diff mbox series

[v4,02/15] crypto: add total raw buffer length

Message ID 20211013190032.2308-3-hemant.agrawal@nxp.com (mailing list archive)
State Superseded
Delegated to: akhil goyal
Headers show
Series crypto: add raw vector support in DPAAx | expand

Checks

Context Check Description
ci/checkpatch success coding style OK

Commit Message

Hemant Agrawal Oct. 13, 2021, 7 p.m. UTC
From: Gagandeep Singh <g.singh@nxp.com>

The current crypto raw data vectors is extended to support
rte_security usecases, where we need total data length to know
how much additional memory space is available in buffer other
than data length so that driver/HW can write expanded size
data after encryption.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
---
 doc/guides/rel_notes/deprecation.rst | 7 -------
 lib/cryptodev/rte_crypto_sym.h       | 7 +++++++
 2 files changed, 7 insertions(+), 7 deletions(-)

Comments

Fan Zhang Oct. 14, 2021, 12:39 p.m. UTC | #1
Hi Hemant,

I still think it is enough to use rte_crypto_vec as well as 
rte_crypto_sym_ofs is enough to describe the data including both the data
and aad.

Imagine 2 10 bytes segments case, encryption/hash size of 12 and aad of 8.
We will have 
struct rte_crypto_vec sgl[2] = {{.base = x, .len = 10}, {.base = y, .len = 10}};
union rte_crypto_sym_ofs ofs  = {.cipher.head = 0, .cipher.tail = 8, .auth.head = 0, .auth.tail = 8};

The driver shall understand there are 8 bytes not included for cipher/auth.

Regards,
Fan

> -----Original Message-----
> From: Hemant Agrawal <hemant.agrawal@nxp.com>
> Sent: Wednesday, October 13, 2021 8:00 PM
> To: dev@dpdk.org; gakhil@marvell.com
> Cc: Ananyev, Konstantin <konstantin.ananyev@intel.com>; Zhang, Roy Fan
> <roy.fan.zhang@intel.com>; Gagandeep Singh <g.singh@nxp.com>
> Subject: [PATCH v4 02/15] crypto: add total raw buffer length
> 
> From: Gagandeep Singh <g.singh@nxp.com>
> 
> The current crypto raw data vectors is extended to support
> rte_security usecases, where we need total data length to know
> how much additional memory space is available in buffer other
> than data length so that driver/HW can write expanded size
> data after encryption.
> 
> Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> Acked-by: Akhil Goyal <gakhil@marvell.com>
> ---
>  doc/guides/rel_notes/deprecation.rst | 7 -------
>  lib/cryptodev/rte_crypto_sym.h       | 7 +++++++
>  2 files changed, 7 insertions(+), 7 deletions(-)
> 
> diff --git a/doc/guides/rel_notes/deprecation.rst
> b/doc/guides/rel_notes/deprecation.rst
> index a4e86b31f5..53155459a0 100644
> --- a/doc/guides/rel_notes/deprecation.rst
> +++ b/doc/guides/rel_notes/deprecation.rst
> @@ -188,13 +188,6 @@ Deprecation Notices
>    This field will be null for inplace processing.
>    This change is targeted for DPDK 21.11.
> 
> -* cryptodev: The structure ``rte_crypto_vec`` would be updated to add
> -  ``tot_len`` to support total buffer length.
> -  This is required for security cases like IPsec and PDCP encryption offload
> -  to know how much additional memory space is available in buffer other
> than
> -  data length so that driver/HW can write expanded size data after
> encryption.
> -  This change is targeted for DPDK 21.11.
> -
>  * cryptodev: Hide structures ``rte_cryptodev_sym_session`` and
>    ``rte_cryptodev_asym_session`` to remove unnecessary indirection
> between
>    session and the private data of session. An opaque pointer can be exposed
> diff --git a/lib/cryptodev/rte_crypto_sym.h
> b/lib/cryptodev/rte_crypto_sym.h
> index dcc0bd5933..6be283e83c 100644
> --- a/lib/cryptodev/rte_crypto_sym.h
> +++ b/lib/cryptodev/rte_crypto_sym.h
> @@ -37,6 +37,8 @@ struct rte_crypto_vec {
>  	rte_iova_t iova;
>  	/** length of the data buffer */
>  	uint32_t len;
> +	/** total buffer length */
> +	uint32_t tot_len;
>  };
> 
>  /**
> @@ -980,12 +982,14 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf
> *mb, uint32_t ofs, uint32_t len,
>  	seglen = mb->data_len - ofs;
>  	if (len <= seglen) {
>  		vec[0].len = len;
> +		vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb)
> - ofs;
>  		return 1;
>  	}
> 
>  	/* data spread across segments */
>  	vec[0].len = seglen;
>  	left = len - seglen;
> +	vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;
>  	for (i = 1, nseg = mb->next; nseg != NULL; nseg = nseg->next, i++) {
> 
>  		vec[i].base = rte_pktmbuf_mtod(nseg, void *);
> @@ -995,6 +999,8 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb,
> uint32_t ofs, uint32_t len,
>  		if (left <= seglen) {
>  			/* whole requested data is completed */
>  			vec[i].len = left;
> +			vec[i].tot_len = mb->buf_len -
> rte_pktmbuf_headroom(mb)
> +					- ofs;
>  			left = 0;
>  			break;
>  		}
> @@ -1002,6 +1008,7 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf
> *mb, uint32_t ofs, uint32_t len,
>  		/* use whole segment */
>  		vec[i].len = seglen;
>  		left -= seglen;
> +		vec[i].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb)
> - ofs;
>  	}
> 
>  	RTE_ASSERT(left == 0);
> --
> 2.17.1
Ananyev, Konstantin Oct. 15, 2021, 5:45 p.m. UTC | #2
> The current crypto raw data vectors is extended to support
> rte_security usecases, where we need total data length to know
> how much additional memory space is available in buffer other
> than data length so that driver/HW can write expanded size
> data after encryption.
> 
> Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> Acked-by: Akhil Goyal <gakhil@marvell.com>
> ---
>  doc/guides/rel_notes/deprecation.rst | 7 -------
>  lib/cryptodev/rte_crypto_sym.h       | 7 +++++++
>  2 files changed, 7 insertions(+), 7 deletions(-)
> 
> diff --git a/doc/guides/rel_notes/deprecation.rst b/doc/guides/rel_notes/deprecation.rst
> index a4e86b31f5..53155459a0 100644
> --- a/doc/guides/rel_notes/deprecation.rst
> +++ b/doc/guides/rel_notes/deprecation.rst
> @@ -188,13 +188,6 @@ Deprecation Notices
>    This field will be null for inplace processing.
>    This change is targeted for DPDK 21.11.
> 
> -* cryptodev: The structure ``rte_crypto_vec`` would be updated to add
> -  ``tot_len`` to support total buffer length.
> -  This is required for security cases like IPsec and PDCP encryption offload
> -  to know how much additional memory space is available in buffer other than
> -  data length so that driver/HW can write expanded size data after encryption.
> -  This change is targeted for DPDK 21.11.
> -
>  * cryptodev: Hide structures ``rte_cryptodev_sym_session`` and
>    ``rte_cryptodev_asym_session`` to remove unnecessary indirection between
>    session and the private data of session. An opaque pointer can be exposed
> diff --git a/lib/cryptodev/rte_crypto_sym.h b/lib/cryptodev/rte_crypto_sym.h
> index dcc0bd5933..6be283e83c 100644
> --- a/lib/cryptodev/rte_crypto_sym.h
> +++ b/lib/cryptodev/rte_crypto_sym.h
> @@ -37,6 +37,8 @@ struct rte_crypto_vec {
>  	rte_iova_t iova;
>  	/** length of the data buffer */
>  	uint32_t len;
> +	/** total buffer length */
> +	uint32_t tot_len;
>  };
> 
>  /**
> @@ -980,12 +982,14 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len,
>  	seglen = mb->data_len - ofs;
>  	if (len <= seglen) {
>  		vec[0].len = len;
> +		vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;
>  		return 1;
>  	}
> 
>  	/* data spread across segments */
>  	vec[0].len = seglen;
>  	left = len - seglen;
> +	vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;

As a nit this line and similar line above can be merged into one and put
before 'if' statement above, i.e.:

vec[0].base = rte_pktmbuf_mtod_offset(mb, void *, ofs);
vec[0].iova = rte_pktmbuf_iova_offset(mb, ofs);
vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;

>  	for (i = 1, nseg = mb->next; nseg != NULL; nseg = nseg->next, i++) {
> 
>  		vec[i].base = rte_pktmbuf_mtod(nseg, void *);
> @@ -995,6 +999,8 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len,
>  		if (left <= seglen) {
>  			/* whole requested data is completed */
>  			vec[i].len = left;
> +			vec[i].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb)
> +					- ofs;

Same as above - these two lines can be put as one before 'if'.


>  			left = 0;
>  			break;
>  		}
> @@ -1002,6 +1008,7 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len,
>  		/* use whole segment */
>  		vec[i].len = seglen;
>  		left -= seglen;
> +		vec[i].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;
>  	}
> 
>  	RTE_ASSERT(left == 0);
> --
> 2.17.1

With nits above applied:
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Hemant Agrawal Oct. 17, 2021, 8:30 a.m. UTC | #3
Hi Fan

On 10/14/2021 6:09 PM, Zhang, Roy Fan wrote:
> Hi Hemant,
>
> I still think it is enough to use rte_crypto_vec as well as
> rte_crypto_sym_ofs is enough to describe the data including both the data
> and aad.
>
> Imagine 2 10 bytes segments case, encryption/hash size of 12 and aad of 8.
> We will have
> struct rte_crypto_vec sgl[2] = {{.base = x, .len = 10}, {.base = y, .len = 10}};
> union rte_crypto_sym_ofs ofs  = {.cipher.head = 0, .cipher.tail = 8, .auth.head = 0, .auth.tail = 8};
>
> The driver shall understand there are 8 bytes not included for cipher/auth.

This is the protocol offload case. It won't work in that case.

>
> Regards,
> Fan
>
>> -----Original Message-----
>> From: Hemant Agrawal <hemant.agrawal@nxp.com>
>> Sent: Wednesday, October 13, 2021 8:00 PM
>> To: dev@dpdk.org; gakhil@marvell.com
>> Cc: Ananyev, Konstantin <konstantin.ananyev@intel.com>; Zhang, Roy Fan
>> <roy.fan.zhang@intel.com>; Gagandeep Singh <g.singh@nxp.com>
>> Subject: [PATCH v4 02/15] crypto: add total raw buffer length
>>
>> From: Gagandeep Singh <g.singh@nxp.com>
>>
>> The current crypto raw data vectors is extended to support
>> rte_security usecases, where we need total data length to know
>> how much additional memory space is available in buffer other
>> than data length so that driver/HW can write expanded size
>> data after encryption.
>>
>> Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
>> Acked-by: Akhil Goyal <gakhil@marvell.com>
>> ---
>>   doc/guides/rel_notes/deprecation.rst | 7 -------
>>   lib/cryptodev/rte_crypto_sym.h       | 7 +++++++
>>   2 files changed, 7 insertions(+), 7 deletions(-)
>>
>> diff --git a/doc/guides/rel_notes/deprecation.rst
>> b/doc/guides/rel_notes/deprecation.rst
>> index a4e86b31f5..53155459a0 100644
>> --- a/doc/guides/rel_notes/deprecation.rst
>> +++ b/doc/guides/rel_notes/deprecation.rst
>> @@ -188,13 +188,6 @@ Deprecation Notices
>>     This field will be null for inplace processing.
>>     This change is targeted for DPDK 21.11.
>>
>> -* cryptodev: The structure ``rte_crypto_vec`` would be updated to add
>> -  ``tot_len`` to support total buffer length.
>> -  This is required for security cases like IPsec and PDCP encryption offload
>> -  to know how much additional memory space is available in buffer other
>> than
>> -  data length so that driver/HW can write expanded size data after
>> encryption.
>> -  This change is targeted for DPDK 21.11.
>> -
>>   * cryptodev: Hide structures ``rte_cryptodev_sym_session`` and
>>     ``rte_cryptodev_asym_session`` to remove unnecessary indirection
>> between
>>     session and the private data of session. An opaque pointer can be exposed
>> diff --git a/lib/cryptodev/rte_crypto_sym.h
>> b/lib/cryptodev/rte_crypto_sym.h
>> index dcc0bd5933..6be283e83c 100644
>> --- a/lib/cryptodev/rte_crypto_sym.h
>> +++ b/lib/cryptodev/rte_crypto_sym.h
>> @@ -37,6 +37,8 @@ struct rte_crypto_vec {
>>   	rte_iova_t iova;
>>   	/** length of the data buffer */
>>   	uint32_t len;
>> +	/** total buffer length */
>> +	uint32_t tot_len;
>>   };
>>
>>   /**
>> @@ -980,12 +982,14 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf
>> *mb, uint32_t ofs, uint32_t len,
>>   	seglen = mb->data_len - ofs;
>>   	if (len <= seglen) {
>>   		vec[0].len = len;
>> +		vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb)
>> - ofs;
>>   		return 1;
>>   	}
>>
>>   	/* data spread across segments */
>>   	vec[0].len = seglen;
>>   	left = len - seglen;
>> +	vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;
>>   	for (i = 1, nseg = mb->next; nseg != NULL; nseg = nseg->next, i++) {
>>
>>   		vec[i].base = rte_pktmbuf_mtod(nseg, void *);
>> @@ -995,6 +999,8 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb,
>> uint32_t ofs, uint32_t len,
>>   		if (left <= seglen) {
>>   			/* whole requested data is completed */
>>   			vec[i].len = left;
>> +			vec[i].tot_len = mb->buf_len -
>> rte_pktmbuf_headroom(mb)
>> +					- ofs;
>>   			left = 0;
>>   			break;
>>   		}
>> @@ -1002,6 +1008,7 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf
>> *mb, uint32_t ofs, uint32_t len,
>>   		/* use whole segment */
>>   		vec[i].len = seglen;
>>   		left -= seglen;
>> +		vec[i].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb)
>> - ofs;
>>   	}
>>
>>   	RTE_ASSERT(left == 0);
>> --
>> 2.17.1
diff mbox series

Patch

diff --git a/doc/guides/rel_notes/deprecation.rst b/doc/guides/rel_notes/deprecation.rst
index a4e86b31f5..53155459a0 100644
--- a/doc/guides/rel_notes/deprecation.rst
+++ b/doc/guides/rel_notes/deprecation.rst
@@ -188,13 +188,6 @@  Deprecation Notices
   This field will be null for inplace processing.
   This change is targeted for DPDK 21.11.
 
-* cryptodev: The structure ``rte_crypto_vec`` would be updated to add
-  ``tot_len`` to support total buffer length.
-  This is required for security cases like IPsec and PDCP encryption offload
-  to know how much additional memory space is available in buffer other than
-  data length so that driver/HW can write expanded size data after encryption.
-  This change is targeted for DPDK 21.11.
-
 * cryptodev: Hide structures ``rte_cryptodev_sym_session`` and
   ``rte_cryptodev_asym_session`` to remove unnecessary indirection between
   session and the private data of session. An opaque pointer can be exposed
diff --git a/lib/cryptodev/rte_crypto_sym.h b/lib/cryptodev/rte_crypto_sym.h
index dcc0bd5933..6be283e83c 100644
--- a/lib/cryptodev/rte_crypto_sym.h
+++ b/lib/cryptodev/rte_crypto_sym.h
@@ -37,6 +37,8 @@  struct rte_crypto_vec {
 	rte_iova_t iova;
 	/** length of the data buffer */
 	uint32_t len;
+	/** total buffer length */
+	uint32_t tot_len;
 };
 
 /**
@@ -980,12 +982,14 @@  rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len,
 	seglen = mb->data_len - ofs;
 	if (len <= seglen) {
 		vec[0].len = len;
+		vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;
 		return 1;
 	}
 
 	/* data spread across segments */
 	vec[0].len = seglen;
 	left = len - seglen;
+	vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;
 	for (i = 1, nseg = mb->next; nseg != NULL; nseg = nseg->next, i++) {
 
 		vec[i].base = rte_pktmbuf_mtod(nseg, void *);
@@ -995,6 +999,8 @@  rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len,
 		if (left <= seglen) {
 			/* whole requested data is completed */
 			vec[i].len = left;
+			vec[i].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb)
+					- ofs;
 			left = 0;
 			break;
 		}
@@ -1002,6 +1008,7 @@  rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len,
 		/* use whole segment */
 		vec[i].len = seglen;
 		left -= seglen;
+		vec[i].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;
 	}
 
 	RTE_ASSERT(left == 0);