From: Nithinsen Kaithakadan <nkaithaka...@marvell.com>
Receive cpt context ilen as devarg parameter
and configure lf.
Signed-off-by: Nithinsen Kaithakadan <nkaithaka...@marvell.com>
---
doc/guides/cryptodevs/cnxk.rst | 11 +++++
drivers/common/cnxk/cnxk_security.c | 20 ++++++--
drivers/common/cnxk/cnxk_security.h | 25 +++++-----
drivers/common/cnxk/roc_cpt.c | 8 +++-
drivers/common/cnxk/roc_cpt.h | 1 +
drivers/crypto/cnxk/cn10k_ipsec.c | 4 +-
drivers/crypto/cnxk/cn10k_tls.c | 16 +++++--
drivers/crypto/cnxk/cn20k_ipsec.c | 4 +-
drivers/crypto/cnxk/cnxk_cryptodev.h | 1 +
drivers/crypto/cnxk/cnxk_cryptodev_devargs.c | 49 ++++++++++++++++++++
drivers/crypto/cnxk/cnxk_cryptodev_ops.c | 3 ++
drivers/net/cnxk/cn10k_ethdev_sec.c | 14 +++---
drivers/net/cnxk/cn20k_ethdev_sec.c | 8 ++--
13 files changed, 126 insertions(+), 38 deletions(-)
diff --git a/doc/guides/cryptodevs/cnxk.rst b/doc/guides/cryptodevs/cnxk.rst
index 77e6a8e68d..c29a2cbb92 100644
--- a/doc/guides/cryptodevs/cnxk.rst
+++ b/doc/guides/cryptodevs/cnxk.rst
@@ -200,6 +200,17 @@ Runtime Config Options
With the above configuration, QP 20 will be used by the device for Rx
injection
in security in fallback mechanism scenario.
+- ``Context ilen value`` (default ``0``)
+
+ Initial context fetch length value for CPT context.
+
+ For example::
+
+ -a 0002:20:00.1,ctx_ilen=4
+
+ With the above configuration, CPT initial context fetch size will be set to
+ 4+1 128 bytes blocks.
+
Debugging Options
-----------------
diff --git a/drivers/common/cnxk/cnxk_security.c
b/drivers/common/cnxk/cnxk_security.c
index 0e6777e6ca..600098ae1c 100644
--- a/drivers/common/cnxk/cnxk_security.c
+++ b/drivers/common/cnxk/cnxk_security.c
@@ -309,7 +309,7 @@ RTE_EXPORT_INTERNAL_SYMBOL(cnxk_ot_ipsec_inb_sa_fill)
int
cnxk_ot_ipsec_inb_sa_fill(struct roc_ot_ipsec_inb_sa *sa,
struct rte_security_ipsec_xform *ipsec_xfrm,
- struct rte_crypto_sym_xform *crypto_xfrm)
+ struct rte_crypto_sym_xform *crypto_xfrm, uint8_t
ctx_ilen)
{
uint16_t sport = 4500, dport = 4500;
union roc_ot_ipsec_sa_word2 w2;
@@ -383,6 +383,9 @@ cnxk_ot_ipsec_inb_sa_fill(struct roc_ot_ipsec_inb_sa *sa,
ROC_CTX_UNIT_128B) -
1;
+ if (sa->w0.s.ctx_size < ctx_ilen)
+ sa->w0.s.ctx_size = ctx_ilen;
+
/**
* CPT MC triggers expiry when counter value changes from 2 to 1. To
* mitigate this behaviour add 1 to the life counter values provided.
@@ -419,7 +422,7 @@ RTE_EXPORT_INTERNAL_SYMBOL(cnxk_ot_ipsec_outb_sa_fill)
int
cnxk_ot_ipsec_outb_sa_fill(struct roc_ot_ipsec_outb_sa *sa,
struct rte_security_ipsec_xform *ipsec_xfrm,
- struct rte_crypto_sym_xform *crypto_xfrm)
+ struct rte_crypto_sym_xform *crypto_xfrm, uint8_t
ctx_ilen)
{
struct rte_security_ipsec_tunnel_param *tunnel = &ipsec_xfrm->tunnel;
uint16_t sport = 4500, dport = 4500;
@@ -541,6 +544,9 @@ cnxk_ot_ipsec_outb_sa_fill(struct roc_ot_ipsec_outb_sa *sa,
ROC_CTX_UNIT_128B) -
1;
+ if (sa->w0.s.ctx_size < ctx_ilen)
+ sa->w0.s.ctx_size = ctx_ilen;
+
/* IPID gen */
sa->w2.s.ipid_gen = 1;
@@ -1488,7 +1494,7 @@ RTE_EXPORT_INTERNAL_SYMBOL(cnxk_ow_ipsec_inb_sa_fill)
int
cnxk_ow_ipsec_inb_sa_fill(struct roc_ow_ipsec_inb_sa *sa,
struct rte_security_ipsec_xform *ipsec_xfrm,
- struct rte_crypto_sym_xform *crypto_xfrm)
+ struct rte_crypto_sym_xform *crypto_xfrm, uint8_t
ctx_ilen)
{
uint16_t sport = 4500, dport = 4500;
union roc_ow_ipsec_sa_word2 w2;
@@ -1559,6 +1565,9 @@ cnxk_ow_ipsec_inb_sa_fill(struct roc_ow_ipsec_inb_sa *sa,
(PLT_ALIGN_CEIL(ow_ipsec_inb_ctx_size(sa), ROC_CTX_UNIT_128B) /
ROC_CTX_UNIT_128B) -
1;
+ if (sa->w0.s.ctx_size < ctx_ilen)
+ sa->w0.s.ctx_size = ctx_ilen;
+
/**
* CPT MC triggers expiry when counter value changes from 2 to 1. To
* mitigate this behaviour add 1 to the life counter values provided.
@@ -1595,7 +1604,7 @@ RTE_EXPORT_INTERNAL_SYMBOL(cnxk_ow_ipsec_outb_sa_fill)
int
cnxk_ow_ipsec_outb_sa_fill(struct roc_ow_ipsec_outb_sa *sa,
struct rte_security_ipsec_xform *ipsec_xfrm,
- struct rte_crypto_sym_xform *crypto_xfrm)
+ struct rte_crypto_sym_xform *crypto_xfrm, uint8_t
ctx_ilen)
{
struct rte_security_ipsec_tunnel_param *tunnel = &ipsec_xfrm->tunnel;
uint16_t sport = 4500, dport = 4500;
@@ -1711,6 +1720,9 @@ cnxk_ow_ipsec_outb_sa_fill(struct roc_ow_ipsec_outb_sa
*sa,
/* IPID gen */
sa->w2.s.ipid_gen = 1;
+ if (sa->w0.s.ctx_size < ctx_ilen)
+ sa->w0.s.ctx_size = ctx_ilen;
+
/**
* CPT MC triggers expiry when counter value changes from 2 to 1. To
* mitigate this behaviour add 1 to the life counter values provided.
diff --git a/drivers/common/cnxk/cnxk_security.h
b/drivers/common/cnxk/cnxk_security.h
index e324fa2cb9..3912c8d376 100644
--- a/drivers/common/cnxk/cnxk_security.h
+++ b/drivers/common/cnxk/cnxk_security.h
@@ -33,19 +33,17 @@ cnxk_ipsec_icvlen_get(enum rte_crypto_cipher_algorithm
c_algo,
enum rte_crypto_auth_algorithm a_algo,
enum rte_crypto_aead_algorithm aead_algo);
-uint8_t __roc_api
-cnxk_ipsec_outb_roundup_byte(enum rte_crypto_cipher_algorithm c_algo,
- enum rte_crypto_aead_algorithm aead_algo);
+uint8_t __roc_api cnxk_ipsec_outb_roundup_byte(enum
rte_crypto_cipher_algorithm c_algo,
+ enum rte_crypto_aead_algorithm
aead_algo);
/* [CN10K] */
-int __roc_api
-cnxk_ot_ipsec_inb_sa_fill(struct roc_ot_ipsec_inb_sa *sa,
- struct rte_security_ipsec_xform *ipsec_xfrm,
- struct rte_crypto_sym_xform *crypto_xfrm);
-int __roc_api
-cnxk_ot_ipsec_outb_sa_fill(struct roc_ot_ipsec_outb_sa *sa,
- struct rte_security_ipsec_xform *ipsec_xfrm,
- struct rte_crypto_sym_xform *crypto_xfrm);
+int __roc_api cnxk_ot_ipsec_inb_sa_fill(struct roc_ot_ipsec_inb_sa *sa,
+ struct rte_security_ipsec_xform
*ipsec_xfrm,
+ struct rte_crypto_sym_xform
*crypto_xfrm, uint8_t ctx_ilen);
+int __roc_api cnxk_ot_ipsec_outb_sa_fill(struct roc_ot_ipsec_outb_sa *sa,
+ struct rte_security_ipsec_xform
*ipsec_xfrm,
+ struct rte_crypto_sym_xform
*crypto_xfrm,
+ uint8_t ctx_ilen);
bool __roc_api cnxk_ot_ipsec_inb_sa_valid(struct roc_ot_ipsec_inb_sa *sa);
bool __roc_api cnxk_ot_ipsec_outb_sa_valid(struct roc_ot_ipsec_outb_sa *sa);
@@ -60,10 +58,11 @@ int __roc_api cnxk_on_ipsec_outb_sa_create(struct
rte_security_ipsec_xform *ipse
/* [CN20K, .) */
int __roc_api cnxk_ow_ipsec_inb_sa_fill(struct roc_ow_ipsec_inb_sa *sa,
struct rte_security_ipsec_xform
*ipsec_xfrm,
- struct rte_crypto_sym_xform
*crypto_xfrm);
+ struct rte_crypto_sym_xform
*crypto_xfrm, uint8_t ctx_ilen);
int __roc_api cnxk_ow_ipsec_outb_sa_fill(struct roc_ow_ipsec_outb_sa *sa,
struct rte_security_ipsec_xform
*ipsec_xfrm,
- struct rte_crypto_sym_xform
*crypto_xfrm);
+ struct rte_crypto_sym_xform
*crypto_xfrm,
+ uint8_t ctx_ilen);
bool __roc_api cnxk_ow_ipsec_inb_sa_valid(struct roc_ow_ipsec_inb_sa *sa);
bool __roc_api cnxk_ow_ipsec_outb_sa_valid(struct roc_ow_ipsec_outb_sa *sa);
#endif /* _CNXK_SECURITY_H__ */
diff --git a/drivers/common/cnxk/roc_cpt.c b/drivers/common/cnxk/roc_cpt.c
index d1ba2b8858..fa040b5f4f 100644
--- a/drivers/common/cnxk/roc_cpt.c
+++ b/drivers/common/cnxk/roc_cpt.c
@@ -632,10 +632,16 @@ roc_cpt_dev_configure(struct roc_cpt *roc_cpt, int nb_lf,
bool rxc_ena, uint16_t
eng_grpmsk = (1 << roc_cpt->eng_grp[CPT_ENG_TYPE_AE]) |
(1 << roc_cpt->eng_grp[CPT_ENG_TYPE_SE]);
- if (roc_errata_cpt_has_ctx_fetch_issue()) {
+ if (roc_cpt->ctx_ilen != 0) {
+ ctx_ilen = roc_cpt->ctx_ilen;
+ ctx_ilen_valid = true;
+ } else if (roc_errata_cpt_has_ctx_fetch_issue()) {
ctx_ilen_valid = true;
/* Inbound SA size is max context size */
ctx_ilen = (PLT_ALIGN(ROC_OT_IPSEC_SA_SZ_MAX, ROC_ALIGN) / 128)
- 1;
+ } else if (roc_cpt->ctx_ilen != 0) {
+ ctx_ilen = roc_cpt->ctx_ilen;
+ ctx_ilen_valid = true;
}
rc = cpt_lfs_alloc(&cpt->dev, eng_grpmsk, blkaddr[blknum], false,
ctx_ilen_valid, ctx_ilen,
diff --git a/drivers/common/cnxk/roc_cpt.h b/drivers/common/cnxk/roc_cpt.h
index 02f49c06b7..aa30f46f04 100644
--- a/drivers/common/cnxk/roc_cpt.h
+++ b/drivers/common/cnxk/roc_cpt.h
@@ -169,6 +169,7 @@ struct roc_cpt {
uint16_t nb_lf;
uint16_t nb_lf_avail;
uintptr_t lmt_base;
+ uint8_t ctx_ilen;
/**< CPT device capabilities */
union cpt_eng_caps hw_caps[CPT_MAX_ENG_TYPES];
uint8_t eng_grp[CPT_MAX_ENG_TYPES];
diff --git a/drivers/crypto/cnxk/cn10k_ipsec.c
b/drivers/crypto/cnxk/cn10k_ipsec.c
index 5cd4f5257a..a1207aa7c4 100644
--- a/drivers/crypto/cnxk/cn10k_ipsec.c
+++ b/drivers/crypto/cnxk/cn10k_ipsec.c
@@ -45,7 +45,7 @@ cn10k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt, struct
roc_cpt_lf *lf,
}
/* Translate security parameters to SA */
- ret = cnxk_ot_ipsec_outb_sa_fill(sa_dptr, ipsec_xfrm, crypto_xfrm);
+ ret = cnxk_ot_ipsec_outb_sa_fill(sa_dptr, ipsec_xfrm, crypto_xfrm,
roc_cpt->ctx_ilen);
if (ret) {
plt_err("Could not fill outbound session parameters");
goto sa_dptr_free;
@@ -176,7 +176,7 @@ cn10k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt, struct
roc_cpt_lf *lf,
}
/* Translate security parameters to SA */
- ret = cnxk_ot_ipsec_inb_sa_fill(sa_dptr, ipsec_xfrm, crypto_xfrm);
+ ret = cnxk_ot_ipsec_inb_sa_fill(sa_dptr, ipsec_xfrm, crypto_xfrm,
roc_cpt->ctx_ilen);
if (ret) {
plt_err("Could not fill inbound session parameters");
goto sa_dptr_free;
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index 49edac8cd6..1a7b87e400 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -327,7 +327,8 @@ tls_read_ctx_size(struct roc_ie_ot_tls_read_sa *sa, enum
rte_security_tls_versio
static int
tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
struct rte_security_tls_record_xform *tls_xfrm,
- struct rte_crypto_sym_xform *crypto_xfrm, struct cn10k_tls_opt
*tls_opt)
+ struct rte_crypto_sym_xform *crypto_xfrm, struct cn10k_tls_opt
*tls_opt,
+ uint8_t ctx_ilen)
{
enum rte_security_tls_version tls_ver = tls_xfrm->ver;
struct rte_crypto_sym_xform *auth_xfrm, *cipher_xfrm;
@@ -470,6 +471,9 @@ tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
ROC_CTX_UNIT_128B) -
1;
+ if (read_sa->w0.s.ctx_size < ctx_ilen)
+ read_sa->w0.s.ctx_size = ctx_ilen;
+
/* Word offset for HW managed CTX field */
read_sa->w0.s.hw_ctx_off = offset / 8;
read_sa->w0.s.ctx_push_size = read_sa->w0.s.hw_ctx_off;
@@ -482,7 +486,7 @@ tls_read_sa_fill(struct roc_ie_ot_tls_read_sa *read_sa,
static int
tls_write_sa_fill(struct roc_ie_ot_tls_write_sa *write_sa,
struct rte_security_tls_record_xform *tls_xfrm,
- struct rte_crypto_sym_xform *crypto_xfrm)
+ struct rte_crypto_sym_xform *crypto_xfrm, uint8_t ctx_ilen)
{
enum rte_security_tls_version tls_ver = tls_xfrm->ver;
struct rte_crypto_sym_xform *auth_xfrm, *cipher_xfrm;
@@ -606,6 +610,9 @@ tls_write_sa_fill(struct roc_ie_ot_tls_write_sa *write_sa,
write_sa->w0.s.ctx_size -= 1;
}
+ if (write_sa->w0.s.ctx_size < ctx_ilen)
+ write_sa->w0.s.ctx_size = ctx_ilen;
+
/* Word offset for HW managed CTX field */
write_sa->w0.s.hw_ctx_off = offset / 8;
write_sa->w0.s.ctx_push_size = write_sa->w0.s.hw_ctx_off;
@@ -655,7 +662,8 @@ cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct
roc_cpt_lf *lf,
}
/* Translate security parameters to SA */
- ret = tls_read_sa_fill(sa_dptr, tls_xfrm, crypto_xfrm,
&sec_sess->tls_opt);
+ ret = tls_read_sa_fill(sa_dptr, tls_xfrm, crypto_xfrm,
&sec_sess->tls_opt,
+ roc_cpt->ctx_ilen);
if (ret) {
plt_err("Could not fill read session parameters");
goto sa_dptr_free;
@@ -745,7 +753,7 @@ cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct
roc_cpt_lf *lf,
}
/* Translate security parameters to SA */
- ret = tls_write_sa_fill(sa_dptr, tls_xfrm, crypto_xfrm);
+ ret = tls_write_sa_fill(sa_dptr, tls_xfrm, crypto_xfrm,
roc_cpt->ctx_ilen);
if (ret) {
plt_err("Could not fill write session parameters");
goto sa_dptr_free;
diff --git a/drivers/crypto/cnxk/cn20k_ipsec.c
b/drivers/crypto/cnxk/cn20k_ipsec.c
index 1a65438646..8f79033ccc 100644
--- a/drivers/crypto/cnxk/cn20k_ipsec.c
+++ b/drivers/crypto/cnxk/cn20k_ipsec.c
@@ -45,7 +45,7 @@ cn20k_ipsec_outb_sa_create(struct roc_cpt *roc_cpt, struct
roc_cpt_lf *lf,
}
/* Translate security parameters to SA */
- ret = cnxk_ow_ipsec_outb_sa_fill(sa_dptr, ipsec_xfrm, crypto_xfrm);
+ ret = cnxk_ow_ipsec_outb_sa_fill(sa_dptr, ipsec_xfrm, crypto_xfrm,
roc_cpt->ctx_ilen);
if (ret) {
plt_err("Could not fill outbound session parameters");
goto sa_dptr_free;
@@ -171,7 +171,7 @@ cn20k_ipsec_inb_sa_create(struct roc_cpt *roc_cpt, struct
roc_cpt_lf *lf,
}
/* Translate security parameters to SA */
- ret = cnxk_ow_ipsec_inb_sa_fill(sa_dptr, ipsec_xfrm, crypto_xfrm);
+ ret = cnxk_ow_ipsec_inb_sa_fill(sa_dptr, ipsec_xfrm, crypto_xfrm,
roc_cpt->ctx_ilen);
if (ret) {
plt_err("Could not fill inbound session parameters");
goto sa_dptr_free;
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.h
b/drivers/crypto/cnxk/cnxk_cryptodev.h
index 5cec64c2e1..088149badb 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev.h
@@ -36,6 +36,7 @@ struct cnxk_cpt_vf {
struct roc_ae_ec_group *ec_grp[ROC_AE_EC_ID_PMAX];
uint16_t max_qps_limit;
uint16_t rx_inject_qp;
+ uint8_t ctx_ilen;
};
uint64_t cnxk_cpt_default_ff_get(void);
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_devargs.c
b/drivers/crypto/cnxk/cnxk_cryptodev_devargs.c
index adf1ba0543..3623e5aa76 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_devargs.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_devargs.c
@@ -4,12 +4,16 @@
#include <rte_devargs.h>
+#include "cn10k_tls.h"
#include "cnxk_cryptodev.h"
+#include "cnxk_security.h"
#define CNXK_MAX_QPS_LIMIT "max_qps_limit"
#define CNXK_MAX_QPS_LIMIT_MIN 1
#define CNXK_MAX_QPS_LIMIT_MAX (ROC_CPT_MAX_LFS - 1)
#define CNXK_RX_INJECT_QP "rx_inject_qp"
+#define CNXK_CPT_CTX_ILEN "ctx_ilen"
+#define CNXK_MAX_CPT_CTX_ILEN 7
static int
parse_rx_inject_qp(const char *key, const char *value, void *extra_args)
@@ -43,12 +47,48 @@ parse_max_qps_limit(const char *key, const char *value,
void *extra_args)
return 0;
}
+static uint32_t
+find_max_ctx_value(void)
+{
+ uint32_t val;
+
+ val = RTE_MAX(offsetof(struct roc_ot_ipsec_inb_sa, ctx),
+ offsetof(struct roc_ot_ipsec_outb_sa, ctx));
+
+ val = RTE_MAX(val, offsetof(struct roc_ie_ot_tls_read_sa, tls_12.ctx));
+ val = RTE_MAX(val, offsetof(struct roc_ie_ot_tls_read_sa, tls_13.ctx));
+ val = RTE_MAX(val, offsetof(struct roc_ie_ot_tls_write_sa,
tls_12.w26_rsvd7));
+ val = RTE_MAX(val, offsetof(struct roc_ie_ot_tls_write_sa,
tls_13.w10_rsvd7));
+
+ return val / 128 + 1;
+}
+
+static int
+parse_cpt_ctx_ilen(const char *key, const char *value, void *extra_args)
+{
+ RTE_SET_USED(key);
+ uint32_t val, min_val;
+
+ val = atoi(value);
+ if (val > CNXK_MAX_CPT_CTX_ILEN)
+ return -EINVAL;
+
+ min_val = find_max_ctx_value();
+ if (val < min_val)
+ return -EINVAL;
+
+ *(uint16_t *)extra_args = val;
+
+ return 0;
+}
+
int
cnxk_cpt_parse_devargs(struct rte_devargs *devargs, struct cnxk_cpt_vf *vf)
{
uint16_t max_qps_limit = CNXK_MAX_QPS_LIMIT_MAX;
struct rte_kvargs *kvlist;
uint16_t rx_inject_qp;
+ uint16_t ctx_ilen = 0;
int rc;
/* Set to max value as default so that the feature is disabled by
default. */
@@ -78,11 +118,20 @@ cnxk_cpt_parse_devargs(struct rte_devargs *devargs, struct
cnxk_cpt_vf *vf)
goto exit;
}
+ rc = rte_kvargs_process(kvlist, CNXK_CPT_CTX_ILEN, parse_cpt_ctx_ilen,
&ctx_ilen);
+ if (rc < 0) {
+ plt_err("ctx_ilen should in the range <%d-%d>",
find_max_ctx_value(),
+ CNXK_MAX_CPT_CTX_ILEN);
+ rte_kvargs_free(kvlist);
+ goto exit;
+ }
+
rte_kvargs_free(kvlist);
null_devargs:
vf->max_qps_limit = max_qps_limit;
vf->rx_inject_qp = rx_inject_qp;
+ vf->cpt.ctx_ilen = ctx_ilen;
return 0;
exit:
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
index 261e14b418..2bf156bddb 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
@@ -819,6 +819,9 @@ sym_session_configure(struct roc_cpt *roc_cpt, struct
rte_crypto_sym_xform *xfor
if (hw_ctx_cache_enable())
roc_se_ctx_init(&sess_priv->roc_se_ctx);
+ if (sess_priv->roc_se_ctx.se_ctx.w0.s.ctx_size < roc_cpt->ctx_ilen)
+ sess_priv->roc_se_ctx.se_ctx.w0.s.ctx_size = roc_cpt->ctx_ilen;
+
return 0;
priv_put:
diff --git a/drivers/net/cnxk/cn10k_ethdev_sec.c
b/drivers/net/cnxk/cn10k_ethdev_sec.c
index 110630596e..c477b12a30 100644
--- a/drivers/net/cnxk/cn10k_ethdev_sec.c
+++ b/drivers/net/cnxk/cn10k_ethdev_sec.c
@@ -845,10 +845,9 @@ cn10k_eth_sec_session_create(void *device,
memset(inb_sa_dptr, 0, sizeof(struct roc_ot_ipsec_inb_sa));
/* Fill inbound sa params */
- rc = cnxk_ot_ipsec_inb_sa_fill(inb_sa_dptr, ipsec, crypto);
+ rc = cnxk_ot_ipsec_inb_sa_fill(inb_sa_dptr, ipsec, crypto, 0);
if (rc) {
- snprintf(tbuf, sizeof(tbuf),
- "Failed to init inbound sa, rc=%d", rc);
+ snprintf(tbuf, sizeof(tbuf), "Failed to init inbound
sa, rc=%d", rc);
goto err;
}
@@ -936,10 +935,9 @@ cn10k_eth_sec_session_create(void *device,
memset(outb_sa_dptr, 0, sizeof(struct roc_ot_ipsec_outb_sa));
/* Fill outbound sa params */
- rc = cnxk_ot_ipsec_outb_sa_fill(outb_sa_dptr, ipsec, crypto);
+ rc = cnxk_ot_ipsec_outb_sa_fill(outb_sa_dptr, ipsec, crypto, 0);
if (rc) {
- snprintf(tbuf, sizeof(tbuf),
- "Failed to init outbound sa, rc=%d", rc);
+ snprintf(tbuf, sizeof(tbuf), "Failed to init outbound
sa, rc=%d", rc);
rc |= cnxk_eth_outb_sa_idx_put(dev, sa_idx);
goto err;
}
@@ -1148,7 +1146,7 @@ cn10k_eth_sec_session_update(void *device, struct
rte_security_session *sess,
inb_sa_dptr = (struct roc_ot_ipsec_inb_sa *)dev->inb.sa_dptr;
memset(inb_sa_dptr, 0, sizeof(struct roc_ot_ipsec_inb_sa));
- rc = cnxk_ot_ipsec_inb_sa_fill(inb_sa_dptr, ipsec, crypto);
+ rc = cnxk_ot_ipsec_inb_sa_fill(inb_sa_dptr, ipsec, crypto, 0);
if (rc)
goto err;
/* Use cookie for original data */
@@ -1183,7 +1181,7 @@ cn10k_eth_sec_session_update(void *device, struct
rte_security_session *sess,
outb_sa_dptr = (struct roc_ot_ipsec_outb_sa *)dev->outb.sa_dptr;
memset(outb_sa_dptr, 0, sizeof(struct roc_ot_ipsec_outb_sa));
- rc = cnxk_ot_ipsec_outb_sa_fill(outb_sa_dptr, ipsec, crypto);
+ rc = cnxk_ot_ipsec_outb_sa_fill(outb_sa_dptr, ipsec, crypto, 0);
if (rc)
goto err;
diff --git a/drivers/net/cnxk/cn20k_ethdev_sec.c
b/drivers/net/cnxk/cn20k_ethdev_sec.c
index 4284b726ee..5bf7917345 100644
--- a/drivers/net/cnxk/cn20k_ethdev_sec.c
+++ b/drivers/net/cnxk/cn20k_ethdev_sec.c
@@ -736,7 +736,7 @@ cn20k_eth_sec_session_create(void *device, struct
rte_security_session_conf *con
memset(inb_sa_dptr, 0, sizeof(struct roc_ow_ipsec_inb_sa));
/* Fill inbound sa params */
- rc = cnxk_ow_ipsec_inb_sa_fill(inb_sa_dptr, ipsec, crypto);
+ rc = cnxk_ow_ipsec_inb_sa_fill(inb_sa_dptr, ipsec, crypto, 0);
if (rc) {
snprintf(tbuf, sizeof(tbuf), "Failed to init inbound
sa, rc=%d", rc);
goto err;
@@ -814,7 +814,7 @@ cn20k_eth_sec_session_create(void *device, struct
rte_security_session_conf *con
memset(outb_sa_dptr, 0, sizeof(struct roc_ow_ipsec_outb_sa));
/* Fill outbound sa params */
- rc = cnxk_ow_ipsec_outb_sa_fill(outb_sa_dptr, ipsec, crypto);
+ rc = cnxk_ow_ipsec_outb_sa_fill(outb_sa_dptr, ipsec, crypto, 0);
if (rc) {
snprintf(tbuf, sizeof(tbuf), "Failed to init outbound
sa, rc=%d", rc);
rc |= cnxk_eth_outb_sa_idx_put(dev, sa_idx);
@@ -1000,7 +1000,7 @@ cn20k_eth_sec_session_update(void *device, struct
rte_security_session *sess,
inb_sa_dptr = (struct roc_ow_ipsec_inb_sa *)dev->inb.sa_dptr;
memset(inb_sa_dptr, 0, sizeof(struct roc_ow_ipsec_inb_sa));
- rc = cnxk_ow_ipsec_inb_sa_fill(inb_sa_dptr, ipsec, crypto);
+ rc = cnxk_ow_ipsec_inb_sa_fill(inb_sa_dptr, ipsec, crypto, 0);
if (rc)
return -EINVAL;
/* Use cookie for original data */
@@ -1034,7 +1034,7 @@ cn20k_eth_sec_session_update(void *device, struct
rte_security_session *sess,
outb_sa_dptr = (struct roc_ow_ipsec_outb_sa *)dev->outb.sa_dptr;
memset(outb_sa_dptr, 0, sizeof(struct roc_ow_ipsec_outb_sa));
- rc = cnxk_ow_ipsec_outb_sa_fill(outb_sa_dptr, ipsec, crypto);
+ rc = cnxk_ow_ipsec_outb_sa_fill(outb_sa_dptr, ipsec, crypto, 0);
if (rc)
return -EINVAL;
--
2.25.1
