From: Aakash Sasidharan <asasidharan@marvell.com>
To: Anoob Joseph <anoobj@marvell.com>,
Volodymyr Fialko <vfialko@marvell.com>
Cc: <gakhil@marvell.com>, <dev@dpdk.org>, <asasidharan@marvell.com>
Subject: [PATCH 1/3] pdcp: add support for SDAP header
Date: Fri, 8 Sep 2023 17:28:19 +0530 [thread overview]
Message-ID: <20230908115821.3396269-1-asasidharan@marvell.com> (raw)
SDAP header when enabled needs to be authenticated but not encrypted.
Signed-off-by: Aakash Sasidharan <asasidharan@marvell.com>
---
lib/pdcp/pdcp_entity.h | 2 ++
lib/pdcp/pdcp_process.c | 22 ++++++++++++++++------
2 files changed, 18 insertions(+), 6 deletions(-)
diff --git a/lib/pdcp/pdcp_entity.h b/lib/pdcp/pdcp_entity.h
index 9f74b5d0e5..4fc6342a5c 100644
--- a/lib/pdcp/pdcp_entity.h
+++ b/lib/pdcp/pdcp_entity.h
@@ -171,6 +171,8 @@ struct entity_priv {
uint8_t hdr_sz;
/** PDCP AAD size. For AES-CMAC, additional message is prepended for the operation. */
uint8_t aad_sz;
+ /** PDCP cipher skip size. When enabled, SDAP header needs to be skipped from ciphering */
+ uint8_t cipher_skip_sz;
/** Device ID of the device to be used for offload. */
uint8_t dev_id;
};
diff --git a/lib/pdcp/pdcp_process.c b/lib/pdcp/pdcp_process.c
index c2f28d4d77..9b9b881124 100644
--- a/lib/pdcp/pdcp_process.c
+++ b/lib/pdcp/pdcp_process.c
@@ -391,7 +391,7 @@ pdcp_pre_process_uplane_sn_12_ul(const struct rte_pdcp_entity *entity, struct rt
uint8_t *mac_i;
int i;
- const uint8_t data_offset = en_priv->hdr_sz + en_priv->aad_sz;
+ const uint8_t data_offset = en_priv->hdr_sz + en_priv->aad_sz + en_priv->cipher_skip_sz;
const int is_null_auth = en_priv->flags.is_null_auth;
nb_cop = rte_crypto_op_bulk_alloc(en_priv->cop_pool, RTE_CRYPTO_OP_TYPE_SYMMETRIC, cop,
@@ -477,7 +477,7 @@ pdcp_pre_process_uplane_sn_18_ul(const struct rte_pdcp_entity *entity, struct rt
uint8_t *mac_i;
int i;
- const uint8_t data_offset = en_priv->hdr_sz + en_priv->aad_sz;
+ const uint8_t data_offset = en_priv->hdr_sz + en_priv->aad_sz + en_priv->cipher_skip_sz;
const int is_null_auth = en_priv->flags.is_null_auth;
nb_cop = rte_crypto_op_bulk_alloc(en_priv->cop_pool, RTE_CRYPTO_OP_TYPE_SYMMETRIC, cop,
@@ -540,7 +540,7 @@ pdcp_pre_process_cplane_sn_12_ul(const struct rte_pdcp_entity *entity, struct rt
int i;
const uint8_t hdr_sz = en_priv->hdr_sz;
- const uint8_t data_offset = hdr_sz + en_priv->aad_sz;
+ const uint8_t data_offset = hdr_sz + en_priv->aad_sz + en_priv->cipher_skip_sz;
const int is_null_auth = en_priv->flags.is_null_auth;
nb_cop = rte_crypto_op_bulk_alloc(en_priv->cop_pool, RTE_CRYPTO_OP_TYPE_SYMMETRIC, cop,
@@ -658,7 +658,7 @@ pdcp_pre_process_uplane_sn_12_dl_flags(const struct rte_pdcp_entity *entity,
uint32_t count;
int i;
- const uint8_t data_offset = en_priv->hdr_sz + en_priv->aad_sz;
+ const uint8_t data_offset = en_priv->hdr_sz + en_priv->aad_sz + en_priv->cipher_skip_sz;
nb_cop = rte_crypto_op_bulk_alloc(en_priv->cop_pool, RTE_CRYPTO_OP_TYPE_SYMMETRIC, cop,
num);
@@ -727,7 +727,7 @@ pdcp_pre_process_uplane_sn_18_dl_flags(const struct rte_pdcp_entity *entity,
uint32_t count;
int i;
- const uint8_t data_offset = en_priv->hdr_sz + en_priv->aad_sz;
+ const uint8_t data_offset = en_priv->hdr_sz + en_priv->aad_sz + en_priv->cipher_skip_sz;
nb_cop = rte_crypto_op_bulk_alloc(en_priv->cop_pool, RTE_CRYPTO_OP_TYPE_SYMMETRIC, cop,
num);
@@ -795,7 +795,7 @@ pdcp_pre_process_cplane_sn_12_dl(const struct rte_pdcp_entity *entity, struct rt
int32_t rsn;
int i;
- const uint8_t data_offset = en_priv->hdr_sz + en_priv->aad_sz;
+ const uint8_t data_offset = en_priv->hdr_sz + en_priv->aad_sz + en_priv->cipher_skip_sz;
nb_cop = rte_crypto_op_bulk_alloc(en_priv->cop_pool, RTE_CRYPTO_OP_TYPE_SYMMETRIC, cop,
num);
@@ -1202,6 +1202,16 @@ pdcp_entity_priv_populate(struct entity_priv *en_priv, const struct rte_pdcp_ent
else
en_priv->aad_sz = 0;
+ /**
+ * cipher_skip_sz
+ *
+ * When SDAP protocol is enabled for the PDCP entity, skip the SDAP header from ciphering.
+ */
+ if (conf->pdcp_xfrm.sdap_enabled)
+ en_priv->cipher_skip_sz = 1;
+ else
+ en_priv->cipher_skip_sz = 0;
+
return 0;
}
--
2.25.1
next reply other threads:[~2023-09-08 11:58 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-08 11:58 Aakash Sasidharan [this message]
2023-09-08 11:58 ` [PATCH 2/3] test/pdcp: add SDAP test cases Aakash Sasidharan
2023-09-08 11:58 ` [PATCH 3/3] test/pdcp: add SDAP combined mode tests Aakash Sasidharan
2023-09-19 19:20 ` [PATCH 1/3] pdcp: add support for SDAP header Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230908115821.3396269-1-asasidharan@marvell.com \
--to=asasidharan@marvell.com \
--cc=anoobj@marvell.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
--cc=vfialko@marvell.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).