X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;ds=sidebyside;f=src%2Fplugins%2Fdpdk%2Fipsec%2Fipsec.c;h=8837756554f5827ae48484307e472f48a76f3069;hb=7ec120e8dd8ab366fab27eca4e6402f213e24cc8;hp=520708476a8476dbe5ec0bef65924819e70d2937;hpb=35467f112acb21fe1ea287c7d8794b0859f149c0;p=vpp.git

diff --git a/src/plugins/dpdk/ipsec/ipsec.c b/src/plugins/dpdk/ipsec/ipsec.c
index 520708476a8..8837756554f 100644
--- a/src/plugins/dpdk/ipsec/ipsec.c
+++ b/src/plugins/dpdk/ipsec/ipsec.c
@@ -252,13 +252,13 @@ crypto_set_aead_xform (struct rte_crypto_sym_xform *xform,
 
   xform->type = RTE_CRYPTO_SYM_XFORM_AEAD;
   xform->aead.algo = c->alg;
-  xform->aead.key.data = sa->crypto_key;
+  xform->aead.key.data = sa->crypto_key.data;
   xform->aead.key.length = c->key_len;
   xform->aead.iv.offset =
     crypto_op_get_priv_offset () + offsetof (dpdk_op_priv_t, cb);
   xform->aead.iv.length = 12;
   xform->aead.digest_length = c->trunc_size;
-  xform->aead.aad_length = sa->use_esn ? 12 : 8;
+  xform->aead.aad_length = ipsec_sa_is_set_USE_ESN (sa) ? 12 : 8;
   xform->next = NULL;
 
   if (is_outbound)
@@ -280,7 +280,7 @@ crypto_set_cipher_xform (struct rte_crypto_sym_xform *xform,
 
   xform->type = RTE_CRYPTO_SYM_XFORM_CIPHER;
   xform->cipher.algo = c->alg;
-  xform->cipher.key.data = sa->crypto_key;
+  xform->cipher.key.data = sa->crypto_key.data;
   xform->cipher.key.length = c->key_len;
   xform->cipher.iv.offset =
     crypto_op_get_priv_offset () + offsetof (dpdk_op_priv_t, cb);
@@ -306,7 +306,7 @@ crypto_set_auth_xform (struct rte_crypto_sym_xform *xform,
 
   xform->type = RTE_CRYPTO_SYM_XFORM_AUTH;
   xform->auth.algo = a->alg;
-  xform->auth.key.data = sa->integ_key;
+  xform->auth.key.data = sa->integ_key.data;
   xform->auth.key.length = a->key_len;
   xform->auth.digest_length = a->trunc_size;
   xform->next = NULL;
@@ -331,7 +331,7 @@ create_sym_session (struct rte_cryptodev_sym_session **session,
   struct rte_crypto_sym_xform auth_xform = { 0 };
   struct rte_crypto_sym_xform *xfs;
   struct rte_cryptodev_sym_session **s;
-  clib_error_t *erorr = 0;
+  clib_error_t *error = 0;
 
 
   sa = pool_elt_at_index (im->sad, sa_idx);
@@ -376,7 +376,7 @@ create_sym_session (struct rte_cryptodev_sym_session **session,
       if (!session[0])
 	{
 	  data->session_h_failed += 1;
-	  erorr = clib_error_return (0, "failed to create session header");
+	  error = clib_error_return (0, "failed to create session header");
 	  goto done;
 	}
       hash_set (data->session_by_sa_index, sa_idx, session[0]);
@@ -393,7 +393,7 @@ create_sym_session (struct rte_cryptodev_sym_session **session,
   if (ret)
     {
       data->session_drv_failed[res->drv_id] += 1;
-      erorr = clib_error_return (0, "failed to init session for drv %u",
+      error = clib_error_return (0, "failed to init session for drv %u",
 				 res->drv_id);
       goto done;
     }
@@ -402,7 +402,7 @@ create_sym_session (struct rte_cryptodev_sym_session **session,
 
 done:
   clib_spinlock_unlock_if_init (&data->lockp);
-  return erorr;
+  return error;
 }
 
 static void __attribute__ ((unused)) clear_and_free_obj (void *obj)
@@ -419,7 +419,14 @@ static inline void *
 get_session_private_data (const struct rte_cryptodev_sym_session *sess,
 			  uint8_t driver_id)
 {
+#if RTE_VERSION < RTE_VERSION_NUM(19, 2, 0, 0)
   return sess->sess_private_data[driver_id];
+#else
+  if (unlikely (sess->nb_drivers <= driver_id))
+    return 0;
+
+  return sess->sess_data[driver_id].data;
+#endif
 }
 
 /* This is from rte_cryptodev_pmd.h */
@@ -427,7 +434,13 @@ static inline void
 set_session_private_data (struct rte_cryptodev_sym_session *sess,
 			  uint8_t driver_id, void *private_data)
 {
+#if RTE_VERSION < RTE_VERSION_NUM(19, 2, 0, 0)
   sess->sess_private_data[driver_id] = private_data;
+#else
+  if (unlikely (sess->nb_drivers <= driver_id))
+    return;
+  sess->sess_data[driver_id].data = private_data;
+#endif
 }
 
 static clib_error_t *
@@ -481,7 +494,6 @@ dpdk_crypto_session_disposal (crypto_session_disposal_t * v, u64 ts)
 static clib_error_t *
 add_del_sa_session (u32 sa_index, u8 is_add)
 {
-  ipsec_main_t *im = &ipsec_main;
   dpdk_crypto_main_t *dcm = &dpdk_crypto_main;
   crypto_data_t *data;
   struct rte_cryptodev_sym_session *s;
@@ -489,24 +501,7 @@ add_del_sa_session (u32 sa_index, u8 is_add)
   u32 drv_id;
 
   if (is_add)
-    {
-#if 1
-      ipsec_sa_t *sa = pool_elt_at_index (im->sad, sa_index);
-      u32 seed;
-      switch (sa->crypto_alg)
-	{
-	case IPSEC_CRYPTO_ALG_AES_GCM_128:
-	case IPSEC_CRYPTO_ALG_AES_GCM_192:
-	case IPSEC_CRYPTO_ALG_AES_GCM_256:
-	  clib_memcpy (&sa->salt, &sa->crypto_key[sa->crypto_key_len - 4], 4);
-	  break;
-	default:
-	  seed = (u32) clib_cpu_time_now ();
-	  sa->salt = random_u32 (&seed);
-	}
-#endif
-      return 0;
-    }
+    return 0;
 
   /* *INDENT-OFF* */
   vec_foreach (data, dcm->data)
@@ -625,14 +620,11 @@ crypto_parse_capabilities (crypto_dev_t * dev,
     }
 }
 
-#define DPDK_CRYPTO_N_QUEUE_DESC  2048
-#define DPDK_CRYPTO_NB_SESS_OBJS  20000
-
 static clib_error_t *
 crypto_dev_conf (u8 dev, u16 n_qp, u8 numa)
 {
-  struct rte_cryptodev_config dev_conf;
-  struct rte_cryptodev_qp_conf qp_conf;
+  struct rte_cryptodev_config dev_conf = { 0 };
+  struct rte_cryptodev_qp_conf qp_conf = { 0 };
   i32 ret;
   u16 qp;
   char *error_str;
@@ -649,7 +641,11 @@ crypto_dev_conf (u8 dev, u16 n_qp, u8 numa)
   qp_conf.nb_descriptors = DPDK_CRYPTO_N_QUEUE_DESC;
   for (qp = 0; qp < n_qp; qp++)
     {
+#if RTE_VERSION < RTE_VERSION_NUM(19, 2, 0, 0)
       ret = rte_cryptodev_queue_pair_setup (dev, qp, &qp_conf, numa, NULL);
+#else
+      ret = rte_cryptodev_queue_pair_setup (dev, qp, &qp_conf, numa);
+#endif
       if (ret < 0)
 	return clib_error_return (0, error_str, dev, qp);
     }
@@ -666,7 +662,7 @@ crypto_scan_devs (u32 n_mains)
 {
   dpdk_crypto_main_t *dcm = &dpdk_crypto_main;
   struct rte_cryptodev *cryptodev;
-  struct rte_cryptodev_info info;
+  struct rte_cryptodev_info info = { 0 };
   crypto_dev_t *dev;
   crypto_resource_t *res;
   clib_error_t *error;
@@ -878,10 +874,15 @@ crypto_create_session_h_pool (vlib_main_t * vm, u8 numa)
 
   elt_size = rte_cryptodev_sym_get_header_session_size ();
 
-  mp =
-    rte_mempool_create ((char *) pool_name, DPDK_CRYPTO_NB_SESS_OBJS,
-			elt_size, 512, 0, NULL, NULL, NULL, NULL, numa, 0);
-
+#if RTE_VERSION < RTE_VERSION_NUM(19, 2, 0, 0)
+  mp = rte_mempool_create ((char *) pool_name, DPDK_CRYPTO_NB_SESS_OBJS,
+			   elt_size, 512, 0, NULL, NULL, NULL, NULL, numa, 0);
+#else
+  /* XXX Experimental tag in DPDK 19.02 */
+  mp = rte_cryptodev_sym_session_pool_create ((char *) pool_name,
+					      DPDK_CRYPTO_NB_SESS_OBJS,
+					      elt_size, 512, 0, numa);
+#endif
   vec_free (pool_name);
 
   if (!mp)
@@ -1046,8 +1047,12 @@ dpdk_ipsec_process (vlib_main_t * vm, vlib_node_runtime_t * rt,
 
   u32 idx = ipsec_register_esp_backend (vm, im, "dpdk backend",
 					"dpdk-esp4-encrypt",
+					"dpdk-esp4-encrypt-tun",
+					"dpdk-esp4-decrypt",
 					"dpdk-esp4-decrypt",
 					"dpdk-esp6-encrypt",
+					"dpdk-esp6-encrypt-tun",
+					"dpdk-esp6-decrypt",
 					"dpdk-esp6-decrypt",
 					dpdk_ipsec_check_support,
 					add_del_sa_session);