Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/29536/?format=api
{ "id": 29536, "url": "https://patches.dpdk.org/api/patches/29536/?format=api", "web_url": "https://patches.dpdk.org/project/dpdk/patch/20171003131413.23846-2-akhil.goyal@nxp.com/", "project": { "id": 1, "url": "https://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20171003131413.23846-2-akhil.goyal@nxp.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20171003131413.23846-2-akhil.goyal@nxp.com", "date": "2017-10-03T13:14:02", "name": "[dpdk-dev,v2,01/12] lib/rte_security: add security library", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "a220be641e515cb3603ce1829f94471df10404d5", "submitter": { "id": 517, "url": "https://patches.dpdk.org/api/people/517/?format=api", "name": "Akhil Goyal", "email": "akhil.goyal@nxp.com" }, "delegate": null, "mbox": "https://patches.dpdk.org/project/dpdk/patch/20171003131413.23846-2-akhil.goyal@nxp.com/mbox/", "series": [], "comments": "https://patches.dpdk.org/api/patches/29536/comments/", "check": "warning", "checks": "https://patches.dpdk.org/api/patches/29536/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@dpdk.org", "Delivered-To": "patchwork@dpdk.org", "Received": [ "from [92.243.14.124] (localhost [127.0.0.1])\n\tby dpdk.org (Postfix) with ESMTP id E342A1B389;\n\tTue, 3 Oct 2017 15:16:58 +0200 (CEST)", "from NAM01-BN3-obe.outbound.protection.outlook.com\n\t(mail-bn3nam01on0060.outbound.protection.outlook.com [104.47.33.60])\n\tby dpdk.org (Postfix) with ESMTP id B5B2B1B37E\n\tfor <dev@dpdk.org>; Tue, 3 Oct 2017 15:16:56 +0200 (CEST)", "from CY4PR03CA0017.namprd03.prod.outlook.com (10.168.162.27) by\n\tCY4PR03MB2695.namprd03.prod.outlook.com (10.173.43.138) with\n\tMicrosoft SMTP Server (version=TLS1_2,\n\tcipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id\n\t15.20.77.7; Tue, 3 Oct 2017 13:16:54 +0000", "from BL2FFO11FD006.protection.gbl (2a01:111:f400:7c09::101) by\n\tCY4PR03CA0017.outlook.office365.com (2603:10b6:903:33::27) with\n\tMicrosoft SMTP Server (version=TLS1_2,\n\tcipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.56.11 via\n\tFrontend Transport; Tue, 3 Oct 2017 13:16:54 +0000", "from az84smr01.freescale.net (192.88.158.2) by\n\tBL2FFO11FD006.mail.protection.outlook.com (10.173.161.2) with\n\tMicrosoft SMTP Server (version=TLS1_0,\n\tcipher=TLS_RSA_WITH_AES_256_CBC_SHA) id 15.20.77.10\n\tvia Frontend Transport; Tue, 3 Oct 2017 13:16:54 +0000", "from netperf2.ap.freescale.net ([10.232.133.164])\n\tby az84smr01.freescale.net (8.14.3/8.14.0) with ESMTP id\n\tv93DGfTC030592; Tue, 3 Oct 2017 06:16:49 -0700" ], "Received-SPF": "Fail (protection.outlook.com: domain of nxp.com does not\n\tdesignate 192.88.158.2 as permitted sender)\n\treceiver=protection.outlook.com; \n\tclient-ip=192.88.158.2; helo=az84smr01.freescale.net;", "From": "Akhil Goyal <akhil.goyal@nxp.com>", "To": "<dev@dpdk.org>", "CC": "<declan.doherty@intel.com>, <pablo.de.lara.guarch@intel.com>,\n\t<hemant.agrawal@nxp.com>, <radu.nicolau@intel.com>,\n\t<borisp@mellanox.com>, \n\t<aviadye@mellanox.com>, <thomas@monjalon.net>, <sandeep.malik@nxp.com>,\n\t<jerin.jacob@caviumnetworks.com>, <john.mcnamara@intel.com>,\n\t<olivier.matz@6wind.com>", "Date": "Tue, 3 Oct 2017 18:44:02 +0530", "Message-ID": "<20171003131413.23846-2-akhil.goyal@nxp.com>", "X-Mailer": "git-send-email 2.9.3", "In-Reply-To": "<20171003131413.23846-1-akhil.goyal@nxp.com>", "References": "<20170914082651.26232-1-akhil.goyal@nxp.com>\n\t<20171003131413.23846-1-akhil.goyal@nxp.com>", "X-EOPAttributedMessage": "0", "X-Matching-Connectors": "131515102143959819;\n\t(91ab9b29-cfa4-454e-5278-08d120cd25b8); ()", "X-Forefront-Antispam-Report": "CIP:192.88.158.2; IPV:NLI; CTRY:US; EFV:NLI;\n\tSFV:NSPM;\n\tSFS:(10009020)(6009001)(336005)(39860400002)(39380400002)(376002)(346002)(2980300002)(1110001)(1109001)(339900001)(199003)(189002)(50986999)(50226002)(106466001)(76176999)(81156014)(8656003)(81166006)(104016004)(97736004)(105606002)(8676002)(2351001)(53946003)(316002)(15650500001)(16586007)(2906002)(5890100001)(356003)(68736007)(36756003)(189998001)(8936002)(33646002)(53936002)(305945005)(54906003)(6916009)(5003940100001)(2950100002)(47776003)(498600001)(48376002)(4326008)(6666003)(77096006)(5660300001)(50466002)(7416002)(1076002)(69596002)(86362001);\n\tDIR:OUT; SFP:1101; SCL:1; SRVR:CY4PR03MB2695;\n\tH:az84smr01.freescale.net; FPR:; \n\tSPF:Fail; PTR:InfoDomainNonexistent; A:1; MX:1; LANG:en; ", "X-Microsoft-Exchange-Diagnostics": [ "1; BL2FFO11FD006;\n\t1:4a6k+56Dz/BFPzjbcWeKocLeifCNiSgIwjM1KaVCeCWu5PQfEMfBESXtkXTiquptUB96LGXruaUZ1vMQgxKh3sVUS7RfsoWg/kEgW/mwyXItbzWYuLruYEUdPXYu7Kmj", "1; CY4PR03MB2695;\n\t3:4l7lU9Jnu9oQXvfoTWEohCh9C6U5AXKKuhnk/Eso+5I2kUINzZFdf7sy+fl8TgLA+PZwyAlSzjPlICoJIJk4RPlKdTM9zU1CofwcenSiT/MqAKkRRM/dZ2MKVZGN2Xb/fnipymL5Cm8FosW/Qpvbud09sHuuLuh7eH8kRH4na9/ts6bkRFoLzCwIBs7AyePO6wEudaIttrH+eatJBxwBG7vomqFNfA7BPTuV8MIODGzRgbar+w1trSaXMQfadsG3s4F5eLtpXDvrvZSrwm2DbxHwEP/eqxHY5F2V6mqE3M3z2yg/eug2dapo0VEn03qdxh7AHZmka175VfIxuvyTqg==;\n\t25:RGXSRsOe0rcxLO1qINXfHRusmRzCN+BiTX/g3fQd0UyTDS0crUYhhKaWLAFb7WZ8gjQOAXRjOBM3pjcIk4T42+N4PuYhWWVRVSk2Slq5cnSoprqBbVAnS2nU+D+hCw6vDDKI3yjbtOy0ltfggCKhzOuMo6teADE9VaRS8/J13hj7/N58ZdbZKUXU+sZBeujZexSPXTbp2vyWF2zfI7lLLdWBsx7RQdq5WTnNKMviBFf7P4ascU5ysc+DV98+zTL0Xy22wvMYpV+Ni6npIWXUWPLbT0HFKNppfKdYUNEKApsuD2xeTF+GW7JuqIHNUwxpGh1RH5PUOz3Arw6YNgYMEg==;\n\t31:0CKjH6zqvzL2glUUCRiLYKrlXvrJmkhPJeIMoeTctFc1eZ2FAwbtmIGsvJdz2NZG3BDXjs7IFcd/z2Bi0KvV5PmwYVx1/FGPcXbKCE/Diz4jS4Jml2IzOWcaIiWuAOUbELPMNxpFmHTMg82VFQ+/hfdkYCFOoLx6VNUFJJS2xOP5VlzxNIom3kdnWmfGQaNWU+j5JjnY22VdEEJUdPVjTDy60RJ96sELEZ48yDv8rbE=", "1; CY4PR03MB2695;\n\t4:azuT4xiE7N/vPmkBRKdY4jzeIkpEm2R6O6mn5zfqzVVg7SBH3NppOMkHY8Fs7DlLl/AHC8GCIXHOIxc6ThbZIyHwqcZNlF48TNT7niZyZs/WYP/E8pKCNSskSAPzt91kVTo0giERAWOIbo8oE6kiboraHZdbfjwjfPU2d+wXb7rejMXKd6pPO2aOJXqQUa/G2lg6Br1MgLd/MGxYy7uiaQ+QzdUf8C4Ey2Pd5W+tTKr0NNX6CdBeu3IaAKjdMaU25YVfmRPAXQQeGFlvgbvZ7xFc0sZVrnqLgzC2Y+RfeLRiCZUbUoAwy9wzT0LZ40PkT+mojOqjVlSt4V9JdOikq22t1HeKaucjXR9r7hEDdC4q+pTF2efo7iXnI6VxGti/", "=?us-ascii?Q?1; CY4PR03MB2695;\n\t23:BpyHEKii1c8B1d7ZAIg95az08n1RmLAANzWIS/VRK?=\n\t/VZKTaHkXIugNoC6BxweG7zZLT0IGT2fyyIzyt4uKjA22lQQ5/XiyfO8v59djqPtUB5QWT9j5aBRSNr50h6gj8rOM5Jhx1E48/R8S1yepga9VsgJ7TbX2anwLYbOzN/PeqkS8plUGHdVTd4asdxxDnre983AZvH8SqKOuwuhKrStG34gVxTGZRlxPaRluIkCprwrd+3qja1WEA2zmmBzm4CqQ2qd9li6X1IuAh7Q1NKFYTsK36EA1+3p3s7Tf6+UCo3tjYIYoz7iZ5YhJdQT7mP9h6wwVAPNThBAhmG5PLnjHQ05HKGgWBAH3xR5P0gQpOrCEOhZgQAi4ulIxFgPcdTSu86Ftf3xFxBmzIO8e59rwOmzxMMcxDKrkiS/qEWGFmy4j7pbPixy3CoLrfcRwr3XYs/8fANoQgHw8DEKFw0c6bFI6Avi9m5N3tvKPrskDFuUwK81091UuWu7aDwmvKQIs5zc9majGYjeTP8ngTW3FFOLW7Km/Fp4C5IF9yXuls5aPoZEigN6nYTgk6u6KzfW2thDoRcE2fM4hnFmCUVxF+NxCOnH3P1hSDK06wVRvZxqeZ5cUp8an2vOn/4YVPA7Wuo+4c6A5+30hHbzMrLmTIFl7Le79vIGCQDrnSEvb6RR0YUW1wrr1eqijhtFkCzpfJSWc6pzGmLdPH2M4ZT9CDqYioPgMd2vYvhOs1XfCglJm6TsLtzXq1aMiwcHa2MzMlxudl8qI3CTBppvjOgES6RgJlafbqZqvz1ZLwhveYFuJZyGm42MKmKaWw3vqLDhYHMNvkQi2h7y+yo83h63qijQ93qu5hXYvUm7GEnBflLpIY+ZxksnNwAIZAkEvATePuQKNKl2TPvy2Khsdm2q6wTCKTr/6VsbB/ioNSlj/s0l1lMom1ZQBGC0FVqIXdRKiqtsYC5pPZjDKJkHDroB2emJORTHFKTD3a12CSV8QmzFfLXD370nR67ou/7QWfYbSplzvxIVoPyv+o9WI/jEjsnleOzBjy9+CAYq3hnKd9pgtxSWCI5WznCc3j+mXZ+Tf4EQ+v4g4L1acaluFVvRHT2tIRIP5gVSjARI+1KwjxDAD5UmRYGYEKsnkrYaffquU7fWgX0jQW+TsVo8d2cPkkWHS8F3Iw13Yj5v3lbR3EDbH2Bvhgp5xAw9DNFZ69Fhvhy7UGeXGbJ5UqITOEPgPys1DumUe08pSFqd5CWszp9vTb24vxEZJIpJDKwdRtA", "1; CY4PR03MB2695;\n\t6:cOkNtWp6JDZnFbBkpGRgk1AWnXlkgPfR51m5MJOwOvWQxQXxjwK9bC1hBa6ak5McARTy8uEYfPw+/M3mz37dk0tlGVXdxWPxTLt+gprkU4gcjZTIjKdaFLdwCIIs7Rw2Rf8ZvHjUXTkDBHpFseC+HMPOjDlEuPe/y7KQswY/IdvVdbQBYAqf2JNPhVHThPDdDLUMO3XQPxajWmAGPgLQ90CFr7iQ/P4ynEm6gbzj5Tl8PX+zyGSfG/cbccWsDQIl368daUVHh/FNYzbrjfoyGBY1MDQYOUP8rqOV+Ak0etoKXC9xMqs0477CBw8cXWOdylrZDRErP8TdpCVEPVv5Cg==;\n\t5:QMRfCqUqK9q2d4YH1gXPQSjUD793jM29ipjgPaxvs3HCHT52hYWq4Ps/4wcsR2HnD3XeRT8hDrArqyWiXJAsymg0v+SimveUSk8T6Kip0SRHCa8X5CQgiJ93jLnWg643rFrzkEipRSnWisfL5DQXNg==;\n\t24:6yiizoRR3PQh7zy2sS35NAtwmqfCr0B9v9E1Q8FJEzeQdlxUBf1YVAA9jVsuP6afjsEtEf4OuZPqbgHkRATesODHOpDftxNtfibbyNxaS4g=;\n\t7:Bb0ypoam8IbkBK+j8KmlYhOsS3MQFuf6Hh98siu4k+HaS44LJOBSR0hILfrWHgukkHuA6rp4VUMa4eZM8roLSVpMnA38pJwjT7Acb2tsKn4bPK0m5aenLymLrtYK+iPACuVbpSdJF+UPyEXPX5cGCHu83PmvA22uYnq1laufyq5fMN0WxSIZyBxtZQ0uhIAotKTUeGMp1jnBpR46QKzkUjm57qyUljEAKOHCOAScdp0=" ], "MIME-Version": "1.0", "Content-Type": "text/plain", "X-MS-PublicTrafficType": "Email", "X-MS-Office365-Filtering-Correlation-Id": "c01d54c8-1868-4c81-66a2-08d50a610445", "X-Microsoft-Antispam": "UriScan:; BCL:0; PCL:0;\n\tRULEID:(22001)(2017052603199)(201703131430075)(201703131517081);\n\tSRVR:CY4PR03MB2695; ", "X-MS-TrafficTypeDiagnostic": "CY4PR03MB2695:", "X-Exchange-Antispam-Report-Test": "UriScan:(192374486261705)(185117386973197)(228905959029699); ", "X-Microsoft-Antispam-PRVS": "<CY4PR03MB2695786DA40276278B49FA30E6720@CY4PR03MB2695.namprd03.prod.outlook.com>", "X-Exchange-Antispam-Report-CFA-Test": "BCL:0; PCL:0;\n\tRULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6095135)(2401047)(8121501046)(5005006)(93006095)(93001095)(100000703101)(100105400095)(3002001)(10201501046)(6055026)(6096035)(20161123561025)(20161123565025)(20161123563025)(20161123556025)(201703131430075)(201703131433075)(201703131448075)(201703161259150)(201703151042153)(20161123559100)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095);\n\tSRVR:CY4PR03MB2695; BCL:0; PCL:0;\n\tRULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(400006)(100000804101)(100110200095)(100000805101)(100110500095);\n\tSRVR:CY4PR03MB2695; ", "X-Forefront-PRVS": "044968D9E1", "SpamDiagnosticOutput": "1:99", "SpamDiagnosticMetadata": "NSPM", "X-MS-Exchange-CrossTenant-OriginalArrivalTime": "03 Oct 2017 13:16:54.0371\n\t(UTC)", "X-MS-Exchange-CrossTenant-Id": "5afe0b00-7697-4969-b663-5eab37d5f47e", "X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp": "TenantId=5afe0b00-7697-4969-b663-5eab37d5f47e;\n\tIp=[192.88.158.2]; \n\tHelo=[az84smr01.freescale.net]", "X-MS-Exchange-CrossTenant-FromEntityHeader": "HybridOnPrem", "X-MS-Exchange-Transport-CrossTenantHeadersStamped": "CY4PR03MB2695", "Subject": "[dpdk-dev] [PATCH v2 01/12] lib/rte_security: add security library", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.15", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<http://dpdk.org/ml/options/dev>,\n\t<mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://dpdk.org/ml/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<http://dpdk.org/ml/listinfo/dev>,\n\t<mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "rte_security library provides APIs for security session\ncreate/free for protocol offload or offloaded crypto\noperation to ethernet device.\n\nSigned-off-by: Akhil Goyal <akhil.goyal@nxp.com>\nSigned-off-by: Boris Pismenny <borisp@mellanox.com>\nSigned-off-by: Radu Nicolau <radu.nicolau@intel.com>\nSigned-off-by: Declan Doherty <declan.doherty@intel.com>\n---\n lib/librte_security/Makefile | 53 +++\n lib/librte_security/rte_security.c | 275 +++++++++++++++\n lib/librte_security/rte_security.h | 495 +++++++++++++++++++++++++++\n lib/librte_security/rte_security_driver.h | 182 ++++++++++\n lib/librte_security/rte_security_version.map | 13 +\n 5 files changed, 1018 insertions(+)\n create mode 100644 lib/librte_security/Makefile\n create mode 100644 lib/librte_security/rte_security.c\n create mode 100644 lib/librte_security/rte_security.h\n create mode 100644 lib/librte_security/rte_security_driver.h\n create mode 100644 lib/librte_security/rte_security_version.map", "diff": "diff --git a/lib/librte_security/Makefile b/lib/librte_security/Makefile\nnew file mode 100644\nindex 0000000..af87bb2\n--- /dev/null\n+++ b/lib/librte_security/Makefile\n@@ -0,0 +1,53 @@\n+# BSD LICENSE\n+#\n+# Copyright(c) 2017 Intel Corporation. All rights reserved.\n+#\n+# Redistribution and use in source and binary forms, with or without\n+# modification, are permitted provided that the following conditions\n+# are met:\n+#\n+# * Redistributions of source code must retain the above copyright\n+# notice, this list of conditions and the following disclaimer.\n+# * Redistributions in binary form must reproduce the above copyright\n+# notice, this list of conditions and the following disclaimer in\n+# the documentation and/or other materials provided with the\n+# distribution.\n+# * Neither the name of Intel Corporation nor the names of its\n+# contributors may be used to endorse or promote products derived\n+# from this software without specific prior written permission.\n+#\n+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n+# \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n+\n+include $(RTE_SDK)/mk/rte.vars.mk\n+\n+# library name\n+LIB = librte_security.a\n+\n+# library version\n+LIBABIVER := 1\n+\n+# build flags\n+CFLAGS += -O3\n+CFLAGS += $(WERROR_FLAGS)\n+\n+# library source files\n+SRCS-y += rte_security.c\n+\n+# export include files\n+SYMLINK-y-include += rte_security.h\n+SYMLINK-y-include += rte_security_driver.h\n+\n+# versioning export map\n+EXPORT_MAP := rte_security_version.map\n+\n+include $(RTE_SDK)/mk/rte.lib.mk\ndiff --git a/lib/librte_security/rte_security.c b/lib/librte_security/rte_security.c\nnew file mode 100644\nindex 0000000..97d3857\n--- /dev/null\n+++ b/lib/librte_security/rte_security.c\n@@ -0,0 +1,275 @@\n+/*-\n+ * BSD LICENSE\n+ *\n+ * Copyright 2017 NXP.\n+ * Copyright(c) 2017 Intel Corporation. All rights reserved.\n+ *\n+ * Redistribution and use in source and binary forms, with or without\n+ * modification, are permitted provided that the following conditions\n+ * are met:\n+ *\n+ * * Redistributions of source code must retain the above copyright\n+ * notice, this list of conditions and the following disclaimer.\n+ * * Redistributions in binary form must reproduce the above copyright\n+ * notice, this list of conditions and the following disclaimer in\n+ * the documentation and/or other materials provided with the\n+ * distribution.\n+ * * Neither the name of NXP nor the names of its\n+ * contributors may be used to endorse or promote products derived\n+ * from this software without specific prior written permission.\n+ *\n+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n+ * \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n+ */\n+\n+#include <rte_malloc.h>\n+#include <rte_dev.h>\n+\n+#include \"rte_security.h\"\n+#include \"rte_security_driver.h\"\n+\n+#define RTE_SECURITY_INSTANCES_BLOCK_ALLOC_SZ\t(8)\n+\n+struct rte_security_ctx {\n+\tuint16_t id;\n+\tenum {\n+\t\tRTE_SECURITY_INSTANCE_INVALID,\n+\t\tRTE_SECURITY_INSTANCE_VALID\n+\t} state;\n+\tvoid *device;\n+\tstruct rte_security_ops *ops;\n+\tuint16_t sess_cnt;\n+};\n+\n+static struct rte_security_ctx *security_instances;\n+static uint16_t max_nb_security_instances;\n+static uint16_t nb_security_instances;\n+\n+static int\n+rte_security_is_valid_id(uint16_t id)\n+{\n+\tif (id >= nb_security_instances ||\n+\t (security_instances[id].state != RTE_SECURITY_INSTANCE_VALID))\n+\t\treturn 0;\n+\telse\n+\t\treturn 1;\n+}\n+\n+/* Macros to check for valid id */\n+#define RTE_SEC_VALID_ID_OR_ERR_RET(id, retval) do { \\\n+\tif (!rte_security_is_valid_id(id)) { \\\n+\t\tRTE_PMD_DEBUG_TRACE(\"Invalid sec_id=%d\\n\", id); \\\n+\t\treturn retval; \\\n+\t} \\\n+} while (0)\n+\n+#define RTE_SEC_VALID_ID_OR_RET(id) do { \\\n+\tif (!rte_security_is_valid_id(id)) { \\\n+\t\tRTE_PMD_DEBUG_TRACE(\"Invalid sec_id=%d\\n\", id); \\\n+\t\treturn; \\\n+\t} \\\n+} while (0)\n+\n+int\n+rte_security_register(uint16_t *id, void *device,\n+\t\t struct rte_security_ops *ops)\n+{\n+\tif (max_nb_security_instances == 0) {\n+\t\tsecurity_instances = rte_malloc(\n+\t\t\t\t\"rte_security_instances_ops\",\n+\t\t\t\tsizeof(*security_instances) *\n+\t\t\t\tRTE_SECURITY_INSTANCES_BLOCK_ALLOC_SZ, 0);\n+\n+\t\tif (security_instances == NULL)\n+\t\t\treturn -ENOMEM;\n+\t\tmax_nb_security_instances =\n+\t\t\t\tRTE_SECURITY_INSTANCES_BLOCK_ALLOC_SZ;\n+\t} else if (nb_security_instances >= max_nb_security_instances) {\n+\t\tuint16_t *instances = rte_realloc(security_instances,\n+\t\t\t\tsizeof(struct rte_security_ops *) *\n+\t\t\t\t(max_nb_security_instances +\n+\t\t\t\tRTE_SECURITY_INSTANCES_BLOCK_ALLOC_SZ), 0);\n+\n+\t\tif (instances == NULL)\n+\t\t\treturn -ENOMEM;\n+\n+\t\tmax_nb_security_instances +=\n+\t\t\t\tRTE_SECURITY_INSTANCES_BLOCK_ALLOC_SZ;\n+\t}\n+\n+\t*id = nb_security_instances++;\n+\n+\tsecurity_instances[*id].id = *id;\n+\tsecurity_instances[*id].state = RTE_SECURITY_INSTANCE_VALID;\n+\tsecurity_instances[*id].device = device;\n+\tsecurity_instances[*id].ops = ops;\n+\tsecurity_instances[*id].sess_cnt = 0;\n+\n+\treturn 0;\n+}\n+\n+int\n+rte_security_unregister(uint16_t id)\n+{\n+\tstruct rte_security_ctx *instance;\n+\n+\tRTE_SEC_VALID_ID_OR_ERR_RET(id, -ENODEV);\n+\tinstance = &security_instances[id];\n+\n+\tif (instance->sess_cnt)\n+\t\treturn -EBUSY;\n+\n+\tmemset(instance, 0, sizeof(*instance));\n+\treturn 0;\n+}\n+\n+struct rte_security_session *\n+rte_security_session_create(uint16_t id,\n+\t\t\t struct rte_security_session_conf *conf,\n+\t\t\t struct rte_mempool *mp)\n+{\n+\tstruct rte_security_ctx *instance;\n+\tstruct rte_security_session *sess = NULL;\n+\n+\tRTE_SEC_VALID_ID_OR_ERR_RET(id, NULL);\n+\tinstance = &security_instances[id];\n+\n+\tif (conf == NULL)\n+\t\treturn NULL;\n+\n+\tRTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_create, NULL);\n+\n+\tif (rte_mempool_get(mp, (void *)&sess))\n+\t\treturn NULL;\n+\n+\tif (instance->ops->session_create(instance->device, conf, sess, mp)) {\n+\t\trte_mempool_put(mp, (void *)sess);\n+\t\treturn NULL;\n+\t}\n+\tinstance->sess_cnt++;\n+\n+\treturn sess;\n+}\n+\n+int\n+rte_security_session_update(uint16_t id,\n+\t\t\t struct rte_security_session *sess,\n+\t\t\t struct rte_security_session_conf *conf)\n+{\n+\tstruct rte_security_ctx *instance;\n+\n+\tRTE_SEC_VALID_ID_OR_ERR_RET(id, -ENODEV);\n+\tinstance = &security_instances[id];\n+\n+\tRTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_update, -ENOTSUP);\n+\treturn instance->ops->session_update(instance->device, sess, conf);\n+}\n+\n+int\n+rte_security_session_stats_get(uint16_t id,\n+\t\t\t struct rte_security_session *sess,\n+\t\t\t struct rte_security_stats *stats)\n+{\n+\tstruct rte_security_ctx *instance;\n+\n+\tRTE_SEC_VALID_ID_OR_ERR_RET(id, -ENODEV);\n+\tinstance = &security_instances[id];\n+\n+\tRTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_stats_get, -ENOTSUP);\n+\treturn instance->ops->session_stats_get(instance->device, sess, stats);\n+}\n+\n+int\n+rte_security_session_destroy(uint16_t id, struct rte_security_session *sess)\n+{\n+\tint ret;\n+\tstruct rte_security_ctx *instance;\n+\tstruct rte_mempool *mp = rte_mempool_from_obj(sess);\n+\n+\tRTE_SEC_VALID_ID_OR_ERR_RET(id, -ENODEV);\n+\tinstance = &security_instances[id];\n+\n+\tRTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_destroy, -ENOTSUP);\n+\n+\tif (instance->sess_cnt)\n+\t\tinstance->sess_cnt--;\n+\n+\tret = instance->ops->session_destroy(instance->device, sess);\n+\tif (!ret)\n+\t\trte_mempool_put(mp, (void *)sess);\n+\n+\treturn ret;\n+}\n+\n+int\n+rte_security_set_pkt_metadata(uint16_t id,\n+\t\t\t struct rte_security_session *sess,\n+\t\t\t struct rte_mbuf *m, void *params)\n+{\n+\tstruct rte_security_ctx *instance;\n+\n+\tRTE_SEC_VALID_ID_OR_ERR_RET(id, -ENODEV);\n+\tinstance = &security_instances[id];\n+\n+\tRTE_FUNC_PTR_OR_ERR_RET(*instance->ops->set_pkt_metadata, -ENOTSUP);\n+\treturn instance->ops->set_pkt_metadata(instance->device,\n+\t\t\t\t\t sess, m, params);\n+}\n+\n+const struct rte_security_capability *\n+rte_security_capabilities_get(uint16_t id)\n+{\n+\tstruct rte_security_ctx *instance;\n+\n+\tRTE_SEC_VALID_ID_OR_ERR_RET(id, NULL);\n+\tinstance = &security_instances[id];\n+\n+\tRTE_FUNC_PTR_OR_ERR_RET(*instance->ops->capabilities_get, NULL);\n+\treturn instance->ops->capabilities_get(instance->device);\n+}\n+\n+const struct rte_security_capability *\n+rte_security_capability_get(uint16_t id,\n+\t\t\t struct rte_security_capability_idx *idx)\n+{\n+\tstruct rte_security_ctx *instance;\n+\tconst struct rte_security_capability *capabilities;\n+\tconst struct rte_security_capability *capability;\n+\tuint16_t i = 0;\n+\n+\tRTE_SEC_VALID_ID_OR_ERR_RET(id, NULL);\n+\tinstance = &security_instances[id];\n+\n+\tRTE_FUNC_PTR_OR_ERR_RET(*instance->ops->capabilities_get, NULL);\n+\tcapabilities = instance->ops->capabilities_get(instance->device);\n+\n+\tif (capabilities == NULL)\n+\t\treturn NULL;\n+\n+\twhile ((capability = &capabilities[i++])->action\n+\t\t\t!= RTE_SECURITY_ACTION_TYPE_NONE) {\n+\t\tif (capability->action == idx->action &&\n+\t\t\t\tcapability->protocol == idx->protocol) {\n+\t\t\tif (idx->protocol == RTE_SECURITY_PROTOCOL_IPSEC) {\n+\t\t\t\tif (capability->ipsec.proto ==\n+\t\t\t\t\t\tidx->ipsec.proto &&\n+\t\t\t\t\tcapability->ipsec.mode ==\n+\t\t\t\t\t\t\tidx->ipsec.mode &&\n+\t\t\t\t\tcapability->ipsec.direction ==\n+\t\t\t\t\t\t\tidx->ipsec.direction)\n+\t\t\t\t\treturn capability;\n+\t\t\t}\n+\t\t}\n+\t}\n+\n+\treturn NULL;\n+}\ndiff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h\nnew file mode 100644\nindex 0000000..9e639fd\n--- /dev/null\n+++ b/lib/librte_security/rte_security.h\n@@ -0,0 +1,495 @@\n+/*-\n+ * BSD LICENSE\n+ *\n+ * Copyright 2017 NXP.\n+ * Copyright(c) 2017 Intel Corporation. All rights reserved.\n+ *\n+ * Redistribution and use in source and binary forms, with or without\n+ * modification, are permitted provided that the following conditions\n+ * are met:\n+ *\n+ * * Redistributions of source code must retain the above copyright\n+ * notice, this list of conditions and the following disclaimer.\n+ * * Redistributions in binary form must reproduce the above copyright\n+ * notice, this list of conditions and the following disclaimer in\n+ * the documentation and/or other materials provided with the\n+ * distribution.\n+ * * Neither the name of NXP nor the names of its\n+ * contributors may be used to endorse or promote products derived\n+ * from this software without specific prior written permission.\n+ *\n+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n+ * \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n+ */\n+\n+#ifndef _RTE_SECURITY_H_\n+#define _RTE_SECURITY_H_\n+\n+/**\n+ * @file rte_security.h\n+ *\n+ * RTE Security Common Definitions\n+ *\n+ */\n+\n+#ifdef __cplusplus\n+extern \"C\" {\n+#endif\n+\n+#include <netinet/in.h>\n+#include <netinet/ip.h>\n+#include <netinet/ip6.h>\n+\n+#include <rte_common.h>\n+#include <rte_crypto.h>\n+#include <rte_mbuf.h>\n+#include <rte_memory.h>\n+#include <rte_mempool.h>\n+\n+/** IPSec protocol mode */\n+enum rte_security_ipsec_sa_mode {\n+\tRTE_SECURITY_IPSEC_SA_MODE_TRANSPORT,\n+\t/**< IPSec Transport mode */\n+\tRTE_SECURITY_IPSEC_SA_MODE_TUNNEL,\n+\t/**< IPSec Tunnel mode */\n+};\n+\n+/** IPSec Protocol */\n+enum rte_security_ipsec_sa_protocol {\n+\tRTE_SECURITY_IPSEC_SA_PROTO_AH,\n+\t/**< AH protocol */\n+\tRTE_SECURITY_IPSEC_SA_PROTO_ESP,\n+\t/**< ESP protocol */\n+};\n+\n+/** IPSEC tunnel type */\n+enum rte_security_ipsec_tunnel_type {\n+\tRTE_SECURITY_IPSEC_TUNNEL_IPV4,\n+\t/**< Outer header is IPv4 */\n+\tRTE_SECURITY_IPSEC_TUNNEL_IPV6,\n+\t/**< Outer header is IPv6 */\n+};\n+\n+/**\n+ * IPSEC tunnel parameters\n+ *\n+ * These parameters are used to build outbound tunnel headers.\n+ */\n+struct rte_security_ipsec_tunnel_param {\n+\tenum rte_security_ipsec_tunnel_type type;\n+\t/**< Tunnel type: IPv4 or IPv6 */\n+\tRTE_STD_C11\n+\tunion {\n+\t\tstruct {\n+\t\t\tstruct in_addr src_ip;\n+\t\t\t/**< IPv4 source address */\n+\t\t\tstruct in_addr dst_ip;\n+\t\t\t/**< IPv4 destination address */\n+\t\t\tuint8_t dscp;\n+\t\t\t/**< IPv4 Differentiated Services Code Point */\n+\t\t\tuint8_t df;\n+\t\t\t/**< IPv4 Don't Fragment bit */\n+\t\t\tuint8_t ttl;\n+\t\t\t/**< IPv4 Time To Live */\n+\t\t} ipv4;\n+\t\t/**< IPv4 header parameters */\n+\t\tstruct {\n+\t\t\tstruct in6_addr src_addr;\n+\t\t\t/**< IPv6 source address */\n+\t\t\tstruct in6_addr dst_addr;\n+\t\t\t/**< IPv6 destination address */\n+\t\t\tuint8_t dscp;\n+\t\t\t/**< IPv6 Differentiated Services Code Point */\n+\t\t\tuint32_t flabel;\n+\t\t\t/**< IPv6 flow label */\n+\t\t\tuint8_t hlimit;\n+\t\t\t/**< IPv6 hop limit */\n+\t\t} ipv6;\n+\t\t/**< IPv6 header parameters */\n+\t};\n+};\n+\n+/**\n+ * IPsec Security Association option flags\n+ */\n+struct rte_security_ipsec_sa_options {\n+\t/**< Extended Sequence Numbers (ESN)\n+\t *\n+\t * * 1: Use extended (64 bit) sequence numbers\n+\t * * 0: Use normal sequence numbers\n+\t */\n+\tuint32_t esn : 1;\n+\n+\t/**< UDP encapsulation\n+\t *\n+\t * * 1: Do UDP encapsulation/decapsulation so that IPSEC packets can\n+\t * traverse through NAT boxes.\n+\t * * 0: No UDP encapsulation\n+\t */\n+\tuint32_t udp_encap : 1;\n+\n+\t/**< Copy DSCP bits\n+\t *\n+\t * * 1: Copy IPv4 or IPv6 DSCP bits from inner IP header to\n+\t * the outer IP header in encapsulation, and vice versa in\n+\t * decapsulation.\n+\t * * 0: Use values from odp_ipsec_tunnel_param_t in encapsulation and\n+\t * do not change DSCP field in decapsulation.\n+\t */\n+\tuint32_t copy_dscp : 1;\n+\n+\t/**< Copy IPv6 Flow Label\n+\t *\n+\t * * 1: Copy IPv6 flow label from inner IPv6 header to the\n+\t * outer IPv6 header.\n+\t * * 0: Use value from odp_ipsec_tunnel_param_t\n+\t */\n+\tuint32_t copy_flabel : 1;\n+\n+\t/**< Copy IPv4 Don't Fragment bit\n+\t *\n+\t * * 1: Copy the DF bit from the inner IPv4 header to the outer\n+\t * IPv4 header.\n+\t * * 0: Use value from odp_ipsec_tunnel_param_t\n+\t */\n+\tuint32_t copy_df : 1;\n+\n+\t/**< Decrement inner packet Time To Live (TTL) field\n+\t *\n+\t * * 1: In tunnel mode, decrement inner packet IPv4 TTL or\n+\t * IPv6 Hop Limit after tunnel decapsulation, or before tunnel\n+\t * encapsulation.\n+\t * * 0: Inner packet is not modified.\n+\t */\n+\tuint32_t dec_ttl : 1;\n+\n+\t/**< HW constructs/removes trailer of packets\n+\t *\n+\t * * 1: Transmitted packets will have the trailer added to them by\n+\t * hardawre. The next protocol field will be based on the\n+\t * mbuf->inner_esp_next_proto field.\n+\t * Received packets have no trailer, the next protocol field is\n+\t * supplied in the mbuf->inner_esp_next_proto field.\n+\t * * 0: Inner packet is not modified.\n+\t */\n+\tuint32_t no_trailer : 1;\n+};\n+\n+/** IPSec security association direction */\n+enum rte_security_ipsec_sa_direction {\n+\tRTE_SECURITY_IPSEC_SA_DIR_EGRESS,\n+\t/**< Encrypt and generate digest */\n+\tRTE_SECURITY_IPSEC_SA_DIR_INGRESS,\n+\t/**< Verify digest and decrypt */\n+};\n+\n+/**\n+ * IPsec security association configuration data.\n+ *\n+ * This structure contains data required to create an IPsec SA security session.\n+ */\n+struct rte_security_ipsec_xform {\n+\tuint32_t spi;\n+\t/**< SA security parameter index */\n+\tuint32_t salt;\n+\t/**< SA salt */\n+\tstruct rte_security_ipsec_sa_options options;\n+\t/**< various SA options */\n+\tenum rte_security_ipsec_sa_direction direction;\n+\t/**< IPSec SA Direction - Egress/Ingress */\n+\tenum rte_security_ipsec_sa_protocol proto;\n+\t/**< IPsec SA Protocol - AH/ESP */\n+\tenum rte_security_ipsec_sa_mode mode;\n+\t/**< IPsec SA Mode - transport/tunnel */\n+\tstruct rte_security_ipsec_tunnel_param tunnel;\n+\t/**< Tunnel parameters, NULL for transport mode */\n+};\n+\n+/**\n+ * MACsec security session configuration\n+ */\n+struct rte_security_macsec_xform {\n+\t/** To be Filled */\n+};\n+\n+/**\n+ * Security session action type.\n+ */\n+enum rte_security_session_action_type {\n+\tRTE_SECURITY_ACTION_TYPE_NONE,\n+\t/**< No security actions */\n+\tRTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO,\n+\t/**< Crypto processing for security protocol is processed inline\n+\t * during transmission */\n+\tRTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL,\n+\t/**< All security protocol processing is performed inline during\n+\t * transmission */\n+\tRTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL\n+\t/**< All security protocol processing including crypto is performed\n+\t * on a lookaside accelerator */\n+};\n+\n+/** Security session protocol definition */\n+enum rte_security_session_protocol {\n+\tRTE_SECURITY_PROTOCOL_IPSEC,\n+\t/**< IPsec Protocol */\n+\tRTE_SECURITY_PROTOCOL_MACSEC,\n+\t/**< MACSec Protocol */\n+};\n+\n+/**\n+ * Security session configuration\n+ */\n+struct rte_security_session_conf {\n+\tenum rte_security_session_action_type action_type;\n+\t/**< Type of action to be performed on the session */\n+\tenum rte_security_session_protocol protocol;\n+\t/**< Security protocol to be configured */\n+\tunion {\n+\t\tstruct rte_security_ipsec_xform ipsec;\n+\t\tstruct rte_security_macsec_xform macsec;\n+\t};\n+\t/**< Configuration parameters for security session */\n+\tstruct rte_crypto_sym_xform *crypto_xform;\n+\t/**< Security Session Crypto Transformations */\n+};\n+\n+struct rte_security_session {\n+\tvoid *sess_private_data;\n+\t/**< Private session material */\n+};\n+\n+/**\n+ * Create security session as specified by the session configuration\n+ *\n+ * @param id\t\tsecurity instance identifier id\n+ * @param conf\tsession configuration parameters\n+ * @param mp\t\tmempool to allocate session objects from\n+ * @return\n+ * - On success, pointer to session\n+ * - On failure, NULL\n+ */\n+struct rte_security_session *\n+rte_security_session_create(uint16_t id,\n+\t\t\t struct rte_security_session_conf *conf,\n+\t\t\t struct rte_mempool *mp);\n+\n+/**\n+ * Update security session as specified by the session configuration\n+ *\n+ * @param id\t\tsecurity instance identifier id\n+ * @param sess\tsession to update parameters\n+ * @param conf\tupdate configuration parameters\n+ * @return\n+ * - On success returns 0\n+ * - On failure return errno\n+ */\n+int\n+rte_security_session_update(uint16_t id,\n+\t\t\t struct rte_security_session *sess,\n+\t\t\t struct rte_security_session_conf *conf);\n+\n+/**\n+ * Free security session header and the session private data and\n+ * return it to its original mempool.\n+ *\n+ * @param id\t\tsecurity instance identifier id\n+ * @param sess\tsecurity session to freed\n+ *\n+ * @return\n+ * - 0 if successful.\n+ * - -EINVAL if session is NULL.\n+ * - -EBUSY if not all device private data has been freed.\n+ */\n+int\n+rte_security_session_destroy(uint16_t id, struct rte_security_session *sess);\n+\n+/**\n+ * Updates the buffer with device-specific defined metadata\n+ *\n+ * @param\tid\tsecurity instance identifier id\n+ * @param\tsess\tsecurity session\n+ * @param\tm\tpacket mbuf to set metadata on.\n+ * @param\tparams\tdevice-specific defined parameters required for metadata\n+ *\n+ * @return\n+ * - On success, zero.\n+ * - On failure, a negative value.\n+ */\n+int\n+rte_security_set_pkt_metadata(uint16_t id,\n+\t\t\t struct rte_security_session *sess,\n+\t\t\t struct rte_mbuf *mb, void *params);\n+\n+/**\n+ * Attach a session to a symmetric crypto operation\n+ *\n+ * @param\tsym_op\tcrypto operation\n+ * @param\tsess\tsecurity session\n+ */\n+static inline int\n+__rte_security_attach_session(struct rte_crypto_sym_op *sym_op,\n+\t\t\t struct rte_security_session *sess)\n+{\n+\tsym_op->sec_session = sess;\n+\n+\treturn 0;\n+}\n+\n+static inline void *\n+get_sec_session_private_data(const struct rte_security_session *sess)\n+{\n+\treturn sess->sess_private_data;\n+}\n+\n+static inline void\n+set_sec_session_private_data(struct rte_security_session *sess,\n+\t\t\t void *private_data)\n+{\n+\tsess->sess_private_data = private_data;\n+}\n+\n+/**\n+ * Attach a session to a crypto operation.\n+ * This API is needed only in case of RTE_SECURITY_SESS_CRYPTO_PROTO_OFFLOAD\n+ * For other rte_security_session_action_type, ol_flags in rte_mbuf may be\n+ * defined to perform security operations.\n+ *\n+ * @param\top\tcrypto operation\n+ * @param\tsess\tsecurity session\n+ */\n+static inline int\n+rte_security_attach_session(struct rte_crypto_op *op,\n+\t\t\t struct rte_security_session *sess)\n+{\n+\tif (unlikely(op->type != RTE_CRYPTO_OP_TYPE_SYMMETRIC))\n+\t\treturn -EINVAL;\n+\n+\top->sess_type = RTE_CRYPTO_OP_SECURITY_SESSION;\n+\n+\treturn __rte_security_attach_session(op->sym, sess);\n+}\n+\n+struct rte_security_macsec_stats {\n+\tuint64_t reserved;\n+};\n+\n+struct rte_security_ipsec_stats {\n+\tuint64_t reserved;\n+\n+};\n+\n+struct rte_security_stats {\n+\tenum rte_security_session_protocol protocol;\n+\t/**< Security protocol to be configured */\n+\n+\tunion {\n+\t\tstruct rte_security_macsec_stats macsec;\n+\t\tstruct rte_security_ipsec_stats ipsec;\n+\t};\n+};\n+\n+/**\n+ * Get security session statistics\n+ *\n+ * @param\tid\tsecurity instance identifier id\n+ * @param\tsess\tsecurity session\n+ * @param\tstats\tstatistics\n+ * @return\n+ * - On success return 0\n+ * - On failure errno\n+ */\n+int\n+rte_security_session_stats_get(uint16_t id,\n+\t\t\t struct rte_security_session *sess,\n+\t\t\t struct rte_security_stats *stats);\n+\n+/**\n+ * Security capability definition\n+ */\n+struct rte_security_capability {\n+\tenum rte_security_session_action_type action;\n+\t/**< Security action type*/\n+\tenum rte_security_session_protocol protocol;\n+\t/**< Security protocol */\n+\tRTE_STD_C11\n+\tunion {\n+\t\tstruct {\n+\t\t\tenum rte_security_ipsec_sa_protocol proto;\n+\t\t\t/**< IPsec SA protocol */\n+\t\t\tenum rte_security_ipsec_sa_mode mode;\n+\t\t\t/**< IPsec SA mode */\n+\t\t\tenum rte_security_ipsec_sa_direction direction;\n+\t\t\t/**< IPsec SA direction */\n+\t\t\tstruct rte_security_ipsec_sa_options options;\n+\t\t\t/**< IPsec SA supported options */\n+\t\t} ipsec;\n+\t\t/**< IPsec capability */\n+\t\tstruct {\n+\t\t\t/* To be Filled */\n+\t\t} macsec;\n+\t\t/**< MACsec capability */\n+\t};\n+\n+\tconst struct rte_cryptodev_capabilities *crypto_capabilities;\n+\t/**< Corresponding crypto capabilities for security capability */\n+};\n+\n+/**\n+ * Security capability index used to query a security instance for a specific\n+ * security capability\n+ */\n+struct rte_security_capability_idx {\n+\tenum rte_security_session_action_type action;\n+\tenum rte_security_session_protocol protocol;\n+\n+\tunion {\n+\t\tstruct {\n+\t\t\tenum rte_security_ipsec_sa_protocol proto;\n+\t\t\tenum rte_security_ipsec_sa_mode mode;\n+\t\t\tenum rte_security_ipsec_sa_direction direction;\n+\t\t} ipsec;\n+\t};\n+};\n+\n+/**\n+ * Returns array of security instance capabilities\n+ *\n+ * @param\tid\tSecurity instance identifier.\n+ *\n+ * @return\n+ * - Returns array of security capabilities.\n+ * - Return NULL if no capabilities available.\n+ */\n+const struct rte_security_capability *\n+rte_security_capabilities_get(uint16_t id);\n+\n+/**\n+ * Query if a specific capability is available on security instance\n+ *\n+ * @param\tid\tsecurity instance identifier.\n+ * @param\tidx\tsecurity capability index to match against\n+ *\n+ * @return\n+ * - Returns pointer to security capability on match of capability\n+ * index criteria.\n+ * - Return NULL if the capability not matched on security instance.\n+ */\n+const struct rte_security_capability *\n+rte_security_capability_get(uint16_t id,\n+\t\t\t struct rte_security_capability_idx *idx);\n+\n+#ifdef __cplusplus\n+}\n+#endif\n+\n+#endif /* _RTE_SECURITY_H_ */\ndiff --git a/lib/librte_security/rte_security_driver.h b/lib/librte_security/rte_security_driver.h\nnew file mode 100644\nindex 0000000..5134128\n--- /dev/null\n+++ b/lib/librte_security/rte_security_driver.h\n@@ -0,0 +1,182 @@\n+/*-\n+ * BSD LICENSE\n+ *\n+ * Copyright(c) 2017 Intel Corporation. All rights reserved.\n+ * Copyright 2017 NXP.\n+ *\n+ * Redistribution and use in source and binary forms, with or without\n+ * modification, are permitted provided that the following conditions\n+ * are met:\n+ *\n+ * * Redistributions of source code must retain the above copyright\n+ * notice, this list of conditions and the following disclaimer.\n+ * * Redistributions in binary form must reproduce the above copyright\n+ * notice, this list of conditions and the following disclaimer in\n+ * the documentation and/or other materials provided with the\n+ * distribution.\n+ * * Neither the name of Intel Corporation nor the names of its\n+ * contributors may be used to endorse or promote products derived\n+ * from this software without specific prior written permission.\n+ *\n+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n+ * \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n+ */\n+\n+#ifndef _RTE_SECURITY_DRIVER_H_\n+#define _RTE_SECURITY_DRIVER_H_\n+\n+/**\n+ * @file rte_security_driver.h\n+ *\n+ * RTE Security Common Definitions\n+ *\n+ */\n+\n+#ifdef __cplusplus\n+extern \"C\" {\n+#endif\n+\n+#include \"rte_security.h\"\n+\n+/**\n+ * Configure a security session on a device.\n+ *\n+ * @param\tdevice\t\tCrypto/eth device pointer\n+ * @param\tconf\t\tSecurity session configuration\n+ * @param\tsess\t\tPointer to Security private session structure\n+ * @param\tmp\t\tMempool where the private session is allocated\n+ *\n+ * @return\n+ * - Returns 0 if private session structure have been created successfully.\n+ * - Returns -EINVAL if input parameters are invalid.\n+ * - Returns -ENOTSUP if crypto device does not support the crypto transform.\n+ * - Returns -ENOMEM if the private session could not be allocated.\n+ */\n+typedef int (*security_session_create_t)(void *device,\n+\t\tstruct rte_security_session_conf *conf,\n+\t\tstruct rte_security_session *sess,\n+\t\tstruct rte_mempool *mp);\n+\n+/**\n+ * Free driver private session data.\n+ *\n+ * @param\tdev\t\tCrypto/eth device pointer\n+ * @param\tsess\t\tSecurity session structure\n+ */\n+typedef int (*security_session_destroy_t)(void *device,\n+\t\tstruct rte_security_session *sess);\n+\n+/**\n+ * Update driver private session data.\n+ *\n+ * @param\tdevice\t\tCrypto/eth device pointer\n+ * @param\tsess\t\tPointer to Security private session structure\n+ * @param\tconf\t\tSecurity session configuration\n+ *\n+ * @return\n+ * - Returns 0 if private session structure have been updated successfully.\n+ * - Returns -EINVAL if input parameters are invalid.\n+ * - Returns -ENOTSUP if crypto device does not support the crypto transform.\n+ */\n+typedef int (*security_session_update_t)(void *device,\n+\t\tstruct rte_security_session *sess,\n+\t\tstruct rte_security_session_conf *conf);\n+/**\n+ * Get stats from the PMD.\n+ *\n+ * @param\tdevice\t\tCrypto/eth device pointer\n+ * @param\tsess\t\tPointer to Security private session structure\n+ * @param\tstats\t\tSecurity stats of the driver\n+ *\n+ * @return\n+ * - Returns 0 if private session structure have been updated successfully.\n+ * - Returns -EINVAL if session parameters are invalid.\n+ */\n+typedef int (*security_session_stats_get_t)(void *device,\n+\t\tstruct rte_security_session *sess,\n+\t\tstruct rte_security_stats *stats);\n+\n+/**\n+ * Update the mbuf with provided metadata.\n+ *\n+ * @param\tsess\t\tSecurity session structure\n+ * @param\tmb\t\tPacket buffer\n+ * @param\tmt\t\tMetadata\n+ *\n+ * @return\n+ * - Returns 0 if metadata updated successfully.\n+ * - Returns -ve value for errors.\n+ */\n+typedef int (*security_set_pkt_metadata_t)(void *device,\n+\t\tstruct rte_security_session *sess, struct rte_mbuf *m,\n+\t\tvoid *params);\n+\n+/**\n+ * Get security capabilities of the device.\n+ *\n+ * @param\tdevice\t\tcrypto/eth device pointer\n+ *\n+ * @return\n+ * - Returns rte_security_capability pointer on success.\n+ * - Returns NULL on error.\n+ */\n+typedef const struct rte_security_capability *(*security_capabilities_get_t)(\n+\t\tvoid *device);\n+\n+/** Security operations function pointer table */\n+struct rte_security_ops {\n+\tsecurity_session_create_t session_create;\n+\t/**< Configure a security session. */\n+\tsecurity_session_update_t session_update;\n+\t/**< Update a security session. */\n+\tsecurity_session_stats_get_t session_stats_get;\n+\t/**< Get security session statistics. */\n+\tsecurity_session_destroy_t session_destroy;\n+\t/**< Clear a security sessions private data. */\n+\tsecurity_set_pkt_metadata_t set_pkt_metadata;\n+\t/**< Update mbuf metadata. */\n+\tsecurity_capabilities_get_t capabilities_get;\n+\t/**< Get security capabilities. */\n+};\n+\n+/**\n+ * Register a Crypto/eth device for security operations.\n+ *\n+ * @param\tid\t\tid of the crypto/eth device\n+ * @param\tdevice\t\tcrypto/eth device pointer\n+ * @param\tops\t\tSecurity ops to be supported by device\n+ *\n+ * @return\n+ * - Returns 0 if metadata updated successfully.\n+ * - Returns -ve value for errors.\n+ */\n+int\n+rte_security_register(uint16_t *id, void *device,\n+\t\t struct rte_security_ops *ops);\n+\n+/**\n+ * Unregister a Crypto/eth device for security operations.\n+ *\n+ * @param\tid\t\tid of the crypto/eth device\n+ *\n+ * @return\n+ * - Returns 0 if device is successfully unregistered.\n+ * - Returns -ve value for errors.\n+ */\n+int\n+rte_security_unregister(uint16_t id);\n+\n+#ifdef __cplusplus\n+}\n+#endif\n+\n+#endif /* _RTE_SECURITY_DRIVER_H_ */\ndiff --git a/lib/librte_security/rte_security_version.map b/lib/librte_security/rte_security_version.map\nnew file mode 100644\nindex 0000000..82b7921\n--- /dev/null\n+++ b/lib/librte_security/rte_security_version.map\n@@ -0,0 +1,13 @@\n+DPDK_17.11 {\n+\tglobal:\n+\n+\trte_security_attach_session;\n+\trte_security_capabilities_get;\n+\trte_security_capability_get;\n+\trte_security_session_create;\n+\trte_security_session_free;\n+\trte_security_session_query;\n+\trte_security_session_update;\n+\trte_security_set_pkt_metadata;\n+\n+};\n", "prefixes": [ "dpdk-dev", "v2", "01/12" ] }