From patchwork Fri Aug 11 07:17:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anoob Joseph X-Patchwork-Id: 130111 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 7DCF84302F; Fri, 11 Aug 2023 09:18:00 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 0C52943262; Fri, 11 Aug 2023 09:17:44 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 710184323A for ; Fri, 11 Aug 2023 09:17:41 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 37AMjxvV001610; Fri, 11 Aug 2023 00:17:37 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=i6/UL2lCKsP8YK+U/3Jc0ne/Vv2olWVSakqORNnyS34=; b=BjnOC7sxD3FjWbdmwqIY+rQYfxpRInM2IYf6cOcTaIGXj/OYWZhSCWhU9wO3c/kvhrs2 yEMd8W3ZQI4D3lxmWddFpZII1mQ9YEa8J/FMZ8CaUxECt1tXv3vBZEXGtg3gd4yKYXbM KqNfXtPX5Yk7o3tQXsyDALu65ZeRjRdhwPaAh6P+8QXA+ay+F0H6jmMDXfl3APTkDTOb NZpSeHfIUDla6SFWcmwRwrW1JVGhf9NTQNbGyrn9gVzyujAEnC3nTPFcLdGJFoFfiOyV Da/fKGwSiwaZyUffjFtc+USr1d/tVEL6B6Gx/1RCRIOe0cmYKoHKjRmOfnZqG7sUNzRf 4A== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3sd8yp9f1c-2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Fri, 11 Aug 2023 00:17:37 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Fri, 11 Aug 2023 00:17:35 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Fri, 11 Aug 2023 00:17:35 -0700 Received: from BG-LT92004.corp.innovium.com (unknown [10.28.163.189]) by maili.marvell.com (Postfix) with ESMTP id 12EE63F70B1; Fri, 11 Aug 2023 00:17:27 -0700 (PDT) From: Anoob Joseph To: Thomas Monjalon , Akhil Goyal , Jerin Jacob , Konstantin Ananyev CC: Hemant Agrawal , , Olivier Matz , Vidya Sagar Velumuri Subject: [RFC PATCH 3/3] cryptodev: add details of datapath handling of TLS records Date: Fri, 11 Aug 2023 12:47:12 +0530 Message-ID: <20230811071712.240-4-anoobj@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230811071712.240-1-anoobj@marvell.com> References: <20230811071712.240-1-anoobj@marvell.com> MIME-Version: 1.0 X-Proofpoint-ORIG-GUID: Jgin3iiI7udYZeLQv6Aw521Bmqbzlzo2 X-Proofpoint-GUID: Jgin3iiI7udYZeLQv6Aw521Bmqbzlzo2 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.957,Hydra:6.0.591,FMLib:17.11.176.26 definitions=2023-08-10_20,2023-08-10_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org TLS/DTLS record processing requires content type to be provided per packet (for record write operation). Extend usage of rte_crypto_op.aux_flags for the same purpose. Signed-off-by: Akhil Goyal Signed-off-by: Anoob Joseph Signed-off-by: Vidya Sagar Velumuri --- doc/guides/prog_guide/rte_security.rst | 10 ++++++++++ lib/cryptodev/rte_crypto.h | 6 ++++++ 2 files changed, 16 insertions(+) diff --git a/doc/guides/prog_guide/rte_security.rst b/doc/guides/prog_guide/rte_security.rst index 7716d7239f..6cb69bc949 100644 --- a/doc/guides/prog_guide/rte_security.rst +++ b/doc/guides/prog_guide/rte_security.rst @@ -451,6 +451,16 @@ Protocol. The TLS Record Protocol provides connection security that has two basi V V TLSCiphertext TLSPlaintext +TLS and DTLS header formation (in record write operation) would depend on the +type of content. It is a per packet variable and would need to be handled by +the same session. Application may pass this info to a cryptodev performing +lookaside protocol offload by passing the same in ``rte_crypto_op.aux_flags``. + +In record read operation, application is required to preserve any info it may +need from the TLS/DTLS header (such as content type and sequence number) as the +cryptodev would remove the header and padding as part of the lookaside protocol +processing. + Supported Versions ^^^^^^^^^^^^^^^^^^ diff --git a/lib/cryptodev/rte_crypto.h b/lib/cryptodev/rte_crypto.h index 9b8d0331a4..7c12a2b705 100644 --- a/lib/cryptodev/rte_crypto.h +++ b/lib/cryptodev/rte_crypto.h @@ -101,6 +101,12 @@ struct rte_crypto_op { /**< Operation specific auxiliary/additional flags. * These flags carry additional information from the * operation. Processing of the same is optional. + * + * With TLS record offload (RTE_SECURITY_PROTOCOL_TLS_RECORD), + * application would be required to provide the message + * type of the input provided. The 'aux_flags' field + * can be used for passing the same. Message types are + * listed as RTE_TLS_TYPE_* and RTE_DTLS_TYPE_*. */ uint8_t reserved[2]; /**< Reserved bytes to fill 64 bits for