From patchwork Tue Oct 4 17:37:03 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 117336 Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 7B6D1A0542; Tue, 4 Oct 2022 19:37:30 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 2BF0A40DDC; Tue, 4 Oct 2022 19:37:30 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 0847D40A79 for ; Tue, 4 Oct 2022 19:37:27 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 2948lRCh019108; Tue, 4 Oct 2022 10:37:23 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=8qnm4/9/kdIMc/F6B5FUznYRfbNWdhYOKrNS84Cl/bI=; b=U12Nbk20ISDiwR/09gwFD7Nv793ajCm/pZGMuw+hXPR58hG7tgW7x6ebdc/gjY11X3mJ raHdAvcchlWjmHyEY9TyWLcqXyeT0lY+l+/ekWeo51J2UauzPml81pu7JXh7wwWrcBjU Fb58TZJ8ZTg03d6GhmuM60FJc5M1nJ54bOhiRvryHckKCzvqyGoCY3Wa92+Mo5YBG7lD 92zr4uMyStqEimRHA1ruqWdK+HGRmjwb1LiqzWbsmU8MxP6YSuL9R1iTEUeBFI0b2kHU bh0sGYKzPBW1ZWu9MtL8lndUZOpZzVIRnXuQ8m3rI1mQWR1VwmiN3xsA333XY54gdtlL tA== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3jxn2ptmaq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 04 Oct 2022 10:37:23 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Tue, 4 Oct 2022 10:37:20 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Tue, 4 Oct 2022 10:37:20 -0700 Received: from localhost.localdomain (unknown [10.28.36.102]) by maili.marvell.com (Postfix) with ESMTP id 9BCB33F7096; Tue, 4 Oct 2022 10:37:11 -0700 (PDT) From: Akhil Goyal To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Akhil Goyal Subject: [PATCH v8 0/6] crypto/security session framework rework Date: Tue, 4 Oct 2022 23:07:03 +0530 Message-ID: <20221004173709.3482250-1-gakhil@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221004111035.3264904-1-gakhil@marvell.com> References: <20221004111035.3264904-1-gakhil@marvell.com> MIME-Version: 1.0 X-Proofpoint-ORIG-GUID: RVfSavtAbcyhTYNYVkouj37_dhWOhEVi X-Proofpoint-GUID: RVfSavtAbcyhTYNYVkouj37_dhWOhEVi X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-10-04_08,2022-09-29_03,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org This patchset reworks the symmetric crypto and security session data structure to use a single virtual/physical contiguous buffer for symmetric crypto/security session and driver private data. In addition the session data structure is now private. The session is represented as an opaque pointer in the application. With the change the session is no longer supported to be accessed by multiple device drivers. For the same reason rte_cryptodev_sym_session_init/clear APIs are deprecated as rte_cryptodev_sym_session_create/free will initialize and clear the driver specific data field. The change was also submitted last year during DPDK 21.11 timeframe also[1], but was not applied due to lack of feedback from community. Please help in getting this cleanup merged in this cycle. Now the similar work was already done for asymmetric crypto. This patchset is rebased over current tree and fixes all the issues reported so far. Changes in v8: - fixed security autotest Changes in v7: - fixed build for ixgbe and txgbe Changes in v6: - rebased over TOT Changes in v5: - rebased over latest dpdk-next-crypto tree Changes in v4: - squashed armv8_crypto fixes. http://patches.dpdk.org/project/dpdk/cover/20220926100120.3980185-1-ruifeng.wang@arm.com/ Changes in v3: - Updated release notes - fixed checkpatch issues - renamed macro to get sess priv data to align with crypto macro - added acked-by/tested-by Changes in v2: This patchset is a v2 for the patch that was sent by Fan Zhang(Intel) with a few changes - Added security session rework also. - fixed issues in [2] reported on mailing list. - few other fixes. Please review and provide feedback as soon as possible as this is intended to be merged in DPDK 22.11 RC1. Currently the cnxk platform is tested with this change. Request everyone to review and test on their platform. Special note to ixgbe and txgbe maintainers. There is a wrong implementation for flow creation. Please check. A hack is added to bypass it. Please fix it separately. [1] https://patches.dpdk.org/project/dpdk/cover/20211018213452.2734720-1-gakhil@marvell.com/ [2] https://patches.dpdk.org/project/dpdk/cover/20220829160645.378406-1-roy.fan.zhang@intel.com/ Akhil Goyal (5): cryptodev: rework session framework cryptodev: hide sym session structure security: remove priv mempool usage drivers/crypto: support security session get size op security: hide session structure Fan Zhang (1): crypto/scheduler: use unified session app/test-crypto-perf/cperf.h | 1 - app/test-crypto-perf/cperf_ops.c | 64 ++-- app/test-crypto-perf/cperf_ops.h | 6 +- app/test-crypto-perf/cperf_test_latency.c | 11 +- app/test-crypto-perf/cperf_test_latency.h | 1 - .../cperf_test_pmd_cyclecount.c | 12 +- .../cperf_test_pmd_cyclecount.h | 1 - app/test-crypto-perf/cperf_test_throughput.c | 13 +- app/test-crypto-perf/cperf_test_throughput.h | 1 - app/test-crypto-perf/cperf_test_verify.c | 11 +- app/test-crypto-perf/cperf_test_verify.h | 1 - app/test-crypto-perf/main.c | 30 +- app/test-eventdev/test_perf_common.c | 43 +-- app/test-eventdev/test_perf_common.h | 1 - app/test/test_cryptodev.c | 354 +++++------------- app/test/test_cryptodev_blockcipher.c | 18 +- app/test/test_cryptodev_security_ipsec.c | 2 +- app/test/test_cryptodev_security_ipsec.h | 2 +- app/test/test_event_crypto_adapter.c | 39 +- app/test/test_ipsec.c | 49 +-- app/test/test_ipsec_perf.c | 4 +- app/test/test_security.c | 194 ++-------- app/test/test_security_inline_proto.c | 26 +- doc/guides/prog_guide/cryptodev_lib.rst | 16 +- doc/guides/rel_notes/deprecation.rst | 9 - doc/guides/rel_notes/release_22_11.rst | 14 + drivers/crypto/armv8/armv8_pmd_private.h | 2 - drivers/crypto/armv8/rte_armv8_pmd.c | 21 +- drivers/crypto/armv8/rte_armv8_pmd_ops.c | 35 +- drivers/crypto/bcmfs/bcmfs_sym_session.c | 39 +- drivers/crypto/bcmfs/bcmfs_sym_session.h | 3 +- drivers/crypto/caam_jr/caam_jr.c | 69 +--- drivers/crypto/ccp/ccp_crypto.c | 56 +-- drivers/crypto/ccp/ccp_pmd_ops.c | 32 +- drivers/crypto/ccp/ccp_pmd_private.h | 2 - drivers/crypto/ccp/rte_ccp_pmd.c | 29 +- drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 41 +- drivers/crypto/cnxk/cn10k_ipsec.c | 45 +-- drivers/crypto/cnxk/cn9k_cryptodev_ops.c | 38 +- drivers/crypto/cnxk/cn9k_ipsec.c | 50 +-- drivers/crypto/cnxk/cnxk_cryptodev_ops.c | 55 +-- drivers/crypto/cnxk/cnxk_cryptodev_ops.h | 16 +- drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 70 ++-- drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c | 6 +- drivers/crypto/dpaa_sec/dpaa_sec.c | 69 +--- drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c | 7 +- drivers/crypto/ipsec_mb/ipsec_mb_ops.c | 34 +- drivers/crypto/ipsec_mb/ipsec_mb_private.h | 41 +- drivers/crypto/ipsec_mb/pmd_aesni_gcm.c | 48 +-- drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 69 +--- drivers/crypto/ipsec_mb/pmd_chacha_poly.c | 4 - drivers/crypto/ipsec_mb/pmd_kasumi.c | 10 +- drivers/crypto/ipsec_mb/pmd_snow3g.c | 9 +- drivers/crypto/ipsec_mb/pmd_zuc.c | 4 - drivers/crypto/mlx5/mlx5_crypto.c | 25 +- drivers/crypto/mvsam/rte_mrvl_pmd.c | 11 +- drivers/crypto/mvsam/rte_mrvl_pmd_ops.c | 49 +-- drivers/crypto/nitrox/nitrox_sym.c | 39 +- drivers/crypto/null/null_crypto_pmd.c | 20 +- drivers/crypto/null/null_crypto_pmd_ops.c | 33 +- drivers/crypto/null/null_crypto_pmd_private.h | 2 - .../crypto/octeontx/otx_cryptodev_hw_access.h | 1 - drivers/crypto/octeontx/otx_cryptodev_ops.c | 67 +--- drivers/crypto/openssl/openssl_pmd_private.h | 2 - drivers/crypto/openssl/rte_openssl_pmd.c | 24 +- drivers/crypto/openssl/rte_openssl_pmd_ops.c | 29 +- drivers/crypto/qat/dev/qat_sym_pmd_gen1.c | 1 + drivers/crypto/qat/qat_sym.c | 15 +- drivers/crypto/qat/qat_sym.h | 16 +- drivers/crypto/qat/qat_sym_session.c | 73 ++-- drivers/crypto/qat/qat_sym_session.h | 10 +- drivers/crypto/scheduler/scheduler_failover.c | 19 +- .../crypto/scheduler/scheduler_multicore.c | 17 + .../scheduler/scheduler_pkt_size_distr.c | 81 ++-- drivers/crypto/scheduler/scheduler_pmd_ops.c | 93 ++++- .../crypto/scheduler/scheduler_pmd_private.h | 120 +++++- .../crypto/scheduler/scheduler_roundrobin.c | 11 +- drivers/crypto/virtio/virtio_cryptodev.c | 40 +- drivers/crypto/virtio/virtio_rxtx.c | 3 +- drivers/net/cnxk/cn10k_ethdev_sec.c | 38 +- drivers/net/cnxk/cn9k_ethdev_sec.c | 41 +- drivers/net/iavf/iavf_ipsec_crypto.c | 23 +- drivers/net/iavf/iavf_ipsec_crypto.h | 2 +- drivers/net/ixgbe/ixgbe_ipsec.c | 31 +- drivers/net/txgbe/txgbe_ipsec.c | 32 +- examples/fips_validation/fips_dev_self_test.c | 40 +- examples/fips_validation/main.c | 37 +- examples/ipsec-secgw/ipsec-secgw.c | 44 +-- examples/ipsec-secgw/ipsec.c | 16 +- examples/ipsec-secgw/ipsec.h | 1 - examples/ipsec-secgw/ipsec_worker.c | 2 +- examples/l2fwd-crypto/main.c | 60 +-- examples/vhost_crypto/main.c | 16 +- lib/cryptodev/cryptodev_pmd.h | 60 +-- lib/cryptodev/cryptodev_trace_points.c | 9 - lib/cryptodev/rte_crypto.h | 3 +- lib/cryptodev/rte_crypto_sym.h | 11 +- lib/cryptodev/rte_cryptodev.c | 285 +++++--------- lib/cryptodev/rte_cryptodev.h | 153 +++----- lib/cryptodev/rte_cryptodev_trace.h | 42 +-- lib/cryptodev/version.map | 7 - lib/ipsec/rte_ipsec_group.h | 13 +- lib/ipsec/ses.c | 5 +- lib/pipeline/rte_table_action.c | 10 +- lib/security/rte_security.c | 33 +- lib/security/rte_security.h | 90 +++-- lib/security/rte_security_driver.h | 31 +- lib/vhost/rte_vhost_crypto.h | 3 - lib/vhost/vhost_crypto.c | 28 +- 109 files changed, 1301 insertions(+), 2493 deletions(-)