From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>,
Declan Doherty <declan.doherty@intel.com>,
Fan Zhang <roy.fan.zhang@intel.com>,
"Konstantin Ananyev" <konstantin.ananyev@intel.com>
Cc: Anoob Joseph <anoobj@marvell.com>,
Jerin Jacob <jerinj@marvell.com>,
Archana Muniganti <marchana@marvell.com>,
Tejasree Kondoj <ktejasree@marvell.com>,
Hemant Agrawal <hemant.agrawal@nxp.com>,
"Radu Nicolau" <radu.nicolau@intel.com>,
Ciara Power <ciara.power@intel.com>,
Gagandeep Singh <g.singh@nxp.com>, <dev@dpdk.org>
Subject: [dpdk-dev] [PATCH v3 1/3] security: support user specified IV
Date: Tue, 7 Sep 2021 21:47:40 +0530 [thread overview]
Message-ID: <1631031463-211-2-git-send-email-anoobj@marvell.com> (raw)
In-Reply-To: <1631031463-211-1-git-send-email-anoobj@marvell.com>
Enable user to provide IV to be used per security operation. This
would be used with lookaside protocol offload for comparing
against known vectors.
By default, PMD would generate IV internally and would be random.
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
---
doc/guides/rel_notes/release_21_11.rst | 5 +++++
lib/security/rte_security.h | 14 ++++++++++++++
2 files changed, 19 insertions(+)
diff --git a/doc/guides/rel_notes/release_21_11.rst b/doc/guides/rel_notes/release_21_11.rst
index 411fa95..9b14c84 100644
--- a/doc/guides/rel_notes/release_21_11.rst
+++ b/doc/guides/rel_notes/release_21_11.rst
@@ -118,6 +118,11 @@ ABI Changes
Also, make sure to start the actual text at the margin.
=======================================================
+* security: add IPsec SA option to disable IV generation
+
+ * Added IPsec SA option to disable IV generation to allow known vector
+ tests as well as usage of application provided IV on supported PMDs.
+
Known Issues
------------
diff --git a/lib/security/rte_security.h b/lib/security/rte_security.h
index 88d31de..b4b6776 100644
--- a/lib/security/rte_security.h
+++ b/lib/security/rte_security.h
@@ -181,6 +181,20 @@ struct rte_security_ipsec_sa_options {
* * 0: Disable per session security statistics collection for this SA.
*/
uint32_t stats : 1;
+
+ /** Disable IV generation in PMD
+ *
+ * * 1: Disable IV generation in PMD. When disabled, IV provided in
+ * rte_crypto_op will be used by the PMD.
+ *
+ * * 0: Enable IV generation in PMD. When enabled, PMD generated random
+ * value would be used and application is not required to provide
+ * IV.
+ *
+ * Note: For inline cases, IV generation would always need to be handled
+ * by the PMD.
+ */
+ uint32_t iv_gen_disable : 1;
};
/** IPSec security association direction */
--
2.7.4
next prev parent reply other threads:[~2021-09-07 16:18 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-16 5:59 [dpdk-dev] [PATCH 0/3] Add user specified IV with lookaside IPsec Anoob Joseph
2021-08-16 5:59 ` [dpdk-dev] [PATCH 1/3] security: support user specified IV Anoob Joseph
2021-08-16 5:59 ` [dpdk-dev] [PATCH 2/3] crypto/cnxk: add IV in SA in lookaside IPsec debug mode Anoob Joseph
2021-08-16 5:59 ` [dpdk-dev] [PATCH 3/3] test/crypto: add outbound known vector tests Anoob Joseph
2021-09-06 14:58 ` [dpdk-dev] [PATCH v2 0/3] Add user specified IV with lookaside IPsec Anoob Joseph
2021-09-06 14:58 ` [dpdk-dev] [PATCH v2 1/3] security: support user specified IV Anoob Joseph
2021-09-06 19:07 ` Akhil Goyal
2021-09-06 14:58 ` [dpdk-dev] [PATCH v2 2/3] crypto/cnxk: add IV in SA in lookaside IPsec debug mode Anoob Joseph
2021-09-06 19:08 ` Akhil Goyal
2021-09-06 14:58 ` [dpdk-dev] [PATCH v2 3/3] test/crypto: add outbound known vector tests Anoob Joseph
2021-09-06 19:09 ` Akhil Goyal
2021-09-07 16:17 ` [dpdk-dev] [PATCH v3 0/3] Add user specified IV with lookaside IPsec Anoob Joseph
2021-09-07 16:17 ` Anoob Joseph [this message]
2021-09-16 11:14 ` [dpdk-dev] [PATCH v3 1/3] security: support user specified IV Ananyev, Konstantin
2021-09-07 16:17 ` [dpdk-dev] [PATCH v3 2/3] crypto/cnxk: add IV in SA in lookaside IPsec debug mode Anoob Joseph
2021-09-07 16:17 ` [dpdk-dev] [PATCH v3 3/3] test/crypto: add outbound known vector tests Anoob Joseph
2021-09-28 8:32 ` [dpdk-dev] [PATCH v3 0/3] Add user specified IV with lookaside IPsec Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1631031463-211-2-git-send-email-anoobj@marvell.com \
--to=anoobj@marvell.com \
--cc=ciara.power@intel.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=g.singh@nxp.com \
--cc=gakhil@marvell.com \
--cc=hemant.agrawal@nxp.com \
--cc=jerinj@marvell.com \
--cc=konstantin.ananyev@intel.com \
--cc=ktejasree@marvell.com \
--cc=marchana@marvell.com \
--cc=radu.nicolau@intel.com \
--cc=roy.fan.zhang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).