From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM01-BN3-obe.outbound.protection.outlook.com (mail-bn3nam01on0049.outbound.protection.outlook.com [104.47.33.49]) by dpdk.org (Postfix) with ESMTP id AE0861B206 for ; Fri, 6 Oct 2017 20:11:14 +0200 (CEST) Received: from MWHPR03CA0012.namprd03.prod.outlook.com (10.175.133.150) by CY1PR03MB2362.namprd03.prod.outlook.com (10.166.207.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.77.7; Fri, 6 Oct 2017 18:11:13 +0000 Received: from BY2FFO11FD040.protection.gbl (2a01:111:f400:7c0c::129) by MWHPR03CA0012.outlook.office365.com (2603:10b6:300:117::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.77.7 via Frontend Transport; Fri, 6 Oct 2017 18:11:12 +0000 Authentication-Results: spf=fail (sender IP is 192.88.168.50) smtp.mailfrom=nxp.com; intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=fail action=none header.from=nxp.com; Received-SPF: Fail (protection.outlook.com: domain of nxp.com does not designate 192.88.168.50 as permitted sender) receiver=protection.outlook.com; client-ip=192.88.168.50; helo=tx30smr01.am.freescale.net; Received: from tx30smr01.am.freescale.net (192.88.168.50) by BY2FFO11FD040.mail.protection.outlook.com (10.1.14.225) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_RSA_WITH_AES_256_CBC_SHA) id 15.20.77.10 via Frontend Transport; Fri, 6 Oct 2017 18:11:11 +0000 Received: from [10.214.83.52] ([10.214.83.52]) by tx30smr01.am.freescale.net (8.14.3/8.14.0) with ESMTP id v96IB22s010191; Fri, 6 Oct 2017 11:11:04 -0700 To: "Ananyev, Konstantin" , "dev@dpdk.org" CC: "Doherty, Declan" , "De Lara Guarch, Pablo" , "hemant.agrawal@nxp.com" , "Nicolau, Radu" , "borisp@mellanox.com" , "aviadye@mellanox.com" , "thomas@monjalon.net" , "sandeep.malik@nxp.com" , "jerin.jacob@caviumnetworks.com" , "Mcnamara, John" , "olivier.matz@6wind.com" References: <20170914082651.26232-1-akhil.goyal@nxp.com> <20171003131413.23846-1-akhil.goyal@nxp.com> <20171003131413.23846-2-akhil.goyal@nxp.com> <2601191342CEEE43887BDE71AB9772585FAA4E58@IRSMSX103.ger.corp.intel.com> From: Akhil Goyal Message-ID: <15007bf0-d263-05a0-2009-31210f686085@nxp.com> Date: Fri, 6 Oct 2017 23:41:00 +0530 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0 MIME-Version: 1.0 In-Reply-To: <2601191342CEEE43887BDE71AB9772585FAA4E58@IRSMSX103.ger.corp.intel.com> Content-Type: text/plain; charset="utf-8"; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-EOPAttributedMessage: 0 X-Matching-Connectors: 131517870720647689; (91ab9b29-cfa4-454e-5278-08d120cd25b8); () X-Forefront-Antispam-Report: CIP:192.88.168.50; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10009020)(6009001)(336005)(39380400002)(346002)(39860400002)(376002)(2980300002)(1110001)(1109001)(3190300001)(339900001)(199003)(377454003)(189002)(24454002)(76176999)(5660300001)(36756003)(7416002)(50986999)(8676002)(2906002)(229853002)(77096006)(2501003)(6666003)(230700001)(15650500001)(64126003)(316002)(498600001)(97736004)(50466002)(305945005)(110136005)(53546010)(93886005)(58126008)(2950100002)(83506001)(104016004)(68736007)(356003)(85426001)(65806001)(53936002)(8936002)(4326008)(81156014)(54906003)(81166006)(6246003)(33646002)(8656003)(31696002)(86362001)(106466001)(23676002)(31686004)(105606002)(65826007)(189998001)(47776003)(54356999)(65956001); DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR03MB2362; H:tx30smr01.am.freescale.net; FPR:; SPF:Fail; PTR:InfoDomainNonexistent; A:1; MX:1; LANG:en; X-Microsoft-Exchange-Diagnostics: 1; BY2FFO11FD040; 1:wyEzx0cKC0eSokrDGPXiU4DI6umGDGkCOU3HVUxL0od870yj+546CMDPCaORgmkjQkQcMoE44ha1mWp65yUsLHpErNPZnWx2zIDCXVnBXNg+drSPb/fG4AmOG+txH7zJ X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 2c2fea79-bbfd-462d-7701-08d50ce5a04f X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017052603199)(201703131430075)(201703131517081); SRVR:CY1PR03MB2362; X-Microsoft-Exchange-Diagnostics: 1; CY1PR03MB2362; 3:0BvTsMTAaTeQGWCtDBH/o4YdwRGQck0XCK+23pcJysrUOQ+JFMX4EcDyjQrJa9kYAqOYSVxRZv5vYiEyXgEVG6ED7HxFBpxTKHFxFQuLSqy3HPWg2nkRhwFbKCFERlP5davGwyBxuw/PkfC1wxif2mvaTUSO5BqvT6bWslUb6nMhu+IbS/Zyknpm9m5mEXlTWXRipFD51WZJ6pj2izWgwTb3UE5KW1DBUqxzIbkL8SSTQVXsHlp8GKQpulruPs51UjM1BFKUxQx06ZqF9ZinYH74pdGtEZ6PizpyF9pDfDBesypv3gdue6ID/SvElMw/rKganvH7Fg0LMDQpKEeQjH/HJul1JDtY7SPr26j+kyU=; 25:sbGAPGfhK4gfPdLn7QjVVBzwaWAHr1SeSGfFK+8B25XWYtXcjF7aQxrk+OER+0GYIXP10myFDTo1ZXeL/Eo/SBtfI/8HMCX6JyqDDgGPSlrGd6VGLXdL4iQZFH6Cl5KEtmZYKhnHZYxCU+Wohnn1r3hpkzGHaxjhFrNYm9mrFTLbFsc/bv/3G7uRXrI6hZ/eih/C+DSNfXbwZFMLz3WyhPdCxwv1vBv0EVcdVaQml/w8X0PR3wI8Lm5TCrVe8cRrOmO65mnxgHeQgGJ95RS8yuBFNs08b+IEnBYHi/dZGDWo7Y/7I1bPP0wtbqsgHC32tTvddvZFXjCH3NSWsQuikg== X-MS-TrafficTypeDiagnostic: CY1PR03MB2362: X-Microsoft-Exchange-Diagnostics: 1; CY1PR03MB2362; 31:IxZ/MLui0H2FYTkxqZnUtEaXooWzxahPYEjCV7cScum5mDazwjZDiJxDhcH4U65IiFsGg/Y/eE7OQkJ1LItKWdV/usG82SJOxTLwb5HFYK9MQFh/AGOFGu2BWPLs8+noSSPiEdnhEoDWBKK1IxBVPJzl/1ipepS/3R1NQ4mgx+Yf1SWZzl2p2feSHoePDHfyfl22hmNEiwMZx2ELz0iTPAgWodN/MKmkA9WspyVjwJc=; 4:Q7KDw5GlzK+8jUwb/hCbPSH5iBGaKzM/OQ2XHfcR4wUdf/Qnhf+tt4uLha5VqGUjuxrOxHBULc6W1YiY3SM+/wyZrjlXS8LIBW+NtZ0h3H5E4S+A3W/NwcnKZOps3JjZLDKN923QEZN2eG/nnYTXZp4tU0hof79n8cjqy6WfbRB8CDpRRyQ22YLq/wp3vUw+X4zSw3FvdXC0OOoZ7kiHRbqOfhUgtja6NLKvfGOcDnsOAg7nEemAF6Xs+9gpJXo0s2Nt3+w5uAwK/P9pVef1dRUh14C4VTcy1KWPzEVC4wlBLPoOTs3W3A3cfT3BcgEoSSimfD22T45ubDvtQtq8Q1XKCWo830FxdcJlYHQsr9OH9HglyJSJxeOh5wIi4q3A X-Exchange-Antispam-Report-Test: UriScan:(192374486261705)(185117386973197)(228905959029699); X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6095135)(2401047)(8121501046)(5005006)(93006095)(93001095)(100000703101)(100105400095)(10201501046)(3002001)(6055026)(6096035)(201703131430075)(201703131448075)(201703131433075)(201703161259150)(201703151042153)(20161123563025)(20161123565025)(20161123556025)(20161123561025)(20161123559100)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY1PR03MB2362; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(400006)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY1PR03MB2362; X-Forefront-PRVS: 0452022BE1 X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtDWTFQUjAzTUIyMzYyOzIzOnFRYUtUTFozZHdkTW9aOWJGaW5vYW00ZWJW?= =?utf-8?B?UTNXZ0VGMEs0ZDRTbWNPM3EyRHdQckxCQmVGcnJMMlAzM3h0TzkzZGdMZFlp?= =?utf-8?B?Zk9PM1piTUVnbkpGaS9vdVYwUUs2Uk9jU1dlNWZTejJxYzZ2K1FHakx6dyt4?= =?utf-8?B?Ri9KOWtCRGtKSnFLeThjYUQwWnBwQlQxK0FLQndSeTFuOTFVK3M2QUpQNmxx?= =?utf-8?B?bUVRcDFpNnJmWm5GcWpKQ1llZ1dHS0UvbytFTm9Ydm1yUEhZMGE1aEtHeldF?= =?utf-8?B?RWQ5dHNmQXYwWDAwSUowNm9Tb296VVVPRTdZR0ZsdDQ5T3lQZWVreXlRSXg0?= =?utf-8?B?bDNDeUZjWWd1V0JqWEtwWVIraTdibS9JOTNNalFCQ2NSQUNJbytNU3AzT05X?= =?utf-8?B?TExDc09IV2pFRFhkWDNTTFI3cUVTb2FPUEJJYm5RaTREY1k3ZXRtOFpGSWtl?= =?utf-8?B?bEtJVURSeXVlV0cvWTcyTENMb0NaSE53TE1iYUR4VFVuRzF5ajZrODFLRVdW?= =?utf-8?B?MGVNa2lYVmdwQlY3cjNDWWc3SjVHTWFnckxrdmVFbmZ3a0kwNFpmME1iWWtO?= =?utf-8?B?RHVSMU9BVndYcUM3ZnREQ01yaTBtYm0wZ3pPeXFhRzUvSGc5Sk1RUmJmMVE2?= =?utf-8?B?SmpTS1p3TWY5WTgvRUJ3aUliNFk0T2dzMEd1RHY3WlR3blZmd1k3b0ZyMlNo?= =?utf-8?B?MHpqS3gyZzd5VlVPUm1WajE4K2RNdGZHUVBWSDZwZWhSbXRaWjA5eEdUVWsv?= =?utf-8?B?cFhyaEhVRFFxaDFlWEhMR2VacGZjSVZZWUtrVkU4RjlHSjMxeHE0OXlybkIx?= =?utf-8?B?Y1ZPNjlqRkYybmZnbG5EYmh0M2QyUnVXSlpRTEdlZU9wWnNIL3RqaXZwUWRu?= =?utf-8?B?MHFrajYvWmdzaDJNNGRNYVptNFZwNy9YL1NXVWl3Tk9Xckx2TktTc2ZPbXl0?= =?utf-8?B?SmNpbHdMM0pZTjlOVENNckVCbXZxWXJKNGRqK0NKMWUreDNuYWt1RnZBRGVx?= =?utf-8?B?QTc2MTc5MnIwVS9pWE5iQzQvMWNtMzA5VGxlOXZQbnVzTk1BS1d2c1FiZyto?= =?utf-8?B?TUtkc2liaWZORndkOHFTZnErSHlMTm9kQlc3bDg0YWkxb1VwS3pKSGFqajFw?= =?utf-8?B?K1NwMU9qTjIyc0VHM1NEVDVIMk5lWTMwd1RxRHcyUkYrbHJ6WDI5MmMzYXlr?= =?utf-8?B?eU55Z3BaWU5mbE42b0VZY3VmcWxBVFNYaXlINzZmV2lqWGNRWmVkUGJzcjZ4?= =?utf-8?B?OVNVTHhKUDlrQVVoSmUzUjFrTEIrdy92bWlFOG9Na1pMMTZoOS9NM0ZZNUtQ?= =?utf-8?B?WGZ6cVlyMHZybHZqNUxVUHhGOUF2WTVTY1BlZFRzMTJTRW82VzBDNFJSanRp?= =?utf-8?B?cjNMd0lpN29MZlBLMzc4T0dvUnFHT21TRmV5N3Npb1JyUE5WRm9iTnZVNERP?= =?utf-8?B?UUs3UnZPUmUzWDErVi9oeUFvLzRGSzg1ZkIwSTVIQVoyakZYUFBoOW9YalJU?= =?utf-8?B?ZEVCS2dOZmtTTml1YnlGUER5Y2xMSk00ZXNnSWk0SnNCMVREKy9rMHVyZWNG?= =?utf-8?B?T2pGYnJXMWJXU0ZqVWJmdUJRUzRObTkrUGpWeDJtRVhKaWlEMmU0WFBDcE8x?= =?utf-8?B?eE5MRFJUYURtMVd5cXRMelhCdGg5T1g1aW04OXFqM0JzWUE5SEdZa1cvcEpn?= =?utf-8?B?T0ZUdkpYbDZzWFhIZ0diQmU0ano0MGZFY1FzVHhSbmhqbmdBaG5wdG1QS3Vn?= =?utf-8?B?WFBXdkhJZkkwejYvTmdXc1F6TWxLclM1VVlDT3dkcS9xOVI4S0ZZMWlBeVNu?= =?utf-8?B?RXlPNTZvNGZ2c004V0FmVktXL2xESksvWkNrVHd5aTF6RGNzcnIvUmZPNWFm?= =?utf-8?B?TVAyMXh2RUYvcjAzRzhMSnVKUHM1T3ZsNC84UXhBU2lXNVY2Q2M0NmFWQ3hU?= =?utf-8?B?QjhSNEcwSDE1RlA2UENGRWhYUjRYT2NFazFYYkRyUkxQR0VSSnlRZ0wzWGdl?= =?utf-8?B?Ynp2MjUyYlUrUnROWDF4MnFtVEt4UEVFL1d3UkNUVENHQlE1dUZtRnhPS2Jm?= =?utf-8?Q?+8NI=3D?= X-Microsoft-Exchange-Diagnostics: 1; CY1PR03MB2362; 6:458Oj/izrf6Qe8BNdNQen+oCA2DhANdtoeDxhOwkpoFmy3XwOLIUyFvHlLF/tRS0vb9TDifC3A/8NOJgqRfTKTydBG52GbzDhsYm1N8p5PuhJNTAgOj//z7eua27Qfcdfbg4V2fg3aWqhvjfVPeHpDtLieDVp88QCGaMGZuWzP18CVpa0E94WKp2c3S5U3F5cw/BjWAMxs0AAxbbPkB9+CVmDCaE+Exovb01i0kZDZD0+B3MCWTtoPFTYy72pHA2WT/6SIPCOSnXiBgYrvoS08WN2pD03OFjQOx6nc5DIiYr/3Ndbu2iTLIxxP8vGMspVgxeU4ObhgsDXIspuSjouQ==; 5:S1DweV9fsS11GbAGjKXTvPSjSYpaeWLecQeLCgTgdL527C2c7RbRGNB8aWokzN0MR0wFTA4MxOt7FltSmrvyM0caujnu5h11RIWCNXgVTuCwMLoWOC6hyE0qDSGxzOfl5UmqdC0vFrPn8vSsWLApvg==; 24:PxV2srjRfUgX3RqnmjM2ZaikPUJxtgKJMsVuYYR5Qbd1dxY5BRrGqB1QJCF8xAllXaPwrOroH89uBjrw9gWoDOb+2YfX6UHZgm0PAuAxqWc=; 7:eFDLNv1jnRcXsggrpe+6hnYy9xA+oE5ViZkUYDRind2TVoNeAVdUrPswfUhK8JZ8q7bdxQJrvxs/sg4py5fmrXPEZ2EAbUZB34S87DwCBwAmiV/y4JNXiN7GivDG0b23udn5lRMygpSdzyUp7DlqXsPA6TDfRusTv5/twobzEG99yAEYCIld19uFn5LurU5l/XOSXEa0Wr5WwV/EVT6/o2Z1VE5AxbLCa0oGL7/VXOs= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Oct 2017 18:11:11.5499 (UTC) X-MS-Exchange-CrossTenant-Id: 5afe0b00-7697-4969-b663-5eab37d5f47e X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=5afe0b00-7697-4969-b663-5eab37d5f47e; Ip=[192.88.168.50]; Helo=[tx30smr01.am.freescale.net] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR03MB2362 Subject: Re: [dpdk-dev] [PATCH v2 01/12] lib/rte_security: add security library X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Oct 2017 18:11:15 -0000 Hi Konstantin, Thanks for your comments. On 10/5/2017 10:00 PM, Ananyev, Konstantin wrote: > Hi lads, > >> >> rte_security library provides APIs for security session >> create/free for protocol offload or offloaded crypto >> operation to ethernet device. >> >> Signed-off-by: Akhil Goyal >> Signed-off-by: Boris Pismenny >> Signed-off-by: Radu Nicolau >> Signed-off-by: Declan Doherty >> --- >> lib/librte_security/Makefile | 53 +++ >> lib/librte_security/rte_security.c | 275 +++++++++++++++ >> lib/librte_security/rte_security.h | 495 +++++++++++++++++++++++++++ >> lib/librte_security/rte_security_driver.h | 182 ++++++++++ >> lib/librte_security/rte_security_version.map | 13 + >> 5 files changed, 1018 insertions(+) >> create mode 100644 lib/librte_security/Makefile >> create mode 100644 lib/librte_security/rte_security.c >> create mode 100644 lib/librte_security/rte_security.h >> create mode 100644 lib/librte_security/rte_security_driver.h >> create mode 100644 lib/librte_security/rte_security_version.map >> >> diff --git a/lib/librte_security/Makefile b/lib/librte_security/Makefile >> new file mode 100644 >> index 0000000..af87bb2 >> --- /dev/null >> +++ b/lib/librte_security/Makefile >> @@ -0,0 +1,53 @@ >> +# BSD LICENSE >> +# >> +# Copyright(c) 2017 Intel Corporation. All rights reserved. >> +# >> +# Redistribution and use in source and binary forms, with or without >> +# modification, are permitted provided that the following conditions >> +# are met: >> +# >> +# * Redistributions of source code must retain the above copyright >> +# notice, this list of conditions and the following disclaimer. >> +# * Redistributions in binary form must reproduce the above copyright >> +# notice, this list of conditions and the following disclaimer in >> +# the documentation and/or other materials provided with the >> +# distribution. >> +# * Neither the name of Intel Corporation nor the names of its >> +# contributors may be used to endorse or promote products derived >> +# from this software without specific prior written permission. >> +# >> +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS >> +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT >> +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR >> +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT >> +# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, >> +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT >> +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, >> +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY >> +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT >> +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE >> +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >> + >> +include $(RTE_SDK)/mk/rte.vars.mk >> + >> +# library name >> +LIB = librte_security.a >> + >> +# library version >> +LIBABIVER := 1 >> + >> +# build flags >> +CFLAGS += -O3 >> +CFLAGS += $(WERROR_FLAGS) >> + >> +# library source files >> +SRCS-y += rte_security.c >> + >> +# export include files >> +SYMLINK-y-include += rte_security.h >> +SYMLINK-y-include += rte_security_driver.h >> + >> +# versioning export map >> +EXPORT_MAP := rte_security_version.map >> + >> +include $(RTE_SDK)/mk/rte.lib.mk >> diff --git a/lib/librte_security/rte_security.c b/lib/librte_security/rte_security.c >> new file mode 100644 >> index 0000000..97d3857 >> --- /dev/null >> +++ b/lib/librte_security/rte_security.c >> @@ -0,0 +1,275 @@ >> +/*- >> + * BSD LICENSE >> + * >> + * Copyright 2017 NXP. >> + * Copyright(c) 2017 Intel Corporation. All rights reserved. >> + * >> + * Redistribution and use in source and binary forms, with or without >> + * modification, are permitted provided that the following conditions >> + * are met: >> + * >> + * * Redistributions of source code must retain the above copyright >> + * notice, this list of conditions and the following disclaimer. >> + * * Redistributions in binary form must reproduce the above copyright >> + * notice, this list of conditions and the following disclaimer in >> + * the documentation and/or other materials provided with the >> + * distribution. >> + * * Neither the name of NXP nor the names of its >> + * contributors may be used to endorse or promote products derived >> + * from this software without specific prior written permission. >> + * >> + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS >> + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT >> + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR >> + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT >> + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, >> + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT >> + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, >> + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY >> + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT >> + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE >> + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >> + */ >> + >> +#include >> +#include >> + >> +#include "rte_security.h" >> +#include "rte_security_driver.h" >> + >> +#define RTE_SECURITY_INSTANCES_BLOCK_ALLOC_SZ (8) >> + >> +struct rte_security_ctx { >> + uint16_t id; >> + enum { >> + RTE_SECURITY_INSTANCE_INVALID, >> + RTE_SECURITY_INSTANCE_VALID >> + } state; >> + void *device; >> + struct rte_security_ops *ops; >> + uint16_t sess_cnt; >> +}; >> + >> +static struct rte_security_ctx *security_instances; >> +static uint16_t max_nb_security_instances; >> +static uint16_t nb_security_instances; > > Probably a dumb question - but why do you need a global security_instances [] > and why security_instance has to be refrenced by index? > As I understand, with proposed model all drivers have to do something like: > rte_security_register(ð_dev->data->sec_id, (void *)eth_dev, &ixgbe_security_ops); > and then all apps would have to: > rte_eth_dev_get_sec_id(portid) > to retrieve that security_instance index. > Why not just treat struct rte_security_ctx* as opaque pointer and make > all related API get/accept it as a paratemer. > To retrieve sec_ctx from device just: > struct rte_security_ctx* rte_ethdev_get_sec_ctx(portid); > struct rte_security_ctx* rte_cryptodev_get_sec_ctx(portid); > ? We would look into this separately. > > Another question how currently proposed model with global static array and friends, > supposed to work for DPDK MP model? > Or MP support is not planned? multi process case is planned for future enhancement. This is mentioned in the cover note. > >> + >> +static int >> +rte_security_is_valid_id(uint16_t id) >> +{ >> + if (id >= nb_security_instances || >> + (security_instances[id].state != RTE_SECURITY_INSTANCE_VALID)) >> + return 0; >> + else >> + return 1; >> +} >> + >> +/* Macros to check for valid id */ >> +#define RTE_SEC_VALID_ID_OR_ERR_RET(id, retval) do { \ >> + if (!rte_security_is_valid_id(id)) { \ >> + RTE_PMD_DEBUG_TRACE("Invalid sec_id=%d\n", id); \ >> + return retval; \ >> + } \ >> +} while (0) >> + >> +#define RTE_SEC_VALID_ID_OR_RET(id) do { \ >> + if (!rte_security_is_valid_id(id)) { \ >> + RTE_PMD_DEBUG_TRACE("Invalid sec_id=%d\n", id); \ >> + return; \ >> + } \ >> +} while (0) >> + >> +int >> +rte_security_register(uint16_t *id, void *device, >> + struct rte_security_ops *ops) >> +{ >> + if (max_nb_security_instances == 0) { >> + security_instances = rte_malloc( >> + "rte_security_instances_ops", >> + sizeof(*security_instances) * >> + RTE_SECURITY_INSTANCES_BLOCK_ALLOC_SZ, 0); >> + >> + if (security_instances == NULL) >> + return -ENOMEM; >> + max_nb_security_instances = >> + RTE_SECURITY_INSTANCES_BLOCK_ALLOC_SZ; >> + } else if (nb_security_instances >= max_nb_security_instances) { > > You probably need try to reuse unregistered entries first? > Konstantin > These APIs are experimental at this moment as mentioned in the patchset. We will try accommodate your comments in future. > >> + uint16_t *instances = rte_realloc(security_instances, >> + sizeof(struct rte_security_ops *) * >> + (max_nb_security_instances + >> + RTE_SECURITY_INSTANCES_BLOCK_ALLOC_SZ), 0); >> + >> + if (instances == NULL) >> + return -ENOMEM; >> + >> + max_nb_security_instances += >> + RTE_SECURITY_INSTANCES_BLOCK_ALLOC_SZ; >> + } >> + >> + *id = nb_security_instances++; >> + >> + security_instances[*id].id = *id; >> + security_instances[*id].state = RTE_SECURITY_INSTANCE_VALID; >> + security_instances[*id].device = device; >> + security_instances[*id].ops = ops; >> + security_instances[*id].sess_cnt = 0; >> + >> + return 0; >> +} >> + >> +int >> +rte_security_unregister(uint16_t id) >> +{ >> + struct rte_security_ctx *instance; >> + >> + RTE_SEC_VALID_ID_OR_ERR_RET(id, -ENODEV); >> + instance = &security_instances[id]; >> + >> + if (instance->sess_cnt) >> + return -EBUSY; >> + >> + memset(instance, 0, sizeof(*instance)); >> + return 0; >> +} >> + >> +struct rte_security_session * >> +rte_security_session_create(uint16_t id, >> + struct rte_security_session_conf *conf, >> + struct rte_mempool *mp) >> +{ >> + struct rte_security_ctx *instance; >> + struct rte_security_session *sess = NULL; >> + >> + RTE_SEC_VALID_ID_OR_ERR_RET(id, NULL); >> + instance = &security_instances[id]; >> + >> + if (conf == NULL) >> + return NULL; >> + >> + RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_create, NULL); >> + >> + if (rte_mempool_get(mp, (void *)&sess)) >> + return NULL; >> + >> + if (instance->ops->session_create(instance->device, conf, sess, mp)) { >> + rte_mempool_put(mp, (void *)sess); >> + return NULL; >> + } >> + instance->sess_cnt++; >> + >> + return sess; >> +} >> + >> +int >> +rte_security_session_update(uint16_t id, >> + struct rte_security_session *sess, >> + struct rte_security_session_conf *conf) >> +{ >> + struct rte_security_ctx *instance; >> + >> + RTE_SEC_VALID_ID_OR_ERR_RET(id, -ENODEV); >> + instance = &security_instances[id]; >> + >> + RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_update, -ENOTSUP); >> + return instance->ops->session_update(instance->device, sess, conf); >> +} >> + >> +int >> +rte_security_session_stats_get(uint16_t id, >> + struct rte_security_session *sess, >> + struct rte_security_stats *stats) >> +{ >> + struct rte_security_ctx *instance; >> + >> + RTE_SEC_VALID_ID_OR_ERR_RET(id, -ENODEV); >> + instance = &security_instances[id]; >> + >> + RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_stats_get, -ENOTSUP); >> + return instance->ops->session_stats_get(instance->device, sess, stats); >> +} >> + >> +int >> +rte_security_session_destroy(uint16_t id, struct rte_security_session *sess) >> +{ >> + int ret; >> + struct rte_security_ctx *instance; >> + struct rte_mempool *mp = rte_mempool_from_obj(sess); >> + >> + RTE_SEC_VALID_ID_OR_ERR_RET(id, -ENODEV); >> + instance = &security_instances[id]; >> + >> + RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_destroy, -ENOTSUP); >> + >> + if (instance->sess_cnt) >> + instance->sess_cnt--; >> + >> + ret = instance->ops->session_destroy(instance->device, sess); >> + if (!ret) >> + rte_mempool_put(mp, (void *)sess); >> + >> + return ret; >> +} >> + >> +int >> +rte_security_set_pkt_metadata(uint16_t id, >> + struct rte_security_session *sess, >> + struct rte_mbuf *m, void *params) >> +{ >> + struct rte_security_ctx *instance; >> + >> + RTE_SEC_VALID_ID_OR_ERR_RET(id, -ENODEV); >> + instance = &security_instances[id]; >> + >> + RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->set_pkt_metadata, -ENOTSUP); >> + return instance->ops->set_pkt_metadata(instance->device, >> + sess, m, params); >> +} >> + >> +const struct rte_security_capability * >> +rte_security_capabilities_get(uint16_t id) >> +{ >> + struct rte_security_ctx *instance; >> + >> + RTE_SEC_VALID_ID_OR_ERR_RET(id, NULL); >> + instance = &security_instances[id]; >> + >> + RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->capabilities_get, NULL); >> + return instance->ops->capabilities_get(instance->device); >> +} >> + >> +const struct rte_security_capability * >> +rte_security_capability_get(uint16_t id, >> + struct rte_security_capability_idx *idx) >> +{ >> + struct rte_security_ctx *instance; >> + const struct rte_security_capability *capabilities; >> + const struct rte_security_capability *capability; >> + uint16_t i = 0; >> + >> + RTE_SEC_VALID_ID_OR_ERR_RET(id, NULL); >> + instance = &security_instances[id]; >> + >> + RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->capabilities_get, NULL); >> + capabilities = instance->ops->capabilities_get(instance->device); >> + >> + if (capabilities == NULL) >> + return NULL; >> + >> + while ((capability = &capabilities[i++])->action >> + != RTE_SECURITY_ACTION_TYPE_NONE) { >> + if (capability->action == idx->action && >> + capability->protocol == idx->protocol) { >> + if (idx->protocol == RTE_SECURITY_PROTOCOL_IPSEC) { >> + if (capability->ipsec.proto == >> + idx->ipsec.proto && >> + capability->ipsec.mode == >> + idx->ipsec.mode && >> + capability->ipsec.direction == >> + idx->ipsec.direction) >> + return capability; >> + } >> + } >> + } >> + >> + return NULL; >> +} > Regards, Akhil