Patch Detail

HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 58863,
    "url": "http://patchwork.dpdk.org/api/patches/58863/?format=api",
    "web_url": "http://patchwork.dpdk.org/project/dpdk/patch/20190906131330.40185-2-roy.fan.zhang@intel.com/",
    "project": {
        "id": 1,
        "url": "http://patchwork.dpdk.org/api/projects/1/?format=api",
        "name": "DPDK",
        "link_name": "dpdk",
        "list_id": "dev.dpdk.org",
        "list_email": "dev@dpdk.org",
        "web_url": "http://core.dpdk.org",
        "scm_url": "git://dpdk.org/dpdk",
        "webscm_url": "http://git.dpdk.org/dpdk",
        "list_archive_url": "https://inbox.dpdk.org/dev",
        "list_archive_url_format": "https://inbox.dpdk.org/dev/{}",
        "commit_url_format": ""
    },
    "msgid": "<20190906131330.40185-2-roy.fan.zhang@intel.com>",
    "list_archive_url": "https://inbox.dpdk.org/dev/20190906131330.40185-2-roy.fan.zhang@intel.com",
    "date": "2019-09-06T13:13:21",
    "name": "[01/10] security: introduce CPU Crypto action type and API",
    "commit_ref": null,
    "pull_url": null,
    "state": "changes-requested",
    "archived": true,
    "hash": "cbf52303954c5216b77f55e1d6b45131b0d2ce2f",
    "submitter": {
        "id": 304,
        "url": "http://patchwork.dpdk.org/api/people/304/?format=api",
        "name": "Fan Zhang",
        "email": "roy.fan.zhang@intel.com"
    },
    "delegate": {
        "id": 6690,
        "url": "http://patchwork.dpdk.org/api/users/6690/?format=api",
        "username": "akhil",
        "first_name": "akhil",
        "last_name": "goyal",
        "email": "gakhil@marvell.com"
    },
    "mbox": "http://patchwork.dpdk.org/project/dpdk/patch/20190906131330.40185-2-roy.fan.zhang@intel.com/mbox/",
    "series": [
        {
            "id": 6303,
            "url": "http://patchwork.dpdk.org/api/series/6303/?format=api",
            "web_url": "http://patchwork.dpdk.org/project/dpdk/list/?series=6303",
            "date": "2019-09-06T13:13:20",
            "name": "security: add software synchronous crypto process",
            "version": 1,
            "mbox": "http://patchwork.dpdk.org/series/6303/mbox/"
        }
    ],
    "comments": "http://patchwork.dpdk.org/api/patches/58863/comments/",
    "check": "fail",
    "checks": "http://patchwork.dpdk.org/api/patches/58863/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<dev-bounces@dpdk.org>",
        "X-Original-To": "patchwork@dpdk.org",
        "Delivered-To": "patchwork@dpdk.org",
        "Received": [
            "from [92.243.14.124] (localhost [127.0.0.1])\n\tby dpdk.org (Postfix) with ESMTP id D51C61F37D;\n\tFri,  6 Sep 2019 15:13:39 +0200 (CEST)",
            "from mga18.intel.com (mga18.intel.com [134.134.136.126])\n\tby dpdk.org (Postfix) with ESMTP id 65BE81F2BA\n\tfor <dev@dpdk.org>; Fri,  6 Sep 2019 15:13:36 +0200 (CEST)",
            "from fmsmga002.fm.intel.com ([10.253.24.26])\n\tby orsmga106.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;\n\t06 Sep 2019 06:13:35 -0700",
            "from silpixa00398673.ir.intel.com (HELO\n\tsilpixa00398673.ger.corp.intel.com) ([10.237.223.136])\n\tby fmsmga002.fm.intel.com with ESMTP; 06 Sep 2019 06:13:34 -0700"
        ],
        "X-Amp-Result": "SKIPPED(no attachment in message)",
        "X-Amp-File-Uploaded": "False",
        "X-ExtLoop1": "1",
        "X-IronPort-AV": "E=Sophos;i=\"5.64,473,1559545200\"; d=\"scan'208\";a=\"213140701\"",
        "From": "Fan Zhang <roy.fan.zhang@intel.com>",
        "To": "dev@dpdk.org",
        "Cc": "konstantin.ananyev@intel.com, declan.doherty@intel.com,\n\takhil.goyal@nxp.com, Fan Zhang <roy.fan.zhang@intel.com>",
        "Date": "Fri,  6 Sep 2019 14:13:21 +0100",
        "Message-Id": "<20190906131330.40185-2-roy.fan.zhang@intel.com>",
        "X-Mailer": "git-send-email 2.14.5",
        "In-Reply-To": "<20190906131330.40185-1-roy.fan.zhang@intel.com>",
        "References": "<20190903154046.55992-1-roy.fan.zhang@intel.com>\n\t<20190906131330.40185-1-roy.fan.zhang@intel.com>",
        "Subject": "[dpdk-dev] [PATCH 01/10] security: introduce CPU Crypto action type\n\tand API",
        "X-BeenThere": "dev@dpdk.org",
        "X-Mailman-Version": "2.1.15",
        "Precedence": "list",
        "List-Id": "DPDK patches and discussions <dev.dpdk.org>",
        "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n\t<mailto:dev-request@dpdk.org?subject=unsubscribe>",
        "List-Archive": "<http://mails.dpdk.org/archives/dev/>",
        "List-Post": "<mailto:dev@dpdk.org>",
        "List-Help": "<mailto:dev-request@dpdk.org?subject=help>",
        "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n\t<mailto:dev-request@dpdk.org?subject=subscribe>",
        "Errors-To": "dev-bounces@dpdk.org",
        "Sender": "\"dev\" <dev-bounces@dpdk.org>"
    },
    "content": "This patch introduce new RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO action type to\nsecurity library. The type represents performing crypto operation with CPU\ncycles. The patch also includes a new API to process crypto operations in\nbulk and the function pointers for PMDs.\n\nSigned-off-by: Fan Zhang <roy.fan.zhang@intel.com>\n---\n lib/librte_security/rte_security.c           | 16 +++++++++\n lib/librte_security/rte_security.h           | 51 +++++++++++++++++++++++++++-\n lib/librte_security/rte_security_driver.h    | 19 +++++++++++\n lib/librte_security/rte_security_version.map |  1 +\n 4 files changed, 86 insertions(+), 1 deletion(-)",
    "diff": "diff --git a/lib/librte_security/rte_security.c b/lib/librte_security/rte_security.c\nindex bc81ce15d..0f85c1b59 100644\n--- a/lib/librte_security/rte_security.c\n+++ b/lib/librte_security/rte_security.c\n@@ -141,3 +141,19 @@ rte_security_capability_get(struct rte_security_ctx *instance,\n \n \treturn NULL;\n }\n+\n+void\n+rte_security_process_cpu_crypto_bulk(struct rte_security_ctx *instance,\n+\t\tstruct rte_security_session *sess,\n+\t\tstruct rte_security_vec buf[], void *iv[], void *aad[],\n+\t\tvoid *digest[], int status[], uint32_t num)\n+{\n+\tuint32_t i;\n+\n+\tfor (i = 0; i < num; i++)\n+\t\tstatus[i] = -1;\n+\n+\tRTE_FUNC_PTR_OR_RET(*instance->ops->process_cpu_crypto_bulk);\n+\tinstance->ops->process_cpu_crypto_bulk(sess, buf, iv,\n+\t\t\taad, digest, status, num);\n+}\ndiff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h\nindex 96806e3a2..5a0f8901b 100644\n--- a/lib/librte_security/rte_security.h\n+++ b/lib/librte_security/rte_security.h\n@@ -18,6 +18,7 @@ extern \"C\" {\n #endif\n \n #include <sys/types.h>\n+#include <sys/uio.h>\n \n #include <netinet/in.h>\n #include <netinet/ip.h>\n@@ -272,6 +273,20 @@ struct rte_security_pdcp_xform {\n \tuint32_t hfn_threshold;\n };\n \n+struct rte_security_cpu_crypto_xform {\n+\t/** For cipher/authentication crypto operation the authentication may\n+\t * cover more content then the cipher. E.g., for IPSec ESP encryption\n+\t * with AES-CBC and SHA1-HMAC, the encryption happens after the ESP\n+\t * header but whole packet (apart from MAC header) is authenticated.\n+\t * The cipher_offset field is used to deduct the cipher data pointer\n+\t * from the buffer to be processed.\n+\t *\n+\t * NOTE this parameter shall be ignored by AEAD algorithms, since it\n+\t * uses the same offset for cipher and authentication.\n+\t */\n+\tint32_t cipher_offset;\n+};\n+\n /**\n  * Security session action type.\n  */\n@@ -286,10 +301,14 @@ enum rte_security_session_action_type {\n \t/**< All security protocol processing is performed inline during\n \t * transmission\n \t */\n-\tRTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL\n+\tRTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,\n \t/**< All security protocol processing including crypto is performed\n \t * on a lookaside accelerator\n \t */\n+\tRTE_SECURITY_ACTION_TYPE_CPU_CRYPTO\n+\t/**< Crypto processing for security protocol is processed by CPU\n+\t * synchronously\n+\t */\n };\n \n /** Security session protocol definition */\n@@ -315,6 +334,7 @@ struct rte_security_session_conf {\n \t\tstruct rte_security_ipsec_xform ipsec;\n \t\tstruct rte_security_macsec_xform macsec;\n \t\tstruct rte_security_pdcp_xform pdcp;\n+\t\tstruct rte_security_cpu_crypto_xform cpucrypto;\n \t};\n \t/**< Configuration parameters for security session */\n \tstruct rte_crypto_sym_xform *crypto_xform;\n@@ -639,6 +659,35 @@ const struct rte_security_capability *\n rte_security_capability_get(struct rte_security_ctx *instance,\n \t\t\t    struct rte_security_capability_idx *idx);\n \n+/**\n+ * Security vector structure, contains pointer to vector array and the length\n+ * of the array\n+ */\n+struct rte_security_vec {\n+\tstruct iovec *vec;\n+\tuint32_t num;\n+};\n+\n+/**\n+ * Processing bulk crypto workload with CPU\n+ *\n+ * @param\tinstance\tsecurity instance.\n+ * @param\tsess\t\tsecurity session\n+ * @param\tbuf\t\tarray of buffer SGL vectors\n+ * @param\tiv\t\tarray of IV pointers\n+ * @param\taad\t\tarray of AAD pointers\n+ * @param\tdigest\t\tarray of digest pointers\n+ * @param\tstatus\t\tarray of status for the function to return\n+ * @param\tnum\t\tnumber of elements in each array\n+ *\n+ */\n+__rte_experimental\n+void\n+rte_security_process_cpu_crypto_bulk(struct rte_security_ctx *instance,\n+\t\tstruct rte_security_session *sess,\n+\t\tstruct rte_security_vec buf[], void *iv[], void *aad[],\n+\t\tvoid *digest[], int status[], uint32_t num);\n+\n #ifdef __cplusplus\n }\n #endif\ndiff --git a/lib/librte_security/rte_security_driver.h b/lib/librte_security/rte_security_driver.h\nindex 1b561f852..70fcb0c26 100644\n--- a/lib/librte_security/rte_security_driver.h\n+++ b/lib/librte_security/rte_security_driver.h\n@@ -132,6 +132,23 @@ typedef int (*security_get_userdata_t)(void *device,\n typedef const struct rte_security_capability *(*security_capabilities_get_t)(\n \t\tvoid *device);\n \n+/**\n+ * Process security operations in bulk using CPU accelerated method.\n+ *\n+ * @param\tsess\t\tSecurity session structure.\n+ * @param\tbuf\t\tBuffer to the vectors to be processed.\n+ * @param\tiv\t\tIV pointers.\n+ * @param\taad\t\tAAD pointers.\n+ * @param\tdigest\t\tDigest pointers.\n+ * @param\tstatus\t\tArray of status value.\n+ * @param\tnum\t\tNumber of elements in each array.\n+ */\n+\n+typedef void (*security_process_cpu_crypto_bulk_t)(\n+\t\tstruct rte_security_session *sess,\n+\t\tstruct rte_security_vec buf[], void *iv[], void *aad[],\n+\t\tvoid *digest[], int status[], uint32_t num);\n+\n /** Security operations function pointer table */\n struct rte_security_ops {\n \tsecurity_session_create_t session_create;\n@@ -150,6 +167,8 @@ struct rte_security_ops {\n \t/**< Get userdata associated with session which processed the packet. */\n \tsecurity_capabilities_get_t capabilities_get;\n \t/**< Get security capabilities. */\n+\tsecurity_process_cpu_crypto_bulk_t process_cpu_crypto_bulk;\n+\t/**< Process data in bulk. */\n };\n \n #ifdef __cplusplus\ndiff --git a/lib/librte_security/rte_security_version.map b/lib/librte_security/rte_security_version.map\nindex 53267bf3c..2132e7a00 100644\n--- a/lib/librte_security/rte_security_version.map\n+++ b/lib/librte_security/rte_security_version.map\n@@ -18,4 +18,5 @@ EXPERIMENTAL {\n \trte_security_get_userdata;\n \trte_security_session_stats_get;\n \trte_security_session_update;\n+\trte_security_process_cpu_crypto_bulk;\n };\n",
    "prefixes": [
        "01/10"
    ]
}