From patchwork Tue Sep 26 02:49:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chaoyong He X-Patchwork-Id: 131904 X-Patchwork-Delegate: ferruh.yigit@amd.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 8C0234263C; Tue, 26 Sep 2023 04:51:14 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 1AD2540648; Tue, 26 Sep 2023 04:50:42 +0200 (CEST) Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2135.outbound.protection.outlook.com [40.107.243.135]) by mails.dpdk.org (Postfix) with ESMTP id 664BB402D9 for ; Tue, 26 Sep 2023 04:50:40 +0200 (CEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=C+VmWM9910Jebd43a8Uh0rKbOq/sM2EXNmiNsWIXpAzNW+lwc2v3wE3YqzId8Xr+OsSb9URjhQVRQ+73Wd6Iwpeusxd6lIAgM5/+UH8jHpjxigEbVA/E9RK379vn1UrNluQkwTZdH+YaHof/BwBBwKzdzv8TxTAciTCVA9X5iyabwvHI9aTHaHNDzPuR6TozxizRD+ZwvrLTbSxUndwPgnznA4KybWVYjrcZi5zwgX266l4MwwT32/REFqVxhzRq8bj5UDp4/8EtJqJ+rAex8KbRYx03KGIniDCS9f31Fbifj4Wt31i+h3Kyztq5TonRk0SHS2Kyu/Vt61ZcObPksA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4tz4U4S6gmdC757ciSCiwmY6o/+MCbGN3GJ4TfqNVng=; b=R+Jog2bvF5wvUU5DNvWcHS9WHVS3bC0uTUkaAgc+/d1Mi90XxFcZeMTGc2LhzCL0MYIFR1yuZnqAuj3Q6T/33st8lpMZ9iuh4gzciG8nfSvM5qMpG+8ypDMGoeDtEsswbj+5n4OVX6XXSIqwc2ZYbnrxNJQXUVcMsQUGqIGu8Cm1R4Lo8ues7w5mzGhgxi1isVhMj7UDdL1kSFkaY3BToeNyGvuXqgenaAfjnYopYUPR/kEkKgjSmIcrbHAw8B/jc/BdUnextsmjXzdNXxQhei3OmypJvTkG0CxhqYRZk5qXzSSxxxaZr2nJqwvB/bzEWNmY5gmDAkGq+VRt8Qotyg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=corigine.com; dmarc=pass action=none header.from=corigine.com; dkim=pass header.d=corigine.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=corigine.onmicrosoft.com; s=selector2-corigine-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4tz4U4S6gmdC757ciSCiwmY6o/+MCbGN3GJ4TfqNVng=; b=bcO3qaN16sTTeh5Nzb6xLlRRQEkWCx1pu2Xk3vxCUPbAy+A2x4ZYqB10jpubiiXVJNwhTKjkV8ocQnC5K1cTKlnNxmzn8GMIZI6VjbQwBbsmPIqB3VsADgpQowKf5kKUFg95jTIMm5CKoSXwhHTh7U87IbyJF2m4iWfB/LBp2Ew= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=corigine.com; Received: from PH0PR13MB5568.namprd13.prod.outlook.com (2603:10b6:510:12b::16) by SA3PR13MB6516.namprd13.prod.outlook.com (2603:10b6:806:39c::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6792.27; Tue, 26 Sep 2023 02:50:38 +0000 Received: from PH0PR13MB5568.namprd13.prod.outlook.com ([fe80::b070:92e1:931e:fee7]) by PH0PR13MB5568.namprd13.prod.outlook.com ([fe80::b070:92e1:931e:fee7%4]) with mapi id 15.20.6792.026; Tue, 26 Sep 2023 02:50:38 +0000 From: Chaoyong He To: dev@dpdk.org Cc: oss-drivers@corigine.com, Shihong Wang , Chaoyong He Subject: [PATCH v2 05/10] net/nfp: get security capabilities and session size Date: Tue, 26 Sep 2023 10:49:54 +0800 Message-Id: <20230926024959.207098-6-chaoyong.he@corigine.com> X-Mailer: git-send-email 2.39.1 In-Reply-To: <20230926024959.207098-1-chaoyong.he@corigine.com> References: <20230925060644.1458598-1-chaoyong.he@corigine.com> <20230926024959.207098-1-chaoyong.he@corigine.com> X-ClientProxiedBy: BYAPR05CA0020.namprd05.prod.outlook.com (2603:10b6:a03:c0::33) To PH0PR13MB5568.namprd13.prod.outlook.com (2603:10b6:510:12b::16) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: PH0PR13MB5568:EE_|SA3PR13MB6516:EE_ X-MS-Office365-Filtering-Correlation-Id: 6b47c348-0436-4e49-d87f-08dbbe3b5d96 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: N0cadv2cdQUyT+l9AEeBFNVCrFsKGI7BfNawMmGjbRk4rov1oGglQ4MAYk0uRPjNXU4rO+M0ikiPlfqWAGbQZ1Nitht6gWPAHpWj6WLwH9rNr04zm2Kq4ZERzBo7wbMmYJcwMQDtcv+zVBuTKm0VZRXUgp/147AkKzRK9Ot6Xqhe7kQyZRM88nHRuC7ccLJbTMcRTSWC2oVoe8EwlaocwgmoDX3etvIQzlUEkPY65+o+8C8RVNIYRo+2hyC4yUGq8F0DXBW4jZwhwUm1I3WPRzKOa3SWNT/ANPm/jZP2JjAMrsRLBGMkj0zoZIXKdnXV0XGpC3oECHR/gFMI0tosCJltwRtCY1MBldf0g+tr+pmYHt/XYuM81GucskVLX98c80hqdyWd6iDxdqCxpuGMPoiQ6KLhOHXkmzGMSJH/jxm9zzxr4FS3KEreG1t7G/FqTpKffVRaD/dteSmvhN0VYKBOzUS2OW5PvT0AZQCJKnDNe52TPTsucPy/PdtKmcOeLDaqHfemA+GYUUfzx+zwmwpt6lH5e0yVQclU91Yw57ZHoqDXDyzWlbTnZAUJ3SXa55uWpNIfs44x8X9YtOWndt5Y9pq4x66oAWgsqXD0BJyav9mvnYUn37U3odqtOV4JMGIzKC+5Ke5iPpsHkPz7vZs/XhINK8u4+KtQFr/KlIk= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR13MB5568.namprd13.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(39830400003)(136003)(366004)(346002)(396003)(376002)(230922051799003)(1800799009)(451199024)(186009)(4326008)(83380400001)(2616005)(6486002)(6506007)(52116002)(478600001)(6666004)(86362001)(36756003)(38100700002)(1076003)(26005)(66476007)(8936002)(66556008)(6916009)(6512007)(2906002)(15650500001)(38350700002)(66946007)(41300700001)(107886003)(316002)(44832011)(8676002)(5660300002)(54906003); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: rJJw93B9wTuh5FRLAyh7HcaQzvony5FiHHSJ7HiAxMVb6/prt1S/+hJT6u/8hz55Hqh8Rwc5CcoM8pj9hh484K4rAvPYQVTpHyf2zpcK8bjhrjBYl9bfAgEKAwcHMzHcgX3RMrMJNqSH3MTHelF/N7Z7e+joyVRVpVzCWiXRtkghANaK9CVAHkMqU1ISRkcW39GdfpAhw7qJmtUvLuxQFI+mPTWvWGdYulZcHaJBHoX5J68IdVkcVzqTVEg2hbuu0thj/Oj+kkFDYOTwgvK4GNo2WNAQ/RRkUnPkDra5heecTF8MM/onqYc5F5ulnHArwglLIivHO4GU1cnc8DwnLbTFZPOiiZyTUt6a4LkXt+QUc2MdUMo3LfBvnUgFrhfwgiSYBlNcJKUfUSDqbnYKEn5vphbzMXiKMdC+LoDRcSTrZ0q8HuBJcyzqjmornIxdWwOyz6wb2x2fbU+gfhaAVC7SP1y0eiKvUR1TcXY7z64MEdjYEqpEr623GgSEzwacovKUDiTwJiu9WP7kmzwu2YF+dvm55o9rgZmxROhif2IQmS48dAdGWpfomLBSrbDeHWbpsdy3Duu+S7nfV0DSpnsb5UT+a6iJal7DWJv5BmW4rgU723m6yWeCSavEwRHPPDjd766D7O4kC2qwzlzdGBMEvedJ1syzyocUU/RpUiSkQ9WbU9bCFJ/R7xy5Tw9fPYO37bvoeJ9TQjNyBDP0i4iu/UsjkOJleD6jARuXnSBuDCf2OCNL6emXvvKe1iYhQWddsJKTnnrep7/JpGvZqbKIK/uuMQMGm3woM7B+/zpFZm6y7WJBBJtE4E2Xh0c/PJBHjwTK9gRAEIDJDRzJDMlk+ivvHbsyIGvp/zKXfMaS2EMpAUtLzWlz8FlXYVFxY5cn1k0eL3UEcUciewT5FegG0zzPflax3Oh7d5MWShnzN2M7oOalj3pTtEQnNwYG6l9VxrMiE4Q6w40AETywg7vA4OVvt7PfIrLsZMS5ZtZslYS1hmUYCoACoU3puPmJ6Jc+DER7W1aNDoCc3m2gpULCNkTr9SH73XbXZWbEYI0jqqucoSB7MUryuWl/meViTLRAYnqO0c8isfVzctHrvlxYmy57lsWZWmyvvpeQh5NXJveF9+dWg8IQDwDQlkScxpbL8ZctyjqtZGezzz8j5pVv/gDIl5ka4THXDN93BKN2+RmN7FCI1Wbm9FTpsC0ob7zJlNiU1qsXeYQ1DaMdjflK9en8y+b9xJ1x3XeKujmBLK5EuldOzu+2h/ylX88wUL6K9BEEcplOpUj2iDSU5Kh51FbO2zvZNNWppPMPUMXdpqY4A6ZCF7HP3f7PGtL5tv2mXUnZ6B4uCT7x2aGzkiiPT53i35HXYoAbIydf679kg9WDYHPSwMoMklC9u+iqESEENe7Z7FPb/sByqZxQsJ7EuXwKZFeOOHDG59PxiPGizuVc7uxa6C6hiQZiHa+1reArO1hnXCSqpMnap2jRVRd2FMvzu2OrUi0dTUh1FAOBn7c1h4EUcLejkJoBf+FwMugcUufxF3R+uO+A/lYeLHpXcBXPG3DvfW+HblbawOxRMOdIoz0WUgT8AMMCEitYUhXJ59pg6uugsprfUQWGmw== X-OriginatorOrg: corigine.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6b47c348-0436-4e49-d87f-08dbbe3b5d96 X-MS-Exchange-CrossTenant-AuthSource: PH0PR13MB5568.namprd13.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Sep 2023 02:50:38.8740 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: fe128f2c-073b-4c20-818e-7246a585940c X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: p14Fy7a/S907c0SRnn9d27/JWtoweWBh6ILx5DTOCZU4fdLrH4/VjaR1oEqyBh3ZzwKpzKuHbh7Rknv/ev4d+L1X2d0t8gg3M9S0H8XYcJY= X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA3PR13MB6516 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org From: Shihong Wang Add full protocol offload as well as inline crypto IPsec capabilities and return these for rte_security. Return size of security session for rte_security. Signed-off-by: Shihong Wang Reviewed-by: Chaoyong He --- drivers/net/nfp/nfp_ipsec.c | 357 +++++++++++++++++++++++++++++++++++- 1 file changed, 356 insertions(+), 1 deletion(-) diff --git a/drivers/net/nfp/nfp_ipsec.c b/drivers/net/nfp/nfp_ipsec.c index f16ce97703..51770def9d 100644 --- a/drivers/net/nfp/nfp_ipsec.c +++ b/drivers/net/nfp/nfp_ipsec.c @@ -5,6 +5,7 @@ #include "nfp_ipsec.h" +#include #include #include @@ -16,7 +17,361 @@ #include "nfp_logs.h" #include "nfp_rxtx.h" -static const struct rte_security_ops nfp_security_ops; +static const struct rte_cryptodev_capabilities nfp_crypto_caps[] = { + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .algo = RTE_CRYPTO_AUTH_MD5_HMAC, + .block_size = 64, + .key_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .digest_size = { + .min = 12, + .max = 16, + .increment = 4 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .algo = RTE_CRYPTO_AUTH_SHA1_HMAC, + .block_size = 64, + .key_size = { + .min = 20, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 10, + .max = 12, + .increment = 2 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, + .block_size = 64, + .key_size = { + .min = 32, + .max = 32, + .increment = 0 + }, + .digest_size = { + .min = 12, + .max = 16, + .increment = 4 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .algo = RTE_CRYPTO_AUTH_SHA384_HMAC, + .block_size = 128, + .key_size = { + .min = 48, + .max = 48, + .increment = 0 + }, + .digest_size = { + .min = 12, + .max = 24, + .increment = 12 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .algo = RTE_CRYPTO_AUTH_SHA512_HMAC, + .block_size = 128, + .key_size = { + .min = 64, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 12, + .max = 32, + .increment = 4 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .cipher = { + .algo = RTE_CRYPTO_CIPHER_3DES_CBC, + .block_size = 8, + .key_size = { + .min = 24, + .max = 24, + .increment = 0 + }, + .iv_size = { + .min = 8, + .max = 16, + .increment = 8 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .cipher = { + .algo = RTE_CRYPTO_CIPHER_AES_CBC, + .block_size = 16, + .key_size = { + .min = 16, + .max = 32, + .increment = 8 + }, + .iv_size = { + .min = 8, + .max = 16, + .increment = 8 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD, + .aead = { + .algo = RTE_CRYPTO_AEAD_AES_GCM, + .block_size = 16, + .key_size = { + .min = 16, + .max = 32, + .increment = 8 + }, + .digest_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .aad_size = { + .min = 0, + .max = 1024, + .increment = 1 + }, + .iv_size = { + .min = 8, + .max = 16, + .increment = 4 + } + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD, + .aead = { + .algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305, + .block_size = 16, + .key_size = { + .min = 32, + .max = 32, + .increment = 0 + }, + .digest_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .aad_size = { + .min = 0, + .max = 1024, + .increment = 1 + }, + .iv_size = { + .min = 8, + .max = 16, + .increment = 4 + } + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_UNDEFINED, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_NOT_SPECIFIED + }, + } +}; + +static const struct rte_security_capability nfp_security_caps[] = { + { /* IPsec Inline Crypto Tunnel Egress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps + }, + { /* IPsec Inline Crypto Tunnel Ingress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps, + .ol_flags = RTE_SECURITY_TX_OLOAD_NEED_MDATA + }, + { /* IPsec Inline Crypto Transport Egress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps + }, + { /* IPsec Inline Crypto Transport Ingress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT, + .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps, + .ol_flags = RTE_SECURITY_TX_OLOAD_NEED_MDATA + }, + { /* IPsec Inline Protocol Tunnel Egress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps + }, + { /* IPsec Inline Protocol Tunnel Ingress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps, + .ol_flags = RTE_SECURITY_TX_OLOAD_NEED_MDATA + }, + { /* IPsec Inline Protocol Transport Egress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps + }, + { /* IPsec Inline Protocol Transport Ingress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT, + .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps, + .ol_flags = RTE_SECURITY_TX_OLOAD_NEED_MDATA + }, + { + .action = RTE_SECURITY_ACTION_TYPE_NONE + } +}; + +static const struct rte_security_capability * +nfp_crypto_capabilities_get(void *device __rte_unused) +{ + return nfp_security_caps; +} + +static uint32_t +nfp_security_session_get_size(void *device __rte_unused) +{ + return sizeof(struct nfp_ipsec_session); +} + +static const struct rte_security_ops nfp_security_ops = { + .session_get_size = nfp_security_session_get_size, + .capabilities_get = nfp_crypto_capabilities_get, +}; static int nfp_ipsec_ctx_create(struct rte_eth_dev *dev,