| Message ID | 1632823662-384-1-git-send-email-anoobj@marvell.com (mailing list archive) |
|---|---|
| Headers |
Return-Path: <dev-bounces@dpdk.org> X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id D05CDA0032; Tue, 28 Sep 2021 12:08:36 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 4710340E3C; Tue, 28 Sep 2021 12:08:36 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 5707640DF6 for <dev@dpdk.org>; Tue, 28 Sep 2021 12:08:35 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 18SA4q4W026408; Tue, 28 Sep 2021 03:08:34 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=FDdydDWOqXv7yWK5pH1UaYbRNgVZouS2gYTiQDNL/8I=; b=Tu47si9A74Q3BVwVl6HfVzG2CJIVIISQYDuwZHyFDWS1zzBhDcGa8rP1lSYMlDWTG13o FO6j/UMh6Y3eU3sEmP2jmHYzxTRMi+ntGHzu6mFcGwyIlopKjgZqJyx2si8YJtUwzk1G H3q79uUlQC1a4NB5KK6xoOJ8MpR1zTSHcYASR1qIOEMeK/xJaaJiYTTpdzbolNpkCKDN HDY1+CunZ/XLldSrJ3nTlb5QY9JxTgXhD77UyvWj5ZilbiGjTgaWcF0VT3CyRalOelkT GXHegGs820NJQWLB7s64ENOtQD3x03eSlBEjuHGuyQ6BkQEm+bUpdkpAgzIq+fwr5tMl KQ== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0a-0016f401.pphosted.com with ESMTP id 3bbs489thn-19 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 28 Sep 2021 03:08:34 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Tue, 28 Sep 2021 03:07:57 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Tue, 28 Sep 2021 03:07:57 -0700 Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218]) by maili.marvell.com (Postfix) with ESMTP id C09193F7040; Tue, 28 Sep 2021 03:07:53 -0700 (PDT) From: Anoob Joseph <anoobj@marvell.com> To: Akhil Goyal <gakhil@marvell.com>, Declan Doherty <declan.doherty@intel.com>, Fan Zhang <roy.fan.zhang@intel.com>, "Konstantin Ananyev" <konstantin.ananyev@intel.com> CC: Anoob Joseph <anoobj@marvell.com>, Jerin Jacob <jerinj@marvell.com>, Archana Muniganti <marchana@marvell.com>, Tejasree Kondoj <ktejasree@marvell.com>, Hemant Agrawal <hemant.agrawal@nxp.com>, "Radu Nicolau" <radu.nicolau@intel.com>, Ciara Power <ciara.power@intel.com>, Gagandeep Singh <g.singh@nxp.com>, <dev@dpdk.org> Date: Tue, 28 Sep 2021 15:37:35 +0530 Message-ID: <1632823662-384-1-git-send-email-anoobj@marvell.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1631032372-275-1-git-send-email-anoobj@marvell.com> References: <1631032372-275-1-git-send-email-anoobj@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-GUID: 0eNNU0bS8z1YRbi5C5IvmXuuIgzqz5FU X-Proofpoint-ORIG-GUID: 0eNNU0bS8z1YRbi5C5IvmXuuIgzqz5FU X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475 definitions=2021-09-28_05,2021-09-28_01,2020-04-07_01 Subject: [dpdk-dev] [PATCH v3 0/6] Add SA lifetime in security X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions <dev.dpdk.org> List-Unsubscribe: <https://mails.dpdk.org/options/dev>, <mailto:dev-request@dpdk.org?subject=unsubscribe> List-Archive: <http://mails.dpdk.org/archives/dev/> List-Post: <mailto:dev@dpdk.org> List-Help: <mailto:dev-request@dpdk.org?subject=help> List-Subscribe: <https://mails.dpdk.org/listinfo/dev>, <mailto:dev-request@dpdk.org?subject=subscribe> Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org> |
| Series |
Add SA lifetime in security
|
|
Message
Anoob Joseph
Sept. 28, 2021, 10:07 a.m. UTC
Add SA lifetime configuration in security. SA lifetime tracking can be offloaded on supported PMDs. SA lifetime would cover soft & hard expiry in units of number of packets and bytes. When SA soft expiry happens, the packet is successfuly processed but with additional expiry notification. Crypto op structure, ``rte_crypto_op`` is updated to cover such notifications with lookaside protocol offloads. SA hard expiration would cause IPsec processing to return an error. PMDs crypto_cn10k, crypto_cn9k and crypto_octeontx2 are updated with their respective lifetime tracking capabilities. Unit tests are added for soft and hard expiry with number of packets. Changes in v3: - Removed explicit 0 setting of soft expiry configuration in ipsec-secgw (comment from Konstantin) Changes in v2: - Clear soft expiry configuration in ipsec-secgw - Rebased on v3 of dependent series Anoob Joseph (6): security: add SA lifetime configuration common/cnxk: support lifetime configuration crypto/octeontx2: add checks for life configuration test/crypto: add packets soft expiry tests test/crypto: add packets hard expiry tests examples/ipsec-secgw: clear soft expiry configuration app/test/test_cryptodev.c | 38 +++++++++++- app/test/test_cryptodev_security_ipsec.c | 40 +++++++++++-- app/test/test_cryptodev_security_ipsec.h | 5 +- .../test_cryptodev_security_ipsec_test_vectors.h | 3 - doc/guides/rel_notes/deprecation.rst | 5 -- doc/guides/rel_notes/release_21_11.rst | 13 ++++ drivers/common/cnxk/cnxk_security.c | 70 ++++++++++++++++++++++ drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 48 +++++++++++---- drivers/crypto/cnxk/cn9k_ipsec.c | 6 +- drivers/crypto/octeontx2/otx2_ipsec_po.h | 6 ++ examples/ipsec-secgw/ipsec.c | 1 - examples/ipsec-secgw/ipsec.h | 2 - lib/cryptodev/rte_crypto.h | 18 +++++- lib/security/rte_security.h | 28 ++++++++- 14 files changed, 249 insertions(+), 34 deletions(-)