From: Akhil Goyal <akhil.goyal@nxp.com>
To: <dev@dpdk.org>, <declan.doherty@intel.com>, <thomas@monjalon.net>,
<radu.nicolau@intel.com>, <aviadye@mellanox.com>,
<borisp@mellanox.com>, <pablo.de.lara.guarch@intel.com>,
<sergio.gonzalez.monroy@intel.com>
Cc: <hemant.agrawal@nxp.com>, <sandeep.malik@nxp.com>,
Akhil Goyal <akhil.goyal@nxp.com>
Subject: [dpdk-dev] [RFC PATCH 2/4] cryptodev: entend cryptodev to support security APIs
Date: Tue, 15 Aug 2017 12:05:03 +0530 [thread overview]
Message-ID: <20170815063505.22032-3-akhil.goyal@nxp.com> (raw)
In-Reply-To: <20170815063505.22032-1-akhil.goyal@nxp.com>
cryptodev library is extended to support security APIs
Similar changes needs to be done for ether devices also
to support security APIs
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
---
lib/librte_cryptodev/Makefile | 3 ++-
lib/librte_cryptodev/rte_crypto_sym.h | 15 ++++++++++++++
lib/librte_cryptodev/rte_cryptodev.h | 20 ++++++------------
lib/librte_cryptodev/rte_cryptodev_pmd.h | 35 ++++++++++++++++++++++++++++++++
4 files changed, 58 insertions(+), 15 deletions(-)
diff --git a/lib/librte_cryptodev/Makefile b/lib/librte_cryptodev/Makefile
index 6ac331b..376a275 100644
--- a/lib/librte_cryptodev/Makefile
+++ b/lib/librte_cryptodev/Makefile
@@ -41,7 +41,7 @@ CFLAGS += -O3
CFLAGS += $(WERROR_FLAGS)
# library source files
-SRCS-y += rte_cryptodev.c rte_cryptodev_pmd.c
+SRCS-y += rte_cryptodev.c rte_cryptodev_pmd.c rte_security.c
# export include files
SYMLINK-y-include += rte_crypto.h
@@ -50,6 +50,7 @@ SYMLINK-y-include += rte_cryptodev.h
SYMLINK-y-include += rte_cryptodev_pmd.h
SYMLINK-y-include += rte_cryptodev_vdev.h
SYMLINK-y-include += rte_cryptodev_pci.h
+SYMLINK-y-include += rte_security.h
# versioning export map
EXPORT_MAP := rte_cryptodev_version.map
diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h
index 0ceaa91..d804e70 100644
--- a/lib/librte_cryptodev/rte_crypto_sym.h
+++ b/lib/librte_cryptodev/rte_crypto_sym.h
@@ -53,6 +53,19 @@ extern "C" {
#include <rte_mempool.h>
#include <rte_common.h>
+/**
+ * Crypto parameters range description
+ */
+struct rte_crypto_param_range {
+ uint16_t min; /**< minimum size */
+ uint16_t max; /**< maximum size */
+ uint16_t increment;
+ /**< if a range of sizes are supported,
+ * this parameter is used to indicate
+ * increments in byte size that are supported
+ * between the minimum and maximum
+ */
+};
/** Symmetric Cipher Algorithms */
enum rte_crypto_cipher_algorithm {
@@ -505,6 +518,8 @@ struct rte_crypto_sym_op {
/**< Handle for the initialised session context */
struct rte_crypto_sym_xform *xform;
/**< Session-less API crypto operation parameters */
+ struct rte_security_session *sec_session;
+ /**< Handle for the initialised security session context */
};
RTE_STD_C11
diff --git a/lib/librte_cryptodev/rte_cryptodev.h b/lib/librte_cryptodev/rte_cryptodev.h
index 7ec9c4b..2a544e9 100644
--- a/lib/librte_cryptodev/rte_cryptodev.h
+++ b/lib/librte_cryptodev/rte_cryptodev.h
@@ -47,6 +47,7 @@ extern "C" {
#include "rte_kvargs.h"
#include "rte_crypto.h"
+#include "rte_security.h"
#include "rte_dev.h"
#include <rte_common.h>
#include <rte_vdev.h>
@@ -114,20 +115,6 @@ extern const char **rte_cyptodev_names;
(phys_addr_t)((c)->phys_addr + (o))
/**
- * Crypto parameters range description
- */
-struct rte_crypto_param_range {
- uint16_t min; /**< minimum size */
- uint16_t max; /**< maximum size */
- uint16_t increment;
- /**< if a range of sizes are supported,
- * this parameter is used to indicate
- * increments in byte size that are supported
- * between the minimum and maximum
- */
-};
-
-/**
* Symmetric Crypto Capability
*/
struct rte_cryptodev_symmetric_capability {
@@ -376,6 +363,9 @@ struct rte_cryptodev_info {
const struct rte_cryptodev_capabilities *capabilities;
/**< Array of devices supported capabilities */
+ const struct rte_security_capabilities *sec_capabilities;
+ /**< Array of devices supported security capabilities */
+
unsigned max_nb_queue_pairs;
/**< Maximum number of queues pairs supported by device. */
@@ -745,6 +735,8 @@ struct rte_cryptodev {
/**< Pointer to device data */
struct rte_cryptodev_ops *dev_ops;
/**< Functions exported by PMD */
+ struct rte_security_ops *sec_ops;
+ /**< Security functions exported by PMD */
uint64_t feature_flags;
/**< Supported features */
struct rte_device *device;
diff --git a/lib/librte_cryptodev/rte_cryptodev_pmd.h b/lib/librte_cryptodev/rte_cryptodev_pmd.h
index c983eb2..219fba6 100644
--- a/lib/librte_cryptodev/rte_cryptodev_pmd.h
+++ b/lib/librte_cryptodev/rte_cryptodev_pmd.h
@@ -357,6 +357,41 @@ struct rte_cryptodev_ops {
/**< Detach session from queue pair. */
};
+/**
+ * Configure a security session on a device.
+ *
+ * @param dev Crypto device pointer
+ * @param conf Security session configuration
+ * @param sess Pointer to Security private session structure
+ * @param mp Mempool where the private session is allocated
+ *
+ * @return
+ * - Returns 0 if private session structure have been created successfully.
+ * - Returns -EINVAL if input parameters are invalid.
+ * - Returns -ENOTSUP if crypto device does not support the crypto transform.
+ * - Returns -ENOMEM if the private session could not be allocated.
+ */
+typedef int (*security_configure_session_t)(struct rte_cryptodev *dev,
+ struct rte_security_sess_conf *conf,
+ struct rte_security_session *sess,
+ struct rte_mempool *mp);
+
+/**
+ * Free driver private session data.
+ *
+ * @param dev Crypto device pointer
+ * @param sess Security session structure
+ */
+typedef void (*security_free_session_t)(struct rte_cryptodev *dev,
+ struct rte_security_session *sess);
+
+/** Security operations function pointer table */
+struct rte_security_ops {
+ security_configure_session_t session_configure;
+ /**< Configure a Security session. */
+ security_free_session_t session_clear;
+ /**< Clear a security sessions private data. */
+};
/**
* Function for internal use by dummy drivers primarily, e.g. ring-based
--
2.9.3
next prev parent reply other threads:[~2017-08-15 6:37 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-10 7:35 [dpdk-dev] [RFC 0/7] ipsec inline Boris Pismenny
2017-07-10 7:35 ` [dpdk-dev] [RFC 1/7] ethdev: add device ipsec encrypt/decrypt capability flags Boris Pismenny
2017-07-10 7:35 ` [dpdk-dev] [RFC 2/7] ethdev: Add ESP header to generic flow steering Boris Pismenny
2017-07-10 7:35 ` [dpdk-dev] [RFC 3/7] ethdev: add rte flow action for crypto Boris Pismenny
2017-07-10 7:35 ` [dpdk-dev] [RFC 4/7] cryptodev: add ipsec xform Boris Pismenny
2017-07-10 7:35 ` [dpdk-dev] [RFC 5/7] mbuf: Add IPsec crypto flags Boris Pismenny
2017-07-10 7:35 ` [dpdk-dev] [RFC 6/7] mbuf: Added next_esp_proto field Boris Pismenny
2017-07-10 7:35 ` [dpdk-dev] [RFC 7/7] example/ipsec_gw: Support SA offload in datapath Boris Pismenny
2017-07-11 17:06 ` [dpdk-dev] [RFC 0/7] ipsec inline Declan Doherty
2017-07-12 14:08 ` Boris Pismenny
2017-07-14 11:12 ` Akhil Goyal
2017-07-25 11:21 ` [dpdk-dev] [RFC PATCH 0/1] IPSec Inline and look aside crypto offload Akhil Goyal
2017-07-25 11:21 ` [dpdk-dev] [RFC PATCH 1/1] rte_security: proposal Akhil Goyal
2017-07-26 13:46 ` [dpdk-dev] [RFC PATCH 0/1] IPSec Inline and look aside crypto offload Declan Doherty
2017-08-02 13:16 ` Hemant Agrawal
2017-08-03 11:25 ` Akhil Goyal
2017-08-15 6:35 ` [dpdk-dev] [RFC PATCH v2 0/4] " Akhil Goyal
2017-08-15 6:35 ` [dpdk-dev] [RFC PATCH 1/4] rte_security: API definitions Akhil Goyal
2017-08-15 11:04 ` Radu Nicolau
2017-08-16 7:39 ` Akhil Goyal
2017-08-16 15:40 ` Hemant Agrawal
2017-08-18 9:16 ` Thomas Monjalon
2017-08-18 12:20 ` Hemant Agrawal
2017-08-21 10:32 ` Boris Pismenny
2017-08-21 10:54 ` Akhil Goyal
2017-08-15 6:35 ` Akhil Goyal [this message]
2017-08-15 6:35 ` [dpdk-dev] [RFC PATCH 3/4] crypto/dpaa2_sec: add support for protocol offload ipsec Akhil Goyal
2017-08-15 6:35 ` [dpdk-dev] [RFC PATCH 4/4] example/ipsec-secgw: add support for offloading crypto op Akhil Goyal
2017-08-29 14:49 ` [dpdk-dev] [RFC PATCH 0/1] IPSec Inline and look aside crypto offload Thomas Monjalon
2017-08-31 9:37 ` Akhil Goyal
2017-08-31 10:06 ` Thomas Monjalon
2017-08-31 10:52 ` Akhil Goyal
2017-08-31 13:14 ` Thomas Monjalon
2017-08-31 14:09 ` Radu Nicolau
2017-09-06 15:53 ` Jerin Jacob
2017-09-08 11:12 ` Akhil Goyal
2017-09-11 18:10 ` Jerin Jacob
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170815063505.22032-3-akhil.goyal@nxp.com \
--to=akhil.goyal@nxp.com \
--cc=aviadye@mellanox.com \
--cc=borisp@mellanox.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=hemant.agrawal@nxp.com \
--cc=pablo.de.lara.guarch@intel.com \
--cc=radu.nicolau@intel.com \
--cc=sandeep.malik@nxp.com \
--cc=sergio.gonzalez.monroy@intel.com \
--cc=thomas@monjalon.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).