crypto: move crypto engines outside of plugins

This is first step in process of making crypto engine binaries
less dependant on specific VPP version.

Type: improvement

Change-Id: Ib08135688be409049b660e2b2ac435578b63be65
Signed-off-by: Damjan Marion <[email protected]>

src/CMakeLists.txt

@@ -244,6 +244,7 @@ include(cmake/api.cmake)
 include(cmake/library.cmake)
 include(cmake/exec.cmake)
 include(cmake/plugin.cmake)
+include(cmake/crypto_engines.cmake)
 
 ##############################################################################
 # FreeBSD - use epoll-shim
@@ -278,7 +279,7 @@ elseif(${CMAKE_SYSTEM_NAME} MATCHES "Linux|FreeBSD")
   find_package(OpenSSL)
   set(SUBDIRS
     vppinfra svm vlib vlibmemory vlibapi vnet vpp vat vat2 vcl vpp-api
-    plugins tools/vppapigen tools/g2 tools/perftool cmake pkg
+    plugins crypto_engines tools/vppapigen tools/g2 tools/perftool cmake pkg
     tools/appimage
   )
 elseif("${CMAKE_SYSTEM_NAME}" STREQUAL "Darwin")

src/cmake/crypto_engines.cmake

@@ -0,0 +1,76 @@
+# Copyright (c) 2018 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+macro(add_vpp_crypto_engine name)
+  cmake_parse_arguments(CRYPTO_ENGINE
+    ""
+    "LINK_FLAGS;COMPONENT;DEV_COMPONENT"
+    "SOURCES;LINK_LIBRARIES;SUPPORTED_OS_LIST"
+    ${ARGN}
+  )
+  if (CRYPTO_ENGINE_SUPPORTED_OS_LIST AND NOT ${CMAKE_SYSTEM_NAME} IN_LIST CRYPTO_ENGINE_SUPPORTED_OS_LIST)
+    message(WARNING "unsupported OS - ${name} crypto engine disabled")
+    return()
+  endif()
+  set(crypto_engine_name ${name}_crypto_engine)
+  if(NOT CRYPTO_ENGINE_COMPONENT)
+    set(CRYPTO_ENGINE_COMPONENT vpp-crypto-engines)
+  endif()
+  if(NOT CRYPTO_ENGINE_DEV_COMPONENT)
+    if(NOT VPP_EXTERNAL_PROJECT)
+      set(CRYPTO_ENGINE_DEV_COMPONENT vpp-dev)
+    else()
+      set(CRYPTO_ENGINE_DEV_COMPONENT ${CRYPTO_ENGINE_COMPONENT}-dev)
+    endif()
+  endif()
+
+  add_library(${crypto_engine_name} SHARED ${CRYPTO_ENGINE_SOURCES})
+  target_compile_options(${crypto_engine_name} PUBLIC ${VPP_DEFAULT_MARCH_FLAGS})
+  set_target_properties(${crypto_engine_name} PROPERTIES NO_SONAME 1)
+  target_compile_options(${crypto_engine_name} PRIVATE "-fvisibility=hidden")
+  target_compile_options (${crypto_engine_name} PRIVATE "-ffunction-sections")
+  target_compile_options (${crypto_engine_name} PRIVATE "-fdata-sections")
+  target_link_libraries (${crypto_engine_name} "-Wl,--gc-sections")
+  set(deps "")
+  if(NOT VPP_EXTERNAL_PROJECT)
+    list(APPEND deps vpp_version_h)
+  endif()
+  if(deps)
+    add_dependencies(${crypto_engine_name} ${deps})
+  endif()
+  set_target_properties(${crypto_engine_name} PROPERTIES
+    PREFIX ""
+    LIBRARY_OUTPUT_DIRECTORY ${CMAKE_LIBRARY_OUTPUT_DIRECTORY}/vpp_crypto_engines)
+  if(CRYPTO_ENGINE_LINK_LIBRARIES)
+    target_link_libraries(${crypto_engine_name} ${CRYPTO_ENGINE_LINK_LIBRARIES})
+  endif()
+  if(CRYPTO_ENGINE_LINK_FLAGS)
+    set_target_properties(${crypto_engine_name} PROPERTIES LINK_FLAGS "${CRYPTO_ENGINE_LINK_FLAGS}")
+  endif()
+
+  install(
+    TARGETS ${crypto_engine_name}
+    DESTINATION ${VPP_LIBRARY_DIR}/vpp_crypto_engines
+    COMPONENT ${CRYPTO_ENGINE_COMPONENT}
+  )
+endmacro()
+
+macro(vpp_crypto_engine_find_library n var name)
+  find_library(${var} NAMES ${name} ${ARGN})
+  mark_as_advanced(${var})
+if (NOT ${var})
+  message(WARNING "-- ${name} library not found - ${n} crypto engine disabled")
+  return()
+endif()
+    message(STATUS "${n} crypto engine needs ${name} library - found at ${${var}}")
+endmacro()

src/crypto_engines/CMakeLists.txt

@@ -0,0 +1,30 @@
+# Copyright (c) 2018 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+include_directories (
+  ${CMAKE_CURRENT_SOURCE_DIR}
+  ${CMAKE_CURRENT_BINARY_DIR}
+)
+
+##############################################################################
+# find and add all crypto engine subdirs
+##############################################################################
+FILE(GLOB files RELATIVE
+  ${CMAKE_CURRENT_SOURCE_DIR}
+  ${CMAKE_CURRENT_SOURCE_DIR}/*/CMakeLists.txt
+)
+
+foreach (f ${files})
+  get_filename_component(dir ${f} DIRECTORY)
+  add_subdirectory(${dir})
+endforeach()

src/plugins/crypto_ipsecmb/CMakeLists.txt → src/crypto_engines/ipsecmb/CMakeLists.txt

@@ -25,7 +25,7 @@ if(IPSECMB_INCLUDE_DIR AND IPSECMB_LIB)
 	set(IPSECMB_LINK_FLAGS "${IPSECMB_LINK_FLAGS} -L${IPSECMB_LIB_DIR} -Wl,--whole-archive ${IPSECMB_LIB} -Wl,--no-whole-archive")
 	set(IPSECMB_LINK_FLAGS "${IPSECMB_LINK_FLAGS} -Wl,--exclude-libs,libIPSec_MB.a,-l:libIPSec_MB.a")
 	include_directories(${IPSECMB_INCLUDE_DIR})
-	add_vpp_plugin(crypto_ipsecmb
+	add_vpp_crypto_engine(ipsecmb
 		SOURCES
 		ipsecmb.c
 
@@ -43,7 +43,7 @@ if(IPSECMB_INCLUDE_DIR AND IPSECMB_LIB)
 		message(STATUS "Intel IPSecMB ${IPSECMB_VERSION} does not support chacha20-poly1305. Disabled")
 	endif()
 
-	target_compile_options(crypto_ipsecmb_plugin PRIVATE "-march=silvermont" "-maes")
+	target_compile_options(ipsecmb_crypto_engine PRIVATE "-march=silvermont" "-maes")
 	message(STATUS "Intel IPSecMB found: ${IPSECMB_INCLUDE_DIR}")
 else()
 	message(STATUS "Intel IPSecMB not found")