From: Ferruh Yigit <ferruh.yigit@intel.com>
To: Igor Russkikh <Igor.Russkikh@aquantia.com>,
"dev@dpdk.org" <dev@dpdk.org>
Cc: Pavel Belous <Pavel.Belous@aquantia.com>,
Wenzhuo Lu <wenzhuo.lu@intel.com>,
Jingjing Wu <jingjing.wu@intel.com>,
Bernard Iremonger <bernard.iremonger@intel.com>,
John McNamara <john.mcnamara@intel.com>,
Marko Kovacevic <marko.kovacevic@intel.com>,
Konstantin Ananyev <konstantin.ananyev@intel.com>,
Thomas Monjalon <thomas@monjalon.net>,
Andrew Rybchenko <arybchenko@solarflare.com>
Subject: Re: [dpdk-dev] [PATCH 01/10] ethdev: introduce MACSEC device ops
Date: Fri, 12 Apr 2019 19:26:04 +0100 [thread overview]
Message-ID: <429e73da-ca5b-1e97-7098-e720be3fae09@intel.com> (raw)
Message-ID: <20190412182604.unWreAkGNBUdWsCULSRebNQ9rUNOfqMOVqJr32WUvRA@z> (raw)
In-Reply-To: <69b3fcf19cb3e11fae93281f40a1bbc0ec5a2e38.1554894242.git.igor.russkikh@aquantia.com>
On 4/10/2019 12:18 PM, Igor Russkikh wrote:
> MACSEC related device ops, API and parameters are taken from the
> existing ixgbe PMD ops
>
> Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
<...>
> @@ -3872,6 +3872,121 @@ rte_eth_dev_pool_ops_supported(uint16_t port_id, const char *pool);
> void *
> rte_eth_dev_get_sec_ctx(uint16_t port_id);
>
> +/**
> + * Enable MACsec offload.
> + *
> + * @param port_id
> + * The port identifier of the Ethernet device.
> + * @param encr
> + * 1 - Enable encryption (encrypt and add integrity signature).
> + * 0 - Disable encryption (only add integrity signature).
> + * @param repl_prot
> + * 1 - Enable replay protection.
> + * 0 - Disable replay protection.
> + * @return
> + * - (0) if successful.
> + * - (-ENODEV) if *port* invalid.
> + * - (-ENOTSUP) if hardware doesn't support this feature.
> + */
> +int
> +rte_eth_macsec_enable(uint16_t port_id,
> + uint8_t encr, uint8_t repl_prot);
> +
> +/**
> + * Disable MACsec offload.
> + *
> + * @param port_id
> + * The port identifier of the Ethernet device.
> + * @return
> + * - (0) if successful.
> + * - (-ENODEV) if *port* invalid.
> + * - (-ENOTSUP) if hardware doesn't support this feature.
> + */
> +int
> +rte_eth_macsec_disable(uint16_t port_id);
> +
> +/**
> + * Configure Rx SC (Secure Connection).
> + *
> + * @param port_id
> + * The port identifier of the Ethernet device.
> + * @param mac
> + * The MAC address on the remote side.
> + * @param pi
> + * The PI (port identifier) on the remote side.
> + * @return
> + * - (0) if successful.
> + * - (-ENODEV) if *port* invalid.
> + * - (-ENOTSUP) if hardware doesn't support this feature.
> + */
> +int
> +rte_eth_macsec_config_rxsc(uint16_t port_id,
> + uint8_t *mac, uint16_t pi);
> +
> +/**
> + * Configure Tx SC (Secure Connection).
> + *
> + * @param port_id
> + * The port identifier of the Ethernet device.
> + * @param mac
> + * The MAC address on the local side.
> + * @return
> + * - (0) if successful.
> + * - (-ENODEV) if *port* invalid.
> + * - (-ENOTSUP) if hardware doesn't support this feature.
> + */
> +int
> +rte_eth_macsec_config_txsc(uint16_t port_id,
> + uint8_t *mac);
> +
> +/**
> + * Enable Rx SA (Secure Association).
> + *
> + * @param port_id
> + * The port identifier of the Ethernet device.
> + * @param idx
> + * The SA to be enabled (0 or 1)
> + * @param an
> + * The association number on the remote side.
> + * @param pn
> + * The packet number on the remote side.
> + * @param key
> + * The key on the remote side.
> + * @return
> + * - (0) if successful.
> + * - (-ENODEV) if *port* invalid.
> + * - (-ENOTSUP) if hardware doesn't support this feature.
> + * - (-EINVAL) if bad parameter.
> + */
> +int
> +rte_eth_macsec_select_rxsa(uint16_t port_id,
> + uint8_t idx, uint8_t an,
> + uint32_t pn, uint8_t *key);
> +
> +/**
> + * Enable Tx SA (Secure Association).
> + *
> + * @param port_id
> + * The port identifier of the Ethernet device.
> + * @param idx
> + * The SA to be enabled (0 or 1).
> + * @param an
> + * The association number on the local side.
> + * @param pn
> + * The packet number on the local side.
> + * @param key
> + * The key on the local side.
> + * @return
> + * - (0) if successful.
> + * - (-ENODEV) if *port* invalid.
> + * - (-ENOTSUP) if hardware doesn't support this feature.
> + * - (-EINVAL) if bad parameter.
> + */
> +int
> +rte_eth_macsec_select_txsa(uint16_t port_id,
> + uint8_t idx, uint8_t an,
> + uint32_t pn, uint8_t *key);
> +
>
> #include <rte_ethdev_core.h>
>
These are new ethdev APIs, not driver code, that have been sent after rc1, so
these didn't go through a proper review cycle, we didn't get any comment on any
other possible driver can use it, I am for postponing the series to next release.
Also there are some mechanical issues [1] but main thing is adding a set of API
to late in release cycle without proper review.
Thomas, Andrew, what do you think?
[1]
- New APIs must be experimental
- Apis should be exported via linker file (.map)
next prev parent reply other threads:[~2019-04-12 18:26 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-10 11:18 [dpdk-dev] [PATCH 00/10] add MACSEC hw offload to atlantic PMD Igor Russkikh
2019-04-10 11:18 ` Igor Russkikh
2019-04-10 11:18 ` [dpdk-dev] [PATCH 01/10] ethdev: introduce MACSEC device ops Igor Russkikh
2019-04-10 11:18 ` Igor Russkikh
2019-04-10 11:46 ` Thomas Monjalon
2019-04-10 11:46 ` Thomas Monjalon
2019-04-11 12:37 ` Igor Russkikh
2019-04-11 12:37 ` Igor Russkikh
2019-04-11 21:15 ` Thomas Monjalon
2019-04-11 21:15 ` Thomas Monjalon
2019-04-12 8:50 ` Igor Russkikh
2019-04-12 8:50 ` Igor Russkikh
2019-04-12 11:22 ` Thomas Monjalon
2019-04-12 11:22 ` Thomas Monjalon
2019-04-12 18:26 ` Ferruh Yigit [this message]
2019-04-12 18:26 ` Ferruh Yigit
2019-04-13 7:24 ` Igor Russkikh
2019-04-13 7:24 ` Igor Russkikh
2019-04-16 9:43 ` Ferruh Yigit
2019-04-16 9:43 ` Ferruh Yigit
2019-04-16 9:58 ` Andrew Rybchenko
2019-04-16 9:58 ` Andrew Rybchenko
2019-04-16 10:11 ` Thomas Monjalon
2019-04-16 10:11 ` Thomas Monjalon
2019-04-16 10:19 ` Igor Russkikh
2019-04-16 10:19 ` Igor Russkikh
2019-04-10 11:18 ` [dpdk-dev] [PATCH 02/10] app/testpmd: use generic MACSEC API calls Igor Russkikh
2019-04-10 11:18 ` Igor Russkikh
2019-04-10 11:50 ` Thomas Monjalon
2019-04-10 11:50 ` Thomas Monjalon
2019-04-10 11:18 ` [dpdk-dev] [PATCH 03/10] net/ixgbe: macsec callbacks implementation Igor Russkikh
2019-04-10 11:18 ` Igor Russkikh
2019-04-10 11:18 ` [dpdk-dev] [PATCH 04/10] net/atlantic: macsec hardware structures declaration Igor Russkikh
2019-04-10 11:18 ` Igor Russkikh
2019-04-10 11:18 ` [dpdk-dev] [PATCH 05/10] net/atlantic: macsec configuration code Igor Russkikh
2019-04-10 11:18 ` Igor Russkikh
2019-04-10 11:19 ` [dpdk-dev] [PATCH 06/10] net/atlantic: macsec firmware interface Igor Russkikh
2019-04-10 11:19 ` Igor Russkikh
2019-04-10 11:19 ` [dpdk-dev] [PATCH 07/10] net/atlantic: interrupt handling of macsec events Igor Russkikh
2019-04-10 11:19 ` Igor Russkikh
2019-04-10 11:19 ` [dpdk-dev] [PATCH 08/10] net/atlantic: implement macsec statistics Igor Russkikh
2019-04-10 11:19 ` Igor Russkikh
2019-04-10 11:19 ` [dpdk-dev] [PATCH 09/10] net/atlantic: bump internal driver version Igor Russkikh
2019-04-10 11:19 ` Igor Russkikh
2019-04-10 11:19 ` [dpdk-dev] [PATCH 10/10] net/atlantic: indicate macsec in NIC docs Igor Russkikh
2019-04-10 11:19 ` Igor Russkikh
2019-04-10 11:47 ` Thomas Monjalon
2019-04-10 11:47 ` Thomas Monjalon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=429e73da-ca5b-1e97-7098-e720be3fae09@intel.com \
--to=ferruh.yigit@intel.com \
--cc=Igor.Russkikh@aquantia.com \
--cc=Pavel.Belous@aquantia.com \
--cc=arybchenko@solarflare.com \
--cc=bernard.iremonger@intel.com \
--cc=dev@dpdk.org \
--cc=jingjing.wu@intel.com \
--cc=john.mcnamara@intel.com \
--cc=konstantin.ananyev@intel.com \
--cc=marko.kovacevic@intel.com \
--cc=thomas@monjalon.net \
--cc=wenzhuo.lu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).