DPDK patches and discussions
 help / color / mirror / Atom feed
From: Akhil Goyal <gakhil@marvell.com>
To: <dev@dpdk.org>
Cc: <thomas@monjalon.net>, <david.marchand@redhat.com>,
	<hemant.agrawal@nxp.com>, <vattunuru@marvell.com>,
	<ferruh.yigit@xilinx.com>, <andrew.rybchenko@oktetlabs.ru>,
	<konstantin.v.ananyev@yandex.ru>, <jiawenwu@trustnetic.com>,
	<yisen.zhuang@huawei.com>, <irusskikh@marvell.com>,
	<jerinj@marvell.com>, <adwivedi@marvell.com>,
	<maxime.coquelin@redhat.com>, <chandu@amd.com>,
	<ruifeng.wang@arm.com>, <ajit.khaparde@broadcom.com>,
	<anoobj@marvell.com>, <pablo.de.lara.guarch@intel.com>,
	<matan@nvidia.com>, <g.singh@nxp.com>, <qiming.yang@intel.com>,
	<wenjun1.wu@intel.com>, <jianwang@trustnetic.com>,
	<jingjing.wu@intel.com>, <beilei.xing@intel.com>,
	<ndabilpuram@marvell.com>, <roy.fan.zhang@intel.com>,
	<lironh@marvell.com>, <royzhang1980@gmail.com>,
	<sunilprakashrao.uttarwar@amd.com>, <kai.ji@intel.com>,
	<rnagadheeraj@marvell.com>, <jianjay.zhou@huawei.com>,
	<radu.nicolau@intel.com>, Akhil Goyal <gakhil@marvell.com>
Subject: [PATCH v8 0/6] crypto/security session framework rework
Date: Tue, 4 Oct 2022 23:07:03 +0530	[thread overview]
Message-ID: <20221004173709.3482250-1-gakhil@marvell.com> (raw)
In-Reply-To: <20221004111035.3264904-1-gakhil@marvell.com>

This patchset reworks the symmetric crypto and security session
data structure to use a single virtual/physical contiguous buffer
for symmetric crypto/security session and driver private data.
In addition the session data structure is now private.
The session is represented as an opaque pointer in the application.

With the change the session is no longer supported to be accessed
by multiple device drivers. For the same reason
rte_cryptodev_sym_session_init/clear APIs are deprecated as
rte_cryptodev_sym_session_create/free will initialize and
clear the driver specific data field.

The change was also submitted last year during DPDK 21.11
timeframe also[1], but was not applied due to lack of feedback from
community. Please help in getting this cleanup merged in this cycle.

Now the similar work was already done for asymmetric crypto.
This patchset is rebased over current tree and fixes all
the issues reported so far.

Changes in v8:
- fixed security autotest

Changes in v7:
- fixed build for ixgbe and txgbe

Changes in v6:
- rebased over TOT
Changes in v5:
- rebased over latest dpdk-next-crypto tree

Changes in v4:
- squashed armv8_crypto fixes.
http://patches.dpdk.org/project/dpdk/cover/20220926100120.3980185-1-ruifeng.wang@arm.com/

Changes in v3:
- Updated release notes
- fixed checkpatch issues
- renamed macro to get sess priv data to align with crypto macro
- added acked-by/tested-by

Changes in v2:
This patchset is a v2 for the patch that was sent by Fan Zhang(Intel)
with a few changes
- Added security session rework also.
- fixed issues in [2] reported on mailing list.
- few other fixes.

Please review and provide feedback as soon as possible
as this is intended to be merged in DPDK 22.11 RC1.

Currently the cnxk platform is tested with this change.
Request everyone to review and test on their platform.

Special note to ixgbe and txgbe maintainers.
There is a wrong implementation for flow creation. Please check.
A hack is added to bypass it. Please fix it separately.

[1] https://patches.dpdk.org/project/dpdk/cover/20211018213452.2734720-1-gakhil@marvell.com/
[2] https://patches.dpdk.org/project/dpdk/cover/20220829160645.378406-1-roy.fan.zhang@intel.com/



Akhil Goyal (5):
  cryptodev: rework session framework
  cryptodev: hide sym session structure
  security: remove priv mempool usage
  drivers/crypto: support security session get size op
  security: hide session structure

Fan Zhang (1):
  crypto/scheduler: use unified session

 app/test-crypto-perf/cperf.h                  |   1 -
 app/test-crypto-perf/cperf_ops.c              |  64 ++--
 app/test-crypto-perf/cperf_ops.h              |   6 +-
 app/test-crypto-perf/cperf_test_latency.c     |  11 +-
 app/test-crypto-perf/cperf_test_latency.h     |   1 -
 .../cperf_test_pmd_cyclecount.c               |  12 +-
 .../cperf_test_pmd_cyclecount.h               |   1 -
 app/test-crypto-perf/cperf_test_throughput.c  |  13 +-
 app/test-crypto-perf/cperf_test_throughput.h  |   1 -
 app/test-crypto-perf/cperf_test_verify.c      |  11 +-
 app/test-crypto-perf/cperf_test_verify.h      |   1 -
 app/test-crypto-perf/main.c                   |  30 +-
 app/test-eventdev/test_perf_common.c          |  43 +--
 app/test-eventdev/test_perf_common.h          |   1 -
 app/test/test_cryptodev.c                     | 354 +++++-------------
 app/test/test_cryptodev_blockcipher.c         |  18 +-
 app/test/test_cryptodev_security_ipsec.c      |   2 +-
 app/test/test_cryptodev_security_ipsec.h      |   2 +-
 app/test/test_event_crypto_adapter.c          |  39 +-
 app/test/test_ipsec.c                         |  49 +--
 app/test/test_ipsec_perf.c                    |   4 +-
 app/test/test_security.c                      | 194 ++--------
 app/test/test_security_inline_proto.c         |  26 +-
 doc/guides/prog_guide/cryptodev_lib.rst       |  16 +-
 doc/guides/rel_notes/deprecation.rst          |   9 -
 doc/guides/rel_notes/release_22_11.rst        |  14 +
 drivers/crypto/armv8/armv8_pmd_private.h      |   2 -
 drivers/crypto/armv8/rte_armv8_pmd.c          |  21 +-
 drivers/crypto/armv8/rte_armv8_pmd_ops.c      |  35 +-
 drivers/crypto/bcmfs/bcmfs_sym_session.c      |  39 +-
 drivers/crypto/bcmfs/bcmfs_sym_session.h      |   3 +-
 drivers/crypto/caam_jr/caam_jr.c              |  69 +---
 drivers/crypto/ccp/ccp_crypto.c               |  56 +--
 drivers/crypto/ccp/ccp_pmd_ops.c              |  32 +-
 drivers/crypto/ccp/ccp_pmd_private.h          |   2 -
 drivers/crypto/ccp/rte_ccp_pmd.c              |  29 +-
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c     |  41 +-
 drivers/crypto/cnxk/cn10k_ipsec.c             |  45 +--
 drivers/crypto/cnxk/cn9k_cryptodev_ops.c      |  38 +-
 drivers/crypto/cnxk/cn9k_ipsec.c              |  50 +--
 drivers/crypto/cnxk/cnxk_cryptodev_ops.c      |  55 +--
 drivers/crypto/cnxk/cnxk_cryptodev_ops.h      |  16 +-
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c   |  70 ++--
 drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c   |   6 +-
 drivers/crypto/dpaa_sec/dpaa_sec.c            |  69 +---
 drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c     |   7 +-
 drivers/crypto/ipsec_mb/ipsec_mb_ops.c        |  34 +-
 drivers/crypto/ipsec_mb/ipsec_mb_private.h    |  41 +-
 drivers/crypto/ipsec_mb/pmd_aesni_gcm.c       |  48 +--
 drivers/crypto/ipsec_mb/pmd_aesni_mb.c        |  69 +---
 drivers/crypto/ipsec_mb/pmd_chacha_poly.c     |   4 -
 drivers/crypto/ipsec_mb/pmd_kasumi.c          |  10 +-
 drivers/crypto/ipsec_mb/pmd_snow3g.c          |   9 +-
 drivers/crypto/ipsec_mb/pmd_zuc.c             |   4 -
 drivers/crypto/mlx5/mlx5_crypto.c             |  25 +-
 drivers/crypto/mvsam/rte_mrvl_pmd.c           |  11 +-
 drivers/crypto/mvsam/rte_mrvl_pmd_ops.c       |  49 +--
 drivers/crypto/nitrox/nitrox_sym.c            |  39 +-
 drivers/crypto/null/null_crypto_pmd.c         |  20 +-
 drivers/crypto/null/null_crypto_pmd_ops.c     |  33 +-
 drivers/crypto/null/null_crypto_pmd_private.h |   2 -
 .../crypto/octeontx/otx_cryptodev_hw_access.h |   1 -
 drivers/crypto/octeontx/otx_cryptodev_ops.c   |  67 +---
 drivers/crypto/openssl/openssl_pmd_private.h  |   2 -
 drivers/crypto/openssl/rte_openssl_pmd.c      |  24 +-
 drivers/crypto/openssl/rte_openssl_pmd_ops.c  |  29 +-
 drivers/crypto/qat/dev/qat_sym_pmd_gen1.c     |   1 +
 drivers/crypto/qat/qat_sym.c                  |  15 +-
 drivers/crypto/qat/qat_sym.h                  |  16 +-
 drivers/crypto/qat/qat_sym_session.c          |  73 ++--
 drivers/crypto/qat/qat_sym_session.h          |  10 +-
 drivers/crypto/scheduler/scheduler_failover.c |  19 +-
 .../crypto/scheduler/scheduler_multicore.c    |  17 +
 .../scheduler/scheduler_pkt_size_distr.c      |  81 ++--
 drivers/crypto/scheduler/scheduler_pmd_ops.c  |  93 ++++-
 .../crypto/scheduler/scheduler_pmd_private.h  | 120 +++++-
 .../crypto/scheduler/scheduler_roundrobin.c   |  11 +-
 drivers/crypto/virtio/virtio_cryptodev.c      |  40 +-
 drivers/crypto/virtio/virtio_rxtx.c           |   3 +-
 drivers/net/cnxk/cn10k_ethdev_sec.c           |  38 +-
 drivers/net/cnxk/cn9k_ethdev_sec.c            |  41 +-
 drivers/net/iavf/iavf_ipsec_crypto.c          |  23 +-
 drivers/net/iavf/iavf_ipsec_crypto.h          |   2 +-
 drivers/net/ixgbe/ixgbe_ipsec.c               |  31 +-
 drivers/net/txgbe/txgbe_ipsec.c               |  32 +-
 examples/fips_validation/fips_dev_self_test.c |  40 +-
 examples/fips_validation/main.c               |  37 +-
 examples/ipsec-secgw/ipsec-secgw.c            |  44 +--
 examples/ipsec-secgw/ipsec.c                  |  16 +-
 examples/ipsec-secgw/ipsec.h                  |   1 -
 examples/ipsec-secgw/ipsec_worker.c           |   2 +-
 examples/l2fwd-crypto/main.c                  |  60 +--
 examples/vhost_crypto/main.c                  |  16 +-
 lib/cryptodev/cryptodev_pmd.h                 |  60 +--
 lib/cryptodev/cryptodev_trace_points.c        |   9 -
 lib/cryptodev/rte_crypto.h                    |   3 +-
 lib/cryptodev/rte_crypto_sym.h                |  11 +-
 lib/cryptodev/rte_cryptodev.c                 | 285 +++++---------
 lib/cryptodev/rte_cryptodev.h                 | 153 +++-----
 lib/cryptodev/rte_cryptodev_trace.h           |  42 +--
 lib/cryptodev/version.map                     |   7 -
 lib/ipsec/rte_ipsec_group.h                   |  13 +-
 lib/ipsec/ses.c                               |   5 +-
 lib/pipeline/rte_table_action.c               |  10 +-
 lib/security/rte_security.c                   |  33 +-
 lib/security/rte_security.h                   |  90 +++--
 lib/security/rte_security_driver.h            |  31 +-
 lib/vhost/rte_vhost_crypto.h                  |   3 -
 lib/vhost/vhost_crypto.c                      |  28 +-
 109 files changed, 1301 insertions(+), 2493 deletions(-)

-- 
2.25.1


  parent reply	other threads:[~2022-10-04 17:37 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-10-04 11:10 [PATCH v7 " Akhil Goyal
2022-10-04 11:10 ` [PATCH v7 1/6] cryptodev: rework session framework Akhil Goyal
2022-10-04 11:10 ` [PATCH v7 2/6] crypto/scheduler: use unified session Akhil Goyal
2022-10-04 11:10 ` [PATCH v7 3/6] cryptodev: hide sym session structure Akhil Goyal
2022-10-04 11:10 ` [PATCH v7 4/6] security: remove priv mempool usage Akhil Goyal
2022-10-04 11:10 ` [PATCH v7 5/6] drivers/crypto: support security session get size op Akhil Goyal
2022-10-04 11:10 ` [PATCH v7 6/6] security: hide session structure Akhil Goyal
2022-10-04 17:37 ` Akhil Goyal [this message]
2022-10-04 17:37   ` [PATCH v8 1/6] cryptodev: rework session framework Akhil Goyal
2022-10-04 17:37   ` [PATCH v8 2/6] crypto/scheduler: use unified session Akhil Goyal
2022-10-04 17:37   ` [PATCH v8 3/6] cryptodev: hide sym session structure Akhil Goyal
2022-10-04 17:37   ` [PATCH v8 4/6] security: remove priv mempool usage Akhil Goyal
2022-10-04 17:37   ` [PATCH v8 5/6] drivers/crypto: support security session get size op Akhil Goyal
2022-10-04 17:37   ` [PATCH v8 6/6] security: hide session structure Akhil Goyal
2022-10-04 20:48   ` [PATCH v8 0/6] crypto/security session framework rework Akhil Goyal

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20221004173709.3482250-1-gakhil@marvell.com \
    --to=gakhil@marvell.com \
    --cc=adwivedi@marvell.com \
    --cc=ajit.khaparde@broadcom.com \
    --cc=andrew.rybchenko@oktetlabs.ru \
    --cc=anoobj@marvell.com \
    --cc=beilei.xing@intel.com \
    --cc=chandu@amd.com \
    --cc=david.marchand@redhat.com \
    --cc=dev@dpdk.org \
    --cc=ferruh.yigit@xilinx.com \
    --cc=g.singh@nxp.com \
    --cc=hemant.agrawal@nxp.com \
    --cc=irusskikh@marvell.com \
    --cc=jerinj@marvell.com \
    --cc=jianjay.zhou@huawei.com \
    --cc=jianwang@trustnetic.com \
    --cc=jiawenwu@trustnetic.com \
    --cc=jingjing.wu@intel.com \
    --cc=kai.ji@intel.com \
    --cc=konstantin.v.ananyev@yandex.ru \
    --cc=lironh@marvell.com \
    --cc=matan@nvidia.com \
    --cc=maxime.coquelin@redhat.com \
    --cc=ndabilpuram@marvell.com \
    --cc=pablo.de.lara.guarch@intel.com \
    --cc=qiming.yang@intel.com \
    --cc=radu.nicolau@intel.com \
    --cc=rnagadheeraj@marvell.com \
    --cc=roy.fan.zhang@intel.com \
    --cc=royzhang1980@gmail.com \
    --cc=ruifeng.wang@arm.com \
    --cc=sunilprakashrao.uttarwar@amd.com \
    --cc=thomas@monjalon.net \
    --cc=vattunuru@marvell.com \
    --cc=wenjun1.wu@intel.com \
    --cc=yisen.zhuang@huawei.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).