From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <sergio.gonzalez.monroy@intel.com>
Received: from mga07.intel.com (mga07.intel.com [134.134.136.100])
 by dpdk.org (Postfix) with ESMTP id 292851B651
 for <dev@dpdk.org>; Mon, 16 Oct 2017 14:00:07 +0200 (CEST)
Received: from orsmga002.jf.intel.com ([10.7.209.21])
 by orsmga105.jf.intel.com with ESMTP; 16 Oct 2017 05:00:06 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.43,386,1503385200"; d="scan'208";a="146965313"
Received: from smonroyx-mobl.ger.corp.intel.com (HELO [10.252.25.241])
 ([10.252.25.241])
 by orsmga002.jf.intel.com with ESMTP; 16 Oct 2017 05:00:00 -0700
To: Aviad Yehezkel <aviadye@dev.mellanox.co.il>, dev@dpdk.org,
 pablo.de.lara.guarch@intel.com, aviadye@mellanox.com
References: <1507987683-12315-1-git-send-email-aviadye@dev.mellanox.co.il>
 <1507987683-12315-8-git-send-email-aviadye@dev.mellanox.co.il>
 <fa42d047-a5bf-d447-3355-01a46cd7cf33@intel.com>
 <6d264c51-8e5c-f6a0-b687-51f39d2e1381@dev.mellanox.co.il>
Cc: borisp@mellanox.com, akhil.goyal@nxp.com, hemant.agrawal@nxp.com,
 radu.nicolau@intel.com, declan.doherty@intel.com, liranl@mellanox.com,
 nelio.laranjeiro@6wind.com, thomas@monjalon.net
From: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
Message-ID: <3fda7e88-7695-abe7-29df-0f124a5eb6aa@intel.com>
Date: Mon, 16 Oct 2017 12:59:59 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101
 Thunderbird/45.1.1
MIME-Version: 1.0
In-Reply-To: <6d264c51-8e5c-f6a0-b687-51f39d2e1381@dev.mellanox.co.il>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [dpdk-dev] [PATCH 08/11] examples/ipsec-secgw: iv should be be64
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Oct 2017 12:00:08 -0000

On 16/10/2017 11:35, Aviad Yehezkel wrote:
>
> On 10/16/2017 12:42 PM, Sergio Gonzalez Monroy wrote:
>> On 14/10/2017 14:28, aviadye@dev.mellanox.co.il wrote:
>>> From: Aviad Yehezkel <aviadye@mellanox.com>
>>>
>>> To be compatibile with Linux kernel
>>
>> I am not sure what you are trying to achieve with this change.
>> The requirement is that the IV is unique, IMO changing the endianess 
>> is irrelevant here.
>> Can you provide case/example where current code does not work?
>>
>> Thanks,
>> Sergio
> You are right, according to rfc4106 the IV should be unique and can be
> implemented as counter.
> The changed was created because I put analyzer on wire and compare
> packets generated by this application and Linux kernel.
> Linux kernel sets IV as BE, so I thought it is worth to do the same for
> future debug / comparison.
>

I guess the performance impact is small (for LE platforms), so it would 
be good to add this (or similar) information to the commit message.

Thanks,
Sergio

> Thanks,
> Aviad.
>
>>
>>> Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
>>> ---
>>>   examples/ipsec-secgw/esp.c | 8 ++++----
>>>   1 file changed, 4 insertions(+), 4 deletions(-)
>>>
>>> diff --git a/examples/ipsec-secgw/esp.c b/examples/ipsec-secgw/esp.c
>>> index aa2233d..81ebf55 100644
>>> --- a/examples/ipsec-secgw/esp.c
>>> +++ b/examples/ipsec-secgw/esp.c
>>> @@ -336,7 +336,7 @@ esp_outbound(struct rte_mbuf *m, struct ipsec_sa 
>>> *sa,
>>>       if (sa->aead_algo == RTE_CRYPTO_AEAD_AES_GCM) {
>>>           uint8_t *aad;
>>>   -        *iv = sa->seq;
>>> +        *iv = rte_cpu_to_be_64(sa->seq);
>>>           sym_cop->aead.data.offset = ip_hdr_len +
>>>               sizeof(struct esp_hdr) + sa->iv_len;
>>>           sym_cop->aead.data.length = pad_payload_len;
>>> @@ -349,7 +349,7 @@ esp_outbound(struct rte_mbuf *m, struct ipsec_sa 
>>> *sa,
>>>             struct cnt_blk *icb = get_cnt_blk(m);
>>>           icb->salt = sa->salt;
>>> -        icb->iv = sa->seq;
>>> +        icb->iv = rte_cpu_to_be_64(sa->seq);
>>>           icb->cnt = rte_cpu_to_be_32(1);
>>>             aad = get_aad(m);
>>> @@ -371,7 +371,7 @@ esp_outbound(struct rte_mbuf *m, struct ipsec_sa 
>>> *sa,
>>>               sym_cop->cipher.data.length = pad_payload_len + 
>>> sa->iv_len;
>>>               break;
>>>           case RTE_CRYPTO_CIPHER_AES_CTR:
>>> -            *iv = sa->seq;
>>> +            *iv = rte_cpu_to_be_64(sa->seq);
>>>               sym_cop->cipher.data.offset = ip_hdr_len +
>>>                   sizeof(struct esp_hdr) + sa->iv_len;
>>>               sym_cop->cipher.data.length = pad_payload_len;
>>> @@ -390,7 +390,7 @@ esp_outbound(struct rte_mbuf *m, struct ipsec_sa 
>>> *sa,
>>>             struct cnt_blk *icb = get_cnt_blk(m);
>>>           icb->salt = sa->salt;
>>> -        icb->iv = sa->seq;
>>> +        icb->iv = rte_cpu_to_be_64(sa->seq);
>>>           icb->cnt = rte_cpu_to_be_32(1);
>>>             switch (sa->auth_algo) {
>>
>>
>