[COMMIT] branch master updated. v1.19.0.1_tigermoth-113-g7f5cc902 - git-lng-odp

29 Jun 2018

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "".
The branch, master has been updated
       via  7f5cc90258fe11df6286d9ce562d904e8032c461 (commit)
       via  8dd98e227876fbe8f8a0dc0504906975e93c7cd0 (commit)
       via  4d9446e1fb4fbc54eee5295dfc9854b2f21bb841 (commit)
       via  a716bb568dfe2cf4c856786b8fa9006a8a9c3841 (commit)
       via  3d591a7970918cee809927595ebf28e554460ca1 (commit)
       via  bbb0829282ba766e26d334dd7afa05e723ec61e7 (commit)
       via  033ae0b58a72f828c608a557cafaf468f8d67b9a (commit)
      from  eaf3b566293fa2bc10bb5b99b38ad75f4914b1ab (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 7f5cc90258fe11df6286d9ce562d904e8032c461
Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org
Date:   Fri Jun 22 13:40:49 2018 +0300
DEPENDENCIES: document building without OpenSSL
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org
    Reviewed-by: Bill Fischofer bill.fischofer@linaro.org
    Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org

diff --git a/DEPENDENCIES b/DEPENDENCIES
index 48f5a839..6b345b9c 100644
--- a/DEPENDENCIES
+++ b/DEPENDENCIES
@@ -21,6 +21,12 @@ Prerequisites for building the OpenDataPlane (ODP) API
Libraries currently required to link: openssl, libatomic, libconfig
+   It is possible to build ODP without OpenSSL by passing flag
+   --without-openssl to configure script. However this will result in
+   ODP-generic not supporting any cryptography algorithm (except NULL) and any
+   strong random generation (only BASIC is supported and it is not
+   cryptographically secure). Use at your own risk!
+
 3.1 OpenSSL native compile
For native compilation, simply load the necessary libraries using the appropriate
commit 8dd98e227876fbe8f8a0dc0504906975e93c7cd0
Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org
Date:   Thu Jun 21 20:39:59 2018 +0300
travis: check building without OpenSSL
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org
    Reviewed-by: Bill Fischofer bill.fischofer@linaro.org
    Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/.travis.yml b/.travis.yml
index 3dca855c..09e1bf88 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -59,6 +59,7 @@ env:
         - CONF="--disable-host-optimization"
         - CONF="--disable-host-optimization --disable-abi-compat"
         - CONF="--enable-pcapng-support"
+        - CONF="--without-openssl"
         - DPDK_SHARED="y" CONF="--disable-static-applications"
compiler:
commit 4d9446e1fb4fbc54eee5295dfc9854b2f21bb841
Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org
Date:   Fri Jun 22 13:38:48 2018 +0300
example: ipsec_api: support building w/o OpenSSL
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org
    Reviewed-by: Bill Fischofer bill.fischofer@linaro.org
    Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/example/ipsec_api/Makefile.am b/example/ipsec_api/Makefile.am
index 848683e0..8f81e323 100644
--- a/example/ipsec_api/Makefile.am
+++ b/example/ipsec_api/Makefile.am
@@ -1,8 +1,5 @@
 include $(top_srcdir)/example/Makefile.inc
-AM_CPPFLAGS = $(OPENSSL_CPPFLAGS)
-LDADD += $(OPENSSL_LIBS)
-
 bin_PROGRAMS = odp_ipsec_api
dist_bin_SCRIPTS = \
@@ -28,6 +25,16 @@ odp_ipsec_api_SOURCES = \
    	    odp_ipsec_fwd_db.h \
    	    odp_ipsec_cache.c \
    	    odp_ipsec_cache.h \
-		    odp_ipsec_stream.c \
-		    odp_ipsec_stream.h \
    	    odp_ipsec_misc.h
+
+if WITH_OPENSSL
+odp_ipsec_api_SOURCES += \
+		    odp_ipsec_stream.c \
+		    odp_ipsec_stream.h
+
+AM_CPPFLAGS = $(OPENSSL_CPPFLAGS)
+LDADD += $(OPENSSL_LIBS)
+
+else
+AM_CPPFLAGS = -DNO_OPENSSL
+endif
diff --git a/example/ipsec_api/odp_ipsec.c b/example/ipsec_api/odp_ipsec.c
index 8cd4caa9..6142011b 100644
--- a/example/ipsec_api/odp_ipsec.c
+++ b/example/ipsec_api/odp_ipsec.c
@@ -41,7 +41,27 @@
 #include <odp_ipsec_sp_db.h>
 #include <odp_ipsec_fwd_db.h>
 #include <odp_ipsec_cache.h>
+
+#ifndef NO_OPENSSL
 #include <odp_ipsec_stream.h>
+#else
+static void init_stream_db(void) {}
+static void resolve_stream_db(void) {}
+static int create_stream_db_inputs(void)
+{
+	return 0;
+}
+
+static odp_bool_t verify_stream_db_outputs(void)
+{
+	return true;
+}
+
+static int create_stream_db_entry(char *input ODP_UNUSED)
+{
+	return -1;
+}
+#endif
#define MAX_WORKERS     32   /**< maximum number of worker threads */
@@ -349,6 +369,7 @@ void ipsec_init_post(odp_ipsec_op_mode_t api_mode)
    }
 }
+#ifndef NO_OPENSSL
 static
 int check_stream_db_in(const char *intf)
 {
@@ -376,6 +397,19 @@ int check_stream_db_out(const char *intf)
return 0;
 }
+#else
+static
+int check_stream_db_in(const char *intf ODP_UNUSED)
+{
+	return 0;
+}
+
+static
+int check_stream_db_out(const char *intf ODP_UNUSED)
+{
+	return 0;
+}
+#endif
/**
  * Initialize interface
commit a716bb568dfe2cf4c856786b8fa9006a8a9c3841
Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org
Date:   Fri Jun 22 13:38:44 2018 +0300
example: ipsec: support building w/o OpenSSL
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org
    Reviewed-by: Bill Fischofer bill.fischofer@linaro.org
    Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/example/ipsec/Makefile.am b/example/ipsec/Makefile.am
index eba9b8bd..67b5a6f5 100644
--- a/example/ipsec/Makefile.am
+++ b/example/ipsec/Makefile.am
@@ -1,8 +1,5 @@
 include $(top_srcdir)/example/Makefile.inc
-AM_CPPFLAGS = $(OPENSSL_CPPFLAGS)
-LDADD += $(OPENSSL_LIBS)
-
 bin_PROGRAMS = odp_ipsec
dist_bin_SCRIPTS = \
@@ -21,10 +18,20 @@ odp_ipsec_SOURCES = odp_ipsec.c \
    	    odp_ipsec_sp_db.c \
    	    odp_ipsec_fwd_db.c \
    	    odp_ipsec_cache.c \
-		    odp_ipsec_stream.c \
    	    odp_ipsec_cache.h \
    	    odp_ipsec_fwd_db.h \
    	    odp_ipsec_misc.h \
    	    odp_ipsec_sa_db.h \
-		    odp_ipsec_sp_db.h \
+		    odp_ipsec_sp_db.h
+
+if WITH_OPENSSL
+odp_ipsec_SOURCES += \
+		    odp_ipsec_stream.c \
    	    odp_ipsec_stream.h
+
+AM_CPPFLAGS = $(OPENSSL_CPPFLAGS)
+LDADD += $(OPENSSL_LIBS)
+
+else
+AM_CPPFLAGS = -DNO_OPENSSL
+endif
diff --git a/example/ipsec/odp_ipsec.c b/example/ipsec/odp_ipsec.c
index 05001a5e..1b21773e 100644
--- a/example/ipsec/odp_ipsec.c
+++ b/example/ipsec/odp_ipsec.c
@@ -41,7 +41,27 @@
 #include <odp_ipsec_sp_db.h>
 #include <odp_ipsec_fwd_db.h>
 #include <odp_ipsec_cache.h>
+
+#ifndef NO_OPENSSL
 #include <odp_ipsec_stream.h>
+#else
+static void init_stream_db(void) {}
+static void resolve_stream_db(void) {}
+static int create_stream_db_inputs(void)
+{
+	return 0;
+}
+
+static odp_bool_t verify_stream_db_outputs(void)
+{
+	return true;
+}
+
+static int create_stream_db_entry(char *input ODP_UNUSED)
+{
+	return -1;
+}
+#endif
#define MAX_WORKERS     32   /**< maximum number of worker threads */
@@ -406,6 +426,7 @@ void ipsec_init_post(crypto_api_mode_e api_mode)
    }
 }
+#ifndef NO_OPENSSL
 static
 int check_stream_db_out(const char *intf)
 {
@@ -419,6 +440,13 @@ int check_stream_db_out(const char *intf)
return 0;
 }
+#else
+static
+int check_stream_db_out(const char *intf ODP_UNUSED)
+{
+	return 0;
+}
+#endif
/**
  * Initialize interface
commit 3d591a7970918cee809927595ebf28e554460ca1
Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org
Date:   Thu Jun 21 20:09:13 2018 +0300
linux-gen: support building ODP without libcrypto from OpenSSL
Closes https://github.com/Linaro/odp/issues/626
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org
    Reviewed-by: Bill Fischofer bill.fischofer@linaro.org
    Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/platform/linux-generic/Makefile.am b/platform/linux-generic/Makefile.am
index 4d2ea9c4..c6b5ac99 100644
--- a/platform/linux-generic/Makefile.am
+++ b/platform/linux-generic/Makefile.am
@@ -157,7 +157,6 @@ __LIB__libodp_linux_la_SOURCES = \
    		   odp_classification.c \
    		   odp_cpumask.c \
    		   odp_cpumask_task.c \
-			   odp_crypto.c \
    		   odp_errno.c \
    		   odp_event.c \
    		   odp_fdserver.c \
@@ -184,7 +183,6 @@ __LIB__libodp_linux_la_SOURCES = \
    		   odp_queue_lf.c \
    		   odp_queue_scalable.c \
    		   odp_queue_spsc.c \
-			   odp_random.c \
    		   odp_rwlock.c \
    		   odp_rwlock_recursive.c \
    		   odp_schedule_basic.c \
@@ -224,6 +222,16 @@ __LIB__libodp_linux_la_SOURCES = \
    		   pktio/socket.c \
    		   pktio/socket_mmap.c \
    		   pktio/tap.c
+
+if WITH_OPENSSL
+__LIB__libodp_linux_la_SOURCES += \
+			   odp_crypto_openssl.c \
+			   odp_random_openssl.c
+else
+__LIB__libodp_linux_la_SOURCES += \
+			   odp_crypto_null.c \
+			   odp_random_null.c
+endif
 if ODP_ABI_COMPAT
 __LIB__libodp_linux_la_SOURCES += \
    		   odp_atomic_api.c \
diff --git a/platform/linux-generic/include/odp_init_internal.h b/platform/linux-generic/include/odp_init_internal.h
index f585ceff..79f710af 100644
--- a/platform/linux-generic/include/odp_init_internal.h
+++ b/platform/linux-generic/include/odp_init_internal.h
@@ -46,6 +46,9 @@ int odp_classification_term_global(void);
 int odp_queue_init_global(void);
 int odp_queue_term_global(void);
+int _odp_random_init_local(void);
+int _odp_random_term_local(void);
+
 int odp_crypto_init_global(void);
 int odp_crypto_term_global(void);
 int _odp_crypto_init_local(void);
diff --git a/platform/linux-generic/m4/configure.m4 b/platform/linux-generic/m4/configure.m4
index 951704ed..e0fd099b 100644
--- a/platform/linux-generic/m4/configure.m4
+++ b/platform/linux-generic/m4/configure.m4
@@ -5,7 +5,14 @@ ODP_ATOMIC
ODP_PTHREAD
 ODP_TIMER
-ODP_OPENSSL
+AC_ARG_WITH([openssl],
+	    [AS_HELP_STRING([--without-openssl],
+			    [compile without OpenSSL (results in disabled crypto and random support)])],
+	    [],
+	    [with_openssl=yes])
+AS_IF([test "$with_openssl" != "no"],
+      [ODP_OPENSSL])
+AM_CONDITIONAL([WITH_OPENSSL], [test x$with_openssl != xno])
 ODP_LIBCONFIG([linux-generic])
 m4_include([platform/linux-generic/m4/odp_pcap.m4])
 m4_include([platform/linux-generic/m4/odp_pcapng.m4])
diff --git a/platform/linux-generic/odp_crypto_null.c b/platform/linux-generic/odp_crypto_null.c
new file mode 100644
index 00000000..7d01f10e
--- /dev/null
+++ b/platform/linux-generic/odp_crypto_null.c
@@ -0,0 +1,573 @@
+/* Copyright (c) 2014-2018, Linaro Limited
+ * All rights reserved.
+ *
+ * SPDX-License-Identifier:     BSD-3-Clause
+ */
+
+#include "config.h"
+
+#include <odp_posix_extensions.h>
+#include <odp/api/crypto.h>
+#include <odp_init_internal.h>
+#include <odp/api/spinlock.h>
+#include <odp/api/sync.h>
+#include <odp/api/debug.h>
+#include <odp/api/align.h>
+#include <odp/api/shared_memory.h>
+#include <odp_debug_internal.h>
+#include <odp/api/hints.h>
+#include <odp/api/random.h>
+#include <odp/api/plat/packet_inlines.h>
+#include <odp/api/plat/thread_inlines.h>
+#include <odp_packet_internal.h>
+
+/* Inlined API functions */
+#include <odp/api/plat/event_inlines.h>
+
+#define MAX_SESSIONS 32
+
+/*
+ * Cipher algorithm capabilities
+ *
+ * Keep sorted: first by key length, then by IV length
+ */
+static const odp_crypto_cipher_capability_t cipher_capa_null[] = {
+{.key_len = 0, .iv_len = 0} };
+
+/*
+ * Authentication algorithm capabilities
+ *
+ * Keep sorted: first by digest length, then by key length
+ */
+static const odp_crypto_auth_capability_t auth_capa_null[] = {
+{.digest_len = 0, .key_len = 0, .aad_len = {.min = 0, .max = 0, .inc = 0} } };
+
+/** Forward declaration of session structure */
+typedef struct odp_crypto_generic_session_t odp_crypto_generic_session_t;
+
+/**
+ * Algorithm handler function prototype
+ */
+typedef
+odp_crypto_alg_err_t (*crypto_func_t)(odp_packet_t pkt,
+				      const odp_crypto_packet_op_param_t *param,
+				      odp_crypto_generic_session_t *session);
+typedef void (*crypto_init_func_t)(odp_crypto_generic_session_t *session);
+
+/**
+ * Per crypto session data structure
+ */
+struct odp_crypto_generic_session_t {
+	odp_crypto_generic_session_t *next;
+
+	/* Session creation parameters */
+	odp_crypto_session_param_t p;
+
+	unsigned int idx;
+};
+
+typedef struct odp_crypto_global_s odp_crypto_global_t;
+
+struct odp_crypto_global_s {
+	odp_spinlock_t                lock;
+	odp_crypto_generic_session_t *free;
+	odp_crypto_generic_session_t  sessions[MAX_SESSIONS];
+
+	/* These flags are cleared at alloc_session() */
+	uint8_t ctx_valid[ODP_THREAD_COUNT_MAX][MAX_SESSIONS];
+
+	odp_ticketlock_t              openssl_lock[0];
+};
+
+static odp_crypto_global_t *global;
+
+static
+odp_crypto_generic_session_t *alloc_session(void)
+{
+	odp_crypto_generic_session_t *session = NULL;
+	unsigned int i;
+
+	odp_spinlock_lock(&global->lock);
+	session = global->free;
+	if (session) {
+		global->free = session->next;
+		session->next = NULL;
+	}
+	odp_spinlock_unlock(&global->lock);
+
+	session->idx = session - global->sessions;
+
+	for (i = 0; i < ODP_THREAD_COUNT_MAX; i++)
+		global->ctx_valid[i][session->idx] = 0;
+
+	return session;
+}
+
+static
+void free_session(odp_crypto_generic_session_t *session)
+{
+	odp_spinlock_lock(&global->lock);
+	session->next = global->free;
+	global->free = session;
+	odp_spinlock_unlock(&global->lock);
+}
+
+int odp_crypto_capability(odp_crypto_capability_t *capa)
+{
+	if (NULL == capa)
+		return -1;
+
+	/* Initialize crypto capability structure */
+	memset(capa, 0, sizeof(odp_crypto_capability_t));
+
+	capa->sync_mode = ODP_SUPPORT_PREFERRED;
+	capa->async_mode = ODP_SUPPORT_YES;
+
+	capa->ciphers.bit.null       = 1;
+
+	capa->auths.bit.null         = 1;
+
+	capa->max_sessions = MAX_SESSIONS;
+
+	return 0;
+}
+
+int odp_crypto_cipher_capability(odp_cipher_alg_t cipher,
+				 odp_crypto_cipher_capability_t dst[],
+				 int num_copy)
+{
+	const odp_crypto_cipher_capability_t *src;
+	int num;
+	int size = sizeof(odp_crypto_cipher_capability_t);
+
+	switch (cipher) {
+	case ODP_CIPHER_ALG_NULL:
+		src = cipher_capa_null;
+		num = sizeof(cipher_capa_null) / size;
+		break;
+	default:
+		return -1;
+	}
+
+	if (num < num_copy)
+		num_copy = num;
+
+	memcpy(dst, src, num_copy * size);
+
+	return num;
+}
+
+int odp_crypto_auth_capability(odp_auth_alg_t auth,
+			       odp_crypto_auth_capability_t dst[], int num_copy)
+{
+	const odp_crypto_auth_capability_t *src;
+	int num;
+	int size = sizeof(odp_crypto_auth_capability_t);
+
+	switch (auth) {
+	case ODP_AUTH_ALG_NULL:
+		src = auth_capa_null;
+		num = sizeof(auth_capa_null) / size;
+		break;
+	default:
+		return -1;
+	}
+
+	if (num < num_copy)
+		num_copy = num;
+
+	memcpy(dst, src, num_copy * size);
+
+	return num;
+}
+
+int
+odp_crypto_session_create(odp_crypto_session_param_t *param,
+			  odp_crypto_session_t *session_out,
+			  odp_crypto_ses_create_err_t *status)
+{
+	int rc;
+	odp_crypto_generic_session_t *session;
+
+	/* Allocate memory for this session */
+	session = alloc_session();
+	if (NULL == session) {
+		*status = ODP_CRYPTO_SES_CREATE_ERR_ENOMEM;
+		goto err;
+	}
+
+	/* Copy parameters */
+	session->p = *param;
+
+	/* Process based on cipher */
+	switch (param->cipher_alg) {
+	case ODP_CIPHER_ALG_NULL:
+		rc = 0;
+		break;
+	default:
+		rc = -1;
+	}
+
+	/* Check result */
+	if (rc) {
+		*status = ODP_CRYPTO_SES_CREATE_ERR_INV_CIPHER;
+		goto err;
+	}
+
+	/* Process based on auth */
+	switch (param->auth_alg) {
+	case ODP_AUTH_ALG_NULL:
+		rc = 0;
+		break;
+	default:
+		rc = -1;
+	}
+
+	/* Check result */
+	if (rc) {
+		*status = ODP_CRYPTO_SES_CREATE_ERR_INV_AUTH;
+		goto err;
+	}
+
+	/* We're happy */
+	*session_out = (intptr_t)session;
+	*status = ODP_CRYPTO_SES_CREATE_ERR_NONE;
+	return 0;
+
+err:
+	/* error status should be set at this moment */
+	if (session != NULL)
+		free_session(session);
+	*session_out = ODP_CRYPTO_SESSION_INVALID;
+	return -1;
+}
+
+int odp_crypto_session_destroy(odp_crypto_session_t session)
+{
+	odp_crypto_generic_session_t *generic;
+
+	generic = (odp_crypto_generic_session_t *)(intptr_t)session;
+	memset(generic, 0, sizeof(*generic));
+	free_session(generic);
+	return 0;
+}
+
+/*
+ * Shim function around packet operation, can be used by other implementations.
+ */
+int
+odp_crypto_operation(odp_crypto_op_param_t *param,
+		     odp_bool_t *posted,
+		     odp_crypto_op_result_t *result)
+{
+	odp_crypto_packet_op_param_t packet_param;
+	odp_packet_t out_pkt = param->out_pkt;
+	odp_crypto_packet_result_t packet_result;
+	odp_crypto_op_result_t local_result;
+	int rc;
+
+	packet_param.session = param->session;
+	packet_param.cipher_iv_ptr = param->cipher_iv_ptr;
+	packet_param.auth_iv_ptr = param->auth_iv_ptr;
+	packet_param.hash_result_offset = param->hash_result_offset;
+	packet_param.aad_ptr = param->aad_ptr;
+	packet_param.cipher_range = param->cipher_range;
+	packet_param.auth_range = param->auth_range;
+
+	rc = odp_crypto_op(&param->pkt, &out_pkt, &packet_param, 1);
+	if (rc < 0)
+		return rc;
+
+	rc = odp_crypto_result(&packet_result, out_pkt);
+	if (rc < 0)
+		return rc;
+
+	/* Indicate to caller operation was sync */
+	*posted = 0;
+
+	packet_subtype_set(out_pkt, ODP_EVENT_PACKET_BASIC);
+
+	/* Fill in result */
+	local_result.ctx = param->ctx;
+	local_result.pkt = out_pkt;
+	local_result.cipher_status = packet_result.cipher_status;
+	local_result.auth_status = packet_result.auth_status;
+	local_result.ok = packet_result.ok;
+
+	/*
+	 * Be bug-to-bug compatible. Return output packet also through params.
+	 */
+	param->out_pkt = out_pkt;
+
+	*result = local_result;
+
+	return 0;
+}
+
+int
+odp_crypto_init_global(void)
+{
+	size_t mem_size;
+	odp_shm_t shm;
+	int idx;
+
+	/* Calculate the memory size we need */
+	mem_size  = sizeof(odp_crypto_global_t);
+
+	/* Allocate our globally shared memory */
+	shm = odp_shm_reserve("crypto_pool", mem_size,
+			      ODP_CACHE_LINE_SIZE, 0);
+	if (ODP_SHM_INVALID == shm) {
+		ODP_ERR("unable to allocate crypto pool\n");
+		return -1;
+	}
+
+	global = odp_shm_addr(shm);
+
+	/* Clear it out */
+	memset(global, 0, mem_size);
+
+	/* Initialize free list and lock */
+	for (idx = 0; idx < MAX_SESSIONS; idx++) {
+		global->sessions[idx].next = global->free;
+		global->free = &global->sessions[idx];
+	}
+	odp_spinlock_init(&global->lock);
+
+	return 0;
+}
+
+int odp_crypto_term_global(void)
+{
+	int rc = 0;
+	int ret;
+	int count = 0;
+	odp_crypto_generic_session_t *session;
+
+	for (session = global->free; session != NULL; session = session->next)
+		count++;
+	if (count != MAX_SESSIONS) {
+		ODP_ERR("crypto sessions still active\n");
+		rc = -1;
+	}
+
+	ret = odp_shm_free(odp_shm_lookup("crypto_pool"));
+	if (ret < 0) {
+		ODP_ERR("shm free failed for crypto_pool\n");
+		rc = -1;
+	}
+
+	return rc;
+}
+
+int _odp_crypto_init_local(void)
+{
+	return 0;
+}
+
+int _odp_crypto_term_local(void)
+{
+	return 0;
+}
+
+odp_crypto_compl_t odp_crypto_compl_from_event(odp_event_t ev)
+{
+	/* This check not mandated by the API specification */
+	if (odp_event_type(ev) != ODP_EVENT_CRYPTO_COMPL)
+		ODP_ABORT("Event not a crypto completion");
+	return (odp_crypto_compl_t)ev;
+}
+
+odp_event_t odp_crypto_compl_to_event(odp_crypto_compl_t completion_event)
+{
+	return (odp_event_t)completion_event;
+}
+
+void
+odp_crypto_compl_result(odp_crypto_compl_t completion_event,
+			odp_crypto_op_result_t *result)
+{
+	(void)completion_event;
+	(void)result;
+
+	/* We won't get such events anyway, so there can be no result */
+	ODP_ASSERT(0);
+}
+
+void
+odp_crypto_compl_free(odp_crypto_compl_t completion_event)
+{
+	odp_event_t ev = odp_crypto_compl_to_event(completion_event);
+
+	odp_buffer_free(odp_buffer_from_event(ev));
+}
+
+uint64_t odp_crypto_compl_to_u64(odp_crypto_compl_t hdl)
+{
+	return _odp_pri(hdl);
+}
+
+void odp_crypto_session_param_init(odp_crypto_session_param_t *param)
+{
+	memset(param, 0, sizeof(odp_crypto_session_param_t));
+}
+
+uint64_t odp_crypto_session_to_u64(odp_crypto_session_t hdl)
+{
+	return (uint64_t)hdl;
+}
+
+odp_packet_t odp_crypto_packet_from_event(odp_event_t ev)
+{
+	/* This check not mandated by the API specification */
+	ODP_ASSERT(odp_event_type(ev) == ODP_EVENT_PACKET);
+	ODP_ASSERT(odp_event_subtype(ev) == ODP_EVENT_PACKET_CRYPTO);
+
+	return odp_packet_from_event(ev);
+}
+
+odp_event_t odp_crypto_packet_to_event(odp_packet_t pkt)
+{
+	return odp_packet_to_event(pkt);
+}
+
+static
+odp_crypto_packet_result_t *get_op_result_from_packet(odp_packet_t pkt)
+{
+	odp_packet_hdr_t *hdr = packet_hdr(pkt);
+
+	return &hdr->crypto_op_result;
+}
+
+int odp_crypto_result(odp_crypto_packet_result_t *result,
+		      odp_packet_t packet)
+{
+	odp_crypto_packet_result_t *op_result;
+
+	ODP_ASSERT(odp_event_subtype(odp_packet_to_event(packet)) ==
+		   ODP_EVENT_PACKET_CRYPTO);
+
+	op_result = get_op_result_from_packet(packet);
+
+	memcpy(result, op_result, sizeof(*result));
+
+	return 0;
+}
+
+static
+int crypto_int(odp_packet_t pkt_in,
+	       odp_packet_t *pkt_out,
+	       const odp_crypto_packet_op_param_t *param)
+{
+	odp_crypto_generic_session_t *session;
+	odp_bool_t allocated = false;
+	odp_packet_t out_pkt = *pkt_out;
+	odp_crypto_packet_result_t *op_result;
+	odp_packet_hdr_t *pkt_hdr;
+
+	session = (odp_crypto_generic_session_t *)(intptr_t)param->session;
+
+	/* Resolve output buffer */
+	if (ODP_PACKET_INVALID == out_pkt &&
+	    ODP_POOL_INVALID != session->p.output_pool) {
+		out_pkt = odp_packet_alloc(session->p.output_pool,
+					   odp_packet_len(pkt_in));
+		allocated = true;
+	}
+
+	if (odp_unlikely(ODP_PACKET_INVALID == out_pkt)) {
+		ODP_DBG("Alloc failed.\n");
+		return -1;
+	}
+
+	if (pkt_in != out_pkt) {
+		int ret;
+
+		ret = odp_packet_copy_from_pkt(out_pkt,
+					       0,
+					       pkt_in,
+					       0,
+					       odp_packet_len(pkt_in));
+		if (odp_unlikely(ret < 0))
+			goto err;
+
+		_odp_packet_copy_md_to_packet(pkt_in, out_pkt);
+		odp_packet_free(pkt_in);
+		pkt_in = ODP_PACKET_INVALID;
+	}
+
+	/* Fill in result */
+	packet_subtype_set(out_pkt, ODP_EVENT_PACKET_CRYPTO);
+	op_result = get_op_result_from_packet(out_pkt);
+	op_result->cipher_status.alg_err = ODP_CRYPTO_ALG_ERR_NONE;
+	op_result->cipher_status.hw_err = ODP_CRYPTO_HW_ERR_NONE;
+	op_result->auth_status.alg_err = ODP_CRYPTO_ALG_ERR_NONE;
+	op_result->auth_status.hw_err = ODP_CRYPTO_HW_ERR_NONE;
+	op_result->ok = true;
+
+	pkt_hdr = packet_hdr(out_pkt);
+	pkt_hdr->p.flags.crypto_err = !op_result->ok;
+
+	/* Synchronous, simply return results */
+	*pkt_out = out_pkt;
+
+	return 0;
+
+err:
+	if (allocated) {
+		odp_packet_free(out_pkt);
+		*pkt_out = ODP_PACKET_INVALID;
+	}
+
+	return -1;
+}
+
+int odp_crypto_op(const odp_packet_t pkt_in[],
+		  odp_packet_t pkt_out[],
+		  const odp_crypto_packet_op_param_t param[],
+		  int num_pkt)
+{
+	int i, rc;
+	odp_crypto_generic_session_t *session;
+
+	session = (odp_crypto_generic_session_t *)(intptr_t)param->session;
+	ODP_ASSERT(ODP_CRYPTO_SYNC == session->p.op_mode);
+
+	for (i = 0; i < num_pkt; i++) {
+		rc = crypto_int(pkt_in[i], &pkt_out[i], &param[i]);
+		if (rc < 0)
+			break;
+	}
+
+	return i;
+}
+
+int odp_crypto_op_enq(const odp_packet_t pkt_in[],
+		      const odp_packet_t pkt_out[],
+		      const odp_crypto_packet_op_param_t param[],
+		      int num_pkt)
+{
+	odp_packet_t pkt;
+	odp_event_t event;
+	odp_crypto_generic_session_t *session;
+	int i, rc;
+
+	session = (odp_crypto_generic_session_t *)(intptr_t)param->session;
+	ODP_ASSERT(ODP_CRYPTO_ASYNC == session->p.op_mode);
+	ODP_ASSERT(ODP_QUEUE_INVALID != session->p.compl_queue);
+
+	for (i = 0; i < num_pkt; i++) {
+		pkt = pkt_out[i];
+		rc = crypto_int(pkt_in[i], &pkt, &param[i]);
+		if (rc < 0)
+			break;
+
+		event = odp_packet_to_event(pkt);
+		if (odp_queue_enq(session->p.compl_queue, event)) {
+			odp_event_free(event);
+			break;
+		}
+	}
+
+	return i;
+}
diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto_openssl.c
similarity index 100%
rename from platform/linux-generic/odp_crypto.c
rename to platform/linux-generic/odp_crypto_openssl.c
diff --git a/platform/linux-generic/odp_init.c b/platform/linux-generic/odp_init.c
index 61f99e4d..28f94cd3 100644
--- a/platform/linux-generic/odp_init.c
+++ b/platform/linux-generic/odp_init.c
@@ -33,6 +33,7 @@ enum init_stage {
    SCHED_INIT,
    PKTIO_INIT,
    TIMER_INIT,
+	RANDOM_INIT,
    CRYPTO_INIT,
    CLASSIFICATION_INIT,
    TRAFFIC_MNGR_INIT,
@@ -105,6 +106,9 @@ static int term_global(enum init_stage stage)
    	}
    	/* Fall through */
+	case RANDOM_INIT:
+		/* Fall through */
+
    case TIMER_INIT:
    	if (odp_timer_term_global()) {
    		ODP_ERR("ODP timer term failed.\n");
@@ -302,6 +306,9 @@ int odp_init_global(odp_instance_t *instance,
    }
    stage = TIMER_INIT;
+	/* No init neeeded */
+	stage = RANDOM_INIT;
+
    if (odp_crypto_init_global()) {
    	ODP_ERR("ODP crypto init failed.\n");
    	goto init_failed;
@@ -391,6 +398,13 @@ static int term_local(enum init_stage stage)
    	}
    	/* Fall through */
+	case RANDOM_INIT:
+		if (_odp_random_term_local()) {
+			ODP_ERR("ODP random local term failed.\n");
+			rc = -1;
+		}
+		/* Fall through */
+
    case POOL_INIT:
    	if (odp_pool_term_local()) {
    		ODP_ERR("ODP buffer pool local term failed.\n");
@@ -450,6 +464,12 @@ int odp_init_local(odp_instance_t instance, odp_thread_type_t thr_type)
    }
    stage = PKTIO_INIT;
+	if (_odp_random_init_local()) {
+		ODP_ERR("ODP random local init failed.\n");
+		goto init_fail;
+	}
+	stage = RANDOM_INIT;
+
    if (_odp_crypto_init_local()) {
    	ODP_ERR("ODP crypto local init failed.\n");
    	goto init_fail;
diff --git a/platform/linux-generic/odp_random.c b/platform/linux-generic/odp_random_null.c
similarity index 56%
copy from platform/linux-generic/odp_random.c
copy to platform/linux-generic/odp_random_null.c
index 424243c2..d8ed78fe 100644
--- a/platform/linux-generic/odp_random.c
+++ b/platform/linux-generic/odp_random_null.c
@@ -8,47 +8,65 @@
#include <odp_posix_extensions.h>
 #include <stdint.h>
+#include <stdlib.h>
 #include <odp/api/random.h>
+#include <odp/api/cpu.h>
+#include <odp_init_internal.h>
-#include <openssl/rand.h>
+#include <time.h>
odp_random_kind_t odp_random_max_kind(void)
 {
-	return ODP_RANDOM_CRYPTO;
+	return ODP_RANDOM_BASIC;
 }
-int32_t odp_random_data(uint8_t *buf, uint32_t len, odp_random_kind_t kind)
-{
-	int rc;
-
-	switch (kind) {
-	case ODP_RANDOM_BASIC:
-	case ODP_RANDOM_CRYPTO:
-		rc = RAND_bytes(buf, len);
-		return (1 == rc) ? (int)len /*success*/: -1 /*failure*/;
-
-	case ODP_RANDOM_TRUE:
-	default:
-		return -1;
-	}
-}
-
-int32_t odp_random_test_data(uint8_t *buf, uint32_t len, uint64_t *seed)
+static int32_t _random_data(uint8_t *buf, uint32_t len, uint32_t *seed)
 {
    union {
    	uint32_t rand_word;
    	uint8_t rand_byte[4];
    } u;
    uint32_t i = 0, j;
-	uint32_t seed32 = (*seed) & 0xffffffff;
while (i < len) {
-		u.rand_word = rand_r(&seed32);
+		u.rand_word = rand_r(seed);
for (j = 0; j < 4 && i < len; j++, i++)
    		*buf++ = u.rand_byte[j];
    }
+	return len;
+}
+
+int32_t odp_random_test_data(uint8_t *buf, uint32_t len, uint64_t *seed)
+{
+	uint32_t seed32 = (*seed) & 0xffffffff;
+
+	_random_data(buf, len, &seed32);
+
    *seed = seed32;
    return len;
 }
+
+static __thread uint32_t this_seed;
+
+int32_t odp_random_data(uint8_t *buf, uint32_t len, odp_random_kind_t kind)
+{
+	if (kind != ODP_RANDOM_BASIC)
+		return -1;
+
+	return _random_data(buf, len, &this_seed);
+}
+
+int _odp_random_init_local(void)
+{
+	this_seed = time(NULL);
+	this_seed ^= odp_cpu_id() << 16;
+
+	return 0;
+}
+
+int _odp_random_term_local(void)
+{
+	return 0;
+}
diff --git a/platform/linux-generic/odp_random.c b/platform/linux-generic/odp_random_openssl.c
similarity index 88%
rename from platform/linux-generic/odp_random.c
rename to platform/linux-generic/odp_random_openssl.c
index 424243c2..9c3006c6 100644
--- a/platform/linux-generic/odp_random.c
+++ b/platform/linux-generic/odp_random_openssl.c
@@ -9,6 +9,7 @@
 #include <odp_posix_extensions.h>
 #include <stdint.h>
 #include <odp/api/random.h>
+#include <odp_init_internal.h>
#include <openssl/rand.h>
@@ -52,3 +53,13 @@ int32_t odp_random_test_data(uint8_t *buf, uint32_t len, uint64_t *seed)
    *seed = seed32;
    return len;
 }
+
+int _odp_random_init_local(void)
+{
+	return 0;
+}
+
+int _odp_random_term_local(void)
+{
+	return 0;
+}
commit bbb0829282ba766e26d334dd7afa05e723ec61e7
Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org
Date:   Thu Jun 28 16:29:43 2018 +0300
linux-gen: fix calls to odp_random_data to use ODP_RANDOM_BASIC
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org
    Reviewed-by: Bill Fischofer bill.fischofer@linaro.org
    Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/platform/linux-generic/pktio/tap.c b/platform/linux-generic/pktio/tap.c
index dc87db2b..19067969 100644
--- a/platform/linux-generic/pktio/tap.c
+++ b/platform/linux-generic/pktio/tap.c
@@ -71,7 +71,7 @@ static inline pkt_tap_t *pkt_priv(pktio_entry_t *pktio_entry)
 static int gen_random_mac(unsigned char *mac)
 {
    mac[0] = 0x7a; /* not multicast and local assignment bit is set */
-	if (odp_random_data(mac + 1, 5, false) < 5) {
+	if (odp_random_data(mac + 1, 5, ODP_RANDOM_BASIC) < 5) {
    	ODP_ERR("odp_random_data failed.\n");
    	return -1;
    }
diff --git a/platform/linux-generic/test/pktio_ipc/pktio_ipc1.c b/platform/linux-generic/test/pktio_ipc/pktio_ipc1.c
index 1b4fba8e..e704d7a9 100644
--- a/platform/linux-generic/test/pktio_ipc/pktio_ipc1.c
+++ b/platform/linux-generic/test/pktio_ipc/pktio_ipc1.c
@@ -200,7 +200,12 @@ static int pktio_run_loop(odp_pool_t pool)
    	}
/* 3. emulate that pkts packets were received  */
-		odp_random_data((uint8_t *)&pkts, sizeof(pkts), 0);
+		ret = odp_random_data((uint8_t *)&pkts, sizeof(pkts),
+				      ODP_RANDOM_BASIC);
+		if (ret != sizeof(pkts)) {
+			LOG_ABORT("random failed");
+			break;
+		}
    	pkts = ((pkts & 0xffff) % MAX_PKT_BURST) + 1;
for (i = 0; i < pkts; i++) {
commit 033ae0b58a72f828c608a557cafaf468f8d67b9a
Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org
Date:   Tue Jun 26 15:10:37 2018 +0300
linux-gen: tm: use ODP_RANDOM_BASIC instead of hard-coding constant 1 (= CRYPTO)
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org
    Reviewed-by: Bill Fischofer bill.fischofer@linaro.org
    Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/platform/linux-generic/odp_traffic_mngr.c b/platform/linux-generic/odp_traffic_mngr.c
index a89c5a2b..af403b4b 100644
--- a/platform/linux-generic/odp_traffic_mngr.c
+++ b/platform/linux-generic/odp_traffic_mngr.c
@@ -180,7 +180,7 @@ static void tm_init_random_data(tm_random_data_t *tm_random_data)
    byte_cnt = 0;
    while (byte_cnt < 256)
    	byte_cnt += odp_random_data(&tm_random_data->buf[byte_cnt],
-					    256 - byte_cnt, 1);
+					    256 - byte_cnt, ODP_RANDOM_BASIC);
tm_random_data->next_random_byte = 0;
 }
-----------------------------------------------------------------------
Summary of changes:
 .travis.yml                                        |   1 +
 DEPENDENCIES                                       |   6 +
 example/ipsec/Makefile.am                          |  17 +-
 example/ipsec/odp_ipsec.c                          |  28 +
 example/ipsec_api/Makefile.am                      |  17 +-
 example/ipsec_api/odp_ipsec.c                      |  34 ++
 platform/linux-generic/Makefile.am                 |  12 +-
 platform/linux-generic/include/odp_init_internal.h |   3 +
 platform/linux-generic/m4/configure.m4             |   9 +-
 platform/linux-generic/odp_crypto_null.c           | 573 +++++++++++++++++++++
 .../{odp_crypto.c => odp_crypto_openssl.c}         |   0
 platform/linux-generic/odp_init.c                  |  20 +
 .../{odp_random.c => odp_random_null.c}            |  60 ++-
 .../{odp_random.c => odp_random_openssl.c}         |  11 +
 platform/linux-generic/odp_traffic_mngr.c          |   2 +-
 platform/linux-generic/pktio/tap.c                 |   2 +-
 platform/linux-generic/test/pktio_ipc/pktio_ipc1.c |   7 +-
 17 files changed, 765 insertions(+), 37 deletions(-)
 create mode 100644 platform/linux-generic/odp_crypto_null.c
 rename platform/linux-generic/{odp_crypto.c => odp_crypto_openssl.c} (100%)
 copy platform/linux-generic/{odp_random.c => odp_random_null.c} (56%)
 rename platform/linux-generic/{odp_random.c => odp_random_openssl.c} (88%)
hooks/post-receive
-- 


    