Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/132280/?format=api
http://patchwork.dpdk.org/api/patches/132280/?format=api", "web_url": "http://patchwork.dpdk.org/project/dpdk/patch/20231003104854.1381-6-anoobj@marvell.com/", "project": { "id": 1, "url": "http://patchwork.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20231003104854.1381-6-anoobj@marvell.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20231003104854.1381-6-anoobj@marvell.com", "date": "2023-10-03T10:48:54", "name": "[v2,5/5] cryptodev: add details of datapath handling of TLS records", "commit_ref": null, "pull_url": null, "state": "accepted", "archived": true, "hash": "e7d76bda75727fef00347222544cc16dc033a6ab", "submitter": { "id": 1205, "url": "http://patchwork.dpdk.org/api/people/1205/?format=api", "name": "Anoob Joseph", "email": "anoobj@marvell.com" }, "delegate": { "id": 6690, "url": "http://patchwork.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "http://patchwork.dpdk.org/project/dpdk/patch/20231003104854.1381-6-anoobj@marvell.com/mbox/", "series": [ { "id": 29720, "url": "http://patchwork.dpdk.org/api/series/29720/?format=api", "web_url": "http://patchwork.dpdk.org/project/dpdk/list/?series=29720", "date": "2023-10-03T10:48:49", "name": "add TLS record processing security offload", "version": 2, "mbox": "http://patchwork.dpdk.org/series/29720/mbox/" } ], "comments": "http://patchwork.dpdk.org/api/patches/132280/comments/", "check": "warning", "checks": "http://patchwork.dpdk.org/api/patches/132280/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 0464C426AE;\n\tTue, 3 Oct 2023 12:49:33 +0200 (CEST)", "from mails.dpdk.org (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id 1171B4069F;\n\tTue, 3 Oct 2023 12:49:17 +0200 (CEST)", "from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com\n [67.231.148.174])\n by mails.dpdk.org (Postfix) with ESMTP id EF338406A2\n for <dev@dpdk.org>; Tue, 3 Oct 2023 12:49:15 +0200 (CEST)", "from pps.filterd (m0045849.ppops.net [127.0.0.1])\n by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id\n 3933ipKh022325; Tue, 3 Oct 2023 03:49:11 -0700", "from dc5-exch02.marvell.com ([199.233.59.182])\n by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3tgbas98wp-1\n (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);\n Tue, 03 Oct 2023 03:49:11 -0700", "from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com\n (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48;\n Tue, 3 Oct 2023 03:49:09 -0700", "from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com\n (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.48 via Frontend\n Transport; Tue, 3 Oct 2023 03:49:09 -0700", "from BG-LT92004.corp.innovium.com (unknown [10.28.163.189])\n by maili.marvell.com (Postfix) with ESMTP id CDF153F7080;\n Tue, 3 Oct 2023 03:49:04 -0700 (PDT)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;\n h=from : to : cc :\n subject : date : message-id : in-reply-to : references : mime-version :\n content-transfer-encoding : content-type; s=pfpt0220;\n bh=scfcSlhvWqF1BFRX6opQ67fHkZJujyj3zOVG1kJ6VsY=;\n b=ifqc4WAhavD0gpzk22esTfgF1flu3sA3nZTxS7lGIW/3q8E0IojPq8gWlB1qaZV7XLxA\n BgiL8KRyJdA/nN8SEsMuzA14SnWuPv13ICrN/2XrYKaZeK+nNBsWp2Ks3/9mIw10gQmL\n /T8iogm3GcJjmSIDRU0Uzbt7QAK+HCmzOWJ/FrwZ24DRtRG6cRLF607SfuzW4pcg+rbt\n hGMnZVSKcPDdezHpkSZeFBVHjK1WEgkLZis731TSlHYdF4fJArQqatm/FdPAvxzhFIBG\n xlHAyKK3XptCCqHcaGpEYRPFQQJ8wYyZKOBhbe802SMZjpeNvex8XG62RzX5rkSqdGGN pQ==", "From": "Anoob Joseph <anoobj@marvell.com>", "To": "Thomas Monjalon <thomas@monjalon.net>, Akhil Goyal <gakhil@marvell.com>,\n Jerin Jacob <jerinj@marvell.com>, Harry van Haaren\n <harry.van.haaren@intel.com>", "CC": "Vidya Sagar Velumuri <vvelumuri@marvell.com>, Konstantin Ananyev\n <konstantin.v.ananyev@yandex.ru>,\n Hemant Agrawal <hemant.agrawal@nxp.com>, <dev@dpdk.org>,\n Olivier Matz <olivier.matz@6wind.com>", "Subject": "[PATCH v2 5/5] cryptodev: add details of datapath handling of TLS\n records", "Date": "Tue, 3 Oct 2023 16:18:54 +0530", "Message-ID": "<20231003104854.1381-6-anoobj@marvell.com>", "X-Mailer": "git-send-email 2.25.1", "In-Reply-To": "<20231003104854.1381-1-anoobj@marvell.com>", "References": "<20230811071712.240-1-anoobj@marvell.com>\n <20231003104854.1381-1-anoobj@marvell.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Content-Type": "text/plain", "X-Proofpoint-ORIG-GUID": "MiWsZNC9ENLN-TTgqfyArIwRnPANkJlf", "X-Proofpoint-GUID": "MiWsZNC9ENLN-TTgqfyArIwRnPANkJlf", "X-Proofpoint-Virus-Version": "vendor=baseguard\n engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26\n definitions=2023-10-03_07,2023-10-02_01,2023-05-22_02", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org" }, "content": "From: Vidya Sagar Velumuri <vvelumuri@marvell.com>\n\nTLS/DTLS record processing requires content type to be provided per\npacket (for record write operation). Extend usage of reserved fields in\nrte_crypto_op for the same purpose.\n\nSigned-off-by: Anoob Joseph <anoobj@marvell.com>\nSigned-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>\n---\n doc/guides/prog_guide/rte_security.rst | 12 ++++++++++++\n doc/guides/rel_notes/release_23_11.rst | 6 ++++++\n lib/cryptodev/rte_crypto.h | 25 ++++++++++++++++++++++++-\n 3 files changed, 42 insertions(+), 1 deletion(-)", "diff": "diff --git a/doc/guides/prog_guide/rte_security.rst b/doc/guides/prog_guide/rte_security.rst\nindex f90dee5df0..7a25a7e649 100644\n--- a/doc/guides/prog_guide/rte_security.rst\n+++ b/doc/guides/prog_guide/rte_security.rst\n@@ -453,6 +453,18 @@ Protocol. The TLS Record Protocol provides connection security that has two basi\n V V\n TLSCiphertext TLSPlaintext\n \n+TLS and DTLS header formation (in record write operation) would depend on\n+type of content. It is a per packet variable and would need to be handled by\n+the same session. Application may pass this info to a cryptodev performing\n+lookaside protocol offload by passing the same in ``rte_crypto_op.param1``.\n+\n+In record read operation, application is required to preserve any info it may\n+need from the TLS/DTLS header (such as content type and sequence number) as the\n+cryptodev would remove the header and padding as part of the lookaside protocol\n+processing. With TLS 1.3, the actual content type is part of the trailer (before\n+padding) and would be stripped by the PMD. For applications that may need this\n+info, PMD would return the value in ``rte_crypto_op.param1`` field.\n+\n Supported Versions\n ^^^^^^^^^^^^^^^^^^\n \ndiff --git a/doc/guides/rel_notes/release_23_11.rst b/doc/guides/rel_notes/release_23_11.rst\nindex 250735efa9..663d1e9cf9 100644\n--- a/doc/guides/rel_notes/release_23_11.rst\n+++ b/doc/guides/rel_notes/release_23_11.rst\n@@ -83,6 +83,12 @@ New Features\n Similar to out of place processing support for lookaside security session, added\n the same support for inline ingress security session.\n \n+* **Added support for TLS and DTLS record in rte_security.**\n+\n+ Added TLS and DTLS record transform for rte_security session and added\n+ enhancements to ``rte_crypto_op`` fields to handle all datapath requirements\n+ of TLS and DTLS. The support is added for TLS 1.2, TLS 1.3 and DTLS 1.2.\n+\n * **Updated ipsec_mb crypto driver.**\n \n Added support for digest encrypted to AESNI_MB asynchronous crypto driver.\ndiff --git a/lib/cryptodev/rte_crypto.h b/lib/cryptodev/rte_crypto.h\nindex 9fe3e3d529..34aacd9312 100644\n--- a/lib/cryptodev/rte_crypto.h\n+++ b/lib/cryptodev/rte_crypto.h\n@@ -123,7 +123,30 @@ struct rte_crypto_op {\n \t\t\t *\n \t\t\t * @see struct rte_security_tls_record_sess_options\n \t\t\t */\n-\t\t\tuint8_t reserved[2];\n+\t\t\tunion {\n+\t\t\t\tstruct {\n+\t\t\t\t\tuint8_t content_type;\n+\t\t\t\t\t/**< Content type. The field can act both as input\n+\t\t\t\t\t * and output.\n+\t\t\t\t\t *\n+\t\t\t\t\t * As input, for passing message type in case of record\n+\t\t\t\t\t * write (encrypt) operation. Applicable for,\n+\t\t\t\t\t * 1. TLS 1.2\n+\t\t\t\t\t * 2. TLS 1.3\n+\t\t\t\t\t * 3. DTLS 1.2\n+\t\t\t\t\t *\n+\t\t\t\t\t * As output, for returning message type in case of record\n+\t\t\t\t\t * read (decrypt) operation. Applicable for,\n+\t\t\t\t\t * 1. TLS 1.3\n+\t\t\t\t\t *\n+\t\t\t\t\t * Message types are listed as RTE_TLS_TYPE_* and\n+\t\t\t\t\t * RTE_DTLS_TYPE_*.\n+\t\t\t\t\t */\n+\t\t\t\t} tls_record;\n+\t\t\t\t/**< TLS record */\n+\t\t\t} param1;\n+\t\t\t/**< Additional per operation parameter 1. */\n+\t\t\tuint8_t reserved[1];\n \t\t\t/**< Reserved bytes to fill 64 bits for\n \t\t\t * future additions\n \t\t\t */\n", "prefixes": [ "v2", "5/5" ] }{ "id": 132280, "url": "