diff mbox series

[07/11] crypto/dpaa2_sec: adding session update API support

Message ID 20240703102649.3096530-8-g.singh@nxp.com (mailing list archive)
State Accepted, archived
Delegated to: akhil goyal
Headers
Series DPAA and DPAA2 crypto specific fixes |

Checks

Context Check Description
ci/checkpatch success coding style OK

Commit Message

Gagandeep Singh July 3, 2024, 10:26 a.m. UTC 
From: Hemant Agrawal <hemant.agrawal@nxp.com>

This patch add support for Session Update API for RTE Security sessions.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 37 +++++++++++++++++++--
 1 file changed, 34 insertions(+), 3 deletions(-)
diff mbox series

Patch

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 922a35e3ee..4f80cfea5e 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -3134,8 +3134,11 @@  dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev,
 
 		if (ipsec_xform->options.iv_gen_disable == 0)
 			encap_pdb.options |= PDBOPTS_ESP_IVSRC;
-		if (ipsec_xform->options.esn)
+		if (ipsec_xform->options.esn) {
 			encap_pdb.options |= PDBOPTS_ESP_ESN;
+			encap_pdb.seq_num_ext_hi = conf->ipsec.esn.hi;
+			encap_pdb.seq_num = conf->ipsec.esn.low;
+		}
 		if (ipsec_xform->options.copy_dscp)
 			encap_pdb.options |= PDBOPTS_ESP_DIFFSERV;
 		if (ipsec_xform->options.ecn)
@@ -3264,8 +3267,11 @@  dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev,
 		} else {
 			decap_pdb.options = sizeof(struct rte_ipv6_hdr) << 16;
 		}
-		if (ipsec_xform->options.esn)
+		if (ipsec_xform->options.esn) {
 			decap_pdb.options |= PDBOPTS_ESP_ESN;
+			decap_pdb.seq_num_ext_hi = conf->ipsec.esn.hi;
+			decap_pdb.seq_num = conf->ipsec.esn.low;
+		}
 		if (ipsec_xform->options.copy_dscp)
 			decap_pdb.options |= PDBOPTS_ESP_DIFFSERV;
 		if (ipsec_xform->options.ecn)
@@ -3699,6 +3705,31 @@  dpaa2_sec_security_session_destroy(void *dev __rte_unused,
 	return 0;
 }
 
+static int
+dpaa2_sec_security_session_update(void *dev,
+			struct rte_security_session *sess,
+			struct rte_security_session_conf *conf)
+{
+	struct rte_cryptodev *cdev = (struct rte_cryptodev *)dev;
+	void *sess_private_data = SECURITY_GET_SESS_PRIV(sess);
+	int ret;
+
+	if (conf->protocol != RTE_SECURITY_PROTOCOL_IPSEC &&
+		conf->ipsec.direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS)
+		return -ENOTSUP;
+
+	dpaa2_sec_security_session_destroy(dev, sess);
+
+	ret = dpaa2_sec_set_ipsec_session(cdev, conf,
+				sess_private_data);
+	if (ret != 0) {
+		DPAA2_SEC_DEBUG("Failed to configure session parameters %d", ret);
+		return ret;
+	}
+
+	return ret;
+}
+
 static unsigned int
 dpaa2_sec_security_session_get_size(void *device __rte_unused)
 {
@@ -4153,7 +4184,7 @@  dpaa2_sec_capabilities_get(void *device __rte_unused)
 
 static const struct rte_security_ops dpaa2_sec_security_ops = {
 	.session_create = dpaa2_sec_security_session_create,
-	.session_update = NULL,
+	.session_update = dpaa2_sec_security_session_update,
 	.session_get_size = dpaa2_sec_security_session_get_size,
 	.session_stats_get = NULL,
 	.session_destroy = dpaa2_sec_security_session_destroy,