Adding security ctx to the eth device.
Signed-off-by: Ankur Dwivedi <adwiv...@marvell.com>
Signed-off-by: Anoob Joseph <ano...@marvell.com>
Signed-off-by: Archana Muniganti <march...@marvell.com>
Signed-off-by: Tejasree Kondoj <ktejas...@marvell.com>
Signed-off-by: Vamsi Attunuru <vattun...@marvell.com>
---
drivers/common/octeontx2/otx2_common.c | 2 ++
drivers/common/octeontx2/otx2_common.h | 10 +++++++
.../octeontx2/rte_common_octeontx2_version.map | 2 ++
drivers/crypto/octeontx2/Makefile | 3 +-
drivers/crypto/octeontx2/meson.build | 4 ++-
drivers/crypto/octeontx2/otx2_cryptodev.c | 4 +++
drivers/crypto/octeontx2/otx2_security.c | 35 ++++++++++++++++++++++
drivers/crypto/octeontx2/otx2_security.h | 14 +++++++++
drivers/net/octeontx2/otx2_ethdev.c | 18 ++++++++++-
9 files changed, 89 insertions(+), 3 deletions(-)
create mode 100644 drivers/crypto/octeontx2/otx2_security.c
create mode 100644 drivers/crypto/octeontx2/otx2_security.h
diff --git a/drivers/common/octeontx2/otx2_common.c
b/drivers/common/octeontx2/otx2_common.c
index 2f9b167..5c41822 100644
--- a/drivers/common/octeontx2/otx2_common.c
+++ b/drivers/common/octeontx2/otx2_common.c
@@ -11,6 +11,8 @@
#include "otx2_dev.h"
#include "otx2_mbox.h"
+struct otx2_sec_eth_crypto_idev_ops otx2_sec_idev_ops;
+
/**
* @internal
* Set default NPA configuration.
diff --git a/drivers/common/octeontx2/otx2_common.h
b/drivers/common/octeontx2/otx2_common.h
index db0cde1..4e8d0af 100644
--- a/drivers/common/octeontx2/otx2_common.h
+++ b/drivers/common/octeontx2/otx2_common.h
@@ -77,6 +77,16 @@ void otx2_npa_set_defaults(struct otx2_idev_cfg *idev);
int otx2_npa_lf_active(void *dev);
int otx2_npa_lf_obj_ref(void);
+typedef int (*otx2_sec_eth_ctx_create_t)(struct rte_eth_dev *eth_dev);
+typedef void (*otx2_sec_eth_ctx_destroy_t)(struct rte_eth_dev *eth_dev);
+
+struct otx2_sec_eth_crypto_idev_ops {
+ otx2_sec_eth_ctx_create_t ctx_create;
+ otx2_sec_eth_ctx_destroy_t ctx_destroy;
+};
+
+extern struct otx2_sec_eth_crypto_idev_ops otx2_sec_idev_ops;
+
/* Log */
extern int otx2_logtype_base;
extern int otx2_logtype_mbox;
diff --git a/drivers/common/octeontx2/rte_common_octeontx2_version.map
b/drivers/common/octeontx2/rte_common_octeontx2_version.map
index bd9fc41..1a43bb6 100644
--- a/drivers/common/octeontx2/rte_common_octeontx2_version.map
+++ b/drivers/common/octeontx2/rte_common_octeontx2_version.map
@@ -32,5 +32,7 @@ DPDK_20.0 {
otx2_sso_pf_func_set;
otx2_unregister_irq;
+ otx2_sec_idev_ops;
+
local: *;
};
diff --git a/drivers/crypto/octeontx2/Makefile
b/drivers/crypto/octeontx2/Makefile
index 3ba67ed..d2e9b9f 100644
--- a/drivers/crypto/octeontx2/Makefile
+++ b/drivers/crypto/octeontx2/Makefile
@@ -11,7 +11,7 @@ LIB = librte_pmd_octeontx2_crypto.a
CFLAGS += $(WERROR_FLAGS)
LDLIBS += -lrte_eal -lrte_ethdev -lrte_mbuf -lrte_mempool -lrte_ring
-LDLIBS += -lrte_cryptodev
+LDLIBS += -lrte_cryptodev -lrte_security
LDLIBS += -lrte_pci -lrte_bus_pci
LDLIBS += -lrte_common_cpt -lrte_common_octeontx2
@@ -38,6 +38,7 @@ SRCS-$(CONFIG_RTE_LIBRTE_PMD_OCTEONTX2_CRYPTO) +=
otx2_cryptodev_capabilities.c
SRCS-$(CONFIG_RTE_LIBRTE_PMD_OCTEONTX2_CRYPTO) += otx2_cryptodev_hw_access.c
SRCS-$(CONFIG_RTE_LIBRTE_PMD_OCTEONTX2_CRYPTO) += otx2_cryptodev_mbox.c
SRCS-$(CONFIG_RTE_LIBRTE_PMD_OCTEONTX2_CRYPTO) += otx2_cryptodev_ops.c
+SRCS-$(CONFIG_RTE_LIBRTE_PMD_OCTEONTX2_CRYPTO) += otx2_security.c
# export include files
SYMLINK-y-include +=
diff --git a/drivers/crypto/octeontx2/meson.build
b/drivers/crypto/octeontx2/meson.build
index 67deca3..f7b2937 100644
--- a/drivers/crypto/octeontx2/meson.build
+++ b/drivers/crypto/octeontx2/meson.build
@@ -9,6 +9,7 @@ deps += ['bus_pci']
deps += ['common_cpt']
deps += ['common_octeontx2']
deps += ['ethdev']
+deps += ['security']
name = 'octeontx2_crypto'
allow_experimental_apis = true
@@ -16,7 +17,8 @@ sources = files('otx2_cryptodev.c',
'otx2_cryptodev_capabilities.c',
'otx2_cryptodev_hw_access.c',
'otx2_cryptodev_mbox.c',
- 'otx2_cryptodev_ops.c')
+ 'otx2_cryptodev_ops.c',
+ 'otx2_security.c')
extra_flags = []
# This integrated controller runs only on a arm64 machine, remove 32bit
warnings
diff --git a/drivers/crypto/octeontx2/otx2_cryptodev.c
b/drivers/crypto/octeontx2/otx2_cryptodev.c
index 7fd216b..86c1188 100644
--- a/drivers/crypto/octeontx2/otx2_cryptodev.c
+++ b/drivers/crypto/octeontx2/otx2_cryptodev.c
@@ -17,6 +17,7 @@
#include "otx2_cryptodev_mbox.h"
#include "otx2_cryptodev_ops.h"
#include "otx2_dev.h"
+#include "otx2_security.h"
/* CPT common headers */
#include "cpt_common.h"
@@ -154,4 +155,7 @@ RTE_INIT(otx2_cpt_init_log)
otx2_cpt_logtype = rte_log_register("pmd.crypto.octeontx2");
if (otx2_cpt_logtype >= 0)
rte_log_set_level(otx2_cpt_logtype, RTE_LOG_NOTICE);
+
+ otx2_sec_idev_ops.ctx_create = otx2_sec_eth_ctx_create;
+ otx2_sec_idev_ops.ctx_destroy = otx2_sec_eth_ctx_destroy;
}
diff --git a/drivers/crypto/octeontx2/otx2_security.c
b/drivers/crypto/octeontx2/otx2_security.c
new file mode 100644
index 0000000..531c78b
--- /dev/null
+++ b/drivers/crypto/octeontx2/otx2_security.c
@@ -0,0 +1,35 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright (C) 2020 Marvell International Ltd.
+ */
+
+#include <rte_ethdev.h>
+#include <rte_malloc.h>
+#include <rte_security.h>
+
+#include "otx2_security.h"
+
+int
+otx2_sec_eth_ctx_create(struct rte_eth_dev *eth_dev)
+{
+ struct rte_security_ctx *ctx;
+
+ ctx = rte_malloc("otx2_sec_eth_ctx",
+ sizeof(struct rte_security_ctx), 0);
+ if (ctx == NULL)
+ return -ENOMEM;
+
+ /* Populate ctx */
+
+ ctx->device = eth_dev;
+ ctx->sess_cnt = 0;
+
+ eth_dev->security_ctx = ctx;
+
+ return 0;
+}
+
+void
+otx2_sec_eth_ctx_destroy(struct rte_eth_dev *eth_dev)
+{
+ rte_free(eth_dev->security_ctx);
+}
diff --git a/drivers/crypto/octeontx2/otx2_security.h
b/drivers/crypto/octeontx2/otx2_security.h
new file mode 100644
index 0000000..21b7da4
--- /dev/null
+++ b/drivers/crypto/octeontx2/otx2_security.h
@@ -0,0 +1,14 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright (C) 2020 Marvell International Ltd.
+ */
+
+#ifndef __OTX2_SECURITY_H__
+#define __OTX2_SECURITY_H__
+
+#include <rte_ethdev.h>
+
+int otx2_sec_eth_ctx_create(struct rte_eth_dev *eth_dev);
+
+void otx2_sec_eth_ctx_destroy(struct rte_eth_dev *eth_dev);
+
+#endif /* __OTX2_SECURITY_H__ */
diff --git a/drivers/net/octeontx2/otx2_ethdev.c
b/drivers/net/octeontx2/otx2_ethdev.c
index ed32927..3e19ac2 100644
--- a/drivers/net/octeontx2/otx2_ethdev.c
+++ b/drivers/net/octeontx2/otx2_ethdev.c
@@ -2236,10 +2236,19 @@ otx2_eth_dev_init(struct rte_eth_dev *eth_dev)
dev->hwcap |= OTX2_FIXUP_F_LIMIT_CQ_FULL;
}
+ /* Create security ctx */
+ if (otx2_sec_idev_ops.ctx_create != NULL) {
+ rc = otx2_sec_idev_ops.ctx_create(eth_dev);
+ if (rc)
+ goto free_mac_addrs;
+ dev->tx_offload_capa |= DEV_TX_OFFLOAD_SECURITY;
+ dev->rx_offload_capa |= DEV_RX_OFFLOAD_SECURITY;
+ }
+
/* Initialize rte-flow */
rc = otx2_flow_init(dev);
if (rc)
- goto free_mac_addrs;
+ goto sec_ctx_destroy;
otx2_nix_mc_filter_init(dev);
@@ -2250,6 +2259,9 @@ otx2_eth_dev_init(struct rte_eth_dev *eth_dev)
dev->rx_offload_capa, dev->tx_offload_capa);
return 0;
+sec_ctx_destroy:
+ if (otx2_sec_idev_ops.ctx_destroy != NULL)
+ otx2_sec_idev_ops.ctx_destroy(eth_dev);
free_mac_addrs:
rte_free(eth_dev->data->mac_addrs);
unregister_irq:
@@ -2333,6 +2345,10 @@ otx2_eth_dev_uninit(struct rte_eth_dev *eth_dev, bool
mbox_close)
if (rc)
otx2_err("Failed to cleanup npa lf, rc=%d", rc);
+ /* Destroy security ctx */
+ if (otx2_sec_idev_ops.ctx_destroy != NULL)
+ otx2_sec_idev_ops.ctx_destroy(eth_dev);
+
rte_free(eth_dev->data->mac_addrs);
eth_dev->data->mac_addrs = NULL;
dev->drv_inited = false;
--
2.7.4
