[v5,4/8] security: add cpu crypto action type
Checks
Commit Message
Introduce CPU crypto action type allowing to differentiate between
regular async 'none security' and synchronous, CPU crypto accelerated
sessions.
Signed-off-by: Marcin Smoczynski <marcinx.smoczynski@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
---
lib/librte_security/rte_security.h | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
Comments
Hi Marcin/Konstantin,
> Introduce CPU crypto action type allowing to differentiate between
> regular async 'none security' and synchronous, CPU crypto accelerated
> sessions.
>
> Signed-off-by: Marcin Smoczynski <marcinx.smoczynski@intel.com>
> Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
> Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
> ---
> lib/librte_security/rte_security.h | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h
> index 546779df2..c8b2dd5ed 100644
> --- a/lib/librte_security/rte_security.h
> +++ b/lib/librte_security/rte_security.h
> @@ -1,6 +1,6 @@
> /* SPDX-License-Identifier: BSD-3-Clause
> * Copyright 2017,2019 NXP
> - * Copyright(c) 2017 Intel Corporation.
> + * Copyright(c) 2017-2020 Intel Corporation.
> */
>
> #ifndef _RTE_SECURITY_H_
> @@ -307,10 +307,14 @@ enum rte_security_session_action_type {
> /**< All security protocol processing is performed inline during
> * transmission
> */
> - RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL
> + RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
> /**< All security protocol processing including crypto is performed
> * on a lookaside accelerator
> */
> + RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO
> + /**< Crypto processing for security protocol is processed by CPU
> + * synchronously
> + */
I am not able to see the need for this enum.
It is used by the app and ipsec library to identify the cpu-crypto codepath.
I don't see any security action been performed for this action_type.
This enum is just like NONE which is not used beyond the application/lib.
I think this needs to be documented properly in the description of the enum.
It should be something like
Similar to ACTION_TYPE_NONE, but the crypto processing is done on CPU
Synchronously.
Also add documentation of this in the rte_security.rst in this patch only.
There should not be any separate patch for documentation.
Regards,
Akhil
> Hi Marcin/Konstantin,
>
> > Introduce CPU crypto action type allowing to differentiate between
> > regular async 'none security' and synchronous, CPU crypto accelerated
> > sessions.
> >
> > Signed-off-by: Marcin Smoczynski <marcinx.smoczynski@intel.com>
> > Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
> > Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
> > ---
> > lib/librte_security/rte_security.h | 8 ++++++--
> > 1 file changed, 6 insertions(+), 2 deletions(-)
> >
> > diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h
> > index 546779df2..c8b2dd5ed 100644
> > --- a/lib/librte_security/rte_security.h
> > +++ b/lib/librte_security/rte_security.h
> > @@ -1,6 +1,6 @@
> > /* SPDX-License-Identifier: BSD-3-Clause
> > * Copyright 2017,2019 NXP
> > - * Copyright(c) 2017 Intel Corporation.
> > + * Copyright(c) 2017-2020 Intel Corporation.
> > */
> >
> > #ifndef _RTE_SECURITY_H_
> > @@ -307,10 +307,14 @@ enum rte_security_session_action_type {
> > /**< All security protocol processing is performed inline during
> > * transmission
> > */
> > - RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL
> > + RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
> > /**< All security protocol processing including crypto is performed
> > * on a lookaside accelerator
> > */
> > + RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO
> > + /**< Crypto processing for security protocol is processed by CPU
> > + * synchronously
> > + */
> I am not able to see the need for this enum.
>
> It is used by the app and ipsec library to identify the cpu-crypto codepath.
>
> I don't see any security action been performed for this action_type.
>
> This enum is just like NONE which is not used beyond the application/lib.
> I think this needs to be documented properly in the description of the enum.
>
> It should be something like
>
> Similar to ACTION_TYPE_NONE, but the crypto processing is done on CPU
> Synchronously.
>
> Also add documentation of this in the rte_security.rst in this patch only.
> There should not be any separate patch for documentation.
>
Could you please send the update to the patches that I requested.
I wanted to apply these today.
Hi Akhil,
> > > Introduce CPU crypto action type allowing to differentiate between
> > > regular async 'none security' and synchronous, CPU crypto accelerated
> > > sessions.
> > >
> > > Signed-off-by: Marcin Smoczynski <marcinx.smoczynski@intel.com>
> > > Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
> > > Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
> > > ---
> > > lib/librte_security/rte_security.h | 8 ++++++--
> > > 1 file changed, 6 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h
> > > index 546779df2..c8b2dd5ed 100644
> > > --- a/lib/librte_security/rte_security.h
> > > +++ b/lib/librte_security/rte_security.h
> > > @@ -1,6 +1,6 @@
> > > /* SPDX-License-Identifier: BSD-3-Clause
> > > * Copyright 2017,2019 NXP
> > > - * Copyright(c) 2017 Intel Corporation.
> > > + * Copyright(c) 2017-2020 Intel Corporation.
> > > */
> > >
> > > #ifndef _RTE_SECURITY_H_
> > > @@ -307,10 +307,14 @@ enum rte_security_session_action_type {
> > > /**< All security protocol processing is performed inline during
> > > * transmission
> > > */
> > > - RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL
> > > + RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
> > > /**< All security protocol processing including crypto is performed
> > > * on a lookaside accelerator
> > > */
> > > + RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO
> > > + /**< Crypto processing for security protocol is processed by CPU
> > > + * synchronously
> > > + */
> > I am not able to see the need for this enum.
> >
> > It is used by the app and ipsec library to identify the cpu-crypto codepath.
> >
> > I don't see any security action been performed for this action_type.
> >
> > This enum is just like NONE which is not used beyond the application/lib.
> > I think this needs to be documented properly in the description of the enum.
> >
> > It should be something like
> >
> > Similar to ACTION_TYPE_NONE, but the crypto processing is done on CPU
> > Synchronously.
> >
> > Also add documentation of this in the rte_security.rst in this patch only.
> > There should not be any separate patch for documentation.
> >
>
> Could you please send the update to the patches that I requested.
> I wanted to apply these today.
Marcin works on v6 to address your comments.
Plan to send it by COB today.
Konstantin
@@ -1,6 +1,6 @@
/* SPDX-License-Identifier: BSD-3-Clause
* Copyright 2017,2019 NXP
- * Copyright(c) 2017 Intel Corporation.
+ * Copyright(c) 2017-2020 Intel Corporation.
*/
#ifndef _RTE_SECURITY_H_
@@ -307,10 +307,14 @@ enum rte_security_session_action_type {
/**< All security protocol processing is performed inline during
* transmission
*/
- RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL
+ RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
/**< All security protocol processing including crypto is performed
* on a lookaside accelerator
*/
+ RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO
+ /**< Crypto processing for security protocol is processed by CPU
+ * synchronously
+ */
};
/** Security session protocol definition */