[dpdk-dev] [RFC PATCH 2/4] cryptodev: entend cryptodev to support security APIs
Akhil Goyal
akhil.goyal at nxp.com
Tue Aug 15 08:35:03 CEST 2017
cryptodev library is extended to support security APIs
Similar changes needs to be done for ether devices also
to support security APIs
Signed-off-by: Akhil Goyal <akhil.goyal at nxp.com>
---
lib/librte_cryptodev/Makefile | 3 ++-
lib/librte_cryptodev/rte_crypto_sym.h | 15 ++++++++++++++
lib/librte_cryptodev/rte_cryptodev.h | 20 ++++++------------
lib/librte_cryptodev/rte_cryptodev_pmd.h | 35 ++++++++++++++++++++++++++++++++
4 files changed, 58 insertions(+), 15 deletions(-)
diff --git a/lib/librte_cryptodev/Makefile b/lib/librte_cryptodev/Makefile
index 6ac331b..376a275 100644
--- a/lib/librte_cryptodev/Makefile
+++ b/lib/librte_cryptodev/Makefile
@@ -41,7 +41,7 @@ CFLAGS += -O3
CFLAGS += $(WERROR_FLAGS)
# library source files
-SRCS-y += rte_cryptodev.c rte_cryptodev_pmd.c
+SRCS-y += rte_cryptodev.c rte_cryptodev_pmd.c rte_security.c
# export include files
SYMLINK-y-include += rte_crypto.h
@@ -50,6 +50,7 @@ SYMLINK-y-include += rte_cryptodev.h
SYMLINK-y-include += rte_cryptodev_pmd.h
SYMLINK-y-include += rte_cryptodev_vdev.h
SYMLINK-y-include += rte_cryptodev_pci.h
+SYMLINK-y-include += rte_security.h
# versioning export map
EXPORT_MAP := rte_cryptodev_version.map
diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h
index 0ceaa91..d804e70 100644
--- a/lib/librte_cryptodev/rte_crypto_sym.h
+++ b/lib/librte_cryptodev/rte_crypto_sym.h
@@ -53,6 +53,19 @@ extern "C" {
#include <rte_mempool.h>
#include <rte_common.h>
+/**
+ * Crypto parameters range description
+ */
+struct rte_crypto_param_range {
+ uint16_t min; /**< minimum size */
+ uint16_t max; /**< maximum size */
+ uint16_t increment;
+ /**< if a range of sizes are supported,
+ * this parameter is used to indicate
+ * increments in byte size that are supported
+ * between the minimum and maximum
+ */
+};
/** Symmetric Cipher Algorithms */
enum rte_crypto_cipher_algorithm {
@@ -505,6 +518,8 @@ struct rte_crypto_sym_op {
/**< Handle for the initialised session context */
struct rte_crypto_sym_xform *xform;
/**< Session-less API crypto operation parameters */
+ struct rte_security_session *sec_session;
+ /**< Handle for the initialised security session context */
};
RTE_STD_C11
diff --git a/lib/librte_cryptodev/rte_cryptodev.h b/lib/librte_cryptodev/rte_cryptodev.h
index 7ec9c4b..2a544e9 100644
--- a/lib/librte_cryptodev/rte_cryptodev.h
+++ b/lib/librte_cryptodev/rte_cryptodev.h
@@ -47,6 +47,7 @@ extern "C" {
#include "rte_kvargs.h"
#include "rte_crypto.h"
+#include "rte_security.h"
#include "rte_dev.h"
#include <rte_common.h>
#include <rte_vdev.h>
@@ -114,20 +115,6 @@ extern const char **rte_cyptodev_names;
(phys_addr_t)((c)->phys_addr + (o))
/**
- * Crypto parameters range description
- */
-struct rte_crypto_param_range {
- uint16_t min; /**< minimum size */
- uint16_t max; /**< maximum size */
- uint16_t increment;
- /**< if a range of sizes are supported,
- * this parameter is used to indicate
- * increments in byte size that are supported
- * between the minimum and maximum
- */
-};
-
-/**
* Symmetric Crypto Capability
*/
struct rte_cryptodev_symmetric_capability {
@@ -376,6 +363,9 @@ struct rte_cryptodev_info {
const struct rte_cryptodev_capabilities *capabilities;
/**< Array of devices supported capabilities */
+ const struct rte_security_capabilities *sec_capabilities;
+ /**< Array of devices supported security capabilities */
+
unsigned max_nb_queue_pairs;
/**< Maximum number of queues pairs supported by device. */
@@ -745,6 +735,8 @@ struct rte_cryptodev {
/**< Pointer to device data */
struct rte_cryptodev_ops *dev_ops;
/**< Functions exported by PMD */
+ struct rte_security_ops *sec_ops;
+ /**< Security functions exported by PMD */
uint64_t feature_flags;
/**< Supported features */
struct rte_device *device;
diff --git a/lib/librte_cryptodev/rte_cryptodev_pmd.h b/lib/librte_cryptodev/rte_cryptodev_pmd.h
index c983eb2..219fba6 100644
--- a/lib/librte_cryptodev/rte_cryptodev_pmd.h
+++ b/lib/librte_cryptodev/rte_cryptodev_pmd.h
@@ -357,6 +357,41 @@ struct rte_cryptodev_ops {
/**< Detach session from queue pair. */
};
+/**
+ * Configure a security session on a device.
+ *
+ * @param dev Crypto device pointer
+ * @param conf Security session configuration
+ * @param sess Pointer to Security private session structure
+ * @param mp Mempool where the private session is allocated
+ *
+ * @return
+ * - Returns 0 if private session structure have been created successfully.
+ * - Returns -EINVAL if input parameters are invalid.
+ * - Returns -ENOTSUP if crypto device does not support the crypto transform.
+ * - Returns -ENOMEM if the private session could not be allocated.
+ */
+typedef int (*security_configure_session_t)(struct rte_cryptodev *dev,
+ struct rte_security_sess_conf *conf,
+ struct rte_security_session *sess,
+ struct rte_mempool *mp);
+
+/**
+ * Free driver private session data.
+ *
+ * @param dev Crypto device pointer
+ * @param sess Security session structure
+ */
+typedef void (*security_free_session_t)(struct rte_cryptodev *dev,
+ struct rte_security_session *sess);
+
+/** Security operations function pointer table */
+struct rte_security_ops {
+ security_configure_session_t session_configure;
+ /**< Configure a Security session. */
+ security_free_session_t session_clear;
+ /**< Clear a security sessions private data. */
+};
/**
* Function for internal use by dummy drivers primarily, e.g. ring-based
--
2.9.3
More information about the dev
mailing list