@@ -15,7 +15,6 @@ struct cperf_op_fns;
typedef void *(*cperf_constructor_t)(
struct rte_mempool *sess_mp,
- struct rte_mempool *sess_priv_mp,
uint8_t dev_id,
uint16_t qp_id,
const struct cperf_options *options,
@@ -642,7 +642,6 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,
static void *
create_ipsec_session(struct rte_mempool *sess_mp,
- struct rte_mempool *priv_mp,
uint8_t dev_id,
const struct cperf_options *options,
const struct cperf_test_vector *test_vector,
@@ -753,13 +752,11 @@ create_ipsec_session(struct rte_mempool *sess_mp,
rte_cryptodev_get_sec_ctx(dev_id);
/* Create security session */
- return (void *)rte_security_session_create(ctx,
- &sess_conf, sess_mp, priv_mp);
+ return (void *)rte_security_session_create(ctx, &sess_conf, sess_mp);
}
static void *
cperf_create_session(struct rte_mempool *sess_mp,
- struct rte_mempool *priv_mp,
uint8_t dev_id,
const struct cperf_options *options,
const struct cperf_test_vector *test_vector,
@@ -859,12 +856,11 @@ cperf_create_session(struct rte_mempool *sess_mp,
rte_cryptodev_get_sec_ctx(dev_id);
/* Create security session */
- return (void *)rte_security_session_create(ctx,
- &sess_conf, sess_mp, priv_mp);
+ return (void *)rte_security_session_create(ctx, &sess_conf, sess_mp);
}
if (options->op_type == CPERF_IPSEC) {
- return create_ipsec_session(sess_mp, priv_mp, dev_id,
+ return create_ipsec_session(sess_mp, dev_id,
options, test_vector, iv_offset);
}
@@ -908,8 +904,7 @@ cperf_create_session(struct rte_mempool *sess_mp,
rte_cryptodev_get_sec_ctx(dev_id);
/* Create security session */
- return (void *)rte_security_session_create(ctx,
- &sess_conf, sess_mp, priv_mp);
+ return (void *)rte_security_session_create(ctx, &sess_conf, sess_mp);
}
#endif
/*
@@ -56,7 +56,6 @@ cperf_latency_test_free(struct cperf_latency_ctx *ctx)
void *
cperf_latency_test_constructor(struct rte_mempool *sess_mp,
- struct rte_mempool *sess_priv_mp,
uint8_t dev_id, uint16_t qp_id,
const struct cperf_options *options,
const struct cperf_test_vector *test_vector,
@@ -81,7 +80,7 @@ cperf_latency_test_constructor(struct rte_mempool *sess_mp,
sizeof(struct rte_crypto_sym_op) +
sizeof(struct cperf_op_result *);
- ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id, options,
+ ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
test_vector, iv_offset);
if (ctx->sess == NULL)
goto err;
@@ -17,7 +17,6 @@
void *
cperf_latency_test_constructor(
struct rte_mempool *sess_mp,
- struct rte_mempool *sess_priv_mp,
uint8_t dev_id,
uint16_t qp_id,
const struct cperf_options *options,
@@ -88,7 +88,6 @@ cperf_pmd_cyclecount_test_free(struct cperf_pmd_cyclecount_ctx *ctx)
void *
cperf_pmd_cyclecount_test_constructor(struct rte_mempool *sess_mp,
- struct rte_mempool *sess_priv_mp,
uint8_t dev_id, uint16_t qp_id,
const struct cperf_options *options,
const struct cperf_test_vector *test_vector,
@@ -115,7 +114,7 @@ cperf_pmd_cyclecount_test_constructor(struct rte_mempool *sess_mp,
uint16_t iv_offset = sizeof(struct rte_crypto_op) +
sizeof(struct rte_crypto_sym_op);
- ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id, options,
+ ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
test_vector, iv_offset);
if (ctx->sess == NULL)
goto err;
@@ -18,7 +18,6 @@
void *
cperf_pmd_cyclecount_test_constructor(
struct rte_mempool *sess_mp,
- struct rte_mempool *sess_priv_mp,
uint8_t dev_id,
uint16_t qp_id,
const struct cperf_options *options,
@@ -62,7 +62,6 @@ cperf_throughput_test_free(struct cperf_throughput_ctx *ctx)
void *
cperf_throughput_test_constructor(struct rte_mempool *sess_mp,
- struct rte_mempool *sess_priv_mp,
uint8_t dev_id, uint16_t qp_id,
const struct cperf_options *options,
const struct cperf_test_vector *test_vector,
@@ -85,7 +84,7 @@ cperf_throughput_test_constructor(struct rte_mempool *sess_mp,
uint16_t iv_offset = sizeof(struct rte_crypto_op) +
sizeof(struct rte_crypto_sym_op);
- ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id, options,
+ ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
test_vector, iv_offset);
if (ctx->sess == NULL)
goto err;
@@ -18,7 +18,6 @@
void *
cperf_throughput_test_constructor(
struct rte_mempool *sess_mp,
- struct rte_mempool *sess_priv_mp,
uint8_t dev_id,
uint16_t qp_id,
const struct cperf_options *options,
@@ -50,7 +50,6 @@ cperf_verify_test_free(struct cperf_verify_ctx *ctx)
void *
cperf_verify_test_constructor(struct rte_mempool *sess_mp,
- struct rte_mempool *sess_priv_mp,
uint8_t dev_id, uint16_t qp_id,
const struct cperf_options *options,
const struct cperf_test_vector *test_vector,
@@ -73,7 +72,7 @@ cperf_verify_test_constructor(struct rte_mempool *sess_mp,
uint16_t iv_offset = sizeof(struct rte_crypto_op) +
sizeof(struct rte_crypto_sym_op);
- ctx->sess = op_fns->sess_create(sess_mp, sess_priv_mp, dev_id, options,
+ ctx->sess = op_fns->sess_create(sess_mp, dev_id, options,
test_vector, iv_offset);
if (ctx->sess == NULL)
goto err;
@@ -18,7 +18,6 @@
void *
cperf_verify_test_constructor(
struct rte_mempool *sess_mp,
- struct rte_mempool *sess_priv_mp,
uint8_t dev_id,
uint16_t qp_id,
const struct cperf_options *options,
@@ -24,7 +24,6 @@
static struct {
struct rte_mempool *sess_mp;
- struct rte_mempool *priv_mp;
} session_pool_socket[RTE_MAX_NUMA_NODES];
const char *cperf_test_type_strs[] = {
@@ -115,7 +114,6 @@ fill_session_pool_socket(int32_t socket_id, uint32_t session_priv_size,
printf("Allocated pool \"%s\" on socket %d\n",
mp_name, socket_id);
session_pool_socket[socket_id].sess_mp = sess_mp;
- session_pool_socket[socket_id].priv_mp = sess_mp;
}
return 0;
@@ -660,7 +658,6 @@ main(int argc, char **argv)
ctx[i] = cperf_testmap[opts.test].constructor(
session_pool_socket[socket_id].sess_mp,
- session_pool_socket[socket_id].priv_mp,
cdev_id, qp_id,
&opts, t_vec, &op_fns);
if (ctx[i] == NULL) {
@@ -649,12 +649,6 @@ testsuite_setup(void)
SOCKET_ID_ANY);
TEST_ASSERT_NOT_NULL(ts_params->session_mpool,
"session mempool allocation failed");
- ts_params->session_priv_mpool = rte_mempool_create(
- "test_sess_mp_priv", MAX_NB_SESSIONS, session_size,
- 0, 0, NULL, NULL, NULL, NULL, SOCKET_ID_ANY, 0);
-
- TEST_ASSERT_NOT_NULL(ts_params->session_priv_mpool,
- "session mempool allocation failed");
TEST_ASSERT_SUCCESS(rte_cryptodev_configure(dev_id,
&ts_params->conf),
@@ -694,8 +688,6 @@ testsuite_teardown(void)
if (ts_params->session_mpool != NULL) {
rte_mempool_free(ts_params->session_mpool);
ts_params->session_mpool = NULL;
- rte_mempool_free(ts_params->session_priv_mpool);
- ts_params->session_priv_mpool = NULL;
}
res = rte_cryptodev_close(ts_params->valid_devs[0]);
@@ -8621,8 +8613,7 @@ static int test_pdcp_proto(int i, int oop, enum rte_crypto_cipher_operation opc,
/* Create security session */
ut_params->sec_session = rte_security_session_create(ctx,
- &sess_conf, ts_params->session_mpool,
- NULL);
+ &sess_conf, ts_params->session_mpool);
if (!ut_params->sec_session) {
printf("TestCase %s()-%d line %d failed %s: ",
@@ -8901,8 +8892,7 @@ test_pdcp_proto_SGL(int i, int oop,
/* Create security session */
ut_params->sec_session = rte_security_session_create(ctx,
- &sess_conf, ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ &sess_conf, ts_params->session_mpool);
if (!ut_params->sec_session) {
printf("TestCase %s()-%d line %d failed %s: ",
@@ -9497,8 +9487,7 @@ test_ipsec_proto_process(const struct ipsec_test_data td[],
/* Create security session */
ut_params->sec_session = rte_security_session_create(ctx, &sess_conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
if (ut_params->sec_session == NULL)
return TEST_SKIPPED;
@@ -10509,8 +10498,7 @@ test_docsis_proto_uplink(const void *data)
/* Create security session */
ut_params->sec_session = rte_security_session_create(ctx, &sess_conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
if (!ut_params->sec_session) {
printf("Test function %s line %u: failed to allocate session\n",
@@ -10694,8 +10682,7 @@ test_docsis_proto_downlink(const void *data)
/* Create security session */
ut_params->sec_session = rte_security_session_create(ctx, &sess_conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
if (!ut_params->sec_session) {
printf("Test function %s line %u: failed to allocate session\n",
@@ -14976,10 +14963,6 @@ test_scheduler_attach_worker_op(void)
rte_mempool_free(ts_params->session_mpool);
ts_params->session_mpool = NULL;
}
- if (ts_params->session_priv_mpool) {
- rte_mempool_free(ts_params->session_priv_mpool);
- ts_params->session_priv_mpool = NULL;
- }
if (info.sym.max_nb_sessions != 0 &&
info.sym.max_nb_sessions < MAX_NB_SESSIONS) {
@@ -15003,23 +14986,6 @@ test_scheduler_attach_worker_op(void)
"session mempool allocation failed");
}
- /*
- * Create mempool with maximum number of sessions,
- * to include device specific session private data
- */
- if (ts_params->session_priv_mpool == NULL) {
- ts_params->session_priv_mpool = rte_mempool_create(
- "test_sess_mp_priv",
- MAX_NB_SESSIONS,
- session_size,
- 0, 0, NULL, NULL, NULL,
- NULL, SOCKET_ID_ANY,
- 0);
-
- TEST_ASSERT_NOT_NULL(ts_params->session_priv_mpool,
- "session mempool allocation failed");
- }
-
ts_params->qp_conf.mp_session = ts_params->session_mpool;
ret = rte_cryptodev_scheduler_worker_attach(sched_id,
@@ -159,13 +159,12 @@ const struct supported_auth_algo auth_algos[] = {
static int
dummy_sec_create(void *device, struct rte_security_session_conf *conf,
- struct rte_security_session *sess, struct rte_mempool *mp)
+ struct rte_security_session *sess)
{
RTE_SET_USED(device);
RTE_SET_USED(conf);
- RTE_SET_USED(mp);
+ RTE_SET_USED(sess);
- sess->sess_private_data = NULL;
return 0;
}
@@ -631,7 +630,7 @@ create_dummy_sec_session(struct ipsec_unitest_params *ut,
static struct rte_security_session_conf conf;
ut->ss[j].security.ses = rte_security_session_create(&dummy_sec_ctx,
- &conf, qp->mp_session, NULL);
+ &conf, qp->mp_session);
if (ut->ss[j].security.ses == NULL)
return -ENOMEM;
@@ -200,25 +200,6 @@
expected_mempool_usage, mempool_usage); \
} while (0)
-/**
- * Verify usage of mempool by checking if number of allocated objects matches
- * expectations. The mempool is used to manage objects for sessions priv data.
- * A single object is acquired from mempool during session_create
- * and put back in session_destroy.
- *
- * @param expected_priv_mp_usage expected number of used priv mp objects
- */
-#define TEST_ASSERT_PRIV_MP_USAGE(expected_priv_mp_usage) do { \
- struct security_testsuite_params *ts_params = &testsuite_params;\
- unsigned int priv_mp_usage; \
- priv_mp_usage = rte_mempool_in_use_count( \
- ts_params->session_priv_mpool); \
- TEST_ASSERT_EQUAL(expected_priv_mp_usage, priv_mp_usage, \
- "Expecting %u priv mempool allocations, " \
- "but there are %u allocated objects", \
- expected_priv_mp_usage, priv_mp_usage); \
-} while (0)
-
/**
* Mockup structures and functions for rte_security_ops;
*
@@ -266,24 +247,14 @@ static struct mock_session_create_data {
static int
mock_session_create(void *device,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *priv_mp)
+ struct rte_security_session *sess)
{
- void *sess_priv;
- int ret;
-
mock_session_create_exp.called++;
MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, device);
MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, conf);
- MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, priv_mp);
if (mock_session_create_exp.ret == 0) {
- ret = rte_mempool_get(priv_mp, &sess_priv);
- TEST_ASSERT_EQUAL(0, ret,
- "priv mempool does not have enough objects");
-
- set_sec_session_private_data(sess, sess_priv);
mock_session_create_exp.sess = sess;
}
@@ -392,13 +363,7 @@ static struct mock_session_destroy_data {
static int
mock_session_destroy(void *device, struct rte_security_session *sess)
{
- void *sess_priv = get_sec_session_private_data(sess);
-
mock_session_destroy_exp.called++;
- if ((mock_session_destroy_exp.ret == 0) && (sess_priv != NULL)) {
- rte_mempool_put(rte_mempool_from_obj(sess_priv), sess_priv);
- set_sec_session_private_data(sess, NULL);
- }
MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_destroy_exp, device);
MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_destroy_exp, sess);
@@ -498,7 +463,6 @@ struct rte_security_ops mock_ops = {
*/
static struct security_testsuite_params {
struct rte_mempool *session_mpool;
- struct rte_mempool *session_priv_mpool;
} testsuite_params = { NULL };
/**
@@ -524,8 +488,9 @@ static struct security_unittest_params {
#define SECURITY_TEST_MEMPOOL_NAME "SecurityTestMp"
#define SECURITY_TEST_PRIV_MEMPOOL_NAME "SecurityTestPrivMp"
#define SECURITY_TEST_MEMPOOL_SIZE 15
-#define SECURITY_TEST_SESSION_OBJ_SZ sizeof(struct rte_security_session)
#define SECURITY_TEST_SESSION_PRIV_OBJ_SZ 64
+#define SECURITY_TEST_SESSION_OBJ_SZ (sizeof(struct rte_security_session) + \
+ SECURITY_TEST_SESSION_PRIV_OBJ_SZ)
/**
* testsuite_setup initializes whole test suite parameters.
@@ -545,21 +510,6 @@ testsuite_setup(void)
TEST_ASSERT_NOT_NULL(ts_params->session_mpool,
"Cannot create mempool %s\n", rte_strerror(rte_errno));
- ts_params->session_priv_mpool = rte_mempool_create(
- SECURITY_TEST_PRIV_MEMPOOL_NAME,
- SECURITY_TEST_MEMPOOL_SIZE,
- SECURITY_TEST_SESSION_PRIV_OBJ_SZ,
- 0, 0, NULL, NULL, NULL, NULL,
- SOCKET_ID_ANY, 0);
- if (ts_params->session_priv_mpool == NULL) {
- RTE_LOG(ERR, USER1, "TestCase %s() line %d failed (null): "
- "Cannot create priv mempool %s\n",
- __func__, __LINE__, rte_strerror(rte_errno));
- rte_mempool_free(ts_params->session_mpool);
- ts_params->session_mpool = NULL;
- return TEST_FAILED;
- }
-
return TEST_SUCCESS;
}
@@ -574,10 +524,6 @@ testsuite_teardown(void)
rte_mempool_free(ts_params->session_mpool);
ts_params->session_mpool = NULL;
}
- if (ts_params->session_priv_mpool) {
- rte_mempool_free(ts_params->session_priv_mpool);
- ts_params->session_priv_mpool = NULL;
- }
}
/**
@@ -673,12 +619,10 @@ ut_setup_with_session(void)
mock_session_create_exp.device = NULL;
mock_session_create_exp.conf = &ut_params->conf;
mock_session_create_exp.mp = ts_params->session_mpool;
- mock_session_create_exp.priv_mp = ts_params->session_priv_mpool;
mock_session_create_exp.ret = 0;
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_NOT_NULL(rte_security_session_create,
sess);
TEST_ASSERT_EQUAL(sess, mock_session_create_exp.sess,
@@ -720,13 +664,11 @@ test_session_create_inv_context(void)
struct rte_security_session *sess;
sess = rte_security_session_create(NULL, &ut_params->conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(0);
- TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
return TEST_SUCCESS;
@@ -746,13 +688,11 @@ test_session_create_inv_context_ops(void)
ut_params->ctx.ops = NULL;
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(0);
- TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
return TEST_SUCCESS;
@@ -772,13 +712,11 @@ test_session_create_inv_context_ops_fun(void)
ut_params->ctx.ops = &empty_ops;
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(0);
- TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
return TEST_SUCCESS;
@@ -795,13 +733,11 @@ test_session_create_inv_configuration(void)
struct rte_security_session *sess;
sess = rte_security_session_create(&ut_params->ctx, NULL,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(0);
- TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
return TEST_SUCCESS;
@@ -815,39 +751,13 @@ static int
test_session_create_inv_mempool(void)
{
struct security_unittest_params *ut_params = &unittest_params;
- struct security_testsuite_params *ts_params = &testsuite_params;
struct rte_security_session *sess;
- sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- NULL, ts_params->session_priv_mpool);
+ sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf, NULL);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(0);
- TEST_ASSERT_PRIV_MP_USAGE(0);
- TEST_ASSERT_SESSION_COUNT(0);
-
- return TEST_SUCCESS;
-}
-
-/**
- * Test execution of rte_security_session_create with NULL session
- * priv mempool
- */
-static int
-test_session_create_inv_sess_priv_mempool(void)
-{
- struct security_unittest_params *ut_params = &unittest_params;
- struct security_testsuite_params *ts_params = &testsuite_params;
- struct rte_security_session *sess;
-
- sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool, NULL);
- TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
- sess, NULL, "%p");
- TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
- TEST_ASSERT_MEMPOOL_USAGE(0);
- TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
return TEST_SUCCESS;
@@ -863,7 +773,6 @@ test_session_create_mempool_empty(void)
struct security_testsuite_params *ts_params = &testsuite_params;
struct security_unittest_params *ut_params = &unittest_params;
struct rte_security_session *tmp[SECURITY_TEST_MEMPOOL_SIZE];
- void *tmp1[SECURITY_TEST_MEMPOOL_SIZE];
struct rte_security_session *sess;
/* Get all available objects from mempool. */
@@ -874,34 +783,23 @@ test_session_create_mempool_empty(void)
TEST_ASSERT_EQUAL(0, ret,
"Expect getting %d object from mempool"
" to succeed", i);
- ret = rte_mempool_get(ts_params->session_priv_mpool,
- (void **)(&tmp1[i]));
- TEST_ASSERT_EQUAL(0, ret,
- "Expect getting %d object from priv mempool"
- " to succeed", i);
}
TEST_ASSERT_MEMPOOL_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
- TEST_ASSERT_PRIV_MP_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
- TEST_ASSERT_PRIV_MP_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
TEST_ASSERT_SESSION_COUNT(0);
/* Put objects back to the pool. */
for (i = 0; i < SECURITY_TEST_MEMPOOL_SIZE; ++i) {
rte_mempool_put(ts_params->session_mpool,
(void *)(tmp[i]));
- rte_mempool_put(ts_params->session_priv_mpool,
- (tmp1[i]));
}
TEST_ASSERT_MEMPOOL_USAGE(0);
- TEST_ASSERT_PRIV_MP_USAGE(0);
return TEST_SUCCESS;
}
@@ -920,17 +818,14 @@ test_session_create_ops_failure(void)
mock_session_create_exp.device = NULL;
mock_session_create_exp.conf = &ut_params->conf;
mock_session_create_exp.mp = ts_params->session_mpool;
- mock_session_create_exp.priv_mp = ts_params->session_priv_mpool;
mock_session_create_exp.ret = -1; /* Return failure status. */
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 1);
TEST_ASSERT_MEMPOOL_USAGE(0);
- TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
return TEST_SUCCESS;
@@ -949,12 +844,10 @@ test_session_create_success(void)
mock_session_create_exp.device = NULL;
mock_session_create_exp.conf = &ut_params->conf;
mock_session_create_exp.mp = ts_params->session_mpool;
- mock_session_create_exp.priv_mp = ts_params->session_priv_mpool;
mock_session_create_exp.ret = 0; /* Return success status. */
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_NOT_NULL(rte_security_session_create,
sess);
TEST_ASSERT_EQUAL(sess, mock_session_create_exp.sess,
@@ -963,7 +856,6 @@ test_session_create_success(void)
sess, mock_session_create_exp.sess);
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 1);
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
/*
@@ -1349,7 +1241,6 @@ test_session_destroy_inv_context(void)
struct security_unittest_params *ut_params = &unittest_params;
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
int ret = rte_security_session_destroy(NULL, ut_params->sess);
@@ -1357,7 +1248,6 @@ test_session_destroy_inv_context(void)
ret, -EINVAL, "%d");
TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
return TEST_SUCCESS;
@@ -1374,7 +1264,6 @@ test_session_destroy_inv_context_ops(void)
ut_params->ctx.ops = NULL;
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
int ret = rte_security_session_destroy(&ut_params->ctx,
@@ -1383,7 +1272,6 @@ test_session_destroy_inv_context_ops(void)
ret, -EINVAL, "%d");
TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
return TEST_SUCCESS;
@@ -1400,7 +1288,6 @@ test_session_destroy_inv_context_ops_fun(void)
ut_params->ctx.ops = &empty_ops;
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
int ret = rte_security_session_destroy(&ut_params->ctx,
@@ -1409,7 +1296,6 @@ test_session_destroy_inv_context_ops_fun(void)
ret, -ENOTSUP, "%d");
TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
return TEST_SUCCESS;
@@ -1424,7 +1310,6 @@ test_session_destroy_inv_session(void)
struct security_unittest_params *ut_params = &unittest_params;
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
int ret = rte_security_session_destroy(&ut_params->ctx, NULL);
@@ -1432,7 +1317,6 @@ test_session_destroy_inv_session(void)
ret, -EINVAL, "%d");
TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
return TEST_SUCCESS;
@@ -1452,7 +1336,6 @@ test_session_destroy_ops_failure(void)
mock_session_destroy_exp.ret = -1;
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
int ret = rte_security_session_destroy(&ut_params->ctx,
@@ -1461,7 +1344,6 @@ test_session_destroy_ops_failure(void)
ret, -1, "%d");
TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 1);
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
return TEST_SUCCESS;
@@ -1479,7 +1361,6 @@ test_session_destroy_success(void)
mock_session_destroy_exp.sess = ut_params->sess;
mock_session_destroy_exp.ret = 0;
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
int ret = rte_security_session_destroy(&ut_params->ctx,
@@ -1488,7 +1369,6 @@ test_session_destroy_success(void)
ret, 0, "%d");
TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 1);
TEST_ASSERT_MEMPOOL_USAGE(0);
- TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
/*
@@ -2340,8 +2220,6 @@ static struct unit_test_suite security_testsuite = {
test_session_create_inv_configuration),
TEST_CASE_ST(ut_setup, ut_teardown,
test_session_create_inv_mempool),
- TEST_CASE_ST(ut_setup, ut_teardown,
- test_session_create_inv_sess_priv_mempool),
TEST_CASE_ST(ut_setup, ut_teardown,
test_session_create_mempool_empty),
TEST_CASE_ST(ut_setup, ut_teardown,
@@ -66,7 +66,6 @@ extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha512;
static struct rte_mempool *mbufpool;
static struct rte_mempool *sess_pool;
-static struct rte_mempool *sess_priv_pool;
/* ethernet addresses of ports */
static struct rte_ether_addr ports_eth_addr[RTE_MAX_ETHPORTS];
@@ -311,8 +310,7 @@ create_inline_ipsec_session(struct ipsec_test_data *sa, uint16_t portid,
setenv("ETH_SEC_IV_OVR", arr, 1);
}
- *sess = rte_security_session_create(sec_ctx,
- sess_conf, sess_pool, sess_priv_pool);
+ *sess = rte_security_session_create(sec_ctx, sess_conf, sess_pool);
if (*sess == NULL) {
printf("SEC Session init failed.\n");
return TEST_FAILED;
@@ -496,18 +494,6 @@ init_mempools(unsigned int nb_mbuf)
}
printf("Allocated sess pool\n");
}
- if (sess_priv_pool == NULL) {
- snprintf(s, sizeof(s), "sess_priv_pool");
- sess_priv_pool = rte_mempool_create(s, nb_sess, sess_sz,
- MEMPOOL_CACHE_SIZE, 0,
- NULL, NULL, NULL, NULL,
- SOCKET_ID_ANY, 0);
- if (sess_priv_pool == NULL) {
- printf("Cannot init sess_priv pool\n");
- return TEST_FAILED;
- }
- printf("Allocated sess_priv pool\n");
- }
return 0;
}
@@ -1359,9 +1359,7 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
ses = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
break;
case RTE_CRYPTO_OP_SECURITY_SESSION:
- ses = (struct caam_jr_session *)
- get_sec_session_private_data(
- op->sym->sec_session);
+ ses = SECURITY_GET_SESS_PRIV(op->sym->sec_session);
break;
default:
CAAM_JR_DP_ERR("sessionless crypto op not supported");
@@ -1900,18 +1898,12 @@ caam_jr_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
static int
caam_jr_security_session_create(void *dev,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ struct rte_security_session *sess)
{
- void *sess_private_data;
+ void *sess_private_data = SECURITY_GET_SESS_PRIV(sess);
struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
int ret;
- if (rte_mempool_get(mempool, &sess_private_data)) {
- CAAM_JR_ERR("Couldn't get object from session mempool");
- return -ENOMEM;
- }
-
switch (conf->protocol) {
case RTE_SECURITY_PROTOCOL_IPSEC:
ret = caam_jr_set_ipsec_session(cdev, conf,
@@ -1924,13 +1916,8 @@ caam_jr_security_session_create(void *dev,
}
if (ret != 0) {
CAAM_JR_ERR("failed to configure session parameters");
- /* Return session to mempool */
- rte_mempool_put(mempool, sess_private_data);
- return ret;
}
- set_sec_session_private_data(sess, sess_private_data);
-
return ret;
}
@@ -1940,18 +1927,12 @@ caam_jr_security_session_destroy(void *dev __rte_unused,
struct rte_security_session *sess)
{
PMD_INIT_FUNC_TRACE();
- void *sess_priv = get_sec_session_private_data(sess);
-
- struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
-
- if (sess_priv) {
- struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
+ struct caam_jr_session *s = SECURITY_GET_SESS_PRIV(sess);
+ if (s) {
rte_free(s->cipher_key.data);
rte_free(s->auth_key.data);
- memset(sess, 0, sizeof(struct caam_jr_session));
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(sess_mp, sess_priv);
+ memset(s, 0, sizeof(struct caam_jr_session));
}
return 0;
}
@@ -122,8 +122,7 @@ cn10k_cpt_fill_inst(struct cnxk_cpt_qp *qp, struct rte_crypto_op *ops[],
if (op->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) {
if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
- sec_sess = get_sec_session_private_data(
- sym_op->sec_session);
+ sec_sess = SECURITY_GET_SESS_PRIV(sym_op->sec_session);
ret = cpt_sec_inst_fill(qp, op, sec_sess, &inst[0]);
if (unlikely(ret))
return 0;
@@ -302,7 +301,7 @@ cn10k_cpt_crypto_adapter_ev_mdata_set(struct rte_cryptodev *dev __rte_unused,
struct cn10k_sec_session *priv;
struct cn10k_ipsec_sa *sa;
- priv = get_sec_session_private_data(sess);
+ priv = SECURITY_GET_SESS_PRIV(sess);
sa = &priv->sa;
sa->qp = qp;
sa->inst.w2 = w2;
@@ -339,7 +338,7 @@ cn10k_ca_meta_info_extract(struct rte_crypto_op *op,
struct cn10k_sec_session *priv;
struct cn10k_ipsec_sa *sa;
- priv = get_sec_session_private_data(op->sym->sec_session);
+ priv = SECURITY_GET_SESS_PRIV(op->sym->sec_session);
sa = &priv->sa;
*qp = sa->qp;
*w2 = sa->inst.w2;
@@ -47,7 +47,7 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
void *out_sa;
int ret = 0;
- sess = get_sec_session_private_data(sec_sess);
+ sess = SECURITY_GET_SESS_PRIV(sec_sess);
sa = &sess->sa;
out_sa = &sa->out_sa;
@@ -173,7 +173,7 @@ cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
void *in_sa;
int ret = 0;
- sess = get_sec_session_private_data(sec_sess);
+ sess = SECURITY_GET_SESS_PRIV(sec_sess);
sa = &sess->sa;
in_sa = &sa->in_sa;
@@ -290,37 +290,16 @@ cn10k_ipsec_session_create(void *dev,
static int
cn10k_sec_session_create(void *device, struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ struct rte_security_session *sess)
{
- struct cn10k_sec_session *priv;
- int ret;
-
if (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)
return -EINVAL;
- if (rte_mempool_get(mempool, (void **)&priv)) {
- plt_err("Could not allocate security session private data");
- return -ENOMEM;
- }
+ if (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC)
+ return -ENOTSUP;
- set_sec_session_private_data(sess, priv);
-
- if (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC) {
- ret = -ENOTSUP;
- goto mempool_put;
- }
- ret = cn10k_ipsec_session_create(device, &conf->ipsec,
+ return cn10k_ipsec_session_create(device, &conf->ipsec,
conf->crypto_xform, sess);
- if (ret)
- goto mempool_put;
-
- return 0;
-
-mempool_put:
- rte_mempool_put(mempool, priv);
- set_sec_session_private_data(sess, NULL);
- return ret;
}
static int
@@ -329,14 +308,13 @@ cn10k_sec_session_destroy(void *dev, struct rte_security_session *sec_sess)
struct rte_cryptodev *crypto_dev = dev;
union roc_ot_ipsec_sa_word2 *w2;
struct cn10k_sec_session *sess;
- struct rte_mempool *sess_mp;
struct cn10k_ipsec_sa *sa;
struct cnxk_cpt_qp *qp;
struct roc_cpt_lf *lf;
void *sa_dptr = NULL;
int ret;
- sess = get_sec_session_private_data(sec_sess);
+ sess = SECURITY_GET_SESS_PRIV(sec_sess);
if (sess == NULL)
return 0;
@@ -390,11 +368,6 @@ cn10k_sec_session_destroy(void *dev, struct rte_security_session *sec_sess)
roc_cpt_lf_ctx_reload(lf, &sa->in_sa);
}
- sess_mp = rte_mempool_from_obj(sess);
-
- set_sec_session_private_data(sec_sess, NULL);
- rte_mempool_put(sess_mp, sess);
-
return 0;
}
@@ -416,7 +389,7 @@ cn10k_sec_session_stats_get(void *device, struct rte_security_session *sess,
struct cn10k_ipsec_sa *sa;
struct cnxk_cpt_qp *qp;
- priv = get_sec_session_private_data(sess);
+ priv = SECURITY_GET_SESS_PRIV(sess);
if (priv == NULL)
return -EINVAL;
@@ -457,7 +430,7 @@ cn10k_sec_session_update(void *device, struct rte_security_session *sess,
struct cnxk_cpt_vf *vf;
int ret;
- priv = get_sec_session_private_data(sess);
+ priv = SECURITY_GET_SESS_PRIV(sess);
if (priv == NULL)
return -EINVAL;
@@ -27,7 +27,7 @@ cn9k_cpt_sec_inst_fill(struct rte_crypto_op *op,
struct cn9k_ipsec_sa *sa;
int ret;
- priv = get_sec_session_private_data(op->sym->sec_session);
+ priv = SECURITY_GET_SESS_PRIV(op->sym->sec_session);
sa = &priv->sa;
if (unlikely(sym_op->m_dst && sym_op->m_dst != sym_op->m_src)) {
@@ -337,7 +337,7 @@ cn9k_cpt_crypto_adapter_ev_mdata_set(struct rte_cryptodev *dev __rte_unused,
struct cn9k_sec_session *priv;
struct cn9k_ipsec_sa *sa;
- priv = get_sec_session_private_data(sess);
+ priv = SECURITY_GET_SESS_PRIV(sess);
sa = &priv->sa;
sa->qp = qp;
sa->inst.w2 = w2;
@@ -374,7 +374,7 @@ cn9k_ca_meta_info_extract(struct rte_crypto_op *op,
struct cn9k_sec_session *priv;
struct cn9k_ipsec_sa *sa;
- priv = get_sec_session_private_data(op->sym->sec_session);
+ priv = SECURITY_GET_SESS_PRIV(op->sym->sec_session);
sa = &priv->sa;
*qp = sa->qp;
inst->w2.u64 = sa->inst.w2;
@@ -539,8 +539,7 @@ cn9k_cpt_sec_post_process(struct rte_crypto_op *cop,
CPT_OP_FLAGS_IPSEC_INB_REPLAY)) {
int ret;
- priv = get_sec_session_private_data(
- sym_op->sec_session);
+ priv = SECURITY_GET_SESS_PRIV(sym_op->sec_session);
sa = &priv->sa;
ret = ipsec_antireplay_check(
@@ -32,7 +32,7 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
uint8_t egrp;
int ret;
- sess = get_sec_session_private_data(sec_sess);
+ sess = SECURITY_GET_SESS_PRIV(sec_sess);
sa = &sess->sa;
memset(sa, 0, sizeof(struct cn9k_ipsec_sa));
@@ -80,7 +80,7 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
ctx_len = ret;
egrp = roc_cpt->eng_grp[CPT_ENG_TYPE_IE];
- ret = roc_on_cpt_ctx_write(&qp->lf, rte_mempool_virt2iova(&sa->out_sa),
+ ret = roc_on_cpt_ctx_write(&qp->lf, SECURITY_GET_SESS_PRIV_IOVA(sec_sess),
false, ctx_len, egrp);
if (ret)
@@ -108,7 +108,7 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
w7.u64 = 0;
w7.s.egrp = egrp;
- w7.s.cptr = rte_mempool_virt2iova(&sa->out_sa);
+ w7.s.cptr = SECURITY_GET_SESS_PRIV_IOVA(sec_sess);
inst_tmpl = &sa->inst;
inst_tmpl->w4 = w4.u64;
@@ -134,7 +134,7 @@ cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,
uint8_t egrp;
int ret = 0;
- sess = get_sec_session_private_data(sec_sess);
+ sess = SECURITY_GET_SESS_PRIV(sec_sess);
sa = &sess->sa;
memset(sa, 0, sizeof(struct cn9k_ipsec_sa));
@@ -170,7 +170,7 @@ cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,
ctx_len = ret;
egrp = roc_cpt->eng_grp[CPT_ENG_TYPE_IE];
- ret = roc_on_cpt_ctx_write(&qp->lf, rte_mempool_virt2iova(&sa->in_sa),
+ ret = roc_on_cpt_ctx_write(&qp->lf, SECURITY_GET_SESS_PRIV_IOVA(sec_sess),
true, ctx_len, egrp);
if (ret)
return ret;
@@ -184,7 +184,7 @@ cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,
w4.s.param2 = param2.u16;
w7.s.egrp = egrp;
- w7.s.cptr = rte_mempool_virt2iova(&sa->in_sa);
+ w7.s.cptr = SECURITY_GET_SESS_PRIV_IOVA(sec_sess);
inst_tmpl = &sa->inst;
inst_tmpl->w4 = w4.u64;
@@ -295,40 +295,20 @@ cn9k_ipsec_session_create(void *dev,
static int
cn9k_sec_session_create(void *device, struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ struct rte_security_session *sess)
{
- struct cn9k_sec_session *priv;
- int ret;
+ struct cn9k_sec_session *priv = SECURITY_GET_SESS_PRIV(sess);
if (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)
return -EINVAL;
- if (rte_mempool_get(mempool, (void **)&priv)) {
- plt_err("Could not allocate security session private data");
- return -ENOMEM;
- }
-
memset(priv, 0, sizeof(*priv));
- set_sec_session_private_data(sess, priv);
+ if (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC)
+ return -ENOTSUP;
- if (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC) {
- ret = -ENOTSUP;
- goto mempool_put;
- }
-
- ret = cn9k_ipsec_session_create(device, &conf->ipsec,
+ return cn9k_ipsec_session_create(device, &conf->ipsec,
conf->crypto_xform, sess);
- if (ret)
- goto mempool_put;
-
- return 0;
-
-mempool_put:
- rte_mempool_put(mempool, priv);
- set_sec_session_private_data(sess, NULL);
- return ret;
}
static int
@@ -337,11 +317,10 @@ cn9k_sec_session_destroy(void *device __rte_unused,
{
struct roc_ie_on_outb_sa *out_sa;
struct cn9k_sec_session *priv;
- struct rte_mempool *sess_mp;
struct roc_ie_on_sa_ctl *ctl;
struct cn9k_ipsec_sa *sa;
- priv = get_sec_session_private_data(sess);
+ priv = SECURITY_GET_SESS_PRIV(sess);
if (priv == NULL)
return 0;
@@ -353,13 +332,8 @@ cn9k_sec_session_destroy(void *device __rte_unused,
rte_io_wmb();
- sess_mp = rte_mempool_from_obj(priv);
-
memset(priv, 0, sizeof(*priv));
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(sess_mp, priv);
-
return 0;
}
@@ -1382,8 +1382,7 @@ build_sec_fd(struct rte_crypto_op *op,
sess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
#ifdef RTE_LIB_SECURITY
else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
- sess = (dpaa2_sec_session *)get_sec_session_private_data(
- op->sym->sec_session);
+ sess = SECURITY_GET_SESS_PRIV(op->sym->sec_session);
#endif
else {
DPAA2_SEC_DP_ERR("Session type invalid\n");
@@ -1583,8 +1582,7 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
mbuf->buf_iova = op->sym->aead.digest.phys_addr;
op->sym->aead.digest.phys_addr = 0L;
- sess_priv = (dpaa2_sec_session *)get_sec_session_private_data(
- op->sym->sec_session);
+ sess_priv = SECURITY_GET_SESS_PRIV(op->sym->sec_session);
if (sess_priv->dir == DIR_ENC)
mbuf->data_off += SEC_FLC_DHR_OUTBOUND;
else
@@ -1680,8 +1678,7 @@ dpaa2_sec_dump(struct rte_crypto_op *op)
sess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
#ifdef RTE_LIBRTE_SECURITY
else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
- sess = (dpaa2_sec_session *)get_sec_session_private_data(
- op->sym->sec_session);
+ sess = SECURITY_GET_SESS_PRIV(op->sym->sec_session);
#endif
if (sess == NULL)
@@ -3690,18 +3687,12 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,
static int
dpaa2_sec_security_session_create(void *dev,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ struct rte_security_session *sess)
{
- void *sess_private_data;
+ void *sess_private_data = SECURITY_GET_SESS_PRIV(sess);
struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
int ret;
- if (rte_mempool_get(mempool, &sess_private_data)) {
- DPAA2_SEC_ERR("Couldn't get object from session mempool");
- return -ENOMEM;
- }
-
switch (conf->protocol) {
case RTE_SECURITY_PROTOCOL_IPSEC:
ret = dpaa2_sec_set_ipsec_session(cdev, conf,
@@ -3718,13 +3709,9 @@ dpaa2_sec_security_session_create(void *dev,
}
if (ret != 0) {
DPAA2_SEC_ERR("Failed to configure session parameters");
- /* Return session to mempool */
- rte_mempool_put(mempool, sess_private_data);
return ret;
}
- set_sec_session_private_data(sess, sess_private_data);
-
return ret;
}
@@ -3734,19 +3721,15 @@ dpaa2_sec_security_session_destroy(void *dev __rte_unused,
struct rte_security_session *sess)
{
PMD_INIT_FUNC_TRACE();
- void *sess_priv = get_sec_session_private_data(sess);
+ void *sess_priv = SECURITY_GET_SESS_PRIV(sess);
dpaa2_sec_session *s = (dpaa2_sec_session *)sess_priv;
if (sess_priv) {
- struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-
rte_free(s->ctxt);
rte_free(s->cipher_key.data);
rte_free(s->auth_key.data);
memset(s, 0, sizeof(dpaa2_sec_session));
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(sess_mp, sess_priv);
}
return 0;
}
@@ -1009,8 +1009,7 @@ dpaa2_sec_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,
}
if (sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
- sess = (dpaa2_sec_session *)get_sec_session_private_data(
- session_ctx.sec_sess);
+ sess = SECURITY_GET_SESS_PRIV(session_ctx.sec_sess);
else if (sess_type == RTE_CRYPTO_OP_WITH_SESSION)
sess = CRYPTODEV_GET_SYM_SESS_PRIV(session_ctx.crypto_sess);
else
@@ -673,9 +673,7 @@ dpaa_sec_dump(struct dpaa_sec_op_ctx *ctx, struct dpaa_sec_qp *qp)
sess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
#ifdef RTE_LIBRTE_SECURITY
else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
- sess = (dpaa_sec_session *)
- get_sec_session_private_data(
- op->sym->sec_session);
+ sess = SECURITY_GET_SESS_PRIV(op->sym->sec_session);
#endif
if (sess == NULL) {
printf("session is NULL\n");
@@ -1928,9 +1926,7 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
break;
#ifdef RTE_LIB_SECURITY
case RTE_CRYPTO_OP_SECURITY_SESSION:
- ses = (dpaa_sec_session *)
- get_sec_session_private_data(
- op->sym->sec_session);
+ ses = SECURITY_GET_SESS_PRIV(op->sym->sec_session);
break;
#endif
default:
@@ -3245,18 +3241,12 @@ dpaa_sec_set_pdcp_session(struct rte_cryptodev *dev,
static int
dpaa_sec_security_session_create(void *dev,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ struct rte_security_session *sess)
{
- void *sess_private_data;
+ void *sess_private_data = SECURITY_GET_SESS_PRIV(sess);
struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
int ret;
- if (rte_mempool_get(mempool, &sess_private_data)) {
- DPAA_SEC_ERR("Couldn't get object from session mempool");
- return -ENOMEM;
- }
-
switch (conf->protocol) {
case RTE_SECURITY_PROTOCOL_IPSEC:
ret = dpaa_sec_set_ipsec_session(cdev, conf,
@@ -3273,13 +3263,9 @@ dpaa_sec_security_session_create(void *dev,
}
if (ret != 0) {
DPAA_SEC_ERR("failed to configure session parameters");
- /* Return session to mempool */
- rte_mempool_put(mempool, sess_private_data);
return ret;
}
- set_sec_session_private_data(sess, sess_private_data);
-
ret = dpaa_sec_prep_cdb(sess_private_data);
if (ret) {
DPAA_SEC_ERR("Unable to prepare sec cdb");
@@ -3295,12 +3281,11 @@ dpaa_sec_security_session_destroy(void *dev __rte_unused,
struct rte_security_session *sess)
{
PMD_INIT_FUNC_TRACE();
- void *sess_priv = get_sec_session_private_data(sess);
+ void *sess_priv = SECURITY_GET_SESS_PRIV(sess);
dpaa_sec_session *s = (dpaa_sec_session *)sess_priv;
if (sess_priv) {
free_session_memory((struct rte_cryptodev *)dev, s);
- set_sec_session_private_data(sess, NULL);
}
return 0;
}
@@ -1014,8 +1014,7 @@ dpaa_sec_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,
}
if (sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
- sess = (dpaa_sec_session *)get_sec_session_private_data(
- session_ctx.sec_sess);
+ sess = SECURITY_GET_SESS_PRIV(session_ctx.sec_sess);
else if (sess_type == RTE_CRYPTO_OP_WITH_SESSION)
sess = (dpaa_sec_session *)
CRYPTODEV_GET_SYM_SESS_PRIV(session_ctx.crypto_sess);
@@ -1584,8 +1584,7 @@ set_sec_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,
op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
return -1;
}
- session = (struct aesni_mb_session *)
- get_sec_session_private_data(op->sym->sec_session);
+ session = SECURITY_GET_SESS_PRIV(op->sym->sec_session);
if (unlikely(session == NULL)) {
op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
@@ -1720,7 +1719,7 @@ post_process_mb_job(struct ipsec_mb_qp *qp, IMB_JOB *job)
* this is for DOCSIS
*/
is_docsis_sec = 1;
- sess = get_sec_session_private_data(op->sym->sec_session);
+ sess = SECURITY_GET_SESS_PRIV(op->sym->sec_session);
} else
#endif
sess = CRYPTODEV_GET_SYM_SESS_PRIV(op->sym->session);
@@ -2095,10 +2094,9 @@ struct rte_cryptodev_ops aesni_mb_pmd_ops = {
*/
static int
aesni_mb_pmd_sec_sess_create(void *dev, struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ struct rte_security_session *sess)
{
- void *sess_private_data;
+ void *sess_private_data = SECURITY_GET_SESS_PRIV(sess);
struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
int ret;
@@ -2108,24 +2106,14 @@ aesni_mb_pmd_sec_sess_create(void *dev, struct rte_security_session_conf *conf,
return -EINVAL;
}
- if (rte_mempool_get(mempool, &sess_private_data)) {
- IPSEC_MB_LOG(ERR, "Couldn't get object from session mempool");
- return -ENOMEM;
- }
-
ret = aesni_mb_set_docsis_sec_session_parameters(cdev, conf,
sess_private_data);
if (ret != 0) {
IPSEC_MB_LOG(ERR, "Failed to configure session parameters");
-
- /* Return session to mempool */
- rte_mempool_put(mempool, sess_private_data);
return ret;
}
- set_sec_session_private_data(sess, sess_private_data);
-
return ret;
}
@@ -2134,14 +2122,10 @@ static int
aesni_mb_pmd_sec_sess_destroy(void *dev __rte_unused,
struct rte_security_session *sess)
{
- void *sess_priv = get_sec_session_private_data(sess);
+ void *sess_priv = SECURITY_GET_SESS_PRIV(sess);
if (sess_priv) {
- struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-
memset(sess_priv, 0, sizeof(struct aesni_mb_session));
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(sess_mp, sess_priv);
}
return 0;
}
@@ -767,8 +767,7 @@ mrvl_request_prepare_sec(struct sam_cio_ipsec_params *request,
return -EINVAL;
}
- sess = (struct mrvl_crypto_session *)get_sec_session_private_data(
- op->sym->sec_session);
+ sess = SECURITY_GET_SESS_PRIV(op->sym->sec_session);
if (unlikely(sess == NULL)) {
MRVL_LOG(ERR, "Session was not created for this device! %d",
cryptodev_driver_id);
@@ -833,11 +833,10 @@ struct rte_cryptodev_ops *rte_mrvl_crypto_pmd_ops = &mrvl_crypto_pmd_ops;
static int
mrvl_crypto_pmd_security_session_create(__rte_unused void *dev,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ struct rte_security_session *sess)
{
struct mrvl_crypto_session *mrvl_sess;
- void *sess_private_data;
+ void *sess_private_data = SECURITY_GET_SESS_PRIV(sess);
int ret;
if (sess == NULL) {
@@ -845,11 +844,6 @@ mrvl_crypto_pmd_security_session_create(__rte_unused void *dev,
return -EINVAL;
}
- if (rte_mempool_get(mempool, &sess_private_data)) {
- MRVL_LOG(ERR, "Couldn't get object from session mempool.");
- return -ENOMEM;
- }
-
switch (conf->protocol) {
case RTE_SECURITY_PROTOCOL_IPSEC:
mrvl_sess = (struct mrvl_crypto_session *)sess_private_data;
@@ -863,8 +857,6 @@ mrvl_crypto_pmd_security_session_create(__rte_unused void *dev,
if (ret != 0) {
MRVL_LOG(ERR, "Failed to configure session parameters.");
- /* Return session to mempool */
- rte_mempool_put(mempool, sess_private_data);
return ret;
}
@@ -878,8 +870,6 @@ mrvl_crypto_pmd_security_session_create(__rte_unused void *dev,
&mrvl_sess->sam_sess);
if (ret < 0) {
MRVL_LOG(ERR, "PMD: failed to create IPSEC session.");
- /* Return session to mempool */
- rte_mempool_put(mempool, sess_private_data);
return ret;
}
break;
@@ -889,8 +879,6 @@ mrvl_crypto_pmd_security_session_create(__rte_unused void *dev,
return -EINVAL;
}
- set_sec_session_private_data(sess, sess_private_data);
-
return ret;
}
@@ -899,13 +887,12 @@ static int
mrvl_crypto_pmd_security_session_destroy(void *dev __rte_unused,
struct rte_security_session *sess)
{
- void *sess_priv = get_sec_session_private_data(sess);
+ void *sess_priv = SECURITY_GET_SESS_PRIV(sess);
/* Zero out the whole structure */
if (sess_priv) {
struct mrvl_crypto_session *mrvl_sess =
(struct mrvl_crypto_session *)sess_priv;
- struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
if (mrvl_sess->sam_sess &&
sam_session_destroy(mrvl_sess->sam_sess) < 0) {
@@ -916,8 +903,6 @@ mrvl_crypto_pmd_security_session_destroy(void *dev __rte_unused,
rte_free(mrvl_sess->sam_sess_params.auth_key);
rte_free(mrvl_sess->sam_sess_params.cipher_iv);
memset(sess, 0, sizeof(struct rte_security_session));
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(sess_mp, sess_priv);
}
return 0;
}
@@ -9,6 +9,7 @@
#include <rte_crypto_sym.h>
#include <bus_pci_driver.h>
#include <rte_byteorder.h>
+#include <rte_security_driver.h>
#include "qat_sym.h"
#include "qat_crypto.h"
@@ -100,7 +101,7 @@ qat_sym_build_request(void *in_op, uint8_t *out_msg,
#ifdef RTE_LIB_SECURITY
else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
- ctx = get_sec_session_private_data(op->sym->sec_session);
+ ctx = SECURITY_GET_SESS_PRIV(op->sym->sec_session);
if (unlikely(!ctx)) {
QAT_DP_LOG(ERR, "No session for this device");
return -EINVAL;
@@ -12,6 +12,9 @@
#ifdef BUILD_QAT_SYM
#include <openssl/evp.h>
+#ifdef RTE_LIB_SECURITY
+#include <rte_security_driver.h>
+#endif
#include "qat_common.h"
#include "qat_sym_session.h"
@@ -274,9 +277,7 @@ qat_sym_preprocess_requests(void **ops, uint16_t nb_ops)
op = (struct rte_crypto_op *)ops[i];
if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
- ctx = (struct qat_sym_session *)
- get_sec_session_private_data(
- op->sym->sec_session);
+ ctx = SECURITY_GET_SESS_PRIV(op->sym->sec_session);
if (ctx == NULL || ctx->bpi_ctx == NULL)
continue;
@@ -309,9 +310,7 @@ qat_sym_process_response(void **op, uint8_t *resp, void *op_cookie,
* Assuming at this point that if it's a security
* op, that this is for DOCSIS
*/
- sess = (struct qat_sym_session *)
- get_sec_session_private_data(
- rx_op->sym->sec_session);
+ sess = SECURITY_GET_SESS_PRIV(rx_op->sym->sec_session);
is_docsis_sec = 1;
} else
#endif
@@ -25,7 +25,7 @@
#include <rte_malloc.h>
#include <rte_crypto_sym.h>
#ifdef RTE_LIB_SECURITY
-#include <rte_security.h>
+#include <rte_security_driver.h>
#endif
#include "qat_logs.h"
@@ -2570,7 +2570,8 @@ qat_sec_session_check_docsis(struct rte_security_session_conf *conf)
static int
qat_sec_session_set_docsis_parameters(struct rte_cryptodev *dev,
- struct rte_security_session_conf *conf, void *session_private)
+ struct rte_security_session_conf *conf, void *session_private,
+ rte_iova_t session_paddr)
{
int ret;
int qat_cmd_id;
@@ -2589,7 +2590,6 @@ qat_sec_session_set_docsis_parameters(struct rte_cryptodev *dev,
xform = conf->crypto_xform;
/* Verify the session physical address is known */
- rte_iova_t session_paddr = rte_mempool_virt2iova(session);
if (session_paddr == 0 || session_paddr == RTE_BAD_IOVA) {
QAT_LOG(ERR,
"Session physical address unknown. Bad memory pool.");
@@ -2619,10 +2619,9 @@ qat_sec_session_set_docsis_parameters(struct rte_cryptodev *dev,
int
qat_security_session_create(void *dev,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ struct rte_security_session *sess)
{
- void *sess_private_data;
+ void *sess_private_data = SECURITY_GET_SESS_PRIV(sess);
struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
struct qat_cryptodev_private *internals = cdev->data->dev_private;
enum qat_device_gen qat_dev_gen = internals->qat_dev->qat_dev_gen;
@@ -2635,25 +2634,17 @@ qat_security_session_create(void *dev,
return -EINVAL;
}
- if (rte_mempool_get(mempool, &sess_private_data)) {
- QAT_LOG(ERR, "Couldn't get object from session mempool");
- return -ENOMEM;
- }
-
#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
if (ossl_legacy_provider_load())
return -EINVAL;
#endif
ret = qat_sec_session_set_docsis_parameters(cdev, conf,
- sess_private_data);
+ sess_private_data, SECURITY_GET_SESS_PRIV_IOVA(sess));
if (ret != 0) {
QAT_LOG(ERR, "Failed to configure session parameters");
- /* Return session to mempool */
- rte_mempool_put(mempool, sess_private_data);
return ret;
}
- set_sec_session_private_data(sess, sess_private_data);
sym_session = (struct qat_sym_session *)sess_private_data;
sym_session->dev_id = internals->dev_id;
@@ -2665,17 +2656,13 @@ int
qat_security_session_destroy(void *dev __rte_unused,
struct rte_security_session *sess)
{
- void *sess_priv = get_sec_session_private_data(sess);
+ void *sess_priv = SECURITY_GET_SESS_PRIV(sess);
struct qat_sym_session *s = (struct qat_sym_session *)sess_priv;
if (sess_priv) {
if (s->bpi_ctx)
bpi_cipher_ctx_free(s->bpi_ctx);
memset(s, 0, qat_sym_session_get_private_size(dev));
- struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(sess_mp, sess_priv);
}
# if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
@@ -177,7 +177,7 @@ qat_sym_validate_zuc_key(int key_len, enum icp_qat_hw_cipher_algo *alg);
#ifdef RTE_LIB_SECURITY
int
qat_security_session_create(void *dev, struct rte_security_session_conf *conf,
- struct rte_security_session *sess, struct rte_mempool *mempool);
+ struct rte_security_session *sess);
int
qat_security_session_destroy(void *dev, struct rte_security_session *sess);
#endif
@@ -583,15 +583,14 @@ cn10k_eth_sec_outb_sa_misc_fill(struct roc_nix *roc_nix,
static int
cn10k_eth_sec_session_create(void *device,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ struct rte_security_session *sess)
{
struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
struct rte_security_ipsec_xform *ipsec;
struct cn10k_sec_sess_priv sess_priv;
struct rte_crypto_sym_xform *crypto;
- struct cnxk_eth_sec_sess *eth_sec;
+ struct cnxk_eth_sec_sess *eth_sec = SECURITY_GET_SESS_PRIV(sess);
struct roc_nix *nix = &dev->nix;
bool inbound, inl_dev;
rte_spinlock_t *lock;
@@ -626,11 +625,6 @@ cn10k_eth_sec_session_create(void *device,
return -EEXIST;
}
- if (rte_mempool_get(mempool, (void **)ð_sec)) {
- plt_err("Could not allocate security session private data");
- return -ENOMEM;
- }
-
memset(eth_sec, 0, sizeof(struct cnxk_eth_sec_sess));
sess_priv.u64 = 0;
@@ -659,12 +653,12 @@ cn10k_eth_sec_session_create(void *device,
"Failed to create ingress sa, inline dev "
"not found or spi not in range");
rc = -ENOTSUP;
- goto mempool_put;
+ goto err;
} else if (!sa) {
snprintf(tbuf, sizeof(tbuf),
"Failed to create ingress sa");
rc = -EFAULT;
- goto mempool_put;
+ goto err;
}
inb_sa = (struct roc_ot_ipsec_inb_sa *)sa;
@@ -675,7 +669,7 @@ cn10k_eth_sec_session_create(void *device,
"Inbound SA with SPI %u already in use",
ipsec->spi);
rc = -EBUSY;
- goto mempool_put;
+ goto err;
}
inb_sa_dptr = (struct roc_ot_ipsec_inb_sa *)dev->inb.sa_dptr;
@@ -687,7 +681,7 @@ cn10k_eth_sec_session_create(void *device,
if (rc) {
snprintf(tbuf, sizeof(tbuf),
"Failed to init inbound sa, rc=%d", rc);
- goto mempool_put;
+ goto err;
}
inb_priv = roc_nix_inl_ot_ipsec_inb_sa_sw_rsvd(inb_sa);
@@ -724,7 +718,7 @@ cn10k_eth_sec_session_create(void *device,
eth_sec->inb,
sizeof(struct roc_ot_ipsec_inb_sa));
if (rc)
- goto mempool_put;
+ goto err;
if (conf->ipsec.options.ip_reassembly_en) {
inb_priv->reass_dynfield_off = dev->reass_dynfield_off;
@@ -745,7 +739,7 @@ cn10k_eth_sec_session_create(void *device,
/* Alloc an sa index */
rc = cnxk_eth_outb_sa_idx_get(dev, &sa_idx, ipsec->spi);
if (rc)
- goto mempool_put;
+ goto err;
outb_sa = roc_nix_inl_ot_ipsec_outb_sa(sa_base, sa_idx);
outb_priv = roc_nix_inl_ot_ipsec_outb_sa_sw_rsvd(outb_sa);
@@ -760,7 +754,7 @@ cn10k_eth_sec_session_create(void *device,
snprintf(tbuf, sizeof(tbuf),
"Failed to init outbound sa, rc=%d", rc);
rc |= cnxk_eth_outb_sa_idx_put(dev, sa_idx);
- goto mempool_put;
+ goto err;
}
if (conf->ipsec.options.iv_gen_disable == 1) {
@@ -776,7 +770,7 @@ cn10k_eth_sec_session_create(void *device,
"Failed to init outb sa misc params, rc=%d",
rc);
rc |= cnxk_eth_outb_sa_idx_put(dev, sa_idx);
- goto mempool_put;
+ goto err;
}
/* Save userdata */
@@ -818,7 +812,7 @@ cn10k_eth_sec_session_create(void *device,
eth_sec->inb,
sizeof(struct roc_ot_ipsec_outb_sa));
if (rc)
- goto mempool_put;
+ goto err;
}
if (inbound && inl_dev)
roc_nix_inl_dev_unlock();
@@ -830,15 +824,14 @@ cn10k_eth_sec_session_create(void *device,
/*
* Update fast path info in priv area.
*/
- set_sec_session_private_data(sess, (void *)sess_priv.u64);
+ sess->fast_mdata = sess_priv.u64;
return 0;
-mempool_put:
+err:
if (inbound && inl_dev)
roc_nix_inl_dev_unlock();
rte_spinlock_unlock(lock);
- rte_mempool_put(mempool, eth_sec);
if (rc)
plt_err("%s", tbuf);
return rc;
@@ -850,7 +843,6 @@ cn10k_eth_sec_session_destroy(void *device, struct rte_security_session *sess)
struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
struct cnxk_eth_sec_sess *eth_sec;
- struct rte_mempool *mp;
rte_spinlock_t *lock;
void *sa_dptr;
@@ -896,10 +888,6 @@ cn10k_eth_sec_session_destroy(void *device, struct rte_security_session *sess)
eth_sec->inb ? "inbound" : "outbound", eth_sec->spi,
eth_sec->sa_idx, eth_sec->inl_dev);
- /* Put eth_sec object back to pool */
- mp = rte_mempool_from_obj(eth_sec);
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(mp, eth_sec);
return 0;
}
@@ -497,9 +497,10 @@ cn9k_eth_sec_session_update(void *device,
plt_nix_dbg("Created outbound session with spi=%u, sa_idx=%u",
eth_sec->spi, eth_sec->sa_idx);
- /* Update fast path info in priv area.
+ /*
+ * Update fast path info in priv area.
*/
- set_sec_session_private_data(sess, (void *)sess_priv.u64);
+ sess->fast_mdata = sess_priv.u64;
return 0;
exit:
@@ -512,15 +513,14 @@ cn9k_eth_sec_session_update(void *device,
static int
cn9k_eth_sec_session_create(void *device,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ struct rte_security_session *sess)
{
+ struct cnxk_eth_sec_sess *eth_sec = SECURITY_GET_SESS_PRIV(sess);
struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
struct rte_security_ipsec_xform *ipsec;
struct cn9k_sec_sess_priv sess_priv;
struct rte_crypto_sym_xform *crypto;
- struct cnxk_eth_sec_sess *eth_sec;
struct roc_nix *nix = &dev->nix;
rte_spinlock_t *lock;
char tbuf[128] = {0};
@@ -548,11 +548,6 @@ cn9k_eth_sec_session_create(void *device,
return -EEXIST;
}
- if (rte_mempool_get(mempool, (void **)ð_sec)) {
- plt_err("Could not allocate security session private data");
- return -ENOMEM;
- }
-
lock = inbound ? &dev->inb.lock : &dev->outb.lock;
rte_spinlock_lock(lock);
@@ -582,7 +577,7 @@ cn9k_eth_sec_session_create(void *device,
snprintf(tbuf, sizeof(tbuf),
"Failed to create ingress sa");
rc = -EFAULT;
- goto mempool_put;
+ goto err;
}
/* Check if SA is already in use */
@@ -591,7 +586,7 @@ cn9k_eth_sec_session_create(void *device,
"Inbound SA with SPI %u already in use",
ipsec->spi);
rc = -EBUSY;
- goto mempool_put;
+ goto err;
}
memset(inb_sa, 0, sizeof(struct roc_ie_on_inb_sa));
@@ -601,7 +596,7 @@ cn9k_eth_sec_session_create(void *device,
if (rc < 0) {
snprintf(tbuf, sizeof(tbuf),
"Failed to init inbound sa, rc=%d", rc);
- goto mempool_put;
+ goto err;
}
ctx_len = rc;
@@ -610,7 +605,7 @@ cn9k_eth_sec_session_create(void *device,
if (rc) {
snprintf(tbuf, sizeof(tbuf),
"Failed to create inbound sa, rc=%d", rc);
- goto mempool_put;
+ goto err;
}
inb_priv = roc_nix_inl_on_ipsec_inb_sa_sw_rsvd(inb_sa);
@@ -624,7 +619,7 @@ cn9k_eth_sec_session_create(void *device,
if (inb_priv->replay_win_sz) {
rc = ar_window_init(inb_priv);
if (rc)
- goto mempool_put;
+ goto err;
}
/* Prepare session priv */
@@ -654,7 +649,7 @@ cn9k_eth_sec_session_create(void *device,
/* Alloc an sa index */
rc = cnxk_eth_outb_sa_idx_get(dev, &sa_idx, 0);
if (rc)
- goto mempool_put;
+ goto err;
outb_sa = roc_nix_inl_on_ipsec_outb_sa(sa_base, sa_idx);
outb_priv = roc_nix_inl_on_ipsec_outb_sa_sw_rsvd(outb_sa);
@@ -668,7 +663,7 @@ cn9k_eth_sec_session_create(void *device,
snprintf(tbuf, sizeof(tbuf),
"Failed to init outbound sa, rc=%d", rc);
rc |= cnxk_eth_outb_sa_idx_put(dev, sa_idx);
- goto mempool_put;
+ goto err;
}
ctx_len = rc;
@@ -678,7 +673,7 @@ cn9k_eth_sec_session_create(void *device,
snprintf(tbuf, sizeof(tbuf),
"Failed to init outbound sa, rc=%d", rc);
rc |= cnxk_eth_outb_sa_idx_put(dev, sa_idx);
- goto mempool_put;
+ goto err;
}
/* When IV is provided by the application,
@@ -731,12 +726,11 @@ cn9k_eth_sec_session_create(void *device,
/*
* Update fast path info in priv area.
*/
- set_sec_session_private_data(sess, (void *)sess_priv.u64);
+ sess->fast_mdata = sess_priv.u64;
return 0;
-mempool_put:
+err:
rte_spinlock_unlock(lock);
- rte_mempool_put(mempool, eth_sec);
if (rc)
plt_err("%s", tbuf);
return rc;
@@ -750,7 +744,6 @@ cn9k_eth_sec_session_destroy(void *device, struct rte_security_session *sess)
struct cnxk_eth_sec_sess *eth_sec;
struct roc_ie_on_outb_sa *outb_sa;
struct roc_ie_on_inb_sa *inb_sa;
- struct rte_mempool *mp;
rte_spinlock_t *lock;
eth_sec = cnxk_eth_sec_sess_get_by_sess(dev, sess);
@@ -787,10 +780,6 @@ cn9k_eth_sec_session_destroy(void *device, struct rte_security_session *sess)
eth_sec->inb ? "inbound" : "outbound", eth_sec->spi,
eth_sec->sa_idx);
- /* Put eth_sec object back to pool */
- mp = rte_mempool_from_obj(eth_sec);
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(mp, eth_sec);
return 0;
}
@@ -640,14 +640,13 @@ set_session_parameter(struct iavf_security_ctx *iavf_sctx,
static int
iavf_ipsec_crypto_session_create(void *device,
struct rte_security_session_conf *conf,
- struct rte_security_session *session,
- struct rte_mempool *mempool)
+ struct rte_security_session *session)
{
struct rte_eth_dev *ethdev = device;
struct iavf_adapter *adapter =
IAVF_DEV_PRIVATE_TO_ADAPTER(ethdev->data->dev_private);
struct iavf_security_ctx *iavf_sctx = adapter->security_ctx;
- struct iavf_security_session *iavf_session = NULL;
+ struct iavf_security_session *iavf_session = SECURITY_GET_SESS_PRIV(session);
int sa_idx;
int ret = 0;
@@ -656,12 +655,6 @@ iavf_ipsec_crypto_session_create(void *device,
if (ret)
return ret;
- /* allocate session context */
- if (rte_mempool_get(mempool, (void **)&iavf_session)) {
- PMD_DRV_LOG(ERR, "Cannot get object from sess mempool");
- return -ENOMEM;
- }
-
/* add SA to hardware database */
sa_idx = iavf_ipsec_crypto_security_association_add(adapter, conf);
if (sa_idx < 0) {
@@ -675,16 +668,12 @@ iavf_ipsec_crypto_session_create(void *device,
RTE_SECURITY_IPSEC_SA_DIR_INGRESS ?
"inbound" : "outbound");
- rte_mempool_put(mempool, iavf_session);
return -EFAULT;
}
/* save data plane required session parameters */
set_session_parameter(iavf_sctx, iavf_session, conf, sa_idx);
- /* save to security session private data */
- set_sec_session_private_data(session, iavf_session);
-
return 0;
}
@@ -702,7 +691,7 @@ iavf_ipsec_crypto_action_valid(struct rte_eth_dev *ethdev,
{
struct iavf_adapter *adapter =
IAVF_DEV_PRIVATE_TO_ADAPTER(ethdev->data->dev_private);
- struct iavf_security_session *sess = session->sess_private_data;
+ const struct iavf_security_session *sess = (const void *)session->driver_priv_data;
/* verify we have a valid session and that it belong to this adapter */
if (unlikely(sess == NULL || sess->adapter != adapter))
@@ -880,7 +869,7 @@ iavf_ipsec_crypto_session_update(void *device,
int rc = 0;
adapter = IAVF_DEV_PRIVATE_TO_ADAPTER(eth_dev->data->dev_private);
- iavf_sess = (struct iavf_security_session *)session->sess_private_data;
+ iavf_sess = SECURITY_GET_SESS_PRIV(session);
/* verify we have a valid session and that it belong to this adapter */
if (unlikely(iavf_sess == NULL || iavf_sess->adapter != adapter))
@@ -1046,7 +1035,7 @@ iavf_ipsec_crypto_session_destroy(void *device,
int ret;
adapter = IAVF_DEV_PRIVATE_TO_ADAPTER(eth_dev->data->dev_private);
- iavf_sess = (struct iavf_security_session *)session->sess_private_data;
+ iavf_sess = SECURITY_GET_SESS_PRIV(session);
/* verify we have a valid session and that it belong to this adapter */
if (unlikely(iavf_sess == NULL || iavf_sess->adapter != adapter))
@@ -1141,7 +1130,7 @@ iavf_ipsec_crypto_pkt_metadata_set(void *device,
struct iavf_adapter *adapter =
IAVF_DEV_PRIVATE_TO_ADAPTER(ethdev->data->dev_private);
struct iavf_security_ctx *iavf_sctx = adapter->security_ctx;
- struct iavf_security_session *iavf_sess = session->sess_private_data;
+ struct iavf_security_session *iavf_sess = SECURITY_GET_SESS_PRIV(session);
struct iavf_ipsec_crypto_pkt_metadata *md;
struct rte_esp_tail *esp_tail;
uint64_t *sqn = params;
@@ -369,24 +369,17 @@ ixgbe_crypto_remove_sa(struct rte_eth_dev *dev,
static int
ixgbe_crypto_create_session(void *device,
struct rte_security_session_conf *conf,
- struct rte_security_session *session,
- struct rte_mempool *mempool)
+ struct rte_security_session *session)
{
struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
- struct ixgbe_crypto_session *ic_session = NULL;
+ struct ixgbe_crypto_session *ic_session = SECURITY_GET_SESS_PRIV(session);
struct rte_crypto_aead_xform *aead_xform;
struct rte_eth_conf *dev_conf = ð_dev->data->dev_conf;
- if (rte_mempool_get(mempool, (void **)&ic_session)) {
- PMD_DRV_LOG(ERR, "Cannot get object from ic_session mempool");
- return -ENOMEM;
- }
-
if (conf->crypto_xform->type != RTE_CRYPTO_SYM_XFORM_AEAD ||
conf->crypto_xform->aead.algo !=
RTE_CRYPTO_AEAD_AES_GCM) {
PMD_DRV_LOG(ERR, "Unsupported crypto transformation mode\n");
- rte_mempool_put(mempool, (void *)ic_session);
return -ENOTSUP;
}
aead_xform = &conf->crypto_xform->aead;
@@ -396,7 +389,6 @@ ixgbe_crypto_create_session(void *device,
ic_session->op = IXGBE_OP_AUTHENTICATED_DECRYPTION;
} else {
PMD_DRV_LOG(ERR, "IPsec decryption not enabled\n");
- rte_mempool_put(mempool, (void *)ic_session);
return -ENOTSUP;
}
} else {
@@ -404,7 +396,6 @@ ixgbe_crypto_create_session(void *device,
ic_session->op = IXGBE_OP_AUTHENTICATED_ENCRYPTION;
} else {
PMD_DRV_LOG(ERR, "IPsec encryption not enabled\n");
- rte_mempool_put(mempool, (void *)ic_session);
return -ENOTSUP;
}
}
@@ -416,12 +407,9 @@ ixgbe_crypto_create_session(void *device,
ic_session->spi = conf->ipsec.spi;
ic_session->dev = eth_dev;
- set_sec_session_private_data(session, ic_session);
-
if (ic_session->op == IXGBE_OP_AUTHENTICATED_ENCRYPTION) {
if (ixgbe_crypto_add_sa(ic_session)) {
PMD_DRV_LOG(ERR, "Failed to add SA\n");
- rte_mempool_put(mempool, (void *)ic_session);
return -EPERM;
}
}
@@ -440,9 +428,7 @@ ixgbe_crypto_remove_session(void *device,
struct rte_security_session *session)
{
struct rte_eth_dev *eth_dev = device;
- struct ixgbe_crypto_session *ic_session =
- (struct ixgbe_crypto_session *)
- get_sec_session_private_data(session);
+ struct ixgbe_crypto_session *ic_session = SECURITY_GET_SESS_PRIV(session);
struct rte_mempool *mempool = rte_mempool_from_obj(ic_session);
if (eth_dev != ic_session->dev) {
@@ -480,8 +466,7 @@ ixgbe_crypto_update_mb(void *device __rte_unused,
struct rte_security_session *session,
struct rte_mbuf *m, void *params __rte_unused)
{
- struct ixgbe_crypto_session *ic_session =
- get_sec_session_private_data(session);
+ struct ixgbe_crypto_session *ic_session = SECURITY_GET_SESS_PRIV(session);
if (ic_session->op == IXGBE_OP_AUTHENTICATED_ENCRYPTION) {
union ixgbe_crypto_tx_desc_md *mdata =
(union ixgbe_crypto_tx_desc_md *)
@@ -685,8 +670,12 @@ ixgbe_crypto_add_ingress_sa_from_flow(const void *sess,
const void *ip_spec,
uint8_t is_ipv6)
{
- struct ixgbe_crypto_session *ic_session
- = get_sec_session_private_data(sess);
+ /**
+ * FIXME Updating the session priv data when the session is const.
+ * Typecasting done here is wrong and the implementation need to be corrected.
+ */
+ struct ixgbe_crypto_session *ic_session = (void *)(uintptr_t)
+ ((const struct rte_security_session *)sess)->driver_priv_data;
if (ic_session->op == IXGBE_OP_AUTHENTICATED_DECRYPTION) {
if (is_ipv6) {
@@ -349,24 +349,17 @@ txgbe_crypto_remove_sa(struct rte_eth_dev *dev,
static int
txgbe_crypto_create_session(void *device,
struct rte_security_session_conf *conf,
- struct rte_security_session *session,
- struct rte_mempool *mempool)
+ struct rte_security_session *session)
{
struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
- struct txgbe_crypto_session *ic_session = NULL;
+ struct txgbe_crypto_session *ic_session = SECURITY_GET_SESS_PRIV(session);
struct rte_crypto_aead_xform *aead_xform;
struct rte_eth_conf *dev_conf = ð_dev->data->dev_conf;
- if (rte_mempool_get(mempool, (void **)&ic_session)) {
- PMD_DRV_LOG(ERR, "Cannot get object from ic_session mempool");
- return -ENOMEM;
- }
-
if (conf->crypto_xform->type != RTE_CRYPTO_SYM_XFORM_AEAD ||
conf->crypto_xform->aead.algo !=
RTE_CRYPTO_AEAD_AES_GCM) {
PMD_DRV_LOG(ERR, "Unsupported crypto transformation mode\n");
- rte_mempool_put(mempool, (void *)ic_session);
return -ENOTSUP;
}
aead_xform = &conf->crypto_xform->aead;
@@ -376,7 +369,6 @@ txgbe_crypto_create_session(void *device,
ic_session->op = TXGBE_OP_AUTHENTICATED_DECRYPTION;
} else {
PMD_DRV_LOG(ERR, "IPsec decryption not enabled\n");
- rte_mempool_put(mempool, (void *)ic_session);
return -ENOTSUP;
}
} else {
@@ -384,7 +376,6 @@ txgbe_crypto_create_session(void *device,
ic_session->op = TXGBE_OP_AUTHENTICATED_ENCRYPTION;
} else {
PMD_DRV_LOG(ERR, "IPsec encryption not enabled\n");
- rte_mempool_put(mempool, (void *)ic_session);
return -ENOTSUP;
}
}
@@ -396,12 +387,9 @@ txgbe_crypto_create_session(void *device,
ic_session->spi = conf->ipsec.spi;
ic_session->dev = eth_dev;
- set_sec_session_private_data(session, ic_session);
-
if (ic_session->op == TXGBE_OP_AUTHENTICATED_ENCRYPTION) {
if (txgbe_crypto_add_sa(ic_session)) {
PMD_DRV_LOG(ERR, "Failed to add SA\n");
- rte_mempool_put(mempool, (void *)ic_session);
return -EPERM;
}
}
@@ -420,9 +408,7 @@ txgbe_crypto_remove_session(void *device,
struct rte_security_session *session)
{
struct rte_eth_dev *eth_dev = device;
- struct txgbe_crypto_session *ic_session =
- (struct txgbe_crypto_session *)
- get_sec_session_private_data(session);
+ struct txgbe_crypto_session *ic_session = SECURITY_GET_SESS_PRIV(session);
struct rte_mempool *mempool = rte_mempool_from_obj(ic_session);
if (eth_dev != ic_session->dev) {
@@ -460,8 +446,8 @@ txgbe_crypto_update_mb(void *device __rte_unused,
struct rte_security_session *session,
struct rte_mbuf *m, void *params __rte_unused)
{
- struct txgbe_crypto_session *ic_session =
- get_sec_session_private_data(session);
+ struct txgbe_crypto_session *ic_session = SECURITY_GET_SESS_PRIV(session);
+
if (ic_session->op == TXGBE_OP_AUTHENTICATED_ENCRYPTION) {
union txgbe_crypto_tx_desc_md *mdata =
(union txgbe_crypto_tx_desc_md *)
@@ -661,8 +647,12 @@ txgbe_crypto_add_ingress_sa_from_flow(const void *sess,
const void *ip_spec,
uint8_t is_ipv6)
{
- struct txgbe_crypto_session *ic_session =
- get_sec_session_private_data(sess);
+ /**
+ * FIXME Updating the session priv data when the session is const.
+ * Typecasting done here is wrong and the implementation need to be corrected.
+ */
+ struct txgbe_crypto_session *ic_session = (void *)(uintptr_t)
+ ((const struct rte_security_session *)sess)->driver_priv_data;
if (ic_session->op == TXGBE_OP_AUTHENTICATED_DECRYPTION) {
if (is_ipv6) {
@@ -2110,38 +2110,6 @@ session_pool_init(struct socket_ctx *ctx, int32_t socket_id, size_t sess_sz)
printf("Allocated session pool on socket %d\n", socket_id);
}
-static void
-session_priv_pool_init(struct socket_ctx *ctx, int32_t socket_id,
- size_t sess_sz)
-{
- char mp_name[RTE_MEMPOOL_NAMESIZE];
- struct rte_mempool *sess_mp;
- uint32_t nb_sess;
-
- snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
- "sess_mp_priv_%u", socket_id);
- nb_sess = (get_nb_crypto_sessions() + CDEV_MP_CACHE_SZ *
- rte_lcore_count());
- nb_sess = RTE_MAX(nb_sess, CDEV_MP_CACHE_SZ *
- CDEV_MP_CACHE_MULTIPLIER);
- sess_mp = rte_mempool_create(mp_name,
- nb_sess,
- sess_sz,
- CDEV_MP_CACHE_SZ,
- 0, NULL, NULL, NULL,
- NULL, socket_id,
- 0);
- ctx->session_priv_pool = sess_mp;
-
- if (ctx->session_priv_pool == NULL)
- rte_exit(EXIT_FAILURE,
- "Cannot init session priv pool on socket %d\n",
- socket_id);
- else
- printf("Allocated session priv pool on socket %d\n",
- socket_id);
-}
-
static void
pool_init(struct socket_ctx *ctx, int32_t socket_id, int portid,
uint32_t nb_mbuf)
@@ -3000,8 +2968,6 @@ main(int32_t argc, char **argv)
continue;
session_pool_init(&socket_ctx[socket_id], socket_id, sess_sz);
- session_priv_pool_init(&socket_ctx[socket_id], socket_id,
- sess_sz);
}
printf("Number of mbufs in packet pool %d\n", nb_bufs_in_pool);
@@ -151,8 +151,7 @@ create_lookaside_session(struct ipsec_ctx *ipsec_ctx_lcore[],
set_ipsec_conf(sa, &(sess_conf.ipsec));
ips->security.ses = rte_security_session_create(ctx,
- &sess_conf, skt_ctx->session_pool,
- skt_ctx->session_priv_pool);
+ &sess_conf, skt_ctx->session_pool);
if (ips->security.ses == NULL) {
RTE_LOG(ERR, IPSEC,
"SEC Session init failed: err: %d\n", ret);
@@ -278,8 +277,7 @@ create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa,
}
ips->security.ses = rte_security_session_create(sec_ctx,
- &sess_conf, skt_ctx->session_pool,
- skt_ctx->session_priv_pool);
+ &sess_conf, skt_ctx->session_pool);
if (ips->security.ses == NULL) {
RTE_LOG(ERR, IPSEC,
"SEC Session init failed: err: %d\n", ret);
@@ -478,8 +476,7 @@ create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa,
sess_conf.userdata = (void *) sa;
ips->security.ses = rte_security_session_create(sec_ctx,
- &sess_conf, skt_ctx->session_pool,
- skt_ctx->session_priv_pool);
+ &sess_conf, skt_ctx->session_pool);
if (ips->security.ses == NULL) {
RTE_LOG(ERR, IPSEC,
"SEC Session init failed: err: %d\n", ret);
@@ -258,7 +258,6 @@ struct socket_ctx {
struct rte_mempool *mbuf_pool[RTE_MAX_ETHPORTS];
struct rte_mempool *mbuf_pool_indir;
struct rte_mempool *session_pool;
- struct rte_mempool *session_priv_pool;
};
struct cnt_blk {
@@ -967,7 +967,7 @@ rte_cryptodev_asym_session_pool_create(const char *name, uint32_t nb_elts,
* @param dev_id ID of device that we want the session to be used on
* @param xforms Symmetric crypto transform operations to apply on flow
* processed with this session
- * @param mempool Mempool where the private data is allocated.
+ * @param mp Mempool where the private data is allocated.
*
* @return
* - On success return pointer to sym-session.
@@ -45,21 +45,28 @@ rte_security_dynfield_register(void)
struct rte_security_session *
rte_security_session_create(struct rte_security_ctx *instance,
struct rte_security_session_conf *conf,
- struct rte_mempool *mp,
- struct rte_mempool *priv_mp)
+ struct rte_mempool *mp)
{
struct rte_security_session *sess = NULL;
+ uint32_t sess_priv_size;
RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_create, NULL, NULL);
RTE_PTR_OR_ERR_RET(conf, NULL);
RTE_PTR_OR_ERR_RET(mp, NULL);
- RTE_PTR_OR_ERR_RET(priv_mp, NULL);
+
+ sess_priv_size = instance->ops->session_get_size(instance->device);
+ if (mp->elt_size < (sizeof(struct rte_security_session) + sess_priv_size))
+ return NULL;
if (rte_mempool_get(mp, (void **)&sess))
return NULL;
- if (instance->ops->session_create(instance->device, conf,
- sess, priv_mp)) {
+ /* Clear session priv data */
+ memset(sess->driver_priv_data, 0, sess_priv_size);
+
+ sess->driver_priv_data_iova = rte_mempool_virt2iova(sess) +
+ offsetof(struct rte_security_session, driver_priv_data);
+ if (instance->ops->session_create(instance->device, conf, sess)) {
rte_mempool_put(mp, (void *)sess);
return NULL;
}
@@ -86,7 +93,8 @@ rte_security_session_get_size(struct rte_security_ctx *instance)
{
RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_get_size, 0, 0);
- return instance->ops->session_get_size(instance->device);
+ return (sizeof(struct rte_security_session) +
+ instance->ops->session_get_size(instance->device));
}
int
@@ -674,10 +674,17 @@ struct rte_security_session_conf {
};
struct rte_security_session {
- void *sess_private_data;
- /**< Private session material */
+ RTE_MARKER cacheline0;
uint64_t opaque_data;
/**< Opaque user defined data */
+ uint64_t fast_mdata;
+ /**< Fast metadata to be used for inline path */
+ rte_iova_t driver_priv_data_iova;
+ /**< session private data IOVA address */
+
+ RTE_MARKER cacheline1 __rte_cache_min_aligned;
+ uint8_t driver_priv_data[0];
+ /**< Private session material, variable size (depends on driver) */
};
/**
@@ -686,7 +693,6 @@ struct rte_security_session {
* @param instance security instance
* @param conf session configuration parameters
* @param mp mempool to allocate session objects from
- * @param priv_mp mempool to allocate session private data objects from
* @return
* - On success, pointer to session
* - On failure, NULL
@@ -694,8 +700,7 @@ struct rte_security_session {
struct rte_security_session *
rte_security_session_create(struct rte_security_ctx *instance,
struct rte_security_session_conf *conf,
- struct rte_mempool *mp,
- struct rte_mempool *priv_mp);
+ struct rte_mempool *mp);
/**
* Update security session as specified by the session configuration
@@ -885,7 +890,7 @@ rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
/* Fast Path */
if (instance->flags & RTE_SEC_CTX_F_FAST_SET_MDATA) {
*rte_security_dynfield(mb) =
- (rte_security_dynfield_t)(sess->sess_private_data);
+ (rte_security_dynfield_t)(sess->fast_mdata);
return 0;
}
@@ -908,19 +913,6 @@ __rte_security_attach_session(struct rte_crypto_sym_op *sym_op,
return 0;
}
-static inline void *
-get_sec_session_private_data(const struct rte_security_session *sess)
-{
- return sess->sess_private_data;
-}
-
-static inline void
-set_sec_session_private_data(struct rte_security_session *sess,
- void *private_data)
-{
- sess->sess_private_data = private_data;
-}
-
/**
* Attach a session to a crypto operation.
* This API is needed only in case of RTE_SECURITY_SESS_CRYPTO_PROTO_OFFLOAD
@@ -19,24 +19,29 @@ extern "C" {
#include "rte_security.h"
+/**
+ * Helper macro to get driver private data
+ */
+#define SECURITY_GET_SESS_PRIV(s) \
+ ((void *)(((struct rte_security_session *)s)->driver_priv_data))
+#define SECURITY_GET_SESS_PRIV_IOVA(s) \
+ (((struct rte_security_session *)s)->driver_priv_data_iova)
+
/**
* Configure a security session on a device.
*
* @param device Crypto/eth device pointer
* @param conf Security session configuration
* @param sess Pointer to Security private session structure
- * @param mp Mempool where the private session is allocated
*
* @return
* - Returns 0 if private session structure have been created successfully.
* - Returns -EINVAL if input parameters are invalid.
* - Returns -ENOTSUP if crypto device does not support the crypto transform.
- * - Returns -ENOMEM if the private session could not be allocated.
*/
typedef int (*security_session_create_t)(void *device,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mp);
+ struct rte_security_session *sess);
/**
* Free driver private session data.