From: Aravamudan Srivathsan <Srivathsan.Aravamudan@technicolor.com>
To: "Trahe, Fiona" <fiona.trahe@intel.com>, "dev@dpdk.org" <dev@dpdk.org>
Cc: "Doherty, Declan" <declan.doherty@intel.com>
Subject: Re: [dpdk-dev] OpenSSL Cryptodev PMD and openssl engine
Date: Thu, 27 Apr 2017 01:20:14 +0000 [thread overview]
Message-ID: <DM5PR02MB2315B5A415FA46D242334C20F2100@DM5PR02MB2315.namprd02.prod.outlook.com> (raw)
In-Reply-To: <348A99DA5F5B7549AA880327E580B435891EB092@IRSMSX101.ger.corp.intel.com>
Hi Fiona,
Thank you for the reply.
I have a crypto device that is connected to PCI. It can do standard crypto operations like AES, DES, and so on.
I have openssl engine (a plugin) for this.
Our environment is
We have DPDK application for routing, forwarding, IPSec etc. (All routing and tunnelling)
We also have IoT application which would like to use the Openssl for doing some crypto operations.
My intention is
1. To use the existing openssl infrastructure (without writing the crypto PMD) to use the hardware acclearation.
2. Share the same device not only for doing the IPsec but also for doing crypto operations outside the DPDK EAL.
Yes the OpenSSL will have extra layer and do a copy of buffer, but the crypto operations will still happen in the driver.
Let me know if i make sense.
Srivathsan
________________________________
From: Trahe, Fiona <fiona.trahe@intel.com>
Sent: Wednesday, April 26, 2017 9:52 PM
To: Aravamudan Srivathsan; dev@dpdk.org
Cc: Trahe, Fiona; Doherty, Declan
Subject: RE: OpenSSL Cryptodev PMD and openssl engine
** WARNING: This mail is from an external source **
Hi Srivathsan,
> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Aravamudan
> Srivathsan
> Sent: Wednesday, April 26, 2017 8:49 AM
> To: dev@dpdk.org
> Subject: [dpdk-dev] OpenSSL Cryptodev PMD and openssl engine
>
> Hi All,
>
> We have a openssl engine available. Is it possible to use the openssl Crypto
> PMD to do the hardware offloading? I am trying to see if i can avoid writing
> the cryptopmd also to reuse the use of the device shared between the DPDK
> and other process.
>
> Thank you
> Srivathsan
It might be possible to plug your openssl engine in below the openssl PMD,
but you would lose the advantage of offloading bursts to the hardware and
would add an extra translation layer on the data path so it
would likely not be a performant solution.
Can you clarify a little how you want to share the device? i.e.
is the other process using the device directly with openssl and is the DPDK process
for IPSec or is this also for ssl?
next prev parent reply other threads:[~2017-04-27 1:20 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-26 7:49 Aravamudan Srivathsan
2017-04-26 16:22 ` Trahe, Fiona
2017-04-27 1:20 ` Aravamudan Srivathsan [this message]
2017-04-27 11:50 ` Trahe, Fiona
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DM5PR02MB2315B5A415FA46D242334C20F2100@DM5PR02MB2315.namprd02.prod.outlook.com \
--to=srivathsan.aravamudan@technicolor.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=fiona.trahe@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).