From patchwork Wed Oct 13 19:22:15 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 101501 Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 452BCA0C55; Wed, 13 Oct 2021 21:22:42 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 0C7DF41173; Wed, 13 Oct 2021 21:22:42 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 48CF64111B for ; Wed, 13 Oct 2021 21:22:40 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 19DIvIen030386; Wed, 13 Oct 2021 12:22:34 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=FeuUp4zAOkv9OMpJok7TkUlreL/5iIuKjsGE8Sufd0g=; b=jHvil41SAoNDUqqHj2JoBb3UwOZly+6ya9KrLeoNl5+PNPfRLN+2KwxH98d7OK6tm5sQ S775rus1zsHZu3oUYbqMfFWMbi+lt0dJ0oAUzHyWt346yyeFXLstn4YUw52tpeOsDANN PBKmuzV6Z4BW8j0m8Z4Kwlx+B6a1MmeSbI5raks5y+Z/5I9LPzsbLVhstnn+Sbprv7kr 9sV1BtnkOC8NFJrp/a3Hx86Dk7jswZAjdwLcD0/4bZAxqJaO6tbJkWjKN3ZsZ6zg6w5y cTISq+4TNV6usEymbrtQ8bemMuCjXRmv6nGxof7iDTU9q0rNTNrQOF06nEYzcrvVHyMD dw== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com with ESMTP id 3bp0h3sjx6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 13 Oct 2021 12:22:34 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Wed, 13 Oct 2021 12:22:32 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Wed, 13 Oct 2021 12:22:32 -0700 Received: from localhost.localdomain (unknown [10.28.36.185]) by maili.marvell.com (Postfix) with ESMTP id 38C753F7082; Wed, 13 Oct 2021 12:22:25 -0700 (PDT) From: Akhil Goyal To: CC: , , , , , , , , , , , , , , , , , , , , , , Akhil Goyal Date: Thu, 14 Oct 2021 00:52:15 +0530 Message-ID: <20211013192222.1582631-1-gakhil@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210930145014.2476799-1-gakhil@marvell.com> References: <20210930145014.2476799-1-gakhil@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: Om4QlXfaD1zzpSHFKLTgnUV_2TTbWmrW X-Proofpoint-ORIG-GUID: Om4QlXfaD1zzpSHFKLTgnUV_2TTbWmrW X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.0.607.475 definitions=2021-10-13_07,2021-10-13_02,2020-04-07_01 Subject: [dpdk-dev] [PATCH v2 0/7] crypto/security session framework rework X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" As discussed in last release deprecation notice, crypto and security session framework are reworked to reduce the need of two mempool objects and remove the requirement to expose the rte_security_session and rte_cryptodev_sym_session structures. Design methodology is explained in the patch description. Similar work will need to be done for asymmetric sessions as well. Asymmetric session need another rework and is postponed to next release. Since it is still in experimental stage, we can modify the APIs in next release as well. The patches are compilable with all affected PMDs and tested with dpdk-test and ipsec-secgw app on CN9k platform. Changes in v2: - Added new parameter iova in PMD session configure APIs for session priv pointer to be used in QAT/CNXK/etc PMDs. - Hide rte_cryptodev_sym_session and rte_security_session structs. - Added compilation workaround for net PMDs(ixgbe/txgbe) for inline ipsec. Patches with actual fix is beynd the scope of this patchset. - Added inline APIs to access the opaque data and fast metadata. - Remove commented code. TODO - Release notes/deprecation notice removal. - Documentation updates. - Asym APIs - postponed for next release. Akhil Goyal (7): security: rework session framework security: hide security session struct net/cnxk: rework security session framework security: pass session iova in PMD sess create cryptodev: rework session framework cryptodev: hide sym session structure cryptodev: pass session iova in configure session app/test-crypto-perf/cperf.h | 1 - app/test-crypto-perf/cperf_ops.c | 46 ++-- app/test-crypto-perf/cperf_ops.h | 6 +- app/test-crypto-perf/cperf_test_latency.c | 5 +- app/test-crypto-perf/cperf_test_latency.h | 1 - .../cperf_test_pmd_cyclecount.c | 7 +- .../cperf_test_pmd_cyclecount.h | 1 - app/test-crypto-perf/cperf_test_throughput.c | 5 +- app/test-crypto-perf/cperf_test_throughput.h | 1 - app/test-crypto-perf/cperf_test_verify.c | 5 +- app/test-crypto-perf/cperf_test_verify.h | 1 - app/test-crypto-perf/main.c | 29 +-- app/test/test_cryptodev.c | 147 ++++--------- app/test/test_cryptodev.h | 1 - app/test/test_cryptodev_asym.c | 1 - app/test/test_cryptodev_blockcipher.c | 6 +- app/test/test_event_crypto_adapter.c | 28 +-- app/test/test_ipsec.c | 34 +-- app/test/test_ipsec_perf.c | 4 +- app/test/test_security.c | 196 ++++-------------- drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c | 33 +-- drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 5 +- .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 65 ++---- drivers/crypto/armv8/rte_armv8_pmd_ops.c | 34 +-- drivers/crypto/bcmfs/bcmfs_sym_session.c | 36 +--- drivers/crypto/bcmfs/bcmfs_sym_session.h | 6 +- drivers/crypto/caam_jr/caam_jr.c | 65 ++---- drivers/crypto/ccp/ccp_pmd_ops.c | 32 +-- drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 24 +-- drivers/crypto/cnxk/cn10k_ipsec.c | 53 +---- drivers/crypto/cnxk/cn9k_cryptodev_ops.c | 20 +- drivers/crypto/cnxk/cn9k_ipsec.c | 75 +++---- drivers/crypto/cnxk/cnxk_cryptodev_ops.c | 61 ++---- drivers/crypto/cnxk/cnxk_cryptodev_ops.h | 14 +- drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 69 ++---- drivers/crypto/dpaa_sec/dpaa_sec.c | 67 ++---- drivers/crypto/kasumi/rte_kasumi_pmd_ops.c | 34 +-- drivers/crypto/mlx5/mlx5_crypto.c | 25 +-- drivers/crypto/mvsam/rte_mrvl_pmd.c | 3 +- drivers/crypto/mvsam/rte_mrvl_pmd_ops.c | 48 +---- drivers/crypto/nitrox/nitrox_sym.c | 33 +-- drivers/crypto/null/null_crypto_pmd_ops.c | 34 +-- .../crypto/octeontx/otx_cryptodev_hw_access.h | 1 - drivers/crypto/octeontx/otx_cryptodev_ops.c | 68 +++--- drivers/crypto/octeontx2/otx2_cryptodev_ops.c | 63 +++--- .../octeontx2/otx2_cryptodev_ops_helper.h | 16 +- drivers/crypto/octeontx2/otx2_cryptodev_sec.c | 77 +++---- drivers/crypto/openssl/rte_openssl_pmd_ops.c | 35 +--- drivers/crypto/qat/qat_sym.c | 3 +- drivers/crypto/qat/qat_sym.h | 8 +- drivers/crypto/qat/qat_sym_session.c | 66 ++---- drivers/crypto/qat/qat_sym_session.h | 14 +- drivers/crypto/scheduler/scheduler_pmd_ops.c | 10 +- drivers/crypto/snow3g/rte_snow3g_pmd_ops.c | 34 +-- drivers/crypto/virtio/virtio_cryptodev.c | 32 +-- drivers/crypto/zuc/rte_zuc_pmd_ops.c | 35 +--- .../octeontx2/otx2_evdev_crypto_adptr_rx.h | 3 +- drivers/net/cnxk/cn10k_ethdev_sec.c | 64 +++--- drivers/net/cnxk/cn9k_ethdev_sec.c | 59 ++---- drivers/net/cnxk/cnxk_ethdev.c | 6 +- drivers/net/cnxk/cnxk_ethdev.h | 6 - drivers/net/cnxk/cnxk_ethdev_sec.c | 21 -- drivers/net/ixgbe/ixgbe_ipsec.c | 38 +--- drivers/net/octeontx2/otx2_ethdev_sec.c | 52 ++--- drivers/net/octeontx2/otx2_ethdev_sec_tx.h | 2 +- drivers/net/txgbe/txgbe_ipsec.c | 38 +--- examples/fips_validation/fips_dev_self_test.c | 32 +-- examples/fips_validation/main.c | 20 +- examples/ipsec-secgw/ipsec-secgw.c | 40 ---- examples/ipsec-secgw/ipsec.c | 12 +- examples/ipsec-secgw/ipsec.h | 1 - examples/ipsec-secgw/ipsec_worker.c | 4 - examples/l2fwd-crypto/main.c | 41 +--- examples/vhost_crypto/main.c | 16 +- lib/cryptodev/cryptodev_pmd.h | 33 ++- lib/cryptodev/rte_crypto.h | 2 +- lib/cryptodev/rte_crypto_sym.h | 2 +- lib/cryptodev/rte_cryptodev.c | 88 +++++--- lib/cryptodev/rte_cryptodev.h | 70 +++---- lib/cryptodev/rte_cryptodev_trace.h | 16 +- lib/ipsec/rte_ipsec.h | 4 +- lib/ipsec/rte_ipsec_group.h | 13 +- lib/ipsec/ses.c | 6 +- lib/pipeline/rte_table_action.c | 8 +- lib/pipeline/rte_table_action.h | 2 +- lib/security/rte_security.c | 32 +-- lib/security/rte_security.h | 85 +++++--- lib/security/rte_security_driver.h | 31 ++- lib/vhost/rte_vhost_crypto.h | 3 - lib/vhost/vhost_crypto.c | 7 +- 90 files changed, 816 insertions(+), 1864 deletions(-)