From: Akhil Goyal <akhil.goyal@nxp.com>
To: "Coyle, David" <david.coyle@intel.com>,
"dev@dpdk.org" <dev@dpdk.org>,
"techboard@dpdk.org" <techboard@dpdk.org>
Cc: Hemant Agrawal <hemant.agrawal@nxp.com>,
"anoobj@marvell.com" <anoobj@marvell.com>,
"Doherty, Declan" <declan.doherty@intel.com>
Subject: Re: [dpdk-dev] [PATCH 2/7] security: modify PDCP xform to support SDAP
Date: Thu, 8 Oct 2020 09:01:19 +0000 [thread overview]
Message-ID: <VI1PR04MB3168367AEE4EA602183ABBC2E60B0@VI1PR04MB3168.eurprd04.prod.outlook.com> (raw)
In-Reply-To: <MN2PR11MB3550870313447A3AB6CE0FEBE30C0@MN2PR11MB3550.namprd11.prod.outlook.com>
Hi David,
> Hi Akhil
>
>
> > @@ -693,6 +693,23 @@ PDCP related configuration parameters are defined
> > in ``rte_security_pdcp_xform``
> > uint32_t hfn;
> > /** HFN Threshold for key renegotiation */
> > uint32_t hfn_threshold;
> > + /** HFN can be given as a per packet value also.
> > + * As we do not have IV in case of PDCP, and HFN is
> > + * used to generate IV. IV field can be used to get the
> > + * per packet HFN while enq/deq.
> > + * If hfn_ovrd field is set, user is expected to set the
> > + * per packet HFN in place of IV. PMDs will extract the HFN
> > + * and perform operations accordingly.
> > + */
> > + uint8_t hfn_ovrd;
> > + /** In case of 5G NR, a new protocol(SDAP) header may be set
> > + * inside PDCP payload which should be authenticated but not
> > + * encrypted. Hence, driver should be notified if SDAP is
> > + * enabled or not, so that SDAP header is not encrypted.
> > + */
> > + uint8_t sdap_enabled;
> > + /** Reserved for future */
> > + uint16_t reserved;
> > };
>
> [DC] Should we consider removing the API code out of the security
> documentation?
> It's a direct copy of the API code itself, and just means 2 files need to be updated
> for every API change.
> And as with 'hfn_ovrd', sometimes it's forgotten.
> From maintainability point of view, it might be better just remove it.
Yes we can remove it. I will remove it in a separate patch.
>
> >
> > DOCSIS related configuration parameters are defined in
> > ``rte_security_docsis_xform`` diff --git a/lib/librte_security/rte_security.h
> > b/lib/librte_security/rte_security.h
> > index 16839e539..48b377b20 100644
> > --- a/lib/librte_security/rte_security.h
> > +++ b/lib/librte_security/rte_security.h
> > @@ -1,5 +1,5 @@
> > /* SPDX-License-Identifier: BSD-3-Clause
> > - * Copyright 2017,2019 NXP
> > + * Copyright 2017,2019-2020 NXP
> > * Copyright(c) 2017-2020 Intel Corporation.
> > */
> >
> > @@ -290,7 +290,15 @@ struct rte_security_pdcp_xform {
> > * per packet HFN in place of IV. PMDs will extract the HFN
> > * and perform operations accordingly.
> > */
> > - uint32_t hfn_ovrd;
> > + uint8_t hfn_ovrd;
> > + /** In case of 5G NR, a new protocol(SDAP) header may be set
>
> [DC] Very minor thing... add space between 'protocol' and '(SDAP)' in the
> comment block.
Sure. Will add it.
>
Adding Techboard for request for approval of the change in the xform structure to
Add sdap support.
> And same comment for the documentation if you choose to keep the API code
> blocks there too.
>
> > + * inside PDCP payload which should be authenticated but not
> > + * encrypted. Hence, driver should be notified if SDAP is
> > + * enabled or not, so that SDAP header is not encrypted.
> > + */
> > + uint8_t sdap_enabled;
> > + /** Reserved for future */
> > + uint16_t reserved;
> > };
> >
> > /** DOCSIS direction */
> > --
> > 2.17.1
next prev parent reply other threads:[~2020-10-08 9:01 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-03 16:06 [dpdk-dev] [PATCH 0/7] support PDCP-SDAP for dpaa2_sec akhil.goyal
2020-09-03 16:06 ` [dpdk-dev] [PATCH 1/7] common/dpaax/caamflib: Support PDCP-SDAP akhil.goyal
2020-09-03 16:06 ` [dpdk-dev] [PATCH 2/7] security: modify PDCP xform to support SDAP akhil.goyal
2020-10-05 18:04 ` Coyle, David
2020-10-08 9:01 ` Akhil Goyal [this message]
2020-09-03 16:06 ` [dpdk-dev] [PATCH 3/7] crypto/dpaa2_sec: enable PDCP-SDAP sessions akhil.goyal
2020-09-03 16:06 ` [dpdk-dev] [PATCH 4/7] crypto/dpaa_sec: " akhil.goyal
2020-09-03 16:06 ` [dpdk-dev] [PATCH 5/7] test/crypto: Add test vectors for PDCP-SDAP akhil.goyal
2020-09-03 16:06 ` [dpdk-dev] [PATCH 6/7] test/crypto: Modify test_pdcp_proto to take parameters akhil.goyal
2020-09-03 16:06 ` [dpdk-dev] [PATCH 7/7] test/crypto: Add PDCP-SDAP cases akhil.goyal
2020-10-11 21:33 ` [dpdk-dev] [PATCH v2 0/8] support PDCP-SDAP for dpaa2_sec Akhil Goyal
2020-10-11 21:33 ` [dpdk-dev] [PATCH v2 1/8] common/dpaax/caamflib: Support PDCP-SDAP Akhil Goyal
2020-10-11 21:33 ` [dpdk-dev] [PATCH v2 2/8] security: modify PDCP xform to support SDAP Akhil Goyal
2020-10-11 21:33 ` [dpdk-dev] [PATCH v2 3/8] doc: remove unnecessary API code from security guide Akhil Goyal
2020-10-11 21:33 ` [dpdk-dev] [PATCH v2 4/8] crypto/dpaa2_sec: enable PDCP-SDAP sessions Akhil Goyal
2020-10-11 21:34 ` [dpdk-dev] [PATCH v2 5/8] crypto/dpaa_sec: " Akhil Goyal
2020-10-11 21:34 ` [dpdk-dev] [PATCH v2 6/8] test/crypto: Add test vectors for PDCP-SDAP Akhil Goyal
2020-10-11 21:49 ` Thomas Monjalon
2020-10-12 14:01 ` Akhil Goyal
2020-10-11 21:34 ` [dpdk-dev] [PATCH v2 7/8] test/crypto: Modify test_pdcp_proto to take parameters Akhil Goyal
2020-10-11 21:34 ` [dpdk-dev] [PATCH v2 8/8] test/crypto: Add PDCP-SDAP cases Akhil Goyal
2020-10-12 14:09 ` [dpdk-dev] [PATCH v3 0/8] support PDCP-SDAP for dpaa2_sec Akhil Goyal
2020-10-12 14:09 ` [dpdk-dev] [PATCH v3 1/8] common/dpaax/caamflib: Support PDCP-SDAP Akhil Goyal
2020-10-12 14:10 ` [dpdk-dev] [PATCH v3 2/8] security: modify PDCP xform to support SDAP Akhil Goyal
2020-10-14 7:46 ` Thomas Monjalon
2020-10-14 20:26 ` Akhil Goyal
2020-10-12 14:10 ` [dpdk-dev] [PATCH v3 3/8] doc: remove unnecessary API code from security guide Akhil Goyal
2020-10-12 14:10 ` [dpdk-dev] [PATCH v3 4/8] crypto/dpaa2_sec: enable PDCP-SDAP sessions Akhil Goyal
2020-10-12 14:10 ` [dpdk-dev] [PATCH v3 5/8] crypto/dpaa_sec: " Akhil Goyal
2020-10-12 14:10 ` [dpdk-dev] [PATCH v3 6/8] test/crypto: Add test vectors for PDCP-SDAP Akhil Goyal
2020-10-12 14:10 ` [dpdk-dev] [PATCH v3 7/8] test/crypto: Modify test_pdcp_proto to take parameters Akhil Goyal
2020-10-12 14:10 ` [dpdk-dev] [PATCH v3 8/8] test/crypto: Add PDCP-SDAP cases Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=VI1PR04MB3168367AEE4EA602183ABBC2E60B0@VI1PR04MB3168.eurprd04.prod.outlook.com \
--to=akhil.goyal@nxp.com \
--cc=anoobj@marvell.com \
--cc=david.coyle@intel.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=hemant.agrawal@nxp.com \
--cc=techboard@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).