lib/librte_security/rte_security.c

   1 /*-
   2  *   BSD LICENSE
   3  *
   4  *   Copyright 2017 NXP.
   5  *   Copyright(c) 2017 Intel Corporation. All rights reserved.
   6  *
   7  *   Redistribution and use in source and binary forms, with or without
   8  *   modification, are permitted provided that the following conditions
   9  *   are met:
  10  *
  11  *     * Redistributions of source code must retain the above copyright
  12  *       notice, this list of conditions and the following disclaimer.
  13  *     * Redistributions in binary form must reproduce the above copyright
  14  *       notice, this list of conditions and the following disclaimer in
  15  *       the documentation and/or other materials provided with the
  16  *       distribution.
  17  *     * Neither the name of NXP nor the names of its
  18  *       contributors may be used to endorse or promote products derived
  19  *       from this software without specific prior written permission.
  20  *
  21  *   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  22  *   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  23  *   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  24  *   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  25  *   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  26  *   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  27  *   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  28  *   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  29  *   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  30  *   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  31  *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  32  */
  33
  34 #include <rte_malloc.h>
  35 #include <rte_dev.h>
  36 #include "rte_compat.h"
  37 #include "rte_security.h"
  38 #include "rte_security_driver.h"
  39
  40 struct rte_security_session *
  41 __rte_experimental rte_security_session_create(struct rte_security_ctx *instance,
  42                             struct rte_security_session_conf *conf,
  43                             struct rte_mempool *mp)
  44 {
  45         struct rte_security_session *sess = NULL;
  46
  47         if (conf == NULL)
  48                 return NULL;
  49
  50         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_create, NULL);
  51
  52         if (rte_mempool_get(mp, (void **)&sess))
  53                 return NULL;
  54
  55         if (instance->ops->session_create(instance->device, conf, sess, mp)) {
  56                 rte_mempool_put(mp, (void *)sess);
  57                 return NULL;
  58         }
  59         instance->sess_cnt++;
  60
  61         return sess;
  62 }
  63
  64 int __rte_experimental
  65 rte_security_session_update(struct rte_security_ctx *instance,
  66                             struct rte_security_session *sess,
  67                             struct rte_security_session_conf *conf)
  68 {
  69         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_update, -ENOTSUP);
  70         return instance->ops->session_update(instance->device, sess, conf);
  71 }
  72
  73 unsigned int __rte_experimental
  74 rte_security_session_get_size(struct rte_security_ctx *instance)
  75 {
  76         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_get_size, 0);
  77         return instance->ops->session_get_size(instance->device);
  78 }
  79
  80 int __rte_experimental
  81 rte_security_session_stats_get(struct rte_security_ctx *instance,
  82                                struct rte_security_session *sess,
  83                                struct rte_security_stats *stats)
  84 {
  85         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_stats_get, -ENOTSUP);
  86         return instance->ops->session_stats_get(instance->device, sess, stats);
  87 }
  88
  89 int __rte_experimental
  90 rte_security_session_destroy(struct rte_security_ctx *instance,
  91                              struct rte_security_session *sess)
  92 {
  93         int ret;
  94         struct rte_mempool *mp = rte_mempool_from_obj(sess);
  95
  96         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_destroy, -ENOTSUP);
  97
  98         if (instance->sess_cnt)
  99                 instance->sess_cnt--;
 100
 101         ret = instance->ops->session_destroy(instance->device, sess);
 102         if (!ret)
 103                 rte_mempool_put(mp, (void *)sess);
 104
 105         return ret;
 106 }
 107
 108 int __rte_experimental
 109 rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
 110                               struct rte_security_session *sess,
 111                               struct rte_mbuf *m, void *params)
 112 {
 113         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->set_pkt_metadata, -ENOTSUP);
 114         return instance->ops->set_pkt_metadata(instance->device,
 115                                                sess, m, params);
 116 }
 117
 118 void * __rte_experimental
 119 rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md)
 120 {
 121         void *userdata = NULL;
 122
 123         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->get_userdata, NULL);
 124         if (instance->ops->get_userdata(instance->device, md, &userdata))
 125                 return NULL;
 126
 127         return userdata;
 128 }
 129
 130 const struct rte_security_capability * __rte_experimental
 131 rte_security_capabilities_get(struct rte_security_ctx *instance)
 132 {
 133         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->capabilities_get, NULL);
 134         return instance->ops->capabilities_get(instance->device);
 135 }
 136
 137 const struct rte_security_capability * __rte_experimental
 138 rte_security_capability_get(struct rte_security_ctx *instance,
 139                             struct rte_security_capability_idx *idx)
 140 {
 141         const struct rte_security_capability *capabilities;
 142         const struct rte_security_capability *capability;
 143         uint16_t i = 0;
 144
 145         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->capabilities_get, NULL);
 146         capabilities = instance->ops->capabilities_get(instance->device);
 147
 148         if (capabilities == NULL)
 149                 return NULL;
 150
 151         while ((capability = &capabilities[i++])->action
 152                         != RTE_SECURITY_ACTION_TYPE_NONE) {
 153                 if (capability->action  == idx->action &&
 154                                 capability->protocol == idx->protocol) {
 155                         if (idx->protocol == RTE_SECURITY_PROTOCOL_IPSEC) {
 156                                 if (capability->ipsec.proto ==
 157                                                 idx->ipsec.proto &&
 158                                         capability->ipsec.mode ==
 159                                                         idx->ipsec.mode &&
 160                                         capability->ipsec.direction ==
 161                                                         idx->ipsec.direction)
 162                                         return capability;
 163                         }
 164                 }
 165         }
 166
 167         return NULL;
 168 }