DPDK patches and discussions
 help / color / mirror / Atom feed
From: Radu Nicolau <radu.nicolau@intel.com>
To: Akhil Goyal <gakhil@marvell.com>,
	Declan Doherty <declan.doherty@intel.com>
Cc: dev@dpdk.org, Radu Nicolau <radu.nicolau@intel.com>,
	Abhijit Sinha <abhijits.sinha@intel.com>,
	Daniel Martin Buckley <daniel.m.buckley@intel.com>
Subject: [dpdk-dev] [RFC 01/10] security: add support for TSO on IPsec session
Date: Tue,  6 Jul 2021 12:28:56 +0100	[thread overview]
Message-ID: <20210706112904.3094598-2-radu.nicolau@intel.com> (raw)
In-Reply-To: <20210706112904.3094598-1-radu.nicolau@intel.com>

Allow user to provision a per security session maximum segment size
(MSS) for use when Transmit Segmentation Offload (TSO) is supported.
The MSS value will be used when PKT_TX_TCP_SEG or PKT_TX_UDP_SEG
ol_flags are specified in mbuf.

Signed-off-by: Declan Doherty <declan.doherty@intel.com>
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Signed-off-by: Abhijit Sinha <abhijits.sinha@intel.com>
Signed-off-by: Daniel Martin Buckley <daniel.m.buckley@intel.com>
---
 lib/security/rte_security.h | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/lib/security/rte_security.h b/lib/security/rte_security.h
index 88d31de0a6..45896a77d0 100644
--- a/lib/security/rte_security.h
+++ b/lib/security/rte_security.h
@@ -181,6 +181,19 @@ struct rte_security_ipsec_sa_options {
 	 * * 0: Disable per session security statistics collection for this SA.
 	 */
 	uint32_t stats : 1;
+
+	/** Transmit Segmentation Offload (TSO)
+	 *
+	 * * 1: Enable per session security TSO support, use MSS value provide
+	 *      in IPsec security session when PKT_TX_TCP_SEG or PKT_TX_UDP_SEG
+	 *      ol_flags are set in mbuf.
+	 *      this SA, if supported by the driver.
+	 * * 0: No TSO support for offload IPsec packets. Hardware will not
+	 *      attempt to segment packet, and packet transmission will fail if
+	 *      larger than MTU of interface
+	 */
+	uint32_t tso : 1;
+
 };
 
 /** IPSec security association direction */
@@ -217,6 +230,8 @@ struct rte_security_ipsec_xform {
 	/**< Anti replay window size to enable sequence replay attack handling.
 	 * replay checking is disabled if the window size is 0.
 	 */
+	uint32_t mss;
+	/**< IPsec payload Maximum Segment Size */
 };
 
 /**
-- 
2.25.1


  reply	other threads:[~2021-07-06 11:39 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-07-06 11:28 [dpdk-dev] [RFC 00/10] new features for ipsec and security libraries Radu Nicolau
2021-07-06 11:28 ` Radu Nicolau [this message]
2021-07-06 11:28 ` [dpdk-dev] [RFC 02/10] security: add UDP params for IPsec NAT-T Radu Nicolau
2021-07-06 11:28 ` [dpdk-dev] [RFC 03/10] security: add ESN field to ipsec_xform Radu Nicolau
2021-07-06 11:28 ` [dpdk-dev] [RFC 04/10] mbuf: add IPsec ESP tunnel type Radu Nicolau
2021-07-06 11:29 ` [dpdk-dev] [RFC 05/10] ipsec: add support for AEAD algorithms Radu Nicolau
2021-07-06 11:29 ` [dpdk-dev] [RFC 06/10] ipsec: add transmit segmentation offload support Radu Nicolau
2021-07-06 11:29 ` [dpdk-dev] [RFC 07/10] ipsec: add support for NAT-T Radu Nicolau
2021-07-06 11:29 ` [dpdk-dev] [RFC 08/10] ipsec: add support for SA telemetry Radu Nicolau
2021-08-04  9:56   ` Kinsella, Ray
2021-07-06 11:29 ` [dpdk-dev] [RFC 09/10] ipsec: add support for initial SQN value Radu Nicolau
2021-07-13 13:32 [dpdk-dev] [RFC 00/10] new features for ipsec and security libraries Radu Nicolau
2021-07-13 13:32 ` [dpdk-dev] [RFC 01/10] security: add support for TSO on IPsec session Radu Nicolau

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210706112904.3094598-2-radu.nicolau@intel.com \
    --to=radu.nicolau@intel.com \
    --cc=abhijits.sinha@intel.com \
    --cc=daniel.m.buckley@intel.com \
    --cc=declan.doherty@intel.com \
    --cc=dev@dpdk.org \
    --cc=gakhil@marvell.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).