Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/129778/?format=api
{ "id": 129778, "url": "http://patches.dpdk.org/api/patches/129778/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/patch/20230801081047.1219935-1-gakhil@marvell.com/", "project": { "id": 1, "url": "http://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20230801081047.1219935-1-gakhil@marvell.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20230801081047.1219935-1-gakhil@marvell.com", "date": "2023-08-01T08:10:47", "name": "security: hide security context", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "8e3c275ac7d9cc4c71bfaddbcda3bdcb1fdbd735", "submitter": { "id": 2094, "url": "http://patches.dpdk.org/api/people/2094/?format=api", "name": "Akhil Goyal", "email": "gakhil@marvell.com" }, "delegate": { "id": 6690, "url": "http://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "http://patches.dpdk.org/project/dpdk/patch/20230801081047.1219935-1-gakhil@marvell.com/mbox/", "series": [ { "id": 29064, "url": "http://patches.dpdk.org/api/series/29064/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=29064", "date": "2023-08-01T08:10:47", "name": "security: hide security context", "version": 1, "mbox": "http://patches.dpdk.org/series/29064/mbox/" } ], "comments": "http://patches.dpdk.org/api/patches/129778/comments/", "check": "warning", "checks": "http://patches.dpdk.org/api/patches/129778/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 7E12042FB0;\n\tTue, 1 Aug 2023 10:11:10 +0200 (CEST)", "from mails.dpdk.org (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id 52C2E40A7D;\n\tTue, 1 Aug 2023 10:11:10 +0200 (CEST)", "from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com\n [67.231.148.174])\n by mails.dpdk.org (Postfix) with ESMTP id 14BEE400D5\n for <dev@dpdk.org>; Tue, 1 Aug 2023 10:11:08 +0200 (CEST)", "from pps.filterd (m0045849.ppops.net [127.0.0.1])\n by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id\n 3712ugZx021927; Tue, 1 Aug 2023 01:11:02 -0700", "from dc5-exch02.marvell.com ([199.233.59.182])\n by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3s6du0bey5-1\n (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);\n Tue, 01 Aug 2023 01:11:02 -0700", "from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com\n (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48;\n Tue, 1 Aug 2023 01:11:00 -0700", "from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com\n (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend\n Transport; Tue, 1 Aug 2023 01:11:00 -0700", "from localhost.localdomain (unknown [10.28.36.102])\n by maili.marvell.com (Postfix) with ESMTP id 331973F707E;\n Tue, 1 Aug 2023 01:10:52 -0700 (PDT)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;\n h=from : to : cc :\n subject : date : message-id : mime-version : content-transfer-encoding :\n content-type; s=pfpt0220; bh=Z4adCyzCjONOn8LiiGE0XfXw0Dcitw4Ugm0W+nPAq8g=;\n b=MbDBc1ZGcV2EezUJn1Usq17vSWkqWBIPolk5FsKSadFTmkdccyCyky8QdT8onjuCly1N\n LwOf/TOqCZ5PXt6DPw6HqY886HHqSZXY76q1m/jQ972v2/VwUA/Cn3i7QTMXe5tsbfAC\n MZMJ42YNZyNGt+heEP+K5zIS6GvQ4CnSjSGhraRjFXPgdsDpFvONy7QYrLIat+BEZidH\n f2GB7cLHSZRE4Gvvsc4ApleOcKvLAhQ2QO52xIo9GhIHVAb35cOa0NDGj+FT3ePY6L04\n SiBVcuMxQcrnWaP2YmfHpmBFlQoaWf1G2CBIdxiGNcEZY8aDQW8qQTh3boheS/tY6QHp aw==", "From": "Akhil Goyal <gakhil@marvell.com>", "To": "<dev@dpdk.org>", "CC": "<thomas@monjalon.net>, <david.marchand@redhat.com>,\n <hemant.agrawal@nxp.com>, <anoobj@marvell.com>,\n <pablo.de.lara.guarch@intel.com>, <fiona.trahe@intel.com>,\n <declan.doherty@intel.com>, <matan@nvidia.com>, <g.singh@nxp.com>,\n <fanzhang.oss@gmail.com>, <jianjay.zhou@huawei.com>,\n <asomalap@amd.com>, <ruifeng.wang@arm.com>,\n <konstantin.v.ananyev@yandex.ru>, <radu.nicolau@intel.com>,\n <ajit.khaparde@broadcom.com>, <rnagadheeraj@marvell.com>,\n <adwivedi@marvell.com>, <ciara.power@intel.com>, <jerinj@marvell.com>,\n Akhil Goyal <gakhil@marvell.com>", "Subject": "[PATCH] security: hide security context", "Date": "Tue, 1 Aug 2023 13:40:47 +0530", "Message-ID": "<20230801081047.1219935-1-gakhil@marvell.com>", "X-Mailer": "git-send-email 2.25.1", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Content-Type": "text/plain", "X-Proofpoint-GUID": "jDlB36zZe_ijLbMY2FD6dD0nAhTPhvbz", "X-Proofpoint-ORIG-GUID": "jDlB36zZe_ijLbMY2FD6dD0nAhTPhvbz", "X-Proofpoint-Virus-Version": "vendor=baseguard\n engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.591,FMLib:17.11.176.26\n definitions=2023-08-01_03,2023-07-31_02,2023-05-22_02", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org" }, "content": "rte_security_ctx is used by all security APIs to identify\nwhich device security_op it need to call and hence it should\nbe opaque to the application.\nHence, it is now moved to internal header file and all\nAPIs will now take an opaque pointer for it.\nThe fast path inline APIs like set metadata need to get flags\nfrom security_ctx. The flags are now retrieved using inline APIs\nwhich use macros to get the offset of flags in security_ctx.\n\nSigned-off-by: Akhil Goyal <gakhil@marvell.com>\n---\n app/test-crypto-perf/cperf_ops.c | 9 +--\n app/test-crypto-perf/cperf_test_latency.c | 3 +-\n .../cperf_test_pmd_cyclecount.c | 8 +-\n app/test-crypto-perf/cperf_test_throughput.c | 9 +--\n app/test-crypto-perf/cperf_test_verify.c | 4 +-\n app/test-security-perf/test_security_perf.c | 2 +-\n app/test/test_cryptodev.c | 22 ++----\n app/test/test_cryptodev_security_ipsec.c | 2 +-\n app/test/test_cryptodev_security_ipsec.h | 2 +-\n app/test/test_security_inline_macsec.c | 10 +--\n app/test/test_security_inline_proto.c | 14 ++--\n examples/ipsec-secgw/ipsec-secgw.c | 2 +-\n examples/ipsec-secgw/ipsec.c | 15 ++--\n examples/ipsec-secgw/ipsec.h | 2 +-\n examples/ipsec-secgw/ipsec_worker.c | 2 +-\n examples/ipsec-secgw/ipsec_worker.h | 4 +-\n examples/l2fwd-macsec/main.c | 2 +-\n lib/security/rte_security.c | 57 ++++++++------\n lib/security/rte_security.h | 77 +++++++++----------\n lib/security/rte_security_driver.h | 24 ++++++\n 20 files changed, 139 insertions(+), 131 deletions(-)", "diff": "diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c\nindex 93b9bfb240..84945d1313 100644\n--- a/app/test-crypto-perf/cperf_ops.c\n+++ b/app/test-crypto-perf/cperf_ops.c\n@@ -749,8 +749,7 @@ create_ipsec_session(struct rte_mempool *sess_mp,\n \telse\n \t\tsess_conf.ipsec.direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS;\n \n-\tstruct rte_security_ctx *ctx = (struct rte_security_ctx *)\n-\t\t\t\trte_cryptodev_get_sec_ctx(dev_id);\n+\tvoid *ctx = rte_cryptodev_get_sec_ctx(dev_id);\n \n \t/* Create security session */\n \treturn (void *)rte_security_session_create(ctx, &sess_conf, sess_mp);\n@@ -853,8 +852,7 @@ cperf_create_session(struct rte_mempool *sess_mp,\n \t\t\t.crypto_xform = &cipher_xform\n \t\t};\n \n-\t\tstruct rte_security_ctx *ctx = (struct rte_security_ctx *)\n-\t\t\t\t\trte_cryptodev_get_sec_ctx(dev_id);\n+\t\tvoid *ctx = rte_cryptodev_get_sec_ctx(dev_id);\n \n \t\t/* Create security session */\n \t\treturn (void *)rte_security_session_create(ctx, &sess_conf, sess_mp);\n@@ -901,8 +899,7 @@ cperf_create_session(struct rte_mempool *sess_mp,\n \t\t\t} },\n \t\t\t.crypto_xform = &cipher_xform\n \t\t};\n-\t\tstruct rte_security_ctx *ctx = (struct rte_security_ctx *)\n-\t\t\t\t\trte_cryptodev_get_sec_ctx(dev_id);\n+\t\tvoid *ctx = rte_cryptodev_get_sec_ctx(dev_id);\n \n \t\t/* Create security session */\n \t\treturn (void *)rte_security_session_create(ctx, &sess_conf, sess_mp);\ndiff --git a/app/test-crypto-perf/cperf_test_latency.c b/app/test-crypto-perf/cperf_test_latency.c\nindex f1676a9aa9..484bc9eb4e 100644\n--- a/app/test-crypto-perf/cperf_test_latency.c\n+++ b/app/test-crypto-perf/cperf_test_latency.c\n@@ -53,8 +53,7 @@ cperf_latency_test_free(struct cperf_latency_ctx *ctx)\n \t\telse if (ctx->options->op_type == CPERF_PDCP ||\n \t\t\t ctx->options->op_type == CPERF_DOCSIS ||\n \t\t\t ctx->options->op_type == CPERF_IPSEC) {\n-\t\t\tstruct rte_security_ctx *sec_ctx =\n-\t\t\t\trte_cryptodev_get_sec_ctx(ctx->dev_id);\n+\t\t\tvoid *sec_ctx = rte_cryptodev_get_sec_ctx(ctx->dev_id);\n \t\t\trte_security_session_destroy(sec_ctx, ctx->sess);\n \t\t}\n #endif\ndiff --git a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c b/app/test-crypto-perf/cperf_test_pmd_cyclecount.c\nindex 0307e82996..4a60f6d558 100644\n--- a/app/test-crypto-perf/cperf_test_pmd_cyclecount.c\n+++ b/app/test-crypto-perf/cperf_test_pmd_cyclecount.c\n@@ -67,11 +67,9 @@ cperf_pmd_cyclecount_test_free(struct cperf_pmd_cyclecount_ctx *ctx)\n #ifdef RTE_LIB_SECURITY\n \t\tif (ctx->options->op_type == CPERF_PDCP ||\n \t\t\t\tctx->options->op_type == CPERF_DOCSIS) {\n-\t\t\tstruct rte_security_ctx *sec_ctx =\n-\t\t\t\t(struct rte_security_ctx *)\n-\t\t\t\trte_cryptodev_get_sec_ctx(ctx->dev_id);\n-\t\t\trte_security_session_destroy(sec_ctx,\n-\t\t\t\t(void *)ctx->sess);\n+\t\t\tvoid *sec_ctx = rte_cryptodev_get_sec_ctx(ctx->dev_id);\n+\n+\t\t\trte_security_session_destroy(sec_ctx, (void *)ctx->sess);\n \t\t} else\n #endif\n \t\t\trte_cryptodev_sym_session_free(ctx->dev_id, ctx->sess);\ndiff --git a/app/test-crypto-perf/cperf_test_throughput.c b/app/test-crypto-perf/cperf_test_throughput.c\nindex e892a70699..f8f8bd717f 100644\n--- a/app/test-crypto-perf/cperf_test_throughput.c\n+++ b/app/test-crypto-perf/cperf_test_throughput.c\n@@ -44,12 +44,9 @@ cperf_throughput_test_free(struct cperf_throughput_ctx *ctx)\n \t\telse if (ctx->options->op_type == CPERF_PDCP ||\n \t\t\t ctx->options->op_type == CPERF_DOCSIS ||\n \t\t\t ctx->options->op_type == CPERF_IPSEC) {\n-\t\t\tstruct rte_security_ctx *sec_ctx =\n-\t\t\t\t(struct rte_security_ctx *)\n-\t\t\t\t\trte_cryptodev_get_sec_ctx(ctx->dev_id);\n-\t\t\trte_security_session_destroy(\n-\t\t\t\tsec_ctx,\n-\t\t\t\t(void *)ctx->sess);\n+\t\t\tvoid *sec_ctx = rte_cryptodev_get_sec_ctx(ctx->dev_id);\n+\n+\t\t\trte_security_session_destroy(sec_ctx, (void *)ctx->sess);\n \t\t}\n #endif\n \t\telse\ndiff --git a/app/test-crypto-perf/cperf_test_verify.c b/app/test-crypto-perf/cperf_test_verify.c\nindex 8042c94e04..a6c0ffe813 100644\n--- a/app/test-crypto-perf/cperf_test_verify.c\n+++ b/app/test-crypto-perf/cperf_test_verify.c\n@@ -48,8 +48,8 @@ cperf_verify_test_free(struct cperf_verify_ctx *ctx)\n \t\telse if (ctx->options->op_type == CPERF_PDCP ||\n \t\t\t ctx->options->op_type == CPERF_DOCSIS ||\n \t\t\t ctx->options->op_type == CPERF_IPSEC) {\n-\t\t\tstruct rte_security_ctx *sec_ctx =\n-\t\t\t\trte_cryptodev_get_sec_ctx(ctx->dev_id);\n+\t\t\tvoid *sec_ctx = rte_cryptodev_get_sec_ctx(ctx->dev_id);\n+\n \t\t\trte_security_session_destroy(sec_ctx, ctx->sess);\n \t\t}\n #endif\ndiff --git a/app/test-security-perf/test_security_perf.c b/app/test-security-perf/test_security_perf.c\nindex 9bb50689e3..4dfaca4800 100644\n--- a/app/test-security-perf/test_security_perf.c\n+++ b/app/test-security-perf/test_security_perf.c\n@@ -344,7 +344,7 @@ test_security_session_perf(void *arg)\n \tstruct rte_security_session_conf sess_conf;\n \tint i, ret, nb_sessions, nb_sess_total;\n \tstruct rte_security_session **sess;\n-\tstruct rte_security_ctx *sec_ctx;\n+\tvoid *sec_ctx;\n \tdouble setup_rate, destroy_rate;\n \tuint64_t setup_ms, destroy_ms;\n \tstruct lcore_conf *conf = arg;\ndiff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c\nindex fb2af40b99..48a7f2e1c8 100644\n--- a/app/test/test_cryptodev.c\n+++ b/app/test/test_cryptodev.c\n@@ -8925,9 +8925,7 @@ security_proto_supported(enum rte_security_session_action_type action,\n \tconst struct rte_security_capability *capability;\n \tuint16_t i = 0;\n \n-\tstruct rte_security_ctx *ctx = (struct rte_security_ctx *)\n-\t\t\t\trte_cryptodev_get_sec_ctx(\n-\t\t\t\tts_params->valid_devs[0]);\n+\tvoid *ctx = rte_cryptodev_get_sec_ctx(ts_params->valid_devs[0]);\n \n \n \tcapabilities = rte_security_capabilities_get(ctx);\n@@ -8967,9 +8965,7 @@ static int test_pdcp_proto(int i, int oop, enum rte_crypto_cipher_operation opc,\n \tstruct crypto_unittest_params *ut_params = &unittest_params;\n \tuint8_t *plaintext;\n \tint ret = TEST_SUCCESS;\n-\tstruct rte_security_ctx *ctx = (struct rte_security_ctx *)\n-\t\t\t\trte_cryptodev_get_sec_ctx(\n-\t\t\t\tts_params->valid_devs[0]);\n+\tvoid *ctx = rte_cryptodev_get_sec_ctx(ts_params->valid_devs[0]);\n \tstruct rte_cryptodev_info dev_info;\n \tuint64_t feat_flags;\n \n@@ -9174,9 +9170,7 @@ test_pdcp_proto_SGL(int i, int oop,\n \tunsigned int trn_data = 0;\n \tstruct rte_cryptodev_info dev_info;\n \tuint64_t feat_flags;\n-\tstruct rte_security_ctx *ctx = (struct rte_security_ctx *)\n-\t\t\t\trte_cryptodev_get_sec_ctx(\n-\t\t\t\tts_params->valid_devs[0]);\n+\tvoid *ctx = rte_cryptodev_get_sec_ctx(ts_params->valid_devs[0]);\n \tstruct rte_mbuf *temp_mbuf;\n \n \trte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);\n@@ -9772,7 +9766,7 @@ test_ipsec_proto_process(const struct ipsec_test_data td[],\n \tstruct ipsec_test_data *res_d_tmp = NULL;\n \tuint8_t input_text[IPSEC_TEXT_MAX_LEN];\n \tint salt_len, i, ret = TEST_SUCCESS;\n-\tstruct rte_security_ctx *ctx;\n+\tvoid *ctx;\n \tuint32_t src, dst;\n \tuint32_t verify;\n \n@@ -10905,9 +10899,7 @@ test_docsis_proto_uplink(const void *data)\n \tuint32_t crc_data_len;\n \tint ret = TEST_SUCCESS;\n \n-\tstruct rte_security_ctx *ctx = (struct rte_security_ctx *)\n-\t\t\t\t\trte_cryptodev_get_sec_ctx(\n-\t\t\t\t\t\tts_params->valid_devs[0]);\n+\tvoid *ctx = rte_cryptodev_get_sec_ctx(ts_params->valid_devs[0]);\n \n \t/* Verify the capabilities */\n \tstruct rte_security_capability_idx sec_cap_idx;\n@@ -11089,9 +11081,7 @@ test_docsis_proto_downlink(const void *data)\n \tint32_t cipher_len, crc_len;\n \tint ret = TEST_SUCCESS;\n \n-\tstruct rte_security_ctx *ctx = (struct rte_security_ctx *)\n-\t\t\t\t\trte_cryptodev_get_sec_ctx(\n-\t\t\t\t\t\tts_params->valid_devs[0]);\n+\tvoid *ctx = rte_cryptodev_get_sec_ctx(ts_params->valid_devs[0]);\n \n \t/* Verify the capabilities */\n \tstruct rte_security_capability_idx sec_cap_idx;\ndiff --git a/app/test/test_cryptodev_security_ipsec.c b/app/test/test_cryptodev_security_ipsec.c\nindex 7a8688c692..aa9b8e543d 100644\n--- a/app/test/test_cryptodev_security_ipsec.c\n+++ b/app/test/test_cryptodev_security_ipsec.c\n@@ -1241,7 +1241,7 @@ test_ipsec_status_check(const struct ipsec_test_data *td,\n }\n \n int\n-test_ipsec_stats_verify(struct rte_security_ctx *ctx,\n+test_ipsec_stats_verify(void *ctx,\n \t\t\tvoid *sess,\n \t\t\tconst struct ipsec_test_flags *flags,\n \t\t\tenum rte_security_ipsec_sa_direction dir)\ndiff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h\nindex 92e641ba0b..bbebd05ec1 100644\n--- a/app/test/test_cryptodev_security_ipsec.h\n+++ b/app/test/test_cryptodev_security_ipsec.h\n@@ -300,7 +300,7 @@ int test_ipsec_status_check(const struct ipsec_test_data *td,\n \t\t\t enum rte_security_ipsec_sa_direction dir,\n \t\t\t int pkt_num);\n \n-int test_ipsec_stats_verify(struct rte_security_ctx *ctx,\n+int test_ipsec_stats_verify(void *ctx,\n \t\t\t void *sess,\n \t\t\t const struct ipsec_test_flags *flags,\n \t\t\t enum rte_security_ipsec_sa_direction dir);\ndiff --git a/app/test/test_security_inline_macsec.c b/app/test/test_security_inline_macsec.c\nindex bfb9e09752..20670fe5d2 100644\n--- a/app/test/test_security_inline_macsec.c\n+++ b/app/test/test_security_inline_macsec.c\n@@ -136,7 +136,7 @@ init_packet(struct rte_mempool *mp, const uint8_t *data, unsigned int len)\n static int\n init_mempools(unsigned int nb_mbuf)\n {\n-\tstruct rte_security_ctx *sec_ctx;\n+\tvoid *sec_ctx;\n \tuint16_t nb_sess = 512;\n \tuint32_t sess_sz;\n \tchar s[64];\n@@ -482,7 +482,7 @@ test_macsec_post_process(struct rte_mbuf *m, const struct mcs_test_vector *td,\n }\n \n static void\n-mcs_stats_dump(struct rte_security_ctx *ctx, enum mcs_op op,\n+mcs_stats_dump(void *ctx, enum mcs_op op,\n \t void *rx_sess, void *tx_sess,\n \t uint8_t rx_sc_id, uint8_t tx_sc_id,\n \t uint16_t rx_sa_id[], uint16_t tx_sa_id[])\n@@ -667,7 +667,7 @@ mcs_stats_dump(struct rte_security_ctx *ctx, enum mcs_op op,\n }\n \n static int\n-mcs_stats_check(struct rte_security_ctx *ctx, enum mcs_op op,\n+mcs_stats_check(void *ctx, enum mcs_op op,\n \t\tconst struct mcs_test_opts *opts,\n \t\tconst struct mcs_test_vector *td,\n \t\tvoid *rx_sess, void *tx_sess,\n@@ -850,7 +850,7 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs\n \tstruct rte_security_macsec_sa sa_conf = {0};\n \tstruct rte_security_macsec_sc sc_conf = {0};\n \tstruct mcs_err_vector err_vector = {0};\n-\tstruct rte_security_ctx *ctx;\n+\tvoid *ctx;\n \tint nb_rx = 0, nb_sent;\n \tint i, j = 0, ret, id, an = 0;\n \tuint8_t tci_off;\n@@ -858,7 +858,7 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs\n \n \tmemset(rx_pkts_burst, 0, sizeof(rx_pkts_burst[0]) * opts->nb_td);\n \n-\tctx = (struct rte_security_ctx *)rte_eth_dev_get_sec_ctx(port_id);\n+\tctx = rte_eth_dev_get_sec_ctx(port_id);\n \tif (ctx == NULL) {\n \t\tprintf(\"Ethernet device doesn't support security features.\\n\");\n \t\treturn TEST_SKIPPED;\ndiff --git a/app/test/test_security_inline_proto.c b/app/test/test_security_inline_proto.c\nindex 45aa742c6b..243aba6015 100644\n--- a/app/test/test_security_inline_proto.c\n+++ b/app/test/test_security_inline_proto.c\n@@ -136,7 +136,7 @@ static struct rte_flow *default_flow[RTE_MAX_ETHPORTS];\n /* Create Inline IPsec session */\n static int\n create_inline_ipsec_session(struct ipsec_test_data *sa, uint16_t portid,\n-\t\tvoid **sess, struct rte_security_ctx **ctx,\n+\t\tvoid **sess, void **ctx,\n \t\tuint32_t *ol_flags, const struct ipsec_test_flags *flags,\n \t\tstruct rte_security_session_conf *sess_conf)\n {\n@@ -149,7 +149,7 @@ create_inline_ipsec_session(struct ipsec_test_data *sa, uint16_t portid,\n \tstruct rte_security_capability_idx sec_cap_idx;\n \tconst struct rte_security_capability *sec_cap;\n \tenum rte_security_ipsec_sa_direction dir;\n-\tstruct rte_security_ctx *sec_ctx;\n+\tvoid *sec_ctx;\n \tuint32_t verify;\n \n \tsess_conf->action_type = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL;\n@@ -221,7 +221,7 @@ create_inline_ipsec_session(struct ipsec_test_data *sa, uint16_t portid,\n \n \tsess_conf->userdata = (void *) sa;\n \n-\tsec_ctx = (struct rte_security_ctx *)rte_eth_dev_get_sec_ctx(portid);\n+\tsec_ctx = rte_eth_dev_get_sec_ctx(portid);\n \tif (sec_ctx == NULL) {\n \t\tprintf(\"Ethernet device doesn't support security features.\\n\");\n \t\treturn TEST_SKIPPED;\n@@ -503,7 +503,7 @@ init_packet(struct rte_mempool *mp, const uint8_t *data, unsigned int len, bool\n static int\n init_mempools(unsigned int nb_mbuf)\n {\n-\tstruct rte_security_ctx *sec_ctx;\n+\tvoid *sec_ctx;\n \tuint16_t nb_sess = 512;\n \tuint32_t sess_sz;\n \tchar s[64];\n@@ -801,7 +801,7 @@ test_ipsec_with_reassembly(struct reassembly_vector *vector,\n \tstruct rte_crypto_sym_xform auth_in = {0};\n \tstruct rte_crypto_sym_xform aead_in = {0};\n \tstruct ipsec_test_data sa_data;\n-\tstruct rte_security_ctx *ctx;\n+\tvoid *ctx;\n \tunsigned int i, nb_rx = 0, j;\n \tuint32_t ol_flags;\n \tbool outer_ipv4;\n@@ -1068,7 +1068,7 @@ test_ipsec_inline_proto_process(struct ipsec_test_data *td,\n \tstruct rte_crypto_sym_xform auth = {0};\n \tstruct rte_crypto_sym_xform aead = {0};\n \tstruct sa_expiry_vector vector = {0};\n-\tstruct rte_security_ctx *ctx;\n+\tvoid *ctx;\n \tint nb_rx = 0, nb_sent;\n \tuint32_t ol_flags;\n \tint i, j = 0, ret;\n@@ -1338,7 +1338,7 @@ test_ipsec_inline_proto_process_with_esn(struct ipsec_test_data td[],\n \tstruct rte_mbuf *tx_pkt = NULL;\n \tint nb_rx, nb_sent;\n \tvoid *ses;\n-\tstruct rte_security_ctx *ctx;\n+\tvoid *ctx;\n \tuint32_t ol_flags;\n \tbool outer_ipv4;\n \tint i, ret;\ndiff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c\nindex 3ab7995fd5..bf98d2618b 100644\n--- a/examples/ipsec-secgw/ipsec-secgw.c\n+++ b/examples/ipsec-secgw/ipsec-secgw.c\n@@ -568,7 +568,7 @@ process_pkts_outbound_nosp(struct ipsec_ctx *ipsec_ctx,\n \n static inline void\n process_pkts(struct lcore_conf *qconf, struct rte_mbuf **pkts,\n-\t uint8_t nb_pkts, uint16_t portid, struct rte_security_ctx *ctx)\n+\t uint8_t nb_pkts, uint16_t portid, void *ctx)\n {\n \tstruct ipsec_traffic traffic;\n \ndiff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c\nindex a5706bed24..f5cec4a928 100644\n--- a/examples/ipsec-secgw/ipsec.c\n+++ b/examples/ipsec-secgw/ipsec.c\n@@ -205,7 +205,7 @@ verify_ipsec_capabilities(struct rte_security_ipsec_xform *ipsec_xform,\n \n \n static inline int\n-verify_security_capabilities(struct rte_security_ctx *ctx,\n+verify_security_capabilities(void *ctx,\n \t\tstruct rte_security_session_conf *sess_conf,\n \t\tuint32_t *ol_flags)\n {\n@@ -327,9 +327,7 @@ create_lookaside_session(struct ipsec_ctx *ipsec_ctx_lcore[],\n \t\t};\n \n \t\tif (ips->type == RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL) {\n-\t\t\tstruct rte_security_ctx *ctx = (struct rte_security_ctx *)\n-\t\t\t\t\t\t\trte_cryptodev_get_sec_ctx(\n-\t\t\t\t\t\t\tcdev_id);\n+\t\t\tvoid *ctx = rte_cryptodev_get_sec_ctx(cdev_id);\n \n \t\t\t/* Set IPsec parameters in conf */\n \t\t\tset_ipsec_conf(sa, &(sess_conf.ipsec));\n@@ -411,7 +409,7 @@ create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa,\n \t\tstruct rte_ipsec_session *ips)\n {\n \tint32_t ret = 0;\n-\tstruct rte_security_ctx *sec_ctx;\n+\tvoid *sec_ctx;\n \tstruct rte_security_session_conf sess_conf = {\n \t\t.action_type = ips->type,\n \t\t.protocol = RTE_SECURITY_PROTOCOL_IPSEC,\n@@ -490,9 +488,7 @@ create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa,\n \t\tstruct rte_flow_error err;\n \t\tint ret = 0;\n \n-\t\tsec_ctx = (struct rte_security_ctx *)\n-\t\t\t\t\trte_eth_dev_get_sec_ctx(\n-\t\t\t\t\tsa->portid);\n+\t\tsec_ctx = rte_eth_dev_get_sec_ctx(sa->portid);\n \t\tif (sec_ctx == NULL) {\n \t\t\tRTE_LOG(ERR, IPSEC,\n \t\t\t\t\" rte_eth_dev_get_sec_ctx failed\\n\");\n@@ -657,8 +653,7 @@ create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa,\n \t\t\treturn -1;\n \t\t}\n \t} else if (ips->type ==\tRTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL) {\n-\t\tsec_ctx = (struct rte_security_ctx *)\n-\t\t\t\trte_eth_dev_get_sec_ctx(sa->portid);\n+\t\tsec_ctx = rte_eth_dev_get_sec_ctx(sa->portid);\n \n \t\tif (sec_ctx == NULL) {\n \t\t\tRTE_LOG(ERR, IPSEC,\ndiff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h\nindex 6bef2a7285..5059418456 100644\n--- a/examples/ipsec-secgw/ipsec.h\n+++ b/examples/ipsec-secgw/ipsec.h\n@@ -279,7 +279,7 @@ struct cnt_blk {\n struct lcore_rx_queue {\n \tuint16_t port_id;\n \tuint8_t queue_id;\n-\tstruct rte_security_ctx *sec_ctx;\n+\tvoid *sec_ctx;\n } __rte_cache_aligned;\n \n struct buffer {\ndiff --git a/examples/ipsec-secgw/ipsec_worker.c b/examples/ipsec-secgw/ipsec_worker.c\nindex 58c80c73f0..8d122e8519 100644\n--- a/examples/ipsec-secgw/ipsec_worker.c\n+++ b/examples/ipsec-secgw/ipsec_worker.c\n@@ -20,7 +20,7 @@\n \n struct port_drv_mode_data {\n \tvoid *sess;\n-\tstruct rte_security_ctx *ctx;\n+\tvoid *ctx;\n };\n \n typedef void (*ipsec_worker_fn_t)(void);\ndiff --git a/examples/ipsec-secgw/ipsec_worker.h b/examples/ipsec-secgw/ipsec_worker.h\nindex cf59b9b5ab..ac980b8bcf 100644\n--- a/examples/ipsec-secgw/ipsec_worker.h\n+++ b/examples/ipsec-secgw/ipsec_worker.h\n@@ -119,7 +119,7 @@ adjust_ipv6_pktlen(struct rte_mbuf *m, const struct rte_ipv6_hdr *iph,\n }\n \n static __rte_always_inline void\n-prepare_one_packet(struct rte_security_ctx *ctx, struct rte_mbuf *pkt,\n+prepare_one_packet(void *ctx, struct rte_mbuf *pkt,\n \t\t struct ipsec_traffic *t)\n {\n \tuint32_t ptype = pkt->packet_type;\n@@ -230,7 +230,7 @@ prepare_one_packet(struct rte_security_ctx *ctx, struct rte_mbuf *pkt,\n }\n \n static __rte_always_inline void\n-prepare_traffic(struct rte_security_ctx *ctx, struct rte_mbuf **pkts,\n+prepare_traffic(void *ctx, struct rte_mbuf **pkts,\n \t\tstruct ipsec_traffic *t, uint16_t nb_pkts)\n {\n \tint32_t i;\ndiff --git a/examples/l2fwd-macsec/main.c b/examples/l2fwd-macsec/main.c\nindex dfc567e36e..ae05b1b475 100644\n--- a/examples/l2fwd-macsec/main.c\n+++ b/examples/l2fwd-macsec/main.c\n@@ -139,7 +139,7 @@ struct l2fwd_macsec_options {\n struct l2fwd_macsec_port_params {\n \tuint8_t dev_id;\n \tuint8_t qp_id;\n-\tstruct rte_security_ctx *sec_ctx;\n+\tvoid *sec_ctx;\n \tstruct rte_mempool *sess_pool;\n \n \tvoid *sess;\ndiff --git a/lib/security/rte_security.c b/lib/security/rte_security.c\nindex c4d64bb8e9..8a7c725eff 100644\n--- a/lib/security/rte_security.c\n+++ b/lib/security/rte_security.c\n@@ -43,11 +43,12 @@ rte_security_dynfield_register(void)\n }\n \n void *\n-rte_security_session_create(struct rte_security_ctx *instance,\n+rte_security_session_create(void *ctx,\n \t\t\t struct rte_security_session_conf *conf,\n \t\t\t struct rte_mempool *mp)\n {\n \tstruct rte_security_session *sess = NULL;\n+\tstruct rte_security_ctx *instance = ctx;\n \tuint32_t sess_priv_size;\n \n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_create, NULL, NULL);\n@@ -76,10 +77,10 @@ rte_security_session_create(struct rte_security_ctx *instance,\n }\n \n int\n-rte_security_session_update(struct rte_security_ctx *instance,\n-\t\t\t void *sess,\n-\t\t\t struct rte_security_session_conf *conf)\n+rte_security_session_update(void *ctx, void *sess, struct rte_security_session_conf *conf)\n {\n+\tstruct rte_security_ctx *instance = ctx;\n+\n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_update, -EINVAL,\n \t\t\t-ENOTSUP);\n \tRTE_PTR_OR_ERR_RET(sess, -EINVAL);\n@@ -89,8 +90,10 @@ rte_security_session_update(struct rte_security_ctx *instance,\n }\n \n unsigned int\n-rte_security_session_get_size(struct rte_security_ctx *instance)\n+rte_security_session_get_size(void *ctx)\n {\n+\tstruct rte_security_ctx *instance = ctx;\n+\n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_get_size, 0, 0);\n \n \treturn (sizeof(struct rte_security_session) +\n@@ -98,10 +101,10 @@ rte_security_session_get_size(struct rte_security_ctx *instance)\n }\n \n int\n-rte_security_session_stats_get(struct rte_security_ctx *instance,\n-\t\t\t void *sess,\n-\t\t\t struct rte_security_stats *stats)\n+rte_security_session_stats_get(void *ctx, void *sess, struct rte_security_stats *stats)\n {\n+\tstruct rte_security_ctx *instance = ctx;\n+\n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_stats_get, -EINVAL,\n \t\t\t-ENOTSUP);\n \t/* Parameter sess can be NULL in case of getting global statistics. */\n@@ -111,8 +114,9 @@ rte_security_session_stats_get(struct rte_security_ctx *instance,\n }\n \n int\n-rte_security_session_destroy(struct rte_security_ctx *instance, void *sess)\n+rte_security_session_destroy(void *ctx, void *sess)\n {\n+\tstruct rte_security_ctx *instance = ctx;\n \tint ret;\n \n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_destroy, -EINVAL,\n@@ -132,9 +136,9 @@ rte_security_session_destroy(struct rte_security_ctx *instance, void *sess)\n }\n \n int\n-rte_security_macsec_sc_create(struct rte_security_ctx *instance,\n-\t\t\t struct rte_security_macsec_sc *conf)\n+rte_security_macsec_sc_create(void *ctx, struct rte_security_macsec_sc *conf)\n {\n+\tstruct rte_security_ctx *instance = ctx;\n \tint sc_id;\n \n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, macsec_sc_create, -EINVAL, -ENOTSUP);\n@@ -148,9 +152,9 @@ rte_security_macsec_sc_create(struct rte_security_ctx *instance,\n }\n \n int\n-rte_security_macsec_sa_create(struct rte_security_ctx *instance,\n-\t\t\t struct rte_security_macsec_sa *conf)\n+rte_security_macsec_sa_create(void *ctx, struct rte_security_macsec_sa *conf)\n {\n+\tstruct rte_security_ctx *instance = ctx;\n \tint sa_id;\n \n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, macsec_sa_create, -EINVAL, -ENOTSUP);\n@@ -164,9 +168,10 @@ rte_security_macsec_sa_create(struct rte_security_ctx *instance,\n }\n \n int\n-rte_security_macsec_sc_destroy(struct rte_security_ctx *instance, uint16_t sc_id,\n+rte_security_macsec_sc_destroy(void *ctx, uint16_t sc_id,\n \t\t\t enum rte_security_macsec_direction dir)\n {\n+\tstruct rte_security_ctx *instance = ctx;\n \tint ret;\n \n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, macsec_sc_destroy, -EINVAL, -ENOTSUP);\n@@ -182,9 +187,10 @@ rte_security_macsec_sc_destroy(struct rte_security_ctx *instance, uint16_t sc_id\n }\n \n int\n-rte_security_macsec_sa_destroy(struct rte_security_ctx *instance, uint16_t sa_id,\n+rte_security_macsec_sa_destroy(void *ctx, uint16_t sa_id,\n \t\t\t enum rte_security_macsec_direction dir)\n {\n+\tstruct rte_security_ctx *instance = ctx;\n \tint ret;\n \n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, macsec_sa_destroy, -EINVAL, -ENOTSUP);\n@@ -200,10 +206,12 @@ rte_security_macsec_sa_destroy(struct rte_security_ctx *instance, uint16_t sa_id\n }\n \n int\n-rte_security_macsec_sc_stats_get(struct rte_security_ctx *instance, uint16_t sc_id,\n+rte_security_macsec_sc_stats_get(void *ctx, uint16_t sc_id,\n \t\t\t\t enum rte_security_macsec_direction dir,\n \t\t\t\t struct rte_security_macsec_sc_stats *stats)\n {\n+\tstruct rte_security_ctx *instance = ctx;\n+\n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, macsec_sc_stats_get, -EINVAL, -ENOTSUP);\n \tRTE_PTR_OR_ERR_RET(stats, -EINVAL);\n \n@@ -211,10 +219,12 @@ rte_security_macsec_sc_stats_get(struct rte_security_ctx *instance, uint16_t sc_\n }\n \n int\n-rte_security_macsec_sa_stats_get(struct rte_security_ctx *instance, uint16_t sa_id,\n+rte_security_macsec_sa_stats_get(void *ctx, uint16_t sa_id,\n \t\t\t\t enum rte_security_macsec_direction dir,\n \t\t\t\t struct rte_security_macsec_sa_stats *stats)\n {\n+\tstruct rte_security_ctx *instance = ctx;\n+\n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, macsec_sa_stats_get, -EINVAL, -ENOTSUP);\n \tRTE_PTR_OR_ERR_RET(stats, -EINVAL);\n \n@@ -222,10 +232,9 @@ rte_security_macsec_sa_stats_get(struct rte_security_ctx *instance, uint16_t sa_\n }\n \n int\n-__rte_security_set_pkt_metadata(struct rte_security_ctx *instance,\n-\t\t\t\tvoid *sess,\n-\t\t\t\tstruct rte_mbuf *m, void *params)\n+__rte_security_set_pkt_metadata(void *ctx, void *sess, struct rte_mbuf *m, void *params)\n {\n+\tstruct rte_security_ctx *instance = ctx;\n #ifdef RTE_DEBUG\n \tRTE_PTR_OR_ERR_RET(sess, -EINVAL);\n \tRTE_PTR_OR_ERR_RET(instance, -EINVAL);\n@@ -238,19 +247,21 @@ __rte_security_set_pkt_metadata(struct rte_security_ctx *instance,\n }\n \n const struct rte_security_capability *\n-rte_security_capabilities_get(struct rte_security_ctx *instance)\n+rte_security_capabilities_get(void *ctx)\n {\n+\tstruct rte_security_ctx *instance = ctx;\n+\n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, capabilities_get, NULL, NULL);\n \n \treturn instance->ops->capabilities_get(instance->device);\n }\n \n const struct rte_security_capability *\n-rte_security_capability_get(struct rte_security_ctx *instance,\n-\t\t\t struct rte_security_capability_idx *idx)\n+rte_security_capability_get(void *ctx, struct rte_security_capability_idx *idx)\n {\n \tconst struct rte_security_capability *capabilities;\n \tconst struct rte_security_capability *capability;\n+\tstruct rte_security_ctx *instance = ctx;\n \tuint16_t i = 0;\n \n \tRTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, capabilities_get, NULL, NULL);\ndiff --git a/lib/security/rte_security.h b/lib/security/rte_security.h\nindex 3b2df526ba..1ec7938cfa 100644\n--- a/lib/security/rte_security.h\n+++ b/lib/security/rte_security.h\n@@ -56,30 +56,6 @@ enum rte_security_ipsec_tunnel_type {\n #define RTE_SECURITY_IPSEC_TUNNEL_VERIFY_DST_ADDR 0x1\n #define RTE_SECURITY_IPSEC_TUNNEL_VERIFY_SRC_DST_ADDR 0x2\n \n-/**\n- * Security context for crypto/eth devices\n- *\n- * Security instance for each driver to register security operations.\n- * The application can get the security context from the crypto/eth device id\n- * using the APIs rte_cryptodev_get_sec_ctx()/rte_eth_dev_get_sec_ctx()\n- * This structure is used to identify the device(crypto/eth) for which the\n- * security operations need to be performed.\n- */\n-struct rte_security_ctx {\n-\tvoid *device;\n-\t/**< Crypto/ethernet device attached */\n-\tconst struct rte_security_ops *ops;\n-\t/**< Pointer to security ops for the device */\n-\tuint16_t sess_cnt;\n-\t/**< Number of sessions attached to this context */\n-\tuint16_t macsec_sc_cnt;\n-\t/**< Number of MACsec SC attached to this context */\n-\tuint16_t macsec_sa_cnt;\n-\t/**< Number of MACsec SA attached to this context */\n-\tuint32_t flags;\n-\t/**< Flags for security context */\n-};\n-\n #define RTE_SEC_CTX_F_FAST_SET_MDATA 0x00000001\n /**< Driver uses fast metadata update without using driver specific callback.\n * For fast mdata, mbuf dynamic field would be registered by driver\n@@ -689,7 +665,7 @@ struct rte_security_session_conf {\n * - On failure, NULL\n */\n void *\n-rte_security_session_create(struct rte_security_ctx *instance,\n+rte_security_session_create(void *instance,\n \t\t\t struct rte_security_session_conf *conf,\n \t\t\t struct rte_mempool *mp);\n \n@@ -705,7 +681,7 @@ rte_security_session_create(struct rte_security_ctx *instance,\n */\n __rte_experimental\n int\n-rte_security_session_update(struct rte_security_ctx *instance,\n+rte_security_session_update(void *instance,\n \t\t\t void *sess,\n \t\t\t struct rte_security_session_conf *conf);\n \n@@ -719,7 +695,7 @@ rte_security_session_update(struct rte_security_ctx *instance,\n * - 0 if device is invalid or does not support the operation.\n */\n unsigned int\n-rte_security_session_get_size(struct rte_security_ctx *instance);\n+rte_security_session_get_size(void *instance);\n \n /**\n * Free security session header and the session private data and\n@@ -736,7 +712,7 @@ rte_security_session_get_size(struct rte_security_ctx *instance);\n * - other negative values in case of freeing private data errors.\n */\n int\n-rte_security_session_destroy(struct rte_security_ctx *instance, void *sess);\n+rte_security_session_destroy(void *instance, void *sess);\n \n /**\n * @warning\n@@ -755,7 +731,7 @@ rte_security_session_destroy(struct rte_security_ctx *instance, void *sess);\n */\n __rte_experimental\n int\n-rte_security_macsec_sc_create(struct rte_security_ctx *instance,\n+rte_security_macsec_sc_create(void *instance,\n \t\t\t struct rte_security_macsec_sc *conf);\n \n /**\n@@ -774,7 +750,7 @@ rte_security_macsec_sc_create(struct rte_security_ctx *instance,\n */\n __rte_experimental\n int\n-rte_security_macsec_sc_destroy(struct rte_security_ctx *instance, uint16_t sc_id,\n+rte_security_macsec_sc_destroy(void *instance, uint16_t sc_id,\n \t\t\t enum rte_security_macsec_direction dir);\n \n /**\n@@ -794,7 +770,7 @@ rte_security_macsec_sc_destroy(struct rte_security_ctx *instance, uint16_t sc_id\n */\n __rte_experimental\n int\n-rte_security_macsec_sa_create(struct rte_security_ctx *instance,\n+rte_security_macsec_sa_create(void *instance,\n \t\t\t struct rte_security_macsec_sa *conf);\n \n /**\n@@ -813,7 +789,7 @@ rte_security_macsec_sa_create(struct rte_security_ctx *instance,\n */\n __rte_experimental\n int\n-rte_security_macsec_sa_destroy(struct rte_security_ctx *instance, uint16_t sa_id,\n+rte_security_macsec_sa_destroy(void *instance, uint16_t sa_id,\n \t\t\t enum rte_security_macsec_direction dir);\n \n /** Device-specific metadata field type */\n@@ -857,6 +833,27 @@ static inline bool rte_security_dynfield_is_registered(void)\n \treturn rte_security_dynfield_offset >= 0;\n }\n \n+#define RTE_SECURITY_CTX_FLAGS_OFF\t\t4\n+/**\n+ * Get security flags from security instance.\n+ */\n+static inline uint32_t\n+rte_security_ctx_flags_get(void *ctx)\n+{\n+\treturn *((uint32_t *)ctx + RTE_SECURITY_CTX_FLAGS_OFF);\n+}\n+\n+/**\n+ * Set security flags in security instance.\n+ */\n+static inline void\n+rte_security_ctx_flags_set(void *ctx, uint32_t flags)\n+{\n+\tuint32_t *data;\n+\tdata = (((uint32_t *)ctx) + RTE_SECURITY_CTX_FLAGS_OFF);\n+\t*data = flags;\n+}\n+\n #define RTE_SECURITY_SESS_OPAQUE_DATA_OFF\t0\n #define RTE_SECURITY_SESS_FAST_MDATA_OFF\t1\n /**\n@@ -901,7 +898,7 @@ rte_security_session_fast_mdata_set(void *sess, uint64_t fdata)\n \n /** Function to call PMD specific function pointer set_pkt_metadata() */\n __rte_experimental\n-int __rte_security_set_pkt_metadata(struct rte_security_ctx *instance,\n+int __rte_security_set_pkt_metadata(void *instance,\n \t\t\t\t void *sess,\n \t\t\t\t struct rte_mbuf *m, void *params);\n \n@@ -919,12 +916,12 @@ int __rte_security_set_pkt_metadata(struct rte_security_ctx *instance,\n * - On failure, a negative value.\n */\n static inline int\n-rte_security_set_pkt_metadata(struct rte_security_ctx *instance,\n+rte_security_set_pkt_metadata(void *instance,\n \t\t\t void *sess,\n \t\t\t struct rte_mbuf *mb, void *params)\n {\n \t/* Fast Path */\n-\tif (instance->flags & RTE_SEC_CTX_F_FAST_SET_MDATA) {\n+\tif (rte_security_ctx_flags_get(instance) & RTE_SEC_CTX_F_FAST_SET_MDATA) {\n \t\t*rte_security_dynfield(mb) = (rte_security_dynfield_t)\n \t\t\trte_security_session_fast_mdata_get(sess);\n \t\treturn 0;\n@@ -1074,7 +1071,7 @@ struct rte_security_stats {\n */\n __rte_experimental\n int\n-rte_security_session_stats_get(struct rte_security_ctx *instance,\n+rte_security_session_stats_get(void *instance,\n \t\t\t void *sess,\n \t\t\t struct rte_security_stats *stats);\n \n@@ -1094,7 +1091,7 @@ rte_security_session_stats_get(struct rte_security_ctx *instance,\n */\n __rte_experimental\n int\n-rte_security_macsec_sa_stats_get(struct rte_security_ctx *instance,\n+rte_security_macsec_sa_stats_get(void *instance,\n \t\t\t\t uint16_t sa_id, enum rte_security_macsec_direction dir,\n \t\t\t\t struct rte_security_macsec_sa_stats *stats);\n \n@@ -1114,7 +1111,7 @@ rte_security_macsec_sa_stats_get(struct rte_security_ctx *instance,\n */\n __rte_experimental\n int\n-rte_security_macsec_sc_stats_get(struct rte_security_ctx *instance,\n+rte_security_macsec_sc_stats_get(void *instance,\n \t\t\t\t uint16_t sc_id, enum rte_security_macsec_direction dir,\n \t\t\t\t struct rte_security_macsec_sc_stats *stats);\n \n@@ -1264,7 +1261,7 @@ struct rte_security_capability_idx {\n * - Return NULL if no capabilities available.\n */\n const struct rte_security_capability *\n-rte_security_capabilities_get(struct rte_security_ctx *instance);\n+rte_security_capabilities_get(void *instance);\n \n /**\n * Query if a specific capability is available on security instance\n@@ -1278,7 +1275,7 @@ rte_security_capabilities_get(struct rte_security_ctx *instance);\n * - Return NULL if the capability not matched on security instance.\n */\n const struct rte_security_capability *\n-rte_security_capability_get(struct rte_security_ctx *instance,\n+rte_security_capability_get(void *instance,\n \t\t\t struct rte_security_capability_idx *idx);\n \n #ifdef __cplusplus\ndiff --git a/lib/security/rte_security_driver.h b/lib/security/rte_security_driver.h\nindex 31444a05d3..60e05f083f 100644\n--- a/lib/security/rte_security_driver.h\n+++ b/lib/security/rte_security_driver.h\n@@ -37,6 +37,30 @@ struct rte_security_session {\n \t/**< Private session material, variable size (depends on driver) */\n };\n \n+/**\n+ * Security context for crypto/eth devices\n+ *\n+ * Security instance for each driver to register security operations.\n+ * The application can get the security context from the crypto/eth device id\n+ * using the APIs rte_cryptodev_get_sec_ctx()/rte_eth_dev_get_sec_ctx()\n+ * This structure is used to identify the device(crypto/eth) for which the\n+ * security operations need to be performed.\n+ */\n+struct rte_security_ctx {\n+\tvoid *device;\n+\t/**< Crypto/ethernet device attached */\n+\tconst struct rte_security_ops *ops;\n+\t/**< Pointer to security ops for the device */\n+\tuint32_t flags;\n+\t/**< Flags for security context */\n+\tuint16_t sess_cnt;\n+\t/**< Number of sessions attached to this context */\n+\tuint16_t macsec_sc_cnt;\n+\t/**< Number of MACsec SC attached to this context */\n+\tuint16_t macsec_sa_cnt;\n+\t/**< Number of MACsec SA attached to this context */\n+};\n+\n /**\n * Helper macro to get driver private data\n */\n", "prefixes": [] }