Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/135449/?format=api
{ "id": 135449, "url": "http://patches.dpdk.org/api/patches/135449/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/patch/20231221123545.510-18-anoobj@marvell.com/", "project": { "id": 1, "url": "http://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20231221123545.510-18-anoobj@marvell.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20231221123545.510-18-anoobj@marvell.com", "date": "2023-12-21T12:35:38", "name": "[17/24] crypto/cnxk: add TLS capability", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "94c52f850ad2e75721592a16b2e9422332dd5f11", "submitter": { "id": 1205, "url": "http://patches.dpdk.org/api/people/1205/?format=api", "name": "Anoob Joseph", "email": "anoobj@marvell.com" }, "delegate": { "id": 1, "url": "http://patches.dpdk.org/api/users/1/?format=api", "username": "tmonjalo", "first_name": "Thomas", "last_name": "Monjalon", "email": "thomas@monjalon.net" }, "mbox": "http://patches.dpdk.org/project/dpdk/patch/20231221123545.510-18-anoobj@marvell.com/mbox/", "series": [ { "id": 30646, "url": "http://patches.dpdk.org/api/series/30646/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=30646", "date": "2023-12-21T12:35:21", "name": "Fixes and improvements in crypto cnxk", "version": 1, "mbox": "http://patches.dpdk.org/series/30646/mbox/" } ], "comments": "http://patches.dpdk.org/api/patches/135449/comments/", "check": "success", "checks": "http://patches.dpdk.org/api/patches/135449/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 1828B43750;\n\tThu, 21 Dec 2023 13:38:09 +0100 (CET)", "from mails.dpdk.org (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id 71E6B42ED2;\n\tThu, 21 Dec 2023 13:36:57 +0100 (CET)", "from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com\n [67.231.148.174])\n by mails.dpdk.org (Postfix) with ESMTP id 89FD642EB8\n for <dev@dpdk.org>; Thu, 21 Dec 2023 13:36:54 +0100 (CET)", "from pps.filterd (m0045849.ppops.net [127.0.0.1])\n by mx0a-0016f401.pphosted.com (8.17.1.24/8.17.1.24) with ESMTP id\n 3BLCVS34019305 for <dev@dpdk.org>; Thu, 21 Dec 2023 04:36:53 -0800", "from dc5-exch02.marvell.com ([199.233.59.182])\n by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3v4nekg0k0-2\n (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)\n for <dev@dpdk.org>; Thu, 21 Dec 2023 04:36:50 -0800 (PST)", "from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com\n (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48;\n Thu, 21 Dec 2023 04:36:35 -0800", "from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com\n (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend\n Transport; Thu, 21 Dec 2023 04:36:34 -0800", "from BG-LT92004.corp.innovium.com (unknown [10.193.71.152])\n by maili.marvell.com (Postfix) with ESMTP id 3E88E3F707D;\n Thu, 21 Dec 2023 04:36:31 -0800 (PST)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=\n from:to:cc:subject:date:message-id:in-reply-to:references\n :mime-version:content-transfer-encoding:content-type; s=\n pfpt0220; bh=z1gWFZ1xbdY5YLY4AxpQk0tr2V85UDU8suSr7Ho+7Vo=; b=coj\n XG5fD7TqrE7GBA6qYcwWPVbLMTtGN2oFWi9vGSucUy7/wQw7rb84NpU0l8qL5pDa\n tl7dd90SpiB2JXBD5qyByVy9SMKgu59EIbWvF56Dv1TYaVPNsRc8XWO3QRQdl44E\n YaEE3WT8JDkIZEXIrUYBG/+Edy9H3016XSn+reS+Qm2koziktN4yVwTWSyhc7TJp\n m00L2L+rvatAj5NCvVUeV5fTVUON+ym2YfH4yX+tQ3cD7Os/PA3Rw6wKTUyj7GAr\n bjuyu4C9BwJDBCM0Jh0GAe9N+j+FV6YtcgM/X2phZ+eH0vSYTbVk3r+QRgFoEztl\n 1uYSk634og5Aey/RHoA==", "From": "Anoob Joseph <anoobj@marvell.com>", "To": "Akhil Goyal <gakhil@marvell.com>", "CC": "Vidya Sagar Velumuri <vvelumuri@marvell.com>, Jerin Jacob\n <jerinj@marvell.com>,\n Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>", "Subject": "[PATCH 17/24] crypto/cnxk: add TLS capability", "Date": "Thu, 21 Dec 2023 18:05:38 +0530", "Message-ID": "<20231221123545.510-18-anoobj@marvell.com>", "X-Mailer": "git-send-email 2.25.1", "In-Reply-To": "<20231221123545.510-1-anoobj@marvell.com>", "References": "<20231221123545.510-1-anoobj@marvell.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Content-Type": "text/plain", "X-Proofpoint-GUID": "RadFP5BPgbf8-ojvcF8j0phh_QfQCm7O", "X-Proofpoint-ORIG-GUID": "RadFP5BPgbf8-ojvcF8j0phh_QfQCm7O", "X-Proofpoint-Virus-Version": "vendor=baseguard\n engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26\n definitions=2023-12-09_02,2023-12-07_01,2023-05-22_02", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org" }, "content": "From: Vidya Sagar Velumuri <vvelumuri@marvell.com>\n\nAdd TLS 1.2 record read and write capability.\nAdd DTLS 1.2 record read and write capability.\n\nSigned-off-by: Anoob Joseph <anoobj@marvell.com>\nSigned-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>\n---\n doc/guides/rel_notes/release_24_03.rst | 2 +\n drivers/common/cnxk/hw/cpt.h | 3 +-\n drivers/crypto/cnxk/cnxk_cryptodev.h | 12 +-\n .../crypto/cnxk/cnxk_cryptodev_capabilities.c | 210 ++++++++++++++++++\n 4 files changed, 223 insertions(+), 4 deletions(-)", "diff": "diff --git a/doc/guides/rel_notes/release_24_03.rst b/doc/guides/rel_notes/release_24_03.rst\nindex fa30b46ead..0ebbae9f4e 100644\n--- a/doc/guides/rel_notes/release_24_03.rst\n+++ b/doc/guides/rel_notes/release_24_03.rst\n@@ -58,6 +58,8 @@ New Features\n * **Updated Marvell cnxk crypto driver.**\n \n * Added support for Rx inject in crypto_cn10k.\n+ * Added support for TLS record processing in crypto_cn10k. Supports TLS 1.2\n+ and DTLS 1.2.\n \n Removed Items\n -------------\ndiff --git a/drivers/common/cnxk/hw/cpt.h b/drivers/common/cnxk/hw/cpt.h\nindex edab8a5d83..2620965606 100644\n--- a/drivers/common/cnxk/hw/cpt.h\n+++ b/drivers/common/cnxk/hw/cpt.h\n@@ -80,7 +80,8 @@ union cpt_eng_caps {\n \t\tuint64_t __io sg_ver2 : 1;\n \t\tuint64_t __io sm2 : 1;\n \t\tuint64_t __io pdcp_chain_zuc256 : 1;\n-\t\tuint64_t __io reserved_38_63 : 26;\n+\t\tuint64_t __io tls : 1;\n+\t\tuint64_t __io reserved_39_63 : 25;\n \t};\n };\n \ndiff --git a/drivers/crypto/cnxk/cnxk_cryptodev.h b/drivers/crypto/cnxk/cnxk_cryptodev.h\nindex a5c4365631..8c8c58a76b 100644\n--- a/drivers/crypto/cnxk/cnxk_cryptodev.h\n+++ b/drivers/crypto/cnxk/cnxk_cryptodev.h\n@@ -11,9 +11,11 @@\n #include \"roc_ae.h\"\n #include \"roc_cpt.h\"\n \n-#define CNXK_CPT_MAX_CAPS\t 55\n-#define CNXK_SEC_IPSEC_CRYPTO_MAX_CAPS 16\n-#define CNXK_SEC_MAX_CAPS\t 9\n+#define CNXK_CPT_MAX_CAPS\t\t 55\n+#define CNXK_SEC_IPSEC_CRYPTO_MAX_CAPS\t 16\n+#define CNXK_SEC_TLS_1_3_CRYPTO_MAX_CAPS 2\n+#define CNXK_SEC_TLS_1_2_CRYPTO_MAX_CAPS 6\n+#define CNXK_SEC_MAX_CAPS\t\t 17\n \n /**\n * Device private data\n@@ -25,6 +27,10 @@ struct cnxk_cpt_vf {\n \tstruct roc_cpt cpt;\n \tstruct rte_cryptodev_capabilities crypto_caps[CNXK_CPT_MAX_CAPS];\n \tstruct rte_cryptodev_capabilities sec_ipsec_crypto_caps[CNXK_SEC_IPSEC_CRYPTO_MAX_CAPS];\n+\tstruct rte_cryptodev_capabilities sec_tls_1_3_crypto_caps[CNXK_SEC_TLS_1_3_CRYPTO_MAX_CAPS];\n+\tstruct rte_cryptodev_capabilities sec_tls_1_2_crypto_caps[CNXK_SEC_TLS_1_2_CRYPTO_MAX_CAPS];\n+\tstruct rte_cryptodev_capabilities\n+\t\tsec_dtls_1_2_crypto_caps[CNXK_SEC_TLS_1_2_CRYPTO_MAX_CAPS];\n \tstruct rte_security_capability sec_caps[CNXK_SEC_MAX_CAPS];\n \tuint64_t cnxk_fpm_iova[ROC_AE_EC_ID_PMAX];\n \tstruct roc_ae_ec_group *ec_grp[ROC_AE_EC_ID_PMAX];\ndiff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c\nindex 178f510a63..73100377d9 100644\n--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c\n+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c\n@@ -30,6 +30,16 @@\n \t\t\t\t\t RTE_DIM(sec_ipsec_caps_##name)); \\\n \t} while (0)\n \n+#define SEC_TLS12_CAPS_ADD(cnxk_caps, cur_pos, hw_caps, name) \\\n+\tdo { \\\n+\t\tif ((hw_caps[CPT_ENG_TYPE_SE].name) || \\\n+\t\t (hw_caps[CPT_ENG_TYPE_IE].name) || \\\n+\t\t (hw_caps[CPT_ENG_TYPE_AE].name)) \\\n+\t\t\tsec_tls12_caps_add(cnxk_caps, cur_pos, \\\n+\t\t\t\t\t sec_tls12_caps_##name, \\\n+\t\t\t\t\t RTE_DIM(sec_tls12_caps_##name)); \\\n+\t} while (0)\n+\n static const struct rte_cryptodev_capabilities caps_mul[] = {\n \t{\t/* RSA */\n \t\t.op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,\n@@ -1502,6 +1512,125 @@ static const struct rte_cryptodev_capabilities sec_ipsec_caps_null[] = {\n \t},\n };\n \n+static const struct rte_cryptodev_capabilities sec_tls12_caps_aes[] = {\n+\t{\t/* AES GCM */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,\n+\t\t\t{.aead = {\n+\t\t\t\t.algo = RTE_CRYPTO_AEAD_AES_GCM,\n+\t\t\t\t.block_size = 16,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 32,\n+\t\t\t\t\t.increment = 16\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.aad_size = {\n+\t\t\t\t\t.min = 13,\n+\t\t\t\t\t.max = 13,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 12,\n+\t\t\t\t\t.max = 12,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t}\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* AES CBC */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n+\t\t\t{.cipher = {\n+\t\t\t\t.algo = RTE_CRYPTO_CIPHER_AES_CBC,\n+\t\t\t\t.block_size = 16,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 32,\n+\t\t\t\t\t.increment = 8\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 16,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t}\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+};\n+\n+static const struct rte_cryptodev_capabilities sec_tls12_caps_des[] = {\n+\t{\t/* 3DES CBC */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,\n+\t\t\t{.cipher = {\n+\t\t\t\t.algo = RTE_CRYPTO_CIPHER_3DES_CBC,\n+\t\t\t\t.block_size = 8,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 24,\n+\t\t\t\t\t.max = 24,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.iv_size = {\n+\t\t\t\t\t.min = 8,\n+\t\t\t\t\t.max = 8,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t}\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+};\n+\n+static const struct rte_cryptodev_capabilities sec_tls12_caps_sha1_sha2[] = {\n+\t{\t/* SHA1 HMAC */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,\n+\t\t\t\t.block_size = 64,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 20,\n+\t\t\t\t\t.max = 20,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 20,\n+\t\t\t\t\t.max = 20,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+\t{\t/* SHA256 HMAC */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,\n+\t\t{.sym = {\n+\t\t\t.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,\n+\t\t\t{.auth = {\n+\t\t\t\t.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,\n+\t\t\t\t.block_size = 64,\n+\t\t\t\t.key_size = {\n+\t\t\t\t\t.min = 32,\n+\t\t\t\t\t.max = 32,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t\t.digest_size = {\n+\t\t\t\t\t.min = 32,\n+\t\t\t\t\t.max = 32,\n+\t\t\t\t\t.increment = 0\n+\t\t\t\t},\n+\t\t\t}, }\n+\t\t}, }\n+\t},\n+};\n+\n static const struct rte_security_capability sec_caps_templ[] = {\n \t{\t/* IPsec Lookaside Protocol ESP Tunnel Ingress */\n \t\t.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,\n@@ -1591,6 +1720,46 @@ static const struct rte_security_capability sec_caps_templ[] = {\n \t\t},\n \t\t.crypto_capabilities = NULL,\n \t},\n+\t{\t/* TLS 1.2 Record Read */\n+\t\t.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,\n+\t\t.protocol = RTE_SECURITY_PROTOCOL_TLS_RECORD,\n+\t\t.tls_record = {\n+\t\t\t.ver = RTE_SECURITY_VERSION_TLS_1_2,\n+\t\t\t.type = RTE_SECURITY_TLS_SESS_TYPE_READ,\n+\t\t\t.ar_win_size = 0,\n+\t\t},\n+\t\t.crypto_capabilities = NULL,\n+\t},\n+\t{\t/* TLS 1.2 Record Write */\n+\t\t.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,\n+\t\t.protocol = RTE_SECURITY_PROTOCOL_TLS_RECORD,\n+\t\t.tls_record = {\n+\t\t\t.ver = RTE_SECURITY_VERSION_TLS_1_2,\n+\t\t\t.type = RTE_SECURITY_TLS_SESS_TYPE_WRITE,\n+\t\t\t.ar_win_size = 0,\n+\t\t},\n+\t\t.crypto_capabilities = NULL,\n+\t},\n+\t{\t/* DTLS 1.2 Record Read */\n+\t\t.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,\n+\t\t.protocol = RTE_SECURITY_PROTOCOL_TLS_RECORD,\n+\t\t.tls_record = {\n+\t\t\t.ver = RTE_SECURITY_VERSION_DTLS_1_2,\n+\t\t\t.type = RTE_SECURITY_TLS_SESS_TYPE_READ,\n+\t\t\t.ar_win_size = 0,\n+\t\t},\n+\t\t.crypto_capabilities = NULL,\n+\t},\n+\t{\t/* DTLS 1.2 Record Write */\n+\t\t.action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,\n+\t\t.protocol = RTE_SECURITY_PROTOCOL_TLS_RECORD,\n+\t\t.tls_record = {\n+\t\t\t.ver = RTE_SECURITY_VERSION_DTLS_1_2,\n+\t\t\t.type = RTE_SECURITY_TLS_SESS_TYPE_WRITE,\n+\t\t\t.ar_win_size = 0,\n+\t\t},\n+\t\t.crypto_capabilities = NULL,\n+\t},\n \t{\n \t\t.action = RTE_SECURITY_ACTION_TYPE_NONE\n \t}\n@@ -1807,6 +1976,35 @@ cn9k_sec_ipsec_caps_update(struct rte_security_capability *sec_cap)\n \tsec_cap->ipsec.options.esn = 1;\n }\n \n+static void\n+sec_tls12_caps_limit_check(int *cur_pos, int nb_caps)\n+{\n+\tPLT_VERIFY(*cur_pos + nb_caps <= CNXK_SEC_TLS_1_2_CRYPTO_MAX_CAPS);\n+}\n+\n+static void\n+sec_tls12_caps_add(struct rte_cryptodev_capabilities cnxk_caps[], int *cur_pos,\n+\t\t const struct rte_cryptodev_capabilities *caps, int nb_caps)\n+{\n+\tsec_tls12_caps_limit_check(cur_pos, nb_caps);\n+\n+\tmemcpy(&cnxk_caps[*cur_pos], caps, nb_caps * sizeof(caps[0]));\n+\t*cur_pos += nb_caps;\n+}\n+\n+static void\n+sec_tls12_crypto_caps_populate(struct rte_cryptodev_capabilities cnxk_caps[],\n+\t\t\t union cpt_eng_caps *hw_caps)\n+{\n+\tint cur_pos = 0;\n+\n+\tSEC_TLS12_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, aes);\n+\tSEC_TLS12_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, des);\n+\tSEC_TLS12_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, sha1_sha2);\n+\n+\tsec_tls12_caps_add(cnxk_caps, &cur_pos, caps_end, RTE_DIM(caps_end));\n+}\n+\n void\n cnxk_cpt_caps_populate(struct cnxk_cpt_vf *vf)\n {\n@@ -1815,6 +2013,11 @@ cnxk_cpt_caps_populate(struct cnxk_cpt_vf *vf)\n \tcrypto_caps_populate(vf->crypto_caps, vf->cpt.hw_caps);\n \tsec_ipsec_crypto_caps_populate(vf->sec_ipsec_crypto_caps, vf->cpt.hw_caps);\n \n+\tif (vf->cpt.hw_caps[CPT_ENG_TYPE_SE].tls) {\n+\t\tsec_tls12_crypto_caps_populate(vf->sec_tls_1_2_crypto_caps, vf->cpt.hw_caps);\n+\t\tsec_tls12_crypto_caps_populate(vf->sec_dtls_1_2_crypto_caps, vf->cpt.hw_caps);\n+\t}\n+\n \tPLT_STATIC_ASSERT(RTE_DIM(sec_caps_templ) <= RTE_DIM(vf->sec_caps));\n \tmemcpy(vf->sec_caps, sec_caps_templ, sizeof(sec_caps_templ));\n \n@@ -1830,6 +2033,13 @@ cnxk_cpt_caps_populate(struct cnxk_cpt_vf *vf)\n \n \t\t\tif (roc_model_is_cn9k())\n \t\t\t\tcn9k_sec_ipsec_caps_update(&vf->sec_caps[i]);\n+\t\t} else if (vf->sec_caps[i].protocol == RTE_SECURITY_PROTOCOL_TLS_RECORD) {\n+\t\t\tif (vf->sec_caps[i].tls_record.ver == RTE_SECURITY_VERSION_TLS_1_3)\n+\t\t\t\tvf->sec_caps[i].crypto_capabilities = vf->sec_tls_1_3_crypto_caps;\n+\t\t\telse if (vf->sec_caps[i].tls_record.ver == RTE_SECURITY_VERSION_DTLS_1_2)\n+\t\t\t\tvf->sec_caps[i].crypto_capabilities = vf->sec_dtls_1_2_crypto_caps;\n+\t\t\telse\n+\t\t\t\tvf->sec_caps[i].crypto_capabilities = vf->sec_tls_1_2_crypto_caps;\n \t\t}\n \t}\n }\n", "prefixes": [ "17/24" ] }