From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by dpdk.org (Postfix) with ESMTP id C6BEF1B1F7 for ; Thu, 5 Oct 2017 20:02:04 +0200 (CEST) Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga105.fm.intel.com with ESMTP; 05 Oct 2017 11:02:02 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.42,481,1500966000"; d="scan'208";a="1227496740" Received: from irsmsx109.ger.corp.intel.com ([163.33.3.23]) by fmsmga002.fm.intel.com with ESMTP; 05 Oct 2017 11:02:00 -0700 Received: from irsmsx103.ger.corp.intel.com ([169.254.3.49]) by IRSMSX109.ger.corp.intel.com ([169.254.13.28]) with mapi id 14.03.0319.002; Thu, 5 Oct 2017 19:01:59 +0100 From: "Ananyev, Konstantin" To: Akhil Goyal , "dev@dpdk.org" CC: "Doherty, Declan" , "De Lara Guarch, Pablo" , "hemant.agrawal@nxp.com" , "Nicolau, Radu" , "borisp@mellanox.com" , "aviadye@mellanox.com" , "thomas@monjalon.net" , "sandeep.malik@nxp.com" , "jerin.jacob@caviumnetworks.com" , "Mcnamara, John" , "olivier.matz@6wind.com" , Shahaf Shuler Thread-Topic: [dpdk-dev] [PATCH v2 06/12] ethdev: extend ethdev to support security APIs Thread-Index: AQHTPEoiOGdw+N79mEuYn/HEoad7tqLVjiHw Date: Thu, 5 Oct 2017 18:01:57 +0000 Message-ID: <2601191342CEEE43887BDE71AB9772585FAA4EF6@IRSMSX103.ger.corp.intel.com> References: <20170914082651.26232-1-akhil.goyal@nxp.com> <20171003131413.23846-1-akhil.goyal@nxp.com> <20171003131413.23846-7-akhil.goyal@nxp.com> In-Reply-To: <20171003131413.23846-7-akhil.goyal@nxp.com> Accept-Language: en-IE, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiNTIxOWVkZTUtY2YzYy00YmUxLTllZDMtNGUzMjc4Nzk2YTRmIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX0lDIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE2LjUuOS4zIiwiVHJ1c3RlZExhYmVsSGFzaCI6Ik5QN1ZFa2JjNjFDU2RiUHRLN2ZZYlIxc1FEMWZpeDdhWWZHSWRNUlUxNlE9In0= x-ctpclassification: CTP_IC dlp-product: dlpe-windows dlp-version: 11.0.0.116 dlp-reaction: no-action x-originating-ip: [163.33.239.181] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [dpdk-dev] [PATCH v2 06/12] ethdev: extend ethdev to support security APIs X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Oct 2017 18:02:05 -0000 > -----Original Message----- > From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Akhil Goyal > Sent: Tuesday, October 3, 2017 2:14 PM > To: dev@dpdk.org > Cc: Doherty, Declan ; De Lara Guarch, Pablo ; hemant.agrawal@nxp.com; > Nicolau, Radu ; borisp@mellanox.com; aviadye@mell= anox.com; thomas@monjalon.net; > sandeep.malik@nxp.com; jerin.jacob@caviumnetworks.com; Mcnamara, John ; olivier.matz@6wind.com > Subject: [dpdk-dev] [PATCH v2 06/12] ethdev: extend ethdev to support sec= urity APIs >=20 > From: Declan Doherty >=20 > rte_flow_action type and ethdev updated to support rte_security > sessions for crypto offload to ethernet device. >=20 > Signed-off-by: Boris Pismenny > Signed-off-by: Aviad Yehezkel > Signed-off-by: Radu Nicolau > Signed-off-by: Declan Doherty > --- > lib/librte_ether/rte_ethdev.c | 11 +++++++++++ > lib/librte_ether/rte_ethdev.h | 19 +++++++++++++++++-- > lib/librte_ether/rte_ethdev_version.map | 7 +++++++ > 3 files changed, 35 insertions(+), 2 deletions(-) >=20 > diff --git a/lib/librte_ether/rte_ethdev.c b/lib/librte_ether/rte_ethdev.= c > index 0597641..f51c5a5 100644 > --- a/lib/librte_ether/rte_ethdev.c > +++ b/lib/librte_ether/rte_ethdev.c > @@ -302,6 +302,17 @@ rte_eth_dev_socket_id(uint8_t port_id) > return rte_eth_devices[port_id].data->numa_node; > } >=20 > +uint16_t > +rte_eth_dev_get_sec_id(uint8_t port_id) > +{ > + RTE_ETH_VALID_PORTID_OR_ERR_RET(port_id, -1); > + > + if (rte_eth_devices[port_id].data->dev_flags & RTE_ETH_DEV_SECURITY) > + return rte_eth_devices[port_id].data->sec_id; > + > + return -1; > +} > + > uint8_t > rte_eth_dev_count(void) > { > diff --git a/lib/librte_ether/rte_ethdev.h b/lib/librte_ether/rte_ethdev.= h > index 0adf327..193ad62 100644 > --- a/lib/librte_ether/rte_ethdev.h > +++ b/lib/librte_ether/rte_ethdev.h > @@ -180,6 +180,8 @@ extern "C" { > #include > #include > #include > +#include > + > #include "rte_ether.h" > #include "rte_eth_ctrl.h" > #include "rte_dev_info.h" > @@ -357,7 +359,8 @@ struct rte_eth_rxmode { > jumbo_frame : 1, /**< Jumbo Frame Receipt enable. */ > hw_strip_crc : 1, /**< Enable CRC stripping by hardware. */ > enable_scatter : 1, /**< Enable scatter packets rx handler */ > - enable_lro : 1; /**< Enable LRO */ > + enable_lro : 1, /**< Enable LRO */ > + enable_sec : 1; /**< Enable security offload */ > }; >=20 > /** > @@ -679,8 +682,10 @@ struct rte_eth_txmode { > /**< If set, reject sending out tagged pkts */ > hw_vlan_reject_untagged : 1, > /**< If set, reject sending out untagged pkts */ > - hw_vlan_insert_pvid : 1; > + hw_vlan_insert_pvid : 1, > /**< If set, enable port based VLAN insertion */ > + enable_sec : 1; > + /**< Enable security offload */ > }; You probably need to SYNC with Shahaf here regarding new proposed RX/TX offload config method. =20 >=20 > /** > @@ -907,6 +912,7 @@ struct rte_eth_conf { > #define DEV_RX_OFFLOAD_QINQ_STRIP 0x00000020 > #define DEV_RX_OFFLOAD_OUTER_IPV4_CKSUM 0x00000040 > #define DEV_RX_OFFLOAD_MACSEC_STRIP 0x00000080 > +#define DEV_RX_OFFLOAD_SECURITY 0x00000100 If that's for IPSec, why not name it just: DEV_RX_OFFLOAD_IPSEC? Same question for TX. Konstantin >=20 > /** > * TX offload capabilities of a device. > @@ -926,6 +932,8 @@ struct rte_eth_conf { > #define DEV_TX_OFFLOAD_GENEVE_TNL_TSO 0x00001000 /**< Used for tunn= eling packet. */ > #define DEV_TX_OFFLOAD_MACSEC_INSERT 0x00002000 > #define DEV_TX_OFFLOAD_MT_LOCKFREE 0x00004000 > +#define DEV_TX_OFFLOAD_SECURITY 0x00008000 > +#define DEV_TX_OFFLOAD_SEC_NEED_MDATA 0x00010000 > /**< Multiple threads can invoke rte_eth_tx_burst() concurrently on the = same > * tx queue without SW lock. > */ > @@ -1651,6 +1659,9 @@ struct rte_eth_dev { > enum rte_eth_dev_state state; /**< Flag indicating the port state */ > } __rte_cache_aligned; >=20 > +uint16_t > +rte_eth_dev_get_sec_id(uint8_t port_id); > + > struct rte_eth_dev_sriov { > uint8_t active; /**< SRIOV is active with 16, 32 or 64 po= ols */ > uint8_t nb_q_per_pool; /**< rx queue number per pool */ > @@ -1711,6 +1722,8 @@ struct rte_eth_dev_data { > int numa_node; /**< NUMA node connection */ > struct rte_vlan_filter_conf vlan_filter_conf; > /**< VLAN filter configuration. */ > + uint16_t sec_id; > + /**< security instance identifier */ > }; >=20 > /** Device supports hotplug detach */ > @@ -1721,6 +1734,8 @@ struct rte_eth_dev_data { > #define RTE_ETH_DEV_BONDED_SLAVE 0x0004 > /** Device supports device removal interrupt */ > #define RTE_ETH_DEV_INTR_RMV 0x0008 > +/** Device supports inline security processing */ > +#define RTE_ETH_DEV_SECURITY 0x0010 >=20 > /** > * @internal > diff --git a/lib/librte_ether/rte_ethdev_version.map b/lib/librte_ether/r= te_ethdev_version.map > index 4283728..24cbd7d 100644 > --- a/lib/librte_ether/rte_ethdev_version.map > +++ b/lib/librte_ether/rte_ethdev_version.map > @@ -187,3 +187,10 @@ DPDK_17.08 { > rte_tm_wred_profile_delete; >=20 > } DPDK_17.05; > + > +DPDK_17.11 { > + global: > + > + rte_eth_dev_get_sec_id; > + > +} DPDK_17.08; > -- > 2.9.3