From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on0043.outbound.protection.outlook.com [104.47.37.43]) by dpdk.org (Postfix) with ESMTP id 081B42A6C for ; Fri, 24 Nov 2017 09:51:03 +0100 (CET) Received: from BN3PR03CA0092.namprd03.prod.outlook.com (2a01:111:e400:7a4d::52) by SN2PR03MB2365.namprd03.prod.outlook.com (2603:10b6:804:e::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.260.4; Fri, 24 Nov 2017 08:51:01 +0000 Received: from BY2FFO11OLC012.protection.gbl (2a01:111:f400:7c0c::172) by BN3PR03CA0092.outlook.office365.com (2a01:111:e400:7a4d::52) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.260.4 via Frontend Transport; Fri, 24 Nov 2017 08:51:01 +0000 Authentication-Results: spf=fail (sender IP is 192.88.168.50) smtp.mailfrom=nxp.com; caviumnetworks.com; dkim=none (message not signed) header.d=none; Received-SPF: Fail (protection.outlook.com: domain of nxp.com does not designate 192.88.168.50 as permitted sender) receiver=protection.outlook.com; client-ip=192.88.168.50; helo=tx30smr01.am.freescale.net; Received: from tx30smr01.am.freescale.net (192.88.168.50) by BY2FFO11OLC012.mail.protection.outlook.com (10.1.15.23) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_RSA_WITH_AES_256_CBC_SHA) id 15.20.218.12 via Frontend Transport; Fri, 24 Nov 2017 08:51:00 +0000 Received: from [10.232.134.49] ([10.232.134.49]) by tx30smr01.am.freescale.net (8.14.3/8.14.0) with ESMTP id vAO8ovD1026606; Fri, 24 Nov 2017 01:50:57 -0700 To: Anoob Joseph , Declan Doherty , Radu Nicolau , Sergio Gonzalez Monroy CC: Jerin Jacob , Narayana Prasad , References: <1511333716-11955-1-git-send-email-anoob.joseph@caviumnetworks.com> <1511435969-5887-1-git-send-email-anoob.joseph@caviumnetworks.com> <1511435969-5887-2-git-send-email-anoob.joseph@caviumnetworks.com> From: Akhil Goyal Message-ID: Date: Fri, 24 Nov 2017 14:20:56 +0530 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <1511435969-5887-2-git-send-email-anoob.joseph@caviumnetworks.com> Content-Type: text/plain; charset="utf-8"; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-EOPAttributedMessage: 0 X-Matching-Connectors: 131559870613173492; (91ab9b29-cfa4-454e-5278-08d120cd25b8); () X-Forefront-Antispam-Report: CIP:192.88.168.50; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10009020)(6009001)(336005)(346002)(39860400002)(39380400002)(376002)(2980300002)(1109001)(1110001)(339900001)(199003)(189002)(24454002)(81166006)(77096006)(2906002)(53936002)(81156014)(33646002)(65826007)(2950100002)(230700001)(53546010)(83506002)(356003)(64126003)(65956001)(305945005)(8676002)(5660300001)(498600001)(97736004)(47776003)(8936002)(50466002)(65806001)(104016004)(86362001)(15650500001)(58126008)(105606002)(5890100001)(54906003)(106466001)(110136005)(316002)(68736007)(229853002)(4326008)(67846002)(189998001)(2486003)(23676004)(36756003)(50986999)(85426001)(54356999)(6246003)(76176999)(31686004)(31696002); DIR:OUT; SFP:1101; SCL:1; SRVR:SN2PR03MB2365; H:tx30smr01.am.freescale.net; FPR:; SPF:Fail; PTR:InfoDomainNonexistent; A:1; MX:1; LANG:en; X-Microsoft-Exchange-Diagnostics: 1; BY2FFO11OLC012; 1:nTwQ+gzir2FjRFXAshbxp2rcZYcP5wJVgYRNoujH3oLP71aiupyIG1Ash+MjATOSFyQ4+TsQIpbtf23a8zF5lVGz2uq2bEVOBYeWIyjdR47gwGqGrLaLoJmSzQBPFnQ3 X-MS-PublicTrafficType: Email X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(4534020)(4628075)(201703131517081)(2017052603258); SRVR:SN2PR03MB2365; X-Microsoft-Exchange-Diagnostics: 1; SN2PR03MB2365; 3:UhzLiUmZ9lIqwTCn7eBbAU0CUwiuKHcnvjbJXyWy/jh2XKY24DM2JBcu51Hv0Vrt2QfEIRVCd/ioz2PPZT8luBagsiWyS0/dazCPiV6QWVdF21MRTjog4/HCIRQ8ymHGKStMX/lADJfnH/8ohJ0crMhlAN45MDqYhxRcc/mfUb8a/Nm+dSNoRinLFUwJw0Pk/Mc0WoyEc8mbQfT7YeweO4sKSZS5qDh1roaMicRYGNtrIcSJN9IIL91R3E50cry77HRYDDC1a2CahAWyWRJS8LOOq83ijl+/GTFI0qqRR/cr6U7jUpWKV7w3myGy0q/HuZTrl0mXv4PgNoNGLF3JItlR8WhOTYgknjd640s39io=; 25:Pd6it/KMUoT5qYdK/DpaYn0c7LxfcNrhsjK4yIdD5WEclwrGkPaLylwx9eBK0IKudnhw/KXDQTSNBcyeMpe1sb+4zuSUdayY9apzMUqYd0n/QRPrWpng5aNpUJytd4FxnR0R3LjerqcgRu/ydyhr3LJP3b593rxs++2EuyDdpYUoJzqQsvx5eFV0TpgKPfhOaTyeFjy4IbHTt6iK+/mXF0003N2pGZIj7V22EIegL0nvRVKoVUbzWs9lO621VVKLJGf4lhOlllwc4/2Uj3bUY2BYu6OEUOo7R8ACW7ezgHSpi8SDa/rLuqGYV4YkZR4XiwsG3ZInWJCnUFBIeJdQJA== X-MS-TrafficTypeDiagnostic: SN2PR03MB2365: X-MS-Office365-Filtering-Correlation-Id: f5ccc617-d585-4d32-675c-08d533187cf7 X-Microsoft-Exchange-Diagnostics: 1; SN2PR03MB2365; 31:1xcaSYKabica0SzshKW4F55bysgYey+BmsgRMSxZGzof9/k8l0a3axHE5FlDNmLwEOyWzXrXFClDG5KGsdG07+xqXVQTRd0Ssy0RiaJGTdtqbA5he7GhESWot6U4Evc2ZWjuUyt4XkLFqAG2sLGrbgnEQKrwx3T16YwSjB6r/vfZDli9Kfe7SY0kmgjfZLtBoGZDKpfD1cZSPwV8ogm8F+ISE2HTO4J3xxphfxV42HI=; 4:UdzWzkokpnz9d9IvfgqglpJMtaP3w17eBobWHlY/fNaE6lij63s/ZmGEnjPKmTYYAkVQBCJCI/aHZXiKn6oaQFRklBnjr5yfoe0y1etopxykvU2PsY3uQVzy3IZMcz33eeg9DfbDUa2Xvn9qn/GyNm06SV7ODBIr7wZEBz6iZ1Ur9+Uvt1vG9DvnucXqSQHfhV71IpE0F8lId6KnjtpCJHyETewmRsbVlPdawtOjyKPqGB45d52cQmPdnBBwAgYgVqhzve/6B++iyFzyaJhuZ8mWWtEqGmKYbAOOF6A+rbo/eqXDbVJOD0CQKp0QqUMI X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(192374486261705); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6095135)(2401047)(5005006)(8121501046)(3231022)(10201501046)(3002001)(93006095)(93001095)(6055026)(6096035)(20161123563025)(201703131430075)(201703131433075)(201703131448075)(201703161259150)(201703151042153)(20161123565025)(20161123559100)(20161123561025)(20161123556025)(201708071742011); SRVR:SN2PR03MB2365; BCL:0; PCL:0; RULEID:(100000803101)(100110400095)(400006); SRVR:SN2PR03MB2365; X-Forefront-PRVS: 05015EB482 X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtTTjJQUjAzTUIyMzY1OzIzOjB6bEMxd2pHZWpVaE92bVIvZnhBd2s0STFH?= =?utf-8?B?a2hJM1VFNHJkRE5USEZ4MjRwQ0YrV1FSRXJPOU9HR2RtNHV4Sy9CbHppZUNn?= =?utf-8?B?aktnWWZESFZZTmI2Qi8rNFJJanF6SmhabDBlL0E2OHMyc2tCY0Y5N2h3amNz?= =?utf-8?B?eTZobEhYZkRqcmRxK3hxMDFObFN2N3hDeEU1ZDNIZGtaNmhwalVFTFFZTEtm?= =?utf-8?B?UUd4NlRBQTZoQm51aTJJbGJpQlc1dTY0RWdEZGVxZVJlYU9EZ21vVitwT0p1?= =?utf-8?B?bjcvQWc3NXR2YzAwSU5MNnQ4cS83TUlUZis3ZUIvM245cXNnOUhVY01qdVRR?= =?utf-8?B?Y3ZpcHFrdStMZjVvdnQ3VE0xS3JyaWlvYVZvK1l3V3NzeWpDY0RJYWRPSG5M?= =?utf-8?B?THhkVWUxU0tTbDBEWkd0aHloUnRrOUlLUFhJQ0Y1dFRXU3R5QTNoWXVVbFVT?= =?utf-8?B?aVZ1REhKczFhbGlGakRRWHFFS1pBNkljOHBSTWRsUFNjMGJBT3YrN0lxRDM0?= =?utf-8?B?dTV1VGtrajgrcktIdHRVaWFhNGtqOW5CaVlMZ1oxdld2NTRMNmI3Z0tJWWMw?= =?utf-8?B?Rm94VEJQTkI2ZmRhN2hlV1l3RXg4QTNaWVI0bEkyMDJrQlpYcWlBOVhHVTlu?= =?utf-8?B?TlhnTS9ydWVjTk1GYzRVSmVoeCtOMmkrdFpldHJRblR5ZExwMmJOU0o5MFFr?= =?utf-8?B?a3JLMDhUUnFzYUFlL2h5MDRTMjlYMmZ3Q3psRnNuWURPMGZueVhOMUVGSmRK?= =?utf-8?B?cXZmSm4wRnhTeGhLcTR3YkF3VVBQcWRLSzhXeFFITzBmQ2ZYTHVmY3RPM1I5?= =?utf-8?B?Z0Y2Y1FVcVVJRmtNQXFXS2hTSWhmTDNLMlBtc0ltdE00cFY5ZVV0VFYzOVJL?= =?utf-8?B?L2hrV2grRERZV1JKR0lQQktsNFFBLyt2SEJaNWRFb3FscFNTbFFiTHZQcmxP?= =?utf-8?B?QXl5WU5QUFFxSWkwTVBtTExLOUxTb3B5amw5YXBoUzYyRmk5WWsxUkpoR01V?= =?utf-8?B?dTdKS3Q5TTBhN1ExQTRTYXI0SW5pMEV5VGdGL1dHbWgvTStrZjFtZC9JbFFu?= =?utf-8?B?OW5ZVkhIeUxJUHdvMTlnWXRTYlBMS2VzT2RRYVBFcVRUeGsyUWd1L25TS2Ju?= =?utf-8?B?SDhlbEVtRFRoZzRCL3RBV01FZUVqbFBEZ29BZW9UWGRzMEVqZHozb0dtQTF1?= =?utf-8?B?dW91Vjd6Ylk0SFZ6YmI5ZHIvbFdJeGNhM0FtMldDVHk3MUFyNWZqZ1RBYzJL?= =?utf-8?B?Z2dZZkVNLzJnRmtUSktsS2pyWkQ1THBOVlIzZWtDc25HanZ0SjBYbjB0UHJL?= =?utf-8?B?bHNWNEY0ZU5UanV2RGNMcTV6WHR6eWgwMWo3SVBJMDJuais2Z3B3dHBMVlVm?= =?utf-8?B?MFUwTHVQWlNIWXMzZ3MwV1kxckp1Sm5SZkVYK3NaSFdoMXQ4ZVNVNVJqdlZU?= =?utf-8?B?VmRJMkNsSUkzZ3JiaTdiOVBZQVZKUThvNUwxVWNJOGxzS2srUjRkTDJwaUF3?= =?utf-8?B?aXoxdG8yTFJZdEpVdHpRd2VwSkdQczJQRko5Z3QvSlArNy94TUJUNUJCZFB2?= =?utf-8?B?QjJvOVdwVXJhU0xEZnJMUDdlaTgwNFlkTlFWWjZJaHptSHMwaGlUbFpiWEh0?= =?utf-8?B?NXRnUEhrVnZIM3ZWeXljcnVRbnRZbHE4djlyY05VbktGSVdjVjdKZGJERUIz?= =?utf-8?B?MnZtYWJnYW1rQTdzOXViY3dwOEpzR2YySkgycnZTdnZ3QXVoY3F5S2VPdmh5?= =?utf-8?B?STZYN29yVjVxK0tRN0p4TVlBbXVJL3VGUEw3aHhKMGcwNE95V2JDVWpTSjRp?= =?utf-8?B?K1Rpc1N0WTRZWHRremxQYlNlVUEyRFdWOVdudWlGM1BjTG04Rnd1d0laTEx4?= =?utf-8?B?eHNIem5JV0xVSVN4UWFyTVQyYWRqODUzR3hoT2tQLy9sQUhxVnNpMlFyVTZs?= =?utf-8?B?aDdHYzNLU2lRPT0=?= X-Microsoft-Exchange-Diagnostics: 1; SN2PR03MB2365; 6:BxZPH2DnSktVac9zQJcrdRyVLSex3DRRvI4epIk7AobCTAeTZo0esULpcdjGL5ev45DN+lwWA6OyLanP4Iv/5Sy9xUxSJXMAtxWXPhQTR5eqT5N+2EWSrptKEcgxF15RIshZGdvPzYKK45+i1VzhiEFPDletZfC0HZ2VLw+OZOS8/hwk4LnQaryorPlF6No/hxJag5AawcFM+5qbxCXI12wcPUPUZDQYCA8l2dDURj/LFr37FjNqwAJkgOB09IpuUX2jpjUyIP4yt9tGfNJL4lzrV/I4zLFfXekvC2u9a0rC3N5Decn0GYhAioyxeUskb2YW7+lsjv7CcRZR7oSsMyl5hzyCs23p5JSr3T5Yg+Y=; 5:J21ak9qKxlbLwwTBP6UmyVuuoGgXvuSf+zjeyU8G+wl8NfJ9sOxDN5L+ijp2E+XSv+NHGxgtogp8IQoh9hT3nMdCkwiV9T83nXdoakEKe7pdRkWJs8DspV+4JZr/zR+BmMbtGlDUGdkM4Tw0PPdsVy4EmzgblLUnZzxCRzXNoeo=; 24:vLzlCuPvbhwbSEgabbI6GZLlaqrL2GKPFJqUROX/Xw3ifOKBhSZXWZBxAkQH/azdBrR1t448pZHacyxWGPPzbpMijo5kpmIfnwAvii3bmss=; 7:UAI64xo/yGfeTWdNzOXvi0DrTP8RVJVTfLmnajEqa38H3A2X0xXyr62SYt2qiUEr9yhKxPkg/1q/9MCOHtyw7QnP1IK5m6Tlg+bs4SOkr0bkU7TZO4M0vOaodsBPBHkDB6MZ5d4Gqdespv9EB1zvVnau0Kcp6pcTC1UMwCk19ymjtYGpPGdUmjQYml2H+YmaGE0tkAH0D/tdrbK2/DVahz5VMlMQSHDbqeVTbZl7G7TdT+125ywmBLcjBRnzt6kO SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Nov 2017 08:51:00.9273 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f5ccc617-d585-4d32-675c-08d533187cf7 X-MS-Exchange-CrossTenant-Id: 5afe0b00-7697-4969-b663-5eab37d5f47e X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=5afe0b00-7697-4969-b663-5eab37d5f47e; Ip=[192.88.168.50]; Helo=[tx30smr01.am.freescale.net] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN2PR03MB2365 Subject: Re: [dpdk-dev] [PATCH v3 1/2] lib/security: add support for get metadata X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Nov 2017 08:51:03 -0000 Hi Anoob, Radu, On 11/23/2017 4:49 PM, Anoob Joseph wrote: > In case of inline protocol processed ingress traffic, the packet may not > have enough information to determine the security parameters with which > the packet was processed. In such cases, application could get metadata > from the packet which could be used to identify the security parameters > with which the packet was processed. > > Signed-off-by: Anoob Joseph > --- > v3: > * Replaced 64 bit metadata in conf with (void *)userdata > * The API(rte_security_get_pkt_metadata) would return void * instead of > uint64_t > > v2: > * Replaced get_session and get_cookie APIs with get_pkt_metadata API > > lib/librte_security/rte_security.c | 13 +++++++++++++ > lib/librte_security/rte_security.h | 19 +++++++++++++++++++ > lib/librte_security/rte_security_driver.h | 16 ++++++++++++++++ > 3 files changed, 48 insertions(+) > > diff --git a/lib/librte_security/rte_security.c b/lib/librte_security/rte_security.c > index 1227fca..a1d78b6 100644 > --- a/lib/librte_security/rte_security.c > +++ b/lib/librte_security/rte_security.c > @@ -108,6 +108,19 @@ rte_security_set_pkt_metadata(struct rte_security_ctx *instance, > sess, m, params); > } > > +void * > +rte_security_get_pkt_metadata(struct rte_security_ctx *instance, > + struct rte_mbuf *pkt) Can we rename pkt with m. Just to make it consistent with the set API. > +{ > + void *md = NULL; > + > + RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->get_pkt_metadata, NULL); > + if (instance->ops->get_pkt_metadata(instance->device, pkt, &md)) > + return NULL; > + > + return md; > +} Pkt metadata should be set by user i.e. the application, and the driver need not be aware of the format and the values of the metadata. So setting the metadata in the driver and getting it back from the driver does not look a good idea. Is it possible, that the application define the metadata on its own and set it in the library itself without the call to the driver ops. > + > const struct rte_security_capability * > rte_security_capabilities_get(struct rte_security_ctx *instance) > { > diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h > index 653929b..35c306a 100644 > --- a/lib/librte_security/rte_security.h > +++ b/lib/librte_security/rte_security.h > @@ -274,6 +274,8 @@ struct rte_security_session_conf { > /**< Configuration parameters for security session */ > struct rte_crypto_sym_xform *crypto_xform; > /**< Security Session Crypto Transformations */ > + void *userdata; > + /**< Application specific metadata */ > }; > > struct rte_security_session { > @@ -346,6 +348,23 @@ rte_security_set_pkt_metadata(struct rte_security_ctx *instance, > struct rte_mbuf *mb, void *params); > > /** > + * Get metadata from the packet. This returns metadata associated with the > + * security session which processed the packet. > + * > + * This is valid only for inline processed ingress packets. > + * > + * @param instance security instance > + * @param pkt packet mbuf > + * > + * @return > + * - On success, metadata > + * - On failure, NULL > + */ > +void * > +rte_security_get_pkt_metadata(struct rte_security_ctx *instance, > + struct rte_mbuf *pkt); > + > +/** > * Attach a session to a symmetric crypto operation > * > * @param sym_op crypto operation > diff --git a/lib/librte_security/rte_security_driver.h b/lib/librte_security/rte_security_driver.h > index 997fbe7..561ae83 100644 > --- a/lib/librte_security/rte_security_driver.h > +++ b/lib/librte_security/rte_security_driver.h > @@ -122,6 +122,20 @@ typedef int (*security_set_pkt_metadata_t)(void *device, > void *params); > > /** > + * Get metadata from the packet. > + * > + * @param device Crypto/eth device pointer > + * @param pkt Packet mbuf > + * @param mt Pointer to receive metadata > + * > + * @return > + * - Returns 0 if metadata is retrieved successfully. > + * - Returns -ve value for errors. > + */ > +typedef int (*security_get_pkt_metadata_t)(void *device, > + struct rte_mbuf *pkt, void **md); > + > +/** > * Get security capabilities of the device. > * > * @param device crypto/eth device pointer > @@ -145,6 +159,8 @@ struct rte_security_ops { > /**< Clear a security sessions private data. */ > security_set_pkt_metadata_t set_pkt_metadata; > /**< Update mbuf metadata. */ > + security_get_pkt_metadata_t get_pkt_metadata; > + /**< Get metadata from packet. */ > security_capabilities_get_t capabilities_get; > /**< Get security capabilities. */ > }; >