| Message ID | 20211001095017.3342431-1-radu.nicolau@intel.com (mailing list archive) |
|---|---|
| Headers |
Return-Path: <dev-bounces@dpdk.org> X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id BA1D5A0032; Fri, 1 Oct 2021 12:00:54 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 8E9A04067E; Fri, 1 Oct 2021 12:00:54 +0200 (CEST) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by mails.dpdk.org (Postfix) with ESMTP id 1665A4067A for <dev@dpdk.org>; Fri, 1 Oct 2021 12:00:52 +0200 (CEST) X-IronPort-AV: E=McAfee;i="6200,9189,10123"; a="222186036" X-IronPort-AV: E=Sophos;i="5.85,337,1624345200"; d="scan'208";a="222186036" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Oct 2021 03:00:25 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.85,337,1624345200"; d="scan'208";a="618990860" Received: from silpixa00400884.ir.intel.com ([10.243.22.82]) by fmsmga001.fm.intel.com with ESMTP; 01 Oct 2021 03:00:21 -0700 From: Radu Nicolau <radu.nicolau@intel.com> To: Cc: dev@dpdk.org, mdr@ashroe.eu, konstantin.ananyev@intel.com, vladimir.medvedkin@intel.com, bruce.richardson@intel.com, roy.fan.zhang@intel.com, hemant.agrawal@nxp.com, gakhil@marvell.com, anoobj@marvell.com, declan.doherty@intel.com, abhijit.sinha@intel.com, daniel.m.buckley@intel.com, marchana@marvell.com, ktejasree@marvell.com, matan@nvidia.com, Radu Nicolau <radu.nicolau@intel.com> Date: Fri, 1 Oct 2021 10:50:09 +0100 Message-Id: <20211001095017.3342431-1-radu.nicolau@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210713133542.3550525-1-radu.nicolau@intel.com> References: <20210713133542.3550525-1-radu.nicolau@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-dev] [PATCH v7 0/8] new features for ipsec and security libraries X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions <dev.dpdk.org> List-Unsubscribe: <https://mails.dpdk.org/options/dev>, <mailto:dev-request@dpdk.org?subject=unsubscribe> List-Archive: <http://mails.dpdk.org/archives/dev/> List-Post: <mailto:dev@dpdk.org> List-Help: <mailto:dev-request@dpdk.org?subject=help> List-Subscribe: <https://mails.dpdk.org/listinfo/dev>, <mailto:dev-request@dpdk.org?subject=subscribe> Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org> |
| Series |
new features for ipsec and security libraries
|
|
Message
Radu Nicolau
Oct. 1, 2021, 9:50 a.m. UTC
Add support for: TSO, NAT-T/UDP encapsulation, ESN AES_CCM, CHACHA20_POLY1305 and AES_GMAC SA telemetry mbuf offload flags Initial SQN value Radu Nicolau (8): security: add ESN field to ipsec_xform ipsec: add support for AEAD algorithms security: add UDP params for IPsec NAT-T ipsec: add support for NAT-T mbuf: add IPsec ESP tunnel type ipsec: add transmit segmentation offload support ipsec: add support for SA telemetry ipsec: add support for initial SQN value lib/ipsec/crypto.h | 137 +++++++++++++++++++++ lib/ipsec/esp_inb.c | 84 +++++++++++-- lib/ipsec/esp_outb.c | 210 ++++++++++++++++++++++++++++---- lib/ipsec/ipsec_telemetry.c | 237 ++++++++++++++++++++++++++++++++++++ lib/ipsec/meson.build | 6 +- lib/ipsec/rte_ipsec.h | 23 ++++ lib/ipsec/rte_ipsec_sa.h | 9 +- lib/ipsec/sa.c | 117 +++++++++++++++--- lib/ipsec/sa.h | 15 +++ lib/ipsec/version.map | 9 ++ lib/mbuf/rte_mbuf_core.h | 1 + lib/security/rte_security.h | 15 +++ 12 files changed, 811 insertions(+), 52 deletions(-) create mode 100644 lib/ipsec/ipsec_telemetry.c
Comments
> Add support for: > TSO, NAT-T/UDP encapsulation, ESN > AES_CCM, CHACHA20_POLY1305 and AES_GMAC > SA telemetry > mbuf offload flags > Initial SQN value > > Radu Nicolau (8): > security: add ESN field to ipsec_xform > ipsec: add support for AEAD algorithms > security: add UDP params for IPsec NAT-T > ipsec: add support for NAT-T > mbuf: add IPsec ESP tunnel type > ipsec: add transmit segmentation offload support > ipsec: add support for SA telemetry > ipsec: add support for initial SQN value > > lib/ipsec/crypto.h | 137 +++++++++++++++++++++ > lib/ipsec/esp_inb.c | 84 +++++++++++-- > lib/ipsec/esp_outb.c | 210 ++++++++++++++++++++++++++++---- > lib/ipsec/ipsec_telemetry.c | 237 ++++++++++++++++++++++++++++++++++++ > lib/ipsec/meson.build | 6 +- > lib/ipsec/rte_ipsec.h | 23 ++++ > lib/ipsec/rte_ipsec_sa.h | 9 +- > lib/ipsec/sa.c | 117 +++++++++++++++--- > lib/ipsec/sa.h | 15 +++ > lib/ipsec/version.map | 9 ++ > lib/mbuf/rte_mbuf_core.h | 1 + > lib/security/rte_security.h | 15 +++ > 12 files changed, 811 insertions(+), 52 deletions(-) > create mode 100644 lib/ipsec/ipsec_telemetry.c > > -- > v2: fixed lib/ipsec/version.map updates to show correct version > v3: fixed build error and corrected misspelled email address > v4: add doxygen comments for the IPsec telemetry APIs > update inline comments refering to the wrong RFC > v5: update commit messages after feedback > update the UDP encapsulation patch to actually use the configured ports > v6: fix initial SQN value > v7: reworked the patches after feedback > Release notes missing. At least some of the features deserve update in release notes. For ipsec lib add a main bullet and then add sub-bullets for subsequent features.
> Subject: RE: [EXT] [PATCH v7 0/8] new features for ipsec and security libraries > > > Add support for: > > TSO, NAT-T/UDP encapsulation, ESN > > AES_CCM, CHACHA20_POLY1305 and AES_GMAC > > SA telemetry > > mbuf offload flags > > Initial SQN value > > > > Radu Nicolau (8): > > security: add ESN field to ipsec_xform > > ipsec: add support for AEAD algorithms > > security: add UDP params for IPsec NAT-T > > ipsec: add support for NAT-T > > mbuf: add IPsec ESP tunnel type > > ipsec: add transmit segmentation offload support > > ipsec: add support for SA telemetry > > ipsec: add support for initial SQN value > > > > lib/ipsec/crypto.h | 137 +++++++++++++++++++++ > > lib/ipsec/esp_inb.c | 84 +++++++++++-- > > lib/ipsec/esp_outb.c | 210 ++++++++++++++++++++++++++++---- > > lib/ipsec/ipsec_telemetry.c | 237 > ++++++++++++++++++++++++++++++++++++ > > lib/ipsec/meson.build | 6 +- > > lib/ipsec/rte_ipsec.h | 23 ++++ > > lib/ipsec/rte_ipsec_sa.h | 9 +- > > lib/ipsec/sa.c | 117 +++++++++++++++--- > > lib/ipsec/sa.h | 15 +++ > > lib/ipsec/version.map | 9 ++ > > lib/mbuf/rte_mbuf_core.h | 1 + > > lib/security/rte_security.h | 15 +++ > > 12 files changed, 811 insertions(+), 52 deletions(-) > > create mode 100644 lib/ipsec/ipsec_telemetry.c > > > > -- > > v2: fixed lib/ipsec/version.map updates to show correct version > > v3: fixed build error and corrected misspelled email address > > v4: add doxygen comments for the IPsec telemetry APIs > > update inline comments refering to the wrong RFC > > v5: update commit messages after feedback > > update the UDP encapsulation patch to actually use the configured ports > > v6: fix initial SQN value > > v7: reworked the patches after feedback > > > Release notes missing. At least some of the features deserve update in > release notes. > For ipsec lib add a main bullet and then add sub-bullets for subsequent > features. Also remove deprecation notices in the patch which added support for that.