Patch Detail

HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 94847,
    "url": "https://patches.dpdk.org/api/patches/94847/?format=api",
    "web_url": "https://patches.dpdk.org/project/dpdk/patch/1624601708-29991-3-git-send-email-anoobj@marvell.com/",
    "project": {
        "id": 1,
        "url": "https://patches.dpdk.org/api/projects/1/?format=api",
        "name": "DPDK",
        "link_name": "dpdk",
        "list_id": "dev.dpdk.org",
        "list_email": "dev@dpdk.org",
        "web_url": "http://core.dpdk.org",
        "scm_url": "git://dpdk.org/dpdk",
        "webscm_url": "http://git.dpdk.org/dpdk",
        "list_archive_url": "https://inbox.dpdk.org/dev",
        "list_archive_url_format": "https://inbox.dpdk.org/dev/{}",
        "commit_url_format": ""
    },
    "msgid": "<1624601708-29991-3-git-send-email-anoobj@marvell.com>",
    "list_archive_url": "https://inbox.dpdk.org/dev/1624601708-29991-3-git-send-email-anoobj@marvell.com",
    "date": "2021-06-25T06:15:06",
    "name": "[v2,2/4] crypto/cnxk: add security session ops",
    "commit_ref": null,
    "pull_url": null,
    "state": "superseded",
    "archived": true,
    "hash": "4adba886ebd31096be575924898c969594885d00",
    "submitter": {
        "id": 1205,
        "url": "https://patches.dpdk.org/api/people/1205/?format=api",
        "name": "Anoob Joseph",
        "email": "anoobj@marvell.com"
    },
    "delegate": {
        "id": 6690,
        "url": "https://patches.dpdk.org/api/users/6690/?format=api",
        "username": "akhil",
        "first_name": "akhil",
        "last_name": "goyal",
        "email": "gakhil@marvell.com"
    },
    "mbox": "https://patches.dpdk.org/project/dpdk/patch/1624601708-29991-3-git-send-email-anoobj@marvell.com/mbox/",
    "series": [
        {
            "id": 17484,
            "url": "https://patches.dpdk.org/api/series/17484/?format=api",
            "web_url": "https://patches.dpdk.org/project/dpdk/list/?series=17484",
            "date": "2021-06-25T06:15:04",
            "name": "Add rte_security in crypto_cn10k PMD",
            "version": 2,
            "mbox": "https://patches.dpdk.org/series/17484/mbox/"
        }
    ],
    "comments": "https://patches.dpdk.org/api/patches/94847/comments/",
    "check": "success",
    "checks": "https://patches.dpdk.org/api/patches/94847/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<dev-bounces@dpdk.org>",
        "X-Original-To": "patchwork@inbox.dpdk.org",
        "Delivered-To": "patchwork@inbox.dpdk.org",
        "Received": [
            "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 1E1ECA0C40;\n\tFri, 25 Jun 2021 08:15:54 +0200 (CEST)",
            "from [217.70.189.124] (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id 0CBC8410DA;\n\tFri, 25 Jun 2021 08:15:54 +0200 (CEST)",
            "from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com\n [67.231.156.173])\n by mails.dpdk.org (Postfix) with ESMTP id 05B1D40E25\n for <dev@dpdk.org>; Fri, 25 Jun 2021 08:15:52 +0200 (CEST)",
            "from pps.filterd (m0045851.ppops.net [127.0.0.1])\n by mx0b-0016f401.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id\n 15P65AeX031367; Thu, 24 Jun 2021 23:15:52 -0700",
            "from dc5-exch01.marvell.com ([199.233.59.181])\n by mx0b-0016f401.pphosted.com with ESMTP id 39d241skeu-1\n (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);\n Thu, 24 Jun 2021 23:15:52 -0700",
            "from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com\n (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.18;\n Thu, 24 Jun 2021 23:15:49 -0700",
            "from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com\n (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend\n Transport; Thu, 24 Jun 2021 23:15:49 -0700",
            "from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218])\n by maili.marvell.com (Postfix) with ESMTP id EE3C33F7041;\n Thu, 24 Jun 2021 23:15:45 -0700 (PDT)"
        ],
        "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;\n h=from : to : cc :\n subject : date : message-id : in-reply-to : references : mime-version :\n content-transfer-encoding : content-type; s=pfpt0220;\n bh=3U4crViiU1o79ZT/Q3WXZtPBtcVmI+2M6giCIBZo66I=;\n b=iUOAheRNeIArnoEhnq7Vl6/F8kgOBkySEpg+dD31Y2UouuDV461LAt/2AiFPFTsUrqWR\n I246UcUrsKQ8VsdYtR4q2RyEnRjQv5XA+Fqk5paz5qGFktGbM8BpnvL+dJc/XS4mPkuZ\n xQz51XDrt/c6k4XUf2oLvECHNU9zJKrPQ76PLgRJR8CBmgse6GKHi1WWkVW1SBny5RsH\n Lf395qO7KXx3f1DdGOU3SUTixM9tFk3PTQOHemqdrBk4ajnxvxPyQX22UQ2+XPswYkT6\n 1bAj9qULp+YIcuknfeij6hcuGjtOwY+2ejksuRM6duWJ4jSN2f2yFNNRqNBRyCjWRdzi 9A==",
        "From": "Anoob Joseph <anoobj@marvell.com>",
        "To": "Akhil Goyal <gakhil@marvell.com>, Thomas Monjalon <thomas@monjalon.net>",
        "CC": "Tejasree Kondoj <ktejasree@marvell.com>, Jerin Jacob <jerinj@marvell.com>,\n Ankur Dwivedi <adwivedi@marvell.com>, <dev@dpdk.org>, Anoob Joseph\n <anoobj@marvell.com>, Archana Muniganti <marchana@marvell.com>, \"Srujana\n Challa\" <schalla@marvell.com>",
        "Date": "Fri, 25 Jun 2021 11:45:06 +0530",
        "Message-ID": "<1624601708-29991-3-git-send-email-anoobj@marvell.com>",
        "X-Mailer": "git-send-email 2.7.4",
        "In-Reply-To": "<1624601708-29991-1-git-send-email-anoobj@marvell.com>",
        "References": "<1622653862-22830-2-git-send-email-anoobj@marvell.com>\n <1624601708-29991-1-git-send-email-anoobj@marvell.com>",
        "MIME-Version": "1.0",
        "Content-Transfer-Encoding": "8bit",
        "Content-Type": "text/plain",
        "X-Proofpoint-GUID": "RMm6Mljk8wG6W1_Ib8uwdSpi-rKCpDg6",
        "X-Proofpoint-ORIG-GUID": "RMm6Mljk8wG6W1_Ib8uwdSpi-rKCpDg6",
        "X-Proofpoint-Virus-Version": "vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790\n definitions=2021-06-25_02:2021-06-24,\n 2021-06-25 signatures=0",
        "Subject": "[dpdk-dev] [PATCH v2 2/4] crypto/cnxk: add security session ops",
        "X-BeenThere": "dev@dpdk.org",
        "X-Mailman-Version": "2.1.29",
        "Precedence": "list",
        "List-Id": "DPDK patches and discussions <dev.dpdk.org>",
        "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>",
        "List-Archive": "<http://mails.dpdk.org/archives/dev/>",
        "List-Post": "<mailto:dev@dpdk.org>",
        "List-Help": "<mailto:dev-request@dpdk.org?subject=help>",
        "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>",
        "Errors-To": "dev-bounces@dpdk.org",
        "Sender": "\"dev\" <dev-bounces@dpdk.org>"
    },
    "content": "From: Tejasree Kondoj <ktejasree@marvell.com>\n\nAdd security session ops in cn10k crypto PMD.\n\nSigned-off-by: Anoob Joseph <anoobj@marvell.com>\nSigned-off-by: Archana Muniganti <marchana@marvell.com>\nSigned-off-by: Srujana Challa <schalla@marvell.com>\nSigned-off-by: Tejasree Kondoj <ktejasree@marvell.com>\n---\n drivers/crypto/cnxk/cn10k_cryptodev.c |   2 +\n drivers/crypto/cnxk/cn10k_ipsec.c     | 275 ++++++++++++++++++++++++++++++++++\n drivers/crypto/cnxk/cn10k_ipsec.h     |  36 +++++\n drivers/crypto/cnxk/cnxk_ipsec.h      |  20 +++\n drivers/crypto/cnxk/meson.build       |   3 +\n 5 files changed, 336 insertions(+)\n create mode 100644 drivers/crypto/cnxk/cn10k_ipsec.c\n create mode 100644 drivers/crypto/cnxk/cn10k_ipsec.h\n create mode 100644 drivers/crypto/cnxk/cnxk_ipsec.h",
    "diff": "diff --git a/drivers/crypto/cnxk/cn10k_cryptodev.c b/drivers/crypto/cnxk/cn10k_cryptodev.c\nindex ffe654c..cacf9c2 100644\n--- a/drivers/crypto/cnxk/cn10k_cryptodev.c\n+++ b/drivers/crypto/cnxk/cn10k_cryptodev.c\n@@ -12,6 +12,7 @@\n \n #include \"cn10k_cryptodev.h\"\n #include \"cn10k_cryptodev_ops.h\"\n+#include \"cn10k_ipsec.h\"\n #include \"cnxk_cryptodev.h\"\n #include \"cnxk_cryptodev_capabilities.h\"\n #include \"cnxk_cryptodev_sec.h\"\n@@ -101,6 +102,7 @@ cn10k_cpt_pci_probe(struct rte_pci_driver *pci_drv __rte_unused,\n \t\t\t     RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED;\n \n \tcn10k_cpt_set_enqdeq_fns(dev);\n+\tcn10k_sec_ops_override();\n \n \treturn 0;\n \ndiff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c\nnew file mode 100644\nindex 0000000..1d567bf\n--- /dev/null\n+++ b/drivers/crypto/cnxk/cn10k_ipsec.c\n@@ -0,0 +1,275 @@\n+/* SPDX-License-Identifier: BSD-3-Clause\n+ * Copyright(C) 2021 Marvell.\n+ */\n+\n+#include <rte_malloc.h>\n+#include <rte_cryptodev.h>\n+#include <rte_esp.h>\n+#include <rte_ip.h>\n+#include <rte_security.h>\n+#include <rte_security_driver.h>\n+#include <rte_udp.h>\n+\n+#include \"cnxk_cryptodev.h\"\n+#include \"cnxk_ipsec.h\"\n+#include \"cnxk_security.h\"\n+#include \"cn10k_ipsec.h\"\n+\n+#include \"roc_api.h\"\n+\n+static int\n+ipsec_xform_aead_verify(struct rte_security_ipsec_xform *ipsec_xfrm,\n+\t\t\tstruct rte_crypto_sym_xform *crypto_xfrm)\n+{\n+\tif (ipsec_xfrm->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS &&\n+\t    crypto_xfrm->aead.op != RTE_CRYPTO_AEAD_OP_ENCRYPT)\n+\t\treturn -EINVAL;\n+\n+\tif (ipsec_xfrm->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS &&\n+\t    crypto_xfrm->aead.op != RTE_CRYPTO_AEAD_OP_DECRYPT)\n+\t\treturn -EINVAL;\n+\n+\tif (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) {\n+\t\tswitch (crypto_xfrm->aead.key.length) {\n+\t\tcase ROC_CPT_AES128_KEY_LEN:\n+\t\tcase ROC_CPT_AES192_KEY_LEN:\n+\t\tcase ROC_CPT_AES256_KEY_LEN:\n+\t\t\tbreak;\n+\t\tdefault:\n+\t\t\treturn -EINVAL;\n+\t\t}\n+\t\treturn 0;\n+\t}\n+\n+\treturn -ENOTSUP;\n+}\n+\n+static int\n+cn10k_ipsec_xform_verify(struct rte_security_ipsec_xform *ipsec_xfrm,\n+\t\t\t struct rte_crypto_sym_xform *crypto_xfrm)\n+{\n+\tif ((ipsec_xfrm->direction != RTE_SECURITY_IPSEC_SA_DIR_INGRESS) &&\n+\t    (ipsec_xfrm->direction != RTE_SECURITY_IPSEC_SA_DIR_EGRESS))\n+\t\treturn -EINVAL;\n+\n+\tif ((ipsec_xfrm->proto != RTE_SECURITY_IPSEC_SA_PROTO_ESP) &&\n+\t    (ipsec_xfrm->proto != RTE_SECURITY_IPSEC_SA_PROTO_AH))\n+\t\treturn -EINVAL;\n+\n+\tif ((ipsec_xfrm->mode != RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT) &&\n+\t    (ipsec_xfrm->mode != RTE_SECURITY_IPSEC_SA_MODE_TUNNEL))\n+\t\treturn -EINVAL;\n+\n+\tif ((ipsec_xfrm->tunnel.type != RTE_SECURITY_IPSEC_TUNNEL_IPV4) &&\n+\t    (ipsec_xfrm->tunnel.type != RTE_SECURITY_IPSEC_TUNNEL_IPV6))\n+\t\treturn -EINVAL;\n+\n+\tif (crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD)\n+\t\treturn ipsec_xform_aead_verify(ipsec_xfrm, crypto_xfrm);\n+\n+\treturn -ENOTSUP;\n+}\n+\n+static uint64_t\n+ipsec_cpt_inst_w7_get(struct roc_cpt *roc_cpt, void *sa)\n+{\n+\tunion cpt_inst_w7 w7;\n+\n+\tw7.u64 = 0;\n+\tw7.s.egrp = roc_cpt->eng_grp[CPT_ENG_TYPE_IE];\n+\tw7.s.ctx_val = 1;\n+\tw7.s.cptr = (uint64_t)sa;\n+\trte_mb();\n+\n+\treturn w7.u64;\n+}\n+\n+static int\n+cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt,\n+\t\t\t   struct rte_security_ipsec_xform *ipsec_xfrm,\n+\t\t\t   struct rte_crypto_sym_xform *crypto_xfrm,\n+\t\t\t   struct rte_security_session *sec_sess)\n+{\n+\tstruct roc_ot_ipsec_outb_sa *out_sa;\n+\tstruct cnxk_ipsec_outb_rlens rlens;\n+\tstruct cn10k_sec_session *sess;\n+\tstruct cn10k_ipsec_sa *sa;\n+\tunion cpt_inst_w4 inst_w4;\n+\tint ret;\n+\n+\tsess = get_sec_session_private_data(sec_sess);\n+\tsa = &sess->sa;\n+\tout_sa = &sa->out_sa;\n+\n+\tmemset(out_sa, 0, sizeof(struct roc_ot_ipsec_outb_sa));\n+\n+\t/* Translate security parameters to SA */\n+\tret = cnxk_ot_ipsec_outb_sa_fill(out_sa, ipsec_xfrm, crypto_xfrm);\n+\tif (ret)\n+\t\treturn ret;\n+\n+\tsa->inst.w7 = ipsec_cpt_inst_w7_get(roc_cpt, sa);\n+\n+\t/* Get Rlen calculation data */\n+\tret = cnxk_ipsec_outb_rlens_get(&rlens, ipsec_xfrm, crypto_xfrm);\n+\tif (ret)\n+\t\treturn ret;\n+\n+\tsa->partial_len = rlens.partial_len;\n+\tsa->roundup_byte = rlens.roundup_byte;\n+\tsa->roundup_len = rlens.roundup_len;\n+\n+\t/* pre-populate CPT INST word 4 */\n+\tinst_w4.u64 = 0;\n+\tinst_w4.s.opcode_major = ROC_IE_OT_MAJOR_OP_PROCESS_OUTBOUND_IPSEC;\n+\tinst_w4.s.param1 = 0;\n+\tsa->inst.w4 = inst_w4.u64;\n+\n+\treturn 0;\n+}\n+\n+static int\n+cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt,\n+\t\t\t  struct rte_security_ipsec_xform *ipsec_xfrm,\n+\t\t\t  struct rte_crypto_sym_xform *crypto_xfrm,\n+\t\t\t  struct rte_security_session *sec_sess)\n+{\n+\tstruct roc_ot_ipsec_inb_sa *in_sa;\n+\tstruct cn10k_sec_session *sess;\n+\tstruct cn10k_ipsec_sa *sa;\n+\tunion cpt_inst_w4 inst_w4;\n+\tint ret;\n+\n+\tsess = get_sec_session_private_data(sec_sess);\n+\tsa = &sess->sa;\n+\tin_sa = &sa->in_sa;\n+\n+\t/* Translate security parameters to SA */\n+\tret = cnxk_ot_ipsec_inb_sa_fill(in_sa, ipsec_xfrm, crypto_xfrm);\n+\tif (ret)\n+\t\treturn ret;\n+\n+\t/* TODO add support for antireplay */\n+\tsa->in_sa.w0.s.ar_win = 0;\n+\n+\t/* TODO add support for udp encap */\n+\n+\tsa->inst.w7 = ipsec_cpt_inst_w7_get(roc_cpt, sa);\n+\n+\t/* pre-populate CPT INST word 4 */\n+\tinst_w4.u64 = 0;\n+\tinst_w4.s.opcode_major = ROC_IE_OT_MAJOR_OP_PROCESS_INBOUND_IPSEC;\n+\n+\t/* Disable checksum verification for now */\n+\tinst_w4.s.param1 = 7;\n+\tsa->inst.w4 = inst_w4.u64;\n+\n+\treturn 0;\n+}\n+\n+static int\n+cn10k_ipsec_session_create(void *dev,\n+\t\t\t   struct rte_security_ipsec_xform *ipsec_xfrm,\n+\t\t\t   struct rte_crypto_sym_xform *crypto_xfrm,\n+\t\t\t   struct rte_security_session *sess)\n+{\n+\tstruct rte_cryptodev *crypto_dev = dev;\n+\tstruct roc_cpt *roc_cpt;\n+\tstruct cnxk_cpt_vf *vf;\n+\tint ret;\n+\n+\tvf = crypto_dev->data->dev_private;\n+\troc_cpt = &vf->cpt;\n+\n+\tif (crypto_dev->data->queue_pairs[0] == NULL) {\n+\t\tplt_err(\"Setup cpt queue pair before creating security session\");\n+\t\treturn -EPERM;\n+\t}\n+\n+\tret = cn10k_ipsec_xform_verify(ipsec_xfrm, crypto_xfrm);\n+\tif (ret)\n+\t\treturn ret;\n+\n+\tif (ipsec_xfrm->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS)\n+\t\treturn cn10k_ipsec_inb_sa_create(roc_cpt, ipsec_xfrm,\n+\t\t\t\t\t\t crypto_xfrm, sess);\n+\telse\n+\t\treturn cn10k_ipsec_outb_sa_create(roc_cpt, ipsec_xfrm,\n+\t\t\t\t\t\t  crypto_xfrm, sess);\n+}\n+\n+static int\n+cn10k_sec_session_create(void *device, struct rte_security_session_conf *conf,\n+\t\t\t struct rte_security_session *sess,\n+\t\t\t struct rte_mempool *mempool)\n+{\n+\tstruct cn10k_sec_session *priv;\n+\tint ret;\n+\n+\tif (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)\n+\t\treturn -EINVAL;\n+\n+\tif (rte_security_dynfield_register() < 0)\n+\t\treturn -ENOTSUP;\n+\n+\tif (rte_mempool_get(mempool, (void **)&priv)) {\n+\t\tplt_err(\"Could not allocate security session private data\");\n+\t\treturn -ENOMEM;\n+\t}\n+\n+\tset_sec_session_private_data(sess, priv);\n+\n+\tpriv->userdata = conf->userdata;\n+\n+\tif (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC) {\n+\t\tret = -ENOTSUP;\n+\t\tgoto mempool_put;\n+\t}\n+\tret = cn10k_ipsec_session_create(device, &conf->ipsec,\n+\t\t\t\t\t conf->crypto_xform, sess);\n+\tif (ret)\n+\t\tgoto mempool_put;\n+\n+\treturn 0;\n+\n+mempool_put:\n+\trte_mempool_put(mempool, priv);\n+\tset_sec_session_private_data(sess, NULL);\n+\treturn ret;\n+}\n+\n+static int\n+cn10k_sec_session_destroy(void *device __rte_unused,\n+\t\t\t  struct rte_security_session *sess)\n+{\n+\tstruct cn10k_sec_session *priv;\n+\tstruct rte_mempool *sess_mp;\n+\n+\tpriv = get_sec_session_private_data(sess);\n+\n+\tif (priv == NULL)\n+\t\treturn 0;\n+\n+\tsess_mp = rte_mempool_from_obj(priv);\n+\n+\tset_sec_session_private_data(sess, NULL);\n+\trte_mempool_put(sess_mp, priv);\n+\n+\treturn 0;\n+}\n+\n+static unsigned int\n+cn10k_sec_session_get_size(void *device __rte_unused)\n+{\n+\treturn sizeof(struct cn10k_sec_session);\n+}\n+\n+/* Update platform specific security ops */\n+void\n+cn10k_sec_ops_override(void)\n+{\n+\t/* Update platform specific ops */\n+\tcnxk_sec_ops.session_create = cn10k_sec_session_create;\n+\tcnxk_sec_ops.session_destroy = cn10k_sec_session_destroy;\n+\tcnxk_sec_ops.session_get_size = cn10k_sec_session_get_size;\n+}\ndiff --git a/drivers/crypto/cnxk/cn10k_ipsec.h b/drivers/crypto/cnxk/cn10k_ipsec.h\nnew file mode 100644\nindex 0000000..668282f\n--- /dev/null\n+++ b/drivers/crypto/cnxk/cn10k_ipsec.h\n@@ -0,0 +1,36 @@\n+/* SPDX-License-Identifier: BSD-3-Clause\n+ * Copyright(C) 2021 Marvell.\n+ */\n+\n+#ifndef __CN10K_IPSEC_H__\n+#define __CN10K_IPSEC_H__\n+\n+#include <rte_security.h>\n+\n+#include \"cnxk_ipsec.h\"\n+\n+#define CN10K_IPSEC_SA_CTX_HDR_SIZE 1\n+\n+struct cn10k_ipsec_sa {\n+\tunion {\n+\t\t/** Inbound SA */\n+\t\tstruct roc_ot_ipsec_inb_sa in_sa;\n+\t\t/** Outbound SA */\n+\t\tstruct roc_ot_ipsec_outb_sa out_sa;\n+\t};\n+\t/** Pre-populated CPT inst words */\n+\tstruct cnxk_cpt_inst_tmpl inst;\n+\tuint8_t partial_len;\n+\tuint8_t roundup_len;\n+\tuint8_t roundup_byte;\n+};\n+\n+struct cn10k_sec_session {\n+\tstruct cn10k_ipsec_sa sa;\n+\tvoid *userdata;\n+\t/**< Userdata registered by the application */\n+} __rte_cache_aligned;\n+\n+void cn10k_sec_ops_override(void);\n+\n+#endif /* __CN10K_IPSEC_H__ */\ndiff --git a/drivers/crypto/cnxk/cnxk_ipsec.h b/drivers/crypto/cnxk/cnxk_ipsec.h\nnew file mode 100644\nindex 0000000..f6897a0\n--- /dev/null\n+++ b/drivers/crypto/cnxk/cnxk_ipsec.h\n@@ -0,0 +1,20 @@\n+/* SPDX-License-Identifier: BSD-3-Clause\n+ * Copyright(C) 2021 Marvell.\n+ */\n+#ifndef __CNXK_IPSEC_H__\n+#define __CNXK_IPSEC_H__\n+\n+#include <rte_security.h>\n+#include <rte_security_driver.h>\n+\n+#include \"roc_api.h\"\n+\n+extern struct rte_security_ops cnxk_sec_ops;\n+\n+struct cnxk_cpt_inst_tmpl {\n+\tuint64_t w2;\n+\tuint64_t w4;\n+\tuint64_t w7;\n+};\n+\n+#endif /* __CNXK_IPSEC_H__ */\ndiff --git a/drivers/crypto/cnxk/meson.build b/drivers/crypto/cnxk/meson.build\nindex a2b461e..c56d6cf 100644\n--- a/drivers/crypto/cnxk/meson.build\n+++ b/drivers/crypto/cnxk/meson.build\n@@ -13,6 +13,7 @@ sources = files(\n         'cn9k_cryptodev_ops.c',\n         'cn10k_cryptodev.c',\n         'cn10k_cryptodev_ops.c',\n+        'cn10k_ipsec.c',\n         'cnxk_cryptodev.c',\n         'cnxk_cryptodev_capabilities.c',\n         'cnxk_cryptodev_ops.c',\n@@ -20,3 +21,5 @@ sources = files(\n )\n \n deps += ['bus_pci', 'common_cnxk', 'security']\n+\n+includes += include_directories('../../../lib/net')\n",
    "prefixes": [
        "v2",
        "2/4"
    ]
}