[dpdk-dev] [PATCH] test/crypto: fix compilation issue without security

[dpdk-dev] [PATCH] test/crypto: fix compilation issue without security

[Hemant Agrawal]

This patch fixes the compilation issue in test_cryptodev.c
when RTE_LIBRTE_SECURITY is disabled.
Fixes: d883e6e7131b ("test/crypto: add PDCP C-Plane encap cases")

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 app/test/test_cryptodev.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index 65d80837a..c4d593f34 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -71,9 +71,13 @@ struct crypto_unittest_params {
 
 	union {
 		struct rte_cryptodev_sym_session *sess;
+#ifdef RTE_LIBRTE_SECURITY
 		struct rte_security_session *sec_session;
+#endif
 	};
+#ifdef RTE_LIBRTE_SECURITY
 	enum rte_security_session_action_type type;
+#endif
 	struct rte_crypto_op *op;
 
 	struct rte_mbuf *obuf, *ibuf;
@@ -573,6 +577,7 @@ ut_teardown(void)
 	struct rte_cryptodev_stats stats;
 
 	/* free crypto session structure */
+#ifdef RTE_LIBRTE_SECURITY
 	if (ut_params->type == RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL) {
 		if (ut_params->sec_session) {
 			rte_security_session_destroy(rte_cryptodev_get_sec_ctx
@@ -580,7 +585,9 @@ ut_teardown(void)
 						ut_params->sec_session);
 			ut_params->sec_session = NULL;
 		}
-	} else {
+	} else
+#endif
+	{
 		if (ut_params->sess) {
 			rte_cryptodev_sym_session_clear(
 					ts_params->valid_devs[0],
-- 
2.17.1

[dpdk-dev] [PATCH] app/proc-info: fix compilation with no security

[Hemant Agrawal]

This patch fixes the compilation issues when
RTE_LIBRTE_SECURITY is disabled.

Fixes: 8a37f37fc243 ("app/procinfo: add --show-port")
Cc: stable@dpdk.org
Cc: vipin.varghese@intel.com

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 app/proc-info/main.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/app/proc-info/main.c b/app/proc-info/main.c
index a3f854b89..8cf501d06 100644
--- a/app/proc-info/main.c
+++ b/app/proc-info/main.c
@@ -30,7 +30,9 @@
 #include <rte_string_fns.h>
 #include <rte_metrics.h>
 #include <rte_cycles.h>
+#ifdef RTE_LIBRTE_SECURITY
 #include <rte_security.h>
+#endif
 #include <rte_cryptodev.h>
 #include <rte_tm.h>
 #include <rte_hexdump.h>
@@ -733,6 +735,7 @@ show_port(void)
 		}
 
 		printf("  - cyrpto context\n");
+#ifdef RTE_LIBRTE_SECURITY
 		void *p_ctx = rte_eth_dev_get_sec_ctx(i);
 		printf("\t  -- security context - %p\n", p_ctx);
 
@@ -751,6 +754,7 @@ show_port(void)
 						s_cap->crypto_capabilities->op);
 			}
 		}
+#endif
 	}
 
 	STATS_BDR_STR(50, "");
-- 
2.17.1

[dpdk-dev] [PATCH] crypto/dpaa_sec: enable compilation without security

[Hemant Agrawal]

This patch enables the dpaaX_sec compilation when SECURITY
is disabled.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/Makefile                     |  4 ++--
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 26 +++++++++++++++------
 drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h   | 11 +++++++--
 drivers/crypto/dpaa_sec/dpaa_sec.c          | 25 ++++++++++++++------
 drivers/crypto/dpaa_sec/dpaa_sec.h          | 10 ++++++--
 mk/rte.app.mk                               |  4 ++--
 6 files changed, 58 insertions(+), 22 deletions(-)

diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
index 8b0085792..47a2a9e79 100644
--- a/drivers/crypto/Makefile
+++ b/drivers/crypto/Makefile
@@ -16,14 +16,14 @@ DIRS-$(CONFIG_RTE_LIBRTE_PMD_KASUMI) += kasumi
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_ZUC) += zuc
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_MVSAM_CRYPTO) += mvsam
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO) += null
-ifeq ($(CONFIG_RTE_LIBRTE_SECURITY),y)
 ifeq ($(CONFIG_RTE_EAL_VFIO)$(CONFIG_RTE_LIBRTE_FSLMC_BUS),yy)
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC) += dpaa2_sec
 endif # CONFIG_RTE_LIBRTE_FSLMC_BUS
 ifeq ($(CONFIG_RTE_LIBRTE_DPAA_BUS),y)
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_DPAA_SEC) += dpaa_sec
-DIRS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr
 endif # CONFIG_RTE_LIBRTE_PMD_DPAA_SEC
+ifeq ($(CONFIG_RTE_LIBRTE_SECURITY),y)
+DIRS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr
 endif # CONFIG_RTE_LIBRTE_SECURITY
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_VIRTIO_CRYPTO) += virtio
 DIRS-$(CONFIG_RTE_LIBRTE_PMD_NITROX) += nitrox
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index b33dbca8b..41dbbb7da 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -166,6 +166,7 @@ build_proto_compound_sg_fd(dpaa2_sec_session *sess,
 	ip_fle->length = in_len;
 	DPAA2_SET_FLE_FIN(sge);
 
+#ifdef RTE_LIBRTE_SECURITY
 	/* In case of PDCP, per packet HFN is stored in
 	 * mbuf priv after sym_op.
 	 */
@@ -176,6 +177,7 @@ build_proto_compound_sg_fd(dpaa2_sec_session *sess,
 		DPAA2_SET_FLE_INTERNAL_JD(op_fle, hfn_ovd);
 		DPAA2_SET_FD_INTERNAL_JD(fd, hfn_ovd);
 	}
+#endif
 	DPAA2_SET_FD_LEN(fd, ip_fle->length);
 
 	return 0;
@@ -241,6 +243,7 @@ build_proto_compound_fd(dpaa2_sec_session *sess,
 	DPAA2_SET_FD_LEN(fd, ip_fle->length);
 	DPAA2_SET_FLE_FIN(ip_fle);
 
+#ifdef RTE_LIBRTE_SECURITY
 	/* In case of PDCP, per packet HFN is stored in
 	 * mbuf priv after sym_op.
 	 */
@@ -251,7 +254,7 @@ build_proto_compound_fd(dpaa2_sec_session *sess,
 		DPAA2_SET_FLE_INTERNAL_JD(op_fle, hfn_ovd);
 		DPAA2_SET_FD_INTERNAL_JD(fd, hfn_ovd);
 	}
-
+#endif
 	return 0;
 
 }
@@ -1358,9 +1361,11 @@ build_sec_fd(struct rte_crypto_op *op,
 	if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION)
 		sess = (dpaa2_sec_session *)get_sym_session_private_data(
 				op->sym->session, cryptodev_driver_id);
+#ifdef RTE_LIBRTE_SECURITY
 	else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
 		sess = (dpaa2_sec_session *)get_sec_session_private_data(
 				op->sym->sec_session);
+#endif
 	else
 		return -1;
 
@@ -1506,7 +1511,7 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
 	struct rte_crypto_op *op;
 	uint16_t len = DPAA2_GET_FD_LEN(fd);
 	uint16_t diff = 0;
-	dpaa2_sec_session *sess_priv;
+	dpaa2_sec_session *sess_priv __rte_unused;
 
 	struct rte_mbuf *mbuf = DPAA2_INLINE_MBUF_FROM_BUF(
 		DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd)),
@@ -1519,13 +1524,14 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
 	mbuf->buf_iova = op->sym->aead.digest.phys_addr;
 	op->sym->aead.digest.phys_addr = 0L;
 
+#ifdef RTE_LIBRTE_SECURITY
 	sess_priv = (dpaa2_sec_session *)get_sec_session_private_data(
 				op->sym->sec_session);
 	if (sess_priv->dir == DIR_ENC)
 		mbuf->data_off += SEC_FLC_DHR_OUTBOUND;
 	else
 		mbuf->data_off += SEC_FLC_DHR_INBOUND;
-
+#endif
 	return op;
 }
 
@@ -1569,6 +1575,7 @@ sec_fd_to_mbuf(const struct qbman_fd *fd)
 	} else
 		dst = src;
 
+#ifdef RTE_LIBRTE_SECURITY
 	if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
 		dpaa2_sec_session *sess = (dpaa2_sec_session *)
 			get_sec_session_private_data(op->sym->sec_session);
@@ -1583,7 +1590,7 @@ sec_fd_to_mbuf(const struct qbman_fd *fd)
 			dst->data_len = len;
 		}
 	}
-
+#endif
 	DPAA2_SEC_DP_DEBUG("mbuf %p BMAN buf addr %p,"
 		" fdaddr =%" PRIx64 " bpid =%d meta =%d off =%d, len =%d\n",
 		(void *)dst,
@@ -2500,6 +2507,7 @@ dpaa2_sec_set_session_parameters(struct rte_cryptodev *dev,
 	return ret;
 }
 
+#ifdef RTE_LIBRTE_SECURITY
 static int
 dpaa2_sec_ipsec_aead_init(struct rte_crypto_aead_xform *aead_xform,
 			dpaa2_sec_session *session,
@@ -3172,7 +3180,7 @@ dpaa2_sec_security_session_destroy(void *dev __rte_unused,
 	}
 	return 0;
 }
-
+#endif
 static int
 dpaa2_sec_sym_session_configure(struct rte_cryptodev *dev,
 		struct rte_crypto_sym_xform *xform,
@@ -3561,6 +3569,7 @@ static struct rte_cryptodev_ops crypto_ops = {
 	.sym_session_clear        = dpaa2_sec_sym_session_clear,
 };
 
+#ifdef RTE_LIBRTE_SECURITY
 static const struct rte_security_capability *
 dpaa2_sec_capabilities_get(void *device __rte_unused)
 {
@@ -3575,6 +3584,7 @@ static const struct rte_security_ops dpaa2_sec_security_ops = {
 	.set_pkt_metadata = NULL,
 	.capabilities_get = dpaa2_sec_capabilities_get
 };
+#endif
 
 static int
 dpaa2_sec_uninit(const struct rte_cryptodev *dev)
@@ -3597,7 +3607,9 @@ dpaa2_sec_dev_init(struct rte_cryptodev *cryptodev)
 	struct dpaa2_sec_dev_private *internals;
 	struct rte_device *dev = cryptodev->device;
 	struct rte_dpaa2_device *dpaa2_dev;
+#ifdef RTE_LIBRTE_SECURITY
 	struct rte_security_ctx *security_instance;
+#endif
 	struct fsl_mc_io *dpseci;
 	uint16_t token;
 	struct dpseci_attr attr;
@@ -3638,7 +3650,7 @@ dpaa2_sec_dev_init(struct rte_cryptodev *cryptodev)
 		DPAA2_SEC_DEBUG("Device already init by primary process");
 		return 0;
 	}
-
+#ifdef RTE_LIBRTE_SECURITY
 	/* Initialize security_ctx only for primary process*/
 	security_instance = rte_malloc("rte_security_instances_ops",
 				sizeof(struct rte_security_ctx), 0);
@@ -3648,7 +3660,7 @@ dpaa2_sec_dev_init(struct rte_cryptodev *cryptodev)
 	security_instance->ops = &dpaa2_sec_security_ops;
 	security_instance->sess_cnt = 0;
 	cryptodev->security_ctx = security_instance;
-
+#endif
 	/*Open the rte device via MC and save the handle for further use*/
 	dpseci = (struct fsl_mc_io *)rte_calloc(NULL, 1,
 				sizeof(struct fsl_mc_io), 0);
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
index ca4fcfe9b..648bf8045 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
@@ -8,7 +8,9 @@
 #ifndef _RTE_DPAA2_SEC_PMD_PRIVATE_H_
 #define _RTE_DPAA2_SEC_PMD_PRIVATE_H_
 
+#ifdef RTE_LIBRTE_SECURITY
 #include <rte_security_driver.h>
+#endif
 
 #define CRYPTODEV_NAME_DPAA2_SEC_PMD	crypto_dpaa2_sec
 /**< NXP DPAA2 - SEC PMD device name */
@@ -139,6 +141,7 @@ struct dpaa2_sec_aead_ctxt {
 	uint8_t auth_cipher_text;       /**< Authenticate/cipher ordering */
 };
 
+#ifdef RTE_LIBRTE_SECURITY
 /*
  * The structure is to be filled by user for PDCP Protocol
  */
@@ -154,7 +157,7 @@ struct dpaa2_pdcp_ctxt {
 	uint32_t hfn;	/*!< Hyper Frame Number */
 	uint32_t hfn_threshold;	/*!< HFN Threashold for key renegotiation */
 };
-
+#endif
 typedef struct dpaa2_sec_session_entry {
 	void *ctxt;
 	uint8_t ctxt_type;
@@ -190,7 +193,9 @@ typedef struct dpaa2_sec_session_entry {
 				struct dpaa2_sec_aead_ctxt aead_ctxt;
 			} ext_params;
 		};
+#ifdef RTE_LIBRTE_SECURITY
 		struct dpaa2_pdcp_ctxt pdcp;
+#endif
 	};
 } dpaa2_sec_session;
 
@@ -504,6 +509,8 @@ static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {
 	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
 };
 
+#ifdef RTE_LIBRTE_SECURITY
+
 static const struct rte_cryptodev_capabilities dpaa2_pdcp_capabilities[] = {
 	{	/* SNOW 3G (UIA2) */
 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
@@ -705,7 +712,7 @@ static const struct rte_security_capability dpaa2_sec_security_cap[] = {
 		.action = RTE_SECURITY_ACTION_TYPE_NONE
 	}
 };
-
+#endif
 /**
  * Checksum
  *
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 7c37136fa..4adaadf5f 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -15,7 +15,9 @@
 #include <rte_cryptodev_pmd.h>
 #include <rte_crypto.h>
 #include <rte_cryptodev.h>
+#ifdef RTE_LIBRTE_SECURITY
 #include <rte_security_driver.h>
+#endif
 #include <rte_cycles.h>
 #include <rte_dev.h>
 #include <rte_kvargs.h>
@@ -252,6 +254,7 @@ static inline int is_decode(dpaa_sec_session *ses)
 	return ses->dir == DIR_DEC;
 }
 
+#ifdef RTE_LIBRTE_SECURITY
 static int
 dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses)
 {
@@ -355,7 +358,6 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses)
 					ses->pdcp.hfn_threshold,
 					&cipherdata, p_authdata, 0);
 	}
-
 	return shared_desc_len;
 }
 
@@ -432,7 +434,7 @@ dpaa_sec_prep_ipsec_cdb(dpaa_sec_session *ses)
 	}
 	return shared_desc_len;
 }
-
+#endif
 /* prepare command block of the session */
 static int
 dpaa_sec_prep_cdb(dpaa_sec_session *ses)
@@ -450,12 +452,14 @@ dpaa_sec_prep_cdb(dpaa_sec_session *ses)
 	memset(cdb, 0, sizeof(struct sec_cdb));
 
 	switch (ses->ctxt) {
+#ifdef RTE_LIBRTE_SECURITY
 	case DPAA_SEC_IPSEC:
 		shared_desc_len = dpaa_sec_prep_ipsec_cdb(ses);
 		break;
 	case DPAA_SEC_PDCP:
 		shared_desc_len = dpaa_sec_prep_pdcp_cdb(ses);
 		break;
+#endif
 	case DPAA_SEC_CIPHER:
 		alginfo_c.key = (size_t)ses->cipher_key.data;
 		alginfo_c.keylen = ses->cipher_key.length;
@@ -1753,11 +1757,13 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
 							op->sym->session,
 							cryptodev_driver_id);
 				break;
+#ifdef RTE_LIBRTE_SECURITY
 			case RTE_CRYPTO_OP_SECURITY_SESSION:
 				ses = (dpaa_sec_session *)
 					get_sec_session_private_data(
 							op->sym->sec_session);
 				break;
+#endif
 			default:
 				DPAA_SEC_DP_ERR(
 					"sessionless crypto op not supported");
@@ -1877,6 +1883,7 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
 					((auth_tail_len << 16) | auth_hdr_len);
 			}
 
+#ifdef RTE_LIBRTE_SECURITY
 			/* In case of PDCP, per packet HFN is stored in
 			 * mbuf priv after sym_op.
 			 */
@@ -1889,7 +1896,7 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
 					ses->pdcp.hfn_ovd_offset)),
 					ses->pdcp.hfn_ovd);
 			}
-
+#endif
 		}
 send_pkts:
 		loop = 0;
@@ -2483,6 +2490,7 @@ dpaa_sec_sym_session_clear(struct rte_cryptodev *dev,
 	}
 }
 
+#ifdef RTE_LIBRTE_SECURITY
 static int
 dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
 			   struct rte_security_session_conf *conf,
@@ -2906,7 +2914,7 @@ dpaa_sec_security_session_destroy(void *dev __rte_unused,
 	}
 	return 0;
 }
-
+#endif
 static int
 dpaa_sec_dev_configure(struct rte_cryptodev *dev __rte_unused,
 		       struct rte_cryptodev_config *config __rte_unused)
@@ -3152,6 +3160,7 @@ static struct rte_cryptodev_ops crypto_ops = {
 	.sym_session_clear        = dpaa_sec_sym_session_clear
 };
 
+#ifdef RTE_LIBRTE_SECURITY
 static const struct rte_security_capability *
 dpaa_sec_capabilities_get(void *device __rte_unused)
 {
@@ -3166,7 +3175,7 @@ static const struct rte_security_ops dpaa_sec_security_ops = {
 	.set_pkt_metadata = NULL,
 	.capabilities_get = dpaa_sec_capabilities_get
 };
-
+#endif
 static int
 dpaa_sec_uninit(struct rte_cryptodev *dev)
 {
@@ -3190,7 +3199,9 @@ static int
 dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
 {
 	struct dpaa_sec_dev_private *internals;
+#ifdef RTE_LIBRTE_SECURITY
 	struct rte_security_ctx *security_instance;
+#endif
 	struct dpaa_sec_qp *qp;
 	uint32_t i, flags;
 	int ret;
@@ -3225,7 +3236,7 @@ dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
 		DPAA_SEC_WARN("Device already init by primary process");
 		return 0;
 	}
-
+#ifdef RTE_LIBRTE_SECURITY
 	/* Initialize security_ctx only for primary process*/
 	security_instance = rte_malloc("rte_security_instances_ops",
 				sizeof(struct rte_security_ctx), 0);
@@ -3235,7 +3246,7 @@ dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
 	security_instance->ops = &dpaa_sec_security_ops;
 	security_instance->sess_cnt = 0;
 	cryptodev->security_ctx = security_instance;
-
+#endif
 	rte_spinlock_init(&internals->lock);
 	for (i = 0; i < internals->max_nb_queue_pairs; i++) {
 		/* init qman fq for queue pair */
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.h b/drivers/crypto/dpaa_sec/dpaa_sec.h
index a661d5a56..85aa6f6a0 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.h
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.h
@@ -98,7 +98,7 @@ struct sec_cdb {
 
 	uint32_t sh_desc[DPAA_SEC_MAX_DESC_SIZE];
 };
-
+#ifdef RTE_LIBRTE_SECURITY
 /*!
  * The structure is to be filled by user as a part of
  * dpaa_sec_proto_ctxt for PDCP Protocol
@@ -115,14 +115,16 @@ struct sec_pdcp_ctxt {
 	uint32_t hfn;	/*!< Hyper Frame Number */
 	uint32_t hfn_threshold;	/*!< HFN Threashold for key renegotiation */
 };
-
+#endif
 typedef struct dpaa_sec_session_entry {
 	uint8_t dir;         /*!< Operation Direction */
 	uint8_t ctxt;	/*!< Session Context Type */
 	enum rte_crypto_cipher_algorithm cipher_alg; /*!< Cipher Algorithm*/
 	enum rte_crypto_auth_algorithm auth_alg; /*!< Authentication Algorithm*/
 	enum rte_crypto_aead_algorithm aead_alg; /*!< AEAD Algorithm*/
+#ifdef RTE_LIBRTE_SECURITY
 	enum rte_security_session_protocol proto_alg; /*!< Security Algorithm*/
+#endif
 	union {
 		struct {
 			uint8_t *data;	/**< pointer to key data */
@@ -163,7 +165,9 @@ typedef struct dpaa_sec_session_entry {
 			uint8_t auth_cipher_text;
 				/**< Authenticate/cipher ordering */
 		};
+#ifdef RTE_LIBRTE_SECURITY
 		struct sec_pdcp_ctxt pdcp;
+#endif
 	};
 	struct dpaa_sec_qp *qp[MAX_DPAA_CORES];
 	struct qman_fq *inq[MAX_DPAA_CORES];
@@ -679,6 +683,7 @@ static const struct rte_cryptodev_capabilities dpaa_pdcp_capabilities[] = {
 	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
 };
 
+#ifdef RTE_LIBRTE_SECURITY
 static const struct rte_security_capability dpaa_sec_security_cap[] = {
 	{ /* IPsec Lookaside Protocol offload ESP Transport Egress */
 		.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
@@ -722,6 +727,7 @@ static const struct rte_security_capability dpaa_sec_security_cap[] = {
 		.action = RTE_SECURITY_ACTION_TYPE_NONE
 	}
 };
+#endif
 
 /**
  * Checksum
diff --git a/mk/rte.app.mk b/mk/rte.app.mk
index e79f16e28..063c4605b 100644
--- a/mk/rte.app.mk
+++ b/mk/rte.app.mk
@@ -275,14 +275,14 @@ _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_NITROX)      += -lrte_pmd_nitrox
 _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_OCTEONTX_CRYPTO) += -lrte_pmd_octeontx_crypto
 _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_OCTEONTX2_CRYPTO) += -lrte_pmd_octeontx2_crypto
 _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_CRYPTO_SCHEDULER) += -lrte_pmd_crypto_scheduler
-ifeq ($(CONFIG_RTE_LIBRTE_SECURITY),y)
 ifeq ($(CONFIG_RTE_EAL_VFIO)$(CONFIG_RTE_LIBRTE_FSLMC_BUS),yy)
 _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC)   += -lrte_pmd_dpaa2_sec
 endif # CONFIG_RTE_LIBRTE_FSLMC_BUS
 ifeq ($(CONFIG_RTE_LIBRTE_DPAA_BUS),y)
 _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_DPAA_SEC)   += -lrte_pmd_dpaa_sec
-_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR)   += -lrte_pmd_caam_jr
 endif # CONFIG_RTE_LIBRTE_DPAA_BUS
+ifeq ($(CONFIG_RTE_LIBRTE_SECURITY),y)
+_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR)   += -lrte_pmd_caam_jr
 endif # CONFIG_RTE_LIBRTE_SECURITY
 _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_VIRTIO_CRYPTO) += -lrte_pmd_virtio_crypto
 endif # CONFIG_RTE_LIBRTE_CRYPTODEV
-- 
2.17.1

Re: [dpdk-dev] [PATCH] test/crypto: fix compilation issue without security

[Thierry Herbelot]

On 10/18/19 9:56 AM, Hemant Agrawal wrote:
> This patch fixes the compilation issue in test_cryptodev.c
> when RTE_LIBRTE_SECURITY is disabled.
> Fixes: d883e6e7131b ("test/crypto: add PDCP C-Plane encap cases")
> 
> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> ---
>   app/test/test_cryptodev.c | 9 ++++++++-
>   1 file changed, 8 insertions(+), 1 deletion(-)
> 
> diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
> index 65d80837a..c4d593f34 100644
> --- a/app/test/test_cryptodev.c
> +++ b/app/test/test_cryptodev.c
> @@ -71,9 +71,13 @@ struct crypto_unittest_params {
>   
>   	union {
>   		struct rte_cryptodev_sym_session *sess;
> +#ifdef RTE_LIBRTE_SECURITY
>   		struct rte_security_session *sec_session;
> +#endif
>   	};
> +#ifdef RTE_LIBRTE_SECURITY
>   	enum rte_security_session_action_type type;
> +#endif
>   	struct rte_crypto_op *op;
>   
>   	struct rte_mbuf *obuf, *ibuf;
> @@ -573,6 +577,7 @@ ut_teardown(void)
>   	struct rte_cryptodev_stats stats;
>   
>   	/* free crypto session structure */
> +#ifdef RTE_LIBRTE_SECURITY
>   	if (ut_params->type == RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL) {
>   		if (ut_params->sec_session) {
>   			rte_security_session_destroy(rte_cryptodev_get_sec_ctx
> @@ -580,7 +585,9 @@ ut_teardown(void)
>   						ut_params->sec_session);
>   			ut_params->sec_session = NULL;
>   		}
> -	} else {
> +	} else
> +#endif
> +	{
>   		if (ut_params->sess) {
>   			rte_cryptodev_sym_session_clear(
>   					ts_params->valid_devs[0],
> 

Acked-by: Thierry Herbelot <thierry.herbelot@6wind.com>

-- 
Thierry Herbelot
6WIND
Senior Software Engineer

Re: [dpdk-dev] [PATCH] app/proc-info: fix compilation with no security

[Thierry Herbelot]

On 10/18/19 9:56 AM, Hemant Agrawal wrote:
> This patch fixes the compilation issues when
> RTE_LIBRTE_SECURITY is disabled.
> 
> Fixes: 8a37f37fc243 ("app/procinfo: add --show-port")
> Cc: stable@dpdk.org
> Cc: vipin.varghese@intel.com
> 
> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> ---
>   app/proc-info/main.c | 4 ++++
>   1 file changed, 4 insertions(+)
> 
> diff --git a/app/proc-info/main.c b/app/proc-info/main.c
> index a3f854b89..8cf501d06 100644
> --- a/app/proc-info/main.c
> +++ b/app/proc-info/main.c
> @@ -30,7 +30,9 @@
>   #include <rte_string_fns.h>
>   #include <rte_metrics.h>
>   #include <rte_cycles.h>
> +#ifdef RTE_LIBRTE_SECURITY
>   #include <rte_security.h>
> +#endif
>   #include <rte_cryptodev.h>
>   #include <rte_tm.h>
>   #include <rte_hexdump.h>
> @@ -733,6 +735,7 @@ show_port(void)
>   		}
>   
>   		printf("  - cyrpto context\n");
> +#ifdef RTE_LIBRTE_SECURITY
>   		void *p_ctx = rte_eth_dev_get_sec_ctx(i);
>   		printf("\t  -- security context - %p\n", p_ctx);
>   
> @@ -751,6 +754,7 @@ show_port(void)
>   						s_cap->crypto_capabilities->op);
>   			}
>   		}
> +#endif
>   	}
>   
>   	STATS_BDR_STR(50, "");
> 

Acked-by: Thierry Herbelot <thierry.herbelot@6wind.com>

-- 
Thierry Herbelot
6WIND
Senior Software Engineer

Re: [dpdk-dev] [PATCH] crypto/dpaa_sec: enable compilation without security

[Thierry Herbelot]

On 10/18/19 9:56 AM, Hemant Agrawal wrote:
> This patch enables the dpaaX_sec compilation when SECURITY
> is disabled.
> 
> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> ---
>   drivers/crypto/Makefile                     |  4 ++--
>   drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 26 +++++++++++++++------
>   drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h   | 11 +++++++--
>   drivers/crypto/dpaa_sec/dpaa_sec.c          | 25 ++++++++++++++------
>   drivers/crypto/dpaa_sec/dpaa_sec.h          | 10 ++++++--
>   mk/rte.app.mk                               |  4 ++--
>   6 files changed, 58 insertions(+), 22 deletions(-)
> 
> diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
> index 8b0085792..47a2a9e79 100644
> --- a/drivers/crypto/Makefile
> +++ b/drivers/crypto/Makefile
> @@ -16,14 +16,14 @@ DIRS-$(CONFIG_RTE_LIBRTE_PMD_KASUMI) += kasumi
>   DIRS-$(CONFIG_RTE_LIBRTE_PMD_ZUC) += zuc
>   DIRS-$(CONFIG_RTE_LIBRTE_PMD_MVSAM_CRYPTO) += mvsam
>   DIRS-$(CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO) += null
> -ifeq ($(CONFIG_RTE_LIBRTE_SECURITY),y)
>   ifeq ($(CONFIG_RTE_EAL_VFIO)$(CONFIG_RTE_LIBRTE_FSLMC_BUS),yy)
>   DIRS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC) += dpaa2_sec
>   endif # CONFIG_RTE_LIBRTE_FSLMC_BUS
>   ifeq ($(CONFIG_RTE_LIBRTE_DPAA_BUS),y)
>   DIRS-$(CONFIG_RTE_LIBRTE_PMD_DPAA_SEC) += dpaa_sec
> -DIRS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr
>   endif # CONFIG_RTE_LIBRTE_PMD_DPAA_SEC
> +ifeq ($(CONFIG_RTE_LIBRTE_SECURITY),y)
> +DIRS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR) += caam_jr
>   endif # CONFIG_RTE_LIBRTE_SECURITY
>   DIRS-$(CONFIG_RTE_LIBRTE_PMD_VIRTIO_CRYPTO) += virtio
>   DIRS-$(CONFIG_RTE_LIBRTE_PMD_NITROX) += nitrox
> diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> index b33dbca8b..41dbbb7da 100644
> --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> @@ -166,6 +166,7 @@ build_proto_compound_sg_fd(dpaa2_sec_session *sess,
>   	ip_fle->length = in_len;
>   	DPAA2_SET_FLE_FIN(sge);
>   
> +#ifdef RTE_LIBRTE_SECURITY
>   	/* In case of PDCP, per packet HFN is stored in
>   	 * mbuf priv after sym_op.
>   	 */
> @@ -176,6 +177,7 @@ build_proto_compound_sg_fd(dpaa2_sec_session *sess,
>   		DPAA2_SET_FLE_INTERNAL_JD(op_fle, hfn_ovd);
>   		DPAA2_SET_FD_INTERNAL_JD(fd, hfn_ovd);
>   	}
> +#endif
>   	DPAA2_SET_FD_LEN(fd, ip_fle->length);
>   
>   	return 0;
> @@ -241,6 +243,7 @@ build_proto_compound_fd(dpaa2_sec_session *sess,
>   	DPAA2_SET_FD_LEN(fd, ip_fle->length);
>   	DPAA2_SET_FLE_FIN(ip_fle);
>   
> +#ifdef RTE_LIBRTE_SECURITY
>   	/* In case of PDCP, per packet HFN is stored in
>   	 * mbuf priv after sym_op.
>   	 */
> @@ -251,7 +254,7 @@ build_proto_compound_fd(dpaa2_sec_session *sess,
>   		DPAA2_SET_FLE_INTERNAL_JD(op_fle, hfn_ovd);
>   		DPAA2_SET_FD_INTERNAL_JD(fd, hfn_ovd);
>   	}
> -
> +#endif
>   	return 0;
>   
>   }
> @@ -1358,9 +1361,11 @@ build_sec_fd(struct rte_crypto_op *op,
>   	if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION)
>   		sess = (dpaa2_sec_session *)get_sym_session_private_data(
>   				op->sym->session, cryptodev_driver_id);
> +#ifdef RTE_LIBRTE_SECURITY
>   	else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
>   		sess = (dpaa2_sec_session *)get_sec_session_private_data(
>   				op->sym->sec_session);
> +#endif
>   	else
>   		return -1;
>   
> @@ -1506,7 +1511,7 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
>   	struct rte_crypto_op *op;
>   	uint16_t len = DPAA2_GET_FD_LEN(fd);
>   	uint16_t diff = 0;
> -	dpaa2_sec_session *sess_priv;
> +	dpaa2_sec_session *sess_priv __rte_unused;
>   
>   	struct rte_mbuf *mbuf = DPAA2_INLINE_MBUF_FROM_BUF(
>   		DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd)),
> @@ -1519,13 +1524,14 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
>   	mbuf->buf_iova = op->sym->aead.digest.phys_addr;
>   	op->sym->aead.digest.phys_addr = 0L;
>   
> +#ifdef RTE_LIBRTE_SECURITY
>   	sess_priv = (dpaa2_sec_session *)get_sec_session_private_data(
>   				op->sym->sec_session);
>   	if (sess_priv->dir == DIR_ENC)
>   		mbuf->data_off += SEC_FLC_DHR_OUTBOUND;
>   	else
>   		mbuf->data_off += SEC_FLC_DHR_INBOUND;
> -
> +#endif
>   	return op;
>   }
>   
> @@ -1569,6 +1575,7 @@ sec_fd_to_mbuf(const struct qbman_fd *fd)
>   	} else
>   		dst = src;
>   
> +#ifdef RTE_LIBRTE_SECURITY
>   	if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
>   		dpaa2_sec_session *sess = (dpaa2_sec_session *)
>   			get_sec_session_private_data(op->sym->sec_session);
> @@ -1583,7 +1590,7 @@ sec_fd_to_mbuf(const struct qbman_fd *fd)
>   			dst->data_len = len;
>   		}
>   	}
> -
> +#endif
>   	DPAA2_SEC_DP_DEBUG("mbuf %p BMAN buf addr %p,"
>   		" fdaddr =%" PRIx64 " bpid =%d meta =%d off =%d, len =%d\n",
>   		(void *)dst,
> @@ -2500,6 +2507,7 @@ dpaa2_sec_set_session_parameters(struct rte_cryptodev *dev,
>   	return ret;
>   }
>   
> +#ifdef RTE_LIBRTE_SECURITY
>   static int
>   dpaa2_sec_ipsec_aead_init(struct rte_crypto_aead_xform *aead_xform,
>   			dpaa2_sec_session *session,
> @@ -3172,7 +3180,7 @@ dpaa2_sec_security_session_destroy(void *dev __rte_unused,
>   	}
>   	return 0;
>   }
> -
> +#endif
>   static int
>   dpaa2_sec_sym_session_configure(struct rte_cryptodev *dev,
>   		struct rte_crypto_sym_xform *xform,
> @@ -3561,6 +3569,7 @@ static struct rte_cryptodev_ops crypto_ops = {
>   	.sym_session_clear        = dpaa2_sec_sym_session_clear,
>   };
>   
> +#ifdef RTE_LIBRTE_SECURITY
>   static const struct rte_security_capability *
>   dpaa2_sec_capabilities_get(void *device __rte_unused)
>   {
> @@ -3575,6 +3584,7 @@ static const struct rte_security_ops dpaa2_sec_security_ops = {
>   	.set_pkt_metadata = NULL,
>   	.capabilities_get = dpaa2_sec_capabilities_get
>   };
> +#endif
>   
>   static int
>   dpaa2_sec_uninit(const struct rte_cryptodev *dev)
> @@ -3597,7 +3607,9 @@ dpaa2_sec_dev_init(struct rte_cryptodev *cryptodev)
>   	struct dpaa2_sec_dev_private *internals;
>   	struct rte_device *dev = cryptodev->device;
>   	struct rte_dpaa2_device *dpaa2_dev;
> +#ifdef RTE_LIBRTE_SECURITY
>   	struct rte_security_ctx *security_instance;
> +#endif
>   	struct fsl_mc_io *dpseci;
>   	uint16_t token;
>   	struct dpseci_attr attr;
> @@ -3638,7 +3650,7 @@ dpaa2_sec_dev_init(struct rte_cryptodev *cryptodev)
>   		DPAA2_SEC_DEBUG("Device already init by primary process");
>   		return 0;
>   	}
> -
> +#ifdef RTE_LIBRTE_SECURITY
>   	/* Initialize security_ctx only for primary process*/
>   	security_instance = rte_malloc("rte_security_instances_ops",
>   				sizeof(struct rte_security_ctx), 0);
> @@ -3648,7 +3660,7 @@ dpaa2_sec_dev_init(struct rte_cryptodev *cryptodev)
>   	security_instance->ops = &dpaa2_sec_security_ops;
>   	security_instance->sess_cnt = 0;
>   	cryptodev->security_ctx = security_instance;
> -
> +#endif
>   	/*Open the rte device via MC and save the handle for further use*/
>   	dpseci = (struct fsl_mc_io *)rte_calloc(NULL, 1,
>   				sizeof(struct fsl_mc_io), 0);
> diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
> index ca4fcfe9b..648bf8045 100644
> --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
> +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
> @@ -8,7 +8,9 @@
>   #ifndef _RTE_DPAA2_SEC_PMD_PRIVATE_H_
>   #define _RTE_DPAA2_SEC_PMD_PRIVATE_H_
>   
> +#ifdef RTE_LIBRTE_SECURITY
>   #include <rte_security_driver.h>
> +#endif
>   
>   #define CRYPTODEV_NAME_DPAA2_SEC_PMD	crypto_dpaa2_sec
>   /**< NXP DPAA2 - SEC PMD device name */
> @@ -139,6 +141,7 @@ struct dpaa2_sec_aead_ctxt {
>   	uint8_t auth_cipher_text;       /**< Authenticate/cipher ordering */
>   };
>   
> +#ifdef RTE_LIBRTE_SECURITY
>   /*
>    * The structure is to be filled by user for PDCP Protocol
>    */
> @@ -154,7 +157,7 @@ struct dpaa2_pdcp_ctxt {
>   	uint32_t hfn;	/*!< Hyper Frame Number */
>   	uint32_t hfn_threshold;	/*!< HFN Threashold for key renegotiation */
>   };
> -
> +#endif
>   typedef struct dpaa2_sec_session_entry {
>   	void *ctxt;
>   	uint8_t ctxt_type;
> @@ -190,7 +193,9 @@ typedef struct dpaa2_sec_session_entry {
>   				struct dpaa2_sec_aead_ctxt aead_ctxt;
>   			} ext_params;
>   		};
> +#ifdef RTE_LIBRTE_SECURITY
>   		struct dpaa2_pdcp_ctxt pdcp;
> +#endif
>   	};
>   } dpaa2_sec_session;
>   
> @@ -504,6 +509,8 @@ static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {
>   	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
>   };
>   
> +#ifdef RTE_LIBRTE_SECURITY
> +
>   static const struct rte_cryptodev_capabilities dpaa2_pdcp_capabilities[] = {
>   	{	/* SNOW 3G (UIA2) */
>   		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> @@ -705,7 +712,7 @@ static const struct rte_security_capability dpaa2_sec_security_cap[] = {
>   		.action = RTE_SECURITY_ACTION_TYPE_NONE
>   	}
>   };
> -
> +#endif
>   /**
>    * Checksum
>    *
> diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
> index 7c37136fa..4adaadf5f 100644
> --- a/drivers/crypto/dpaa_sec/dpaa_sec.c
> +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
> @@ -15,7 +15,9 @@
>   #include <rte_cryptodev_pmd.h>
>   #include <rte_crypto.h>
>   #include <rte_cryptodev.h>
> +#ifdef RTE_LIBRTE_SECURITY
>   #include <rte_security_driver.h>
> +#endif
>   #include <rte_cycles.h>
>   #include <rte_dev.h>
>   #include <rte_kvargs.h>
> @@ -252,6 +254,7 @@ static inline int is_decode(dpaa_sec_session *ses)
>   	return ses->dir == DIR_DEC;
>   }
>   
> +#ifdef RTE_LIBRTE_SECURITY
>   static int
>   dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses)
>   {
> @@ -355,7 +358,6 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses)
>   					ses->pdcp.hfn_threshold,
>   					&cipherdata, p_authdata, 0);
>   	}
> -
>   	return shared_desc_len;
>   }
>   
> @@ -432,7 +434,7 @@ dpaa_sec_prep_ipsec_cdb(dpaa_sec_session *ses)
>   	}
>   	return shared_desc_len;
>   }
> -
> +#endif
>   /* prepare command block of the session */
>   static int
>   dpaa_sec_prep_cdb(dpaa_sec_session *ses)
> @@ -450,12 +452,14 @@ dpaa_sec_prep_cdb(dpaa_sec_session *ses)
>   	memset(cdb, 0, sizeof(struct sec_cdb));
>   
>   	switch (ses->ctxt) {
> +#ifdef RTE_LIBRTE_SECURITY
>   	case DPAA_SEC_IPSEC:
>   		shared_desc_len = dpaa_sec_prep_ipsec_cdb(ses);
>   		break;
>   	case DPAA_SEC_PDCP:
>   		shared_desc_len = dpaa_sec_prep_pdcp_cdb(ses);
>   		break;
> +#endif
>   	case DPAA_SEC_CIPHER:
>   		alginfo_c.key = (size_t)ses->cipher_key.data;
>   		alginfo_c.keylen = ses->cipher_key.length;
> @@ -1753,11 +1757,13 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
>   							op->sym->session,
>   							cryptodev_driver_id);
>   				break;
> +#ifdef RTE_LIBRTE_SECURITY
>   			case RTE_CRYPTO_OP_SECURITY_SESSION:
>   				ses = (dpaa_sec_session *)
>   					get_sec_session_private_data(
>   							op->sym->sec_session);
>   				break;
> +#endif
>   			default:
>   				DPAA_SEC_DP_ERR(
>   					"sessionless crypto op not supported");
> @@ -1877,6 +1883,7 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
>   					((auth_tail_len << 16) | auth_hdr_len);
>   			}
>   
> +#ifdef RTE_LIBRTE_SECURITY
>   			/* In case of PDCP, per packet HFN is stored in
>   			 * mbuf priv after sym_op.
>   			 */
> @@ -1889,7 +1896,7 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
>   					ses->pdcp.hfn_ovd_offset)),
>   					ses->pdcp.hfn_ovd);
>   			}
> -
> +#endif
>   		}
>   send_pkts:
>   		loop = 0;
> @@ -2483,6 +2490,7 @@ dpaa_sec_sym_session_clear(struct rte_cryptodev *dev,
>   	}
>   }
>   
> +#ifdef RTE_LIBRTE_SECURITY
>   static int
>   dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
>   			   struct rte_security_session_conf *conf,
> @@ -2906,7 +2914,7 @@ dpaa_sec_security_session_destroy(void *dev __rte_unused,
>   	}
>   	return 0;
>   }
> -
> +#endif
>   static int
>   dpaa_sec_dev_configure(struct rte_cryptodev *dev __rte_unused,
>   		       struct rte_cryptodev_config *config __rte_unused)
> @@ -3152,6 +3160,7 @@ static struct rte_cryptodev_ops crypto_ops = {
>   	.sym_session_clear        = dpaa_sec_sym_session_clear
>   };
>   
> +#ifdef RTE_LIBRTE_SECURITY
>   static const struct rte_security_capability *
>   dpaa_sec_capabilities_get(void *device __rte_unused)
>   {
> @@ -3166,7 +3175,7 @@ static const struct rte_security_ops dpaa_sec_security_ops = {
>   	.set_pkt_metadata = NULL,
>   	.capabilities_get = dpaa_sec_capabilities_get
>   };
> -
> +#endif
>   static int
>   dpaa_sec_uninit(struct rte_cryptodev *dev)
>   {
> @@ -3190,7 +3199,9 @@ static int
>   dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
>   {
>   	struct dpaa_sec_dev_private *internals;
> +#ifdef RTE_LIBRTE_SECURITY
>   	struct rte_security_ctx *security_instance;
> +#endif
>   	struct dpaa_sec_qp *qp;
>   	uint32_t i, flags;
>   	int ret;
> @@ -3225,7 +3236,7 @@ dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
>   		DPAA_SEC_WARN("Device already init by primary process");
>   		return 0;
>   	}
> -
> +#ifdef RTE_LIBRTE_SECURITY
>   	/* Initialize security_ctx only for primary process*/
>   	security_instance = rte_malloc("rte_security_instances_ops",
>   				sizeof(struct rte_security_ctx), 0);
> @@ -3235,7 +3246,7 @@ dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
>   	security_instance->ops = &dpaa_sec_security_ops;
>   	security_instance->sess_cnt = 0;
>   	cryptodev->security_ctx = security_instance;
> -
> +#endif
>   	rte_spinlock_init(&internals->lock);
>   	for (i = 0; i < internals->max_nb_queue_pairs; i++) {
>   		/* init qman fq for queue pair */
> diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.h b/drivers/crypto/dpaa_sec/dpaa_sec.h
> index a661d5a56..85aa6f6a0 100644
> --- a/drivers/crypto/dpaa_sec/dpaa_sec.h
> +++ b/drivers/crypto/dpaa_sec/dpaa_sec.h
> @@ -98,7 +98,7 @@ struct sec_cdb {
>   
>   	uint32_t sh_desc[DPAA_SEC_MAX_DESC_SIZE];
>   };
> -
> +#ifdef RTE_LIBRTE_SECURITY
>   /*!
>    * The structure is to be filled by user as a part of
>    * dpaa_sec_proto_ctxt for PDCP Protocol
> @@ -115,14 +115,16 @@ struct sec_pdcp_ctxt {
>   	uint32_t hfn;	/*!< Hyper Frame Number */
>   	uint32_t hfn_threshold;	/*!< HFN Threashold for key renegotiation */
>   };
> -
> +#endif
>   typedef struct dpaa_sec_session_entry {
>   	uint8_t dir;         /*!< Operation Direction */
>   	uint8_t ctxt;	/*!< Session Context Type */
>   	enum rte_crypto_cipher_algorithm cipher_alg; /*!< Cipher Algorithm*/
>   	enum rte_crypto_auth_algorithm auth_alg; /*!< Authentication Algorithm*/
>   	enum rte_crypto_aead_algorithm aead_alg; /*!< AEAD Algorithm*/
> +#ifdef RTE_LIBRTE_SECURITY
>   	enum rte_security_session_protocol proto_alg; /*!< Security Algorithm*/
> +#endif
>   	union {
>   		struct {
>   			uint8_t *data;	/**< pointer to key data */
> @@ -163,7 +165,9 @@ typedef struct dpaa_sec_session_entry {
>   			uint8_t auth_cipher_text;
>   				/**< Authenticate/cipher ordering */
>   		};
> +#ifdef RTE_LIBRTE_SECURITY
>   		struct sec_pdcp_ctxt pdcp;
> +#endif
>   	};
>   	struct dpaa_sec_qp *qp[MAX_DPAA_CORES];
>   	struct qman_fq *inq[MAX_DPAA_CORES];
> @@ -679,6 +683,7 @@ static const struct rte_cryptodev_capabilities dpaa_pdcp_capabilities[] = {
>   	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
>   };
>   
> +#ifdef RTE_LIBRTE_SECURITY
>   static const struct rte_security_capability dpaa_sec_security_cap[] = {
>   	{ /* IPsec Lookaside Protocol offload ESP Transport Egress */
>   		.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
> @@ -722,6 +727,7 @@ static const struct rte_security_capability dpaa_sec_security_cap[] = {
>   		.action = RTE_SECURITY_ACTION_TYPE_NONE
>   	}
>   };
> +#endif
>   
>   /**
>    * Checksum
> diff --git a/mk/rte.app.mk b/mk/rte.app.mk
> index e79f16e28..063c4605b 100644
> --- a/mk/rte.app.mk
> +++ b/mk/rte.app.mk
> @@ -275,14 +275,14 @@ _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_NITROX)      += -lrte_pmd_nitrox
>   _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_OCTEONTX_CRYPTO) += -lrte_pmd_octeontx_crypto
>   _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_OCTEONTX2_CRYPTO) += -lrte_pmd_octeontx2_crypto
>   _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_CRYPTO_SCHEDULER) += -lrte_pmd_crypto_scheduler
> -ifeq ($(CONFIG_RTE_LIBRTE_SECURITY),y)
>   ifeq ($(CONFIG_RTE_EAL_VFIO)$(CONFIG_RTE_LIBRTE_FSLMC_BUS),yy)
>   _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_DPAA2_SEC)   += -lrte_pmd_dpaa2_sec
>   endif # CONFIG_RTE_LIBRTE_FSLMC_BUS
>   ifeq ($(CONFIG_RTE_LIBRTE_DPAA_BUS),y)
>   _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_DPAA_SEC)   += -lrte_pmd_dpaa_sec
> -_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR)   += -lrte_pmd_caam_jr
>   endif # CONFIG_RTE_LIBRTE_DPAA_BUS
> +ifeq ($(CONFIG_RTE_LIBRTE_SECURITY),y)
> +_LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_CAAM_JR)   += -lrte_pmd_caam_jr
>   endif # CONFIG_RTE_LIBRTE_SECURITY
>   _LDLIBS-$(CONFIG_RTE_LIBRTE_PMD_VIRTIO_CRYPTO) += -lrte_pmd_virtio_crypto
>   endif # CONFIG_RTE_LIBRTE_CRYPTODEV
> 

Acked-by: Thierry Herbelot <thierry.herbelot@6wind.com>

-- 
Thierry Herbelot
6WIND
Senior Software Engineer

Re: [dpdk-dev] [PATCH] crypto/dpaa_sec: enable compilation without security

[Akhil Goyal]

> 
> This patch enables the dpaaX_sec compilation when SECURITY
> is disabled.
> 
> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> ---
>  drivers/crypto/Makefile                     |  4 ++--
>  drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 26 +++++++++++++++------
>  drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h   | 11 +++++++--
>  drivers/crypto/dpaa_sec/dpaa_sec.c          | 25 ++++++++++++++------
>  drivers/crypto/dpaa_sec/dpaa_sec.h          | 10 ++++++--
>  mk/rte.app.mk                               |  4 ++--
>  6 files changed, 58 insertions(+), 22 deletions(-)
> 
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

Applied to dpdk-next-crypto

Thanks.

Certain ifdefs were not placed correctly. Fixed those while applying the series.

Re: [dpdk-dev] [PATCH] app/proc-info: fix compilation with no security

[Akhil Goyal]

> On 10/18/19 9:56 AM, Hemant Agrawal wrote:
> > This patch fixes the compilation issues when
> > RTE_LIBRTE_SECURITY is disabled.
> >
> > Fixes: 8a37f37fc243 ("app/procinfo: add --show-port")
> > Cc: stable@dpdk.org
> > Cc: vipin.varghese@intel.com
> >
> > Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> > ---
> 
> Acked-by: Thierry Herbelot <thierry.herbelot@6wind.com>
> 
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

Applied to dpdk-next-crypto

Thanks.

Re: [dpdk-dev] [PATCH] app/proc-info: fix compilation with no security

[Akhil Goyal]

> On 10/18/19 9:56 AM, Hemant Agrawal wrote:
> > This patch fixes the compilation issues when
> > RTE_LIBRTE_SECURITY is disabled.
> >
> > Fixes: 8a37f37fc243 ("app/procinfo: add --show-port")
> > Cc: stable@dpdk.org
> > Cc: vipin.varghese@intel.com
> >
> > Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> > ---
> 
> Acked-by: Thierry Herbelot <thierry.herbelot@6wind.com>
> 
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

Applied to dpdk-next-crypto

Thanks.

Re: [dpdk-dev] [PATCH] test/crypto: fix compilation issue without security

[Akhil Goyal]

> On 10/18/19 9:56 AM, Hemant Agrawal wrote:
> > This patch fixes the compilation issue in test_cryptodev.c
> > when RTE_LIBRTE_SECURITY is disabled.
> > Fixes: d883e6e7131b ("test/crypto: add PDCP C-Plane encap cases")
> >
> > Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> > ---
> >   app/test/test_cryptodev.c | 9 ++++++++-
> >   1 file changed, 8 insertions(+), 1 deletion(-)
> >
> 
> Acked-by: Thierry Herbelot <thierry.herbelot@6wind.com>
> 
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

Applied to dpdk-next-crypto

Thanks.