X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=lib%2Flibrte_security%2Frte_security.c;h=515c29e047cb5268b594b77cfd19baee5db1de97;hb=47dcca067f4ab978df3414741be8fa00ddbac4f0;hp=1954960a50f1b610012859a39afe19f99dd4cf28;hpb=8a29f519ef1b2fdddb0324e867006c76c70173cb;p=dpdk.git diff --git a/lib/librte_security/rte_security.c b/lib/librte_security/rte_security.c index 1954960a50..515c29e047 100644 --- a/lib/librte_security/rte_security.c +++ b/lib/librte_security/rte_security.c @@ -1,6 +1,7 @@ /* SPDX-License-Identifier: BSD-3-Clause * Copyright 2017 NXP. * Copyright(c) 2017 Intel Corporation. + * Copyright (c) 2020 Samsung Electronics Co., Ltd All Rights Reserved */ #include @@ -9,17 +10,29 @@ #include "rte_security.h" #include "rte_security_driver.h" +/* Macro to check for invalid pointers */ +#define RTE_PTR_OR_ERR_RET(ptr, retval) do { \ + if ((ptr) == NULL) \ + return retval; \ +} while (0) + +/* Macro to check for invalid pointers chains */ +#define RTE_PTR_CHAIN3_OR_ERR_RET(p1, p2, p3, retval, last_retval) do { \ + RTE_PTR_OR_ERR_RET(p1, retval); \ + RTE_PTR_OR_ERR_RET(p1->p2, retval); \ + RTE_PTR_OR_ERR_RET(p1->p2->p3, last_retval); \ +} while (0) + struct rte_security_session * -__rte_experimental rte_security_session_create(struct rte_security_ctx *instance, +rte_security_session_create(struct rte_security_ctx *instance, struct rte_security_session_conf *conf, struct rte_mempool *mp) { struct rte_security_session *sess = NULL; - if (conf == NULL) - return NULL; - - RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_create, NULL); + RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_create, NULL, NULL); + RTE_PTR_OR_ERR_RET(conf, NULL); + RTE_PTR_OR_ERR_RET(mp, NULL); if (rte_mempool_get(mp, (void **)&sess)) return NULL; @@ -33,64 +46,86 @@ __rte_experimental rte_security_session_create(struct rte_security_ctx *instance return sess; } -int __rte_experimental +int rte_security_session_update(struct rte_security_ctx *instance, struct rte_security_session *sess, struct rte_security_session_conf *conf) { - RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_update, -ENOTSUP); + RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_update, -EINVAL, + -ENOTSUP); + RTE_PTR_OR_ERR_RET(sess, -EINVAL); + RTE_PTR_OR_ERR_RET(conf, -EINVAL); + return instance->ops->session_update(instance->device, sess, conf); } -unsigned int __rte_experimental +unsigned int rte_security_session_get_size(struct rte_security_ctx *instance) { - RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_get_size, 0); + RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_get_size, 0, 0); + return instance->ops->session_get_size(instance->device); } -int __rte_experimental +int rte_security_session_stats_get(struct rte_security_ctx *instance, struct rte_security_session *sess, struct rte_security_stats *stats) { - RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_stats_get, -ENOTSUP); + RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_stats_get, -EINVAL, + -ENOTSUP); + /* Parameter sess can be NULL in case of getting global statistics. */ + RTE_PTR_OR_ERR_RET(stats, -EINVAL); + return instance->ops->session_stats_get(instance->device, sess, stats); } -int __rte_experimental +int rte_security_session_destroy(struct rte_security_ctx *instance, struct rte_security_session *sess) { int ret; - RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_destroy, -ENOTSUP); + RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_destroy, -EINVAL, + -ENOTSUP); + RTE_PTR_OR_ERR_RET(sess, -EINVAL); + + ret = instance->ops->session_destroy(instance->device, sess); + if (ret != 0) + return ret; + + rte_mempool_put(rte_mempool_from_obj(sess), (void *)sess); if (instance->sess_cnt) instance->sess_cnt--; - ret = instance->ops->session_destroy(instance->device, sess); - if (!ret) - rte_mempool_put(rte_mempool_from_obj(sess), (void *)sess); - - return ret; + return 0; } -int __rte_experimental +int rte_security_set_pkt_metadata(struct rte_security_ctx *instance, struct rte_security_session *sess, struct rte_mbuf *m, void *params) { +#ifdef RTE_DEBUG + RTE_PTR_OR_ERR_RET(sess, -EINVAL); + RTE_PTR_OR_ERR_RET(instance, -EINVAL); + RTE_PTR_OR_ERR_RET(instance->ops, -EINVAL); +#endif RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->set_pkt_metadata, -ENOTSUP); return instance->ops->set_pkt_metadata(instance->device, sess, m, params); } -void * __rte_experimental +void * rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md) { void *userdata = NULL; +#ifdef RTE_DEBUG + RTE_PTR_OR_ERR_RET(instance, NULL); + RTE_PTR_OR_ERR_RET(instance->ops, NULL); +#endif RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->get_userdata, NULL); if (instance->ops->get_userdata(instance->device, md, &userdata)) return NULL; @@ -98,14 +133,15 @@ rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md) return userdata; } -const struct rte_security_capability * __rte_experimental +const struct rte_security_capability * rte_security_capabilities_get(struct rte_security_ctx *instance) { - RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->capabilities_get, NULL); + RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, capabilities_get, NULL, NULL); + return instance->ops->capabilities_get(instance->device); } -const struct rte_security_capability * __rte_experimental +const struct rte_security_capability * rte_security_capability_get(struct rte_security_ctx *instance, struct rte_security_capability_idx *idx) { @@ -113,7 +149,9 @@ rte_security_capability_get(struct rte_security_ctx *instance, const struct rte_security_capability *capability; uint16_t i = 0; - RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->capabilities_get, NULL); + RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, capabilities_get, NULL, NULL); + RTE_PTR_OR_ERR_RET(idx, NULL); + capabilities = instance->ops->capabilities_get(instance->device); if (capabilities == NULL) @@ -121,7 +159,7 @@ rte_security_capability_get(struct rte_security_ctx *instance, while ((capability = &capabilities[i++])->action != RTE_SECURITY_ACTION_TYPE_NONE) { - if (capability->action == idx->action && + if (capability->action == idx->action && capability->protocol == idx->protocol) { if (idx->protocol == RTE_SECURITY_PROTOCOL_IPSEC) { if (capability->ipsec.proto == @@ -131,6 +169,15 @@ rte_security_capability_get(struct rte_security_ctx *instance, capability->ipsec.direction == idx->ipsec.direction) return capability; + } else if (idx->protocol == RTE_SECURITY_PROTOCOL_PDCP) { + if (capability->pdcp.domain == + idx->pdcp.domain) + return capability; + } else if (idx->protocol == + RTE_SECURITY_PROTOCOL_DOCSIS) { + if (capability->docsis.direction == + idx->docsis.direction) + return capability; } } }