@@ -67,8 +67,6 @@ cperf_set_ops_security(struct rte_crypto_op **ops,
for (i = 0; i < nb_ops; i++) {
struct rte_crypto_sym_op *sym_op = ops[i]->sym;
- struct rte_security_session *sec_sess =
- (struct rte_security_session *)sess;
uint32_t buf_sz;
uint32_t *per_pkt_hfn = rte_crypto_op_ctod_offset(ops[i],
@@ -76,7 +74,7 @@ cperf_set_ops_security(struct rte_crypto_op **ops,
*per_pkt_hfn = options->pdcp_ses_hfn_en ? 0 : PDCP_DEFAULT_HFN;
ops[i]->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
- rte_security_attach_session(ops[i], sec_sess);
+ rte_security_attach_session(ops[i], (void *)sess);
sym_op->m_src = (struct rte_mbuf *)((uint8_t *)ops[i] +
src_buf_offset);
@@ -608,7 +606,6 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,
static struct rte_cryptodev_sym_session *
create_ipsec_session(struct rte_mempool *sess_mp,
- struct rte_mempool *priv_mp,
uint8_t dev_id,
const struct cperf_options *options,
const struct cperf_test_vector *test_vector,
@@ -720,7 +717,7 @@ create_ipsec_session(struct rte_mempool *sess_mp,
/* Create security session */
return (void *)rte_security_session_create(ctx,
- &sess_conf, sess_mp, priv_mp);
+ &sess_conf, sess_mp);
}
static struct rte_cryptodev_sym_session *
@@ -831,11 +828,11 @@ cperf_create_session(struct rte_mempool *sess_mp,
/* Create security session */
return (void *)rte_security_session_create(ctx,
- &sess_conf, sess_mp, priv_mp);
+ &sess_conf, sess_mp);
}
if (options->op_type == CPERF_IPSEC) {
- return create_ipsec_session(sess_mp, priv_mp, dev_id,
+ return create_ipsec_session(sess_mp, dev_id,
options, test_vector, iv_offset);
}
@@ -880,7 +877,7 @@ cperf_create_session(struct rte_mempool *sess_mp,
/* Create security session */
return (void *)rte_security_session_create(ctx,
- &sess_conf, sess_mp, priv_mp);
+ &sess_conf, sess_mp);
}
#endif
sess = rte_cryptodev_sym_session_create(sess_mp);
@@ -70,7 +70,7 @@ cperf_pmd_cyclecount_test_free(struct cperf_pmd_cyclecount_ctx *ctx)
(struct rte_security_ctx *)
rte_cryptodev_get_sec_ctx(ctx->dev_id);
rte_security_session_destroy(sec_ctx,
- (struct rte_security_session *)ctx->sess);
+ (void *)ctx->sess);
} else
#endif
{
@@ -83,7 +83,7 @@ struct crypto_unittest_params {
union {
struct rte_cryptodev_sym_session *sess;
#ifdef RTE_LIB_SECURITY
- struct rte_security_session *sec_session;
+ void *sec_session;
#endif
};
#ifdef RTE_LIB_SECURITY
@@ -8403,8 +8403,7 @@ static int test_pdcp_proto(int i, int oop, enum rte_crypto_cipher_operation opc,
/* Create security session */
ut_params->sec_session = rte_security_session_create(ctx,
- &sess_conf, ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ &sess_conf, ts_params->session_mpool);
if (!ut_params->sec_session) {
printf("TestCase %s()-%d line %d failed %s: ",
@@ -8675,8 +8674,7 @@ test_pdcp_proto_SGL(int i, int oop,
/* Create security session */
ut_params->sec_session = rte_security_session_create(ctx,
- &sess_conf, ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ &sess_conf, ts_params->session_mpool);
if (!ut_params->sec_session) {
printf("TestCase %s()-%d line %d failed %s: ",
@@ -9175,8 +9173,7 @@ test_ipsec_proto_process(const struct ipsec_test_data td[],
/* Create security session */
ut_params->sec_session = rte_security_session_create(ctx, &sess_conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
if (ut_params->sec_session == NULL)
return TEST_SKIPPED;
@@ -9597,8 +9594,7 @@ test_docsis_proto_uplink(int i, struct docsis_test_data *d_td)
/* Create security session */
ut_params->sec_session = rte_security_session_create(ctx, &sess_conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
if (!ut_params->sec_session) {
printf("TestCase %s(%d) line %d: %s\n",
@@ -9773,8 +9769,7 @@ test_docsis_proto_downlink(int i, struct docsis_test_data *d_td)
/* Create security session */
ut_params->sec_session = rte_security_session_create(ctx, &sess_conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
if (!ut_params->sec_session) {
printf("TestCase %s(%d) line %d: %s\n",
@@ -148,18 +148,16 @@ const struct supported_auth_algo auth_algos[] = {
static int
dummy_sec_create(void *device, struct rte_security_session_conf *conf,
- struct rte_security_session *sess, struct rte_mempool *mp)
+ void *sess)
{
RTE_SET_USED(device);
RTE_SET_USED(conf);
- RTE_SET_USED(mp);
-
- sess->sess_private_data = NULL;
+ RTE_SET_USED(sess);
return 0;
}
static int
-dummy_sec_destroy(void *device, struct rte_security_session *sess)
+dummy_sec_destroy(void *device, void *sess)
{
RTE_SET_USED(device);
RTE_SET_USED(sess);
@@ -631,8 +629,7 @@ create_dummy_sec_session(struct ipsec_unitest_params *ut,
static struct rte_security_session_conf conf;
ut->ss[j].security.ses = rte_security_session_create(&dummy_sec_ctx,
- &conf, qp->mp_session,
- qp->mp_session_private);
+ &conf, qp->mp_session);
if (ut->ss[j].security.ses == NULL)
return -ENOMEM;
@@ -200,25 +200,6 @@
expected_mempool_usage, mempool_usage); \
} while (0)
-/**
- * Verify usage of mempool by checking if number of allocated objects matches
- * expectations. The mempool is used to manage objects for sessions priv data.
- * A single object is acquired from mempool during session_create
- * and put back in session_destroy.
- *
- * @param expected_priv_mp_usage expected number of used priv mp objects
- */
-#define TEST_ASSERT_PRIV_MP_USAGE(expected_priv_mp_usage) do { \
- struct security_testsuite_params *ts_params = &testsuite_params;\
- unsigned int priv_mp_usage; \
- priv_mp_usage = rte_mempool_in_use_count( \
- ts_params->session_priv_mpool); \
- TEST_ASSERT_EQUAL(expected_priv_mp_usage, priv_mp_usage, \
- "Expecting %u priv mempool allocations, " \
- "but there are %u allocated objects", \
- expected_priv_mp_usage, priv_mp_usage); \
-} while (0)
-
/**
* Mockup structures and functions for rte_security_ops;
*
@@ -253,39 +234,28 @@
static struct mock_session_create_data {
void *device;
struct rte_security_session_conf *conf;
- struct rte_security_session *sess;
+ void *sess;
struct rte_mempool *mp;
- struct rte_mempool *priv_mp;
int ret;
int called;
int failed;
-} mock_session_create_exp = {NULL, NULL, NULL, NULL, NULL, 0, 0, 0};
+} mock_session_create_exp = {NULL, NULL, NULL, NULL, 0, 0, 0};
static int
mock_session_create(void *device,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *priv_mp)
+ void *sess)
{
- void *sess_priv;
- int ret;
mock_session_create_exp.called++;
MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, device);
MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, conf);
- MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_create_exp, priv_mp);
- if (mock_session_create_exp.ret == 0) {
- ret = rte_mempool_get(priv_mp, &sess_priv);
- TEST_ASSERT_EQUAL(0, ret,
- "priv mempool does not have enough objects");
-
- set_sec_session_private_data(sess, sess_priv);
+ if (mock_session_create_exp.ret == 0)
mock_session_create_exp.sess = sess;
- }
return mock_session_create_exp.ret;
}
@@ -297,7 +267,7 @@ mock_session_create(void *device,
*/
static struct mock_session_update_data {
void *device;
- struct rte_security_session *sess;
+ void *sess;
struct rte_security_session_conf *conf;
int ret;
@@ -308,7 +278,7 @@ static struct mock_session_update_data {
static int
mock_session_update(void *device,
- struct rte_security_session *sess,
+ void *sess,
struct rte_security_session_conf *conf)
{
mock_session_update_exp.called++;
@@ -351,7 +321,7 @@ mock_session_get_size(void *device)
*/
static struct mock_session_stats_get_data {
void *device;
- struct rte_security_session *sess;
+ void *sess;
struct rte_security_stats *stats;
int ret;
@@ -362,7 +332,7 @@ static struct mock_session_stats_get_data {
static int
mock_session_stats_get(void *device,
- struct rte_security_session *sess,
+ void *sess,
struct rte_security_stats *stats)
{
mock_session_stats_get_exp.called++;
@@ -381,7 +351,7 @@ mock_session_stats_get(void *device,
*/
static struct mock_session_destroy_data {
void *device;
- struct rte_security_session *sess;
+ void *sess;
int ret;
@@ -390,15 +360,9 @@ static struct mock_session_destroy_data {
} mock_session_destroy_exp = {NULL, NULL, 0, 0, 0};
static int
-mock_session_destroy(void *device, struct rte_security_session *sess)
+mock_session_destroy(void *device, void *sess)
{
- void *sess_priv = get_sec_session_private_data(sess);
-
mock_session_destroy_exp.called++;
- if ((mock_session_destroy_exp.ret == 0) && (sess_priv != NULL)) {
- rte_mempool_put(rte_mempool_from_obj(sess_priv), sess_priv);
- set_sec_session_private_data(sess, NULL);
- }
MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_destroy_exp, device);
MOCK_TEST_ASSERT_POINTER_PARAMETER(mock_session_destroy_exp, sess);
@@ -412,7 +376,7 @@ mock_session_destroy(void *device, struct rte_security_session *sess)
*/
static struct mock_set_pkt_metadata_data {
void *device;
- struct rte_security_session *sess;
+ void *sess;
struct rte_mbuf *m;
void *params;
@@ -424,7 +388,7 @@ static struct mock_set_pkt_metadata_data {
static int
mock_set_pkt_metadata(void *device,
- struct rte_security_session *sess,
+ void *sess,
struct rte_mbuf *m,
void *params)
{
@@ -536,7 +500,6 @@ struct rte_security_ops mock_ops = {
*/
static struct security_testsuite_params {
struct rte_mempool *session_mpool;
- struct rte_mempool *session_priv_mpool;
} testsuite_params = { NULL };
/**
@@ -549,7 +512,7 @@ static struct security_testsuite_params {
static struct security_unittest_params {
struct rte_security_ctx ctx;
struct rte_security_session_conf conf;
- struct rte_security_session *sess;
+ void *sess;
} unittest_params = {
.ctx = {
.device = NULL,
@@ -563,7 +526,7 @@ static struct security_unittest_params {
#define SECURITY_TEST_PRIV_MEMPOOL_NAME "SecurityTestPrivMp"
#define SECURITY_TEST_MEMPOOL_SIZE 15
#define SECURITY_TEST_SESSION_OBJ_SZ sizeof(struct rte_security_session)
-#define SECURITY_TEST_SESSION_PRIV_OBJ_SZ 64
+#define SECURITY_TEST_SESSION_PRIV_OBJ_SZ 1024
/**
* testsuite_setup initializes whole test suite parameters.
@@ -577,27 +540,13 @@ testsuite_setup(void)
ts_params->session_mpool = rte_mempool_create(
SECURITY_TEST_MEMPOOL_NAME,
SECURITY_TEST_MEMPOOL_SIZE,
- SECURITY_TEST_SESSION_OBJ_SZ,
+ SECURITY_TEST_SESSION_OBJ_SZ +
+ SECURITY_TEST_SESSION_PRIV_OBJ_SZ,
0, 0, NULL, NULL, NULL, NULL,
SOCKET_ID_ANY, 0);
TEST_ASSERT_NOT_NULL(ts_params->session_mpool,
"Cannot create mempool %s\n", rte_strerror(rte_errno));
- ts_params->session_priv_mpool = rte_mempool_create(
- SECURITY_TEST_PRIV_MEMPOOL_NAME,
- SECURITY_TEST_MEMPOOL_SIZE,
- SECURITY_TEST_SESSION_PRIV_OBJ_SZ,
- 0, 0, NULL, NULL, NULL, NULL,
- SOCKET_ID_ANY, 0);
- if (ts_params->session_priv_mpool == NULL) {
- RTE_LOG(ERR, USER1, "TestCase %s() line %d failed (null): "
- "Cannot create priv mempool %s\n",
- __func__, __LINE__, rte_strerror(rte_errno));
- rte_mempool_free(ts_params->session_mpool);
- ts_params->session_mpool = NULL;
- return TEST_FAILED;
- }
-
return TEST_SUCCESS;
}
@@ -612,10 +561,6 @@ testsuite_teardown(void)
rte_mempool_free(ts_params->session_mpool);
ts_params->session_mpool = NULL;
}
- if (ts_params->session_priv_mpool) {
- rte_mempool_free(ts_params->session_priv_mpool);
- ts_params->session_priv_mpool = NULL;
- }
}
/**
@@ -704,7 +649,7 @@ ut_setup_with_session(void)
{
struct security_unittest_params *ut_params = &unittest_params;
struct security_testsuite_params *ts_params = &testsuite_params;
- struct rte_security_session *sess;
+ void *sess;
int ret = ut_setup();
if (ret != TEST_SUCCESS)
@@ -713,12 +658,11 @@ ut_setup_with_session(void)
mock_session_create_exp.device = NULL;
mock_session_create_exp.conf = &ut_params->conf;
mock_session_create_exp.mp = ts_params->session_mpool;
- mock_session_create_exp.priv_mp = ts_params->session_priv_mpool;
mock_session_create_exp.ret = 0;
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
+ mock_session_get_size_exp.called = 0;
TEST_ASSERT_MOCK_FUNCTION_CALL_NOT_NULL(rte_security_session_create,
sess);
TEST_ASSERT_EQUAL(sess, mock_session_create_exp.sess,
@@ -757,16 +701,14 @@ test_session_create_inv_context(void)
{
struct security_testsuite_params *ts_params = &testsuite_params;
struct security_unittest_params *ut_params = &unittest_params;
- struct rte_security_session *sess;
+ void *sess;
sess = rte_security_session_create(NULL, &ut_params->conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(0);
- TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
return TEST_SUCCESS;
@@ -781,18 +723,16 @@ test_session_create_inv_context_ops(void)
{
struct security_testsuite_params *ts_params = &testsuite_params;
struct security_unittest_params *ut_params = &unittest_params;
- struct rte_security_session *sess;
+ void *sess;
ut_params->ctx.ops = NULL;
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(0);
- TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
return TEST_SUCCESS;
@@ -807,18 +747,16 @@ test_session_create_inv_context_ops_fun(void)
{
struct security_testsuite_params *ts_params = &testsuite_params;
struct security_unittest_params *ut_params = &unittest_params;
- struct rte_security_session *sess;
+ void *sess;
ut_params->ctx.ops = &empty_ops;
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(0);
- TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
return TEST_SUCCESS;
@@ -832,16 +770,14 @@ test_session_create_inv_configuration(void)
{
struct security_testsuite_params *ts_params = &testsuite_params;
struct security_unittest_params *ut_params = &unittest_params;
- struct rte_security_session *sess;
+ void *sess;
sess = rte_security_session_create(&ut_params->ctx, NULL,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(0);
- TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
return TEST_SUCCESS;
@@ -855,39 +791,14 @@ static int
test_session_create_inv_mempool(void)
{
struct security_unittest_params *ut_params = &unittest_params;
- struct security_testsuite_params *ts_params = &testsuite_params;
- struct rte_security_session *sess;
+ void *sess;
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- NULL, ts_params->session_priv_mpool);
+ NULL);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(0);
- TEST_ASSERT_PRIV_MP_USAGE(0);
- TEST_ASSERT_SESSION_COUNT(0);
-
- return TEST_SUCCESS;
-}
-
-/**
- * Test execution of rte_security_session_create with NULL session
- * priv mempool
- */
-static int
-test_session_create_inv_sess_priv_mempool(void)
-{
- struct security_unittest_params *ut_params = &unittest_params;
- struct security_testsuite_params *ts_params = &testsuite_params;
- struct rte_security_session *sess;
-
- sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool, NULL);
- TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
- sess, NULL, "%p");
- TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
- TEST_ASSERT_MEMPOOL_USAGE(0);
- TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
return TEST_SUCCESS;
@@ -902,9 +813,8 @@ test_session_create_mempool_empty(void)
{
struct security_testsuite_params *ts_params = &testsuite_params;
struct security_unittest_params *ut_params = &unittest_params;
- struct rte_security_session *tmp[SECURITY_TEST_MEMPOOL_SIZE];
- void *tmp1[SECURITY_TEST_MEMPOOL_SIZE];
- struct rte_security_session *sess;
+ void *tmp[SECURITY_TEST_MEMPOOL_SIZE];
+ void *sess;
/* Get all available objects from mempool. */
int i, ret;
@@ -914,34 +824,23 @@ test_session_create_mempool_empty(void)
TEST_ASSERT_EQUAL(0, ret,
"Expect getting %d object from mempool"
" to succeed", i);
- ret = rte_mempool_get(ts_params->session_priv_mpool,
- (void **)(&tmp1[i]));
- TEST_ASSERT_EQUAL(0, ret,
- "Expect getting %d object from priv mempool"
- " to succeed", i);
}
TEST_ASSERT_MEMPOOL_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
- TEST_ASSERT_PRIV_MP_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
- TEST_ASSERT_PRIV_MP_USAGE(SECURITY_TEST_MEMPOOL_SIZE);
TEST_ASSERT_SESSION_COUNT(0);
/* Put objects back to the pool. */
for (i = 0; i < SECURITY_TEST_MEMPOOL_SIZE; ++i) {
rte_mempool_put(ts_params->session_mpool,
(void *)(tmp[i]));
- rte_mempool_put(ts_params->session_priv_mpool,
- (tmp1[i]));
}
TEST_ASSERT_MEMPOOL_USAGE(0);
- TEST_ASSERT_PRIV_MP_USAGE(0);
return TEST_SUCCESS;
}
@@ -955,22 +854,19 @@ test_session_create_ops_failure(void)
{
struct security_testsuite_params *ts_params = &testsuite_params;
struct security_unittest_params *ut_params = &unittest_params;
- struct rte_security_session *sess;
+ void *sess;
mock_session_create_exp.device = NULL;
mock_session_create_exp.conf = &ut_params->conf;
mock_session_create_exp.mp = ts_params->session_mpool;
- mock_session_create_exp.priv_mp = ts_params->session_priv_mpool;
mock_session_create_exp.ret = -1; /* Return failure status. */
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_RET(rte_security_session_create,
sess, NULL, "%p");
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 1);
TEST_ASSERT_MEMPOOL_USAGE(0);
- TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
return TEST_SUCCESS;
@@ -984,17 +880,15 @@ test_session_create_success(void)
{
struct security_testsuite_params *ts_params = &testsuite_params;
struct security_unittest_params *ut_params = &unittest_params;
- struct rte_security_session *sess;
+ void *sess;
mock_session_create_exp.device = NULL;
mock_session_create_exp.conf = &ut_params->conf;
mock_session_create_exp.mp = ts_params->session_mpool;
- mock_session_create_exp.priv_mp = ts_params->session_priv_mpool;
mock_session_create_exp.ret = 0; /* Return success status. */
sess = rte_security_session_create(&ut_params->ctx, &ut_params->conf,
- ts_params->session_mpool,
- ts_params->session_priv_mpool);
+ ts_params->session_mpool);
TEST_ASSERT_MOCK_FUNCTION_CALL_NOT_NULL(rte_security_session_create,
sess);
TEST_ASSERT_EQUAL(sess, mock_session_create_exp.sess,
@@ -1003,7 +897,6 @@ test_session_create_success(void)
sess, mock_session_create_exp.sess);
TEST_ASSERT_MOCK_CALLS(mock_session_create_exp, 1);
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
/*
@@ -1389,7 +1282,6 @@ test_session_destroy_inv_context(void)
struct security_unittest_params *ut_params = &unittest_params;
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
int ret = rte_security_session_destroy(NULL, ut_params->sess);
@@ -1397,7 +1289,6 @@ test_session_destroy_inv_context(void)
ret, -EINVAL, "%d");
TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
return TEST_SUCCESS;
@@ -1414,7 +1305,6 @@ test_session_destroy_inv_context_ops(void)
ut_params->ctx.ops = NULL;
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
int ret = rte_security_session_destroy(&ut_params->ctx,
@@ -1423,7 +1313,6 @@ test_session_destroy_inv_context_ops(void)
ret, -EINVAL, "%d");
TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
return TEST_SUCCESS;
@@ -1440,7 +1329,6 @@ test_session_destroy_inv_context_ops_fun(void)
ut_params->ctx.ops = &empty_ops;
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
int ret = rte_security_session_destroy(&ut_params->ctx,
@@ -1449,7 +1337,6 @@ test_session_destroy_inv_context_ops_fun(void)
ret, -ENOTSUP, "%d");
TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
return TEST_SUCCESS;
@@ -1464,7 +1351,6 @@ test_session_destroy_inv_session(void)
struct security_unittest_params *ut_params = &unittest_params;
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
int ret = rte_security_session_destroy(&ut_params->ctx, NULL);
@@ -1472,7 +1358,6 @@ test_session_destroy_inv_session(void)
ret, -EINVAL, "%d");
TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 0);
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
return TEST_SUCCESS;
@@ -1492,7 +1377,6 @@ test_session_destroy_ops_failure(void)
mock_session_destroy_exp.ret = -1;
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
int ret = rte_security_session_destroy(&ut_params->ctx,
@@ -1501,7 +1385,6 @@ test_session_destroy_ops_failure(void)
ret, -1, "%d");
TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 1);
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
return TEST_SUCCESS;
@@ -1519,7 +1402,6 @@ test_session_destroy_success(void)
mock_session_destroy_exp.sess = ut_params->sess;
mock_session_destroy_exp.ret = 0;
TEST_ASSERT_MEMPOOL_USAGE(1);
- TEST_ASSERT_PRIV_MP_USAGE(1);
TEST_ASSERT_SESSION_COUNT(1);
int ret = rte_security_session_destroy(&ut_params->ctx,
@@ -1528,7 +1410,6 @@ test_session_destroy_success(void)
ret, 0, "%d");
TEST_ASSERT_MOCK_CALLS(mock_session_destroy_exp, 1);
TEST_ASSERT_MEMPOOL_USAGE(0);
- TEST_ASSERT_PRIV_MP_USAGE(0);
TEST_ASSERT_SESSION_COUNT(0);
/*
@@ -2495,8 +2376,6 @@ static struct unit_test_suite security_testsuite = {
test_session_create_inv_configuration),
TEST_CASE_ST(ut_setup, ut_teardown,
test_session_create_inv_mempool),
- TEST_CASE_ST(ut_setup, ut_teardown,
- test_session_create_inv_sess_priv_mempool),
TEST_CASE_ST(ut_setup, ut_teardown,
test_session_create_mempool_empty),
TEST_CASE_ST(ut_setup, ut_teardown,
@@ -1361,9 +1361,7 @@ caam_jr_enqueue_op(struct rte_crypto_op *op, struct caam_jr_qp *qp)
cryptodev_driver_id);
break;
case RTE_CRYPTO_OP_SECURITY_SESSION:
- ses = (struct caam_jr_session *)
- get_sec_session_private_data(
- op->sym->sec_session);
+ ses = (struct caam_jr_session *)(op->sym->sec_session);
break;
default:
CAAM_JR_DP_ERR("sessionless crypto op not supported");
@@ -1911,22 +1909,14 @@ caam_jr_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
static int
caam_jr_security_session_create(void *dev,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ void *sess)
{
- void *sess_private_data;
struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
int ret;
- if (rte_mempool_get(mempool, &sess_private_data)) {
- CAAM_JR_ERR("Couldn't get object from session mempool");
- return -ENOMEM;
- }
-
switch (conf->protocol) {
case RTE_SECURITY_PROTOCOL_IPSEC:
- ret = caam_jr_set_ipsec_session(cdev, conf,
- sess_private_data);
+ ret = caam_jr_set_ipsec_session(cdev, conf, sess);
break;
case RTE_SECURITY_PROTOCOL_MACSEC:
return -ENOTSUP;
@@ -1935,34 +1925,24 @@ caam_jr_security_session_create(void *dev,
}
if (ret != 0) {
CAAM_JR_ERR("failed to configure session parameters");
- /* Return session to mempool */
- rte_mempool_put(mempool, sess_private_data);
return ret;
}
- set_sec_session_private_data(sess, sess_private_data);
-
return ret;
}
/* Clear the memory of session so it doesn't leave key material behind */
static int
-caam_jr_security_session_destroy(void *dev __rte_unused,
- struct rte_security_session *sess)
+caam_jr_security_session_destroy(void *dev __rte_unused, void *sess)
{
PMD_INIT_FUNC_TRACE();
- void *sess_priv = get_sec_session_private_data(sess);
- struct caam_jr_session *s = (struct caam_jr_session *)sess_priv;
-
- if (sess_priv) {
- struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
+ struct caam_jr_session *s = (struct caam_jr_session *)sess;
+ if (sess) {
rte_free(s->cipher_key.data);
rte_free(s->auth_key.data);
memset(sess, 0, sizeof(struct caam_jr_session));
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(sess_mp, sess_priv);
}
return 0;
}
@@ -122,8 +122,8 @@ cn10k_cpt_fill_inst(struct cnxk_cpt_qp *qp, struct rte_crypto_op *ops[],
if (op->type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) {
if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
- sec_sess = get_sec_session_private_data(
- sym_op->sec_session);
+ sec_sess = (struct cn10k_sec_session *)
+ (sym_op->sec_session);
ret = cpt_sec_inst_fill(op, sec_sess, infl_req,
&inst[0]);
if (unlikely(ret))
@@ -360,7 +360,7 @@ cn10k_cpt_sec_ucc_process(struct rte_crypto_op *cop,
if (!(infl_req->op_flags & CPT_OP_FLAGS_IPSEC_DIR_INBOUND))
return;
- sess = get_sec_session_private_data(cop->sym->sec_session);
+ sess = (struct cn10k_sec_session *)(cop->sym->sec_session);
sa = &sess->sa;
mbuf = cop->sym->m_src;
@@ -35,17 +35,15 @@ static int
cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt,
struct rte_security_ipsec_xform *ipsec_xfrm,
struct rte_crypto_sym_xform *crypto_xfrm,
- struct rte_security_session *sec_sess)
+ struct cn10k_sec_session *sess)
{
union roc_ot_ipsec_outb_param1 param1;
struct roc_ot_ipsec_outb_sa *out_sa;
struct cnxk_ipsec_outb_rlens rlens;
- struct cn10k_sec_session *sess;
struct cn10k_ipsec_sa *sa;
union cpt_inst_w4 inst_w4;
int ret;
- sess = get_sec_session_private_data(sec_sess);
sa = &sess->sa;
out_sa = &sa->out_sa;
@@ -114,16 +112,14 @@ static int
cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt,
struct rte_security_ipsec_xform *ipsec_xfrm,
struct rte_crypto_sym_xform *crypto_xfrm,
- struct rte_security_session *sec_sess)
+ struct cn10k_sec_session *sess)
{
union roc_ot_ipsec_inb_param1 param1;
struct roc_ot_ipsec_inb_sa *in_sa;
- struct cn10k_sec_session *sess;
struct cn10k_ipsec_sa *sa;
union cpt_inst_w4 inst_w4;
int ret;
- sess = get_sec_session_private_data(sec_sess);
sa = &sess->sa;
in_sa = &sa->in_sa;
@@ -175,7 +171,7 @@ static int
cn10k_ipsec_session_create(void *dev,
struct rte_security_ipsec_xform *ipsec_xfrm,
struct rte_crypto_sym_xform *crypto_xfrm,
- struct rte_security_session *sess)
+ struct cn10k_sec_session *sess)
{
struct rte_cryptodev *crypto_dev = dev;
struct roc_cpt *roc_cpt;
@@ -204,55 +200,28 @@ cn10k_ipsec_session_create(void *dev,
static int
cn10k_sec_session_create(void *device, struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ void *sess)
{
- struct cn10k_sec_session *priv;
- int ret;
+ struct cn10k_sec_session *priv = sess;
if (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)
return -EINVAL;
- if (rte_mempool_get(mempool, (void **)&priv)) {
- plt_err("Could not allocate security session private data");
- return -ENOMEM;
- }
-
- set_sec_session_private_data(sess, priv);
-
if (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC) {
- ret = -ENOTSUP;
- goto mempool_put;
+ return -ENOTSUP;
}
- ret = cn10k_ipsec_session_create(device, &conf->ipsec,
- conf->crypto_xform, sess);
- if (ret)
- goto mempool_put;
-
- return 0;
-
-mempool_put:
- rte_mempool_put(mempool, priv);
- set_sec_session_private_data(sess, NULL);
- return ret;
+ return cn10k_ipsec_session_create(device, &conf->ipsec,
+ conf->crypto_xform, priv);
}
static int
-cn10k_sec_session_destroy(void *device __rte_unused,
- struct rte_security_session *sess)
+cn10k_sec_session_destroy(void *device __rte_unused, void *sess)
{
- struct cn10k_sec_session *priv;
- struct rte_mempool *sess_mp;
-
- priv = get_sec_session_private_data(sess);
+ struct cn10k_sec_session *priv = sess;
if (priv == NULL)
return 0;
-
- sess_mp = rte_mempool_from_obj(priv);
-
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(sess_mp, priv);
+ memset(priv, 0, sizeof(*priv));
return 0;
}
@@ -56,7 +56,7 @@ cn9k_cpt_sec_inst_fill(struct rte_crypto_op *op,
return -ENOTSUP;
}
- priv = get_sec_session_private_data(op->sym->sec_session);
+ priv = (struct cn9k_sec_session *)(op->sym->sec_session);
sa = &priv->sa;
if (sa->dir == RTE_SECURITY_IPSEC_SA_DIR_EGRESS)
@@ -275,14 +275,13 @@ static int
cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
struct rte_security_ipsec_xform *ipsec,
struct rte_crypto_sym_xform *crypto_xform,
- struct rte_security_session *sec_sess)
+ struct cn9k_sec_session *sess)
{
struct rte_crypto_sym_xform *auth_xform = crypto_xform->next;
struct roc_ie_on_ip_template *template = NULL;
struct roc_cpt *roc_cpt = qp->lf.roc_cpt;
struct cnxk_cpt_inst_tmpl *inst_tmpl;
struct roc_ie_on_outb_sa *out_sa;
- struct cn9k_sec_session *sess;
struct roc_ie_on_sa_ctl *ctl;
struct cn9k_ipsec_sa *sa;
struct rte_ipv6_hdr *ip6;
@@ -294,7 +293,6 @@ cn9k_ipsec_outb_sa_create(struct cnxk_cpt_qp *qp,
size_t ctx_len;
int ret;
- sess = get_sec_session_private_data(sec_sess);
sa = &sess->sa;
out_sa = &sa->out_sa;
ctl = &out_sa->common_sa.ctl;
@@ -422,13 +420,12 @@ static int
cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,
struct rte_security_ipsec_xform *ipsec,
struct rte_crypto_sym_xform *crypto_xform,
- struct rte_security_session *sec_sess)
+ struct cn9k_sec_session *sess)
{
struct rte_crypto_sym_xform *auth_xform = crypto_xform;
struct roc_cpt *roc_cpt = qp->lf.roc_cpt;
struct cnxk_cpt_inst_tmpl *inst_tmpl;
struct roc_ie_on_inb_sa *in_sa;
- struct cn9k_sec_session *sess;
struct cn9k_ipsec_sa *sa;
const uint8_t *auth_key;
union cpt_inst_w4 w4;
@@ -437,7 +434,6 @@ cn9k_ipsec_inb_sa_create(struct cnxk_cpt_qp *qp,
size_t ctx_len = 0;
int ret;
- sess = get_sec_session_private_data(sec_sess);
sa = &sess->sa;
in_sa = &sa->in_sa;
@@ -501,7 +497,7 @@ static int
cn9k_ipsec_session_create(void *dev,
struct rte_security_ipsec_xform *ipsec_xform,
struct rte_crypto_sym_xform *crypto_xform,
- struct rte_security_session *sess)
+ struct cn9k_sec_session *sess)
{
struct rte_cryptodev *crypto_dev = dev;
struct cnxk_cpt_qp *qp;
@@ -532,53 +528,32 @@ cn9k_ipsec_session_create(void *dev,
static int
cn9k_sec_session_create(void *device, struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ void *sess)
{
- struct cn9k_sec_session *priv;
- int ret;
+ struct cn9k_sec_session *priv = sess;
if (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)
return -EINVAL;
- if (rte_mempool_get(mempool, (void **)&priv)) {
- plt_err("Could not allocate security session private data");
- return -ENOMEM;
- }
-
memset(priv, 0, sizeof(*priv));
- set_sec_session_private_data(sess, priv);
-
if (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC) {
- ret = -ENOTSUP;
- goto mempool_put;
+ return -ENOTSUP;
}
- ret = cn9k_ipsec_session_create(device, &conf->ipsec,
- conf->crypto_xform, sess);
- if (ret)
- goto mempool_put;
-
- return 0;
-
-mempool_put:
- rte_mempool_put(mempool, priv);
- set_sec_session_private_data(sess, NULL);
- return ret;
+ return cn9k_ipsec_session_create(device, &conf->ipsec,
+ conf->crypto_xform, priv);
}
static int
-cn9k_sec_session_destroy(void *device __rte_unused,
- struct rte_security_session *sess)
+cn9k_sec_session_destroy(void *device __rte_unused, void *sess)
{
struct roc_ie_on_outb_sa *out_sa;
struct cn9k_sec_session *priv;
- struct rte_mempool *sess_mp;
struct roc_ie_on_sa_ctl *ctl;
struct cn9k_ipsec_sa *sa;
- priv = get_sec_session_private_data(sess);
+ priv = sess;
if (priv == NULL)
return 0;
@@ -590,13 +565,8 @@ cn9k_sec_session_destroy(void *device __rte_unused,
rte_io_wmb();
- sess_mp = rte_mempool_from_obj(priv);
-
memset(priv, 0, sizeof(*priv));
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(sess_mp, priv);
-
return 0;
}
@@ -1351,8 +1351,7 @@ build_sec_fd(struct rte_crypto_op *op,
op->sym->session, cryptodev_driver_id);
#ifdef RTE_LIB_SECURITY
else if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
- sess = (dpaa2_sec_session *)get_sec_session_private_data(
- op->sym->sec_session);
+ sess = (dpaa2_sec_session *)(op->sym->sec_session);
#endif
else
return -ENOTSUP;
@@ -1525,7 +1524,7 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
struct rte_crypto_op *op;
uint16_t len = DPAA2_GET_FD_LEN(fd);
int16_t diff = 0;
- dpaa2_sec_session *sess_priv __rte_unused;
+ dpaa2_sec_session *sess_priv;
struct rte_mbuf *mbuf = DPAA2_INLINE_MBUF_FROM_BUF(
DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd)),
@@ -1538,8 +1537,7 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
mbuf->buf_iova = op->sym->aead.digest.phys_addr;
op->sym->aead.digest.phys_addr = 0L;
- sess_priv = (dpaa2_sec_session *)get_sec_session_private_data(
- op->sym->sec_session);
+ sess_priv = (dpaa2_sec_session *)(op->sym->sec_session);
if (sess_priv->dir == DIR_ENC)
mbuf->data_off += SEC_FLC_DHR_OUTBOUND;
else
@@ -3388,63 +3386,44 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,
static int
dpaa2_sec_security_session_create(void *dev,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ void *sess)
{
- void *sess_private_data;
struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
int ret;
- if (rte_mempool_get(mempool, &sess_private_data)) {
- DPAA2_SEC_ERR("Couldn't get object from session mempool");
- return -ENOMEM;
- }
-
switch (conf->protocol) {
case RTE_SECURITY_PROTOCOL_IPSEC:
- ret = dpaa2_sec_set_ipsec_session(cdev, conf,
- sess_private_data);
+ ret = dpaa2_sec_set_ipsec_session(cdev, conf, sess);
break;
case RTE_SECURITY_PROTOCOL_MACSEC:
return -ENOTSUP;
case RTE_SECURITY_PROTOCOL_PDCP:
- ret = dpaa2_sec_set_pdcp_session(cdev, conf,
- sess_private_data);
+ ret = dpaa2_sec_set_pdcp_session(cdev, conf, sess);
break;
default:
return -EINVAL;
}
if (ret != 0) {
DPAA2_SEC_ERR("Failed to configure session parameters");
- /* Return session to mempool */
- rte_mempool_put(mempool, sess_private_data);
return ret;
}
- set_sec_session_private_data(sess, sess_private_data);
-
return ret;
}
/** Clear the memory of session so it doesn't leave key material behind */
static int
-dpaa2_sec_security_session_destroy(void *dev __rte_unused,
- struct rte_security_session *sess)
+dpaa2_sec_security_session_destroy(void *dev __rte_unused, void *sess)
{
PMD_INIT_FUNC_TRACE();
- void *sess_priv = get_sec_session_private_data(sess);
- dpaa2_sec_session *s = (dpaa2_sec_session *)sess_priv;
-
- if (sess_priv) {
- struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
+ dpaa2_sec_session *s = (dpaa2_sec_session *)sess;
+ if (sess) {
rte_free(s->ctxt);
rte_free(s->cipher_key.data);
rte_free(s->auth_key.data);
memset(s, 0, sizeof(dpaa2_sec_session));
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(sess_mp, sess_priv);
}
return 0;
}
@@ -1005,8 +1005,7 @@ dpaa2_sec_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,
}
if (sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
- sess = (dpaa2_sec_session *)get_sec_session_private_data(
- session_ctx.sec_sess);
+ sess = (dpaa2_sec_session *)session_ctx.sec_sess;
else if (sess_type == RTE_CRYPTO_OP_WITH_SESSION)
sess = (dpaa2_sec_session *)get_sym_session_private_data(
session_ctx.crypto_sess, cryptodev_driver_id);
@@ -1790,8 +1790,7 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
#ifdef RTE_LIB_SECURITY
case RTE_CRYPTO_OP_SECURITY_SESSION:
ses = (dpaa_sec_session *)
- get_sec_session_private_data(
- op->sym->sec_session);
+ (op->sym->sec_session);
break;
#endif
default:
@@ -2569,7 +2568,6 @@ static inline void
free_session_memory(struct rte_cryptodev *dev, dpaa_sec_session *s)
{
struct dpaa_sec_dev_private *qi = dev->data->dev_private;
- struct rte_mempool *sess_mp = rte_mempool_from_obj((void *)s);
uint8_t i;
for (i = 0; i < MAX_DPAA_CORES; i++) {
@@ -2579,7 +2577,6 @@ free_session_memory(struct rte_cryptodev *dev, dpaa_sec_session *s)
s->qp[i] = NULL;
}
free_session_data(s);
- rte_mempool_put(sess_mp, (void *)s);
}
/** Clear the memory of session so it doesn't leave key material behind */
@@ -3114,26 +3111,17 @@ dpaa_sec_set_pdcp_session(struct rte_cryptodev *dev,
static int
dpaa_sec_security_session_create(void *dev,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ void *sess)
{
- void *sess_private_data;
struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
int ret;
- if (rte_mempool_get(mempool, &sess_private_data)) {
- DPAA_SEC_ERR("Couldn't get object from session mempool");
- return -ENOMEM;
- }
-
switch (conf->protocol) {
case RTE_SECURITY_PROTOCOL_IPSEC:
- ret = dpaa_sec_set_ipsec_session(cdev, conf,
- sess_private_data);
+ ret = dpaa_sec_set_ipsec_session(cdev, conf, sess);
break;
case RTE_SECURITY_PROTOCOL_PDCP:
- ret = dpaa_sec_set_pdcp_session(cdev, conf,
- sess_private_data);
+ ret = dpaa_sec_set_pdcp_session(cdev, conf, sess);
break;
case RTE_SECURITY_PROTOCOL_MACSEC:
return -ENOTSUP;
@@ -3142,29 +3130,21 @@ dpaa_sec_security_session_create(void *dev,
}
if (ret != 0) {
DPAA_SEC_ERR("failed to configure session parameters");
- /* Return session to mempool */
- rte_mempool_put(mempool, sess_private_data);
return ret;
}
- set_sec_session_private_data(sess, sess_private_data);
-
return ret;
}
/** Clear the memory of session so it doesn't leave key material behind */
static int
-dpaa_sec_security_session_destroy(void *dev __rte_unused,
- struct rte_security_session *sess)
+dpaa_sec_security_session_destroy(void *dev __rte_unused, void *sess)
{
PMD_INIT_FUNC_TRACE();
- void *sess_priv = get_sec_session_private_data(sess);
- dpaa_sec_session *s = (dpaa_sec_session *)sess_priv;
+ dpaa_sec_session *s = (dpaa_sec_session *)sess;
- if (sess_priv) {
+ if (sess)
free_session_memory((struct rte_cryptodev *)dev, s);
- set_sec_session_private_data(sess, NULL);
- }
return 0;
}
#endif
@@ -1010,8 +1010,7 @@ dpaa_sec_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,
}
if (sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
- sess = (dpaa_sec_session *)get_sec_session_private_data(
- session_ctx.sec_sess);
+ sess = (dpaa_sec_session *)session_ctx.sec_sess;
else if (sess_type == RTE_CRYPTO_OP_WITH_SESSION)
sess = (dpaa_sec_session *)get_sym_session_private_data(
session_ctx.crypto_sess, dpaa_cryptodev_driver_id);
@@ -1353,8 +1353,7 @@ set_sec_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,
op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
return -1;
}
- session = (struct aesni_mb_session *)
- get_sec_session_private_data(op->sym->sec_session);
+ session = (struct aesni_mb_session *)(op->sym->sec_session);
if (unlikely(session == NULL)) {
op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
@@ -1491,7 +1490,7 @@ post_process_mb_job(struct ipsec_mb_qp *qp, IMB_JOB *job)
* this is for DOCSIS
*/
is_docsis_sec = 1;
- sess = get_sec_session_private_data(op->sym->sec_session);
+ sess = (struct aesni_mb_session *)(op->sym->sec_session);
} else
#endif
{
@@ -1894,10 +1893,8 @@ struct rte_cryptodev_ops aesni_mb_pmd_ops = {
*/
static int
aesni_mb_pmd_sec_sess_create(void *dev, struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ void *sess_private_data)
{
- void *sess_private_data;
struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
int ret;
@@ -1907,41 +1904,24 @@ aesni_mb_pmd_sec_sess_create(void *dev, struct rte_security_session_conf *conf,
return -EINVAL;
}
- if (rte_mempool_get(mempool, &sess_private_data)) {
- IPSEC_MB_LOG(ERR, "Couldn't get object from session mempool");
- return -ENOMEM;
- }
-
ret = aesni_mb_set_docsis_sec_session_parameters(cdev, conf,
sess_private_data);
if (ret != 0) {
IPSEC_MB_LOG(ERR, "Failed to configure session parameters");
-
- /* Return session to mempool */
- rte_mempool_put(mempool, sess_private_data);
return ret;
}
- set_sec_session_private_data(sess, sess_private_data);
-
return ret;
}
/** Clear the memory of session so it does not leave key material behind */
static int
-aesni_mb_pmd_sec_sess_destroy(void *dev __rte_unused,
- struct rte_security_session *sess)
+aesni_mb_pmd_sec_sess_destroy(void *dev __rte_unused, void *sess_priv)
{
- void *sess_priv = get_sec_session_private_data(sess);
-
- if (sess_priv) {
- struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-
+ if (sess_priv)
memset(sess_priv, 0, sizeof(struct aesni_mb_session));
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(sess_mp, sess_priv);
- }
+
return 0;
}
@@ -773,8 +773,7 @@ mrvl_request_prepare_sec(struct sam_cio_ipsec_params *request,
return -EINVAL;
}
- sess = (struct mrvl_crypto_session *)get_sec_session_private_data(
- op->sym->sec_session);
+ sess = (struct mrvl_crypto_session *)(op->sym->sec_session);
if (unlikely(sess == NULL)) {
MRVL_LOG(ERR, "Session was not created for this device! %d",
cryptodev_driver_id);
@@ -913,16 +913,12 @@ mrvl_crypto_pmd_security_session_create(__rte_unused void *dev,
/** Clear the memory of session so it doesn't leave key material behind */
static int
-mrvl_crypto_pmd_security_session_destroy(void *dev __rte_unused,
- struct rte_security_session *sess)
+mrvl_crypto_pmd_security_session_destroy(void *dev __rte_unused, void *sess)
{
- void *sess_priv = get_sec_session_private_data(sess);
-
/* Zero out the whole structure */
- if (sess_priv) {
+ if (sess) {
struct mrvl_crypto_session *mrvl_sess =
(struct mrvl_crypto_session *)sess_priv;
- struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
if (mrvl_sess->sam_sess &&
sam_session_destroy(mrvl_sess->sam_sess) < 0) {
@@ -932,9 +928,6 @@ mrvl_crypto_pmd_security_session_destroy(void *dev __rte_unused,
rte_free(mrvl_sess->sam_sess_params.cipher_key);
rte_free(mrvl_sess->sam_sess_params.auth_key);
rte_free(mrvl_sess->sam_sess_params.cipher_iv);
- memset(sess, 0, sizeof(struct rte_security_session));
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(sess_mp, sess_priv);
}
return 0;
}
@@ -702,7 +702,7 @@ otx2_cpt_enqueue_sec(struct otx2_cpt_qp *qp, struct rte_crypto_op *op,
uint8_t esn;
int ret;
- priv = get_sec_session_private_data(op->sym->sec_session);
+ priv = (struct otx2_sec_session *)(op->sym->sec_session);
sess = &priv->ipsec.lp;
sa = &sess->in_sa;
@@ -203,7 +203,7 @@ static int
crypto_sec_ipsec_outb_session_create(struct rte_cryptodev *crypto_dev,
struct rte_security_ipsec_xform *ipsec,
struct rte_crypto_sym_xform *crypto_xform,
- struct rte_security_session *sec_sess)
+ struct otx2_sec_session *sess)
{
struct rte_crypto_sym_xform *auth_xform, *cipher_xform;
struct otx2_ipsec_po_ip_template *template = NULL;
@@ -212,13 +212,11 @@ crypto_sec_ipsec_outb_session_create(struct rte_cryptodev *crypto_dev,
struct otx2_ipsec_po_sa_ctl *ctl;
int cipher_key_len, auth_key_len;
struct otx2_ipsec_po_out_sa *sa;
- struct otx2_sec_session *sess;
struct otx2_cpt_inst_s inst;
struct rte_ipv6_hdr *ip6;
struct rte_ipv4_hdr *ip;
int ret, ctx_len;
- sess = get_sec_session_private_data(sec_sess);
sess->ipsec.dir = RTE_SECURITY_IPSEC_SA_DIR_EGRESS;
lp = &sess->ipsec.lp;
@@ -398,7 +396,7 @@ static int
crypto_sec_ipsec_inb_session_create(struct rte_cryptodev *crypto_dev,
struct rte_security_ipsec_xform *ipsec,
struct rte_crypto_sym_xform *crypto_xform,
- struct rte_security_session *sec_sess)
+ struct otx2_sec_session *sess)
{
struct rte_crypto_sym_xform *auth_xform, *cipher_xform;
const uint8_t *cipher_key, *auth_key;
@@ -406,11 +404,9 @@ crypto_sec_ipsec_inb_session_create(struct rte_cryptodev *crypto_dev,
struct otx2_ipsec_po_sa_ctl *ctl;
int cipher_key_len, auth_key_len;
struct otx2_ipsec_po_in_sa *sa;
- struct otx2_sec_session *sess;
struct otx2_cpt_inst_s inst;
int ret;
- sess = get_sec_session_private_data(sec_sess);
sess->ipsec.dir = RTE_SECURITY_IPSEC_SA_DIR_INGRESS;
lp = &sess->ipsec.lp;
@@ -512,7 +508,7 @@ static int
crypto_sec_ipsec_session_create(struct rte_cryptodev *crypto_dev,
struct rte_security_ipsec_xform *ipsec,
struct rte_crypto_sym_xform *crypto_xform,
- struct rte_security_session *sess)
+ struct otx2_sec_session *sess)
{
int ret;
@@ -536,10 +532,9 @@ crypto_sec_ipsec_session_create(struct rte_cryptodev *crypto_dev,
static int
otx2_crypto_sec_session_create(void *device,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ void *sess)
{
- struct otx2_sec_session *priv;
+ struct otx2_sec_session *priv = sess;
int ret;
if (conf->action_type != RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)
@@ -548,51 +543,25 @@ otx2_crypto_sec_session_create(void *device,
if (rte_security_dynfield_register() < 0)
return -rte_errno;
- if (rte_mempool_get(mempool, (void **)&priv)) {
- otx2_err("Could not allocate security session private data");
- return -ENOMEM;
- }
-
- set_sec_session_private_data(sess, priv);
-
priv->userdata = conf->userdata;
if (conf->protocol == RTE_SECURITY_PROTOCOL_IPSEC)
ret = crypto_sec_ipsec_session_create(device, &conf->ipsec,
conf->crypto_xform,
- sess);
+ priv);
else
ret = -ENOTSUP;
- if (ret)
- goto mempool_put;
-
- return 0;
-
-mempool_put:
- rte_mempool_put(mempool, priv);
- set_sec_session_private_data(sess, NULL);
return ret;
}
static int
-otx2_crypto_sec_session_destroy(void *device __rte_unused,
- struct rte_security_session *sess)
+otx2_crypto_sec_session_destroy(void *device __rte_unused, void *sess)
{
- struct otx2_sec_session *priv;
- struct rte_mempool *sess_mp;
+ struct otx2_sec_session *priv = sess;
- priv = get_sec_session_private_data(sess);
-
- if (priv == NULL)
- return 0;
-
- sess_mp = rte_mempool_from_obj(priv);
-
- memset(priv, 0, sizeof(*priv));
-
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(sess_mp, priv);
+ if (priv)
+ memset(priv, 0, sizeof(*priv));
return 0;
}
@@ -604,8 +573,7 @@ otx2_crypto_sec_session_get_size(void *device __rte_unused)
}
static int
-otx2_crypto_sec_set_pkt_mdata(void *device __rte_unused,
- struct rte_security_session *session,
+otx2_crypto_sec_set_pkt_mdata(void *device __rte_unused, void *session,
struct rte_mbuf *m, void *params __rte_unused)
{
/* Set security session as the pkt metadata */
@@ -250,8 +250,7 @@ qat_sym_build_request(void *in_op, uint8_t *out_msg,
op->sym->session, qat_sym_driver_id);
#ifdef RTE_LIB_SECURITY
} else {
- ctx = (struct qat_sym_session *)get_sec_session_private_data(
- op->sym->sec_session);
+ ctx = (struct qat_sym_session *)(op->sym->sec_session);
if (likely(ctx)) {
if (unlikely(ctx->bpi_ctx == NULL)) {
QAT_DP_LOG(ERR, "QAT PMD only supports security"
@@ -202,9 +202,7 @@ qat_sym_preprocess_requests(void **ops, uint16_t nb_ops)
op = (struct rte_crypto_op *)ops[i];
if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
- ctx = (struct qat_sym_session *)
- get_sec_session_private_data(
- op->sym->sec_session);
+ ctx = (struct qat_sym_session *)(op->sym->sec_session);
if (ctx == NULL || ctx->bpi_ctx == NULL)
continue;
@@ -243,9 +241,7 @@ qat_sym_process_response(void **op, uint8_t *resp, void *op_cookie)
* Assuming at this point that if it's a security
* op, that this is for DOCSIS
*/
- sess = (struct qat_sym_session *)
- get_sec_session_private_data(
- rx_op->sym->sec_session);
+ sess = (struct qat_sym_session *)(rx_op->sym->sec_session);
is_docsis_sec = 1;
} else
#endif
@@ -2283,10 +2283,8 @@ qat_sec_session_set_docsis_parameters(struct rte_cryptodev *dev,
int
qat_security_session_create(void *dev,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ void *sess_private_data)
{
- void *sess_private_data;
struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
int ret;
@@ -2296,40 +2294,25 @@ qat_security_session_create(void *dev,
return -EINVAL;
}
- if (rte_mempool_get(mempool, &sess_private_data)) {
- QAT_LOG(ERR, "Couldn't get object from session mempool");
- return -ENOMEM;
- }
-
ret = qat_sec_session_set_docsis_parameters(cdev, conf,
sess_private_data);
if (ret != 0) {
QAT_LOG(ERR, "Failed to configure session parameters");
- /* Return session to mempool */
- rte_mempool_put(mempool, sess_private_data);
return ret;
}
- set_sec_session_private_data(sess, sess_private_data);
-
return ret;
}
int
-qat_security_session_destroy(void *dev __rte_unused,
- struct rte_security_session *sess)
+qat_security_session_destroy(void *dev __rte_unused, void *sess_priv)
{
- void *sess_priv = get_sec_session_private_data(sess);
struct qat_sym_session *s = (struct qat_sym_session *)sess_priv;
if (sess_priv) {
if (s->bpi_ctx)
bpi_cipher_ctx_free(s->bpi_ctx);
memset(s, 0, qat_sym_session_get_private_size(dev));
- struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(sess_mp, sess_priv);
}
return 0;
}
@@ -166,9 +166,9 @@ qat_sym_validate_zuc_key(int key_len, enum icp_qat_hw_cipher_algo *alg);
#ifdef RTE_LIB_SECURITY
int
qat_security_session_create(void *dev, struct rte_security_session_conf *conf,
- struct rte_security_session *sess, struct rte_mempool *mempool);
+ void *sess);
int
-qat_security_session_destroy(void *dev, struct rte_security_session *sess);
+qat_security_session_destroy(void *dev, void *sess);
#endif
#endif /* _QAT_SYM_SESSION_H_ */
@@ -369,24 +369,17 @@ ixgbe_crypto_remove_sa(struct rte_eth_dev *dev,
static int
ixgbe_crypto_create_session(void *device,
struct rte_security_session_conf *conf,
- struct rte_security_session *session,
- struct rte_mempool *mempool)
+ void *session)
{
struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
- struct ixgbe_crypto_session *ic_session = NULL;
+ struct ixgbe_crypto_session *ic_session = session;
struct rte_crypto_aead_xform *aead_xform;
struct rte_eth_conf *dev_conf = ð_dev->data->dev_conf;
- if (rte_mempool_get(mempool, (void **)&ic_session)) {
- PMD_DRV_LOG(ERR, "Cannot get object from ic_session mempool");
- return -ENOMEM;
- }
-
if (conf->crypto_xform->type != RTE_CRYPTO_SYM_XFORM_AEAD ||
conf->crypto_xform->aead.algo !=
RTE_CRYPTO_AEAD_AES_GCM) {
PMD_DRV_LOG(ERR, "Unsupported crypto transformation mode\n");
- rte_mempool_put(mempool, (void *)ic_session);
return -ENOTSUP;
}
aead_xform = &conf->crypto_xform->aead;
@@ -396,7 +389,6 @@ ixgbe_crypto_create_session(void *device,
ic_session->op = IXGBE_OP_AUTHENTICATED_DECRYPTION;
} else {
PMD_DRV_LOG(ERR, "IPsec decryption not enabled\n");
- rte_mempool_put(mempool, (void *)ic_session);
return -ENOTSUP;
}
} else {
@@ -404,7 +396,6 @@ ixgbe_crypto_create_session(void *device,
ic_session->op = IXGBE_OP_AUTHENTICATED_ENCRYPTION;
} else {
PMD_DRV_LOG(ERR, "IPsec encryption not enabled\n");
- rte_mempool_put(mempool, (void *)ic_session);
return -ENOTSUP;
}
}
@@ -416,12 +407,9 @@ ixgbe_crypto_create_session(void *device,
ic_session->spi = conf->ipsec.spi;
ic_session->dev = eth_dev;
- set_sec_session_private_data(session, ic_session);
-
if (ic_session->op == IXGBE_OP_AUTHENTICATED_ENCRYPTION) {
if (ixgbe_crypto_add_sa(ic_session)) {
PMD_DRV_LOG(ERR, "Failed to add SA\n");
- rte_mempool_put(mempool, (void *)ic_session);
return -EPERM;
}
}
@@ -436,14 +424,11 @@ ixgbe_crypto_session_get_size(__rte_unused void *device)
}
static int
-ixgbe_crypto_remove_session(void *device,
- struct rte_security_session *session)
+ixgbe_crypto_remove_session(void *device, void *session)
{
struct rte_eth_dev *eth_dev = device;
struct ixgbe_crypto_session *ic_session =
- (struct ixgbe_crypto_session *)
- get_sec_session_private_data(session);
- struct rte_mempool *mempool = rte_mempool_from_obj(ic_session);
+ (struct ixgbe_crypto_session *)session;
if (eth_dev != ic_session->dev) {
PMD_DRV_LOG(ERR, "Session not bound to this device\n");
@@ -455,8 +440,6 @@ ixgbe_crypto_remove_session(void *device,
return -EFAULT;
}
- rte_mempool_put(mempool, (void *)ic_session);
-
return 0;
}
@@ -476,12 +459,11 @@ ixgbe_crypto_compute_pad_len(struct rte_mbuf *m)
}
static int
-ixgbe_crypto_update_mb(void *device __rte_unused,
- struct rte_security_session *session,
+ixgbe_crypto_update_mb(void *device __rte_unused, void *session,
struct rte_mbuf *m, void *params __rte_unused)
{
- struct ixgbe_crypto_session *ic_session =
- get_sec_session_private_data(session);
+ struct ixgbe_crypto_session *ic_session = session;
+
if (ic_session->op == IXGBE_OP_AUTHENTICATED_ENCRYPTION) {
union ixgbe_crypto_tx_desc_md *mdata =
(union ixgbe_crypto_tx_desc_md *)
@@ -685,8 +667,10 @@ ixgbe_crypto_add_ingress_sa_from_flow(const void *sess,
const void *ip_spec,
uint8_t is_ipv6)
{
- struct ixgbe_crypto_session *ic_session
- = get_sec_session_private_data(sess);
+ uint64_t sess_ptr = (uint64_t)sess;
+ struct ixgbe_crypto_session *ic_session =
+ (struct ixgbe_crypto_session *)sess_ptr;
+ /* TODO: A proper fix need to be added to remove above typecasting. */
if (ic_session->op == IXGBE_OP_AUTHENTICATED_DECRYPTION) {
if (is_ipv6) {
@@ -12,7 +12,7 @@ drivers = [
'bnx2x',
'bnxt',
'bonding',
- 'cnxk',
+# 'cnxk',
'cxgbe',
'dpaa',
'dpaa2',
@@ -350,7 +350,7 @@ static int
eth_sec_ipsec_out_sess_create(struct rte_eth_dev *eth_dev,
struct rte_security_ipsec_xform *ipsec,
struct rte_crypto_sym_xform *crypto_xform,
- struct rte_security_session *sec_sess)
+ struct otx2_sec_session *sec_sess)
{
struct rte_crypto_sym_xform *auth_xform, *cipher_xform;
struct otx2_sec_session_ipsec_ip *sess;
@@ -363,7 +363,7 @@ eth_sec_ipsec_out_sess_create(struct rte_eth_dev *eth_dev,
struct otx2_cpt_inst_s inst;
struct otx2_cpt_qp *qp;
- priv = get_sec_session_private_data(sec_sess);
+ priv = sec_sess;
priv->ipsec.dir = RTE_SECURITY_IPSEC_SA_DIR_EGRESS;
sess = &priv->ipsec.ip;
@@ -468,7 +468,7 @@ static int
eth_sec_ipsec_in_sess_create(struct rte_eth_dev *eth_dev,
struct rte_security_ipsec_xform *ipsec,
struct rte_crypto_sym_xform *crypto_xform,
- struct rte_security_session *sec_sess)
+ struct otx2_sec_session *sec_sess)
{
struct rte_crypto_sym_xform *auth_xform, *cipher_xform;
struct otx2_eth_dev *dev = otx2_eth_pmd_priv(eth_dev);
@@ -495,7 +495,7 @@ eth_sec_ipsec_in_sess_create(struct rte_eth_dev *eth_dev,
ctl = &sa->ctl;
- priv = get_sec_session_private_data(sec_sess);
+ priv = sec_sess;
priv->ipsec.dir = RTE_SECURITY_IPSEC_SA_DIR_INGRESS;
sess = &priv->ipsec.ip;
@@ -619,7 +619,7 @@ static int
eth_sec_ipsec_sess_create(struct rte_eth_dev *eth_dev,
struct rte_security_ipsec_xform *ipsec,
struct rte_crypto_sym_xform *crypto_xform,
- struct rte_security_session *sess)
+ struct otx2_sec_session *sess)
{
int ret;
@@ -638,22 +638,14 @@ eth_sec_ipsec_sess_create(struct rte_eth_dev *eth_dev,
static int
otx2_eth_sec_session_create(void *device,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ void *sess)
{
- struct otx2_sec_session *priv;
+ struct otx2_sec_session *priv = sess;
int ret;
if (conf->action_type != RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL)
return -ENOTSUP;
- if (rte_mempool_get(mempool, (void **)&priv)) {
- otx2_err("Could not allocate security session private data");
- return -ENOMEM;
- }
-
- set_sec_session_private_data(sess, priv);
-
/*
* Save userdata provided by the application. For ingress packets, this
* could be used to identify the SA.
@@ -663,19 +655,14 @@ otx2_eth_sec_session_create(void *device,
if (conf->protocol == RTE_SECURITY_PROTOCOL_IPSEC)
ret = eth_sec_ipsec_sess_create(device, &conf->ipsec,
conf->crypto_xform,
- sess);
+ priv);
else
ret = -ENOTSUP;
if (ret)
- goto mempool_put;
+ return ret;
return 0;
-
-mempool_put:
- rte_mempool_put(mempool, priv);
- set_sec_session_private_data(sess, NULL);
- return ret;
}
static void
@@ -688,20 +675,14 @@ otx2_eth_sec_free_anti_replay(struct otx2_ipsec_fp_in_sa *sa)
}
static int
-otx2_eth_sec_session_destroy(void *device,
- struct rte_security_session *sess)
+otx2_eth_sec_session_destroy(void *device, void *sess)
{
struct otx2_eth_dev *dev = otx2_eth_pmd_priv(device);
struct otx2_sec_session_ipsec_ip *sess_ip;
struct otx2_ipsec_fp_in_sa *sa;
- struct otx2_sec_session *priv;
- struct rte_mempool *sess_mp;
+ struct otx2_sec_session *priv = sess;
int ret;
- priv = get_sec_session_private_data(sess);
- if (priv == NULL)
- return -EINVAL;
-
sess_ip = &priv->ipsec.ip;
if (priv->ipsec.dir == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {
@@ -727,11 +708,6 @@ otx2_eth_sec_session_destroy(void *device,
return ret;
}
- sess_mp = rte_mempool_from_obj(priv);
-
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(sess_mp, priv);
-
return 0;
}
@@ -742,9 +718,8 @@ otx2_eth_sec_session_get_size(void *device __rte_unused)
}
static int
-otx2_eth_sec_set_pkt_mdata(void *device __rte_unused,
- struct rte_security_session *session,
- struct rte_mbuf *m, void *params __rte_unused)
+otx2_eth_sec_set_pkt_mdata(void *device __rte_unused, void *session,
+ struct rte_mbuf *m, void *params __rte_unused)
{
/* Set security session as the pkt metadata */
*rte_security_dynfield(m) = (rte_security_dynfield_t)session;
@@ -54,7 +54,7 @@ otx2_sec_event_tx(uint64_t base, struct rte_event *ev, struct rte_mbuf *m,
struct nix_iova_s nix_iova;
} *sd;
- priv = get_sec_session_private_data((void *)(*rte_security_dynfield(m)));
+ priv = (void *)(*rte_security_dynfield(m));
sess = &priv->ipsec.ip;
sa = &sess->out_sa;
@@ -349,24 +349,17 @@ txgbe_crypto_remove_sa(struct rte_eth_dev *dev,
static int
txgbe_crypto_create_session(void *device,
struct rte_security_session_conf *conf,
- struct rte_security_session *session,
- struct rte_mempool *mempool)
+ void *session)
{
struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
- struct txgbe_crypto_session *ic_session = NULL;
+ struct txgbe_crypto_session *ic_session = session;
struct rte_crypto_aead_xform *aead_xform;
struct rte_eth_conf *dev_conf = ð_dev->data->dev_conf;
- if (rte_mempool_get(mempool, (void **)&ic_session)) {
- PMD_DRV_LOG(ERR, "Cannot get object from ic_session mempool");
- return -ENOMEM;
- }
-
if (conf->crypto_xform->type != RTE_CRYPTO_SYM_XFORM_AEAD ||
conf->crypto_xform->aead.algo !=
RTE_CRYPTO_AEAD_AES_GCM) {
PMD_DRV_LOG(ERR, "Unsupported crypto transformation mode\n");
- rte_mempool_put(mempool, (void *)ic_session);
return -ENOTSUP;
}
aead_xform = &conf->crypto_xform->aead;
@@ -376,7 +369,6 @@ txgbe_crypto_create_session(void *device,
ic_session->op = TXGBE_OP_AUTHENTICATED_DECRYPTION;
} else {
PMD_DRV_LOG(ERR, "IPsec decryption not enabled\n");
- rte_mempool_put(mempool, (void *)ic_session);
return -ENOTSUP;
}
} else {
@@ -384,7 +376,6 @@ txgbe_crypto_create_session(void *device,
ic_session->op = TXGBE_OP_AUTHENTICATED_ENCRYPTION;
} else {
PMD_DRV_LOG(ERR, "IPsec encryption not enabled\n");
- rte_mempool_put(mempool, (void *)ic_session);
return -ENOTSUP;
}
}
@@ -396,12 +387,9 @@ txgbe_crypto_create_session(void *device,
ic_session->spi = conf->ipsec.spi;
ic_session->dev = eth_dev;
- set_sec_session_private_data(session, ic_session);
-
if (ic_session->op == TXGBE_OP_AUTHENTICATED_ENCRYPTION) {
if (txgbe_crypto_add_sa(ic_session)) {
PMD_DRV_LOG(ERR, "Failed to add SA\n");
- rte_mempool_put(mempool, (void *)ic_session);
return -EPERM;
}
}
@@ -416,14 +404,11 @@ txgbe_crypto_session_get_size(__rte_unused void *device)
}
static int
-txgbe_crypto_remove_session(void *device,
- struct rte_security_session *session)
+txgbe_crypto_remove_session(void *device, void *session)
{
struct rte_eth_dev *eth_dev = device;
struct txgbe_crypto_session *ic_session =
- (struct txgbe_crypto_session *)
- get_sec_session_private_data(session);
- struct rte_mempool *mempool = rte_mempool_from_obj(ic_session);
+ (struct txgbe_crypto_session *)session;
if (eth_dev != ic_session->dev) {
PMD_DRV_LOG(ERR, "Session not bound to this device\n");
@@ -435,8 +420,6 @@ txgbe_crypto_remove_session(void *device,
return -EFAULT;
}
- rte_mempool_put(mempool, (void *)ic_session);
-
return 0;
}
@@ -456,12 +439,11 @@ txgbe_crypto_compute_pad_len(struct rte_mbuf *m)
}
static int
-txgbe_crypto_update_mb(void *device __rte_unused,
- struct rte_security_session *session,
- struct rte_mbuf *m, void *params __rte_unused)
+txgbe_crypto_update_mb(void *device __rte_unused, void *session,
+ struct rte_mbuf *m, void *params __rte_unused)
{
- struct txgbe_crypto_session *ic_session =
- get_sec_session_private_data(session);
+ struct txgbe_crypto_session *ic_session = session;
+
if (ic_session->op == TXGBE_OP_AUTHENTICATED_ENCRYPTION) {
union txgbe_crypto_tx_desc_md *mdata =
(union txgbe_crypto_tx_desc_md *)
@@ -661,8 +643,10 @@ txgbe_crypto_add_ingress_sa_from_flow(const void *sess,
const void *ip_spec,
uint8_t is_ipv6)
{
+ uint64_t sess_ptr = (uint64_t)sess;
struct txgbe_crypto_session *ic_session =
- get_sec_session_private_data(sess);
+ (struct txgbe_crypto_session *)sess_ptr;
+ /* TODO: A proper fix need to be added to remove above typecasting. */
if (ic_session->op == TXGBE_OP_AUTHENTICATED_DECRYPTION) {
if (is_ipv6) {
@@ -117,8 +117,7 @@ create_lookaside_session(struct ipsec_ctx *ipsec_ctx, struct ipsec_sa *sa,
set_ipsec_conf(sa, &(sess_conf.ipsec));
ips->security.ses = rte_security_session_create(ctx,
- &sess_conf, ipsec_ctx->session_pool,
- ipsec_ctx->session_priv_pool);
+ &sess_conf, ipsec_ctx->session_pool);
if (ips->security.ses == NULL) {
RTE_LOG(ERR, IPSEC,
"SEC Session init failed: err: %d\n", ret);
@@ -199,8 +198,7 @@ create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa,
}
ips->security.ses = rte_security_session_create(sec_ctx,
- &sess_conf, skt_ctx->session_pool,
- skt_ctx->session_priv_pool);
+ &sess_conf, skt_ctx->session_pool);
if (ips->security.ses == NULL) {
RTE_LOG(ERR, IPSEC,
"SEC Session init failed: err: %d\n", ret);
@@ -380,8 +378,7 @@ create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa,
sess_conf.userdata = (void *) sa;
ips->security.ses = rte_security_session_create(sec_ctx,
- &sess_conf, skt_ctx->session_pool,
- skt_ctx->session_priv_pool);
+ &sess_conf, skt_ctx->session_pool);
if (ips->security.ses == NULL) {
RTE_LOG(ERR, IPSEC,
"SEC Session init failed: err: %d\n", ret);
@@ -39,35 +39,37 @@ rte_security_dynfield_register(void)
return rte_security_dynfield_offset;
}
-struct rte_security_session *
+void *
rte_security_session_create(struct rte_security_ctx *instance,
struct rte_security_session_conf *conf,
- struct rte_mempool *mp,
- struct rte_mempool *priv_mp)
+ struct rte_mempool *mp)
{
struct rte_security_session *sess = NULL;
RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_create, NULL, NULL);
RTE_PTR_OR_ERR_RET(conf, NULL);
RTE_PTR_OR_ERR_RET(mp, NULL);
- RTE_PTR_OR_ERR_RET(priv_mp, NULL);
+
+ if (mp->elt_size < sizeof(struct rte_security_session) +
+ instance->ops->session_get_size(instance->device))
+ return NULL;
if (rte_mempool_get(mp, (void **)&sess))
return NULL;
if (instance->ops->session_create(instance->device, conf,
- sess, priv_mp)) {
+ sess->sess_private_data)) {
rte_mempool_put(mp, (void *)sess);
return NULL;
}
instance->sess_cnt++;
- return sess;
+ return sess->sess_private_data;
}
int
rte_security_session_update(struct rte_security_ctx *instance,
- struct rte_security_session *sess,
+ void *sess,
struct rte_security_session_conf *conf)
{
RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_update, -EINVAL,
@@ -88,8 +90,7 @@ rte_security_session_get_size(struct rte_security_ctx *instance)
int
rte_security_session_stats_get(struct rte_security_ctx *instance,
- struct rte_security_session *sess,
- struct rte_security_stats *stats)
+ void *sess, struct rte_security_stats *stats)
{
RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_stats_get, -EINVAL,
-ENOTSUP);
@@ -100,9 +101,9 @@ rte_security_session_stats_get(struct rte_security_ctx *instance,
}
int
-rte_security_session_destroy(struct rte_security_ctx *instance,
- struct rte_security_session *sess)
+rte_security_session_destroy(struct rte_security_ctx *instance, void *sess)
{
+ struct rte_security_session *s;
int ret;
RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_destroy, -EINVAL,
@@ -113,7 +114,8 @@ rte_security_session_destroy(struct rte_security_ctx *instance,
if (ret != 0)
return ret;
- rte_mempool_put(rte_mempool_from_obj(sess), (void *)sess);
+ s = container_of(sess, struct rte_security_session, sess_private_data);
+ rte_mempool_put(rte_mempool_from_obj(s), (void *)s);
if (instance->sess_cnt)
instance->sess_cnt--;
@@ -123,7 +125,7 @@ rte_security_session_destroy(struct rte_security_ctx *instance,
int
__rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
- struct rte_security_session *sess,
+ void *sess,
struct rte_mbuf *m, void *params)
{
#ifdef RTE_DEBUG
@@ -509,10 +509,12 @@ struct rte_security_session_conf {
};
struct rte_security_session {
- void *sess_private_data;
- /**< Private session material */
uint64_t opaque_data;
/**< Opaque user defined data */
+ uint64_t fast_mdata;
+ /**< Fast metadata to be used for inline path */
+ __extension__ void *sess_private_data[0];
+ /**< Private session material */
};
/**
@@ -526,11 +528,10 @@ struct rte_security_session {
* - On success, pointer to session
* - On failure, NULL
*/
-struct rte_security_session *
+void *
rte_security_session_create(struct rte_security_ctx *instance,
struct rte_security_session_conf *conf,
- struct rte_mempool *mp,
- struct rte_mempool *priv_mp);
+ struct rte_mempool *mp);
/**
* Update security session as specified by the session configuration
@@ -545,7 +546,7 @@ rte_security_session_create(struct rte_security_ctx *instance,
__rte_experimental
int
rte_security_session_update(struct rte_security_ctx *instance,
- struct rte_security_session *sess,
+ void *sess,
struct rte_security_session_conf *conf);
/**
@@ -576,7 +577,7 @@ rte_security_session_get_size(struct rte_security_ctx *instance);
*/
int
rte_security_session_destroy(struct rte_security_ctx *instance,
- struct rte_security_session *sess);
+ void *sess);
/** Device-specific metadata field type */
typedef uint64_t rte_security_dynfield_t;
@@ -622,7 +623,7 @@ static inline bool rte_security_dynfield_is_registered(void)
/** Function to call PMD specific function pointer set_pkt_metadata() */
__rte_experimental
extern int __rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
- struct rte_security_session *sess,
+ void *sess,
struct rte_mbuf *m, void *params);
/**
@@ -640,13 +641,13 @@ extern int __rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
*/
static inline int
rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
- struct rte_security_session *sess,
+ void *sess,
struct rte_mbuf *mb, void *params)
{
/* Fast Path */
if (instance->flags & RTE_SEC_CTX_F_FAST_SET_MDATA) {
*rte_security_dynfield(mb) =
- (rte_security_dynfield_t)(sess->sess_private_data);
+ (rte_security_dynfield_t)(sess);
return 0;
}
@@ -696,26 +697,13 @@ rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md)
*/
static inline int
__rte_security_attach_session(struct rte_crypto_sym_op *sym_op,
- struct rte_security_session *sess)
+ void *sess)
{
sym_op->sec_session = sess;
return 0;
}
-static inline void *
-get_sec_session_private_data(const struct rte_security_session *sess)
-{
- return sess->sess_private_data;
-}
-
-static inline void
-set_sec_session_private_data(struct rte_security_session *sess,
- void *private_data)
-{
- sess->sess_private_data = private_data;
-}
-
/**
* Attach a session to a crypto operation.
* This API is needed only in case of RTE_SECURITY_SESS_CRYPTO_PROTO_OFFLOAD
@@ -726,8 +714,7 @@ set_sec_session_private_data(struct rte_security_session *sess,
* @param sess security session
*/
static inline int
-rte_security_attach_session(struct rte_crypto_op *op,
- struct rte_security_session *sess)
+rte_security_attach_session(struct rte_crypto_op *op, void *sess)
{
if (unlikely(op->type != RTE_CRYPTO_OP_TYPE_SYMMETRIC))
return -EINVAL;
@@ -789,7 +776,7 @@ struct rte_security_stats {
__rte_experimental
int
rte_security_session_stats_get(struct rte_security_ctx *instance,
- struct rte_security_session *sess,
+ void *sess,
struct rte_security_stats *stats);
/**
@@ -35,8 +35,7 @@ extern "C" {
*/
typedef int (*security_session_create_t)(void *device,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mp);
+ void *sess);
/**
* Free driver private session data.
@@ -44,8 +43,7 @@ typedef int (*security_session_create_t)(void *device,
* @param device Crypto/eth device pointer
* @param sess Security session structure
*/
-typedef int (*security_session_destroy_t)(void *device,
- struct rte_security_session *sess);
+typedef int (*security_session_destroy_t)(void *device, void *sess);
/**
* Update driver private session data.
@@ -60,8 +58,7 @@ typedef int (*security_session_destroy_t)(void *device,
* - Returns -ENOTSUP if crypto device does not support the crypto transform.
*/
typedef int (*security_session_update_t)(void *device,
- struct rte_security_session *sess,
- struct rte_security_session_conf *conf);
+ void *sess, struct rte_security_session_conf *conf);
/**
* Get the size of a security session
@@ -86,8 +83,7 @@ typedef unsigned int (*security_session_get_size)(void *device);
* - Returns -EINVAL if session parameters are invalid.
*/
typedef int (*security_session_stats_get_t)(void *device,
- struct rte_security_session *sess,
- struct rte_security_stats *stats);
+ void *sess, struct rte_security_stats *stats);
__rte_internal
int rte_security_dynfield_register(void);
@@ -96,7 +92,7 @@ int rte_security_dynfield_register(void);
* Update the mbuf with provided metadata.
*
* @param device Crypto/eth device pointer
- * @param sess Security session structure
+ * @param sess Security session
* @param mb Packet buffer
* @param params Metadata
*
@@ -105,7 +101,7 @@ int rte_security_dynfield_register(void);
* - Returns -ve value for errors.
*/
typedef int (*security_set_pkt_metadata_t)(void *device,
- struct rte_security_session *sess, struct rte_mbuf *mb,
+ void *sess, struct rte_mbuf *mb,
void *params);
/**