Re: [dpdk-dev] [RFC PATCH 3/5] rte_security: updates and enabled security operations for ethdev

DPDK patches and discussions
 help / color / mirror / Atom feed

From: Akhil Goyal <akhil.goyal@nxp.com>
To: Radu Nicolau <radu.nicolau@intel.com>, <dev@dpdk.org>
Cc: "hemant.agrawal@nxp.com" <hemant.agrawal@nxp.com>,
	Declan Doherty <declan.doherty@intel.com>,
	Boris Pismenny <borisp@mellanox.com>
Subject: Re: [dpdk-dev] [RFC PATCH 3/5] rte_security: updates and enabled security operations for ethdev
Date: Tue, 29 Aug 2017 18:49:59 +0530	[thread overview]
Message-ID: <0d41b5cf-ef02-37ce-d05f-8c3fdf20d1d3@nxp.com> (raw)
In-Reply-To: <5b7452db-e06b-bfa2-fdd6-5a0aaf1e21f7@intel.com>

Hi Radu,
On 8/29/2017 6:43 PM, Radu Nicolau wrote:
>>> @@ -70,9 +70,9 @@ struct rte_security_ipsec_tunnel_param {
>>>           } ipv4; /**< IPv4 header parameters */
>>>             struct {
>>> -            struct in6_addr *src_addr;
>>> +            struct in6_addr src_addr;
>>>               /**< IPv6 source address */
>>> -            struct in6_addr *dst_addr;
>>> +            struct in6_addr dst_addr;
>>>               /**< IPv6 destination address */
>>>               uint8_t dscp;
>>>               /**< IPv6 Differentiated Services Code Point */
>>> @@ -171,6 +171,12 @@ struct rte_security_ipsec_xform {
>>>           uint8_t *data;  /**< pointer to key data */
>>>           size_t length;   /**< key length in bytes */
>>>       } auth_key;
>>> +    enum rte_crypto_aead_algorithm aead_alg;
>>> +    /**< AEAD Algorithm */
>>> +    struct {
>>> +        uint8_t *data;  /**< pointer to key data */
>>> +        size_t length;   /**< key length in bytes */
>>> +    } aead_key;
>> I believe it would be better to use a union here.
>> union {
>>     struct {
>>         enum rte_crypto_cipher_algorithm cipher_alg;
>>             /**< Cipher Algorithm */
>>             struct {
>>                     uint8_t *data;  /**< pointer to key data */
>>                     size_t length;   /**< key length in bytes */
>>             } cipher_key;
>>             enum rte_crypto_auth_algorithm auth_alg;
>>             /**< Authentication Algorithm */
>>             struct {
>>                     uint8_t *data;  /**< pointer to key data */
>>                     size_t length;   /**< key length in bytes */
>>             } auth_key;
>>     };
>>     struct {
>>         enum rte_crypto_aead_algorithm aead_alg;
>>         /**< AEAD Algorithm */
>>         struct {
>>             uint8_t *data;  /**< pointer to key data */
>>             size_t length;   /**< key length in bytes */
>>         } aead_key;
>>     };
>> };
> Probably the best way will be to have a chain of transforms, I will 
> follow up in the next patchset.

Will it be chain of crypto xforms? If yes, then we may not be needing 
the fields like iv and digest length and op will need to assigned twice.

next prev parent reply	other threads:[~2017-08-29 13:20 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-08-25 14:57 [dpdk-dev] [RFC PATCH 0/5] Enable IPSec Inline for IXGBE PMD Radu Nicolau
2017-08-25 14:57 ` [dpdk-dev] [RFC PATCH 1/5] mbuff: added security offload flags Radu Nicolau
2017-08-25 14:57 ` [dpdk-dev] [RFC PATCH 2/5] ethdev: added security ops struct pointer Radu Nicolau
2017-08-25 14:57 ` [dpdk-dev] [RFC PATCH 3/5] rte_security: updates and enabled security operations for ethdev Radu Nicolau
2017-08-29 12:14   ` Akhil Goyal
2017-08-29 13:13     ` Radu Nicolau
2017-08-29 13:19       ` Akhil Goyal [this message]
2017-08-25 14:57 ` [dpdk-dev] [RFC PATCH 4/5] ixgbe: enable inline ipsec Radu Nicolau
2017-08-28 17:47   ` Ananyev, Konstantin
2017-08-29 13:06     ` Radu Nicolau
2017-08-25 14:57 ` [dpdk-dev] [RFC PATCH 5/5] examples/ipsec-secgw: enabled " Radu Nicolau
2017-08-29 12:04   ` Akhil Goyal
2017-08-29 13:00 ` [dpdk-dev] [RFC PATCH 0/5] Enable IPSec Inline for IXGBE PMD Boris Pismenny

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=0d41b5cf-ef02-37ce-d05f-8c3fdf20d1d3@nxp.com \
    --to=akhil.goyal@nxp.com \
    --cc=borisp@mellanox.com \
    --cc=declan.doherty@intel.com \
    --cc=dev@dpdk.org \
    --cc=hemant.agrawal@nxp.com \
    --cc=radu.nicolau@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).