[v2,2/7] security: hide security session struct
Checks
Commit Message
rte_security_session struct is now hidden in the library.
application can access the opaque data and fast_mdata
using the set/get APIs introduced in this patch.
Signed-off-by: Akhil Goyal <gakhil@marvell.com>
---
lib/ipsec/rte_ipsec.h | 2 +-
lib/ipsec/rte_ipsec_group.h | 5 +--
lib/ipsec/ses.c | 3 +-
lib/security/rte_security.h | 54 ++++++++++++++++++++++++------
lib/security/rte_security_driver.h | 13 +++++++
5 files changed, 63 insertions(+), 14 deletions(-)
@@ -70,7 +70,7 @@ struct rte_ipsec_session {
uint8_t dev_id;
} crypto;
struct {
- struct rte_security_session *ses;
+ void *ses;
struct rte_security_ctx *ctx;
uint32_t ol_flags;
} security;
@@ -44,12 +44,13 @@ struct rte_ipsec_group {
static inline struct rte_ipsec_session *
rte_ipsec_ses_from_crypto(const struct rte_crypto_op *cop)
{
- const struct rte_security_session *ss;
+ void *ss;
const struct rte_cryptodev_sym_session *cs;
if (cop->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
ss = cop->sym[0].sec_session;
- return (void *)(uintptr_t)ss->opaque_data;
+ return (void *)(uintptr_t)
+ rte_security_session_opaque_data_get(ss);
} else if (cop->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
cs = cop->sym[0].session;
return (void *)(uintptr_t)cs->opaque_data;
@@ -47,7 +47,8 @@ rte_ipsec_session_prepare(struct rte_ipsec_session *ss)
if (ss->type == RTE_SECURITY_ACTION_TYPE_NONE)
ss->crypto.ses->opaque_data = (uintptr_t)ss;
else
- ss->security.ses->opaque_data = (uintptr_t)ss;
+ rte_security_session_opaque_data_set(ss->security.ses,
+ (uintptr_t)ss);
return 0;
}
@@ -490,14 +490,47 @@ struct rte_security_session_conf {
/**< Application specific userdata to be saved with session */
};
-struct rte_security_session {
- uint64_t opaque_data;
- /**< Opaque user defined data */
- uint64_t fast_mdata;
- /**< Fast metadata to be used for inline path */
- __extension__ void *sess_private_data[0];
- /**< Private session material */
-};
+#define SESS_FAST_MDATA_OFF 1
+#define SESS_OPAQUE_DATA_OFF 2
+/**
+ * Get opaque data from session handle
+ */
+static inline uint64_t
+rte_security_session_opaque_data_get(void *sess)
+{
+ return *((uint64_t *)sess - SESS_OPAQUE_DATA_OFF);
+}
+
+/**
+ * Get fast mdata from session handle
+ */
+static inline uint64_t
+rte_security_session_fast_mdata_get(void *sess)
+{
+ return *((uint64_t *)sess - SESS_FAST_MDATA_OFF);
+}
+
+/**
+ * Set opaque data in session handle
+ */
+static inline void
+rte_security_session_opaque_data_set(void *sess, uint64_t opaque)
+{
+ uint64_t *data;
+ data = (((uint64_t *)sess) - SESS_OPAQUE_DATA_OFF);
+ *data = opaque;
+}
+
+/**
+ * Set fast mdata in session handle
+ */
+static inline void
+rte_security_session_fast_mdata_set(void *sess, uint64_t fdata)
+{
+ uint64_t *data;
+ data = (((uint64_t *)sess) - SESS_FAST_MDATA_OFF);
+ *data = fdata;
+}
/**
* Create security session as specified by the session configuration
@@ -628,8 +661,9 @@ rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
{
/* Fast Path */
if (instance->flags & RTE_SEC_CTX_F_FAST_SET_MDATA) {
- *rte_security_dynfield(mb) =
- (rte_security_dynfield_t)(sess);
+ uint64_t mdata = rte_security_session_fast_mdata_get(sess);
+
+ *rte_security_dynfield(mb) = (rte_security_dynfield_t)(mdata);
return 0;
}
@@ -19,6 +19,19 @@ extern "C" {
#include "rte_security.h"
+/**
+ * @internal
+ * Security session to be used by library for internal usage
+ */
+struct rte_security_session {
+ /** Opaque user defined data */
+ uint64_t opaque_data;
+ /** Fast metadata to be used for inline path */
+ uint64_t fast_mdata;
+ /** Private session material */
+ __extension__ void *sess_private_data[0];
+};
+
/**
* Configure a security session on a device.
*