[1/4] crypto/cnxk: add security ctx skeleton
Checks
Commit Message
From: Srujana Challa <schalla@marvell.com>
Add security ctx in cn10k crypto PMD.
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Srujana Challa <schalla@marvell.com>
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
drivers/crypto/cnxk/cn10k_cryptodev.c | 10 +++++++
drivers/crypto/cnxk/cnxk_cryptodev_sec.c | 47 ++++++++++++++++++++++++++++++++
drivers/crypto/cnxk/cnxk_cryptodev_sec.h | 14 ++++++++++
drivers/crypto/cnxk/meson.build | 3 +-
4 files changed, 73 insertions(+), 1 deletion(-)
create mode 100644 drivers/crypto/cnxk/cnxk_cryptodev_sec.c
create mode 100644 drivers/crypto/cnxk/cnxk_cryptodev_sec.h
Comments
> From: Srujana Challa <schalla@marvell.com>
>
> Add security ctx in cn10k crypto PMD.
>
> Signed-off-by: Anoob Joseph <anoobj@marvell.com>
> Signed-off-by: Srujana Challa <schalla@marvell.com>
> Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
> ---
> drivers/crypto/cnxk/cn10k_cryptodev.c | 10 +++++++
> drivers/crypto/cnxk/cnxk_cryptodev_sec.c | 47
> ++++++++++++++++++++++++++++++++
> drivers/crypto/cnxk/cnxk_cryptodev_sec.h | 14 ++++++++++
> drivers/crypto/cnxk/meson.build | 3 +-
> 4 files changed, 73 insertions(+), 1 deletion(-)
> create mode 100644 drivers/crypto/cnxk/cnxk_cryptodev_sec.c
> create mode 100644 drivers/crypto/cnxk/cnxk_cryptodev_sec.h
>
> diff --git a/drivers/crypto/cnxk/cn10k_cryptodev.c
> b/drivers/crypto/cnxk/cn10k_cryptodev.c
> index ca3adea..b58d390 100644
> --- a/drivers/crypto/cnxk/cn10k_cryptodev.c
> +++ b/drivers/crypto/cnxk/cn10k_cryptodev.c
> @@ -14,6 +14,7 @@
> #include "cn10k_cryptodev_ops.h"
> #include "cnxk_cryptodev.h"
> #include "cnxk_cryptodev_capabilities.h"
> +#include "cnxk_cryptodev_sec.h"
>
> #include "roc_api.h"
>
> @@ -75,6 +76,11 @@ cn10k_cpt_pci_probe(struct rte_pci_driver *pci_drv
> __rte_unused,
> plt_err("Failed to add engine group rc=%d", rc);
> goto dev_fini;
> }
> +
> + /* Create security context */
> + rc = cnxk_crypto_sec_ctx_create(dev);
> + if (rc)
> + goto dev_fini;
> }
>
> cnxk_cpt_caps_populate(vf);
> @@ -87,6 +93,7 @@ cn10k_cpt_pci_probe(struct rte_pci_driver *pci_drv
> __rte_unused,
> RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
> RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |
> RTE_CRYPTODEV_FF_SYM_SESSIONLESS |
> + RTE_CRYPTODEV_FF_SECURITY |
> RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED;
Corresponding change in .ini file missing. Moreover, you should add it in
Last patch of this series when your feature is complete.
Both feature flag and documentation in .ini should be in same patch.
@@ -14,6 +14,7 @@
#include "cn10k_cryptodev_ops.h"
#include "cnxk_cryptodev.h"
#include "cnxk_cryptodev_capabilities.h"
+#include "cnxk_cryptodev_sec.h"
#include "roc_api.h"
@@ -75,6 +76,11 @@ cn10k_cpt_pci_probe(struct rte_pci_driver *pci_drv __rte_unused,
plt_err("Failed to add engine group rc=%d", rc);
goto dev_fini;
}
+
+ /* Create security context */
+ rc = cnxk_crypto_sec_ctx_create(dev);
+ if (rc)
+ goto dev_fini;
}
cnxk_cpt_caps_populate(vf);
@@ -87,6 +93,7 @@ cn10k_cpt_pci_probe(struct rte_pci_driver *pci_drv __rte_unused,
RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |
RTE_CRYPTODEV_FF_SYM_SESSIONLESS |
+ RTE_CRYPTODEV_FF_SECURITY |
RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED;
cn10k_cpt_set_enqdeq_fns(dev);
@@ -121,6 +128,9 @@ cn10k_cpt_pci_remove(struct rte_pci_device *pci_dev)
if (dev == NULL)
return -ENODEV;
+ /* Destroy security context */
+ cnxk_crypto_sec_ctx_destroy(dev);
+
if (rte_eal_process_type() == RTE_PROC_PRIMARY) {
vf = dev->data->dev_private;
ret = roc_cpt_dev_fini(&vf->cpt);
new file mode 100644
@@ -0,0 +1,47 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(C) 2021 Marvell.
+ */
+
+#include <rte_cryptodev.h>
+#include <rte_malloc.h>
+#include <rte_security.h>
+#include <rte_security_driver.h>
+
+#include "cnxk_cryptodev_sec.h"
+
+/* Common security ops */
+struct rte_security_ops cnxk_sec_ops = {
+ .session_create = NULL,
+ .session_destroy = NULL,
+ .session_get_size = NULL,
+ .set_pkt_metadata = NULL,
+ .get_userdata = NULL,
+ .capabilities_get = NULL,
+};
+
+int
+cnxk_crypto_sec_ctx_create(struct rte_cryptodev *cdev)
+{
+ struct rte_security_ctx *ctx;
+
+ ctx = rte_malloc("cnxk_cpt_dev_sec_ctx",
+ sizeof(struct rte_security_ctx), 0);
+
+ if (ctx == NULL)
+ return -ENOMEM;
+
+ /* Populate ctx */
+ ctx->device = cdev;
+ ctx->ops = &cnxk_sec_ops;
+ ctx->sess_cnt = 0;
+
+ cdev->security_ctx = ctx;
+
+ return 0;
+}
+
+void
+cnxk_crypto_sec_ctx_destroy(struct rte_cryptodev *cdev)
+{
+ rte_free(cdev->security_ctx);
+}
new file mode 100644
@@ -0,0 +1,14 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(C) 2021 Marvell.
+ */
+
+#ifndef __CNXK_CRYPTODEV_SEC_H__
+#define __CNXK_CRYPTODEV_SEC_H__
+
+#include <rte_cryptodev.h>
+
+int cnxk_crypto_sec_ctx_create(struct rte_cryptodev *crypto_dev);
+
+void cnxk_crypto_sec_ctx_destroy(struct rte_cryptodev *crypto_dev);
+
+#endif /* __CNXK_CRYPTODEV_SEC_H__ */
@@ -17,6 +17,7 @@ sources = files(
'cnxk_cryptodev.c',
'cnxk_cryptodev_capabilities.c',
'cnxk_cryptodev_ops.c',
+ 'cnxk_cryptodev_sec.c',
)
-deps += ['bus_pci', 'common_cnxk']
+deps += ['bus_pci', 'common_cnxk', 'security']