From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 87658A0598;
	Tue, 21 Apr 2020 18:46:37 +0200 (CEST)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 2E4061D44D;
	Tue, 21 Apr 2020 18:46:36 +0200 (CEST)
Received: from mga06.intel.com (mga06.intel.com [134.134.136.31])
 by dpdk.org (Postfix) with ESMTP id 0DC711D421
 for <dev@dpdk.org>; Tue, 21 Apr 2020 18:46:32 +0200 (CEST)
IronPort-SDR: uPJO/FSuVHuWgyGVEcCC0NIdZXnoBT2yaeXAIuNlUJa9CS2f3l4T2mSg72HvA9k/Y91DD+HIVr
 1HieSxcYMqew==
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga004.jf.intel.com ([10.7.209.38])
 by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 21 Apr 2020 09:46:31 -0700
IronPort-SDR: 8xD2tqe1rLlh5+ucSpDhvxn0p3+jTUp6Wf3pvOttAZwzBnRnplI1JUq21DD7XcrV2IsD6iDLZg
 UlzgDrHelIfA==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.72,410,1580803200"; d="scan'208";a="402245711"
Received: from dwdohert-mobl.ger.corp.intel.com (HELO [10.213.240.76])
 ([10.213.240.76])
 by orsmga004.jf.intel.com with ESMTP; 21 Apr 2020 09:46:26 -0700
To: Thomas Monjalon <thomas@monjalon.net>,
 "Yigit, Ferruh" <ferruh.yigit@intel.com>,
 "Trahe, Fiona" <fiona.trahe@intel.com>
Cc: "Coyle, David" <david.coyle@intel.com>, "dev@dpdk.org" <dev@dpdk.org>,
 "De Lara Guarch, Pablo" <pablo.de.lara.guarch@intel.com>,
 "Ryan, Brendan" <brendan.ryan@intel.com>,
 "shreyansh.jain@nxp.com" <shreyansh.jain@nxp.com>,
 "hemant.agrawal@nxp.com" <hemant.agrawal@nxp.com>,
 "akhil.goyal@nxp.com" <akhil.goyal@nxp.com>,
 Anoob Joseph <anoobj@marvell.com>, Ruifeng Wang <ruifeng.wang@arm.com>,
 Liron Himi <lironh@marvell.com>,
 Nagadheeraj Rottela <rnagadheeraj@marvell.com>,
 Srikanth Jampala <jsrikanth@marvell.com>, Gagandeep Singh <g.singh@nxp.com>,
 Jay Zhou <jianjay.zhou@huawei.com>, Ravi Kumar <ravi1.kumar@amd.com>,
 "Richardson, Bruce" <bruce.richardson@intel.com>, olivier.matz@6wind.com,
 honnappa.nagarahalli@arm.com, Stephen Hemminger
 <stephen@networkplumber.org>, alexr@mellanox.com
References: <20200410142757.31508-1-david.coyle@intel.com>
 <4421330.vfdyTQepKt@thomas> <2fa52616-2e81-4eae-a28b-4549154742fe@intel.com>
 <8017884.aoefvbuG5b@thomas>
From: "Doherty, Declan" <declan.doherty@intel.com>
Message-ID: <45cf0e87-2021-cc8c-82b5-60c0b1e11fb7@intel.com>
Date: Tue, 21 Apr 2020 17:46:25 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101
 Thunderbird/68.7.0
MIME-Version: 1.0
In-Reply-To: <8017884.aoefvbuG5b@thomas>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Subject: Re: [dpdk-dev] [PATCH v3 0/4] add AESNI-MB rawdev for
 multi-function processing
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

On 15/04/2020 11:33 PM, Thomas Monjalon wrote:
> 16/04/2020 00:19, Doherty, Declan:
>> On 14/04/2020 3:44 PM, Thomas Monjalon wrote:
>>> 14/04/2020 16:02, Trahe, Fiona:
>>>> From: Thomas Monjalon <thomas@monjalon.net>
>>>>> 14/04/2020 15:04, Trahe, Fiona:
>>>>>>> 14/04/2020 12:21, Ferruh Yigit:
>>>>>>>
>>>>> http://inbox.dpdk.org/dev/MN2PR11MB35507D4B96677A41E66440C5E3C30@MN2PR11MB3550.na
>>>>>>> mprd11.prod.outlook.com/
>>>>>>>
>>>>>>> I am not convinced.
>>>>>>> I don't like rawdev in general.
>>>>>>> Rawdev is good only for hardware support which cannot be generic
>>>>>>> like SoC, FPGA management or DMA engine.
>>>>>>
>>>>>> [Fiona] CRC and BIP are not crypto algorithms, they are error detection processes.
>>>>>> So there is no class in DPDK that these readily fit into.
>>>>>> There was resistance to adding another xxxddev, and even if one had been added
>>>>>> for error_detection_dev, there would still have been another layer needed
>>>>>> to couple this with cryptodev. Various proposals for this have been discussed on the ML
>>>>>> in RFC and recent patches, there doesn't seem to be an appetite for this as a generic API.
>>>>>> So it seems that only Intel has software and hardware engines that provide this
>>>>>> specialised feature coupling. In that case rawdev seems like the most
>>>>>> appropriate vehicle to expose this.
>>>>>
>>>>> Adding some vendor-specific API is not a good answer.
>>>>> It will work in some cases, but it won't make DPDK better.
>>>>> What's the purpose of DPDK if it's not solving a common problem
>>>>> for different hardware?
>>>>
>> The current proposal in rawdev could easily be supported by any hardware
>> which supports chaining multiple functions/services into a single
>> operation, in this case symmetric crypto and error detection, but it
>> could conceivably support chaining symmetric/asymmetric crypto
>> operations or chaining symmetric crypto and compression operations.
>>
>>>> [Fiona] Based on that logic rawdev should be deprecated.
>>>> But the community has agreed that it has a place.
>>>
>>> No, as I said above, rawdev is good for SoC, FPGA management or DMA engine.
>>
>> I distinctly remember when rawdev was being proposed one of the uses
>> cases proposed was that a new classes of APIs could be prototyped and
>> developed under rawdev and when a solid consensus was reached then
>> migrated to a mainstream DPDK library. I think every effort has been
>> made here to engage the community to develop a generic approach. As
>> Fiona notes there hasn't really been much of an appetite for this.
>>
>> Therefore I think the option to use rawdev makes sense, it allows an
>> initial proposal to be deployed,  without a generic solution agreement,
>> it will also give others in the community to see how this approach can
>> work and hopefully lead to more engagement on a generic solution. Also
>> as APIs in rawdev are essentially treated as private APIs the onus is on
>> Intel to support this going forward.
> 
> Because hardware support is pending,
> we should accept an Intel-only "temporary" solution,
> opening the door to more vendor-specific APIs?
> 
> What is the benefit for the DPDK project?
> 
> 

Sorry I don't agree with this sentiment, David has made every attempt to 
solicit feedback an to engage the community in this.

I also don't agree in classifying this as a "temporary solution" as this 
is a solid proposal for an approach to chaining multiple operations 
together, but I guess the fact remains that we only currently have a 
single use-case, but it is difficult to generate a generic solution in 
this case.

While there is only a single use case it is targeting two devices so 
that drove the need for a common interface withing rawdev.

The advantage of using rawdev is that it allows this to be consumed 
through DPDK, which enables DPDK project consumers, but also leaves the 
door open to other contributors to have their say on how this should 
evolve. For example this exact process seems to be occurring with DMA 
engines in rawdev today, with a critical mass of implementations which 
now is giving the impetus to create a generic solution, as we would hope 
can occur here too in the future.


>>>> And the common problem here is device exposure.
>>>> With a specialised service on top.
>>>>
>>>>
>>>>>>> Here the intent is to use rawdev because we don't find a good API.
>>>>>>> API defeat is a no-go.
>>>>>>
>>>>>> [Fiona] It's not that we haven't found a good API, but that there doesn't seem
>>>>>> to be a general requirement for such a specialised API
>>>>>
>>>>> There is a requirement to combine features of different classes.
>>>>
>>>> [Fiona] Can you point me to that requirement please?
>>>
>>> Yes, rte_security is trying to address this exact issue.
>>>
>>
>> I don't agree rte_security addresses the problem of different device
>> types supporting the same services. The problem being addressed here is
>> a single device which supports the chaining of multiple services (sym
>> crypto & error detection)
> 
> Doing IPsec processing in Rx or Tx of a NIC is not chaining?
> 
> 

I wouldn't consider an inline crypto offload or full IPsec offload a 
chained operation in the vein being proposed here where completely 
independent services (in the view of DPDK which are currently on 
independent devices and APIs) are linked together.

We did look at using rte_security here but it wasn't considered suitable 
for a chaining of non-crypto operations such as CRC or possibly 
compression in the future, as it would still run into the issue of 
having to use the cryptodev enq/deq API in the lookaside offload case.


>>>> We suggested it, but did not get community engagement and have
>>>> dropped our generic API requirement, instead focussing on this specialised case.
>>>
>>> I did not see such generic proposal, sorry.
>>>
>>>>> In the past, rte_security was an "answer" to this issue with crypto and ethdev.
>>>>> This is a real topic, please let's find a generic elegant solution.
> 
> 
>