From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 64DC4A00C4; Wed, 28 Sep 2022 14:53:01 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 23EF042825; Wed, 28 Sep 2022 14:53:00 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 62BF942825 for ; Wed, 28 Sep 2022 14:52:58 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 28SA4cqR003068; Wed, 28 Sep 2022 05:52:57 -0700 Received: from nam10-dm6-obe.outbound.protection.outlook.com (mail-dm6nam10lp2104.outbound.protection.outlook.com [104.47.58.104]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3jvjkk8tbv-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 28 Sep 2022 05:52:56 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=juuJllPY3+4c1FDz/JDfFwXFzeBNiwoOk2PhYFpxRyW0QpHy763XAB7fAiD2IuUrZhVw0puaLM5Eu4X8SsDL9C+Xpt1zNo2ZhK5RHxY0TGF4dgvNwpvlTnmA345iZKvud1Q4Ezvj1DMp5891vXkdts27XlUA4mLTlPPJ3psnSI/QHJ2ii+BdegqMP35Di+HcfUR7xQAY13qVC0cloehtERpJkq/1ycBh6ymLkKIbTzMwY0DJI08trGgUV0zSGNVp1RsYL64mbZNpG0/wPNSUxReK0S83M129axm8ALalKs4IEGYefOua5+Rksb9YWEcHsAUUzUk/j68Zn1F+z0KJoQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=aSwwyr6vovdhGiXKn9LeYpYga41vGfk02FnuZSTscVw=; b=UOCxnkvdT5Miy61qQ9TslJKym330IxCB+ZwNJaowYrbYalEVpl9tN5IJyNGxD4/V31OjZxCbjJbkG5mkvzWrs5+WN+L8KUJJKHTtnf5VF0XUE4dzg+aGtCVeM8RCTYemo2Si+mUEluQMGiz9i522RqJSvyD16BIjoeusWwduZYLEQOG76ch2y4ugOUlbJ17UDBbTBYQJgmIpwuWsq8Xz2vS5dLPmkSM2FyBQCv3e0Egmpk0ndVB9GLFf5LxlX8/jOHVEyongDi1pteb8CB7gOVc5olHupi1u5VgzE1qaGixDEBQ7z0EipX0L3ENBBEpN3qzwSXPK3mw4o2Yr+wcT+g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=marvell.com; dmarc=pass action=none header.from=marvell.com; dkim=pass header.d=marvell.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.onmicrosoft.com; s=selector1-marvell-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=aSwwyr6vovdhGiXKn9LeYpYga41vGfk02FnuZSTscVw=; b=oqe7gtytCJbpcUzV9hAIdIj2JHrXGVWaJ2dEzM/oKECL90He3nrXYZczWLQN8ifTIpU/iMFNb8nnJ9ryYSHZ1vDhu9i7XyRBzcnzNtPpSTMVgWdwiu6vjqdipa37058h9rvlT1DVSlOrC9Q2js5PZfgJiEtCbumAEJy6wUrpW4o= Received: from CO6PR18MB4484.namprd18.prod.outlook.com (2603:10b6:5:359::9) by SN7PR18MB3919.namprd18.prod.outlook.com (2603:10b6:806:f5::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5676.18; Wed, 28 Sep 2022 12:52:54 +0000 Received: from CO6PR18MB4484.namprd18.prod.outlook.com ([fe80::ee27:3b96:a580:ba9e]) by CO6PR18MB4484.namprd18.prod.outlook.com ([fe80::ee27:3b96:a580:ba9e%9]) with mapi id 15.20.5676.015; Wed, 28 Sep 2022 12:52:54 +0000 From: Akhil Goyal To: Akhil Goyal , "dev@dpdk.org" CC: "thomas@monjalon.net" , "olivier.matz@6wind.com" , "orika@nvidia.com" , "david.marchand@redhat.com" , "hemant.agrawal@nxp.com" , Vamsi Krishna Attunuru , "ferruh.yigit@xilinx.com" , "andrew.rybchenko@oktetlabs.ru" , "konstantin.v.ananyev@yandex.ru" , "jiawenwu@trustnetic.com" , "yisen.zhuang@huawei.com" , Igor Russkikh , "qiming.yang@intel.com" , Jerin Jacob Kollanukkaran , Ankur Dwivedi Subject: RE: [PATCH v2 0/3] security: support MACsec Thread-Topic: [PATCH v2 0/3] security: support MACsec Thread-Index: AQHY0zUQGwP0aRr9bkGQ242GzRV6Pq30y46g Date: Wed, 28 Sep 2022 12:52:54 +0000 Message-ID: References: <20220814184620.512343-1-gakhil@marvell.com> <20220928122253.23108-1-gakhil@marvell.com> In-Reply-To: <20220928122253.23108-1-gakhil@marvell.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: CO6PR18MB4484:EE_|SN7PR18MB3919:EE_ x-ms-office365-filtering-correlation-id: 46fdfbc5-7d40-40c2-824e-08daa1505c43 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: XNQBuLM+LeE8a6JYFYZHuinyuBEJxvQTv9kU6a6oMcdeK8rBM8ya+NQSD2to75UcXZCjPRIlkuONaypdcSLcb9XZPSnu2OtetEGc6DrbfMvjjo0NNZ2lyJKoX6sWiK+03o3NZ0TU7wwMFCrPq/GuIHWbibFx+msz/RZPDOGwAPxGfk2DUuhLi/eKxRmqInr38rb3yeDZate6TmfXC4l9eV8m6i772SNT0duAgvktRlLHqn8s4DNkvZZRydrlChVSfsFL2GkBX3VTaPecCZcfsxmZ2ZaONeR6kEI06402r5ooBwOCKpmBjBTHjRvfDHWEZm8/pxW6iFnf1bn7zC7PjjduNJk3xm+IRCPLtrPWiJXpGOjFzBVvcUMUBQuNjTH1GWdwErPotFU8q7PT5OkxhqS7ultVFKyxbueM+IeJziX0FKGRavmHh4iRy7Aj2c57dQ10/KT/h5yg8zZffiy/WbiaV+vBj2cWuA+JgLOKd3BYkYUv9sSsOj6hFd6rDhdOkP9bod9rY1bmnuNmNrnLUhIbIPmz8O39Y15tPLMumg4IItPzOIKiEE9nsH5I/z9RIQJt2zb4iyomVRmxKjGYq30zYnDHljfDwAu7IUMY3BziOKHuiXBvjXEhd+E5mULt2N4s2K176JQIUG90XleKWh3INz0lrI9l31ceMg25TP1D2Dc8ioIaAZb5miApT+/W8/vPQBikfdYyj1UV6aEmHZ4TAWx9JMK9LeUO03BLJAZL/QlBsqSkjcDD3hKXVqpHSsuEi2PNgjo9CmdRa98T0L/pOWJkyhHmT7wOIhDgmxE= x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO6PR18MB4484.namprd18.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(346002)(376002)(136003)(39860400002)(366004)(396003)(451199015)(5660300002)(7416002)(8676002)(33656002)(2906002)(41300700001)(15650500001)(26005)(107886003)(9686003)(52536014)(4326008)(8936002)(6506007)(66446008)(66946007)(64756008)(76116006)(55236004)(66556008)(66476007)(966005)(86362001)(38070700005)(38100700002)(122000001)(83380400001)(186003)(55016003)(7696005)(110136005)(71200400001)(54906003)(316002)(478600001); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?xp+ov/Io9erw25KpBxpaZ6e0Y7vc7el5kPRfDNniSz1vhQGdFFjCBENWMJUu?= =?us-ascii?Q?oOeVmu+yfSos/uI5QbOfGwyzgRl9cqPGiur9K9xM7kNVidZRfw2/nx6Cpy0V?= =?us-ascii?Q?JtZD3Xm77LBAbO0PdSXXvw5EyLg/1BnOALgWcMKX/h0+oW6BTU9NCw1Uales?= =?us-ascii?Q?McTyS+RnJ+6vYUhVUaezyikONLH4ABP9eAuLWW76GwNvUorumq/JuCv9zQTt?= =?us-ascii?Q?QDKeHXQOSBX2/e5ISGW+mS20kMywWOrMokt+O45GpMVSPLFavO/Nnon2vg4T?= =?us-ascii?Q?TQ3gKhPc9uF45j1ogxu98STBy8Rl7Lq96Db9MIbwN7zYSwRlWtuVRi6heZ0x?= =?us-ascii?Q?YIKkFRwlkBHsE0jgCp7+uea8JrRsveHQhKzTFEIbYBF6il30cQT5vRYZCX+n?= =?us-ascii?Q?4WPIeUYQSRzbzXCd5/vWvVlDbSlFo1nzB6HdT+m0ZM9928iXVspTlvngFoUQ?= =?us-ascii?Q?brj1oJq/drWEgvBsXx2W158LGUgeV5fGZdVTiVkpm6HLJNSIRU5nQOLnEJGF?= =?us-ascii?Q?j/5IBGwvsVhQga9Nh19nEUhJzxIgeytKAR1XwKckcYZ2toZTXsnmMDTYfdj6?= =?us-ascii?Q?k1+hXBZz/T8Mo8RXzuy8Vtxz3OaQ126oUXjfAJLZBk84vXsy8v6lwjzr+3Q7?= =?us-ascii?Q?Y9uxKeC1J2mzs/YEr8yzoHUPkBnZiYb+57mMSHC5ShYwJCsxFU5m8OY10ddY?= =?us-ascii?Q?+YRGOfUi1gX25jK0s8pbiWWza/nFs1kJI/wlwU/q0XyNIRICGM01WG/YbHR+?= =?us-ascii?Q?bEvo3ZZ1DEepiZ6KsFt7J0Pm/58CFpv/TaOuQMtkzPY5VqV5ar7zgg5m1TPP?= =?us-ascii?Q?RXK2Su/HSRRh4cZZxVbrSH/bMkWsM3Myi+bDrMwSS58tyJDviG9PszKWUDz7?= =?us-ascii?Q?9sV+kNxsDVRfxDd8aL7A+iWsh7T5OqMGSJMKb7EqJg9CX+hPTpRDTaa9HQYU?= =?us-ascii?Q?llTSFLdTEkom6uacsNC4YiTAGh1/5ZDXdwd/mbl1E99zSztG6v0Fa4r7aGWU?= =?us-ascii?Q?l7g3xiryFORlkdE5lMzIlUcQTlNTFKXSRLzo+kIdDOwCnv80hb/VcNjcLAIW?= =?us-ascii?Q?BlqsUoqw+AO8oiFWnppca/5/U/AY+60Ej19IqS4RQ6LEHqY/l/B+CE2I4LOZ?= =?us-ascii?Q?iczVYe17ndkuB64xrp1QYGduvdLJO1wS6guvqhIlQTuhSc8sCkLQX0OP/yT7?= =?us-ascii?Q?+U3v0eadST75vImM8Peue5lFEAS0yTTzEVjsMZH3dm/3CYD8VjH+ErJPpD3/?= =?us-ascii?Q?UPGTd0W1hIDk2LzX/blqo7OT5086YKYW63ffon86QYxpVbrs3Rf1U+WMYPzI?= =?us-ascii?Q?ubqm2y3qM68VwMqsDJx3VLw9uj3GJgXEkqfZA9y+sITl/u9FME6aEmNTVqYH?= =?us-ascii?Q?Bg3W2B5c5wb8dfXGaYjzydQeB+zTzeT9t8u0h2EoCzoula62J2XZ1ItLVwU7?= =?us-ascii?Q?70xoJ/O3+/XtWqv3Aq0YzMU0bA5yQ2XNJ2xDXziBYxJYdWaUJdtyZL9ek9m/?= =?us-ascii?Q?t7T8Umh3SuE3iOAiEXCkoznuxE40VRLb1lEP87Pl0Y3UhClo4mbBVv+uSjxQ?= =?us-ascii?Q?o1h3REOIXBW7EdC61ZU=3D?= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: marvell.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO6PR18MB4484.namprd18.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 46fdfbc5-7d40-40c2-824e-08daa1505c43 X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Sep 2022 12:52:54.3417 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 70e1fb47-1155-421d-87fc-2e58f638b6e0 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: LLxwvDfTnkIQCdFwIunqB8GAetqUt3PQdblleTm2caKXVGNF+RWi8z7/CoVLuQ1EEU8BggIGCyWWaG1zDgK6eA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR18MB3919 X-Proofpoint-GUID: P9N1sKIm_Q9-4T8jrp22JmuxiIwmcVSM X-Proofpoint-ORIG-GUID: P9N1sKIm_Q9-4T8jrp22JmuxiIwmcVSM X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-09-28_06,2022-09-28_01,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org > Subject: [PATCH v2 0/3] security: support MACsec >=20 > Added support for MACsec in rte_security for offloading > MACsec Protocol operation to inline NIC device or a crypto device. >=20 > To support MACsec we cannot just make one security session and > send with the packet to process it. MACsec specifications suggest, > it can have 3 different entities - SECY Entity, SC(secure channel) and > SA(security association). And same SA can be used by multiple SCs and > similarly many SECY can have same SCs. Hence, in order to support this > many to one relationships between all entities, 2 new APIs are created - > rte_security_macsec_sc_create and rte_security_sa_create. > Flow of execution of the APIs would be as > - rte_security_macsec_sa_create > - rte_security_macsec_sc_create > - rte_security_session_create(for secy) > And in case of inline protocol processing rte_flow can be created with > rte_security action similar to IPsec flows except that the flow item > will be MACsec instead of IPsec. >=20 > A new flow item is added for MACsec header and a set of events are added > to specify the errors occurred during inline protocol processing. >=20 > New APIs are also created for getting SC and SA stats. >=20 > Patches for PMD implementation and test app are submitted separately > which can be separately applied after RC1. WIP Patches are sent to support this series to be merged in RC1. http://patches.dpdk.org/project/dpdk/list/?series=3D24879 >=20 > Changes in v2: > - Incorporated comments from Olivier except the one to split tci_an into > bitfields. > - added release notes and removed deprecation notice. > - added some missing fields in rte_security patch. >=20 >=20 > Akhil Goyal (3): > net: add MACsec header > ethdev: add MACsec flow item > security: support MACsec >=20 > doc/api/doxy-api-index.md | 3 +- > doc/guides/prog_guide/rte_security.rst | 107 ++++++- > doc/guides/rel_notes/deprecation.rst | 5 - > doc/guides/rel_notes/release_22_11.rst | 10 + > lib/ethdev/rte_ethdev.h | 55 ++++ > lib/ethdev/rte_flow.h | 18 ++ > lib/net/meson.build | 1 + > lib/net/rte_macsec.h | 61 ++++ > lib/security/rte_security.c | 86 ++++++ > lib/security/rte_security.h | 370 ++++++++++++++++++++++++- > lib/security/rte_security_driver.h | 86 ++++++ > lib/security/version.map | 6 + > 12 files changed, 789 insertions(+), 19 deletions(-) > create mode 100644 lib/net/rte_macsec.h >=20 > -- > 2.25.1