Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/83974/?format=api
{ "id": 83974, "url": "http://patches.dpdk.org/api/patches/83974/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/patch/20201111064936.768604-35-jiawenwu@trustnetic.com/", "project": { "id": 1, "url": "http://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20201111064936.768604-35-jiawenwu@trustnetic.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20201111064936.768604-35-jiawenwu@trustnetic.com", "date": "2020-11-11T06:49:33", "name": "[v2,34/37] net/txgbe: add security session create operation", "commit_ref": null, "pull_url": null, "state": "changes-requested", "archived": true, "hash": "f629fb697354aff464987b0de3218751c892ccea", "submitter": { "id": 1932, "url": "http://patches.dpdk.org/api/people/1932/?format=api", "name": "Jiawen Wu", "email": "jiawenwu@trustnetic.com" }, "delegate": { "id": 319, "url": "http://patches.dpdk.org/api/users/319/?format=api", "username": "fyigit", "first_name": "Ferruh", "last_name": "Yigit", "email": "ferruh.yigit@amd.com" }, "mbox": "http://patches.dpdk.org/project/dpdk/patch/20201111064936.768604-35-jiawenwu@trustnetic.com/mbox/", "series": [ { "id": 13798, "url": "http://patches.dpdk.org/api/series/13798/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=13798", "date": "2020-11-11T06:49:00", "name": "net: add txgbe PMD part 2", "version": 2, "mbox": "http://patches.dpdk.org/series/13798/mbox/" } ], "comments": "http://patches.dpdk.org/api/patches/83974/comments/", "check": "warning", "checks": "http://patches.dpdk.org/api/patches/83974/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from dpdk.org (dpdk.org [92.243.14.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 25846A09D2;\n\tWed, 11 Nov 2020 07:58:55 +0100 (CET)", "from [92.243.14.124] (localhost [127.0.0.1])\n\tby dpdk.org (Postfix) with ESMTP id A45A3C84E;\n\tWed, 11 Nov 2020 07:48:26 +0100 (CET)", "from smtpproxy21.qq.com (smtpbg702.qq.com [203.205.195.102])\n by dpdk.org (Postfix) with ESMTP id 57D1FBBB4\n for <dev@dpdk.org>; Wed, 11 Nov 2020 07:48:09 +0100 (CET)", "from localhost.localdomain.com (unknown [183.129.236.74])\n by esmtp10.qq.com (ESMTP) with\n id ; Wed, 11 Nov 2020 14:48:04 +0800 (CST)" ], "X-QQ-mid": "bizesmtp27t1605077284tr2loue5", "X-QQ-SSF": "01400000000000C0C000B00A0000000", "X-QQ-FEAT": "uPKj8ga2w7FR6Fcjel41KNJFceQah7GnSisob2mVbp6M2iDFvI/1Xi6Stnn5u\n WV+EED0f8vePzUrsNY6X1/DrcaBUJv8N2ERwsRVipBi0txXc5O4fniJRHfy7iJDBYZ6yc/8\n go9YY/dg7dwnoxW1WJHXwDIDRq2QspWbLFdNJg+ftfuTy4SDMXrqHxlxwhQViFJcG4CuHpY\n iXmpcbVnKYBJLT/sbD/bm60VqvNly6SaydeIUOxFGZ7/nvLEF7UYdnlHMkEdWs5sCVz7gqm\n FZ0NRjZduUefuHFjV6D6EFZ5cKFfPn263+x+Y9hy0F/yVht8B+CVht0jn2NJkg/XKfWUoIv\n AntMt7LAnRc3VwETpMUwDBVLBH8bQ==", "X-QQ-GoodBg": "2", "From": "Jiawen Wu <jiawenwu@trustnetic.com>", "To": "dev@dpdk.org", "Cc": "Jiawen Wu <jiawenwu@trustnetic.com>", "Date": "Wed, 11 Nov 2020 14:49:33 +0800", "Message-Id": "<20201111064936.768604-35-jiawenwu@trustnetic.com>", "X-Mailer": "git-send-email 2.18.4", "In-Reply-To": "<20201111064936.768604-1-jiawenwu@trustnetic.com>", "References": "<20201111064936.768604-1-jiawenwu@trustnetic.com>", "X-QQ-SENDSIZE": "520", "Feedback-ID": "bizesmtp:trustnetic.com:qybgforeign:qybgforeign6", "X-QQ-Bgrelay": "1", "Subject": "[dpdk-dev] [PATCH v2 34/37] net/txgbe: add security session create\n\toperation", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.15", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "Add support to configure a security session.\n\nSigned-off-by: Jiawen Wu <jiawenwu@trustnetic.com>\n---\n drivers/net/txgbe/txgbe_ethdev.h | 6 +\n drivers/net/txgbe/txgbe_ipsec.c | 250 +++++++++++++++++++++++++++++++\n drivers/net/txgbe/txgbe_ipsec.h | 66 ++++++++\n 3 files changed, 322 insertions(+)", "diff": "diff --git a/drivers/net/txgbe/txgbe_ethdev.h b/drivers/net/txgbe/txgbe_ethdev.h\nindex db4b73e3e..4bc2dd6bc 100644\n--- a/drivers/net/txgbe/txgbe_ethdev.h\n+++ b/drivers/net/txgbe/txgbe_ethdev.h\n@@ -367,6 +367,9 @@ struct txgbe_adapter {\n \tstruct txgbe_filter_info filter;\n \tstruct txgbe_l2_tn_info l2_tn;\n \tstruct txgbe_bw_conf bw_conf;\n+#ifdef RTE_LIB_SECURITY\n+\tstruct txgbe_ipsec ipsec;\n+#endif\n \tbool rx_bulk_alloc_allowed;\n \tstruct rte_timecounter systime_tc;\n \tstruct rte_timecounter rx_tstamp_tc;\n@@ -428,6 +431,9 @@ struct txgbe_adapter {\n #define TXGBE_DEV_TM_CONF(dev) \\\n \t(&((struct txgbe_adapter *)(dev)->data->dev_private)->tm_conf)\n \n+#define TXGBE_DEV_IPSEC(dev) \\\n+\t(&((struct txgbe_adapter *)(dev)->data->dev_private)->ipsec)\n+\n /*\n * RX/TX function prototypes\n */\ndiff --git a/drivers/net/txgbe/txgbe_ipsec.c b/drivers/net/txgbe/txgbe_ipsec.c\nindex b21bba237..7501e25af 100644\n--- a/drivers/net/txgbe/txgbe_ipsec.c\n+++ b/drivers/net/txgbe/txgbe_ipsec.c\n@@ -13,6 +13,255 @@\n #include \"txgbe_ethdev.h\"\n #include \"txgbe_ipsec.h\"\n \n+#define CMP_IP(a, b) (\\\n+\t(a).ipv6[0] == (b).ipv6[0] && \\\n+\t(a).ipv6[1] == (b).ipv6[1] && \\\n+\t(a).ipv6[2] == (b).ipv6[2] && \\\n+\t(a).ipv6[3] == (b).ipv6[3])\n+\n+static int\n+txgbe_crypto_add_sa(struct txgbe_crypto_session *ic_session)\n+{\n+\tstruct rte_eth_dev *dev = ic_session->dev;\n+\tstruct txgbe_hw *hw = TXGBE_DEV_HW(dev);\n+\tstruct txgbe_ipsec *priv = TXGBE_DEV_IPSEC(dev);\n+\tuint32_t reg_val;\n+\tint sa_index = -1;\n+\n+\tif (ic_session->op == TXGBE_OP_AUTHENTICATED_DECRYPTION) {\n+\t\tint i, ip_index = -1;\n+\t\tuint8_t *key;\n+\n+\t\t/* Find a match in the IP table*/\n+\t\tfor (i = 0; i < IPSEC_MAX_RX_IP_COUNT; i++) {\n+\t\t\tif (CMP_IP(priv->rx_ip_tbl[i].ip,\n+\t\t\t\t ic_session->dst_ip)) {\n+\t\t\t\tip_index = i;\n+\t\t\t\tbreak;\n+\t\t\t}\n+\t\t}\n+\t\t/* If no match, find a free entry in the IP table*/\n+\t\tif (ip_index < 0) {\n+\t\t\tfor (i = 0; i < IPSEC_MAX_RX_IP_COUNT; i++) {\n+\t\t\t\tif (priv->rx_ip_tbl[i].ref_count == 0) {\n+\t\t\t\t\tip_index = i;\n+\t\t\t\t\tbreak;\n+\t\t\t\t}\n+\t\t\t}\n+\t\t}\n+\n+\t\t/* Fail if no match and no free entries*/\n+\t\tif (ip_index < 0) {\n+\t\t\tPMD_DRV_LOG(ERR,\n+\t\t\t\t \"No free entry left in the Rx IP table\\n\");\n+\t\t\treturn -1;\n+\t\t}\n+\n+\t\t/* Find a free entry in the SA table*/\n+\t\tfor (i = 0; i < IPSEC_MAX_SA_COUNT; i++) {\n+\t\t\tif (priv->rx_sa_tbl[i].used == 0) {\n+\t\t\t\tsa_index = i;\n+\t\t\t\tbreak;\n+\t\t\t}\n+\t\t}\n+\t\t/* Fail if no free entries*/\n+\t\tif (sa_index < 0) {\n+\t\t\tPMD_DRV_LOG(ERR,\n+\t\t\t\t \"No free entry left in the Rx SA table\\n\");\n+\t\t\treturn -1;\n+\t\t}\n+\n+\t\tpriv->rx_ip_tbl[ip_index].ip.ipv6[0] =\n+\t\t\t\tic_session->dst_ip.ipv6[0];\n+\t\tpriv->rx_ip_tbl[ip_index].ip.ipv6[1] =\n+\t\t\t\tic_session->dst_ip.ipv6[1];\n+\t\tpriv->rx_ip_tbl[ip_index].ip.ipv6[2] =\n+\t\t\t\tic_session->dst_ip.ipv6[2];\n+\t\tpriv->rx_ip_tbl[ip_index].ip.ipv6[3] =\n+\t\t\t\tic_session->dst_ip.ipv6[3];\n+\t\tpriv->rx_ip_tbl[ip_index].ref_count++;\n+\n+\t\tpriv->rx_sa_tbl[sa_index].spi = ic_session->spi;\n+\t\tpriv->rx_sa_tbl[sa_index].ip_index = ip_index;\n+\t\tpriv->rx_sa_tbl[sa_index].mode = IPSRXMOD_VALID;\n+\t\tif (ic_session->op == TXGBE_OP_AUTHENTICATED_DECRYPTION)\n+\t\t\tpriv->rx_sa_tbl[sa_index].mode |=\n+\t\t\t\t\t(IPSRXMOD_PROTO | IPSRXMOD_DECRYPT);\n+\t\tif (ic_session->dst_ip.type == IPv6) {\n+\t\t\tpriv->rx_sa_tbl[sa_index].mode |= IPSRXMOD_IPV6;\n+\t\t\tpriv->rx_ip_tbl[ip_index].ip.type = IPv6;\n+\t\t} else if (ic_session->dst_ip.type == IPv4) {\n+\t\t\tpriv->rx_ip_tbl[ip_index].ip.type = IPv4;\n+\t\t}\n+\t\tpriv->rx_sa_tbl[sa_index].used = 1;\n+\n+\t\t/* write IP table entry*/\n+\t\treg_val = TXGBE_IPSRXIDX_ENA | TXGBE_IPSRXIDX_WRITE |\n+\t\t\t\tTXGBE_IPSRXIDX_TB_IP | (ip_index << 3);\n+\t\tif (priv->rx_ip_tbl[ip_index].ip.type == IPv4) {\n+\t\t\twr32(hw, TXGBE_IPSRXADDR(0), 0);\n+\t\t\twr32(hw, TXGBE_IPSRXADDR(1), 0);\n+\t\t\twr32(hw, TXGBE_IPSRXADDR(2), 0);\n+\t\t\twr32(hw, TXGBE_IPSRXADDR(3),\n+\t\t\t\t\tpriv->rx_ip_tbl[ip_index].ip.ipv4);\n+\t\t} else {\n+\t\t\twr32(hw, TXGBE_IPSRXADDR(0),\n+\t\t\t\t\tpriv->rx_ip_tbl[ip_index].ip.ipv6[0]);\n+\t\t\twr32(hw, TXGBE_IPSRXADDR(1),\n+\t\t\t\t\tpriv->rx_ip_tbl[ip_index].ip.ipv6[1]);\n+\t\t\twr32(hw, TXGBE_IPSRXADDR(2),\n+\t\t\t\t\tpriv->rx_ip_tbl[ip_index].ip.ipv6[2]);\n+\t\t\twr32(hw, TXGBE_IPSRXADDR(3),\n+\t\t\t\t\tpriv->rx_ip_tbl[ip_index].ip.ipv6[3]);\n+\t\t}\n+\t\twr32w(hw, TXGBE_IPSRXIDX, reg_val, TXGBE_IPSRXIDX_WRITE, 1000);\n+\n+\t\t/* write SPI table entry*/\n+\t\treg_val = TXGBE_IPSRXIDX_ENA | TXGBE_IPSRXIDX_WRITE |\n+\t\t\t\tTXGBE_IPSRXIDX_TB_SPI | (sa_index << 3);\n+\t\twr32(hw, TXGBE_IPSRXSPI,\n+\t\t\t\tpriv->rx_sa_tbl[sa_index].spi);\n+\t\twr32(hw, TXGBE_IPSRXADDRIDX,\n+\t\t\t\tpriv->rx_sa_tbl[sa_index].ip_index);\n+\t\twr32w(hw, TXGBE_IPSRXIDX, reg_val, TXGBE_IPSRXIDX_WRITE, 1000);\n+\n+\t\t/* write Key table entry*/\n+\t\tkey = malloc(ic_session->key_len);\n+\t\tif (!key)\n+\t\t\treturn -ENOMEM;\n+\n+\t\tmemcpy(key, ic_session->key, ic_session->key_len);\n+\n+\t\treg_val = TXGBE_IPSRXIDX_ENA | TXGBE_IPSRXIDX_WRITE |\n+\t\t\t\tTXGBE_IPSRXIDX_TB_KEY | (sa_index << 3);\n+\t\twr32(hw, TXGBE_IPSRXKEY(0),\n+\t\t\trte_cpu_to_be_32(*(uint32_t *)&key[12]));\n+\t\twr32(hw, TXGBE_IPSRXKEY(1),\n+\t\t\trte_cpu_to_be_32(*(uint32_t *)&key[8]));\n+\t\twr32(hw, TXGBE_IPSRXKEY(2),\n+\t\t\trte_cpu_to_be_32(*(uint32_t *)&key[4]));\n+\t\twr32(hw, TXGBE_IPSRXKEY(3),\n+\t\t\trte_cpu_to_be_32(*(uint32_t *)&key[0]));\n+\t\twr32(hw, TXGBE_IPSRXSALT,\n+\t\t\t\trte_cpu_to_be_32(ic_session->salt));\n+\t\twr32(hw, TXGBE_IPSRXMODE,\n+\t\t\t\tpriv->rx_sa_tbl[sa_index].mode);\n+\t\twr32w(hw, TXGBE_IPSRXIDX, reg_val, TXGBE_IPSRXIDX_WRITE, 1000);\n+\n+\t\tfree(key);\n+\t} else { /* sess->dir == RTE_CRYPTO_OUTBOUND */\n+\t\tuint8_t *key;\n+\t\tint i;\n+\n+\t\t/* Find a free entry in the SA table*/\n+\t\tfor (i = 0; i < IPSEC_MAX_SA_COUNT; i++) {\n+\t\t\tif (priv->tx_sa_tbl[i].used == 0) {\n+\t\t\t\tsa_index = i;\n+\t\t\t\tbreak;\n+\t\t\t}\n+\t\t}\n+\t\t/* Fail if no free entries*/\n+\t\tif (sa_index < 0) {\n+\t\t\tPMD_DRV_LOG(ERR,\n+\t\t\t\t \"No free entry left in the Tx SA table\\n\");\n+\t\t\treturn -1;\n+\t\t}\n+\n+\t\tpriv->tx_sa_tbl[sa_index].spi =\n+\t\t\trte_cpu_to_be_32(ic_session->spi);\n+\t\tpriv->tx_sa_tbl[i].used = 1;\n+\t\tic_session->sa_index = sa_index;\n+\n+\t\tkey = malloc(ic_session->key_len);\n+\t\tif (!key)\n+\t\t\treturn -ENOMEM;\n+\n+\t\tmemcpy(key, ic_session->key, ic_session->key_len);\n+\n+\t\t/* write Key table entry*/\n+\t\treg_val = TXGBE_IPSRXIDX_ENA |\n+\t\t\tTXGBE_IPSRXIDX_WRITE | (sa_index << 3);\n+\t\twr32(hw, TXGBE_IPSTXKEY(0),\n+\t\t\trte_cpu_to_be_32(*(uint32_t *)&key[12]));\n+\t\twr32(hw, TXGBE_IPSTXKEY(1),\n+\t\t\trte_cpu_to_be_32(*(uint32_t *)&key[8]));\n+\t\twr32(hw, TXGBE_IPSTXKEY(2),\n+\t\t\trte_cpu_to_be_32(*(uint32_t *)&key[4]));\n+\t\twr32(hw, TXGBE_IPSTXKEY(3),\n+\t\t\trte_cpu_to_be_32(*(uint32_t *)&key[0]));\n+\t\twr32(hw, TXGBE_IPSTXSALT,\n+\t\t\t\trte_cpu_to_be_32(ic_session->salt));\n+\t\twr32w(hw, TXGBE_IPSTXIDX, reg_val, TXGBE_IPSTXIDX_WRITE, 1000);\n+\n+\t\tfree(key);\n+\t}\n+\n+\treturn 0;\n+}\n+\n+static int\n+txgbe_crypto_create_session(void *device,\n+\t\tstruct rte_security_session_conf *conf,\n+\t\tstruct rte_security_session *session,\n+\t\tstruct rte_mempool *mempool)\n+{\n+\tstruct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;\n+\tstruct txgbe_crypto_session *ic_session = NULL;\n+\tstruct rte_crypto_aead_xform *aead_xform;\n+\tstruct rte_eth_conf *dev_conf = ð_dev->data->dev_conf;\n+\n+\tif (rte_mempool_get(mempool, (void **)&ic_session)) {\n+\t\tPMD_DRV_LOG(ERR, \"Cannot get object from ic_session mempool\");\n+\t\treturn -ENOMEM;\n+\t}\n+\n+\tif (conf->crypto_xform->type != RTE_CRYPTO_SYM_XFORM_AEAD ||\n+\t\t\tconf->crypto_xform->aead.algo !=\n+\t\t\t\t\tRTE_CRYPTO_AEAD_AES_GCM) {\n+\t\tPMD_DRV_LOG(ERR, \"Unsupported crypto transformation mode\\n\");\n+\t\trte_mempool_put(mempool, (void *)ic_session);\n+\t\treturn -ENOTSUP;\n+\t}\n+\taead_xform = &conf->crypto_xform->aead;\n+\n+\tif (conf->ipsec.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {\n+\t\tif (dev_conf->rxmode.offloads & DEV_RX_OFFLOAD_SECURITY) {\n+\t\t\tic_session->op = TXGBE_OP_AUTHENTICATED_DECRYPTION;\n+\t\t} else {\n+\t\t\tPMD_DRV_LOG(ERR, \"IPsec decryption not enabled\\n\");\n+\t\t\trte_mempool_put(mempool, (void *)ic_session);\n+\t\t\treturn -ENOTSUP;\n+\t\t}\n+\t} else {\n+\t\tif (dev_conf->txmode.offloads & DEV_TX_OFFLOAD_SECURITY) {\n+\t\t\tic_session->op = TXGBE_OP_AUTHENTICATED_ENCRYPTION;\n+\t\t} else {\n+\t\t\tPMD_DRV_LOG(ERR, \"IPsec encryption not enabled\\n\");\n+\t\t\trte_mempool_put(mempool, (void *)ic_session);\n+\t\t\treturn -ENOTSUP;\n+\t\t}\n+\t}\n+\n+\tic_session->key = aead_xform->key.data;\n+\tic_session->key_len = aead_xform->key.length;\n+\tmemcpy(&ic_session->salt,\n+\t &aead_xform->key.data[aead_xform->key.length], 4);\n+\tic_session->spi = conf->ipsec.spi;\n+\tic_session->dev = eth_dev;\n+\n+\tset_sec_session_private_data(session, ic_session);\n+\n+\tif (ic_session->op == TXGBE_OP_AUTHENTICATED_ENCRYPTION) {\n+\t\tif (txgbe_crypto_add_sa(ic_session)) {\n+\t\t\tPMD_DRV_LOG(ERR, \"Failed to add SA\\n\");\n+\t\t\trte_mempool_put(mempool, (void *)ic_session);\n+\t\t\treturn -EPERM;\n+\t\t}\n+\t}\n+\n+\treturn 0;\n+}\n+\n static const struct rte_security_capability *\n txgbe_crypto_capabilities_get(void *device __rte_unused)\n {\n@@ -140,6 +389,7 @@ txgbe_crypto_capabilities_get(void *device __rte_unused)\n }\n \n static struct rte_security_ops txgbe_security_ops = {\n+\t.session_create = txgbe_crypto_create_session,\n \t.capabilities_get = txgbe_crypto_capabilities_get\n };\n \ndiff --git a/drivers/net/txgbe/txgbe_ipsec.h b/drivers/net/txgbe/txgbe_ipsec.h\nindex f58ebab3d..c94775636 100644\n--- a/drivers/net/txgbe/txgbe_ipsec.h\n+++ b/drivers/net/txgbe/txgbe_ipsec.h\n@@ -5,9 +5,75 @@\n #ifndef TXGBE_IPSEC_H_\n #define TXGBE_IPSEC_H_\n \n+#include <rte_ethdev.h>\n #include <rte_ethdev_core.h>\n #include <rte_security.h>\n \n+#define IPSRXMOD_VALID 0x00000001\n+#define IPSRXMOD_PROTO 0x00000004\n+#define IPSRXMOD_DECRYPT 0x00000008\n+#define IPSRXMOD_IPV6 0x00000010\n+\n+#define IPSEC_MAX_RX_IP_COUNT 128\n+#define IPSEC_MAX_SA_COUNT 1024\n+\n+enum txgbe_operation {\n+\tTXGBE_OP_AUTHENTICATED_ENCRYPTION,\n+\tTXGBE_OP_AUTHENTICATED_DECRYPTION\n+};\n+\n+/**\n+ * Generic IP address structure\n+ * TODO: Find better location for this rte_net.h possibly.\n+ **/\n+struct ipaddr {\n+\tenum ipaddr_type {\n+\t\tIPv4,\n+\t\tIPv6\n+\t} type;\n+\t/**< IP Address Type - IPv4/IPv6 */\n+\n+\tunion {\n+\t\tuint32_t ipv4;\n+\t\tuint32_t ipv6[4];\n+\t};\n+};\n+\n+/** inline crypto crypto private session structure */\n+struct txgbe_crypto_session {\n+\tenum txgbe_operation op;\n+\tconst uint8_t *key;\n+\tuint32_t key_len;\n+\tuint32_t salt;\n+\tuint32_t sa_index;\n+\tuint32_t spi;\n+\tstruct ipaddr src_ip;\n+\tstruct ipaddr dst_ip;\n+\tstruct rte_eth_dev *dev;\n+} __rte_cache_aligned;\n+\n+struct txgbe_crypto_rx_ip_table {\n+\tstruct ipaddr ip;\n+\tuint16_t ref_count;\n+};\n+struct txgbe_crypto_rx_sa_table {\n+\tuint32_t spi;\n+\tuint32_t ip_index;\n+\tuint8_t mode;\n+\tuint8_t used;\n+};\n+\n+struct txgbe_crypto_tx_sa_table {\n+\tuint32_t spi;\n+\tuint8_t used;\n+};\n+\n+struct txgbe_ipsec {\n+\tstruct txgbe_crypto_rx_ip_table rx_ip_tbl[IPSEC_MAX_RX_IP_COUNT];\n+\tstruct txgbe_crypto_rx_sa_table rx_sa_tbl[IPSEC_MAX_SA_COUNT];\n+\tstruct txgbe_crypto_tx_sa_table tx_sa_tbl[IPSEC_MAX_SA_COUNT];\n+};\n+\n int txgbe_ipsec_ctx_create(struct rte_eth_dev *dev);\n \n #endif /*TXGBE_IPSEC_H_*/\n", "prefixes": [ "v2", "34/37" ] }