lib/librte_security/rte_security.c

   1 /* SPDX-License-Identifier: BSD-3-Clause
   2  * Copyright 2017 NXP.
   3  * Copyright(c) 2017 Intel Corporation.
   4  */
   5
   6 #include <rte_malloc.h>
   7 #include <rte_dev.h>
   8 #include "rte_compat.h"
   9 #include "rte_security.h"
  10 #include "rte_security_driver.h"
  11
  12 struct rte_security_session *
  13 __rte_experimental rte_security_session_create(struct rte_security_ctx *instance,
  14                             struct rte_security_session_conf *conf,
  15                             struct rte_mempool *mp)
  16 {
  17         struct rte_security_session *sess = NULL;
  18
  19         if (conf == NULL)
  20                 return NULL;
  21
  22         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_create, NULL);
  23
  24         if (rte_mempool_get(mp, (void **)&sess))
  25                 return NULL;
  26
  27         if (instance->ops->session_create(instance->device, conf, sess, mp)) {
  28                 rte_mempool_put(mp, (void *)sess);
  29                 return NULL;
  30         }
  31         instance->sess_cnt++;
  32
  33         return sess;
  34 }
  35
  36 int __rte_experimental
  37 rte_security_session_update(struct rte_security_ctx *instance,
  38                             struct rte_security_session *sess,
  39                             struct rte_security_session_conf *conf)
  40 {
  41         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_update, -ENOTSUP);
  42         return instance->ops->session_update(instance->device, sess, conf);
  43 }
  44
  45 unsigned int __rte_experimental
  46 rte_security_session_get_size(struct rte_security_ctx *instance)
  47 {
  48         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_get_size, 0);
  49         return instance->ops->session_get_size(instance->device);
  50 }
  51
  52 int __rte_experimental
  53 rte_security_session_stats_get(struct rte_security_ctx *instance,
  54                                struct rte_security_session *sess,
  55                                struct rte_security_stats *stats)
  56 {
  57         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_stats_get, -ENOTSUP);
  58         return instance->ops->session_stats_get(instance->device, sess, stats);
  59 }
  60
  61 int __rte_experimental
  62 rte_security_session_destroy(struct rte_security_ctx *instance,
  63                              struct rte_security_session *sess)
  64 {
  65         int ret;
  66
  67         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_destroy, -ENOTSUP);
  68
  69         if (instance->sess_cnt)
  70                 instance->sess_cnt--;
  71
  72         ret = instance->ops->session_destroy(instance->device, sess);
  73         if (!ret)
  74                 rte_mempool_put(rte_mempool_from_obj(sess), (void *)sess);
  75
  76         return ret;
  77 }
  78
  79 int __rte_experimental
  80 rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
  81                               struct rte_security_session *sess,
  82                               struct rte_mbuf *m, void *params)
  83 {
  84         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->set_pkt_metadata, -ENOTSUP);
  85         return instance->ops->set_pkt_metadata(instance->device,
  86                                                sess, m, params);
  87 }
  88
  89 void * __rte_experimental
  90 rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md)
  91 {
  92         void *userdata = NULL;
  93
  94         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->get_userdata, NULL);
  95         if (instance->ops->get_userdata(instance->device, md, &userdata))
  96                 return NULL;
  97
  98         return userdata;
  99 }
 100
 101 const struct rte_security_capability * __rte_experimental
 102 rte_security_capabilities_get(struct rte_security_ctx *instance)
 103 {
 104         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->capabilities_get, NULL);
 105         return instance->ops->capabilities_get(instance->device);
 106 }
 107
 108 const struct rte_security_capability * __rte_experimental
 109 rte_security_capability_get(struct rte_security_ctx *instance,
 110                             struct rte_security_capability_idx *idx)
 111 {
 112         const struct rte_security_capability *capabilities;
 113         const struct rte_security_capability *capability;
 114         uint16_t i = 0;
 115
 116         RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->capabilities_get, NULL);
 117         capabilities = instance->ops->capabilities_get(instance->device);
 118
 119         if (capabilities == NULL)
 120                 return NULL;
 121
 122         while ((capability = &capabilities[i++])->action
 123                         != RTE_SECURITY_ACTION_TYPE_NONE) {
 124                 if (capability->action  == idx->action &&
 125                                 capability->protocol == idx->protocol) {
 126                         if (idx->protocol == RTE_SECURITY_PROTOCOL_IPSEC) {
 127                                 if (capability->ipsec.proto ==
 128                                                 idx->ipsec.proto &&
 129                                         capability->ipsec.mode ==
 130                                                         idx->ipsec.mode &&
 131                                         capability->ipsec.direction ==
 132                                                         idx->ipsec.direction)
 133                                         return capability;
 134                         } else if (idx->protocol == RTE_SECURITY_PROTOCOL_PDCP) {
 135                                 if (capability->pdcp.domain ==
 136                                                         idx->pdcp.domain)
 137                                         return capability;
 138                         }
 139                 }
 140         }
 141
 142         return NULL;
 143 }