aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/dpdk/ipsec/ipsec.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/plugins/dpdk/ipsec/ipsec.h')
-rw-r--r--src/plugins/dpdk/ipsec/ipsec.h33
1 files changed, 23 insertions, 10 deletions
diff --git a/src/plugins/dpdk/ipsec/ipsec.h b/src/plugins/dpdk/ipsec/ipsec.h
index d7940345bfc..a94dd6821af 100644
--- a/src/plugins/dpdk/ipsec/ipsec.h
+++ b/src/plugins/dpdk/ipsec/ipsec.h
@@ -53,6 +53,7 @@ typedef struct
u8 cipher_algo;
u8 auth_algo;
u8 is_outbound;
+ u8 is_aead;
} crypto_worker_qp_key_t;
typedef struct
@@ -81,6 +82,8 @@ typedef struct
typedef struct
{
+ struct rte_mempool **sess_h_pools;
+ struct rte_mempool **sess_pools;
struct rte_mempool **cop_pools;
crypto_worker_main_t *workers_main;
u8 enabled;
@@ -146,12 +149,14 @@ check_algo_is_supported (const struct rte_cryptodev_capabilities *cap,
{
struct
{
- uint8_t cipher_algo;
enum rte_crypto_sym_xform_type type;
union
{
enum rte_crypto_auth_algorithm auth;
enum rte_crypto_cipher_algorithm cipher;
+#if ! DPDK_NO_AEAD
+ enum rte_crypto_aead_algorithm aead;
+#endif
};
char *name;
} supported_algo[] =
@@ -162,15 +167,18 @@ check_algo_is_supported (const struct rte_cryptodev_capabilities *cap,
{
.type = RTE_CRYPTO_SYM_XFORM_CIPHER,.cipher =
RTE_CRYPTO_CIPHER_AES_CBC,.name = "AES_CBC"},
+#if DPDK_NO_AEAD
{
.type = RTE_CRYPTO_SYM_XFORM_CIPHER,.cipher =
- RTE_CRYPTO_CIPHER_AES_CTR,.name = "AES_CTR"},
+ RTE_CRYPTO_CIPHER_AES_GCM,.name = "AES-GCM"},
+#else
{
- .type = RTE_CRYPTO_SYM_XFORM_CIPHER,.cipher =
- RTE_CRYPTO_CIPHER_3DES_CBC,.name = "3DES-CBC"},
+ .type = RTE_CRYPTO_SYM_XFORM_AEAD,.aead =
+ RTE_CRYPTO_AEAD_AES_GCM,.name = "AES-GCM"},
+#endif
{
- .type = RTE_CRYPTO_SYM_XFORM_CIPHER,.cipher =
- RTE_CRYPTO_CIPHER_AES_GCM,.name = "AES-GCM"},
+ .type = RTE_CRYPTO_SYM_XFORM_AUTH,.auth =
+ RTE_CRYPTO_AUTH_NULL,.name = "NULL"},
{
.type = RTE_CRYPTO_SYM_XFORM_AUTH,.auth =
RTE_CRYPTO_AUTH_SHA1_HMAC,.name = "HMAC-SHA1"},
@@ -183,15 +191,16 @@ check_algo_is_supported (const struct rte_cryptodev_capabilities *cap,
{
.type = RTE_CRYPTO_SYM_XFORM_AUTH,.auth =
RTE_CRYPTO_AUTH_SHA512_HMAC,.name = "HMAC-SHA512"},
- {
- .type = RTE_CRYPTO_SYM_XFORM_AUTH,.auth =
- RTE_CRYPTO_AUTH_AES_XCBC_MAC,.name = "AES-XCBC-MAC"},
+#if DPDK_NO_AEAD
{
.type = RTE_CRYPTO_SYM_XFORM_AUTH,.auth =
RTE_CRYPTO_AUTH_AES_GCM,.name = "AES-GCM"},
+#endif
{
/* tail */
- .type = RTE_CRYPTO_SYM_XFORM_NOT_SPECIFIED},};
+ .type = RTE_CRYPTO_SYM_XFORM_NOT_SPECIFIED}
+ };
+
uint32_t i = 0;
if (cap->op != RTE_CRYPTO_OP_TYPE_SYMMETRIC)
@@ -203,6 +212,10 @@ check_algo_is_supported (const struct rte_cryptodev_capabilities *cap,
{
if ((cap->sym.xform_type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
cap->sym.cipher.algo == supported_algo[i].cipher) ||
+#if ! DPDK_NO_AEAD
+ (cap->sym.xform_type == RTE_CRYPTO_SYM_XFORM_AEAD &&
+ cap->sym.aead.algo == supported_algo[i].aead) ||
+#endif
(cap->sym.xform_type == RTE_CRYPTO_SYM_XFORM_AUTH &&
cap->sym.auth.algo == supported_algo[i].auth))
{