1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
|
/*-
* BSD LICENSE
*
* Copyright(c) 2017 Intel Corporation. All rights reserved.
* Copyright 2017 NXP.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
* * Neither the name of Intel Corporation nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _RTE_SECURITY_DRIVER_H_
#define _RTE_SECURITY_DRIVER_H_
/**
* @file rte_security_driver.h
* @b EXPERIMENTAL: this API may change without prior notice
*
* RTE Security Common Definitions
*
*/
#ifdef __cplusplus
extern "C" {
#endif
#include "rte_security.h"
/**
* Configure a security session on a device.
*
* @param device Crypto/eth device pointer
* @param conf Security session configuration
* @param sess Pointer to Security private session structure
* @param mp Mempool where the private session is allocated
*
* @return
* - Returns 0 if private session structure have been created successfully.
* - Returns -EINVAL if input parameters are invalid.
* - Returns -ENOTSUP if crypto device does not support the crypto transform.
* - Returns -ENOMEM if the private session could not be allocated.
*/
typedef int (*security_session_create_t)(void *device,
struct rte_security_session_conf *conf,
struct rte_security_session *sess,
struct rte_mempool *mp);
/**
* Free driver private session data.
*
* @param dev Crypto/eth device pointer
* @param sess Security session structure
*/
typedef int (*security_session_destroy_t)(void *device,
struct rte_security_session *sess);
/**
* Update driver private session data.
*
* @param device Crypto/eth device pointer
* @param sess Pointer to Security private session structure
* @param conf Security session configuration
*
* @return
* - Returns 0 if private session structure have been updated successfully.
* - Returns -EINVAL if input parameters are invalid.
* - Returns -ENOTSUP if crypto device does not support the crypto transform.
*/
typedef int (*security_session_update_t)(void *device,
struct rte_security_session *sess,
struct rte_security_session_conf *conf);
/**
* Get the size of a security session
*
* @param device Crypto/eth device pointer
*
* @return
* - On success returns the size of the session structure for device
* - On failure returns 0
*/
typedef unsigned int (*security_session_get_size)(void *device);
/**
* Get stats from the PMD.
*
* @param device Crypto/eth device pointer
* @param sess Pointer to Security private session structure
* @param stats Security stats of the driver
*
* @return
* - Returns 0 if private session structure have been updated successfully.
* - Returns -EINVAL if session parameters are invalid.
*/
typedef int (*security_session_stats_get_t)(void *device,
struct rte_security_session *sess,
struct rte_security_stats *stats);
/**
* Update the mbuf with provided metadata.
*
* @param sess Security session structure
* @param mb Packet buffer
* @param mt Metadata
*
* @return
* - Returns 0 if metadata updated successfully.
* - Returns -ve value for errors.
*/
typedef int (*security_set_pkt_metadata_t)(void *device,
struct rte_security_session *sess, struct rte_mbuf *m,
void *params);
/**
* Get application specific userdata associated with the security session which
* processed the packet. This would be retrieved using the metadata obtained
* from packet.
*
* @param device Crypto/eth device pointer
* @param md Metadata
* @param userdata Pointer to receive userdata
*
* @return
* - Returns 0 if userdata is retrieved successfully.
* - Returns -ve value for errors.
*/
typedef int (*security_get_userdata_t)(void *device,
uint64_t md, void **userdata);
/**
* Get security capabilities of the device.
*
* @param device crypto/eth device pointer
*
* @return
* - Returns rte_security_capability pointer on success.
* - Returns NULL on error.
*/
typedef const struct rte_security_capability *(*security_capabilities_get_t)(
void *device);
/** Security operations function pointer table */
struct rte_security_ops {
security_session_create_t session_create;
/**< Configure a security session. */
security_session_update_t session_update;
/**< Update a security session. */
security_session_get_size session_get_size;
/**< Return size of security session. */
security_session_stats_get_t session_stats_get;
/**< Get security session statistics. */
security_session_destroy_t session_destroy;
/**< Clear a security sessions private data. */
security_set_pkt_metadata_t set_pkt_metadata;
/**< Update mbuf metadata. */
security_get_userdata_t get_userdata;
/**< Get userdata associated with session which processed the packet. */
security_capabilities_get_t capabilities_get;
/**< Get security capabilities. */
};
#ifdef __cplusplus
}
#endif
#endif /* _RTE_SECURITY_DRIVER_H_ */
|