@@ -215,7 +215,7 @@ static int
create_sa(enum rte_security_session_action_type action_type,
struct ipsec_sa *sa)
{
- static struct rte_cryptodev_sym_session dummy_ses;
+ static uint64_t dummy_ses[10];
size_t sz;
int rc;
@@ -235,7 +235,7 @@ create_sa(enum rte_security_session_action_type action_type,
"failed to allocate memory for rte_ipsec_sa\n");
sa->ss[0].type = action_type;
- sa->ss[0].crypto.ses = &dummy_ses;
+ sa->ss[0].crypto.ses = dummy_ses;
rc = rte_ipsec_sa_init(sa->ss[0].sa, &sa->sa_prm, sz);
rc = (rc > 0 && (uint32_t)rc <= sz) ? 0 : -EINVAL;
@@ -125,13 +125,11 @@ Each queue pairs resources may be allocated on a specified socket.
uint32_t nb_descriptors; /**< Number of descriptors per queue pair */
struct rte_mempool *mp_session;
/**< The mempool for creating session in sessionless mode */
- struct rte_mempool *mp_session_private;
- /**< The mempool for creating sess private data in sessionless mode */
};
-The fields ``mp_session`` and ``mp_session_private`` are used for creating
-temporary session to process the crypto operations in the session-less mode.
+The field ``mp_session`` is used for creating temporary session to process
+the crypto operations in the session-less mode.
They can be the same other different mempools. Please note not all Cryptodev
PMDs supports session-less mode.
@@ -942,13 +940,13 @@ using one of the crypto PMDs available in DPDK.
};
/* Create crypto session and initialize it for the crypto device. */
- struct rte_cryptodev_sym_session *session;
+ void *session;
session = rte_cryptodev_sym_session_create(session_pool);
if (session == NULL)
rte_exit(EXIT_FAILURE, "Session could not be created\n");
if (rte_cryptodev_sym_session_init(cdev_id, session,
- &cipher_xform, session_priv_pool) < 0)
+ &cipher_xform) < 0)
rte_exit(EXIT_FAILURE, "Session could not be initialized "
"for the crypto device\n");
@@ -174,11 +174,6 @@ Deprecation Notices
and ``rte_vhost_driver_set_protocol_features`` functions will be removed
and the API functions will be made stable in DPDK 21.11.
-* cryptodev: Hide structures ``rte_cryptodev_sym_session`` and
- ``rte_cryptodev_asym_session`` to remove unnecessary indirection between
- session and the private data of session. An opaque pointer can be exposed
- directly to application which can be attached to the ``rte_crypto_op``.
-
* eventdev: The file ``rte_eventdev_pmd.h`` will be renamed to ``eventdev_driver.h``
to make the driver interface as internal and the structures ``rte_eventdev_data``,
``rte_eventdev`` and ``rte_eventdevs`` will be moved to a new file named
@@ -281,6 +281,13 @@ API Changes
* cryptodev: The structure ``rte_crypto_sym_vec`` was updated to add
``dest_sgl`` to support out of place processing.
+* cryptodev: The structure ``rte_cryptodev_sym_session`` was moved to
+ cryptodev_pmd.h and was hidden from the application. The APIs to create/init and
+ destroy sym crypto session were updated to take a single mempool with element size
+ enough to hold session data and session private data. Inline APIs was created to
+ get and set the session data. All sample applications were updated to attach an
+ opaque pointer for the session to the ``rte_crypto_op`` while enqueuing.
+
* security: The structure ``rte_security_session`` was moved to rte_security_driver.h
and was hidden from the application. The APIs to create and destroy session were
updated to take a single mempool with element size enough to hold session data
@@ -602,6 +602,28 @@ void
cryptodev_fp_ops_set(struct rte_crypto_fp_ops *fp_ops,
const struct rte_cryptodev *dev);
+/**
+ * @internal
+ * Cryptodev symmetric crypto session
+ * Each session is derived from a fixed xform chain. Therefore each session
+ * has a fixed algo, key, op-type, digest_len etc.
+ */
+struct rte_cryptodev_sym_session {
+ uint64_t opaque_data;
+ /**< Can be used for external metadata */
+ uint16_t nb_drivers;
+ /**< number of elements in sess_data array */
+ uint16_t user_data_sz;
+ /**< session user data will be placed after sess_data */
+ uint16_t priv_sz;
+ /**< Maximum private session data size which each driver can use */
+ __extension__ struct {
+ void *data;
+ uint16_t refcnt;
+ } sess_data[0];
+ /**< Driver specific session material, variable size */
+};
+
static inline void *
get_sym_session_private_data(const struct rte_cryptodev_sym_session *sess,
uint8_t driver_id) {
@@ -2127,11 +2127,11 @@ rte_cryptodev_asym_get_private_session_size(uint8_t dev_id)
}
int
-rte_cryptodev_sym_session_set_user_data(
- struct rte_cryptodev_sym_session *sess,
+rte_cryptodev_sym_session_set_user_data(void *session,
void *data,
uint16_t size)
{
+ struct rte_cryptodev_sym_session *sess = session;
if (sess == NULL)
return -EINVAL;
@@ -2143,9 +2143,9 @@ rte_cryptodev_sym_session_set_user_data(
}
void *
-rte_cryptodev_sym_session_get_user_data(
- struct rte_cryptodev_sym_session *sess)
+rte_cryptodev_sym_session_get_user_data(void *session)
{
+ struct rte_cryptodev_sym_session *sess = session;
if (sess == NULL || sess->user_data_sz == 0)
return NULL;
@@ -2162,9 +2162,10 @@ sym_crypto_fill_status(struct rte_crypto_sym_vec *vec, int32_t errnum)
uint32_t
rte_cryptodev_sym_cpu_crypto_process(uint8_t dev_id,
- struct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs ofs,
+ void *session, union rte_crypto_sym_ofs ofs,
struct rte_crypto_sym_vec *vec)
{
+ struct rte_cryptodev_sym_session *sess = session;
struct rte_cryptodev *dev;
if (!rte_cryptodev_is_valid_dev(dev_id)) {
@@ -897,26 +897,6 @@ struct rte_cryptodev_cb_rcu {
void *
rte_cryptodev_get_sec_ctx(uint8_t dev_id);
-/** Cryptodev symmetric crypto session
- * Each session is derived from a fixed xform chain. Therefore each session
- * has a fixed algo, key, op-type, digest_len etc.
- */
-struct rte_cryptodev_sym_session {
- uint64_t opaque_data;
- /**< Can be used for external metadata */
- uint16_t nb_drivers;
- /**< number of elements in sess_data array */
- uint16_t user_data_sz;
- /**< session user data will be placed after sess_data */
- uint16_t priv_sz;
- /**< Maximum private session data size which each driver can use */
- __extension__ struct {
- void *data;
- uint16_t refcnt;
- } sess_data[0];
- /**< Driver specific session material, variable size */
-};
-
/** Cryptodev asymmetric crypto session */
struct rte_cryptodev_asym_session {
__extension__ void *sess_private_data[0];
@@ -1194,8 +1174,7 @@ const char *rte_cryptodev_driver_name_get(uint8_t driver_id);
*/
__rte_experimental
int
-rte_cryptodev_sym_session_set_user_data(
- struct rte_cryptodev_sym_session *sess,
+rte_cryptodev_sym_session_set_user_data(void *sess,
void *data,
uint16_t size);
@@ -1211,8 +1190,7 @@ rte_cryptodev_sym_session_set_user_data(
*/
__rte_experimental
void *
-rte_cryptodev_sym_session_get_user_data(
- struct rte_cryptodev_sym_session *sess);
+rte_cryptodev_sym_session_get_user_data(void *sess);
/**
* Perform actual crypto processing (encrypt/digest or auth/decrypt)
@@ -1229,7 +1207,7 @@ rte_cryptodev_sym_session_get_user_data(
__rte_experimental
uint32_t
rte_cryptodev_sym_cpu_crypto_process(uint8_t dev_id,
- struct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs ofs,
+ void *sess, union rte_crypto_sym_ofs ofs,
struct rte_crypto_sym_vec *vec);
/**
@@ -1250,11 +1228,32 @@ rte_cryptodev_get_raw_dp_ctx_size(uint8_t dev_id);
* pointer.
*/
union rte_cryptodev_session_ctx {
- struct rte_cryptodev_sym_session *crypto_sess;
+ void *crypto_sess;
struct rte_crypto_sym_xform *xform;
struct rte_security_session *sec_sess;
};
+#define CRYPTO_SESS_OPAQUE_DATA_OFF 0
+/**
+ * Get opaque data from session handle
+ */
+static inline uint64_t
+rte_cryptodev_sym_session_opaque_data_get(void *sess)
+{
+ return *((uint64_t *)sess - CRYPTO_SESS_OPAQUE_DATA_OFF);
+}
+
+/**
+ * Set opaque data in session handle
+ */
+static inline void
+rte_cryptodev_sym_session_opaque_data_set(void *sess, uint64_t opaque)
+{
+ uint64_t *data;
+ data = (((uint64_t *)sess) - CRYPTO_SESS_OPAQUE_DATA_OFF);
+ *data = opaque;
+}
+
/**
* Enqueue a vectorized operation descriptor into the device queue but the
* driver may or may not start processing until rte_cryptodev_raw_enqueue_done()
@@ -73,13 +73,9 @@ RTE_TRACE_POINT(
RTE_TRACE_POINT(
rte_cryptodev_trace_sym_session_create,
- RTE_TRACE_POINT_ARGS(void *mempool,
- struct rte_cryptodev_sym_session *sess),
+ RTE_TRACE_POINT_ARGS(void *mempool, void *sess),
rte_trace_point_emit_ptr(mempool);
rte_trace_point_emit_ptr(sess);
- rte_trace_point_emit_u64(sess->opaque_data);
- rte_trace_point_emit_u16(sess->nb_drivers);
- rte_trace_point_emit_u16(sess->user_data_sz);
)
RTE_TRACE_POINT(
@@ -92,7 +88,7 @@ RTE_TRACE_POINT(
RTE_TRACE_POINT(
rte_cryptodev_trace_sym_session_free,
- RTE_TRACE_POINT_ARGS(struct rte_cryptodev_sym_session *sess),
+ RTE_TRACE_POINT_ARGS(void *sess),
rte_trace_point_emit_ptr(sess);
)
@@ -105,12 +101,9 @@ RTE_TRACE_POINT(
RTE_TRACE_POINT(
rte_cryptodev_trace_sym_session_init,
RTE_TRACE_POINT_ARGS(uint8_t dev_id,
- struct rte_cryptodev_sym_session *sess, void *xforms),
+ void *sess, void *xforms),
rte_trace_point_emit_u8(dev_id);
rte_trace_point_emit_ptr(sess);
- rte_trace_point_emit_u64(sess->opaque_data);
- rte_trace_point_emit_u16(sess->nb_drivers);
- rte_trace_point_emit_u16(sess->user_data_sz);
rte_trace_point_emit_ptr(xforms);
)
@@ -66,7 +66,7 @@ struct rte_ipsec_session {
/** session and related data */
union {
struct {
- struct rte_cryptodev_sym_session *ses;
+ void *ses;
uint8_t dev_id;
} crypto;
struct {
@@ -44,16 +44,16 @@ struct rte_ipsec_group {
static inline struct rte_ipsec_session *
rte_ipsec_ses_from_crypto(const struct rte_crypto_op *cop)
{
- void *ss;
- const struct rte_cryptodev_sym_session *cs;
+ void *ses;
if (cop->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
- ss = cop->sym[0].sec_session;
+ ses = cop->sym[0].sec_session;
return (void *)(uintptr_t)
- rte_security_session_opaque_data_get(ss);
+ rte_security_session_opaque_data_get(ses);
} else if (cop->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
- cs = cop->sym[0].session;
- return (void *)(uintptr_t)cs->opaque_data;
+ ses = cop->sym[0].session;
+ return (void *)(uintptr_t)
+ rte_cryptodev_sym_session_opaque_data_get(ses);
}
return NULL;
}
@@ -45,7 +45,8 @@ rte_ipsec_session_prepare(struct rte_ipsec_session *ss)
ss->pkt_func = fp;
if (ss->type == RTE_SECURITY_ACTION_TYPE_NONE)
- ss->crypto.ses->opaque_data = (uintptr_t)ss;
+ rte_cryptodev_sym_session_opaque_data_set(
+ ss->crypto.ses, (uintptr_t)ss);
else
rte_security_session_opaque_data_set(ss->security.ses,
(uintptr_t)ss);
Structure rte_cryptodev_sym_session is moved to internal headers which are not visible to applications. The only field which should be used by app is opaque_data. This field can now be accessed via set/get APIs added in this patch. Subsequent changes in app and lib are made to compile the code. Signed-off-by: Akhil Goyal <gakhil@marvell.com> --- app/test/test_ipsec_perf.c | 4 +- doc/guides/prog_guide/cryptodev_lib.rst | 10 ++--- doc/guides/rel_notes/deprecation.rst | 5 --- doc/guides/rel_notes/release_21_11.rst | 7 ++++ lib/cryptodev/cryptodev_pmd.h | 22 +++++++++++ lib/cryptodev/rte_cryptodev.c | 11 +++--- lib/cryptodev/rte_cryptodev.h | 51 ++++++++++++------------- lib/cryptodev/rte_cryptodev_trace.h | 13 ++----- lib/ipsec/rte_ipsec.h | 2 +- lib/ipsec/rte_ipsec_group.h | 12 +++--- lib/ipsec/ses.c | 3 +- 11 files changed, 78 insertions(+), 62 deletions(-)