From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id AF5E8A0C46; Tue, 7 Sep 2021 18:18:10 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 9C2A841167; Tue, 7 Sep 2021 18:18:10 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id A7562410EC for ; Tue, 7 Sep 2021 18:18:09 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 187C3woJ025669; Tue, 7 Sep 2021 09:18:09 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=4w9OHb7boEJZEDDn+iTg3sAQ8cfcEMUj3c0w8pLaC3M=; b=VLlUlIhWcQXqtZRqMlimPAI7QdZaPEZsnClxE6be+U3A5t4afeF1dWfIP+CS0RUl+LUl /9934U5XdnoCbQHjkAlBMUfyTAxn+hhv/rFvGNaSTZRBLfsA/8vQbZzxIBGrirGr/Qtf Ti20f+pC38mv0tm2J9MX1LsYw339OeueENTLc2tSZOPAWd8hv6ZIwBoXYGFGfGT2WyH/ dnc3J90MJJH1s8yb0g7cicAe6q2UDfFlIbG6WM9FDwl4KyY7HefE+ICZ9Ezw7/6rTaxJ aBoYPHtluwwHzMWjwbGPaHvJiPeiC6o8oNzB2S5AbVvpVoGuj09ZcZDS6FzWOaxY46JD eA== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com with ESMTP id 3awty5u2en-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 07 Sep 2021 09:18:08 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Tue, 7 Sep 2021 09:18:06 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Tue, 7 Sep 2021 09:18:06 -0700 Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218]) by maili.marvell.com (Postfix) with ESMTP id 17AEC3F7087; Tue, 7 Sep 2021 09:18:00 -0700 (PDT) From: Anoob Joseph To: Akhil Goyal , Declan Doherty , Fan Zhang , "Konstantin Ananyev" CC: Anoob Joseph , Jerin Jacob , Archana Muniganti , Tejasree Kondoj , Hemant Agrawal , "Radu Nicolau" , Ciara Power , Gagandeep Singh , Date: Tue, 7 Sep 2021 21:47:40 +0530 Message-ID: <1631031463-211-2-git-send-email-anoobj@marvell.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1631031463-211-1-git-send-email-anoobj@marvell.com> References: <1630940307-78-1-git-send-email-anoobj@marvell.com> <1631031463-211-1-git-send-email-anoobj@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-GUID: oLpqiIYLDv91f-B6TkeEqhmT1joH6yba X-Proofpoint-ORIG-GUID: oLpqiIYLDv91f-B6TkeEqhmT1joH6yba X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475 definitions=2021-09-07_05,2021-09-07_02,2020-04-07_01 Subject: [dpdk-dev] [PATCH v3 1/3] security: support user specified IV X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Enable user to provide IV to be used per security operation. This would be used with lookaside protocol offload for comparing against known vectors. By default, PMD would generate IV internally and would be random. Signed-off-by: Anoob Joseph Acked-by: Akhil Goyal --- doc/guides/rel_notes/release_21_11.rst | 5 +++++ lib/security/rte_security.h | 14 ++++++++++++++ 2 files changed, 19 insertions(+) diff --git a/doc/guides/rel_notes/release_21_11.rst b/doc/guides/rel_notes/release_21_11.rst index 411fa95..9b14c84 100644 --- a/doc/guides/rel_notes/release_21_11.rst +++ b/doc/guides/rel_notes/release_21_11.rst @@ -118,6 +118,11 @@ ABI Changes Also, make sure to start the actual text at the margin. ======================================================= +* security: add IPsec SA option to disable IV generation + + * Added IPsec SA option to disable IV generation to allow known vector + tests as well as usage of application provided IV on supported PMDs. + Known Issues ------------ diff --git a/lib/security/rte_security.h b/lib/security/rte_security.h index 88d31de..b4b6776 100644 --- a/lib/security/rte_security.h +++ b/lib/security/rte_security.h @@ -181,6 +181,20 @@ struct rte_security_ipsec_sa_options { * * 0: Disable per session security statistics collection for this SA. */ uint32_t stats : 1; + + /** Disable IV generation in PMD + * + * * 1: Disable IV generation in PMD. When disabled, IV provided in + * rte_crypto_op will be used by the PMD. + * + * * 0: Enable IV generation in PMD. When enabled, PMD generated random + * value would be used and application is not required to provide + * IV. + * + * Note: For inline cases, IV generation would always need to be handled + * by the PMD. + */ + uint32_t iv_gen_disable : 1; }; /** IPSec security association direction */ -- 2.7.4