1 /* SPDX-License-Identifier: BSD-3-Clause
2 * Copyright(C) 2024 Marvell.
3 */
4
5 #include <rte_security.h>
6
7 #include "cn10k_cryptodev_ops.h"
8 #include "cn10k_cryptodev_sec.h"
9 #include "cnxk_cryptodev_ops.h"
10
11 static int
cn10k_sec_session_create(void * dev,struct rte_security_session_conf * conf,struct rte_security_session * sess)12 cn10k_sec_session_create(void *dev, struct rte_security_session_conf *conf,
13 struct rte_security_session *sess)
14 {
15 struct rte_cryptodev *crypto_dev = dev;
16 struct cnxk_cpt_vf *vf;
17 struct cnxk_cpt_qp *qp;
18
19 if (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)
20 return -EINVAL;
21
22 qp = crypto_dev->data->queue_pairs[0];
23 if (qp == NULL) {
24 plt_err("Setup cryptodev queue pair before creating security session");
25 return -EPERM;
26 }
27
28 vf = crypto_dev->data->dev_private;
29
30 if (conf->protocol == RTE_SECURITY_PROTOCOL_IPSEC) {
31 ((struct cn10k_sec_session *)sess)->userdata = conf->userdata;
32 return cn10k_ipsec_session_create(vf, qp, &conf->ipsec, conf->crypto_xform, sess);
33 }
34
35 if (conf->protocol == RTE_SECURITY_PROTOCOL_TLS_RECORD)
36 return cn10k_tls_record_session_create(vf, qp, &conf->tls_record,
37 conf->crypto_xform, sess);
38
39 return -ENOTSUP;
40 }
41
42 static int
cn10k_sec_session_destroy(void * dev,struct rte_security_session * sec_sess)43 cn10k_sec_session_destroy(void *dev, struct rte_security_session *sec_sess)
44 {
45 struct cn10k_sec_session *cn10k_sec_sess;
46 struct rte_cryptodev *crypto_dev = dev;
47 struct cnxk_cpt_qp *qp;
48
49 if (unlikely(sec_sess == NULL))
50 return -EINVAL;
51
52 qp = crypto_dev->data->queue_pairs[0];
53 if (unlikely(qp == NULL))
54 return -ENOTSUP;
55
56 cn10k_sec_sess = (struct cn10k_sec_session *)sec_sess;
57
58 if (cn10k_sec_sess->proto == RTE_SECURITY_PROTOCOL_IPSEC)
59 return cn10k_sec_ipsec_session_destroy(qp, cn10k_sec_sess);
60
61 if (cn10k_sec_sess->proto == RTE_SECURITY_PROTOCOL_TLS_RECORD)
62 return cn10k_sec_tls_session_destroy(qp, cn10k_sec_sess);
63
64 return -EINVAL;
65 }
66
67 static unsigned int
cn10k_sec_session_get_size(void * dev __rte_unused)68 cn10k_sec_session_get_size(void *dev __rte_unused)
69 {
70 return sizeof(struct cn10k_sec_session) - sizeof(struct rte_security_session);
71 }
72
73 static int
cn10k_sec_session_stats_get(void * dev,struct rte_security_session * sec_sess,struct rte_security_stats * stats)74 cn10k_sec_session_stats_get(void *dev, struct rte_security_session *sec_sess,
75 struct rte_security_stats *stats)
76 {
77 struct cn10k_sec_session *cn10k_sec_sess;
78 struct rte_cryptodev *crypto_dev = dev;
79 struct cnxk_cpt_qp *qp;
80
81 if (unlikely(sec_sess == NULL))
82 return -EINVAL;
83
84 qp = crypto_dev->data->queue_pairs[0];
85 if (unlikely(qp == NULL))
86 return -ENOTSUP;
87
88 cn10k_sec_sess = (struct cn10k_sec_session *)sec_sess;
89
90 if (cn10k_sec_sess->proto == RTE_SECURITY_PROTOCOL_IPSEC)
91 return cn10k_ipsec_stats_get(qp, cn10k_sec_sess, stats);
92
93 return -ENOTSUP;
94 }
95
96 static int
cn10k_sec_session_update(void * dev,struct rte_security_session * sec_sess,struct rte_security_session_conf * conf)97 cn10k_sec_session_update(void *dev, struct rte_security_session *sec_sess,
98 struct rte_security_session_conf *conf)
99 {
100 struct cn10k_sec_session *cn10k_sec_sess;
101 struct rte_cryptodev *crypto_dev = dev;
102 struct cnxk_cpt_qp *qp;
103 struct cnxk_cpt_vf *vf;
104
105 if (sec_sess == NULL)
106 return -EINVAL;
107
108 qp = crypto_dev->data->queue_pairs[0];
109 if (qp == NULL)
110 return -EINVAL;
111
112 vf = crypto_dev->data->dev_private;
113
114 cn10k_sec_sess = (struct cn10k_sec_session *)sec_sess;
115
116 if (cn10k_sec_sess->proto == RTE_SECURITY_PROTOCOL_IPSEC)
117 return cn10k_ipsec_session_update(vf, qp, cn10k_sec_sess, conf);
118
119 if (conf->protocol == RTE_SECURITY_PROTOCOL_TLS_RECORD)
120 return cn10k_tls_record_session_update(vf, qp, cn10k_sec_sess, conf);
121
122 return -ENOTSUP;
123 }
124
125 /* Update platform specific security ops */
126 void
cn10k_sec_ops_override(void)127 cn10k_sec_ops_override(void)
128 {
129 /* Update platform specific ops */
130 cnxk_sec_ops.session_create = cn10k_sec_session_create;
131 cnxk_sec_ops.session_destroy = cn10k_sec_session_destroy;
132 cnxk_sec_ops.session_get_size = cn10k_sec_session_get_size;
133 cnxk_sec_ops.session_stats_get = cn10k_sec_session_stats_get;
134 cnxk_sec_ops.session_update = cn10k_sec_session_update;
135 cnxk_sec_ops.inb_pkt_rx_inject = cn10k_cryptodev_sec_inb_rx_inject;
136 cnxk_sec_ops.rx_inject_configure = cn10k_cryptodev_sec_rx_inject_configure;
137 }
138