From: Akhil Goyal <gakhil@marvell.com>
To: <dev@dpdk.org>
Cc: <thomas@monjalon.net>, <david.marchand@redhat.com>,
<hemant.agrawal@nxp.com>, <anoobj@marvell.com>,
<pablo.de.lara.guarch@intel.com>, <fiona.trahe@intel.com>,
<declan.doherty@intel.com>, <matan@nvidia.com>, <g.singh@nxp.com>,
<roy.fan.zhang@intel.com>, <jianjay.zhou@huawei.com>,
<asomalap@amd.com>, <ruifeng.wang@arm.com>,
<konstantin.ananyev@intel.com>, <radu.nicolau@intel.com>,
<ajit.khaparde@broadcom.com>, <rnagadheeraj@marvell.com>,
<adwivedi@marvell.com>, <ciara.power@intel.com>,
<haiyue.wang@intel.com>, <jiawenwu@trustnetic.com>,
<jianwang@trustnetic.com>, Akhil Goyal <gakhil@marvell.com>
Subject: [dpdk-dev] [PATCH v2 0/7] crypto/security session framework rework
Date: Thu, 14 Oct 2021 00:52:15 +0530 [thread overview]
Message-ID: <20211013192222.1582631-1-gakhil@marvell.com> (raw)
In-Reply-To: <20210930145014.2476799-1-gakhil@marvell.com>
As discussed in last release deprecation notice,
crypto and security session framework are reworked
to reduce the need of two mempool objects and
remove the requirement to expose the rte_security_session
and rte_cryptodev_sym_session structures.
Design methodology is explained in the patch description.
Similar work will need to be done for asymmetric sessions
as well. Asymmetric session need another rework and is
postponed to next release. Since it is still in experimental
stage, we can modify the APIs in next release as well.
The patches are compilable with all affected PMDs
and tested with dpdk-test and ipsec-secgw app on CN9k platform.
Changes in v2:
- Added new parameter iova in PMD session configure APIs for
session priv pointer to be used in QAT/CNXK/etc PMDs.
- Hide rte_cryptodev_sym_session and rte_security_session structs.
- Added compilation workaround for net PMDs(ixgbe/txgbe)
for inline ipsec.
Patches with actual fix is beynd the scope of this patchset.
- Added inline APIs to access the opaque data and fast metadata.
- Remove commented code.
TODO
- Release notes/deprecation notice removal.
- Documentation updates.
- Asym APIs - postponed for next release.
Akhil Goyal (7):
security: rework session framework
security: hide security session struct
net/cnxk: rework security session framework
security: pass session iova in PMD sess create
cryptodev: rework session framework
cryptodev: hide sym session structure
cryptodev: pass session iova in configure session
app/test-crypto-perf/cperf.h | 1 -
app/test-crypto-perf/cperf_ops.c | 46 ++--
app/test-crypto-perf/cperf_ops.h | 6 +-
app/test-crypto-perf/cperf_test_latency.c | 5 +-
app/test-crypto-perf/cperf_test_latency.h | 1 -
.../cperf_test_pmd_cyclecount.c | 7 +-
.../cperf_test_pmd_cyclecount.h | 1 -
app/test-crypto-perf/cperf_test_throughput.c | 5 +-
app/test-crypto-perf/cperf_test_throughput.h | 1 -
app/test-crypto-perf/cperf_test_verify.c | 5 +-
app/test-crypto-perf/cperf_test_verify.h | 1 -
app/test-crypto-perf/main.c | 29 +--
app/test/test_cryptodev.c | 147 ++++---------
app/test/test_cryptodev.h | 1 -
app/test/test_cryptodev_asym.c | 1 -
app/test/test_cryptodev_blockcipher.c | 6 +-
app/test/test_event_crypto_adapter.c | 28 +--
app/test/test_ipsec.c | 34 +--
app/test/test_ipsec_perf.c | 4 +-
app/test/test_security.c | 196 ++++--------------
drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c | 33 +--
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 5 +-
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 65 ++----
drivers/crypto/armv8/rte_armv8_pmd_ops.c | 34 +--
drivers/crypto/bcmfs/bcmfs_sym_session.c | 36 +---
drivers/crypto/bcmfs/bcmfs_sym_session.h | 6 +-
drivers/crypto/caam_jr/caam_jr.c | 65 ++----
drivers/crypto/ccp/ccp_pmd_ops.c | 32 +--
drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 24 +--
drivers/crypto/cnxk/cn10k_ipsec.c | 53 +----
drivers/crypto/cnxk/cn9k_cryptodev_ops.c | 20 +-
drivers/crypto/cnxk/cn9k_ipsec.c | 75 +++----
drivers/crypto/cnxk/cnxk_cryptodev_ops.c | 61 ++----
drivers/crypto/cnxk/cnxk_cryptodev_ops.h | 14 +-
drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 69 ++----
drivers/crypto/dpaa_sec/dpaa_sec.c | 67 ++----
drivers/crypto/kasumi/rte_kasumi_pmd_ops.c | 34 +--
drivers/crypto/mlx5/mlx5_crypto.c | 25 +--
drivers/crypto/mvsam/rte_mrvl_pmd.c | 3 +-
drivers/crypto/mvsam/rte_mrvl_pmd_ops.c | 48 +----
drivers/crypto/nitrox/nitrox_sym.c | 33 +--
drivers/crypto/null/null_crypto_pmd_ops.c | 34 +--
.../crypto/octeontx/otx_cryptodev_hw_access.h | 1 -
drivers/crypto/octeontx/otx_cryptodev_ops.c | 68 +++---
drivers/crypto/octeontx2/otx2_cryptodev_ops.c | 63 +++---
.../octeontx2/otx2_cryptodev_ops_helper.h | 16 +-
drivers/crypto/octeontx2/otx2_cryptodev_sec.c | 77 +++----
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 35 +---
drivers/crypto/qat/qat_sym.c | 3 +-
drivers/crypto/qat/qat_sym.h | 8 +-
drivers/crypto/qat/qat_sym_session.c | 66 ++----
drivers/crypto/qat/qat_sym_session.h | 14 +-
drivers/crypto/scheduler/scheduler_pmd_ops.c | 10 +-
drivers/crypto/snow3g/rte_snow3g_pmd_ops.c | 34 +--
drivers/crypto/virtio/virtio_cryptodev.c | 32 +--
drivers/crypto/zuc/rte_zuc_pmd_ops.c | 35 +---
.../octeontx2/otx2_evdev_crypto_adptr_rx.h | 3 +-
drivers/net/cnxk/cn10k_ethdev_sec.c | 64 +++---
drivers/net/cnxk/cn9k_ethdev_sec.c | 59 ++----
drivers/net/cnxk/cnxk_ethdev.c | 6 +-
drivers/net/cnxk/cnxk_ethdev.h | 6 -
drivers/net/cnxk/cnxk_ethdev_sec.c | 21 --
drivers/net/ixgbe/ixgbe_ipsec.c | 38 +---
drivers/net/octeontx2/otx2_ethdev_sec.c | 52 ++---
drivers/net/octeontx2/otx2_ethdev_sec_tx.h | 2 +-
drivers/net/txgbe/txgbe_ipsec.c | 38 +---
examples/fips_validation/fips_dev_self_test.c | 32 +--
examples/fips_validation/main.c | 20 +-
examples/ipsec-secgw/ipsec-secgw.c | 40 ----
examples/ipsec-secgw/ipsec.c | 12 +-
examples/ipsec-secgw/ipsec.h | 1 -
examples/ipsec-secgw/ipsec_worker.c | 4 -
examples/l2fwd-crypto/main.c | 41 +---
examples/vhost_crypto/main.c | 16 +-
lib/cryptodev/cryptodev_pmd.h | 33 ++-
lib/cryptodev/rte_crypto.h | 2 +-
lib/cryptodev/rte_crypto_sym.h | 2 +-
lib/cryptodev/rte_cryptodev.c | 88 +++++---
lib/cryptodev/rte_cryptodev.h | 70 +++----
lib/cryptodev/rte_cryptodev_trace.h | 16 +-
lib/ipsec/rte_ipsec.h | 4 +-
lib/ipsec/rte_ipsec_group.h | 13 +-
lib/ipsec/ses.c | 6 +-
lib/pipeline/rte_table_action.c | 8 +-
lib/pipeline/rte_table_action.h | 2 +-
lib/security/rte_security.c | 32 +--
lib/security/rte_security.h | 85 +++++---
lib/security/rte_security_driver.h | 31 ++-
lib/vhost/rte_vhost_crypto.h | 3 -
lib/vhost/vhost_crypto.c | 7 +-
90 files changed, 816 insertions(+), 1864 deletions(-)
--
2.25.1
next prev parent reply other threads:[~2021-10-13 19:22 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-30 14:50 [dpdk-dev] [PATCH 0/3] " Akhil Goyal
2021-09-30 14:50 ` [dpdk-dev] [PATCH 1/3] security: rework session framework Akhil Goyal
2021-09-30 14:50 ` [dpdk-dev] [PATCH 2/3] drivers/net: temporary disable ixgbe and txgbe Akhil Goyal
2021-10-12 12:26 ` Zhang, Roy Fan
2021-10-12 12:29 ` Akhil Goyal
2021-10-12 13:32 ` Zhang, Roy Fan
2021-09-30 14:50 ` [dpdk-dev] [PATCH 3/3] cryptodev: rework session framework Akhil Goyal
2021-10-01 15:53 ` Zhang, Roy Fan
2021-10-04 19:07 ` Akhil Goyal
2021-10-13 19:22 ` Akhil Goyal [this message]
2021-10-13 19:22 ` [dpdk-dev] [PATCH v2 1/7] security: " Akhil Goyal
2021-10-18 21:34 ` [dpdk-dev] [PATCH v3 0/8] crypto/security session framework rework Akhil Goyal
2021-10-18 21:34 ` [dpdk-dev] [PATCH v3 1/8] security: rework session framework Akhil Goyal
2021-10-18 21:34 ` [dpdk-dev] [PATCH v3 2/8] security: hide security session struct Akhil Goyal
2021-10-18 21:34 ` [dpdk-dev] [PATCH v3 3/8] net/cnxk: rework security session framework Akhil Goyal
2021-10-18 21:34 ` [dpdk-dev] [PATCH v3 4/8] security: pass session iova in PMD sess create Akhil Goyal
2021-10-18 21:34 ` [dpdk-dev] [PATCH v3 5/8] drivers/crypto: support security session get size op Akhil Goyal
2021-10-18 21:34 ` [dpdk-dev] [PATCH v3 6/8] cryptodev: rework session framework Akhil Goyal
2021-10-20 19:27 ` Ananyev, Konstantin
2021-10-21 6:53 ` Akhil Goyal
2021-10-21 10:38 ` Ananyev, Konstantin
2021-10-21 12:30 ` Akhil Goyal
2021-10-21 13:11 ` Ananyev, Konstantin
2021-10-18 21:34 ` [dpdk-dev] [PATCH v3 7/8] cryptodev: hide sym session structure Akhil Goyal
2021-10-18 21:34 ` [dpdk-dev] [PATCH v3 8/8] cryptodev: pass session iova in configure session Akhil Goyal
2021-10-20 14:36 ` [dpdk-dev] [PATCH v3 0/8] crypto/security session framework rework Hemant Agrawal
2021-10-20 15:45 ` Power, Ciara
2021-10-20 16:41 ` Akhil Goyal
2021-10-20 16:48 ` Akhil Goyal
2021-10-20 18:04 ` Akhil Goyal
2021-10-21 8:43 ` Zhang, Roy Fan
2021-10-13 19:22 ` [dpdk-dev] [PATCH v2 2/7] security: hide security session struct Akhil Goyal
2021-10-13 19:22 ` [dpdk-dev] [PATCH v2 3/7] net/cnxk: rework security session framework Akhil Goyal
2021-10-13 19:22 ` [dpdk-dev] [PATCH v2 4/7] security: pass session iova in PMD sess create Akhil Goyal
2021-10-13 19:22 ` [dpdk-dev] [PATCH v2 5/7] cryptodev: rework session framework Akhil Goyal
2021-10-13 19:22 ` [dpdk-dev] [PATCH v2 6/7] cryptodev: hide sym session structure Akhil Goyal
2021-10-13 19:22 ` [dpdk-dev] [PATCH v2 7/7] cryptodev: pass session iova in configure session Akhil Goyal
2021-10-14 11:47 ` [dpdk-dev] [PATCH v2 0/7] crypto/security session framework rework Akhil Goyal
2021-10-14 12:30 ` Zhang, Roy Fan
2021-10-14 12:34 ` Akhil Goyal
2021-10-14 17:07 ` Zhang, Roy Fan
2021-10-14 18:23 ` Akhil Goyal
2021-10-14 18:57 ` Akhil Goyal
2021-10-15 15:33 ` Zhang, Roy Fan
2021-10-15 17:42 ` Akhil Goyal
2021-10-15 18:47 ` Akhil Goyal
2021-10-16 13:31 ` Zhang, Roy Fan
2021-10-16 13:21 ` Zhang, Roy Fan
2021-10-15 8:12 ` Zhang, Roy Fan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211013192222.1582631-1-gakhil@marvell.com \
--to=gakhil@marvell.com \
--cc=adwivedi@marvell.com \
--cc=ajit.khaparde@broadcom.com \
--cc=anoobj@marvell.com \
--cc=asomalap@amd.com \
--cc=ciara.power@intel.com \
--cc=david.marchand@redhat.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=fiona.trahe@intel.com \
--cc=g.singh@nxp.com \
--cc=haiyue.wang@intel.com \
--cc=hemant.agrawal@nxp.com \
--cc=jianjay.zhou@huawei.com \
--cc=jianwang@trustnetic.com \
--cc=jiawenwu@trustnetic.com \
--cc=konstantin.ananyev@intel.com \
--cc=matan@nvidia.com \
--cc=pablo.de.lara.guarch@intel.com \
--cc=radu.nicolau@intel.com \
--cc=rnagadheeraj@marvell.com \
--cc=roy.fan.zhang@intel.com \
--cc=ruifeng.wang@arm.com \
--cc=thomas@monjalon.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).