[dpdk-dev,v4,03/12] cryptodev: support security APIs

Message ID	20171014221734.15511-4-akhil.goyal@nxp.com (mailing list archive)
State	Superseded, archived
Headers	Received-SPF: Fail (protection.outlook.com: domain of nxp.com does not designate 192.88.158.2 as permitted sender) receiver=protection.outlook.com; client-ip=192.88.158.2; helo=az84smr01.freescale.net; From: Akhil Goyal <akhil.goyal@nxp.com> To: <dev@dpdk.org> CC: <declan.doherty@intel.com>, <pablo.de.lara.guarch@intel.com>, <hemant.agrawal@nxp.com>, <radu.nicolau@intel.com>, <borisp@mellanox.com>, <aviadye@mellanox.com>, <thomas@monjalon.net>, <sandeep.malik@nxp.com>, <jerin.jacob@caviumnetworks.com>, <john.mcnamara@intel.com>, <konstantin.ananyev@intel.com>, <shahafs@mellanox.com>, <olivier.matz@6wind.com> Date: Sun, 15 Oct 2017 03:47:25 +0530 Message-ID: <20171014221734.15511-4-akhil.goyal@nxp.com> In-Reply-To: <20171014221734.15511-1-akhil.goyal@nxp.com> References: <20171006181151.4758-1-akhil.goyal@nxp.com> <20171014221734.15511-1-akhil.goyal@nxp.com> MIME-Version: 1.0 Content-Type: text/plain SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Oct 2017 22:20:40.4997 (UTC) Subject: [dpdk-dev] [PATCH v4 03/12] cryptodev: support security APIs Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>

Message ID

20171014221734.15511-4-akhil.goyal@nxp.com (mailing list archive)

State

Superseded, archived

Headers

Received-SPF: Fail (protection.outlook.com: domain of nxp.com does not
	designate 192.88.158.2 as permitted sender)
	receiver=protection.outlook.com; 
	client-ip=192.88.158.2; helo=az84smr01.freescale.net;
From: Akhil Goyal <akhil.goyal@nxp.com>
To: <dev@dpdk.org>
CC: <declan.doherty@intel.com>, <pablo.de.lara.guarch@intel.com>,
	<hemant.agrawal@nxp.com>, <radu.nicolau@intel.com>,
	<borisp@mellanox.com>, 
	<aviadye@mellanox.com>, <thomas@monjalon.net>, <sandeep.malik@nxp.com>,
	<jerin.jacob@caviumnetworks.com>, <john.mcnamara@intel.com>,
	<konstantin.ananyev@intel.com>, <shahafs@mellanox.com>,
	<olivier.matz@6wind.com>
Date: Sun, 15 Oct 2017 03:47:25 +0530
Message-ID: <20171014221734.15511-4-akhil.goyal@nxp.com>
In-Reply-To: <20171014221734.15511-1-akhil.goyal@nxp.com>
References: <20171006181151.4758-1-akhil.goyal@nxp.com>
	<20171014221734.15511-1-akhil.goyal@nxp.com>
MIME-Version: 1.0
Content-Type: text/plain
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Oct 2017 22:20:40.4997
	(UTC)
X-MS-Exchange-CrossTenant-Id: 5afe0b00-7697-4969-b663-5eab37d5f47e
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=5afe0b00-7697-4969-b663-5eab37d5f47e;
	Ip=[192.88.158.2]; 
	Helo=[az84smr01.freescale.net]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR03MB2353
Subject: [dpdk-dev] [PATCH v4 03/12] cryptodev: support security APIs
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
	<mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
	<mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/Intel-compilation	fail	apply patch file failure

Commit Message

Akhil Goyal Oct. 14, 2017, 10:17 p.m. UTC

  Security ops are added to crypto device to support
protocol offloaded security operations.

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Signed-off-by: Declan Doherty <declan.doherty@intel.com>
---
 doc/guides/cryptodevs/features/default.ini     |  1 +
 lib/librte_cryptodev/rte_crypto.h              |  3 ++-
 lib/librte_cryptodev/rte_crypto_sym.h          |  2 ++
 lib/librte_cryptodev/rte_cryptodev.c           | 10 ++++++++++
 lib/librte_cryptodev/rte_cryptodev.h           |  7 +++++++
 lib/librte_cryptodev/rte_cryptodev_version.map |  1 +
 6 files changed, 23 insertions(+), 1 deletion(-)

Comments

Aviad Yehezkel Oct. 15, 2017, 12:48 p.m. UTC | #1

On 10/15/2017 1:17 AM, Akhil Goyal wrote:
> Security ops are added to crypto device to support
> protocol offloaded security operations.
>
> Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
> Signed-off-by: Declan Doherty <declan.doherty@intel.com>
> ---
>   doc/guides/cryptodevs/features/default.ini     |  1 +
>   lib/librte_cryptodev/rte_crypto.h              |  3 ++-
>   lib/librte_cryptodev/rte_crypto_sym.h          |  2 ++
>   lib/librte_cryptodev/rte_cryptodev.c           | 10 ++++++++++
>   lib/librte_cryptodev/rte_cryptodev.h           |  7 +++++++
>   lib/librte_cryptodev/rte_cryptodev_version.map |  1 +
>   6 files changed, 23 insertions(+), 1 deletion(-)
>
> diff --git a/doc/guides/cryptodevs/features/default.ini b/doc/guides/cryptodevs/features/default.ini
> index c98717a..18d66cb 100644
> --- a/doc/guides/cryptodevs/features/default.ini
> +++ b/doc/guides/cryptodevs/features/default.ini
> @@ -10,6 +10,7 @@ Symmetric crypto       =
>   Asymmetric crypto      =
>   Sym operation chaining =
>   HW Accelerated         =
> +Protocol offload       =
>   CPU SSE                =
>   CPU AVX                =
>   CPU AVX2               =
> diff --git a/lib/librte_cryptodev/rte_crypto.h b/lib/librte_cryptodev/rte_crypto.h
> index 10fe080..3eb9ef9 100644
> --- a/lib/librte_cryptodev/rte_crypto.h
> +++ b/lib/librte_cryptodev/rte_crypto.h
> @@ -86,7 +86,8 @@ enum rte_crypto_op_status {
>    */
>   enum rte_crypto_op_sess_type {
>   	RTE_CRYPTO_OP_WITH_SESSION,	/**< Session based crypto operation */
> -	RTE_CRYPTO_OP_SESSIONLESS	/**< Session-less crypto operation */
> +	RTE_CRYPTO_OP_SESSIONLESS,	/**< Session-less crypto operation */
> +	RTE_CRYPTO_OP_SECURITY_SESSION	/**< Security session crypto operation */
>   };
>   
>   /**
> diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h
> index 0a0ea59..5992063 100644
> --- a/lib/librte_cryptodev/rte_crypto_sym.h
> +++ b/lib/librte_cryptodev/rte_crypto_sym.h
> @@ -508,6 +508,8 @@ struct rte_crypto_sym_op {
>   		/**< Handle for the initialised session context */
>   		struct rte_crypto_sym_xform *xform;
>   		/**< Session-less API crypto operation parameters */
> +		struct rte_security_session *sec_session;
> +		/**< Handle for the initialised security session context */
>   	};
>   
>   	RTE_STD_C11
> diff --git a/lib/librte_cryptodev/rte_cryptodev.c b/lib/librte_cryptodev/rte_cryptodev.c
> index e48d562..5a2495b 100644
> --- a/lib/librte_cryptodev/rte_cryptodev.c
> +++ b/lib/librte_cryptodev/rte_cryptodev.c
> @@ -488,6 +488,16 @@ rte_cryptodev_devices_get(const char *driver_name, uint8_t *devices,
>   	return count;
>   }
>   
> +void *
> +rte_cryptodev_get_sec_ctx(uint8_t dev_id)
> +{
> +	if (rte_crypto_devices[dev_id].feature_flags &
> +			RTE_CRYPTODEV_FF_SECURITY)
> +		return rte_crypto_devices[dev_id].data->security_ctx;
> +
> +	return NULL;
> +}
> +
>   int
>   rte_cryptodev_socket_id(uint8_t dev_id)
>   {
> diff --git a/lib/librte_cryptodev/rte_cryptodev.h b/lib/librte_cryptodev/rte_cryptodev.h
> index fd0e3f1..546454b 100644
> --- a/lib/librte_cryptodev/rte_cryptodev.h
> +++ b/lib/librte_cryptodev/rte_cryptodev.h
> @@ -351,6 +351,8 @@ rte_cryptodev_get_aead_algo_enum(enum rte_crypto_aead_algorithm *algo_enum,
>   /**< Utilises CPU NEON instructions */
>   #define	RTE_CRYPTODEV_FF_CPU_ARM_CE		(1ULL << 11)
>   /**< Utilises ARM CPU Cryptographic Extensions */
> +#define	RTE_CRYPTODEV_FF_SECURITY		(1ULL << 12)
> +/**< Support Security Protocol Processing */
>   
>   
>   /**
> @@ -774,6 +776,9 @@ struct rte_cryptodev {
>   	/**< Flag indicating the device is attached */
>   } __rte_cache_aligned;
>   
> +void *
> +rte_cryptodev_get_sec_ctx(uint8_t dev_id);
> +
>   /**
>    *
>    * The data part, with no function pointers, associated with each device.
> @@ -802,6 +807,8 @@ struct rte_cryptodev_data {
>   
>   	void *dev_private;
>   	/**< PMD-specific private data */
> +	void *security_ctx;
> +	/**< Context for security ops */
>   } __rte_cache_aligned;
>   
>   extern struct rte_cryptodev *rte_cryptodevs;
> diff --git a/lib/librte_cryptodev/rte_cryptodev_version.map b/lib/librte_cryptodev/rte_cryptodev_version.map
> index 919b6cc..7ef1b0f 100644
> --- a/lib/librte_cryptodev/rte_cryptodev_version.map
> +++ b/lib/librte_cryptodev/rte_cryptodev_version.map
> @@ -84,5 +84,6 @@ DPDK_17.11 {
>   	global:
>   
>   	rte_cryptodev_name_get;
> +	rte_cryptodev_get_sec_ctx;
>   
>   } DPDK_17.08;

Tested-by: Aviad Yehezkel <aviadye@mellanox.com>

diff mbox

Patch

diff --git a/doc/guides/cryptodevs/features/default.ini b/doc/guides/cryptodevs/features/default.ini
index c98717a..18d66cb 100644
--- a/doc/guides/cryptodevs/features/default.ini
+++ b/doc/guides/cryptodevs/features/default.ini
@@ -10,6 +10,7 @@  Symmetric crypto       =
 Asymmetric crypto      =
 Sym operation chaining =
 HW Accelerated         =
+Protocol offload       =
 CPU SSE                =
 CPU AVX                =
 CPU AVX2               =
diff --git a/lib/librte_cryptodev/rte_crypto.h b/lib/librte_cryptodev/rte_crypto.h
index 10fe080..3eb9ef9 100644
--- a/lib/librte_cryptodev/rte_crypto.h
+++ b/lib/librte_cryptodev/rte_crypto.h
@@ -86,7 +86,8 @@  enum rte_crypto_op_status {
  */
 enum rte_crypto_op_sess_type {
 	RTE_CRYPTO_OP_WITH_SESSION,	/**< Session based crypto operation */
-	RTE_CRYPTO_OP_SESSIONLESS	/**< Session-less crypto operation */
+	RTE_CRYPTO_OP_SESSIONLESS,	/**< Session-less crypto operation */
+	RTE_CRYPTO_OP_SECURITY_SESSION	/**< Security session crypto operation */
 };
 
 /**
diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h
index 0a0ea59..5992063 100644
--- a/lib/librte_cryptodev/rte_crypto_sym.h
+++ b/lib/librte_cryptodev/rte_crypto_sym.h
@@ -508,6 +508,8 @@  struct rte_crypto_sym_op {
 		/**< Handle for the initialised session context */
 		struct rte_crypto_sym_xform *xform;
 		/**< Session-less API crypto operation parameters */
+		struct rte_security_session *sec_session;
+		/**< Handle for the initialised security session context */
 	};
 
 	RTE_STD_C11
diff --git a/lib/librte_cryptodev/rte_cryptodev.c b/lib/librte_cryptodev/rte_cryptodev.c
index e48d562..5a2495b 100644
--- a/lib/librte_cryptodev/rte_cryptodev.c
+++ b/lib/librte_cryptodev/rte_cryptodev.c
@@ -488,6 +488,16 @@  rte_cryptodev_devices_get(const char *driver_name, uint8_t *devices,
 	return count;
 }
 
+void *
+rte_cryptodev_get_sec_ctx(uint8_t dev_id)
+{
+	if (rte_crypto_devices[dev_id].feature_flags &
+			RTE_CRYPTODEV_FF_SECURITY)
+		return rte_crypto_devices[dev_id].data->security_ctx;
+
+	return NULL;
+}
+
 int
 rte_cryptodev_socket_id(uint8_t dev_id)
 {
diff --git a/lib/librte_cryptodev/rte_cryptodev.h b/lib/librte_cryptodev/rte_cryptodev.h
index fd0e3f1..546454b 100644
--- a/lib/librte_cryptodev/rte_cryptodev.h
+++ b/lib/librte_cryptodev/rte_cryptodev.h
@@ -351,6 +351,8 @@  rte_cryptodev_get_aead_algo_enum(enum rte_crypto_aead_algorithm *algo_enum,
 /**< Utilises CPU NEON instructions */
 #define	RTE_CRYPTODEV_FF_CPU_ARM_CE		(1ULL << 11)
 /**< Utilises ARM CPU Cryptographic Extensions */
+#define	RTE_CRYPTODEV_FF_SECURITY		(1ULL << 12)
+/**< Support Security Protocol Processing */
 
 
 /**
@@ -774,6 +776,9 @@  struct rte_cryptodev {
 	/**< Flag indicating the device is attached */
 } __rte_cache_aligned;
 
+void *
+rte_cryptodev_get_sec_ctx(uint8_t dev_id);
+
 /**
  *
  * The data part, with no function pointers, associated with each device.
@@ -802,6 +807,8 @@  struct rte_cryptodev_data {
 
 	void *dev_private;
 	/**< PMD-specific private data */
+	void *security_ctx;
+	/**< Context for security ops */
 } __rte_cache_aligned;
 
 extern struct rte_cryptodev *rte_cryptodevs;
diff --git a/lib/librte_cryptodev/rte_cryptodev_version.map b/lib/librte_cryptodev/rte_cryptodev_version.map
index 919b6cc..7ef1b0f 100644
--- a/lib/librte_cryptodev/rte_cryptodev_version.map
+++ b/lib/librte_cryptodev/rte_cryptodev_version.map
@@ -84,5 +84,6 @@  DPDK_17.11 {
 	global:
 
 	rte_cryptodev_name_get;
+	rte_cryptodev_get_sec_ctx;
 
 } DPDK_17.08;