From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-sn1nam01on0085.outbound.protection.outlook.com [104.47.32.85]) by dpdk.org (Postfix) with ESMTP id B2A09236 for ; Wed, 22 Nov 2017 15:13:24 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=CAVIUMNETWORKS.onmicrosoft.com; s=selector1-cavium-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=xvxxeFPZup6s/bozIcpZvyr5jEP1VrGOvxwAXSuYHg4=; b=VUwsqhXNoqNjD7EoWNqYyTDZyhUAwdyp9jaLd1libCP6DGBq/Bo7xXTxXgZ6qdTl9F7BFLhDW9I6ilznjBSm+mGv7Xzn29mr/A4cbv9atvCwqaAVDMz4FYDeje2Qyru14OFHaWe1BdaBjnu9oPD/pMXBIO3YCAFUwyAsNh6lGTg= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Anoob.Joseph@cavium.com; Received: from ajoseph.in.caveonetworks.com (14.140.2.178) by CY4PR0701MB3635.namprd07.prod.outlook.com (2603:10b6:910:93::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.260.4; Wed, 22 Nov 2017 14:13:19 +0000 To: Neil Horman Cc: Akhil Goyal , Declan Doherty , Radu Nicolau , Sergio Gonzalez Monroy , Jerin Jacob , Narayana Prasad , dev@dpdk.org References: <1511173905-22117-1-git-send-email-anoob.joseph@caviumnetworks.com> <1511333716-11955-1-git-send-email-anoob.joseph@caviumnetworks.com> <1511333716-11955-2-git-send-email-anoob.joseph@caviumnetworks.com> <20171122132720.GA624@hmswarspite.think-freely.org> From: Anoob Message-ID: <0f8af801-9833-ccc1-c969-c7b4e74aecac@caviumnetworks.com> Date: Wed, 22 Nov 2017 19:43:13 +0530 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <20171122132720.GA624@hmswarspite.think-freely.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Originating-IP: [14.140.2.178] X-ClientProxiedBy: BN6PR21CA0020.namprd21.prod.outlook.com (2603:10b6:404:8e::30) To CY4PR0701MB3635.namprd07.prod.outlook.com (2603:10b6:910:93::10) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 17f669a6-7f1f-47b0-c404-08d531b33068 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(4534020)(4602075)(7168020)(4627115)(201703031133081)(201702281549075)(5600022)(4604075)(2017052603258); SRVR:CY4PR0701MB3635; X-Microsoft-Exchange-Diagnostics: 1; CY4PR0701MB3635; 3:QlczPlyxHL4BjF4p8lM6XGNiSQmjPDyOk7H+2Aftxx8PL1iiOoUPChWv9ZQg0dtB8dnmvBgZAPWSipdNLLP23/46uT13M8gA8q95Jf8gkyKnArZi+Teganj6z1SAnojNz3XPafFopVFbhErPbId5xtPhb9u7LucS84uWmvqJQoMYaJAhvn40AwUH+euuo61HDLJVI/2wWm0f45P1qamRo7IogpXvUR65BRUJLxWuZtalDvzC8R9QWxFrNqcU5EBV; 25:qtb6Tg5svz1z8Kjns3ICJuQt7nzmp5IixBufAMlPTFcoUqYHf4Z0NpeBCeDhQNJpaNnivC521qRCMhcg/wWrBcRbbOz3tt6q2JGc18n5mxnOYjMBBFjq94qradPgk5SVirhUHJXxHEj3oVFwqc2xXswBikUQeXJdmKJRQfx2PbA23hfrOVAMFZFM+E9plqk+nAqZ/JeLT4bzIOnVfL7XCePVBfzfmnmGN8EoS+nYEgSauGxOjXBIdSjMgBAZ3SgU0D2b3PVKb3VC+yaG2UkiSz0O4kGUH/p0p+onAVFTzyPVYOg2QJ0pv9ex2HjcdVtofBxRei6LuCZBmbXa1sV0lA==; 31:/r1mvXFv7b3or3JXW9X6UpwR8rQGYfIQqzmbPBr+km2MJKj5NfIka7qrgNYczX0djL7Ywm+STenedMPdMadhoNqxqK6ScWCKkAG3cTa8eL0Jsc0EwR1ofawCbL2bfdSQHxhD1CGlfqXlbA6p/sXnm/1kkBd11L+jlFNrn5sx0+ElZEUawd80H3PnIf9V0oWG5aTboYGGXUH4uQpCwNh014vHqliQv9o8fD9pghqirRA= X-MS-TrafficTypeDiagnostic: CY4PR0701MB3635: X-Microsoft-Exchange-Diagnostics: 1; CY4PR0701MB3635; 20:iGkOrPiRulbv7Qdym2vrnQU/oLe5K7WrZ55rYhuQg4wBihmhQuLJn8ye69KWA4iJzpZZwVjOC9EzXaC/RbNtSBpMlP1la5CLFH7bK72fiRd+StHCuWykS7seDUZbMZiX+DDb8M/QIFdSfRWD67lJNrzkYhaR3xzQ1k3v5fv/yIXmFGZypjz+n2Q5z6ibbDNHvW/xtLmmGhtq2F+vM9VI2cvweIx7Z8EeKKiJgDuv8JvsgjP8RR2Q3tiJvLIF67VGyWZtTgKukyMfBtvqW8Um31ddd6bKRfTWlVABt/cdAZf+GboGiU3iblGqios3q80i35tVZc+rHb/57gRz0J8uAPGiWbz0fIQbazP5C34UtBf/lWCrrcjYpWPe3j5miwPLMuVj3mPIAI6c3sXlMKzGuOUV02vgK/kb1xAAlIIzR2obI9mN8LJPGJUfE+H06lj1EPEihO9nSKg2l0v9i1Bg958Kvuhd3oyfjNTjhM0+b4g5gnVLVDcbZoAK9EkNScCMleKvVXuuBpFlqRQzKs9eAT325U0HpssNwwnt2V4MWb9KhpQJS/sgiGryVp5ArpYBJOHCK0CYyR6+EMGfS/GzVYcZy1m5St928m0biGdJQJI=; 4:ERGX8ziXyQwJ0dmqESqak4deJ/hTEqS/zO8pF9iHr+jUZKImDP1LI/1HjSmFA8+vDrxqSKBRAP9s09oUo4kvvKJghlB1vrN4InoUirLcSFm9kNmMA/J5hz9o90sVNKlwShhpklPBztBH8T12regjhIzvaEr/i7sypw4Gc6k+QwqqrlVIjOmc6PNx718bDyMBKI9QE5GRIxB/ZTrzAyk9eTeIiJy8PdK6taECoIntr5yzKXtw9fQYWzJLd4XY6WR799nuJmCm+YI90SmpXxnNBcMhrXAB0m5I79eGJjnyHtCNgGtTmCPU6cWcvfcc/pr6 X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(192374486261705); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(5005006)(8121501046)(10201501046)(93006095)(3002001)(100000703101)(100105400095)(3231022)(6041248)(20161123560025)(20161123564025)(20161123558100)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123555025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY4PR0701MB3635; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY4PR0701MB3635; X-Forefront-PRVS: 0499DAF22A X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6009001)(376002)(346002)(189002)(24454002)(199003)(15650500001)(6916009)(31686004)(6246003)(65826007)(6486002)(6666003)(53936002)(4326008)(316002)(575784001)(50986999)(58126008)(64126003)(189998001)(52146003)(478600001)(8676002)(3846002)(33646002)(106356001)(23676004)(2950100002)(6506006)(105586002)(42882006)(31696002)(93886005)(50466002)(81156014)(81166006)(67846002)(305945005)(6116002)(25786009)(54906003)(5890100001)(68736007)(53546010)(65956001)(7736002)(65806001)(66066001)(97736004)(2906002)(5009440100003)(55236003)(230700001)(76176999)(72206003)(54356999)(16526018)(83506002)(101416001)(8936002)(229853002)(8656006)(47776003)(2486003)(36756003)(5660300001)(6512007)(110426004); DIR:OUT; SFP:1101; SCL:1; SRVR:CY4PR0701MB3635; H:ajoseph.in.caveonetworks.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: cavium.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtDWTRQUjA3MDFNQjM2MzU7MjM6RStUY1lFZXN6N2NEWUVQeXFRc1MxUS9O?= =?utf-8?B?cWMya2Q1SVUzUFk4SnFOZXgxMkR1QVROVW1GRlNOMmN6aUd3dFBac2I2NXpL?= =?utf-8?B?TXNrdjlpTDVUMEdRSU9XMDVubUI4NTM5NXlqakV5dEFXbUdBV2pQL1J3cmZy?= =?utf-8?B?aXgwZjJrNzdoYURIREdRQjJrdS9EUmltK1pMTXFlK2lBMHhxaGorTFNkU0RV?= =?utf-8?B?ZGJvbzZnMXRLOHhsNEUrQUVURnBHMzVNeDV4STcrbERCQ0RFa1V2d2VrRklN?= =?utf-8?B?dklEQTQvSEhGdFczN2xIc3AwVzdsRktzNUUwcXp5b2JuTExHUlE1UTlzR3Rw?= =?utf-8?B?ZFJOVVNEWUQ3YnZzZkJQSkxVLzBoVS9OdlZzczUxSHRKNkdLL2F3SnpicDNq?= =?utf-8?B?bTMzWXY3YWR0RGRlR1ZSb1djZHNaMHdlUjZLWU93bVo2Njl0ODcxaWJBYzBE?= =?utf-8?B?MHZNTTlSNGVKUFBZM0JWaEV3emNDL0J0dWRCN2ExeXJsVmh0akRBTk5zSFV5?= =?utf-8?B?NEJOZmluNXBuMG5hRi9sYkZ4UVIxRW1uN2FsMW43SHd1bFBTeFYzZmMrcE1x?= =?utf-8?B?dUhEeFdieWNTS3RRWXhUWmdIemtIYnJ5QTVaWnVmbzJYYVQxOEpjemR1K21s?= =?utf-8?B?K2dvWElLNDAzUkx1V2FPZVZ1eU5Bd2E0SUNyVEdxSjBRWlg0T1dYcnd2ekti?= =?utf-8?B?aXRmSXRrUURtL0JIZWgrTU1UV21obVdwU3d4MEJEU2c0VktKUmVMaXQzRzJp?= =?utf-8?B?TzdqbzJWbzNrK0dKcnZMTnpGNWJsMXV3SUtIRVFydStLbi9iNSt2VU9WblZP?= =?utf-8?B?VzE3ck1PaWd3VGhIWTczWEZnWVhReUNZb2t3dllVV09xcTV6NWY4eXljNW5k?= =?utf-8?B?Skx0UDlsZXgrdUZjbGRMU0FFb0kyY3VzWlB5d3o5ZG9pUjJ6UEpjRzF6dGhL?= =?utf-8?B?cldwcFc5RHFvQ1NLdUc4M3I0aHhYalZhUkxsSWo1cG9OaFUraGpaS1RIaTdo?= =?utf-8?B?NUhuZVIwYkdmaFdZazcybktuNFJRMjdxZkxUZmNVZEQ1WUFHTjgxcnZtSHg0?= =?utf-8?B?U0hNNERyeCtGQ3dHZisvejE1ZXRRQ1ZQaCs5eGVPUG5sUDhqclZHdTBVSkVh?= =?utf-8?B?K0VOaVVnUmxMU1IwVWIvTE0vWTVrTEo4c0tkQWRnRnR5OC9lQW1XdFg4Q3dI?= =?utf-8?B?aFFycWt0TWRuQ1V6WkJmcVV5dUdvRW5HR05XSU41cTZMcnZvby9BdFJ0dDkw?= =?utf-8?B?OTVleFZWR2R4eGw3T3hMeThCRmRCbG9LaVVTdnRIMXo1ZHlDb3ljWXVOR21D?= =?utf-8?B?S0RwRThDZGdKM3ZydDJqNVZyWFdQQzkvb3VydW5NajVUMTltNWYzWXBDdStt?= =?utf-8?B?Z3NCVmxHLzlkUXc5NW5va3lnbzRJcFpMUE1wMXhueXByZExZRnFoNWpjbFJj?= =?utf-8?B?QnY2UTlGSGMzZDcrZVNjUS9MMmRmVGR5ZU9mTWNqeUJucmZVWnBXTlJiN1Uz?= =?utf-8?B?Z2h5aEdqMjZvOVhsNnUzbGdmc09JT2UzdkMyR3NBQWFhWXJqdXlMNUZOcWhE?= =?utf-8?B?aC9jOGtuNG9ueFh0UmZrRndLbWVuODBMV3BCWFpiM1gwYTlKK0FZSnJZaG5K?= =?utf-8?B?SjZxZk1KTCtjRWJ4VTUyNDFmaUUzUWVOSks0MDhsM3JPVHBFbUQwWURwZWEr?= =?utf-8?B?TDZMWmtjTmRnNDBmL2tOVGxrRlJGMlprMXh2NjA1UFhDZXJkVmpTUlp1MnBX?= =?utf-8?B?MDNNbGQ4Q2pLamttMVhzdURTeEk4Y1VFOUZla2tKVGRkMkFoWnJ0RU5lVEZG?= =?utf-8?B?WkNjM20rVkZabGNvZnhnSFM1NFdBYmVYTjJ3cjlWSFUxWEVCdVdwS0tLS1Y0?= =?utf-8?B?TEl0TnhEemJPN3hrU21mbElGSEs3YW8yYS9OeWU0b1dmU3l3SXVIeGVDUXZY?= =?utf-8?B?VTdNa3R0Y002a1IrMUdCN1BUN2ViOTIxNGF0OWNtSm5JVk1VK1VnSXBseS9q?= =?utf-8?B?OFMzcXFPVTl3dTJQMW05VU1CTUpyV2ExVExzVDhzSUgzYmxIYy9Dai9YaGky?= =?utf-8?B?WmhMQ041YTg1bWp3VE5jVHNFejlYemhQSHFvY1E5TS80RStEeDViUFNFMCtk?= =?utf-8?Q?qJ5VuSmtU5588Pnaf+iMCNXHpdyI437nlHeZvNEV01Y7pH?= X-Microsoft-Exchange-Diagnostics: 1; CY4PR0701MB3635; 6:S9C+kGoCpCqObhSl2Q2ib43adsE3rOV4cwfhOUSflq0Z/GQaQM2zChNkn4/kiu5RY+WmmJ6lKZBTRzIefc9AG80LrhOsHEbOi8cA4M+W1IRCZGD4cAdMWTv5NBxjYY5k81fX9rV9G4tnwA1cShunkVvdwBM6BnM9FJfdlGsJLksPGKF3yh8xm5C+owx907J8zNeK0CWa7gVJHrtKDNLqDJHbJYeb1rG+g2deXwZujOKyeiRTNgttUvaQ9HG99+h9wFf7y67C3EMB38VExjy0ze5bsOtsP9xFckWxry3i5SXGyV8jkHOlas7X6NbdndIcC1akWKHNsoCEbj79DEwxszJqwm2AuCPOZ8YsFMb3/D8=; 5:oX9r+73xR5PRPL0v9rIvz5215r9aUyuUMIhfmU8vcbBITyyxNinUUNrzcNLtIH31ZREbCwtwblyoVNmbZC+zQcjxWCsps8hhM+4J5BT5o/egHjenGupadHWePQT7mUN3ZBL/f/to5ZatmEhMreSfYRJnatL7RStNsabKIdPUvkE=; 24:WTL0mA7ye9SnCTkpOBIJj5j9uAqEQ/4xorc7MjAE9BKv/eQ4Nn8i8+ky1iaLyPTUtRDjwCCAARho4V0H7M1+PZaScW2SclRCD2NW8+GQFLA=; 7:iISV+vWqP1EOsnz41CPns6xDtJh4HJpZzp9uaSvCJ6kor0p5EONoDGAaPZL5xqbR4eJRU6z35CGlo8r0v3jKQhPGE37TaZszx3KUFoym4PFvA7f69kJshx35B4nFlhe7rLs21VOG0631HmhT/FmWP/KQ+7mo495MYfMh4HGtib/SwGq4Zqbuu/tUxsHAqJ5EyeRV95gENhg7SZPny2hQiEteFwp4ll0dtduDjPcRtzevmhw2iqp8U2CTONaJDQdo SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: caviumnetworks.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Nov 2017 14:13:19.1372 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 17f669a6-7f1f-47b0-c404-08d531b33068 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 711e4ccf-2e9b-4bcf-a551-4094005b6194 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR0701MB3635 Subject: Re: [dpdk-dev] [PATCH v2 1/2] lib/security: add support for get metadata X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Nov 2017 14:13:25 -0000 Hi, Please see inline. On 11/22/2017 06:57 PM, Neil Horman wrote: > On Wed, Nov 22, 2017 at 06:55:15AM +0000, Anoob Joseph wrote: >> In case of inline protocol processed ingress traffic, the packet may not >> have enough information to determine the security parameters with which >> the packet was processed. For such cases, application could register a >> 64 bit metadata in security session, which could be retrieved from the >> packet using "rte_security_get_pkt_metadata" API. Application can use >> this metadata to identify the parameters it need. >> >> Application can choose what it should register as the metadata. It can >> register SPI or a pointer to SA. >> >> Signed-off-by: Anoob Joseph >> --- >> v2: >> * Replaced get_session and get_cookie APIs with get_pkt_metadata API >> >> lib/librte_security/rte_security.c | 13 +++++++++++++ >> lib/librte_security/rte_security.h | 19 +++++++++++++++++++ >> lib/librte_security/rte_security_driver.h | 16 ++++++++++++++++ >> 3 files changed, 48 insertions(+) >> >> diff --git a/lib/librte_security/rte_security.c b/lib/librte_security/rte_security.c >> index 1227fca..804f11f 100644 >> --- a/lib/librte_security/rte_security.c >> +++ b/lib/librte_security/rte_security.c >> @@ -108,6 +108,19 @@ rte_security_set_pkt_metadata(struct rte_security_ctx *instance, >> sess, m, params); >> } >> >> +uint64_t >> +rte_security_get_pkt_metadata(struct rte_security_ctx *instance, >> + struct rte_mbuf *pkt) >> +{ >> + uint64_t mdata = 0; >> + >> + RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->get_pkt_metadata, 0); >> + if (instance->ops->get_pkt_metadata(instance->device, pkt, &mdata)) >> + return 0; >> + >> + return mdata; >> +} >> + >> const struct rte_security_capability * >> rte_security_capabilities_get(struct rte_security_ctx *instance) >> { >> diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h >> index 653929b..aa3a471 100644 >> --- a/lib/librte_security/rte_security.h >> +++ b/lib/librte_security/rte_security.h >> @@ -274,6 +274,8 @@ struct rte_security_session_conf { >> /**< Configuration parameters for security session */ >> struct rte_crypto_sym_xform *crypto_xform; >> /**< Security Session Crypto Transformations */ >> + uint64_t metadata; >> + /**< Metadata registered by application */ > This is going to break ABI. You need to announce the change so that application > providers can be prepared for it. The security library is under experimental tag. So is the announcement required? > >> }; >> >> struct rte_security_session { >> @@ -346,6 +348,23 @@ rte_security_set_pkt_metadata(struct rte_security_ctx *instance, >> struct rte_mbuf *mb, void *params); >> >> /** >> + * Get metadata from the packet. This is an application registered 64 bit >> + * value, associated with the security session which processed the packet. >> + * >> + * This is valid only for inline processed ingress packets. >> + * >> + * @param instance security instance >> + * @param pkt packet mbuf >> + * >> + * @return >> + * - On success, metadata >> + * - On failure, 0 >> + */ >> +uint64_t >> +rte_security_get_pkt_metadata(struct rte_security_ctx *instance, >> + struct rte_mbuf *pkt); >> + >> +/** >> * Attach a session to a symmetric crypto operation >> * >> * @param sym_op crypto operation >> diff --git a/lib/librte_security/rte_security_driver.h b/lib/librte_security/rte_security_driver.h >> index 997fbe7..da0ebf4 100644 >> --- a/lib/librte_security/rte_security_driver.h >> +++ b/lib/librte_security/rte_security_driver.h >> @@ -122,6 +122,20 @@ typedef int (*security_set_pkt_metadata_t)(void *device, >> void *params); >> >> /** >> + * Get application interpretable metadata from the packet. >> + * >> + * @param device Crypto/eth device pointer >> + * @param pkt Packet mbuf >> + * @param mt Pointer to receive metadata >> + * >> + * @return >> + * - Returns 0 if metadata is retrieved successfully. >> + * - Returns -ve value for errors. >> + */ >> +typedef int (*security_get_pkt_metadata_t)(void *device, >> + struct rte_mbuf *pkt, uint64_t *mt); >> + >> +/** >> * Get security capabilities of the device. >> * >> * @param device crypto/eth device pointer >> @@ -145,6 +159,8 @@ struct rte_security_ops { >> /**< Clear a security sessions private data. */ >> security_set_pkt_metadata_t set_pkt_metadata; >> /**< Update mbuf metadata. */ >> + security_get_pkt_metadata_t get_pkt_metadata; >> + /**< Get metadata from packet. */ >> security_capabilities_get_t capabilities_get; >> /**< Get security capabilities. */ >> }; >> -- >> 2.7.4 >> >>