From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 4EED1A04BC; Thu, 8 Oct 2020 11:01:27 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id E74D11BACC; Thu, 8 Oct 2020 11:01:24 +0200 (CEST) Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-eopbgr130080.outbound.protection.outlook.com [40.107.13.80]) by dpdk.org (Postfix) with ESMTP id 958C11BAB9; Thu, 8 Oct 2020 11:01:22 +0200 (CEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dI87iY5fhkqTA8OLDXAwuM3VsJI9O3NhRLK6oHdce0ShXF3ducSs4cfTBivUOT0hN+luvmBdGQFAgH6XBs6YwMHkvMMcwokOWTckqvoboHvQn7hJBfORpKCCx2VENSxuiQFUsLfis3UIu0I+3MBibuhso3WCnoFdgtDW/UTUBAdRMy7fnntpUobsgX9etfm17vxxjunxSRe3xQTLeHEe+vWodwuTkCwEbXONOXX1CLLDKT5hhAMbHqye8SnliEipwMcgm8t4kTJCGC394q88apkz+j95xrqhj3e8ofJHdhW8vNkswx9+7YmAjxaQ1O0+LPp+4h5+LGeU2U9o6qLn6Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MM/WjqgQS21ZnI4vtm5ReS5oq/9cFZjVdJRV6FlIC50=; b=oKfOq4w3B1QFMGSU5lwZjLDUodV7xmc7W/r9q+q2tMwqfOrzbfcCIUe7N3Kpeff0lLRdyl6MiQhrRXTqpqLy7ge9m6fYhMswpJKjhvGlGIRHKl3KnthSI+iSIjNyw9grn7gmL1MjceEsWeSq8JJo7uOR7pOXloEg3H839guvG6xLFoA/dMpc0476kS3FM0I+TVGnjI5ym26b1b04LxzapqHpzC/FX7YkgNuU23tCtkXWAqyyLyiU/KfFye7NvQr6TDJJB7Ke2CQboiI/hUpdcXMCGsiTLt58e1PaKbzxGWmFYR1Sq4MV2P31CcBf25MANvGr17PhoEJAfXn29TQ9JQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass header.d=nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MM/WjqgQS21ZnI4vtm5ReS5oq/9cFZjVdJRV6FlIC50=; b=qUkAZ6sjEVB3MX0ya4u1iKQ9+Wyq8oF3FcONvsAAQzVwwSaqiQ1PQVDrNELXIOtHlaObKWT8M1bpKzMV+xo40eu5wrTxkFJHDSo6tERYnoxjA9bYP7qBnByOZp5adVIsyEIN7dOAa8JM377+IlAbnUuzEdZWMqLjBvw8FtTjrbs= Received: from VI1PR04MB3168.eurprd04.prod.outlook.com (2603:10a6:802:6::10) by VI1PR04MB3008.eurprd04.prod.outlook.com (2603:10a6:802:f::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3433.37; Thu, 8 Oct 2020 09:01:19 +0000 Received: from VI1PR04MB3168.eurprd04.prod.outlook.com ([fe80::9513:3b55:931f:216e]) by VI1PR04MB3168.eurprd04.prod.outlook.com ([fe80::9513:3b55:931f:216e%4]) with mapi id 15.20.3433.045; Thu, 8 Oct 2020 09:01:19 +0000 From: Akhil Goyal To: "Coyle, David" , "dev@dpdk.org" , "techboard@dpdk.org" CC: Hemant Agrawal , "anoobj@marvell.com" , "Doherty, Declan" Thread-Topic: [PATCH 2/7] security: modify PDCP xform to support SDAP Thread-Index: AQHWggxDwW+BPs2Pdk2zkl4UUfMQu6mJf7cAgAQd37A= Date: Thu, 8 Oct 2020 09:01:19 +0000 Message-ID: References: <20200903160652.31654-1-akhil.goyal@nxp.com> <20200903160652.31654-3-akhil.goyal@nxp.com> In-Reply-To: Accept-Language: en-IN, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=nxp.com; x-originating-ip: [122.180.231.103] x-ms-publictraffictype: Email x-ms-office365-filtering-ht: Tenant x-ms-office365-filtering-correlation-id: 2a2dc595-9815-480e-cb54-08d86b68b8f6 x-ms-traffictypediagnostic: VI1PR04MB3008: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: lWdaNDTa5gjtGrDlwjQTr4WBmpUAitb33/yJStadWTZUS061DJ+BGiMzyzLqNWYPzhtPJpSp0T+y3WhHWkiUbC7S3IIq4bQsWsNDLCqfL+GdBrmyTsxyEj9/FkI6NYsWsMvDE31Yi07LWeeF2KGSO2S2atlbRQEFeXLmGcPzhGKjcDo6hoF+Bwen/sKqNVtsSYjlxZa8P9N9c1B00jwrcjP9XmHqDGCI2CCTPzmr8xtwFbcrazWpnnw5qq322bgQJLl5IWRGpmfro8BMmV/iSiMwEwY/x94Zi3HCpjp/YI1Ej7wiAvk0kTh52hI5jxOywh4+eNjM6r5ysNnDvdfoDA== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR04MB3168.eurprd04.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(346002)(396003)(136003)(376002)(39860400002)(478600001)(8936002)(2906002)(8676002)(33656002)(26005)(15650500001)(186003)(55016002)(9686003)(44832011)(83380400001)(76116006)(66946007)(5660300002)(7696005)(52536014)(316002)(6506007)(66556008)(110136005)(66446008)(86362001)(66476007)(64756008)(71200400001)(4326008)(54906003); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: ZTcPWfEkY5frgk2Cme8Twxr4IpiTnOtyRkRJEzZIzeHBIkFMHlJ/rw7ruYRZWONe0Lk50YV7UaIh/81SGgWvXSpynudBciSHpx7vjKfbOviUPPa3lBjqyhMqbv+Wybpke8isO2dHhher+Iakc/oo0+OK+gd1pha8+PdI1OMBQtRzY+JLbXx2/aA2PUff261FErJqbFLBGGb+XKu2bUAtAq6kOCeNHMLM1jnuynh397Dt+SPjJT6E2LMRFUz2IGAUM1FqdNXrGejEgqLj1E2gQYGENNiSC/Mb1USnUJ9AKXA2Zs7QaqwDxejbJtY5VKaj4PU/hRus3dFRjJW8i3IDw7uy1Pkicj1T6V51Qq4Uol+Po3j4Yo3VcRqw5wQonRyFR23c4Nlk1gutd0YHfxnQRhTLRMjO4+o+act9hLWA6lVDl1hVc1QtRRa/d0NCJST/RT+11ssz8cC7GUufnsqx0QfD2IX/NqTbOivKI0TfwZIeANUTSyVPvDJjAKnVGVJRYIFEh+Qj0sBLF3/Kg5+CO7g0inDBDpCHzHG9fB9zWIeyIlJ7YF1l1/63E/sLjEJlSBT8PXBfhem22wjQpBQvV0CFqRE2HQazNgvXdDGFzUrQ7i1QWouBVLwjILo//J/boElfN6kKCQv2P1PhpvbmhA== Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: VI1PR04MB3168.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 2a2dc595-9815-480e-cb54-08d86b68b8f6 X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Oct 2020 09:01:19.4938 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: ijz//zmso55YyYnwJ1JRSORKwE3ocqQrIN+CcAtBCwxaGh6QTN17/OkxThqW47wUks9fcpe2CLZxrRfIUaCRCQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR04MB3008 Subject: Re: [dpdk-dev] [PATCH 2/7] security: modify PDCP xform to support SDAP X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Hi David, > Hi Akhil >=20 >=20 > > @@ -693,6 +693,23 @@ PDCP related configuration parameters are defined > > in ``rte_security_pdcp_xform`` > > uint32_t hfn; > > /** HFN Threshold for key renegotiation */ > > uint32_t hfn_threshold; > > + /** HFN can be given as a per packet value also. > > + * As we do not have IV in case of PDCP, and HFN is > > + * used to generate IV. IV field can be used to get the > > + * per packet HFN while enq/deq. > > + * If hfn_ovrd field is set, user is expected to set the > > + * per packet HFN in place of IV. PMDs will extract the HFN > > + * and perform operations accordingly. > > + */ > > + uint8_t hfn_ovrd; > > + /** In case of 5G NR, a new protocol(SDAP) header may be set > > + * inside PDCP payload which should be authenticated but not > > + * encrypted. Hence, driver should be notified if SDAP is > > + * enabled or not, so that SDAP header is not encrypted. > > + */ > > + uint8_t sdap_enabled; > > + /** Reserved for future */ > > + uint16_t reserved; > > }; >=20 > [DC] Should we consider removing the API code out of the security > documentation? > It's a direct copy of the API code itself, and just means 2 files need to= be updated > for every API change. > And as with 'hfn_ovrd', sometimes it's forgotten. > From maintainability point of view, it might be better just remove it. Yes we can remove it. I will remove it in a separate patch. >=20 > > > > DOCSIS related configuration parameters are defined in > > ``rte_security_docsis_xform`` diff --git a/lib/librte_security/rte_secu= rity.h > > b/lib/librte_security/rte_security.h > > index 16839e539..48b377b20 100644 > > --- a/lib/librte_security/rte_security.h > > +++ b/lib/librte_security/rte_security.h > > @@ -1,5 +1,5 @@ > > /* SPDX-License-Identifier: BSD-3-Clause > > - * Copyright 2017,2019 NXP > > + * Copyright 2017,2019-2020 NXP > > * Copyright(c) 2017-2020 Intel Corporation. > > */ > > > > @@ -290,7 +290,15 @@ struct rte_security_pdcp_xform { > > * per packet HFN in place of IV. PMDs will extract the HFN > > * and perform operations accordingly. > > */ > > - uint32_t hfn_ovrd; > > + uint8_t hfn_ovrd; > > + /** In case of 5G NR, a new protocol(SDAP) header may be set >=20 > [DC] Very minor thing... add space between 'protocol' and '(SDAP)' in the > comment block. Sure. Will add it. >=20 Adding Techboard for request for approval of the change in the xform struct= ure to Add sdap support. > And same comment for the documentation if you choose to keep the API code > blocks there too. >=20 > > + * inside PDCP payload which should be authenticated but not > > + * encrypted. Hence, driver should be notified if SDAP is > > + * enabled or not, so that SDAP header is not encrypted. > > + */ > > + uint8_t sdap_enabled; > > + /** Reserved for future */ > > + uint16_t reserved; > > }; > > > > /** DOCSIS direction */ > > -- > > 2.17.1