From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM03-BY2-obe.outbound.protection.outlook.com (mail-by2nam03on0056.outbound.protection.outlook.com [104.47.42.56]) by dpdk.org (Postfix) with ESMTP id 9BC521D8A for ; Wed, 22 Nov 2017 12:53:06 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=CAVIUMNETWORKS.onmicrosoft.com; s=selector1-cavium-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=n+DCVjUbbefjKM+kzq70wMTuk2NNw/erXpxIAnwtAkY=; b=noJ/ofMazo/YLcSCRPo8shyQdslhlo8gcqy2lvWlEc8t1+Meu/wliBdcPssYMBdhW65ChsFwe/vIfLXzGJn3cs7kp8rmesuR9bUgQYNRsjuqlegFIwnIXYkcka4tR+5iT+7nC9YqEm1MuSYnuIWj1QOxSKAg3qY/0wGk38+dnQo= Received: from ajoseph.in.caveonetworks.com (14.140.2.178) by SN4PR0701MB3645.namprd07.prod.outlook.com (2603:10b6:803:4d::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.239.5; Wed, 22 Nov 2017 11:53:00 +0000 To: Radu Nicolau , Akhil Goyal , Declan Doherty , Sergio Gonzalez Monroy Cc: Jerin Jacob , Narayana Prasad , dev@dpdk.org References: <1511173905-22117-1-git-send-email-anoob.joseph@caviumnetworks.com> <1511333716-11955-1-git-send-email-anoob.joseph@caviumnetworks.com> <1511333716-11955-2-git-send-email-anoob.joseph@caviumnetworks.com> <451150d9-bf64-3a49-908b-96883302b0a2@intel.com> From: Anoob Message-ID: <11271d70-eb73-1147-3969-0b718a912f8e@caviumnetworks.com> Date: Wed, 22 Nov 2017 17:22:53 +0530 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <451150d9-bf64-3a49-908b-96883302b0a2@intel.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-Originating-IP: [14.140.2.178] X-ClientProxiedBy: CY4PR02CA0007.namprd02.prod.outlook.com (2603:10b6:903:18::17) To SN4PR0701MB3645.namprd07.prod.outlook.com (2603:10b6:803:4d::11) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 85d84772-5e58-4b2b-1b0f-08d5319f96cc X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(4534020)(4602075)(7168020)(4627115)(201703031133081)(201702281549075)(5600022)(4604075)(2017052603258); SRVR:SN4PR0701MB3645; X-Microsoft-Exchange-Diagnostics: 1; SN4PR0701MB3645; 3:I8cQBx4aSG7hQIckWDmN47ZnETIkOBDWpQ2QKxzmOM4LfmZ8iCIbVKni5hlsIUyPKiSCL9ymOD0XJTmfYMBrnpHOuMXghawQQ81QOjmDbC48HLp/AY5tzcA7TGZyiplN6gKVrfD7UQZEaeyLQTzFSlPxUUFOK8483nxefC0HqRrkQxTIiJZFGRUQYpga62tTFrRCCfHm4GsjxDsOZwoP0k4RFswK2tb/ky6d9edsPXu5jD9tuAZaeajs3Kxq775j; 25:/uSkT9SqZdGLlngw9UBHkM30M3AMsmzOBI8LeZf946GQsIlRZpHmaRePABJR3bnS3HXMbPcMlc7DCJ7Y8VNcueEOk7EDt1ZY5U7OhApbpNIxWsW+qIOrzW9sGxPNLEykMzwRFaOOWAmGqgM/rcA1fVAlk4gH4QIHwOmTixrdrDSydB9Zrdl5QmLzcXey1YjVFhAAdHtlSSvs286PcAJ3yvjaPV1hAt1w/Ecy3tEqEjTMT1P9ISltDs7kowWIphG8gbC3+OlReRWnCSfQBpYEL68Ly1bG7mmTfnw37vdGfTiX7c4ZhUtb5U+DcqsoqxcfjRyusItmsRszRgZFcszk8gByb7ybWlK7kk0Scn/BHLY=; 31:Me0NmD6re/ci7IKugQRpG9nh84g95nHMySjVgHq+FFNVhmIqhET31TyjoUnVnB7XPborpPCCwXFIoMWIlHRLT0c7QmcMe7yIkhryN9sOLmQM4sx2AldNSADAMRPBIf0WbqZtPecAZQCckytp8VPouUN9lXbxcM7GkJo+Vbq6GoVptitLGgzkURZ9wBSkQshJTmvhp9uwXggjuqJy3MXgcylxLgxUsdvyAvIgVN7V9jI= X-MS-TrafficTypeDiagnostic: SN4PR0701MB3645: X-Microsoft-Exchange-Diagnostics: 1; SN4PR0701MB3645; 20:52BEfKtJYeuUmCv3X/PUX/jmUY+cCUU0/44SO9HqozlsTjo5ptSUZaTTNERdliOkwKaP/Ckk6mGD3fNJd6ciJ/ZqVf37HZGkdwfUqoSeKZ7bBhGzhDhouLOv3KHaJXVB80/oZNYmoTv/VcjcCtIPupnpPxIKEu7202aoxBYvuLbOLb05mZIRj3JiK0F4c4NFnPL59hKhqBsFCKGUgHz+bLuUBqg9f3zudJkj+Jopi+mBsD9ucrFXwJMkKgiOcbApiuHcqi2cgODbHdrhCmF4BvfhfDe8D4/Q4L/vNq4AlaxrI2yan+vqLpCNxBJzB4Rj4D0G+9OxfLWsbfsUPB6xRyjhWL9vhGHXrmEh9ZnE3vzfBeHtugWV+wEodz9PHLkoy/fzxjfsbUqP7wbNoWWGjfmam2HbQPMbCHduGK9yM+cmKFqy2mS1TT/v0Q9p/36Wl6jX7NHhv2NcFCOHfTAs2CbCQ3IRdpGqssFzU69ECqirl/V7iivhFe45G6UMWd5Q3rWN9ty/NjYs7duaM8lo6GdmhKYrvcNbKAGrSCh5sT+mYPlj5MwxB4ToPkSlRWq1Nr4ejuJokEIht3VMQCDzTfVUBRIiYn9Kla1rYHfElcs=; 4:8wGxQpskf53uFdg7DCIhiFPSRLCYBbyi+b61iKFiyz5lYM7oOvrS+NwjkcDZYqrF3wQ7xEY5z8qYFG1p5v0PHiDpMp2dUg2Cm625hqscVJZkca/we5MPuA3tLoUOWyY4UwWXNsNK/Kz02RwE8BqooBAH71/vVLugtjppmpSDm7dn1JLRiv9v/cEklR5XhVDDF3J79fDgSJhcxZOYprpA8dJQQXHy+viCuYNE0BYq6DYrDiKfhXnSWYfKkNaRAHarZ7ym1BbjMirkAHnNQ/yxqu4uuq82skCobw8NzqJvUlW6zy1MztGBNlRbfjmf69ZX X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(192374486261705); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(93006095)(3002001)(10201501046)(3231022)(100000703101)(100105400095)(6041248)(20161123558100)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123555025)(20161123560025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:SN4PR0701MB3645; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:SN4PR0701MB3645; X-Forefront-PRVS: 0499DAF22A X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6009001)(376002)(346002)(199003)(189002)(24454002)(5660300001)(101416001)(8676002)(4326008)(575784001)(81156014)(189998001)(81166006)(65826007)(67846002)(31696002)(25786009)(5009440100003)(5890100001)(47776003)(53936002)(58126008)(52146003)(478600001)(66066001)(65956001)(72206003)(65806001)(23676004)(50466002)(93886005)(97736004)(8936002)(55236003)(6512007)(6246003)(54906003)(8656006)(305945005)(6116002)(316002)(83506002)(2906002)(50986999)(54356999)(33646002)(7736002)(2950100002)(42882006)(110136005)(2870700001)(105586002)(6486002)(15650500001)(76176999)(36756003)(6506006)(31686004)(68736007)(64126003)(53546010)(6666003)(3846002)(106356001)(16526018)(2486003)(229853002)(110426004); DIR:OUT; SFP:1101; SCL:1; SRVR:SN4PR0701MB3645; H:ajoseph.in.caveonetworks.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: cavium.com does not designate permitted sender hosts) Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Anoob.Joseph@cavium.com; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtTTjRQUjA3MDFNQjM2NDU7MjM6d3RTTUsydGZMQjFEWGhlNXN6b1U1NmlR?= =?utf-8?B?c2lWeW5yQVIrbzdNNm1pcjllRDlKb2xlemVaWGIvNXlRRDBEQlRJbTRTalpN?= =?utf-8?B?UG1DVUxwVi9neDladFIxekhha1dFalZjNEN0dGp3YXBjUkNFd1dGcWdMQmpv?= =?utf-8?B?YVQySDNVbU1WOHMreWlGVkFKdmg5U2NYMDdLOEJobFNiVVlkdjZneVlEYy9R?= =?utf-8?B?ek9UdVJDbW5yK1ZLcE9hK3ZnS2NiZUlaR3ZMdVpHVUlHNkxTM1BaVGtLWHhL?= =?utf-8?B?WmJLNmZuL0x6Y1pXZGRkbER4WXV6RDE3UjQ2VDA4cFlsbWtucy9LRnVDN1lx?= =?utf-8?B?ZGJRdWJDQUF6VkFtaG56Z21MWUZnQXV0RjFDNEFObElyMk5MMUN2UytpVjlD?= =?utf-8?B?aGp2VjhXbU04ODZmMDZOMXUzUkt5cXpPQXgrQjN3VVVPaWVMaXRlbVlEajBl?= =?utf-8?B?cER5MWZIL2had04xY2FRRlhlTjJUalZ4K21YaHJEd01SYVVVVDNyMVEvVkoz?= =?utf-8?B?OGxwRGNFQllITUtOZkkvVUVwSFFmN0lpc2ZGaHNETW5tNFlIb1hKcUlUaHd6?= =?utf-8?B?Z3RjeEw1TU0vQlMxdW1SV21EbldUL1A2WVB4OGc5UXVYTExuWlRQaDlVS3J3?= =?utf-8?B?TndxUHJXSlRsOEdTU0NxTnIzK1dOWlY1YXdmcUl4VWp2dDlrcGIvMk1PSjJW?= =?utf-8?B?MnNHeitDOUhnbzFVNjhJRTBZLy9rUEFCdSt3dFNIMGFSNWhQdEVUNjBXZFVK?= =?utf-8?B?Z21hQmdwcWNaVkh4K1ljY254dXkwY2g5SXpVNm1OZEgyWXJuYTFmMEdIaDhl?= =?utf-8?B?M3F0RDBQR1FvUTgxMFVMVlYrZ29tUWdvL2gzT2h2M0poOTgrbFpFZmFiVTlV?= =?utf-8?B?S0d3RXF4cmVES2JVaHgrWmJqMDBrYkp1K0tJdXJWZ1QzRzhYRHY3K3FKa21p?= =?utf-8?B?NEFnSkE0dGNEQ0p3czczZFQ4NVR1NjhzVzBJa29qZXd6QjRXS0lWRDNYOGRu?= =?utf-8?B?OFdFQlNMSGlrZHozbmlyS1BUV2tkSmFLMmJ6ZTlyMDVWUXZITGd3QkZQMTRh?= =?utf-8?B?WVNUQ2lHUEMxM1JzTmVBZmxGQTVsYU94QUNKSkxJbSs2TjV3TTFMaC9tUzA0?= =?utf-8?B?ZEZxckxpSlNUVHdnOGRRNzh2MnlORXM4K3FBaTlDcTJ5MGZjZm5ZNFNkUk90?= =?utf-8?B?aUFKbFVMWGwxWi90YnFsdmoveDQyOE94WDNpcXdybTZjSGpFVGtBRGdYWlFK?= =?utf-8?B?OFcxSHJoR0tIZU92SEJrOHRDTmZCNGRvWFdXRUY2RkwrSE9wOWxDU0srWTNW?= =?utf-8?B?STZzR1NGanBHaUhaY1hieXhEaTczNzkwRGk2OUtWRXByUVV1Qm1vTU5DcXFX?= =?utf-8?B?SXdPaUhiNU5JWllZRFJhVWNlVThnUXVQSWNxSFJXcy93clBYdVliajlaRjV1?= =?utf-8?B?QmJGdnppTjBVSmpoODlUcTJVei9sMkhmVkREY1BZV0F3MjRhdjBVT3EyRld1?= =?utf-8?B?N2ZMVFdzL0U1WlRyU3JCN0IzZkRjR3BRa21rYzQrRFZ2aDZCYnYyeVNyY2Y1?= =?utf-8?B?NmM4OXlWMTFUdUZGTzYxOVVjcFBhYmlUQkZSd3hXaDh5N2svQXkwZkQwQ2NL?= =?utf-8?B?d1Y5U2prM0ZVNVJJOWpIcnNTM1NMVUFKcWhIRHU3ZU9oRytpVjR4cUtXUjNI?= =?utf-8?B?dDVEQnlCdjV1MUhIQnpMaEcyWUJNMWpST00zanhTR1hQVmIxVW9ld3E5TmNL?= =?utf-8?B?bDlPZDVYSzJBZm5sYi9FUkt4UFVZZmNMT0EwSEQyRmtCTHFsRGQrTUdIOThk?= =?utf-8?B?RFNSRWdzMGMvQ1NDRjdBSEhoaVFxT3ZITnFqM00xS3JrWWQzcmNGZ2VOelps?= =?utf-8?B?bFhOdldGU3EzK1Z3ZzhPTTR1SXFOQ2JlcEg2M0IwT2dZa1hnczMyajVQQ1JB?= =?utf-8?B?djRCay9TZVM5L203bVVtYldyaFdkRVlVb29mR2F0cXRIamoxdGpiaHR5R1pO?= =?utf-8?B?SDhFVWZZUkZrZEdsOWloOFVpODgxT0hPQkUrd2xOWFJxV2cxandVOFFpcTM2?= =?utf-8?B?OUhXc25yNTN3ZHZpV0xKblJzWVNmak5YTlcxQVFydUhLdm9pb1Mzdzlha0J6?= =?utf-8?Q?oJNx8Mg0znr7GYaVw1GX7oPDheWcW3F7eRyl5hUTlZ+DlD?= X-Microsoft-Exchange-Diagnostics: 1; SN4PR0701MB3645; 6:cSurM0anGHZ85877OPPVXuZrklOCpPL5wPrB2QFBykuHMrdwQafC2YAX2dyBlr4qfsZdtBfYxcqOH6OypDXnunLVn7MBkOVf/Xry3o+4zNLrVLX9ANaHUGa+8nto2D8SM2c534koRbobgG1QyJCze8ytNGmrlKXupdUw2E6r/qoGe+UrkM7kfRwlgJGhjo5E9uPgRBZkxLdBL74YErVn5DU0PCYnW139w3dAIkLoRAxNzETvJG1VwzPMIsFEYklEG7VZ/AokXEWTuTzy5p873PVa5UIWxyEi0+Ji2r2R8r48v17hcOU8x1zwD20VBnsAvXno7rt6gv+xwcjQbWQST581c2QPkx5SEtkakrN0r58=; 5:ileyi7S0PgEw0nkzKpKzgQlll/se7be+eFmfrriF8eG5krkb7mU9U/kX9ZUuHvzhLkcbuRgD32/aBq79a0VFqg6Hni8cMXwKIuyLfH7G2dCCpTF/kFiffTjR2WzYDt31SwP1UMwSnR0/oavTRUJ0fu4b6FypCBLa5CpWUweS/54=; 24:tOPy17PNpXSA7EF4cM5u+t2sjuEwjctubMUe9X67RTkiGwBbobXzv2e0kGri38XgqbMMOPiWnT6Fc7KHucd2Yt+1Vh3a+AhIuwJkVtvrYf4=; 7:mQu+uTKf+97DaQPEHfeQl9DAVzMS6skbZkXryfxDk0ZdLu/mqGB95G7RteTntmozEtayMlRdEqp673g5kEXnTcvriT96V5fHLwEClJAsE1AIc8elxaY5vBpGsnGYZu/HO1/JwXdCloSJ2ZUzdUlZrZEpYo38kLVQoI1Axlqh36cNM3f+D8HDJmHk/W7xEnGZure0Ot+LoY1E+lguVYlrAyeMZWDc3Ec6WWczUU6uXwBoaqNzGSzlFuIlLLWGnGIP SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: caviumnetworks.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Nov 2017 11:53:00.7156 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 85d84772-5e58-4b2b-1b0f-08d5319f96cc X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 711e4ccf-2e9b-4bcf-a551-4094005b6194 X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN4PR0701MB3645 Subject: Re: [dpdk-dev] [PATCH v2 1/2] lib/security: add support for get metadata X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Nov 2017 11:53:07 -0000 Hi, See inline. Thanks, Anoob On 11/22/2017 04:59 PM, Radu Nicolau wrote: > > > On 11/22/2017 6:55 AM, Anoob Joseph wrote: >> In case of inline protocol processed ingress traffic, the packet may not >> have enough information to determine the security parameters with which >> the packet was processed. For such cases, application could register a >> 64 bit metadata in security session, which could be retrieved from the >> packet using "rte_security_get_pkt_metadata" API. Application can use >> this metadata to identify the parameters it need. >> >> Application can choose what it should register as the metadata. It can >> register SPI or a pointer to SA. >> >> Signed-off-by: Anoob Joseph >> --- >> v2: >> * Replaced get_session and get_cookie APIs with get_pkt_metadata API >> >>   lib/librte_security/rte_security.c        | 13 +++++++++++++ >>   lib/librte_security/rte_security.h        | 19 +++++++++++++++++++ >>   lib/librte_security/rte_security_driver.h | 16 ++++++++++++++++ >>   3 files changed, 48 insertions(+) >> >> diff --git a/lib/librte_security/rte_security.c >> b/lib/librte_security/rte_security.c >> index 1227fca..804f11f 100644 >> --- a/lib/librte_security/rte_security.c >> +++ b/lib/librte_security/rte_security.c >> @@ -108,6 +108,19 @@ rte_security_set_pkt_metadata(struct >> rte_security_ctx *instance, >>                              sess, m, params); >>   } >>   +uint64_t >> +rte_security_get_pkt_metadata(struct rte_security_ctx *instance, >> +                  struct rte_mbuf *pkt) >> +{ >> +    uint64_t mdata = 0; >> + >> + RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->get_pkt_metadata, 0); >> +    if (instance->ops->get_pkt_metadata(instance->device, pkt, &mdata)) >> +        return 0; >> + >> +    return mdata; >> +} >> + > Can you change the returned type to void *? Will do that. >>   const struct rte_security_capability * >>   rte_security_capabilities_get(struct rte_security_ctx *instance) >>   { >> diff --git a/lib/librte_security/rte_security.h >> b/lib/librte_security/rte_security.h >> index 653929b..aa3a471 100644 >> --- a/lib/librte_security/rte_security.h >> +++ b/lib/librte_security/rte_security.h >> @@ -274,6 +274,8 @@ struct rte_security_session_conf { >>       /**< Configuration parameters for security session */ >>       struct rte_crypto_sym_xform *crypto_xform; >>       /**< Security Session Crypto Transformations */ >> +    uint64_t metadata; >> +    /**< Metadata registered by application */ >>   }; > Can you rename it to userdata? Will do it. Thought it would be confusing, as this will be returned by rte_security_get_pkt_metadata. So get_metadata would give userdata of the security session. I can document it that way and proceed, right? >>     struct rte_security_session { >> @@ -346,6 +348,23 @@ rte_security_set_pkt_metadata(struct >> rte_security_ctx *instance, >>                     struct rte_mbuf *mb, void *params); >>     /** >> + * Get metadata from the packet. This is an application registered >> 64 bit >> + * value, associated with the security session which processed the >> packet. >> + * >> + * This is valid only for inline processed ingress packets. >> + * >> + * @param   instance    security instance >> + * @param   pkt        packet mbuf >> + * >> + * @return >> + *  - On success, metadata >> + *  - On failure, 0 >> + */ >> +uint64_t >> +rte_security_get_pkt_metadata(struct rte_security_ctx *instance, >> +                  struct rte_mbuf *pkt); >> + >> +/** >>    * Attach a session to a symmetric crypto operation >>    * >>    * @param    sym_op    crypto operation >> diff --git a/lib/librte_security/rte_security_driver.h >> b/lib/librte_security/rte_security_driver.h >> index 997fbe7..da0ebf4 100644 >> --- a/lib/librte_security/rte_security_driver.h >> +++ b/lib/librte_security/rte_security_driver.h >> @@ -122,6 +122,20 @@ typedef int (*security_set_pkt_metadata_t)(void >> *device, >>           void *params); >>     /** >> + * Get application interpretable metadata from the packet. >> + * >> + * @param    device        Crypto/eth device pointer >> + * @param    pkt        Packet mbuf >> + * @param    mt        Pointer to receive metadata >> + * >> + * @return >> + *  - Returns 0 if metadata is retrieved successfully. >> + *  - Returns -ve value for errors. >> + */ >> +typedef int (*security_get_pkt_metadata_t)(void *device, >> +        struct rte_mbuf *pkt, uint64_t *mt); >> + >> +/** >>    * Get security capabilities of the device. >>    * >>    * @param    device        crypto/eth device pointer >> @@ -145,6 +159,8 @@ struct rte_security_ops { >>       /**< Clear a security sessions private data. */ >>       security_set_pkt_metadata_t set_pkt_metadata; >>       /**< Update mbuf metadata. */ >> +    security_get_pkt_metadata_t get_pkt_metadata; >> +    /**< Get metadata from packet. */ >>       security_capabilities_get_t capabilities_get; >>       /**< Get security capabilities. */ >>   }; >