From patchwork Mon Sep 25 06:06:39 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chaoyong He X-Patchwork-Id: 131878 X-Patchwork-Delegate: ferruh.yigit@amd.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 5A8B342633; Mon, 25 Sep 2023 08:08:01 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 152FE409FA; Mon, 25 Sep 2023 08:07:39 +0200 (CEST) Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2105.outbound.protection.outlook.com [40.107.244.105]) by mails.dpdk.org (Postfix) with ESMTP id 0F2AE40A73 for ; Mon, 25 Sep 2023 08:07:37 +0200 (CEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=J/YGDjmbaHRoHW6ft6jG6wMNVxdLQQuUEE7RyuDzWtn0DeS4lpBFSbWmdT8hbY1NQPQWMaOG4i7+b+vcu6HBu4X2fyYTNM22TmeyljaULvLJRhOC3H3UPz4LZeUWfuCWHAq4v+CZbn8QIA9vLpR9o+mwNuihtrqBhvTLaqKZpZvYcg2kI0MGYznNJ7GNCQC/cQplQiV63F5fTgn4fyguk3H88NWuzqAZlsCWlz729PHzSZQMZsqjtm53Y1jjWnzFQpSUoceQg7Z4nIel1QXRyVteeiQwYZCShjOIIcdOWbUrrrwdNUXH8msCL730PVU1qOI8eJRAktfVZsvN8AWvlA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4tz4U4S6gmdC757ciSCiwmY6o/+MCbGN3GJ4TfqNVng=; b=noOhY0Exg1g84+3R/OpUR2LijGqgafWjGdiMyFKAHL/FezBRvCLEyQPJ2sxNPCDOQJWGa7Eqo7QXhB0hMaHJDv5XAswW4A2qLp+abp6gbQJZbdWx1+zYKa2L/kRCdAxgn9iIRp1Ln8gFeFEmhT1bddSppec01WIRa684Aiei2qQwSVEqmQGnIW8j5AzIhoejDSfBWd6g/TgG87W/RoO190u5yMjr8aPUP3HbcJnoJI8hi6iSsytNkmU3+kq//N1PfDjFcN//6f7trs2E1GkyFveuCGOdyocYaaPxf06tg7zCkv6MMYQDL3ZvrTSgeAO9T/fEI7uwlaIJpoOrm8EeEg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=corigine.com; dmarc=pass action=none header.from=corigine.com; dkim=pass header.d=corigine.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=corigine.onmicrosoft.com; s=selector2-corigine-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4tz4U4S6gmdC757ciSCiwmY6o/+MCbGN3GJ4TfqNVng=; b=S0L0Z8CJRbnQ+Q66aBFQN/wHCvgWtyHJ7iWJzl6JwT//3lOdQXsr+QBBTxUK2X58AKV2lTACcQqLmyzGytSNC8t2CiwqYmBPTNSaUAF4QzASK3ERN3O+xCer8Q/B+nzN9VlYB5CeFuCp4nxKkWlAUrVH5BxeD9/ru/mWPL6z3us= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=corigine.com; Received: from PH0PR13MB5568.namprd13.prod.outlook.com (2603:10b6:510:12b::16) by DM8PR13MB5080.namprd13.prod.outlook.com (2603:10b6:8:23::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6813.28; Mon, 25 Sep 2023 06:07:35 +0000 Received: from PH0PR13MB5568.namprd13.prod.outlook.com ([fe80::b070:92e1:931e:fee7]) by PH0PR13MB5568.namprd13.prod.outlook.com ([fe80::b070:92e1:931e:fee7%4]) with mapi id 15.20.6792.026; Mon, 25 Sep 2023 06:07:35 +0000 From: Chaoyong He To: dev@dpdk.org Cc: oss-drivers@corigine.com, Shihong Wang , Chaoyong He Subject: [PATCH 05/10] net/nfp: get security capabilities and session size Date: Mon, 25 Sep 2023 14:06:39 +0800 Message-Id: <20230925060644.1458598-6-chaoyong.he@corigine.com> X-Mailer: git-send-email 2.39.1 In-Reply-To: <20230925060644.1458598-1-chaoyong.he@corigine.com> References: <20230925060644.1458598-1-chaoyong.he@corigine.com> X-ClientProxiedBy: BY5PR04CA0001.namprd04.prod.outlook.com (2603:10b6:a03:1d0::11) To PH0PR13MB5568.namprd13.prod.outlook.com (2603:10b6:510:12b::16) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: PH0PR13MB5568:EE_|DM8PR13MB5080:EE_ X-MS-Office365-Filtering-Correlation-Id: 9b5ad10c-db7d-4743-362f-08dbbd8db593 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: y2lC1BVlGpI7NM2LRuCPripC6+0g1tnHicFVSv+rRTilsoRn6yar0uxeRAuOrF4O60WFtHJZms/n9Zdo5PCP2kmqhfVe4cwexGxy6Zw+ZvVbgjv1wUqFdGvDXvNXi9V/rZRsJbp+N36B5yA6mXoP9Yqex2kEL8nqRvqeaWTDmUDd44fe3Oxm6ZiuPQhlFXnAF8rg06BFLqhLRL+4nRA/81oUv/ZueUCZst4J1VGlly7aIbOqOhqtt56mmq9eNlnVM2pZuZvMQtqgixYqPoveH1vuslSJG7FmqJS/mNSBxx1eB3/dDrWsuhgpi38uQaeFLZ2oU5304/y9XOTH5dwqxZdzh3X/mLTihO8fhvkOL1UnF4na5GCcLUVjn08gS/zlXa0ZZ8hdGQcLp8eJCjj3QC62EU9hCZC9AYky/p/XIYTjffjhucMZcQV9N265H3KbhFNBx/YKJzICb721NCcJE+Z0frE6+vyzgtHMhkf2uob5gA1PTmf16WIxjIGMnw5pFItoU7Ae6mte4TDUyQDfD2mXJwkrUwloX58Hi4aGBJRgifwNzWi88nhB27omsWesSLoKJ9jrLbIE6pG9RtrQrR9qX00TV7ES3X/B+9DoSW6G5qGH3LHsnKoeOnENepyXYmV21EaLupavDPCxz6Hzml+3BTKO5ChjqaFRO5wnFsQ= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR13MB5568.namprd13.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366004)(396003)(346002)(39830400003)(376002)(136003)(230922051799003)(186009)(1800799009)(451199024)(15650500001)(2906002)(5660300002)(66946007)(66476007)(44832011)(66556008)(54906003)(478600001)(6512007)(52116002)(2616005)(107886003)(1076003)(26005)(6486002)(6506007)(8936002)(8676002)(4326008)(316002)(6916009)(41300700001)(83380400001)(38350700002)(86362001)(36756003)(38100700002); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: 7LtMvfqbaq9iyPlthRydTIJzcsGXltzylcJNR1WDPXr84/UtzFa5U450tah8gPLcbFpRalGRQihfkDbwaD3PHxvf37Ll3SvjhYhEjZd/ZXBpnI7Z323qFsQp3uPktmUqBJvjcuCsvLvBJVeA169x9YfHjKUst7uxQag8lvKeRSSeAqut1k7GAS59lqlf/auLcaaE6Cdken/HIGr92b7DN2dHBVOsct66T9kAtXp22hHwhdLGdIb222dj49V9Hr7rmdPxasVVQEOuSwY/k/yQ98mtaHbJvjx9fpk7AAT0F0ltq/rmDOjABnvTCCt9M94YgJ/Nnl3pZ1d9EJKkNvPTrI30ET7DnWg2Ay9u01HcPtW/v96nGVx9KDsYQVEw6Q2QyL4x+WN45tO+Ux5DL7DMhiG4ax6aSkv/DEBQiBITPGi1lfGg4DQEnhhBHltWDXBdwEPVmhofwhgBrr8DYNdVpodjm6GfR0IP0ml/Bm4IKEEuE+U+suLlbNUwpEdkhyh0JU1o4XTsRH2/rOzHOSpDy1cBtTGoeG1xuzqcK5NUuVY9x1FRF1ZKnAxlUQ1A8k+p6ylDgySeKJRVKsakcvNAeKgfrl5zxvnwnqkS4VL6lmVYDnnJb52DPToPxaEs11z80rTakonSIeJQG1e4kJQI4fr0CLHhNcifldXfDjWIpFX8mEKNjnQ+4d3I+zZoFnZDxOnxSCWYnETHQUc83MmyF97X5whvFKUeIr5QYv7T/z348fnMjqqs0xf/cXWlOXT+vhojlnaO65oiBIyIOzpfmOBcQ1MxS+ofv680WxgRNzk8PV2T7HAM6GCHePoBY/SYmlZWyUNbNBecWPq6V92TwC4U5Ssl3JxGmSWnHCTekeB4N9eodNBGFak00/cWGdMabHI95mNgBvg6C6I6//WPz5/9KX3sc6synn1eOM6kz6W0uuGb+WswMpiJC29GpBBEQzQICbjAT+cQ/82b8X10AmH9XtJkT8Ar3DYYSHvOiVOrDaSdb/S98hkriHg42cPtimiqg5ABLPrypTBj917yssaQJ42rdVNWG/hH2jojLOUnv8bQGRKG2BMXTOfAIvxj6svmj0CK231FbGzNjlSrcmNJBs2u1kHM/TuI8ukglVqfNu8ZKqZrEGvVocKnXqX9b63BlsU5BmFD0bsTJs6mhFn+Kbr4187MOv4fAsptzwZKKi1Ap2RHuLA33Edm/Q15wtHhD4aMauwUJICj8qL/3wTN/Nl1sFQqY1J3k0WbdlXSU18Grr6jLrVHY5L8j/G70IBBLlu4/Z9Lkruq8Fk7MXBxU7otkFRpW7EOn6T7M4+KnReKN+jiymunpzPuuNZ/BBtOYlR+3jdIFk8NBFBQOuZ3tGMg8irwi3ZLCEob5dqLhLDQqwI3poHvYAr2fcJ59nBUASF1kKWSY4/jOnH8yIPeJQzom3kK2wenUGn6MH+Mju6/6dirW1fIdSKlltMDA49RnLPkg40vRdBvKS+w1f3eVMJ/ovzoYGv0BPdO//UO1iQIs9cwniaGJ5/sWLFhah0xZNXUg6AVP04WmrMEIBTp6lEUHSVLDQWN/Q1Ncj5VIvfqHkR/YGUL0Vj1sLhhcqe37+vd+vtH2UCEKjXnYw== X-OriginatorOrg: corigine.com X-MS-Exchange-CrossTenant-Network-Message-Id: 9b5ad10c-db7d-4743-362f-08dbbd8db593 X-MS-Exchange-CrossTenant-AuthSource: PH0PR13MB5568.namprd13.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Sep 2023 06:07:35.1211 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: fe128f2c-073b-4c20-818e-7246a585940c X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: ZTtiKIH7KmkHZunQiqHDkvLhn+pTzEaA+8AXkvslwWi4Lcs9TyoV6W/mhT2jNegyBb4I3D8dv4kNGEr8WRpC19XZ+bMShhVnkRvKVIAumD0= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM8PR13MB5080 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org From: Shihong Wang Add full protocol offload as well as inline crypto IPsec capabilities and return these for rte_security. Return size of security session for rte_security. Signed-off-by: Shihong Wang Reviewed-by: Chaoyong He --- drivers/net/nfp/nfp_ipsec.c | 357 +++++++++++++++++++++++++++++++++++- 1 file changed, 356 insertions(+), 1 deletion(-) diff --git a/drivers/net/nfp/nfp_ipsec.c b/drivers/net/nfp/nfp_ipsec.c index f16ce97703..51770def9d 100644 --- a/drivers/net/nfp/nfp_ipsec.c +++ b/drivers/net/nfp/nfp_ipsec.c @@ -5,6 +5,7 @@ #include "nfp_ipsec.h" +#include #include #include @@ -16,7 +17,361 @@ #include "nfp_logs.h" #include "nfp_rxtx.h" -static const struct rte_security_ops nfp_security_ops; +static const struct rte_cryptodev_capabilities nfp_crypto_caps[] = { + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .algo = RTE_CRYPTO_AUTH_MD5_HMAC, + .block_size = 64, + .key_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .digest_size = { + .min = 12, + .max = 16, + .increment = 4 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .algo = RTE_CRYPTO_AUTH_SHA1_HMAC, + .block_size = 64, + .key_size = { + .min = 20, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 10, + .max = 12, + .increment = 2 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, + .block_size = 64, + .key_size = { + .min = 32, + .max = 32, + .increment = 0 + }, + .digest_size = { + .min = 12, + .max = 16, + .increment = 4 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .algo = RTE_CRYPTO_AUTH_SHA384_HMAC, + .block_size = 128, + .key_size = { + .min = 48, + .max = 48, + .increment = 0 + }, + .digest_size = { + .min = 12, + .max = 24, + .increment = 12 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .algo = RTE_CRYPTO_AUTH_SHA512_HMAC, + .block_size = 128, + .key_size = { + .min = 64, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 12, + .max = 32, + .increment = 4 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .cipher = { + .algo = RTE_CRYPTO_CIPHER_3DES_CBC, + .block_size = 8, + .key_size = { + .min = 24, + .max = 24, + .increment = 0 + }, + .iv_size = { + .min = 8, + .max = 16, + .increment = 8 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .cipher = { + .algo = RTE_CRYPTO_CIPHER_AES_CBC, + .block_size = 16, + .key_size = { + .min = 16, + .max = 32, + .increment = 8 + }, + .iv_size = { + .min = 8, + .max = 16, + .increment = 8 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD, + .aead = { + .algo = RTE_CRYPTO_AEAD_AES_GCM, + .block_size = 16, + .key_size = { + .min = 16, + .max = 32, + .increment = 8 + }, + .digest_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .aad_size = { + .min = 0, + .max = 1024, + .increment = 1 + }, + .iv_size = { + .min = 8, + .max = 16, + .increment = 4 + } + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD, + .aead = { + .algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305, + .block_size = 16, + .key_size = { + .min = 32, + .max = 32, + .increment = 0 + }, + .digest_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .aad_size = { + .min = 0, + .max = 1024, + .increment = 1 + }, + .iv_size = { + .min = 8, + .max = 16, + .increment = 4 + } + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_UNDEFINED, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_NOT_SPECIFIED + }, + } +}; + +static const struct rte_security_capability nfp_security_caps[] = { + { /* IPsec Inline Crypto Tunnel Egress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps + }, + { /* IPsec Inline Crypto Tunnel Ingress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps, + .ol_flags = RTE_SECURITY_TX_OLOAD_NEED_MDATA + }, + { /* IPsec Inline Crypto Transport Egress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps + }, + { /* IPsec Inline Crypto Transport Ingress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT, + .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps, + .ol_flags = RTE_SECURITY_TX_OLOAD_NEED_MDATA + }, + { /* IPsec Inline Protocol Tunnel Egress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps + }, + { /* IPsec Inline Protocol Tunnel Ingress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps, + .ol_flags = RTE_SECURITY_TX_OLOAD_NEED_MDATA + }, + { /* IPsec Inline Protocol Transport Egress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps + }, + { /* IPsec Inline Protocol Transport Ingress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT, + .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps, + .ol_flags = RTE_SECURITY_TX_OLOAD_NEED_MDATA + }, + { + .action = RTE_SECURITY_ACTION_TYPE_NONE + } +}; + +static const struct rte_security_capability * +nfp_crypto_capabilities_get(void *device __rte_unused) +{ + return nfp_security_caps; +} + +static uint32_t +nfp_security_session_get_size(void *device __rte_unused) +{ + return sizeof(struct nfp_ipsec_session); +} + +static const struct rte_security_ops nfp_security_ops = { + .session_get_size = nfp_security_session_get_size, + .capabilities_get = nfp_crypto_capabilities_get, +}; static int nfp_ipsec_ctx_create(struct rte_eth_dev *dev,