSEC;
w4.s.opcode_minor = ctx_len >> 3;
- w4.s.param2 = BIT(12);
+
+ param2.u16 = 0;
+ param2.s.ikev2 = 1;
+ w4.s.param2 = param2.u16;
+
inst_tmpl->w4 = w4.u64;
w7.u64 = 0;
sa->ar.wint = sa->replay_win_sz;
sa->ar.base = sa->replay_win_sz;
- in_sa->common_sa.esn_low = 0;
- in_sa->common_sa.esn_hi = 0;
+ in_sa->common_sa.esn_low = sa->seq_lo;
+ in_sa->common_sa.esn_hi = sa->seq_hi;
}
return cn9k_cpt_enq_sa_write(
}
static inline int
-cn9k_ipsec_xform_verify(struct rte_security_ipsec_xform *ipsec)
+cn9k_ipsec_xform_verify(struct rte_security_ipsec_xform *ipsec,
+ struct rte_crypto_sym_xform *crypto)
{
if (ipsec->life.bytes_hard_limit != 0 ||
ipsec->life.bytes_soft_limit != 0 ||
ipsec->life.packets_soft_limit != 0)
return -ENOTSUP;
+ if (ipsec->mode == RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT &&
+ ipsec->proto != RTE_SECURITY_IPSEC_SA_PROTO_AH) {
+ enum rte_crypto_sym_xform_type type = crypto->type;
+
+ if (type == RTE_CRYPTO_SYM_XFORM_AEAD) {
+ if ((crypto->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) &&
+ (crypto->aead.key.length == 32)) {
+ plt_err("Transport mode AES-256-GCM is not supported");
+ return -ENOTSUP;
+ }
+ } else {
+ struct rte_crypto_cipher_xform *cipher;
+ struct rte_crypto_auth_xform *auth;
+
+ if (crypto->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
+ cipher = &crypto->cipher;
+ auth = &crypto->next->auth;
+ } else {
+ cipher = &crypto->next->cipher;
+ auth = &crypto->auth;
+ }
+
+ if ((cipher->algo == RTE_CRYPTO_CIPHER_AES_CBC) &&
+ (auth->algo == RTE_CRYPTO_AUTH_SHA256_HMAC)) {
+ plt_err("Transport mode AES-CBC SHA2 HMAC 256 is not supported");
+ return -ENOTSUP;
+ }
+
+ if ((cipher->algo == RTE_CRYPTO_CIPHER_AES_CBC) &&
+ (auth->algo == RTE_CRYPTO_AUTH_SHA384_HMAC)) {
+ plt_err("Transport mode AES-CBC SHA2 HMAC 384 is not supported");
+ return -ENOTSUP;
+ }
+
+ if ((cipher->algo == RTE_CRYPTO_CIPHER_AES_CBC) &&
+ (auth->algo == RTE_CRYPTO_AUTH_SHA512_HMAC)) {
+ plt_err("Transport mode AES-CBC SHA2 HMAC 512 is not supported");
+ return -ENOTSUP;
+ }
+
+ if ((cipher->algo == RTE_CRYPTO_CIPHER_AES_CBC) &&
+ (auth->algo == RTE_CRYPTO_AUTH_AES_XCBC_MAC)) {
+ plt_err("Transport mode AES-CBC AES-XCBC is not supported");
+ return -ENOTSUP;
+ }
+ }
+ }
+
return 0;
}
if (ret)
return ret;
- ret = cn9k_ipsec_xform_verify(ipsec_xform);
+ ret = cn9k_ipsec_xform_verify(ipsec_xform, crypto_xform);
if (ret)
return ret;
return sizeof(struct cn9k_sec_session);
}
+static int
+cn9k_sec_session_update(void *device, struct rte_security_session *sec_sess,
+ struct rte_security_session_conf *conf)
+{
+ struct rte_cryptodev *crypto_dev = device;
+ struct cnxk_cpt_qp *qp;
+ int ret;
+
+ qp = crypto_dev->data->queue_pairs[0];
+ if (qp == NULL) {
+ plt_err("CPT queue pairs need to be setup for updating security"
+ " session");
+ return -EPERM;
+ }
+
+ if (conf->ipsec.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS)
+ return -ENOTSUP;
+
+ ret = cnxk_ipsec_xform_verify(&conf->ipsec, conf->crypto_xform);
+ if (ret)
+ return ret;
+
+ ret = cn9k_ipsec_xform_verify(&conf->ipsec, conf->crypto_xform);
+ if (ret)
+ return ret;
+
+ return cn9k_ipsec_outb_sa_create(qp, &conf->ipsec, conf->crypto_xform,
+ sec_sess);
+}
+
/* Update platform specific security ops */
void
cn9k_sec_ops_override(void)
cnxk_sec_ops.session_create = cn9k_sec_session_create;
cnxk_sec_ops.session_destroy = cn9k_sec_session_destroy;
cnxk_sec_ops.session_get_size = cn9k_sec_session_get_size;
+ cnxk_sec_ops.session_update = cn9k_sec_session_update;
}
git.droids-corp.org / dpdk.git / blobdiff