From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id B9EF8A0524;
	Sat,  4 Jul 2020 21:54:46 +0200 (CEST)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id EBF9F1DB07;
	Sat,  4 Jul 2020 21:54:45 +0200 (CEST)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com
 (mail-eopbgr60071.outbound.protection.outlook.com [40.107.6.71])
 by dpdk.org (Postfix) with ESMTP id 5635A1DAFD
 for <dev@dpdk.org>; Sat,  4 Jul 2020 21:54:44 +0200 (CEST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=gZKxyTNJC31i3b2Naay8OY3oq8IBj91+/YARHdXsTDcDOMOoBFYZl3SO2GMRMKh7m5cvJz6X7tWymFDvVOvbA5YT+RQuAqmTLrlKcHKAF1vAEIByBwbRJ3LM7SDzts7rU7I2szIE6jInLxNuk274S1IA9xxuYkOCWTuVseqKzfioeSt8OKRSSBNf2PtjTe6Q3hfCpGpTEzCgtTCUvwPygM3JdPDkVMo7+3GiFfGlvoJ0kGz+4Jqk1cPvXJX3M7qVpJkSLLvB07TBuUBDjOXBhuevRNGuZIsKPwZkjouO+PGaYidVe/GNM7kf9m5Mw/S8Eo0dOBeFTBjLh0i1tSjn5g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; 
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=EqysoKeqxxyP8HRqLRagV+7jCVLg2fRTCQRbMe9QEr4=;
 b=HMKTH/HwCjFHH7SbzJOz7E3Es54eUsExhf+39g1t+OvUZud+3YfJ4Ps2gXpEql50TWR5z1ja/CnPS9KWteMjDTKBIu2qimn0wedvs0wEk/VGNABhvO7idRMIaKHCHnx/R8G8+/tV7MuHyMTIpxdk2h40zKyVa6oPbXAeWJT15IVs2RSUw+FmG2D30DgdZO8zEEwjD3fBEP9Xz/GiEWBV3V/L9hvrC87M3DdyIViapOb1pgJADtUDfV1WaQo5EUwPJSgP/zLi3lx0BcxW7/vwKXzNDaO7jXr7X3TSa67GbJn2EGwyzHZFh81I8Jpy8ucBxkohsHKHr6hr1dI0AmDh0w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass
 header.d=nxp.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector2; 
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=EqysoKeqxxyP8HRqLRagV+7jCVLg2fRTCQRbMe9QEr4=;
 b=nF3JmwiLuE75xryIN1adAbHcy9a2GEY88Kc69+JFZNA5g+HxMDbD2/0+ZWwc69miKDxLZQP5q0TMv2qQObIt+3Q29kTqV2q1qWbBZAkdNbzzNNjqMdJNEHJ9beazGBjWUfC4TZnCoC50eLbSduO6hWybZkgWMZRxCb84oGwXpIY=
Received: from VI1PR04MB3168.eurprd04.prod.outlook.com (2603:10a6:802:6::10)
 by VI1PR0402MB2719.eurprd04.prod.outlook.com (2603:10a6:800:b0::21) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3153.20; Sat, 4 Jul
 2020 19:54:42 +0000
Received: from VI1PR04MB3168.eurprd04.prod.outlook.com
 ([fe80::b077:1fe4:d352:b464]) by VI1PR04MB3168.eurprd04.prod.outlook.com
 ([fe80::b077:1fe4:d352:b464%7]) with mapi id 15.20.3153.028; Sat, 4 Jul 2020
 19:54:42 +0000
From: Akhil Goyal <akhil.goyal@nxp.com>
To: David Coyle <david.coyle@intel.com>, "declan.doherty@intel.com"
 <declan.doherty@intel.com>, "pablo.de.lara.guarch@intel.com"
 <pablo.de.lara.guarch@intel.com>, "fiona.trahe@intel.com"
 <fiona.trahe@intel.com>, "roy.fan.zhang@intel.com" <roy.fan.zhang@intel.com>, 
 "konstantin.ananyev@intel.com" <konstantin.ananyev@intel.com>
CC: "dev@dpdk.org" <dev@dpdk.org>, "thomas@monjalon.net"
 <thomas@monjalon.net>, "ferruh.yigit@intel.com" <ferruh.yigit@intel.com>,
 "brendan.ryan@intel.com" <brendan.ryan@intel.com>, Hemant Agrawal
 <hemant.agrawal@nxp.com>, "anoobj@marvell.com" <anoobj@marvell.com>,
 "ruifeng.wang@arm.com" <ruifeng.wang@arm.com>, "lironh@marvell.com"
 <lironh@marvell.com>, "rnagadheeraj@marvell.com" <rnagadheeraj@marvell.com>,
 "jsrikanth@marvell.com" <jsrikanth@marvell.com>, Gagandeep Singh
 <G.Singh@nxp.com>, "jianjay.zhou@huawei.com" <jianjay.zhou@huawei.com>,
 "ravi1.kumar@amd.com" <ravi1.kumar@amd.com>, "bruce.richardson@intel.com"
 <bruce.richardson@intel.com>, "olivier.matz@6wind.com"
 <olivier.matz@6wind.com>, "honnappa.nagarahalli@arm.com"
 <honnappa.nagarahalli@arm.com>, "stephen@networkplumber.org"
 <stephen@networkplumber.org>, "alexr@mellanox.com" <alexr@mellanox.com>,
 "jerinj@marvell.com" <jerinj@marvell.com>
Thread-Topic: [PATCH v4 0/7] add support for DOCSIS protocol
Thread-Index: AQHWUToyvubhU5y2zk6nw/5VTLeEwaj31xFA
Date: Sat, 4 Jul 2020 19:54:41 +0000
Message-ID: <VI1PR04MB3168A49AFFADE7F0901FFA58E66B0@VI1PR04MB3168.eurprd04.prod.outlook.com>
References: <20200630163049.61900-1-david.coyle@intel.com>
 <20200703123933.52351-1-david.coyle@intel.com>
In-Reply-To: <20200703123933.52351-1-david.coyle@intel.com>
Accept-Language: en-IN, en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: intel.com; dkim=none (message not signed)
 header.d=none;intel.com; dmarc=none action=none header.from=nxp.com;
x-originating-ip: [45.118.167.83]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 5f6d6d2b-49bc-44e9-2c65-08d8205417c4
x-ms-traffictypediagnostic: VI1PR0402MB2719:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <VI1PR0402MB271979B95EEF7A2529ACA0BAE66B0@VI1PR0402MB2719.eurprd04.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0454444834
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 3+v0EsJG5O/rNSIFw2i+KwlklTmbXjDMh89EXnrtTrwAbvykxmDSttbzJawtQQfX4Xbof3v5DUFWMwC1ShR5Ymh0I0kL0W7v9kM0YzMtjtNJIBKo/PFgVVNjH83vk4A1apS2ZmGQI2r20j1N5tkuxWdLS7PwzRAAP6dbdqVZOuAzD+X6E3kmjSICBcvJAFr+PZn8HocvYAuD0O9+PscEFbo1Z+wMlg5/AnN4xvpFgUF/eslJPCx/Vcw90Dyubau99CPt43/tQSXvlz+Dqs/W+ZV7uPsIm1zTETsVirjAbrtKRGtn8mhzNrGbZTTB74J+pEm/U/OzmQBw4lG8kHH2w/hF6dXelVq+a6TeoQqik9A+WgRhvbw6k43yXSJ1nGRrLzkDkQlAiv+iAOT0ysrtiw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
 IPV:NLI; SFV:NSPM; H:VI1PR04MB3168.eurprd04.prod.outlook.com; PTR:; CAT:NONE;
 SFTY:;
 SFS:(4636009)(376002)(346002)(366004)(136003)(396003)(39850400004)(76116006)(26005)(6506007)(44832011)(52536014)(45080400002)(5660300002)(83380400001)(71200400001)(64756008)(7696005)(66476007)(66446008)(66946007)(66556008)(478600001)(110136005)(86362001)(4326008)(186003)(54906003)(7416002)(9686003)(316002)(33656002)(2906002)(8936002)(8676002)(55016002);
 DIR:OUT; SFP:1101; 
x-ms-exchange-antispam-messagedata: gFSCBN0MCiB+JM+g2rx11vrJJuw3vY/PBPdVEOw+S8Ud1Y6d/f6VYk62hI832UHSqLLyhk1JWfeFV3uljFB7HkQynY+Kpbtx+K3ciWkbUT8phT2cFC0EnzCIvbmGNX2VmwDpxoYCrO3j9SBbSQ5QlNJ4Xg35StHfCAFU/cO9RpTsPtbqrYClHzw5ftTGwMqcvp7aVGN3yKbQvXqAF+6TYJ/8eU3TTbs6cNXNek2kJfedyfZX2grW5dzcV/8aEUorTcEkVagWI9gFd8NGF8GP+sQ2TTMZsTGmwwuVby2Ol2iXxHNU6aoCTHwekQTlz77IK+peVqHu1xSMl6uxnbFhhCZiJCKoVht8HwXqIb2kQpCuzJDNmPWINX80ZpXpdG5Id9r1Ir436ADjgsGWgqsZCwtHnsECVgU+TLs2hK4Z/gGvut91p8dTVV8p7Ce1hwbFNiwuXO8AS7/yEajROkpEEzsB+nShXY1H2oUpkpo63Ug=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: nxp.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: VI1PR04MB3168.eurprd04.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 5f6d6d2b-49bc-44e9-2c65-08d8205417c4
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Jul 2020 19:54:41.8710 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: YAXVdDRp9I0NtZQ/fj3iZyCDD3uNftE++1k39V2hURSh5nnEUPnHh3Af6yH/gD8kcuoKxa+bqdrfFh7jR/AhGg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0402MB2719
Subject: Re: [dpdk-dev] [PATCH v4 0/7] add support for DOCSIS protocol
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

> Introduction
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>=20
> This patchset adds support for the DOCSIS protocol to the DPDK Security
> API (rte_security), to be used by the AESNI-MB and QAT crypto devices to
> combine and accelerate Crypto and CRC functions of the DOCSIS protocol
> into a single operation.
>=20
> Performing these functions in parallel as a single operation can enable a
> significant performance improvement in a DPDK-based DOCSIS MAC pipeline.
>=20
>=20
> Background
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>=20
> A number of approaches to combine DOCSIS Crypto and CRC functions have
> been discussed in the DPDK community to date, namely:
> 1) adding a new rte_accelerator API, to provide a generic interface for
>    combining operations of different types
> 2) using rawdev through a multi-function interface, again to provide a
>    generic interface for combining operations of different types
> 3) adding support for DOCSIS Crypto-CRC to rte_security
>=20
> The third option above is the preferred approach for the following
> reasons:
> - it addresses the immediate use case to add DOCSIS Crypto-CRC support to
>   DPDK so that it can be consumed easily by cable equipment vendors
> - it uses an already existing framework in DPDK
> - it will mean much less code churn in DOCSIS applications, which already
>   use rte_cryptodev for encryption/decryption
>=20
>=20
> Use Cases
> =3D=3D=3D=3D=3D=3D=3D=3D=3D
>=20
> The primary use case for this proposal has already been mentioned, namely
> to add DOCSIS Crypto-CRC support to DPDK:
>=20
> - DOCSIS MAC: Crypto-CRC
> 	- Order:
> 		- Downstream: CRC, Encrypt
> 		- Upstream: Decrypt, CRC
> 	- Specifications:
> 		- Crypto: 128-bit and 256-bit AES-CFB encryption variant
> 		  for DOCSIS as described in section 11.1 of DOCSIS 3.1
> 		  Security Specification
>=20
> (https://eur01.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fapps=
.ca
> blelabs.com%2Fspecification%2FCM-SP-
> SECv3.1&amp;data=3D02%7C01%7Cakhil.goyal%40nxp.com%7C39c59476749d4f5
> ec88a08d81f5153d0%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C6
> 37293781444756595&amp;sdata=3DW4YJl2bu8jsADjsLVDG2vXhYkOmbBhFY%2B4A
> a47onVak%3D&amp;reserved=3D0)
> 		- CRC: Ethernet 32-bit CRC as defined in
> 		  Ethernet/[ISO/IEC 8802-3]
>=20
> Note that support for these chained operations is already available in
> the Intel IPSec Multi-Buffer library.
>=20
> However, other DOCSIS protocol functions could be optimized too in the
> future using the same rte_security API for DOCSIS (e.g. Header Checksum
> (HCS) calculation).
>=20
> v4:
> * addressed Akhil's comments regarding documentation
> * made some code fixes
>   * fixed possible NULL pointer dereference when allocating security_ctx
>     in AESNI-MB and QAT PMDs
>   * freed security_ctx memory when exiting AESNI-MB and QAT PMDs
>   * added session IOVA verification update when creating security
>     sessions in QAT PMD
>=20
> v3:
> * removed rte_security_op definition
>   * now using rte_crypto_sym_op->auth.data fields for CRC offset and
>     length as suggested by feedback from Akhil and Konstantin
> * addressed Pablo's comments
> * removed support for out-of-place for DOCSIS protocol from QAT PMD
> * updated dpdk-crypto-perf-test tool for DOCSIS
> * updated documentation
>=20
> v2:
> * added rte_security and rte_cryptodev code changes
> * added AESNI MB crypto PMD code changes
> * added QAT SYM crypto PMD code changes
> * added crypto unit tests
> * added security unit tests
>=20
> v1:
> * added proposed API changes
> * added security capabilities to aesni_mb crypto PMD
>=20
> David Coyle (7):
>   security: add support for DOCSIS protocol
>   cryptodev: add a note regarding DOCSIS protocol support
>   crypto/aesni_mb: add support for DOCSIS protocol
>   crypto/qat: add support for DOCSIS protocol
>   test/crypto: add DOCSIS security test cases
>   test/security: add DOCSIS capability check tests
>   app/crypto-perf: add support for DOCSIS protocol
>=20
>  app/test-crypto-perf/cperf_ops.c              |   82 +-
>  app/test-crypto-perf/cperf_options.h          |    5 +-
>  app/test-crypto-perf/cperf_options_parsing.c  |   67 +-
>  app/test-crypto-perf/cperf_test_throughput.c  |    3 +-
>  app/test-crypto-perf/cperf_test_vectors.c     |    3 +-
>  app/test-crypto-perf/main.c                   |    5 +-
>  app/test-crypto-perf/meson.build              |    2 +-
>  app/test/test_cryptodev.c                     |  513 ++++++
>  ...t_cryptodev_security_docsis_test_vectors.h | 1544 +++++++++++++++++
>  app/test/test_security.c                      |   88 +
>  doc/guides/cryptodevs/aesni_mb.rst            |    8 +
>  doc/guides/cryptodevs/features/aesni_mb.ini   |    1 +
>  doc/guides/cryptodevs/features/qat.ini        |    1 +
>  doc/guides/cryptodevs/qat.rst                 |    7 +
>  doc/guides/prog_guide/rte_security.rst        |  114 +-
>  doc/guides/rel_notes/release_20_08.rst        |   21 +
>  doc/guides/tools/cryptoperf.rst               |    5 +
>  drivers/common/qat/Makefile                   |    3 +
>  .../crypto/aesni_mb/aesni_mb_pmd_private.h    |   19 +-
>  drivers/crypto/aesni_mb/meson.build           |    2 +-
>  drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c    |  301 +++-
>  .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c    |  125 ++
>  drivers/crypto/qat/meson.build                |    2 +
>  drivers/crypto/qat/qat_sym.c                  |   71 +-
>  drivers/crypto/qat/qat_sym.h                  |   62 +-
>  drivers/crypto/qat/qat_sym_capabilities.h     |   42 +
>  drivers/crypto/qat/qat_sym_pmd.c              |   61 +-
>  drivers/crypto/qat/qat_sym_pmd.h              |    4 +
>  drivers/crypto/qat/qat_sym_session.c          |  153 ++
>  drivers/crypto/qat/qat_sym_session.h          |   11 +
>  lib/librte_cryptodev/rte_crypto_sym.h         |   14 +
>  lib/librte_security/rte_security.c            |    5 +
>  lib/librte_security/rte_security.h            |   38 +
>  33 files changed, 3348 insertions(+), 34 deletions(-)
>  create mode 100644 app/test/test_cryptodev_security_docsis_test_vectors.=
h
>=20
Some modifications are done in the release notes while merging. Please chec=
k.
Applied to dpdk-next-crypto

Thanks.