diff mbox series

[v3,7/8] cryptodev: hide sym session structure

Message ID 20211018213452.2734720-8-gakhil@marvell.com (mailing list archive)
State New
Delegated to: akhil goyal
Headers show
Series crypto/security session framework rework | expand

Checks

Context Check Description
ci/checkpatch success coding style OK

Commit Message

Akhil Goyal Oct. 18, 2021, 9:34 p.m. UTC
Structure rte_cryptodev_sym_session is moved to internal
headers which are not visible to applications.
The only field which should be used by app is opaque_data.
This field can now be accessed via set/get APIs added in this
patch.
Subsequent changes in app and lib are made to compile the code.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
---
 app/test/test_ipsec_perf.c              |  4 +-
 doc/guides/prog_guide/cryptodev_lib.rst | 10 ++---
 doc/guides/rel_notes/deprecation.rst    |  5 ---
 doc/guides/rel_notes/release_21_11.rst  |  7 ++++
 lib/cryptodev/cryptodev_pmd.h           | 22 +++++++++++
 lib/cryptodev/rte_cryptodev.c           | 11 +++---
 lib/cryptodev/rte_cryptodev.h           | 51 ++++++++++++-------------
 lib/cryptodev/rte_cryptodev_trace.h     | 13 ++-----
 lib/ipsec/rte_ipsec.h                   |  2 +-
 lib/ipsec/rte_ipsec_group.h             | 12 +++---
 lib/ipsec/ses.c                         |  3 +-
 11 files changed, 78 insertions(+), 62 deletions(-)
diff mbox series

Patch

diff --git a/app/test/test_ipsec_perf.c b/app/test/test_ipsec_perf.c
index 92106bf374..7e1cc7b920 100644
--- a/app/test/test_ipsec_perf.c
+++ b/app/test/test_ipsec_perf.c
@@ -215,7 +215,7 @@  static int
 create_sa(enum rte_security_session_action_type action_type,
 	  struct ipsec_sa *sa)
 {
-	static struct rte_cryptodev_sym_session dummy_ses;
+	static uint64_t dummy_ses[10];
 	size_t sz;
 	int rc;
 
@@ -235,7 +235,7 @@  create_sa(enum rte_security_session_action_type action_type,
 		"failed to allocate memory for rte_ipsec_sa\n");
 
 	sa->ss[0].type = action_type;
-	sa->ss[0].crypto.ses = &dummy_ses;
+	sa->ss[0].crypto.ses = dummy_ses;
 
 	rc = rte_ipsec_sa_init(sa->ss[0].sa, &sa->sa_prm, sz);
 	rc = (rc > 0 && (uint32_t)rc <= sz) ? 0 : -EINVAL;
diff --git a/doc/guides/prog_guide/cryptodev_lib.rst b/doc/guides/prog_guide/cryptodev_lib.rst
index 9b1cf8d49f..ffebb8b404 100644
--- a/doc/guides/prog_guide/cryptodev_lib.rst
+++ b/doc/guides/prog_guide/cryptodev_lib.rst
@@ -125,13 +125,11 @@  Each queue pairs resources may be allocated on a specified socket.
         uint32_t nb_descriptors; /**< Number of descriptors per queue pair */
         struct rte_mempool *mp_session;
         /**< The mempool for creating session in sessionless mode */
-        struct rte_mempool *mp_session_private;
-        /**< The mempool for creating sess private data in sessionless mode */
     };
 
 
-The fields ``mp_session`` and ``mp_session_private`` are used for creating
-temporary session to process the crypto operations in the session-less mode.
+The field ``mp_session`` is used for creating temporary session to process
+the crypto operations in the session-less mode.
 They can be the same other different mempools. Please note not all Cryptodev
 PMDs supports session-less mode.
 
@@ -942,13 +940,13 @@  using one of the crypto PMDs available in DPDK.
     };
 
     /* Create crypto session and initialize it for the crypto device. */
-    struct rte_cryptodev_sym_session *session;
+    void *session;
     session = rte_cryptodev_sym_session_create(session_pool);
     if (session == NULL)
         rte_exit(EXIT_FAILURE, "Session could not be created\n");
 
     if (rte_cryptodev_sym_session_init(cdev_id, session,
-                    &cipher_xform, session_priv_pool) < 0)
+                    &cipher_xform) < 0)
         rte_exit(EXIT_FAILURE, "Session could not be initialized "
                     "for the crypto device\n");
 
diff --git a/doc/guides/rel_notes/deprecation.rst b/doc/guides/rel_notes/deprecation.rst
index 3add00a8be..3870b6f95c 100644
--- a/doc/guides/rel_notes/deprecation.rst
+++ b/doc/guides/rel_notes/deprecation.rst
@@ -174,11 +174,6 @@  Deprecation Notices
   and ``rte_vhost_driver_set_protocol_features`` functions will be removed
   and the API functions will be made stable in DPDK 21.11.
 
-* cryptodev: Hide structures ``rte_cryptodev_sym_session`` and
-  ``rte_cryptodev_asym_session`` to remove unnecessary indirection between
-  session and the private data of session. An opaque pointer can be exposed
-  directly to application which can be attached to the ``rte_crypto_op``.
-
 * eventdev: The file ``rte_eventdev_pmd.h`` will be renamed to ``eventdev_driver.h``
   to make the driver interface as internal and the structures ``rte_eventdev_data``,
   ``rte_eventdev`` and ``rte_eventdevs`` will be moved to a new file named
diff --git a/doc/guides/rel_notes/release_21_11.rst b/doc/guides/rel_notes/release_21_11.rst
index 7f1872167e..5b14e7d177 100644
--- a/doc/guides/rel_notes/release_21_11.rst
+++ b/doc/guides/rel_notes/release_21_11.rst
@@ -281,6 +281,13 @@  API Changes
 * cryptodev: The structure ``rte_crypto_sym_vec`` was updated to add
   ``dest_sgl`` to support out of place processing.
 
+* cryptodev: The structure ``rte_cryptodev_sym_session`` was moved to
+  cryptodev_pmd.h and was hidden from the application. The APIs to create/init and
+  destroy sym crypto session were updated to take a single mempool with element size
+  enough to hold session data and session private data. Inline APIs was created to
+  get and set the session data. All sample applications were updated to attach an
+  opaque pointer for the session to the ``rte_crypto_op`` while enqueuing.
+
 * security: The structure ``rte_security_session`` was moved to rte_security_driver.h
   and was hidden from the application. The APIs to create and destroy session were
   updated to take a single mempool with element size enough to hold session data
diff --git a/lib/cryptodev/cryptodev_pmd.h b/lib/cryptodev/cryptodev_pmd.h
index d35e66d3b5..7810ca5b6f 100644
--- a/lib/cryptodev/cryptodev_pmd.h
+++ b/lib/cryptodev/cryptodev_pmd.h
@@ -602,6 +602,28 @@  void
 cryptodev_fp_ops_set(struct rte_crypto_fp_ops *fp_ops,
 		     const struct rte_cryptodev *dev);
 
+/**
+ * @internal
+ * Cryptodev symmetric crypto session
+ * Each session is derived from a fixed xform chain. Therefore each session
+ * has a fixed algo, key, op-type, digest_len etc.
+ */
+struct rte_cryptodev_sym_session {
+	uint64_t opaque_data;
+	/**< Can be used for external metadata */
+	uint16_t nb_drivers;
+	/**< number of elements in sess_data array */
+	uint16_t user_data_sz;
+	/**< session user data will be placed after sess_data */
+	uint16_t priv_sz;
+	/**< Maximum private session data size which each driver can use */
+	__extension__ struct {
+		void *data;
+		uint16_t refcnt;
+	} sess_data[0];
+	/**< Driver specific session material, variable size */
+};
+
 static inline void *
 get_sym_session_private_data(const struct rte_cryptodev_sym_session *sess,
 		uint8_t driver_id) {
diff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.c
index 783e33bef6..4ab9b0f7af 100644
--- a/lib/cryptodev/rte_cryptodev.c
+++ b/lib/cryptodev/rte_cryptodev.c
@@ -2127,11 +2127,11 @@  rte_cryptodev_asym_get_private_session_size(uint8_t dev_id)
 }
 
 int
-rte_cryptodev_sym_session_set_user_data(
-					struct rte_cryptodev_sym_session *sess,
+rte_cryptodev_sym_session_set_user_data(void *session,
 					void *data,
 					uint16_t size)
 {
+	struct rte_cryptodev_sym_session *sess = session;
 	if (sess == NULL)
 		return -EINVAL;
 
@@ -2143,9 +2143,9 @@  rte_cryptodev_sym_session_set_user_data(
 }
 
 void *
-rte_cryptodev_sym_session_get_user_data(
-					struct rte_cryptodev_sym_session *sess)
+rte_cryptodev_sym_session_get_user_data(void *session)
 {
+	struct rte_cryptodev_sym_session *sess = session;
 	if (sess == NULL || sess->user_data_sz == 0)
 		return NULL;
 
@@ -2162,9 +2162,10 @@  sym_crypto_fill_status(struct rte_crypto_sym_vec *vec, int32_t errnum)
 
 uint32_t
 rte_cryptodev_sym_cpu_crypto_process(uint8_t dev_id,
-	struct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs ofs,
+	void *session, union rte_crypto_sym_ofs ofs,
 	struct rte_crypto_sym_vec *vec)
 {
+	struct rte_cryptodev_sym_session *sess = session;
 	struct rte_cryptodev *dev;
 
 	if (!rte_cryptodev_is_valid_dev(dev_id)) {
diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h
index 68271fd7e3..a122aa1961 100644
--- a/lib/cryptodev/rte_cryptodev.h
+++ b/lib/cryptodev/rte_cryptodev.h
@@ -897,26 +897,6 @@  struct rte_cryptodev_cb_rcu {
 void *
 rte_cryptodev_get_sec_ctx(uint8_t dev_id);
 
-/** Cryptodev symmetric crypto session
- * Each session is derived from a fixed xform chain. Therefore each session
- * has a fixed algo, key, op-type, digest_len etc.
- */
-struct rte_cryptodev_sym_session {
-	uint64_t opaque_data;
-	/**< Can be used for external metadata */
-	uint16_t nb_drivers;
-	/**< number of elements in sess_data array */
-	uint16_t user_data_sz;
-	/**< session user data will be placed after sess_data */
-	uint16_t priv_sz;
-	/**< Maximum private session data size which each driver can use */
-	__extension__ struct {
-		void *data;
-		uint16_t refcnt;
-	} sess_data[0];
-	/**< Driver specific session material, variable size */
-};
-
 /** Cryptodev asymmetric crypto session */
 struct rte_cryptodev_asym_session {
 	__extension__ void *sess_private_data[0];
@@ -1194,8 +1174,7 @@  const char *rte_cryptodev_driver_name_get(uint8_t driver_id);
  */
 __rte_experimental
 int
-rte_cryptodev_sym_session_set_user_data(
-					struct rte_cryptodev_sym_session *sess,
+rte_cryptodev_sym_session_set_user_data(void *sess,
 					void *data,
 					uint16_t size);
 
@@ -1211,8 +1190,7 @@  rte_cryptodev_sym_session_set_user_data(
  */
 __rte_experimental
 void *
-rte_cryptodev_sym_session_get_user_data(
-					struct rte_cryptodev_sym_session *sess);
+rte_cryptodev_sym_session_get_user_data(void *sess);
 
 /**
  * Perform actual crypto processing (encrypt/digest or auth/decrypt)
@@ -1229,7 +1207,7 @@  rte_cryptodev_sym_session_get_user_data(
 __rte_experimental
 uint32_t
 rte_cryptodev_sym_cpu_crypto_process(uint8_t dev_id,
-	struct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs ofs,
+	void *sess, union rte_crypto_sym_ofs ofs,
 	struct rte_crypto_sym_vec *vec);
 
 /**
@@ -1250,11 +1228,32 @@  rte_cryptodev_get_raw_dp_ctx_size(uint8_t dev_id);
  * pointer.
  */
 union rte_cryptodev_session_ctx {
-	struct rte_cryptodev_sym_session *crypto_sess;
+	void *crypto_sess;
 	struct rte_crypto_sym_xform *xform;
 	struct rte_security_session *sec_sess;
 };
 
+#define CRYPTO_SESS_OPAQUE_DATA_OFF 0
+/**
+ * Get opaque data from session handle
+ */
+static inline uint64_t
+rte_cryptodev_sym_session_opaque_data_get(void *sess)
+{
+	return *((uint64_t *)sess - CRYPTO_SESS_OPAQUE_DATA_OFF);
+}
+
+/**
+ * Set opaque data in session handle
+ */
+static inline void
+rte_cryptodev_sym_session_opaque_data_set(void *sess, uint64_t opaque)
+{
+	uint64_t *data;
+	data = (((uint64_t *)sess) - CRYPTO_SESS_OPAQUE_DATA_OFF);
+	*data = opaque;
+}
+
 /**
  * Enqueue a vectorized operation descriptor into the device queue but the
  * driver may or may not start processing until rte_cryptodev_raw_enqueue_done()
diff --git a/lib/cryptodev/rte_cryptodev_trace.h b/lib/cryptodev/rte_cryptodev_trace.h
index 44da04c425..7d0e3773e6 100644
--- a/lib/cryptodev/rte_cryptodev_trace.h
+++ b/lib/cryptodev/rte_cryptodev_trace.h
@@ -73,13 +73,9 @@  RTE_TRACE_POINT(
 
 RTE_TRACE_POINT(
 	rte_cryptodev_trace_sym_session_create,
-	RTE_TRACE_POINT_ARGS(void *mempool,
-		struct rte_cryptodev_sym_session *sess),
+	RTE_TRACE_POINT_ARGS(void *mempool, void *sess),
 	rte_trace_point_emit_ptr(mempool);
 	rte_trace_point_emit_ptr(sess);
-	rte_trace_point_emit_u64(sess->opaque_data);
-	rte_trace_point_emit_u16(sess->nb_drivers);
-	rte_trace_point_emit_u16(sess->user_data_sz);
 )
 
 RTE_TRACE_POINT(
@@ -92,7 +88,7 @@  RTE_TRACE_POINT(
 
 RTE_TRACE_POINT(
 	rte_cryptodev_trace_sym_session_free,
-	RTE_TRACE_POINT_ARGS(struct rte_cryptodev_sym_session *sess),
+	RTE_TRACE_POINT_ARGS(void *sess),
 	rte_trace_point_emit_ptr(sess);
 )
 
@@ -105,12 +101,9 @@  RTE_TRACE_POINT(
 RTE_TRACE_POINT(
 	rte_cryptodev_trace_sym_session_init,
 	RTE_TRACE_POINT_ARGS(uint8_t dev_id,
-		struct rte_cryptodev_sym_session *sess, void *xforms),
+		void *sess, void *xforms),
 	rte_trace_point_emit_u8(dev_id);
 	rte_trace_point_emit_ptr(sess);
-	rte_trace_point_emit_u64(sess->opaque_data);
-	rte_trace_point_emit_u16(sess->nb_drivers);
-	rte_trace_point_emit_u16(sess->user_data_sz);
 	rte_trace_point_emit_ptr(xforms);
 )
 
diff --git a/lib/ipsec/rte_ipsec.h b/lib/ipsec/rte_ipsec.h
index 163a2d72b9..5bc4bde6e8 100644
--- a/lib/ipsec/rte_ipsec.h
+++ b/lib/ipsec/rte_ipsec.h
@@ -66,7 +66,7 @@  struct rte_ipsec_session {
 	/** session and related data */
 	union {
 		struct {
-			struct rte_cryptodev_sym_session *ses;
+			void *ses;
 			uint8_t dev_id;
 		} crypto;
 		struct {
diff --git a/lib/ipsec/rte_ipsec_group.h b/lib/ipsec/rte_ipsec_group.h
index 0cc5fedbf1..e27d4e6f4c 100644
--- a/lib/ipsec/rte_ipsec_group.h
+++ b/lib/ipsec/rte_ipsec_group.h
@@ -44,16 +44,16 @@  struct rte_ipsec_group {
 static inline struct rte_ipsec_session *
 rte_ipsec_ses_from_crypto(const struct rte_crypto_op *cop)
 {
-	void *ss;
-	const struct rte_cryptodev_sym_session *cs;
+	void *ses;
 
 	if (cop->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
-		ss = cop->sym[0].sec_session;
+		ses = cop->sym[0].sec_session;
 		return (void *)(uintptr_t)
-			rte_security_session_opaque_data_get(ss);
+			rte_security_session_opaque_data_get(ses);
 	} else if (cop->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
-		cs = cop->sym[0].session;
-		return (void *)(uintptr_t)cs->opaque_data;
+		ses = cop->sym[0].session;
+		return (void *)(uintptr_t)
+			rte_cryptodev_sym_session_opaque_data_get(ses);
 	}
 	return NULL;
 }
diff --git a/lib/ipsec/ses.c b/lib/ipsec/ses.c
index b12114269f..bfd3cbf1d3 100644
--- a/lib/ipsec/ses.c
+++ b/lib/ipsec/ses.c
@@ -45,7 +45,8 @@  rte_ipsec_session_prepare(struct rte_ipsec_session *ss)
 	ss->pkt_func = fp;
 
 	if (ss->type == RTE_SECURITY_ACTION_TYPE_NONE)
-		ss->crypto.ses->opaque_data = (uintptr_t)ss;
+		rte_cryptodev_sym_session_opaque_data_set(
+				ss->crypto.ses, (uintptr_t)ss);
 	else
 		rte_security_session_opaque_data_set(ss->security.ses,
 				(uintptr_t)ss);