From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id B9EF8A0524; Sat, 4 Jul 2020 21:54:46 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id EBF9F1DB07; Sat, 4 Jul 2020 21:54:45 +0200 (CEST) Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60071.outbound.protection.outlook.com [40.107.6.71]) by dpdk.org (Postfix) with ESMTP id 5635A1DAFD for ; Sat, 4 Jul 2020 21:54:44 +0200 (CEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gZKxyTNJC31i3b2Naay8OY3oq8IBj91+/YARHdXsTDcDOMOoBFYZl3SO2GMRMKh7m5cvJz6X7tWymFDvVOvbA5YT+RQuAqmTLrlKcHKAF1vAEIByBwbRJ3LM7SDzts7rU7I2szIE6jInLxNuk274S1IA9xxuYkOCWTuVseqKzfioeSt8OKRSSBNf2PtjTe6Q3hfCpGpTEzCgtTCUvwPygM3JdPDkVMo7+3GiFfGlvoJ0kGz+4Jqk1cPvXJX3M7qVpJkSLLvB07TBuUBDjOXBhuevRNGuZIsKPwZkjouO+PGaYidVe/GNM7kf9m5Mw/S8Eo0dOBeFTBjLh0i1tSjn5g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EqysoKeqxxyP8HRqLRagV+7jCVLg2fRTCQRbMe9QEr4=; b=HMKTH/HwCjFHH7SbzJOz7E3Es54eUsExhf+39g1t+OvUZud+3YfJ4Ps2gXpEql50TWR5z1ja/CnPS9KWteMjDTKBIu2qimn0wedvs0wEk/VGNABhvO7idRMIaKHCHnx/R8G8+/tV7MuHyMTIpxdk2h40zKyVa6oPbXAeWJT15IVs2RSUw+FmG2D30DgdZO8zEEwjD3fBEP9Xz/GiEWBV3V/L9hvrC87M3DdyIViapOb1pgJADtUDfV1WaQo5EUwPJSgP/zLi3lx0BcxW7/vwKXzNDaO7jXr7X3TSa67GbJn2EGwyzHZFh81I8Jpy8ucBxkohsHKHr6hr1dI0AmDh0w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass header.d=nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EqysoKeqxxyP8HRqLRagV+7jCVLg2fRTCQRbMe9QEr4=; b=nF3JmwiLuE75xryIN1adAbHcy9a2GEY88Kc69+JFZNA5g+HxMDbD2/0+ZWwc69miKDxLZQP5q0TMv2qQObIt+3Q29kTqV2q1qWbBZAkdNbzzNNjqMdJNEHJ9beazGBjWUfC4TZnCoC50eLbSduO6hWybZkgWMZRxCb84oGwXpIY= Received: from VI1PR04MB3168.eurprd04.prod.outlook.com (2603:10a6:802:6::10) by VI1PR0402MB2719.eurprd04.prod.outlook.com (2603:10a6:800:b0::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3153.20; Sat, 4 Jul 2020 19:54:42 +0000 Received: from VI1PR04MB3168.eurprd04.prod.outlook.com ([fe80::b077:1fe4:d352:b464]) by VI1PR04MB3168.eurprd04.prod.outlook.com ([fe80::b077:1fe4:d352:b464%7]) with mapi id 15.20.3153.028; Sat, 4 Jul 2020 19:54:42 +0000 From: Akhil Goyal To: David Coyle , "declan.doherty@intel.com" , "pablo.de.lara.guarch@intel.com" , "fiona.trahe@intel.com" , "roy.fan.zhang@intel.com" , "konstantin.ananyev@intel.com" CC: "dev@dpdk.org" , "thomas@monjalon.net" , "ferruh.yigit@intel.com" , "brendan.ryan@intel.com" , Hemant Agrawal , "anoobj@marvell.com" , "ruifeng.wang@arm.com" , "lironh@marvell.com" , "rnagadheeraj@marvell.com" , "jsrikanth@marvell.com" , Gagandeep Singh , "jianjay.zhou@huawei.com" , "ravi1.kumar@amd.com" , "bruce.richardson@intel.com" , "olivier.matz@6wind.com" , "honnappa.nagarahalli@arm.com" , "stephen@networkplumber.org" , "alexr@mellanox.com" , "jerinj@marvell.com" Thread-Topic: [PATCH v4 0/7] add support for DOCSIS protocol Thread-Index: AQHWUToyvubhU5y2zk6nw/5VTLeEwaj31xFA Date: Sat, 4 Jul 2020 19:54:41 +0000 Message-ID: References: <20200630163049.61900-1-david.coyle@intel.com> <20200703123933.52351-1-david.coyle@intel.com> In-Reply-To: <20200703123933.52351-1-david.coyle@intel.com> Accept-Language: en-IN, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=nxp.com; x-originating-ip: [45.118.167.83] x-ms-publictraffictype: Email x-ms-office365-filtering-ht: Tenant x-ms-office365-filtering-correlation-id: 5f6d6d2b-49bc-44e9-2c65-08d8205417c4 x-ms-traffictypediagnostic: VI1PR0402MB2719: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-forefront-prvs: 0454444834 x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 3+v0EsJG5O/rNSIFw2i+KwlklTmbXjDMh89EXnrtTrwAbvykxmDSttbzJawtQQfX4Xbof3v5DUFWMwC1ShR5Ymh0I0kL0W7v9kM0YzMtjtNJIBKo/PFgVVNjH83vk4A1apS2ZmGQI2r20j1N5tkuxWdLS7PwzRAAP6dbdqVZOuAzD+X6E3kmjSICBcvJAFr+PZn8HocvYAuD0O9+PscEFbo1Z+wMlg5/AnN4xvpFgUF/eslJPCx/Vcw90Dyubau99CPt43/tQSXvlz+Dqs/W+ZV7uPsIm1zTETsVirjAbrtKRGtn8mhzNrGbZTTB74J+pEm/U/OzmQBw4lG8kHH2w/hF6dXelVq+a6TeoQqik9A+WgRhvbw6k43yXSJ1nGRrLzkDkQlAiv+iAOT0ysrtiw== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR04MB3168.eurprd04.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(376002)(346002)(366004)(136003)(396003)(39850400004)(76116006)(26005)(6506007)(44832011)(52536014)(45080400002)(5660300002)(83380400001)(71200400001)(64756008)(7696005)(66476007)(66446008)(66946007)(66556008)(478600001)(110136005)(86362001)(4326008)(186003)(54906003)(7416002)(9686003)(316002)(33656002)(2906002)(8936002)(8676002)(55016002); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: gFSCBN0MCiB+JM+g2rx11vrJJuw3vY/PBPdVEOw+S8Ud1Y6d/f6VYk62hI832UHSqLLyhk1JWfeFV3uljFB7HkQynY+Kpbtx+K3ciWkbUT8phT2cFC0EnzCIvbmGNX2VmwDpxoYCrO3j9SBbSQ5QlNJ4Xg35StHfCAFU/cO9RpTsPtbqrYClHzw5ftTGwMqcvp7aVGN3yKbQvXqAF+6TYJ/8eU3TTbs6cNXNek2kJfedyfZX2grW5dzcV/8aEUorTcEkVagWI9gFd8NGF8GP+sQ2TTMZsTGmwwuVby2Ol2iXxHNU6aoCTHwekQTlz77IK+peVqHu1xSMl6uxnbFhhCZiJCKoVht8HwXqIb2kQpCuzJDNmPWINX80ZpXpdG5Id9r1Ir436ADjgsGWgqsZCwtHnsECVgU+TLs2hK4Z/gGvut91p8dTVV8p7Ce1hwbFNiwuXO8AS7/yEajROkpEEzsB+nShXY1H2oUpkpo63Ug= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: VI1PR04MB3168.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 5f6d6d2b-49bc-44e9-2c65-08d8205417c4 X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Jul 2020 19:54:41.8710 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: YAXVdDRp9I0NtZQ/fj3iZyCDD3uNftE++1k39V2hURSh5nnEUPnHh3Af6yH/gD8kcuoKxa+bqdrfFh7jR/AhGg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0402MB2719 Subject: Re: [dpdk-dev] [PATCH v4 0/7] add support for DOCSIS protocol X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" > Introduction > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > This patchset adds support for the DOCSIS protocol to the DPDK Security > API (rte_security), to be used by the AESNI-MB and QAT crypto devices to > combine and accelerate Crypto and CRC functions of the DOCSIS protocol > into a single operation. >=20 > Performing these functions in parallel as a single operation can enable a > significant performance improvement in a DPDK-based DOCSIS MAC pipeline. >=20 >=20 > Background > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > A number of approaches to combine DOCSIS Crypto and CRC functions have > been discussed in the DPDK community to date, namely: > 1) adding a new rte_accelerator API, to provide a generic interface for > combining operations of different types > 2) using rawdev through a multi-function interface, again to provide a > generic interface for combining operations of different types > 3) adding support for DOCSIS Crypto-CRC to rte_security >=20 > The third option above is the preferred approach for the following > reasons: > - it addresses the immediate use case to add DOCSIS Crypto-CRC support to > DPDK so that it can be consumed easily by cable equipment vendors > - it uses an already existing framework in DPDK > - it will mean much less code churn in DOCSIS applications, which already > use rte_cryptodev for encryption/decryption >=20 >=20 > Use Cases > =3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > The primary use case for this proposal has already been mentioned, namely > to add DOCSIS Crypto-CRC support to DPDK: >=20 > - DOCSIS MAC: Crypto-CRC > - Order: > - Downstream: CRC, Encrypt > - Upstream: Decrypt, CRC > - Specifications: > - Crypto: 128-bit and 256-bit AES-CFB encryption variant > for DOCSIS as described in section 11.1 of DOCSIS 3.1 > Security Specification >=20 > (https://eur01.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fapps= .ca > blelabs.com%2Fspecification%2FCM-SP- > SECv3.1&data=3D02%7C01%7Cakhil.goyal%40nxp.com%7C39c59476749d4f5 > ec88a08d81f5153d0%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C6 > 37293781444756595&sdata=3DW4YJl2bu8jsADjsLVDG2vXhYkOmbBhFY%2B4A > a47onVak%3D&reserved=3D0) > - CRC: Ethernet 32-bit CRC as defined in > Ethernet/[ISO/IEC 8802-3] >=20 > Note that support for these chained operations is already available in > the Intel IPSec Multi-Buffer library. >=20 > However, other DOCSIS protocol functions could be optimized too in the > future using the same rte_security API for DOCSIS (e.g. Header Checksum > (HCS) calculation). >=20 > v4: > * addressed Akhil's comments regarding documentation > * made some code fixes > * fixed possible NULL pointer dereference when allocating security_ctx > in AESNI-MB and QAT PMDs > * freed security_ctx memory when exiting AESNI-MB and QAT PMDs > * added session IOVA verification update when creating security > sessions in QAT PMD >=20 > v3: > * removed rte_security_op definition > * now using rte_crypto_sym_op->auth.data fields for CRC offset and > length as suggested by feedback from Akhil and Konstantin > * addressed Pablo's comments > * removed support for out-of-place for DOCSIS protocol from QAT PMD > * updated dpdk-crypto-perf-test tool for DOCSIS > * updated documentation >=20 > v2: > * added rte_security and rte_cryptodev code changes > * added AESNI MB crypto PMD code changes > * added QAT SYM crypto PMD code changes > * added crypto unit tests > * added security unit tests >=20 > v1: > * added proposed API changes > * added security capabilities to aesni_mb crypto PMD >=20 > David Coyle (7): > security: add support for DOCSIS protocol > cryptodev: add a note regarding DOCSIS protocol support > crypto/aesni_mb: add support for DOCSIS protocol > crypto/qat: add support for DOCSIS protocol > test/crypto: add DOCSIS security test cases > test/security: add DOCSIS capability check tests > app/crypto-perf: add support for DOCSIS protocol >=20 > app/test-crypto-perf/cperf_ops.c | 82 +- > app/test-crypto-perf/cperf_options.h | 5 +- > app/test-crypto-perf/cperf_options_parsing.c | 67 +- > app/test-crypto-perf/cperf_test_throughput.c | 3 +- > app/test-crypto-perf/cperf_test_vectors.c | 3 +- > app/test-crypto-perf/main.c | 5 +- > app/test-crypto-perf/meson.build | 2 +- > app/test/test_cryptodev.c | 513 ++++++ > ...t_cryptodev_security_docsis_test_vectors.h | 1544 +++++++++++++++++ > app/test/test_security.c | 88 + > doc/guides/cryptodevs/aesni_mb.rst | 8 + > doc/guides/cryptodevs/features/aesni_mb.ini | 1 + > doc/guides/cryptodevs/features/qat.ini | 1 + > doc/guides/cryptodevs/qat.rst | 7 + > doc/guides/prog_guide/rte_security.rst | 114 +- > doc/guides/rel_notes/release_20_08.rst | 21 + > doc/guides/tools/cryptoperf.rst | 5 + > drivers/common/qat/Makefile | 3 + > .../crypto/aesni_mb/aesni_mb_pmd_private.h | 19 +- > drivers/crypto/aesni_mb/meson.build | 2 +- > drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 301 +++- > .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 125 ++ > drivers/crypto/qat/meson.build | 2 + > drivers/crypto/qat/qat_sym.c | 71 +- > drivers/crypto/qat/qat_sym.h | 62 +- > drivers/crypto/qat/qat_sym_capabilities.h | 42 + > drivers/crypto/qat/qat_sym_pmd.c | 61 +- > drivers/crypto/qat/qat_sym_pmd.h | 4 + > drivers/crypto/qat/qat_sym_session.c | 153 ++ > drivers/crypto/qat/qat_sym_session.h | 11 + > lib/librte_cryptodev/rte_crypto_sym.h | 14 + > lib/librte_security/rte_security.c | 5 + > lib/librte_security/rte_security.h | 38 + > 33 files changed, 3348 insertions(+), 34 deletions(-) > create mode 100644 app/test/test_cryptodev_security_docsis_test_vectors.= h >=20 Some modifications are done in the release notes while merging. Please chec= k. Applied to dpdk-next-crypto Thanks.