22 set_ipsec_conf(struct ipsec_sa *sa, struct rte_security_ipsec_xform *ipsec)  in set_ipsec_conf()  argument
27 		if (IS_IP4_TUNNEL(sa->flags)) {  in set_ipsec_conf()
33 				(uint8_t *)&sa->src.ip.ip4, 4);  in set_ipsec_conf()
36 				(uint8_t *)&sa->dst.ip.ip4, 4);  in set_ipsec_conf()
37 		} else if (IS_IP6_TUNNEL(sa->flags)) {  in set_ipsec_conf()
45 				(uint8_t *)&sa->src.ip.ip6.ip6_b, 16);  in set_ipsec_conf()
48 				(uint8_t *)&sa->dst.ip.ip6.ip6_b, 16);  in set_ipsec_conf()
58 create_lookaside_session(struct ipsec_ctx *ipsec_ctx, struct ipsec_sa *sa,  in create_lookaside_session()  argument
68 	key.cipher_algo = (uint8_t)sa->cipher_algo;  in create_lookaside_session()
69 	key.auth_algo = (uint8_t)sa->auth_algo;  in create_lookaside_session()
70 	key.aead_algo = (uint8_t)sa->aead_algo;  in create_lookaside_session()
86 			"%u qp %u\n", sa->spi,  in create_lookaside_session()
96 				.spi = sa->spi,  in create_lookaside_session()
97 				.salt = sa->salt,  in create_lookaside_session()
100 				.direction = sa->direction,  in create_lookaside_session()
102 				.mode = (IS_TUNNEL(sa->flags)) ?  in create_lookaside_session()
106 			.crypto_xform = sa->xforms,  in create_lookaside_session()
117 			set_ipsec_conf(sa, &(sess_conf.ipsec));  in create_lookaside_session()
147 				ips->crypto.ses, sa->xforms,  in create_lookaside_session()
154 	sa->cdev_id_qp = cdev_id_qp;  in create_lookaside_session()
160 create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa,  in create_inline_session()  argument
169 			.spi = sa->spi,  in create_inline_session()
170 			.salt = sa->salt,  in create_inline_session()
173 			.direction = sa->direction,  in create_inline_session()
175 			.mode = (sa->flags == IP4_TUNNEL ||  in create_inline_session()
176 					sa->flags == IP6_TUNNEL) ?  in create_inline_session()
180 		.crypto_xform = sa->xforms,  in create_inline_session()
185 		sa->spi, sa->portid);  in create_inline_session()
194 					sa->portid);  in create_inline_session()
219 			    sec_cap->ipsec.direction == sa->direction)  in create_inline_session()
232 		sa->pattern[0].type = RTE_FLOW_ITEM_TYPE_ETH;  in create_inline_session()
234 		if (IS_IP6(sa->flags)) {  in create_inline_session()
235 			sa->pattern[1].mask = &rte_flow_item_ipv6_mask;  in create_inline_session()
236 			sa->pattern[1].type = RTE_FLOW_ITEM_TYPE_IPV6;  in create_inline_session()
237 			sa->pattern[1].spec = &sa->ipv6_spec;  in create_inline_session()
239 			memcpy(sa->ipv6_spec.hdr.dst_addr,  in create_inline_session()
240 				sa->dst.ip.ip6.ip6_b, 16);  in create_inline_session()
241 			memcpy(sa->ipv6_spec.hdr.src_addr,  in create_inline_session()
242 			       sa->src.ip.ip6.ip6_b, 16);  in create_inline_session()
243 		} else if (IS_IP4(sa->flags)) {  in create_inline_session()
244 			sa->pattern[1].mask = &rte_flow_item_ipv4_mask;  in create_inline_session()
245 			sa->pattern[1].type = RTE_FLOW_ITEM_TYPE_IPV4;  in create_inline_session()
246 			sa->pattern[1].spec = &sa->ipv4_spec;  in create_inline_session()
248 			sa->ipv4_spec.hdr.dst_addr = sa->dst.ip.ip4;  in create_inline_session()
249 			sa->ipv4_spec.hdr.src_addr = sa->src.ip.ip4;  in create_inline_session()
252 		sa->pattern[2].type = RTE_FLOW_ITEM_TYPE_ESP;  in create_inline_session()
253 		sa->pattern[2].spec = &sa->esp_spec;  in create_inline_session()
254 		sa->pattern[2].mask = &rte_flow_item_esp_mask;  in create_inline_session()
255 		sa->esp_spec.hdr.spi = rte_cpu_to_be_32(sa->spi);  in create_inline_session()
257 		sa->pattern[3].type = RTE_FLOW_ITEM_TYPE_END;  in create_inline_session()
259 		sa->action[0].type = RTE_FLOW_ACTION_TYPE_SECURITY;  in create_inline_session()
260 		sa->action[0].conf = ips->security.ses;  in create_inline_session()
262 		sa->action[1].type = RTE_FLOW_ACTION_TYPE_END;  in create_inline_session()
264 		sa->attr.egress = (sa->direction ==  in create_inline_session()
266 		sa->attr.ingress = (sa->direction ==  in create_inline_session()
268 		if (sa->attr.ingress) {  in create_inline_session()
281 			if (flow_info_tbl[sa->portid].rx_def_flow)  in create_inline_session()
284 			ret = rte_eth_dev_info_get(sa->portid, &dev_info);  in create_inline_session()
288 					sa->portid, strerror(-ret));  in create_inline_session()
292 			sa->action[2].type = RTE_FLOW_ACTION_TYPE_END;  in create_inline_session()
294 			sa->action[1].type = RTE_FLOW_ACTION_TYPE_RSS;  in create_inline_session()
295 			sa->action[1].conf = &action_rss;  in create_inline_session()
296 			ret = rte_eth_dev_rss_hash_conf_get(sa->portid,  in create_inline_session()
314 			ret = rte_flow_validate(sa->portid, &sa->attr,  in create_inline_session()
315 						sa->pattern, sa->action,  in create_inline_session()
320 			sa->action[1].type = RTE_FLOW_ACTION_TYPE_QUEUE;  in create_inline_session()
321 			sa->action[1].conf =  in create_inline_session()
325 			ret = rte_flow_validate(sa->portid, &sa->attr,  in create_inline_session()
326 						sa->pattern, sa->action,  in create_inline_session()
329 			sa->action[1].type = RTE_FLOW_ACTION_TYPE_END;  in create_inline_session()
330 			sa->action[1].conf = NULL;  in create_inline_session()
331 			ret = rte_flow_validate(sa->portid, &sa->attr,  in create_inline_session()
332 						sa->pattern, sa->action,  in create_inline_session()
336 		} else if (sa->attr.egress &&  in create_inline_session()
339 			sa->action[1].type =  in create_inline_session()
341 			sa->action[2].type =  in create_inline_session()
345 		sa->flow = rte_flow_create(sa->portid,  in create_inline_session()
346 				&sa->attr, sa->pattern, sa->action, &err);  in create_inline_session()
347 		if (sa->flow == NULL) {  in create_inline_session()
358 				rte_eth_dev_get_sec_ctx(sa->portid);  in create_inline_session()
367 		set_ipsec_conf(sa, &(sess_conf.ipsec));  in create_inline_session()
380 		sess_conf.userdata = (void *) sa;  in create_inline_session()
406 			    sec_cap->ipsec.direction == sa->direction)  in create_inline_session()
425 create_ipsec_esp_flow(struct ipsec_sa *sa)  in create_ipsec_esp_flow()  argument
429 	if (sa->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {  in create_ipsec_esp_flow()
434 	if (sa->flags == TRANSPORT) {  in create_ipsec_esp_flow()
439 	sa->action[0].type = RTE_FLOW_ACTION_TYPE_QUEUE;  in create_ipsec_esp_flow()
440 	sa->pattern[0].type = RTE_FLOW_ITEM_TYPE_ETH;  in create_ipsec_esp_flow()
441 	sa->action[0].conf = &(struct rte_flow_action_queue) {  in create_ipsec_esp_flow()
442 				.index = sa->fdir_qid,  in create_ipsec_esp_flow()
444 	sa->attr.egress = 0;  in create_ipsec_esp_flow()
445 	sa->attr.ingress = 1;  in create_ipsec_esp_flow()
446 	if (IS_IP6(sa->flags)) {  in create_ipsec_esp_flow()
447 		sa->pattern[1].mask = &rte_flow_item_ipv6_mask;  in create_ipsec_esp_flow()
448 		sa->pattern[1].type = RTE_FLOW_ITEM_TYPE_IPV6;  in create_ipsec_esp_flow()
449 		sa->pattern[1].spec = &sa->ipv6_spec;  in create_ipsec_esp_flow()
450 		memcpy(sa->ipv6_spec.hdr.dst_addr,  in create_ipsec_esp_flow()
451 			sa->dst.ip.ip6.ip6_b, sizeof(sa->dst.ip.ip6.ip6_b));  in create_ipsec_esp_flow()
452 		memcpy(sa->ipv6_spec.hdr.src_addr,  in create_ipsec_esp_flow()
453 			sa->src.ip.ip6.ip6_b, sizeof(sa->src.ip.ip6.ip6_b));  in create_ipsec_esp_flow()
454 		sa->pattern[2].type = RTE_FLOW_ITEM_TYPE_ESP;  in create_ipsec_esp_flow()
455 		sa->pattern[2].spec = &sa->esp_spec;  in create_ipsec_esp_flow()
456 		sa->pattern[2].mask = &rte_flow_item_esp_mask;  in create_ipsec_esp_flow()
457 		sa->esp_spec.hdr.spi = rte_cpu_to_be_32(sa->spi);  in create_ipsec_esp_flow()
458 		sa->pattern[3].type = RTE_FLOW_ITEM_TYPE_END;  in create_ipsec_esp_flow()
459 	} else if (IS_IP4(sa->flags)) {  in create_ipsec_esp_flow()
460 		sa->pattern[1].mask = &rte_flow_item_ipv4_mask;  in create_ipsec_esp_flow()
461 		sa->pattern[1].type = RTE_FLOW_ITEM_TYPE_IPV4;  in create_ipsec_esp_flow()
462 		sa->pattern[1].spec = &sa->ipv4_spec;  in create_ipsec_esp_flow()
463 		sa->ipv4_spec.hdr.dst_addr = sa->dst.ip.ip4;  in create_ipsec_esp_flow()
464 		sa->ipv4_spec.hdr.src_addr = sa->src.ip.ip4;  in create_ipsec_esp_flow()
465 		sa->pattern[2].type = RTE_FLOW_ITEM_TYPE_ESP;  in create_ipsec_esp_flow()
466 		sa->pattern[2].spec = &sa->esp_spec;  in create_ipsec_esp_flow()
467 		sa->pattern[2].mask = &rte_flow_item_esp_mask;  in create_ipsec_esp_flow()
468 		sa->esp_spec.hdr.spi = rte_cpu_to_be_32(sa->spi);  in create_ipsec_esp_flow()
469 		sa->pattern[3].type = RTE_FLOW_ITEM_TYPE_END;  in create_ipsec_esp_flow()
471 	sa->action[1].type = RTE_FLOW_ACTION_TYPE_END;  in create_ipsec_esp_flow()
473 	ret = rte_flow_validate(sa->portid, &sa->attr, sa->pattern, sa->action,  in create_ipsec_esp_flow()
480 	sa->flow = rte_flow_create(sa->portid, &sa->attr, sa->pattern,  in create_ipsec_esp_flow()
481 					sa->action, &err);  in create_ipsec_esp_flow()
482 	if (!sa->flow) {  in create_ipsec_esp_flow()
529 	struct ipsec_sa *sa;  in ipsec_enqueue()  local
542 		sa = ipsec_mask_saptr(sas[i]);  in ipsec_enqueue()
543 		priv->sa = sa;  in ipsec_enqueue()
544 		ips = ipsec_get_primary_session(sa);  in ipsec_enqueue()
554 				create_lookaside_session(ipsec_ctx, sa, ips)) {  in ipsec_enqueue()
580 				create_lookaside_session(ipsec_ctx, sa, ips)) {  in ipsec_enqueue()
588 			ret = xform_func(pkts[i], sa, &priv->cop);  in ipsec_enqueue()
612 			ret = xform_func(pkts[i], sa, &priv->cop);  in ipsec_enqueue()
627 		RTE_ASSERT(sa->cdev_id_qp < ipsec_ctx->nb_qps);  in ipsec_enqueue()
628 		enqueue_cop(&ipsec_ctx->tbl[sa->cdev_id_qp], &priv->cop);  in ipsec_enqueue()
638 	struct ipsec_sa *sa;  in ipsec_inline_dequeue()  local
646 		sa = priv->sa;  in ipsec_inline_dequeue()
647 		ret = xform_func(pkt, sa, &priv->cop);  in ipsec_inline_dequeue()
665 	struct ipsec_sa *sa;  in ipsec_dequeue()  local
688 			sa = priv->sa;  in ipsec_dequeue()
690 			RTE_ASSERT(sa != NULL);  in ipsec_dequeue()
692 			if (ipsec_get_action_type(sa) ==  in ipsec_dequeue()
694 				ret = xform_func(pkt, sa, cops[j]);  in ipsec_dequeue()
699 			} else if (ipsec_get_action_type(sa) ==  in ipsec_dequeue()