@@ -228,15 +228,14 @@ cn10k_eth_sec_sso_work_cb(uint64_t *gw, void *args)
static int
cn10k_eth_sec_session_create(void *device,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ void *sess_priv)
{
struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
+ struct cnxk_eth_sec_sess *eth_sec = sess_priv;
struct rte_security_ipsec_xform *ipsec;
- struct cn10k_sec_sess_priv sess_priv;
+ struct cn10k_sec_sess_priv fast_mdata;
struct rte_crypto_sym_xform *crypto;
- struct cnxk_eth_sec_sess *eth_sec;
bool inbound, inl_dev;
int rc = 0;
@@ -264,13 +263,8 @@ cn10k_eth_sec_session_create(void *device,
return -EEXIST;
}
- if (rte_mempool_get(mempool, (void **)ð_sec)) {
- plt_err("Could not allocate security session private data");
- return -ENOMEM;
- }
-
memset(eth_sec, 0, sizeof(struct cnxk_eth_sec_sess));
- sess_priv.u64 = 0;
+ fast_mdata.u64 = 0;
/* Acquire lock on inline dev for inbound */
if (inbound && inl_dev)
@@ -290,11 +284,11 @@ cn10k_eth_sec_session_create(void *device,
plt_err("Failed to create ingress sa, inline dev "
"not found or spi not in range");
rc = -ENOTSUP;
- goto mempool_put;
+ goto err;
} else if (!sa) {
plt_err("Failed to create ingress sa");
rc = -EFAULT;
- goto mempool_put;
+ goto err;
}
inb_sa = (struct roc_ot_ipsec_inb_sa *)sa;
@@ -304,7 +298,7 @@ cn10k_eth_sec_session_create(void *device,
plt_err("Inbound SA with SPI %u already in use",
ipsec->spi);
rc = -EBUSY;
- goto mempool_put;
+ goto err;
}
memset(inb_sa, 0, sizeof(struct roc_ot_ipsec_inb_sa));
@@ -313,7 +307,7 @@ cn10k_eth_sec_session_create(void *device,
rc = cnxk_ot_ipsec_inb_sa_fill(inb_sa, ipsec, crypto);
if (rc) {
plt_err("Failed to init inbound sa, rc=%d", rc);
- goto mempool_put;
+ goto err;
}
inb_priv = roc_nix_inl_ot_ipsec_inb_sa_sw_rsvd(inb_sa);
@@ -326,12 +320,11 @@ cn10k_eth_sec_session_create(void *device,
inb_sa->w1.s.cookie = rte_cpu_to_be_32(ipsec->spi);
/* Prepare session priv */
- sess_priv.inb_sa = 1;
- sess_priv.sa_idx = ipsec->spi;
+ fast_mdata.inb_sa = 1;
+ fast_mdata.sa_idx = ipsec->spi;
/* Pointer from eth_sec -> inb_sa */
eth_sec->sa = inb_sa;
- eth_sec->sess = sess;
eth_sec->sa_idx = ipsec->spi;
eth_sec->spi = ipsec->spi;
eth_sec->inl_dev = !!dev->inb.inl_dev;
@@ -352,7 +345,7 @@ cn10k_eth_sec_session_create(void *device,
/* Alloc an sa index */
rc = cnxk_eth_outb_sa_idx_get(dev, &sa_idx);
if (rc)
- goto mempool_put;
+ goto err;
outb_sa = roc_nix_inl_ot_ipsec_outb_sa(sa_base, sa_idx);
outb_priv = roc_nix_inl_ot_ipsec_outb_sa_sw_rsvd(outb_sa);
@@ -365,7 +358,7 @@ cn10k_eth_sec_session_create(void *device,
if (rc) {
plt_err("Failed to init outbound sa, rc=%d", rc);
rc |= cnxk_eth_outb_sa_idx_put(dev, sa_idx);
- goto mempool_put;
+ goto err;
}
/* Save userdata */
@@ -377,16 +370,15 @@ cn10k_eth_sec_session_create(void *device,
cnxk_ipsec_outb_rlens_get(rlens, ipsec, crypto);
/* Prepare session priv */
- sess_priv.sa_idx = outb_priv->sa_idx;
- sess_priv.roundup_byte = rlens->roundup_byte;
- sess_priv.roundup_len = rlens->roundup_len;
- sess_priv.partial_len = rlens->partial_len;
- sess_priv.mode = outb_sa->w2.s.ipsec_mode;
- sess_priv.outer_ip_ver = outb_sa->w2.s.outer_ip_ver;
+ fast_mdata.sa_idx = outb_priv->sa_idx;
+ fast_mdata.roundup_byte = rlens->roundup_byte;
+ fast_mdata.roundup_len = rlens->roundup_len;
+ fast_mdata.partial_len = rlens->partial_len;
+ fast_mdata.mode = outb_sa->w2.s.ipsec_mode;
+ fast_mdata.outer_ip_ver = outb_sa->w2.s.outer_ip_ver;
/* Pointer from eth_sec -> outb_sa */
eth_sec->sa = outb_sa;
- eth_sec->sess = sess;
eth_sec->sa_idx = sa_idx;
eth_sec->spi = ipsec->spi;
@@ -407,29 +399,23 @@ cn10k_eth_sec_session_create(void *device,
/*
* Update fast path info in priv area.
*/
- set_sec_session_private_data(sess, (void *)sess_priv.u64);
+ rte_security_session_fast_mdata_set(sess_priv, fast_mdata.u64);
return 0;
-mempool_put:
+err:
if (inbound && inl_dev)
roc_nix_inl_dev_unlock();
- rte_mempool_put(mempool, eth_sec);
return rc;
}
static int
-cn10k_eth_sec_session_destroy(void *device, struct rte_security_session *sess)
+cn10k_eth_sec_session_destroy(void *device, void *sess_priv)
{
struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
- struct roc_ot_ipsec_inb_sa *inb_sa;
+ struct cnxk_eth_sec_sess *eth_sec = sess_priv;
struct roc_ot_ipsec_outb_sa *outb_sa;
- struct cnxk_eth_sec_sess *eth_sec;
- struct rte_mempool *mp;
-
- eth_sec = cnxk_eth_sec_sess_get_by_sess(dev, sess);
- if (!eth_sec)
- return -ENOENT;
+ struct roc_ot_ipsec_inb_sa *inb_sa;
if (eth_sec->inl_dev)
roc_nix_inl_dev_lock();
@@ -464,9 +450,7 @@ cn10k_eth_sec_session_destroy(void *device, struct rte_security_session *sess)
eth_sec->sa_idx, eth_sec->inl_dev);
/* Put eth_sec object back to pool */
- mp = rte_mempool_from_obj(eth_sec);
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(mp, eth_sec);
+ rte_security_session_fast_mdata_set(sess_priv, 0);
return 0;
}
@@ -137,15 +137,14 @@ ar_window_init(struct cn9k_inb_priv_data *inb_priv)
static int
cn9k_eth_sec_session_create(void *device,
struct rte_security_session_conf *conf,
- struct rte_security_session *sess,
- struct rte_mempool *mempool)
+ void *sess_priv)
{
struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
+ struct cnxk_eth_sec_sess *eth_sec = sess_priv;
struct rte_security_ipsec_xform *ipsec;
- struct cn9k_sec_sess_priv sess_priv;
+ struct cn9k_sec_sess_priv fast_mdata;
struct rte_crypto_sym_xform *crypto;
- struct cnxk_eth_sec_sess *eth_sec;
bool inbound;
int rc = 0;
@@ -169,13 +168,8 @@ cn9k_eth_sec_session_create(void *device,
return -EEXIST;
}
- if (rte_mempool_get(mempool, (void **)ð_sec)) {
- plt_err("Could not allocate security session private data");
- return -ENOMEM;
- }
-
memset(eth_sec, 0, sizeof(struct cnxk_eth_sec_sess));
- sess_priv.u64 = 0;
+ fast_mdata.u64 = 0;
if (inbound) {
struct cn9k_inb_priv_data *inb_priv;
@@ -192,7 +186,7 @@ cn9k_eth_sec_session_create(void *device,
if (!inb_sa) {
plt_err("Failed to create ingress sa");
rc = -EFAULT;
- goto mempool_put;
+ goto err;
}
/* Check if SA is already in use */
@@ -200,7 +194,7 @@ cn9k_eth_sec_session_create(void *device,
plt_err("Inbound SA with SPI %u already in use",
ipsec->spi);
rc = -EBUSY;
- goto mempool_put;
+ goto err;
}
memset(inb_sa, 0, sizeof(struct roc_onf_ipsec_inb_sa));
@@ -209,7 +203,7 @@ cn9k_eth_sec_session_create(void *device,
rc = cnxk_onf_ipsec_inb_sa_fill(inb_sa, ipsec, crypto);
if (rc) {
plt_err("Failed to init inbound sa, rc=%d", rc);
- goto mempool_put;
+ goto err;
}
inb_priv = roc_nix_inl_onf_ipsec_inb_sa_sw_rsvd(inb_sa);
@@ -223,16 +217,15 @@ cn9k_eth_sec_session_create(void *device,
if (inb_priv->replay_win_sz) {
rc = ar_window_init(inb_priv);
if (rc)
- goto mempool_put;
+ goto err;
}
/* Prepare session priv */
- sess_priv.inb_sa = 1;
- sess_priv.sa_idx = ipsec->spi;
+ fast_mdata.inb_sa = 1;
+ fast_mdata.sa_idx = ipsec->spi;
/* Pointer from eth_sec -> inb_sa */
eth_sec->sa = inb_sa;
- eth_sec->sess = sess;
eth_sec->sa_idx = ipsec->spi;
eth_sec->spi = ipsec->spi;
eth_sec->inb = true;
@@ -252,7 +245,7 @@ cn9k_eth_sec_session_create(void *device,
/* Alloc an sa index */
rc = cnxk_eth_outb_sa_idx_get(dev, &sa_idx);
if (rc)
- goto mempool_put;
+ goto err;
outb_sa = roc_nix_inl_onf_ipsec_outb_sa(sa_base, sa_idx);
outb_priv = roc_nix_inl_onf_ipsec_outb_sa_sw_rsvd(outb_sa);
@@ -265,7 +258,7 @@ cn9k_eth_sec_session_create(void *device,
if (rc) {
plt_err("Failed to init outbound sa, rc=%d", rc);
rc |= cnxk_eth_outb_sa_idx_put(dev, sa_idx);
- goto mempool_put;
+ goto err;
}
/* Save userdata */
@@ -282,14 +275,13 @@ cn9k_eth_sec_session_create(void *device,
/* Save rlen info */
cnxk_ipsec_outb_rlens_get(rlens, ipsec, crypto);
- sess_priv.sa_idx = outb_priv->sa_idx;
- sess_priv.roundup_byte = rlens->roundup_byte;
- sess_priv.roundup_len = rlens->roundup_len;
- sess_priv.partial_len = rlens->partial_len;
+ fast_mdata.sa_idx = outb_priv->sa_idx;
+ fast_mdata.roundup_byte = rlens->roundup_byte;
+ fast_mdata.roundup_len = rlens->roundup_len;
+ fast_mdata.partial_len = rlens->partial_len;
/* Pointer from eth_sec -> outb_sa */
eth_sec->sa = outb_sa;
- eth_sec->sess = sess;
eth_sec->sa_idx = sa_idx;
eth_sec->spi = ipsec->spi;
@@ -306,27 +298,21 @@ cn9k_eth_sec_session_create(void *device,
/*
* Update fast path info in priv area.
*/
- set_sec_session_private_data(sess, (void *)sess_priv.u64);
+ rte_security_session_fast_mdata_set(sess_priv, fast_mdata.u64);
return 0;
-mempool_put:
- rte_mempool_put(mempool, eth_sec);
+err:
return rc;
}
static int
-cn9k_eth_sec_session_destroy(void *device, struct rte_security_session *sess)
+cn9k_eth_sec_session_destroy(void *device, void *sess_priv)
{
struct rte_eth_dev *eth_dev = (struct rte_eth_dev *)device;
struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev);
+ struct cnxk_eth_sec_sess *eth_sec = sess_priv;
struct roc_onf_ipsec_outb_sa *outb_sa;
struct roc_onf_ipsec_inb_sa *inb_sa;
- struct cnxk_eth_sec_sess *eth_sec;
- struct rte_mempool *mp;
-
- eth_sec = cnxk_eth_sec_sess_get_by_sess(dev, sess);
- if (!eth_sec)
- return -ENOENT;
if (eth_sec->inb) {
inb_sa = eth_sec->sa;
@@ -353,10 +339,7 @@ cn9k_eth_sec_session_destroy(void *device, struct rte_security_session *sess)
eth_sec->inb ? "inbound" : "outbound", eth_sec->spi,
eth_sec->sa_idx);
- /* Put eth_sec object back to pool */
- mp = rte_mempool_from_obj(eth_sec);
- set_sec_session_private_data(sess, NULL);
- rte_mempool_put(mp, eth_sec);
+ rte_security_session_fast_mdata_set(sess_priv, 0);
return 0;
}
@@ -154,8 +154,7 @@ nix_security_release(struct cnxk_eth_dev *dev)
/* Destroy inbound sessions */
tvar = NULL;
RTE_TAILQ_FOREACH_SAFE(eth_sec, &dev->inb.list, entry, tvar)
- cnxk_eth_sec_ops.session_destroy(eth_dev,
- eth_sec->sess);
+ cnxk_eth_sec_ops.session_destroy(eth_dev, eth_sec);
/* Clear lookup mem */
cnxk_nix_lookup_mem_sa_base_clear(dev);
@@ -172,8 +171,7 @@ nix_security_release(struct cnxk_eth_dev *dev)
/* Destroy outbound sessions */
tvar = NULL;
RTE_TAILQ_FOREACH_SAFE(eth_sec, &dev->outb.list, entry, tvar)
- cnxk_eth_sec_ops.session_destroy(eth_dev,
- eth_sec->sess);
+ cnxk_eth_sec_ops.session_destroy(eth_dev, eth_sec);
rc = roc_nix_inl_outb_fini(nix);
if (rc)
@@ -174,9 +174,6 @@ struct cnxk_eth_sec_sess {
/* SPI */
uint32_t spi;
- /* Back pointer to session */
- struct rte_security_session *sess;
-
/* Inbound */
bool inb;
@@ -497,9 +494,6 @@ __rte_internal
int cnxk_nix_inb_mode_set(struct cnxk_eth_dev *dev, bool use_inl_dev);
struct cnxk_eth_sec_sess *cnxk_eth_sec_sess_get_by_spi(struct cnxk_eth_dev *dev,
uint32_t spi, bool inb);
-struct cnxk_eth_sec_sess *
-cnxk_eth_sec_sess_get_by_sess(struct cnxk_eth_dev *dev,
- struct rte_security_session *sess);
/* Other private functions */
int nix_recalc_mtu(struct rte_eth_dev *eth_dev);
@@ -87,27 +87,6 @@ cnxk_eth_sec_sess_get_by_spi(struct cnxk_eth_dev *dev, uint32_t spi, bool inb)
return NULL;
}
-struct cnxk_eth_sec_sess *
-cnxk_eth_sec_sess_get_by_sess(struct cnxk_eth_dev *dev,
- struct rte_security_session *sess)
-{
- struct cnxk_eth_sec_sess *eth_sec = NULL;
-
- /* Search in inbound list */
- TAILQ_FOREACH(eth_sec, &dev->inb.list, entry) {
- if (eth_sec->sess == sess)
- return eth_sec;
- }
-
- /* Search in outbound list */
- TAILQ_FOREACH(eth_sec, &dev->outb.list, entry) {
- if (eth_sec->sess == sess)
- return eth_sec;
- }
-
- return NULL;
-}
-
static unsigned int
cnxk_eth_sec_session_get_size(void *device __rte_unused)
{
@@ -12,7 +12,7 @@ drivers = [
'bnx2x',
'bnxt',
'bonding',
-# 'cnxk',
+ 'cnxk',
'cxgbe',
'dpaa',
'dpaa2',