[dpdk-dev] [RFC PATCH 1/4] rte_security: API definitions

Hemant Agrawal hemant.agrawal at nxp.com
Wed Aug 16 17:40:12 CEST 2017


Hi Thomas,
	Can we get a next-security tree to do development around this proposal?

Also, we can discuss about this proposal in general in next techboard meeting.

Regards,
Hemant
	

> -----Original Message-----
> From: Akhil Goyal [mailto:akhil.goyal at nxp.com]
> Sent: Wednesday, August 16, 2017 1:10 PM
> To: Radu Nicolau <radu.nicolau at intel.com>; dev at dpdk.org;
> declan.doherty at intel.com; thomas at monjalon.net;
> aviadye at mellanox.com; borisp at mellanox.com;
> pablo.de.lara.guarch at intel.com; sergio.gonzalez.monroy at intel.com
> Cc: Hemant Agrawal <hemant.agrawal at nxp.com>; Sandeep Malik
> <sandeep.malik at nxp.com>
> Subject: Re: [RFC PATCH 1/4] rte_security: API definitions
> 
> On 8/15/2017 4:34 PM, Radu Nicolau wrote:
> >
> > On 8/15/2017 7:35 AM, Akhil Goyal wrote:
> >> Detailed description is added in the coverletter
> >>
> >> Signed-off-by: Akhil Goyal <akhil.goyal at nxp.com>
> >> ---
> >>   lib/librte_cryptodev/rte_security.c | 171 +++++++++++++++
> >>   lib/librte_cryptodev/rte_security.h | 409
> >> ++++++++++++++++++++++++++++++++++++
> >>   2 files changed, 580 insertions(+)
> >>   create mode 100644 lib/librte_cryptodev/rte_security.c
> >>   create mode 100644 lib/librte_cryptodev/rte_security.h
> >>
> 
> >> +int
> >> +rte_security_session_init(uint16_t dev_id,
> >> +              struct rte_security_session *sess,
> >> +              struct rte_security_sess_conf *conf,
> >> +              struct rte_mempool *mp) {
> >> +    struct rte_cryptodev *cdev = NULL;
> >> +    struct rte_eth_dev *dev = NULL;
> >> +    uint8_t index;
> >> +    int ret;
> >> +
> >> +    if (sess == NULL || conf == NULL)
> >> +        return -EINVAL;
> >> +
> >> +    switch (conf->action_type) {
> >> +    case RTE_SECURITY_SESS_CRYPTO_PROTO_OFFLOAD:
> >> +        if (!rte_cryptodev_pmd_is_valid_dev(dev_id))
> >> +            return -EINVAL;
> >> +        cdev = rte_cryptodev_pmd_get_dev(dev_id);
> >> +        index = cdev->driver_id;
> >> +        if (sess->sess_private_data[index] == NULL) {
> >> +            ret = cdev->sec_ops->session_configure(cdev, conf, sess,
> >> mp);
> >> +            if (ret < 0) {
> >> +                CDEV_LOG_ERR(
> >> +                    "cdev_id %d failed to configure session details",
> >> +                    dev_id);
> >> +                return ret;
> >> +            }
> >> +        }
> >> +        break;
> >> +    case RTE_SECURITY_SESS_ETH_INLINE_CRYPTO:
> >> +    case RTE_SECURITY_SESS_ETH_PROTO_OFFLOAD:
> >> +        dev = &rte_eth_devices[dev_id];
> >> +        index = dev->data->port_id;
> >> +        if (sess->sess_private_data[index] == NULL) {
> >> +//            ret = dev->sec_ops->session_configure(dev, conf, sess,
> >> mp);
> >> +//            if (ret < 0) {
> >> +//                CDEV_LOG_ERR(
> >> +//                    "dev_id %d failed to configure session details",
> >> +//                    dev_id);
> >> +//                return ret;
> >> +//            }
> > The commented lines above suggests that also eth devices will have a
> > sec_ops field, (which makes sense). Is this correct?
> > Also, if the above is correct, session_configure and session_clear
> > should accept both crypto and eth devices as first parameter.
> 
> Yes you are correct both these ops should accept void *dev and internally in
> the driver should typecast to respective device.
> Please consider the following diff over this patch
> 
> 
> diff --git a/lib/librte_cryptodev/rte_cryptodev_pmd.h
> b/lib/librte_cryptodev/rte_cryptodev_pmd.h
> index 219fba6..ab3ecf7 100644
> --- a/lib/librte_cryptodev/rte_cryptodev_pmd.h
> +++ b/lib/librte_cryptodev/rte_cryptodev_pmd.h
> @@ -371,7 +371,7 @@ struct rte_cryptodev_ops {
>    *  - Returns -ENOTSUP if crypto device does not support the crypto
> transform.
>    *  - Returns -ENOMEM if the private session could not be allocated.
>    */
> -typedef int (*security_configure_session_t)(struct rte_cryptodev *dev,
> +typedef int (*security_configure_session_t)(void *dev,
>                  struct rte_security_sess_conf *conf,
>                  struct rte_security_session *sess,
>                  struct rte_mempool *mp);
> @@ -382,7 +382,7 @@ typedef int (*security_configure_session_t)(struct
> rte_cryptodev *dev,
>    * @param      dev             Crypto device pointer
>    * @param      sess            Security session structure
>    */
> -typedef void (*security_free_session_t)(struct rte_cryptodev *dev,
> +typedef void (*security_free_session_t)(void *dev,
>                  struct rte_security_session *sess);
> 
>   /** Security operations function pointer table */
> diff --git a/lib/librte_cryptodev/rte_security.c
> b/lib/librte_cryptodev/rte_security.c
> index 7c73c93..a7558bb 100644
> --- a/lib/librte_cryptodev/rte_security.c
> +++ b/lib/librte_cryptodev/rte_security.c
> @@ -87,7 +87,8 @@ rte_security_session_init(uint16_t dev_id,
>                  cdev = rte_cryptodev_pmd_get_dev(dev_id);
>                  index = cdev->driver_id;
>                  if (sess->sess_private_data[index] == NULL) {
> -                       ret = cdev->sec_ops->session_configure(cdev,
> conf, sess, mp);
> +                       ret = cdev->sec_ops->session_configure((void *)cdev,
> +                                                       conf, sess, mp);
>                          if (ret < 0) {
>                                  CDEV_LOG_ERR(
>                                          "cdev_id %d failed to configure
> session details",
> @@ -101,7 +102,8 @@ rte_security_session_init(uint16_t dev_id,
>                  dev = &rte_eth_devices[dev_id];
>                  index = dev->data->port_id;
>                  if (sess->sess_private_data[index] == NULL) {
> -//                     ret = dev->sec_ops->session_configure(dev, conf,
> sess, mp);
> +//                     ret = dev->sec_ops->session_configure((void *)dev,
> +//                                                     conf, sess, mp);
> 
> Thanks,
> Akhil


More information about the dev mailing list