From patchwork Fri Sep 29 02:08:05 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chaoyong He X-Patchwork-Id: 132170 X-Patchwork-Delegate: ferruh.yigit@amd.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id C90CB42668; Fri, 29 Sep 2023 04:09:09 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 80A644067A; Fri, 29 Sep 2023 04:08:44 +0200 (CEST) Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2090.outbound.protection.outlook.com [40.107.220.90]) by mails.dpdk.org (Postfix) with ESMTP id 7210A402D1 for ; Fri, 29 Sep 2023 04:08:42 +0200 (CEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Goq6rpp+fGdWesxZhb/AM5jU/SkHhktXPTUgg63GvslaFkINlACpKJ68iDEo2lUrwADz9m3nSESB8A6SqfAgTn22v19zVjoBfqZbdz5uzDyykO57p2v95+iYHYdp1kNIk9xJ594zTUPegkEAQsFUTWJPOa3qGcA9gYggodUqrERBJETRWW6C2hJz4ZJk2hv+M+nufavp6eGYJM5Alx0M3grojQvdsQQelkyyLYKt5gzBLRk+Q6hal4qs3mPbejNT8u74HyQa30dPZeV3ZBWNVWZ74LZQjjPYvZ3rAKFZC1dVoLJIlNMYc1Ik1b4y2E9964hMY7oqIGENeJKzyV7YGg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4tz4U4S6gmdC757ciSCiwmY6o/+MCbGN3GJ4TfqNVng=; b=do79KH5I+97LRviiUKTp5mw0VfJyp+MRIqaDuFYkfNchvTS0E21qYY5f63t4RapOVy4GgNAPIGuWXP48ScNN+RhA+5iICCsn+sN1QqBex4GWhqWRp9FmboXiCmU6mUZ3Frr1GPH+lhpWzMftbuTYzMvz/Gmc3NOrjepf98LR0iM2i70oy03EHpVW8Vh91XwgjYjIpHCNHG7tUHo1fh/mw38nKDP8wgxu12rR29BhyI9WxFptDTWjAIxf+z1dyTcRJKYDMrhQ4qoO+zwl6AXhPifZ6/SjV2AYYUZ6Xb+niBzI1/46sQtPh7pIlMuzdH9MqMh7dAQmONuij5nq/I3wxw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=corigine.com; dmarc=pass action=none header.from=corigine.com; dkim=pass header.d=corigine.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=corigine.onmicrosoft.com; s=selector2-corigine-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4tz4U4S6gmdC757ciSCiwmY6o/+MCbGN3GJ4TfqNVng=; b=IF9XsiECeQGSYVawMtj2ROal96vTdyKoT2t4fc0VCLmaQFZClnrGeHRLht17+HiIEUxKzKWD1KmndNG+83zOq4WoKseZZWWW9X0UzhRcACMmWxmnSM9sPPn5IlBBe0MeiBlEITTWDd8dH1GjelMPet3Ir4EwmvP4+1nQGe/lQbc= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=corigine.com; Received: from SJ0PR13MB5545.namprd13.prod.outlook.com (2603:10b6:a03:424::5) by CO3PR13MB5687.namprd13.prod.outlook.com (2603:10b6:303:17a::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6813.19; Fri, 29 Sep 2023 02:08:40 +0000 Received: from SJ0PR13MB5545.namprd13.prod.outlook.com ([fe80::28c0:63e2:ecd1:9314]) by SJ0PR13MB5545.namprd13.prod.outlook.com ([fe80::28c0:63e2:ecd1:9314%4]) with mapi id 15.20.6813.027; Fri, 29 Sep 2023 02:08:40 +0000 From: Chaoyong He To: dev@dpdk.org Cc: oss-drivers@corigine.com, Shihong Wang , Chaoyong He Subject: [PATCH v3 4/9] net/nfp: get security capabilities and session size Date: Fri, 29 Sep 2023 10:08:05 +0800 Message-Id: <20230929020810.1219391-5-chaoyong.he@corigine.com> X-Mailer: git-send-email 2.39.1 In-Reply-To: <20230929020810.1219391-1-chaoyong.he@corigine.com> References: <20230926024959.207098-1-chaoyong.he@corigine.com> <20230929020810.1219391-1-chaoyong.he@corigine.com> X-ClientProxiedBy: PH8PR07CA0028.namprd07.prod.outlook.com (2603:10b6:510:2cf::23) To SJ0PR13MB5545.namprd13.prod.outlook.com (2603:10b6:a03:424::5) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ0PR13MB5545:EE_|CO3PR13MB5687:EE_ X-MS-Office365-Filtering-Correlation-Id: 93cd7b3e-fe85-4cae-7f8d-08dbc090ff8f X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: iR+M7698lLz6idHUxTmXHVCvxD172ZxOa8s28elIrdLXGkJRrotcX1GEOuSJ+51GZBkz1uBg3HzKgYL5mAfb8AUYjOcWTlSHvjLdQKd6YpBr+8fym/9Q/+Efc4FdE1fabVEt7ghvZTke/oYZ8+PSLyWCoxvxDyw/f/ZbkefGsM8qvd2qY92FgfX587j7vRM5f57dsMu2sXF5Pf5W9uQI0Fmix3IbkUoO4xcjD2NUZGLVaaB0PzoFCiNbmGyLud46yyysaQ/0VSbjqUcHZfr9IVtVAH6togDaFPfiE8vXttqcp+XXGN+9yMIut4kLMNGT7CnvP5DgGQOpYB11A9e4lWYP6x+6GYFShklpsct+VE5DxhBcssfz/ULuP+RRAKHwybnIY+mvuaSpxgXzECz8LsnpQ9+kpVcV8kWwFeJC7Cq3dffMyKJW3Uq/pOJaZUcFMNJR2UigOPpy+f9oOXEauDw8/cMzbuzWAWwhbgO98TvhWyYDteZLFp+qejzyimaKAeJtMi7goS6BWBgNWlGrP/7uAvluKmvRVRQO5RBc9d9fbYeIydCDfpX+Nf4+37JX4s91oPgh4A/h3ie3b+Cd1VdxR0E6utR+gq3lU34zKk51f7lhtaNrXN/ZtlQbTSJfTVwd0iVE/KblKCS3u6aHf13DGwWoMX+sV8gAne47zZY= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SJ0PR13MB5545.namprd13.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(346002)(366004)(396003)(376002)(39830400003)(136003)(230922051799003)(451199024)(1800799009)(64100799003)(186009)(15650500001)(2906002)(6916009)(316002)(54906003)(66946007)(66556008)(66476007)(44832011)(8936002)(8676002)(4326008)(41300700001)(5660300002)(2616005)(83380400001)(107886003)(1076003)(26005)(36756003)(86362001)(38100700002)(38350700002)(52116002)(6666004)(478600001)(6486002)(6512007)(6506007); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: ouyGFExQiHG00bNw4Ex0uUmNbwakuzLvpfjnxtN/RsBTPM1rADtts1BDiTF4bh25abAZlDuOMeh26HA3UrfIBgqhLxSxOhFlMZ0uMZqj+mz9r0c+Z4QjYJrnVaWRIh6jwMIOGIHiZeJsThsLFdxVSkoLRfT3G8VXwu4xHwfCVeqkd+Y8jj8fpjp13EXbYK87oy4/1FscovGixggQM6KgbmxtdXchKzXGU5KfIk3IVHKkXHLszwadRIbTpKxwMBbmA/2D21iZEBztq2A/lxP30LFkedVM9yaBeVbTnpZeQnxNB9o9wDvE2qSIyFT0mBD2MxltK+WzxZNVxAfaYvfgWBjMUV+QI+LuGCBq9b/t0IEi85ca+uHy/iknK5BIO5PZC7L4nV8CeZI5PCY0Z3YDwMxjPGY+Y3QOr05vm8zypL/h3IcEPLDXKQcVTGn0FAcShnPTr1+UCNp5QDnvwMKX/qpFm9pm18AVjkGMyYod9TQqb9Vo0nYb9HPJz1fWTQeZNCvdT+5sNt5wVzq7QifsmZm6oLBvmih24FN7slUVKCvwxhPHX3Ew8nJIKIE1biPYCkbHsSinD/tjfSbuIWvD2lhM8OeFtZ32w5tZmllC/+/1Y2PNlwEFRWqheQhRsfenh6zc+1FsZb7fNuLGU/2HO93eu5aQfqoBZxIYAmhPu9eFIMGpzQsFVnezWau+RMwHSxRno7vJ4DbZGgzY9QCLRDFTXUBeE1wltzFlzNwwJxSgyhbfXGLBgKSVG+pFeenDYFthyikuVtj0xuTEaiXomSR3XIdVLuNcbxaLat/h5OWW7Bfjs2atE3FArN6n/J/Kna4FvsQ+o7XfRMrU+KD0NKfq0hSeBRLqG/UJXkwSPxWJutQ+c8CwuP2W9hwq9JQOB8P/kFhXyDzRhN0rhJCs6H6Npv1cnr4EBziB/me36GorNNPceUM5yc4aY0IXu6rR/uSkbBCFGZEVR6VQlovz6XUe9so2cX5YTBWNsQqL47kvm2HTScMDkLg4H3IwGJJc6N96Or7DrZGYkQxgf6Nd4g56389+YCM7I10U5SUSQeq7hyD4JBllYA19pfOG2rwnCnnScOOXLKyL+fyRpAyTTnYecfNAwdx2hGBCux5RfLhGAgu2UaYIZ2vcYxPjI0dAjA9znNsUZ7BOQn5wlpJdJ/y/MEz/biv3iJhhAPuuN660bwYl0887lZG4vokWHEHGMyXG9kcE/576jMgUndAxC9M/JRi8Jz45jXb4suoCvRK9Fjp2mu5zbynJ4JnwyRaxhreQ1N4fwW50uQKUdUm4zf8mynqU7DZE4Ut9KTTM6NoKoU+oXfRFxPuC7wLUdEwetDAuEFArGKRRBmA7CYVWovoo6hg2VWsWDsBx54mHWv5tZQh6iMGT5bWDXSSr+HcjrZytgBl01eZmXiCwRC4LSNzkr+A+PaxpSX105PqgoPFVmoqfG0hlf3OBE6djTsgsGEySCxfAqBRD/IEh/BUYFlCN0a6H+cSSB6bj8xC8iJqE0QyC9Vgc6k5ORba5VJQ/d+rjlhZyfGHd4O8woUBYQ4JNAXecLx2lOe6jeoijp5OS648KTbRfo+haGnXx2JYJERV+tfK08shMNiBowQklLQ== X-OriginatorOrg: corigine.com X-MS-Exchange-CrossTenant-Network-Message-Id: 93cd7b3e-fe85-4cae-7f8d-08dbc090ff8f X-MS-Exchange-CrossTenant-AuthSource: SJ0PR13MB5545.namprd13.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Sep 2023 02:08:40.5433 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: fe128f2c-073b-4c20-818e-7246a585940c X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: XudcwnBTWp1Su5dFIWUCLNipFtf2vJ5evx5WC7edJ/hxCXyWTNULbo0qLH8QmlcYb92bCwkyDEbQkMhkahmEWEPdGEnKmWmy0n59zFkC7yM= X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO3PR13MB5687 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org From: Shihong Wang Add full protocol offload as well as inline crypto IPsec capabilities and return these for rte_security. Return size of security session for rte_security. Signed-off-by: Shihong Wang Reviewed-by: Chaoyong He --- drivers/net/nfp/nfp_ipsec.c | 357 +++++++++++++++++++++++++++++++++++- 1 file changed, 356 insertions(+), 1 deletion(-) diff --git a/drivers/net/nfp/nfp_ipsec.c b/drivers/net/nfp/nfp_ipsec.c index f16ce97703..51770def9d 100644 --- a/drivers/net/nfp/nfp_ipsec.c +++ b/drivers/net/nfp/nfp_ipsec.c @@ -5,6 +5,7 @@ #include "nfp_ipsec.h" +#include #include #include @@ -16,7 +17,361 @@ #include "nfp_logs.h" #include "nfp_rxtx.h" -static const struct rte_security_ops nfp_security_ops; +static const struct rte_cryptodev_capabilities nfp_crypto_caps[] = { + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .algo = RTE_CRYPTO_AUTH_MD5_HMAC, + .block_size = 64, + .key_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .digest_size = { + .min = 12, + .max = 16, + .increment = 4 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .algo = RTE_CRYPTO_AUTH_SHA1_HMAC, + .block_size = 64, + .key_size = { + .min = 20, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 10, + .max = 12, + .increment = 2 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, + .block_size = 64, + .key_size = { + .min = 32, + .max = 32, + .increment = 0 + }, + .digest_size = { + .min = 12, + .max = 16, + .increment = 4 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .algo = RTE_CRYPTO_AUTH_SHA384_HMAC, + .block_size = 128, + .key_size = { + .min = 48, + .max = 48, + .increment = 0 + }, + .digest_size = { + .min = 12, + .max = 24, + .increment = 12 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .algo = RTE_CRYPTO_AUTH_SHA512_HMAC, + .block_size = 128, + .key_size = { + .min = 64, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 12, + .max = 32, + .increment = 4 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .cipher = { + .algo = RTE_CRYPTO_CIPHER_3DES_CBC, + .block_size = 8, + .key_size = { + .min = 24, + .max = 24, + .increment = 0 + }, + .iv_size = { + .min = 8, + .max = 16, + .increment = 8 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .cipher = { + .algo = RTE_CRYPTO_CIPHER_AES_CBC, + .block_size = 16, + .key_size = { + .min = 16, + .max = 32, + .increment = 8 + }, + .iv_size = { + .min = 8, + .max = 16, + .increment = 8 + }, + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD, + .aead = { + .algo = RTE_CRYPTO_AEAD_AES_GCM, + .block_size = 16, + .key_size = { + .min = 16, + .max = 32, + .increment = 8 + }, + .digest_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .aad_size = { + .min = 0, + .max = 1024, + .increment = 1 + }, + .iv_size = { + .min = 8, + .max = 16, + .increment = 4 + } + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD, + .aead = { + .algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305, + .block_size = 16, + .key_size = { + .min = 32, + .max = 32, + .increment = 0 + }, + .digest_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .aad_size = { + .min = 0, + .max = 1024, + .increment = 1 + }, + .iv_size = { + .min = 8, + .max = 16, + .increment = 4 + } + }, + }, + }, + { + .op = RTE_CRYPTO_OP_TYPE_UNDEFINED, + .sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_NOT_SPECIFIED + }, + } +}; + +static const struct rte_security_capability nfp_security_caps[] = { + { /* IPsec Inline Crypto Tunnel Egress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps + }, + { /* IPsec Inline Crypto Tunnel Ingress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps, + .ol_flags = RTE_SECURITY_TX_OLOAD_NEED_MDATA + }, + { /* IPsec Inline Crypto Transport Egress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps + }, + { /* IPsec Inline Crypto Transport Ingress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT, + .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps, + .ol_flags = RTE_SECURITY_TX_OLOAD_NEED_MDATA + }, + { /* IPsec Inline Protocol Tunnel Egress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps + }, + { /* IPsec Inline Protocol Tunnel Ingress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps, + .ol_flags = RTE_SECURITY_TX_OLOAD_NEED_MDATA + }, + { /* IPsec Inline Protocol Transport Egress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps + }, + { /* IPsec Inline Protocol Transport Ingress */ + .action = RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + .ipsec = { + .mode = RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT, + .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .options = { + .udp_encap = 1, + .stats = 1, + .esn = 1 + } + }, + .crypto_capabilities = nfp_crypto_caps, + .ol_flags = RTE_SECURITY_TX_OLOAD_NEED_MDATA + }, + { + .action = RTE_SECURITY_ACTION_TYPE_NONE + } +}; + +static const struct rte_security_capability * +nfp_crypto_capabilities_get(void *device __rte_unused) +{ + return nfp_security_caps; +} + +static uint32_t +nfp_security_session_get_size(void *device __rte_unused) +{ + return sizeof(struct nfp_ipsec_session); +} + +static const struct rte_security_ops nfp_security_ops = { + .session_get_size = nfp_security_session_get_size, + .capabilities_get = nfp_crypto_capabilities_get, +}; static int nfp_ipsec_ctx_create(struct rte_eth_dev *dev,