From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <Anoob.Joseph@cavium.com>
Received: from NAM04-CO1-obe.outbound.protection.outlook.com
 (mail-eopbgr690074.outbound.protection.outlook.com [40.107.69.74])
 by dpdk.org (Postfix) with ESMTP id B8E0D1041
 for <dev@dpdk.org>; Thu,  6 Sep 2018 06:14:44 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=CAVIUMNETWORKS.onmicrosoft.com; s=selector1-cavium-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=7KQ2RJc+3E9uIJRm59X0GlHZndvitCrNio/lUUSqYZc=;
 b=JOgoB1TwEg5PHgpnyb6vZeHPuIrx0YFTzH/25y3H1oP4GB77sS9E3tYml7U40DR4oPOVZSDD7gZCNboOkKumel3708JmqNQvqAu7q946p9GUN3tz1NCqTKnZclGcLB7OimxLH+Hd5upjrsavD5Mitew+khijQZ0uA73Qi4fvlpk=
Authentication-Results: spf=none (sender IP is )
 smtp.mailfrom=Anoob.Joseph@cavium.com; 
Received: from [10.88.100.222] (115.113.156.2) by
 DM6PR07MB4905.namprd07.prod.outlook.com (2603:10b6:5:a3::10) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.1080.14; Thu, 6 Sep 2018 04:14:39 +0000
To: akhil.goyal@nxp.com
References: <20180828130105.30779-1-akhil.goyal@nxp.com>
 <20180828130105.30779-2-akhil.goyal@nxp.com>
Cc: dev@dpdk.org, Declan Doherty <declan.doherty@intel.com>,
 Pablo de Lara <pablo.de.lara.guarch@intel.com>,
 Radu Nicolau <radu.nicolau@intel.com>,
 Jerin Jacob <jerin.jacob@caviumnetworks.com>,
 Narayana Prasad <narayanaprasad.athreya@caviumnetworks.com>,
 "Verma, Shally" <Shally.Verma@caviumnetworks.com>,
 Vidya Sagar Velumuri <Vidya.Velumuri@caviumnetworks.com>
From: "Joseph, Anoob" <Anoob.Joseph@caviumnetworks.com>
Message-ID: <d416265c-534e-e154-5d35-e4bb13e9e689@caviumnetworks.com>
Date: Thu, 6 Sep 2018 09:45:20 +0530
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101
 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <20180828130105.30779-2-akhil.goyal@nxp.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-US
X-Originating-IP: [115.113.156.2]
X-ClientProxiedBy: MAXPR0101CA0004.INDPRD01.PROD.OUTLOOK.COM
 (2603:1096:a00:c::14) To DM6PR07MB4905.namprd07.prod.outlook.com
 (2603:10b6:5:a3::10)
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 7ae918bb-74fd-4659-b48b-08d613af456c
X-Microsoft-Antispam: BCL:0; PCL:0;
 RULEID:(7020095)(4652040)(8989137)(5600074)(711020)(2017052603328)(7153060)(7193020);
 SRVR:DM6PR07MB4905; 
X-Microsoft-Exchange-Diagnostics: 1; DM6PR07MB4905;
 3:+1vV2NA3X3JmQNbq2SgbJxulLraGspSxDxyjfdVsGhuMKseh0hMd5xFR9ARWnTLSqGc+EKeo6FSVM2TRKmUpF3Wx3SI2n3ZzGgyFD7TI6fA2cZmEIgVwjiBvnyqY/hy3GD2pIM2wr9XBUxbLMBqnbXadZ3SFnvw3fPWoe5rC+A+k2gp3UfHEtLX01wFirJe9tT4D5WVfJAsA1djgfp4tA3dhuEvETdoqdJQE/bB07h4HNQl3JxionqDv7rBnyPDo;
 25:ZrJQGeQ81jkk+qIw6CKqF42QK1/5ZEb795Net405Q+P29s/EVJc/sYlcqIMR+4DYl4ajiIvyDl9hKbfOXtwwzaM+YiEYejJFK/YcCPWlExXvhj3Zj5MR2XxbKX5v04XCtO55cebHPDGwIpzQyVUsuzkHNXt558NVlsMSTFqBhrCzdqK1g9HGLaLi13MYO38TZEBrA6vG6BE8hRHTvM7hXTR2DUZbfRVtCBnuc3lAQAUHZiD+wfSpSkeo6eWptYpWkhMCQhkcwSk/asB23Bs+A9g6TvefT4/LqqlvNpO/1v+mr3InjiqkrLJEeR9NZmvdVy1ipnp1DIeGpCGSh0ozmA==;
 31:UBCGa4VlliHH06XyEODXGohh8j4Fly1Kj4O2VRPpdt8q7iLL/bwUU+ExTF3AMDZtgOU8Pw2XAn901oM0+KauV4tfnWK9R9+gA7Q4IiiDAhRnIRCWWu2+K+lR7ulNp3jB5la4aoZpOlOj5hzbr8FshWDDE9U46gG0xi25lxTAEYXPDRLYMNr8YWRtQFVEEfBiyouEKJHxW6zN57RJBhzwrvqXV2f1T6Tc5MEeVbVLKYg=
X-MS-TrafficTypeDiagnostic: DM6PR07MB4905:
X-Microsoft-Exchange-Diagnostics: 1; DM6PR07MB4905;
 20:/8gZxWyoz710t2apZQD/LUrdRI3xgpJyqXIuw2O/0q3OhFVfqULrFFEStzUWfcAS91GTdIQt9dLoGuV5DW4hAfr1qJb9lgqWf8O2mzDfHcT28UwPgcbY1ZZhN9Gmheb+ff4Pt88Dq5URe0OKJXKobuP928Lz/o6ZdRrbtHJ/As3PvYe5t2EJqOvTO1kJxbmJ63+r4WfoP8Qh1wkU6b27lrXkGoK7Rbct58C9a//eG+LrdbHVNYgzGBfTbVepJc+mbXt/M6nJdgDbjXiocvBnDHWRIBCrtj0tlvobU6hfBZ+C2x0yW6Lev6Dp/FWVSInk+exdkvmP5ahmf8dEeUCqerHOhmglFLU6GECbP3gOKy2JMwYA30Ex9MB2O+zlEyHFVwpWeFcQNPbK1cCsC3Uosixp+/e9W/O8bP3sXbBAP9fzxGgFfc+lnF6LkmG9+pqsKrZ845FcbMB0huaAarRp9kTkPHoQ+vEK6Y3ow1X8aH0y1ok2268yG6A/R61hu8M6ynVWIIPlHqo210a2oVUoplDaKVR5mhgkP7DjloHkjGBYTyX4eF2g15XIbbYCum+MZccMjReIv0GdReAHxJ72ToYqvQJ0q973JFgcSojy2N4=
X-Microsoft-Antispam-PRVS: <DM6PR07MB4905E95B8735844056B4DD33F8010@DM6PR07MB4905.namprd07.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:(192374486261705)(185117386973197)(269456686620040); 
X-MS-Exchange-SenderADCheck: 1
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0;
 RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3002001)(10201501046)(3231311)(944501410)(52105095)(93006095)(149027)(150027)(6041310)(20161123558120)(20161123562045)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(201708071742011)(7699016);
 SRVR:DM6PR07MB4905; BCL:0; PCL:0; RULEID:; SRVR:DM6PR07MB4905; 
X-Microsoft-Exchange-Diagnostics: 1; DM6PR07MB4905;
 4:Go3DCYZCAF6jpnB2mNAICvp/l3RdVM+w0sL5YKgaFYJ4U6lwKHRF+GdHaf5Hk3s2+hmXjDnBMSf8N8wLU3MYKWzgln3tLo3fW0uH4qNnCz59Se3qrnmkCzrsYrZqtiaXAmlPM4mI7DuCdzN9jIRdewNGn+5APOEg8bwlGjrIaDdI/lEeP4HiwDT+AhjDM5dCu9F96l8LVWB10S3lYdVIwzqr4lsGXkxjCDJbH2TzImUw5zmHgjwyWbfLwCJrvYr6Egvpc2tbl1hrgak8RWFf/Gll4Q+uRV/J51K5XeB3599coIk9pVZExMdQ6rZepUwKX7n09O9dwlo57pjTJL6hnm3B08nCFaHrTuZ5EswwhZ3NnirCdg78g0SpHh1+eg2L
X-Forefront-PRVS: 0787459938
X-Forefront-Antispam-Report: SFV:NSPM;
 SFS:(10009020)(6049001)(376002)(136003)(39860400002)(396003)(366004)(346002)(199004)(189003)(52164004)(8676002)(72206003)(14444005)(4326008)(7736002)(305945005)(107886003)(42882007)(8936002)(478600001)(6116002)(65826007)(6246003)(3846002)(25786009)(65956001)(66066001)(64126003)(65806001)(47776003)(3260700006)(5660300001)(230700001)(36756003)(68736007)(76176011)(52116002)(2486003)(52146003)(23676004)(316002)(16576012)(6916009)(58126008)(6666003)(53936002)(50466002)(54906003)(386003)(53546011)(6486002)(16526019)(2361001)(81156014)(26005)(77096007)(229853002)(575784001)(105586002)(2906002)(476003)(31696002)(67846002)(956004)(15650500001)(106356001)(97736004)(446003)(11346002)(2351001)(486006)(81166006)(31686004)(2616005);
 DIR:OUT; SFP:1101; SCL:1; SRVR:DM6PR07MB4905; H:[10.88.100.222]; FPR:;
 SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; 
Received-SPF: None (protection.outlook.com: cavium.com does not designate
 permitted sender hosts)
X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtETTZQUjA3TUI0OTA1OzIzOngzelFabCs4YlROdEVLMEV2UVc0MnA0YjIr?=
 =?utf-8?B?ZUNUOEtGdkpsVktOYU93L001YStmbC8rSGtjMVpab1Z0QS9GZUs0UTZPSlZh?=
 =?utf-8?B?OHNvSDBtUnRTNkFQSjFBNVJpMmIyVnppSUh4Nlhid1JJVWtRanNlaUM3U21F?=
 =?utf-8?B?OUVCOUs4NVhDejdaNGxWZ3plVkRaaENsN3dBbDB3TnR0RFJBcEpoZHg3WjU1?=
 =?utf-8?B?ekpacElyWjNESVBmL3JMZmFTUkxrdk5HaHBxdTNaYXRRM0pVeTJMRzNlcFhN?=
 =?utf-8?B?N0R0QjFuTlBHVURqcUhDNHBoeEJTV09EUzJaRUVNa29IQ2tyRytqM3psZmJE?=
 =?utf-8?B?TFM3Q2ZxZ0c5all6ZGtkQmxibksrZnZzRWlFQnBjMHJ1b0t3WkpNM0h4MUp0?=
 =?utf-8?B?OVU4WHdFaTlybVhSVm11dzQ3amRlVVJZd3djVDRaa2c4TDBxb1NPc2RIM09x?=
 =?utf-8?B?d2RrYk1VUG9HZ3BwbW0xbDdiVUtJOVBxcWk0cWVTY2JkYk9qV28yZzIvS1pY?=
 =?utf-8?B?UDZXWnNzcm1CTW9Sd0VmYmtHbzZjVlEvcFRPUC9uVVVMaXNiWGFxSXFZOFl4?=
 =?utf-8?B?bGdjZ2QvdjFmQVpkenUzQllLVDlQUmJYWlJXc3NFYXBMWms0RzRZTXpUL3hh?=
 =?utf-8?B?dTk1cUMwT2ZQRUhVSHE5cDVrNlk1U283cnhFMEtEaEMvTmVTODRsendVS25q?=
 =?utf-8?B?ZjhLb0d6SENPTVVrQUJ6cUx5dVNZTEtLMVZBaGFMR2dBK1FmK00yWFhkM2lN?=
 =?utf-8?B?MDV2cDFIVXA3YUwxK0p6VXptQ2NSdjdLeDU4YzJLUnY0ZjFDTTBuK05WYTE1?=
 =?utf-8?B?b1hZMVRkQWJwcGlWT2ozaHZpZUhTcVAzdmY4U0RrWjlpZ25XT1pBdlZsSEZ6?=
 =?utf-8?B?UHhRUDZSS0ZnU2RwdFhYbjJRZC82YTVKK2crN3RrL3ZkRU8xYTU4K3VBdXln?=
 =?utf-8?B?RXlnSHpSRXlSQ2pqT1l6UEUyK3lyQnh1RmtNR3pHUDI3dWJFbkNRR2ROL2hC?=
 =?utf-8?B?K055VlRoQVlvWW1lTWVVVHhIOTdGMDBRRlF1cllnemxRTzlZWUNveXJYRUpo?=
 =?utf-8?B?UHE0SnE5bGlBVEhITDZqTHlZSUJHQ2RXVzdJTW96QVg3dlB2b0QraVdqbjFo?=
 =?utf-8?B?L1Nvck8wcG1PWWJxbUhFMXJYNGVrNGluNkxEWjdUeU9kUEJlUm1uS1FBRHJ6?=
 =?utf-8?B?SGhTM3JMSUxHS2N4NWU3K21pZDJPTVBHNDZwSDdHQzAwQ3cvZGVPVFgwUVFL?=
 =?utf-8?B?SW1kdWVTbkk1ejFtWVAyUzN3TTFJdko3Z0llM3YvQk1kSDJOd0tvYWJzRWNK?=
 =?utf-8?B?N1NBbzFrR001YnZxUWpNZHA5elUrejUvMlkraWhnODh0L0VXdlo4NDJDMll3?=
 =?utf-8?B?L2pSWWlGL3FUdGNoQ0xUV3BRSmIzOGw5c21hWXI0M2xLeW8rcWF1NXZBVmYy?=
 =?utf-8?B?dnNmN2VnMjJVQmJ3TVRBeEpZMlZDN1dDbFcvdEJpYmFMRVptVFJQV2d1cEtU?=
 =?utf-8?B?TWNuOGJpaWVnd2Y0ZzRsYWRHc2I5cDNJU2ZsQkRoc2dTLy9WckpkZnJTVVdr?=
 =?utf-8?B?R29hUEFYaFRud0JJeVhCVWpUQkhvUzNPWVB5c1hzZGR1OVpmUlRGV2FocjJs?=
 =?utf-8?B?SU1ibkpISWNzRzFpeUF0WnFaNW0zcndzMGpTM2l3TnkvTVk5OVFrUUl6QUtB?=
 =?utf-8?B?WWZqU01SUmN1OXVXNEtRb2toSytWcEoweFdSdURnN29iKzBKK0FEdEI1VmRG?=
 =?utf-8?B?L3dXVmdRSUlMNVhPdXNqeUJHK003ODM0ZG9SUitGVm05WHljdUw1elgrR2Uv?=
 =?utf-8?B?UkdkZHdqcVlvM0R1dVJxWTRMalQxY2RmTXZyVHVENTMwZEdNbHFQeVNwRm5K?=
 =?utf-8?B?K1hxdWQvL1p6VmdJQkRxRUQwcUc4NW1RVmM0ZFZIQ3FDSEt0dDgwYzBOeCtP?=
 =?utf-8?B?TVI0MWVvTEN0L0IxS1RMUFJBdnJFbE1NZS9IcGFseDdwNGF4VVNKU0pYb2s0?=
 =?utf-8?B?U2djaE9yTytSL1I3UkF6bkpGVENXT0pYOHVTZmVQTW83Y0FaVjlxemZwdDFi?=
 =?utf-8?B?WmlLYzlYNVZuVHNVbXZOS3lHU0IyNnI3Lyt1VWNiaXViaytKWExyenVweTZC?=
 =?utf-8?B?Yi9FUWhBREcwWWRJS0VvWXZsZFFhZ2lzeDV6U3dMcUY1QklmQlJWWEl6ejJw?=
 =?utf-8?Q?WIPga/cSdZ0ZxKwpIoi5Zncj2hNLO9J0fKtM/nh0H4=3D?=
X-Microsoft-Antispam-Message-Info: PimWDNBlWe3FUH59bhsFCjvIaCDpqkXqTRDIJhsouABflb6pIpLU04U1+QlIWrYcb0uC0I9fTGGTVqCL2bTTPpeXhKwqwXHDTPPpvClVUvIcGtPqeglloVYZT/0KJKjl+7/w74ZkAi2I88pty1Js48NCrGmFdCKuMwH3zv72aVhNxnfMEp1/s+XE2X/qbIzEBGNyG4BaGQ2s3hrn6JuOs6mc7DOdHM5zR5+rfi/Hsr+YaAZB36g9ZV6dFF2/B1Ystvdgh67RaRJBGxMSvbA9zWATn1wh6/Xxm2/Ktz4wC4LvR8+ooeEoI6TYmSPzhJPsVOAVwW63+s6K4ViLB0t957JNC9C41bqoT8OZl6Kslqg=
X-Microsoft-Exchange-Diagnostics: 1; DM6PR07MB4905;
 6:OYn4Z55G1N6OF6iRJtDcQbBd/5lwSe5i2dWr6WPRG1gAlnO1EfjUq1qSXfQ8OSee4g0Lupl/EaQ+KrqbD8B+968eqqPJh4Y0TpT2lXd62kfV59hK5WIGAo/IAHpf0THDcH/q0rAzDszthyXxfD1MTXvXdHnPfUYVqMKTsx7hluJFNZZtd02xThGdNH/bB6ReV1+GVWOXVQqhnNjl5lXRrKIyLD0JOU2OQKYg/jKkz4WS06WcBGS41QOaTjTla3dAS5niJlxTtN2Jpm8Itgk+/nuETfQYyBHjMudOWDAuln42NLLB5oRmp3BCkiwfgTKCjpZKOMdpYyjVmk2/Evwd8aHLDva2nGKyrLIfwN6hiPVmxWkhXaZ+NNCuszrTbdRqE3sZQFUMLTAkp6UGg4Zdh8kaW6b6WAefTMJS2cSyIdfN2epqpjMFVTi+UDtDFgWNd1e/eaDZIDw8Ut7Zslsctw==;
 5:3+J8/LKiHtNgMFsyHnfaWYZOUuFtuWsBcOmTa0dZQ8D9HjyQuc/gS721SrASmIvkgxQnG5jwCblg63i1Y1i2uMNVn4ln7SZC7qmykDhjBIjJB5r9OS77DrNGOUtwdwGi1dloagTIN2MnUk420u6KvwGlki2TpQHyIIDIsK047k0=;
 7:Ksd8JiLxEulhpWRV1U3zmRm36LZ1S7xKPDlNTtHeK8ZiCxMx/wqp9hQ6iTOJaYsrSczBvbEzUQMM1153Scju+Lpuxf2EXJ0LOwvP8ET3azITLqa6xu1yK68r5liDZduh81F0RAHI7vV66dmEcLsNKmP9nuD/TE1A2OHr0Gqx+JWp+TCZLjwH1IF/mytxHkuAw+27h84Rc9130poh8ikkk1urVLlchVMkQ8eBfbwkb/vQos+YX9yK4HjqZ1OBhg1I
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-OriginatorOrg: caviumnetworks.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Sep 2018 04:14:39.1179 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 7ae918bb-74fd-4659-b48b-08d613af456c
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 711e4ccf-2e9b-4bcf-a551-4094005b6194
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR07MB4905
Subject: Re: [dpdk-dev] [PATCH 1/3] security: support pdcp protocol
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Sep 2018 04:14:45 -0000

Hi Akhil,

Please see inline.

Thanks,
Anoob

On 28-08-2018 18:31, akhil.goyal@nxp.com wrote:
> External Email
>
> From: Akhil Goyal <akhil.goyal@nxp.com>
>
> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
> ---
>   doc/guides/prog_guide/rte_security.rst | 90 ++++++++++++++++++++++++--
>   lib/librte_security/rte_security.c     |  4 ++
>   lib/librte_security/rte_security.h     | 62 ++++++++++++++++++
>   3 files changed, 149 insertions(+), 7 deletions(-)
>
> diff --git a/doc/guides/prog_guide/rte_security.rst b/doc/guides/prog_guide/rte_security.rst
> index 0812abe77..412fff016 100644
> --- a/doc/guides/prog_guide/rte_security.rst
> +++ b/doc/guides/prog_guide/rte_security.rst
> @@ -10,8 +10,8 @@ The security library provides a framework for management and provisioning
>   of security protocol operations offloaded to hardware based devices. The
>   library defines generic APIs to create and free security sessions which can
>   support full protocol offload as well as inline crypto operation with
> -NIC or crypto devices. The framework currently only supports the IPSec protocol
> -and associated operations, other protocols will be added in future.
> +NIC or crypto devices. The framework currently only supports the IPSec and PDCP
> +protocol and associated operations, other protocols will be added in future.
>
>   Design Principles
>   -----------------
> @@ -253,6 +253,46 @@ for any protocol header addition.
>           +--------|--------+
>                    V
>
> +PDCP Flow Diagram
> +~~~~~~~~~~~~~~~~~
> +
> +.. code-block:: c
> +
> +        Transmitting PDCP Entity          Receiving PDCP Entity
> +                  |                                   ^
> +                  |                       +-----------|-----------+
> +                  V                       | In order delivery and |
> +        +---------|----------+            | Duplicate detection   |
> +        | Sequence Numbering |            |  (Data Plane only)    |
> +        +---------|----------+            +-----------|-----------+
> +                  |                                   |
> +        +---------|----------+            +-----------|----------+
> +        | Header Compression*|            | Header Decompression*|
> +        | (Data-Plane only)  |            |   (Data Plane only)  |
> +        +---------|----------+            +-----------|----------+
> +                  |                                   |
> +        +---------|-----------+           +-----------|----------+
> +        | Integrity Protection|           |Integrity Verification|
> +        | (Control Plane only)|           | (Control Plane only) |
> +        +---------|-----------+           +-----------|----------+
> +        +---------|-----------+            +----------|----------+
> +        |     Ciphering       |            |     Deciphering     |
> +        +---------|-----------+            +----------|----------+
> +        +---------|-----------+            +----------|----------+
> +        |   Add PDCP header   |            | Remove PDCP Header  |
> +        +---------|-----------+            +----------|----------+
> +                  |                                   |
> +                  +----------------->>----------------+
> +
[Anoob] Which PDCP specification revision is this based on? In the 5G 
specification, even data-plane may undergo integrity protection.
> +
> +.. note::
> +
> +    * Header Compression and decompression are not supported currently.
> +
> +Just like IPSec, in case of PDCP also header addition/deletion, cipher/
> +de-cipher, integrity protection/verification is done based on the action
> +type chosen.
> +
>   Device Features and Capabilities
>   ---------------------------------
>
> @@ -271,7 +311,7 @@ structure in the *DPDK API Reference*.
>
>   Each driver (crypto or ethernet) defines its own private array of capabilities
>   for the operations it supports. Below is an example of the capabilities for a
> -PMD which supports the IPSec protocol.
> +PMD which supports the IPSec and PDCP protocol.
>
>   .. code-block:: c
>
> @@ -298,6 +338,22 @@ PMD which supports the IPSec protocol.
>                   },
>                   .crypto_capabilities = pmd_capabilities
>           },
> +        { /* PDCP Lookaside Protocol offload Data Plane */
> +                .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
> +                .protocol = RTE_SECURITY_PROTOCOL_PDCP,
> +                .pdcp = {
> +                        .domain = RTE_SECURITY_PDCP_MODE_DATA,
> +                },
> +                .crypto_capabilities = pmd_capabilities
> +        },
> +        { /* PDCP Lookaside Protocol offload Control */
> +                .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
> +                .protocol = RTE_SECURITY_PROTOCOL_PDCP,
> +                .pdcp = {
> +                        .domain = RTE_SECURITY_PDCP_MODE_CONTROL,
> +                },
> +                .crypto_capabilities = pmd_capabilities
> +        },
>           {
>                   .action = RTE_SECURITY_ACTION_TYPE_NONE
>           }
> @@ -429,6 +485,7 @@ Security Session configuration structure is defined as ``rte_security_session_co
>           union {
>                   struct rte_security_ipsec_xform ipsec;
>                   struct rte_security_macsec_xform macsec;
> +                struct rte_security_pdcp_xform pdcp;
>           };
>           /**< Configuration parameters for security session */
>           struct rte_crypto_sym_xform *crypto_xform;
> @@ -463,15 +520,17 @@ The ``rte_security_session_protocol`` is defined as
>   .. code-block:: c
>
>       enum rte_security_session_protocol {
> -        RTE_SECURITY_PROTOCOL_IPSEC,
> +        RTE_SECURITY_PROTOCOL_IPSEC = 1,
>           /**< IPsec Protocol */
>           RTE_SECURITY_PROTOCOL_MACSEC,
>           /**< MACSec Protocol */
> +        RTE_SECURITY_PROTOCOL_PDCP,
> +        /**< PDCP Protocol */
>       };
>
> -Currently the library defines configuration parameters for IPSec only. For other
> -protocols like MACSec, structures and enums are defined as place holders which
> -will be updated in the future.
> +Currently the library defines configuration parameters for IPSec and PDCP only.
> +For other protocols like MACSec, structures and enums are defined as place holders
> +which will be updated in the future.
>
>   IPsec related configuration parameters are defined in ``rte_security_ipsec_xform``
>
> @@ -494,6 +553,23 @@ IPsec related configuration parameters are defined in ``rte_security_ipsec_xform
>           /**< Tunnel parameters, NULL for transport mode */
>       };
>
> +PDCP related configuration parameters are defined in ``rte_security_pdcp_xform``
> +
> +.. code-block:: c
> +
> +    struct rte_security_pdcp_xform {
> +        int8_t bearer; /**< PDCP bearer ID */
> +        enum rte_security_pdcp_domain domain;
> +        /** < PDCP mode of operation: Control or data */
> +        enum rte_security_pdcp_direction pkt_dir;
> +        /**< PDCP Frame Direction 0:UL 1:DL */
> +        enum rte_security_pdcp_sn_size sn_size;
> +        /**< Sequence number size, 5/7/12/15 */
> +        int8_t hfn_ovd; /**< Overwrite HFN per operation */
> +        uint32_t hfn;  /**< Hyper Frame Number */
> +        uint32_t hfn_threshold;        /**< HFN Threashold for key renegotiation */
> +    };
> +
[Anoob] PDCP packet ordering should be both a capability and a setting.
HFN will be incremented overtime and starts at 0. So why is it part of 
the xform?

Also the hfn_ovd is per operation. So why is it part of xform? Is it a 
boolean value? If so, where does the HFN for each operation come from?
>
>   Security API
>   ~~~~~~~~~~~~
> diff --git a/lib/librte_security/rte_security.c b/lib/librte_security/rte_security.c
> index 1954960a5..c6355de95 100644
> --- a/lib/librte_security/rte_security.c
> +++ b/lib/librte_security/rte_security.c
> @@ -131,6 +131,10 @@ rte_security_capability_get(struct rte_security_ctx *instance,
>                                          capability->ipsec.direction ==
>                                                          idx->ipsec.direction)
>                                          return capability;
> +                       } else if (idx->protocol == RTE_SECURITY_PROTOCOL_PDCP) {
> +                               if (capability->pdcp.domain ==
> +                                                       idx->pdcp.domain)
> +                                       return capability;
>                          }
>                  }
>          }
> diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h
> index b0d1b97ee..e625bc656 100644
> --- a/lib/librte_security/rte_security.h
> +++ b/lib/librte_security/rte_security.h
> @@ -206,6 +206,52 @@ struct rte_security_macsec_xform {
>          int dummy;
>   };
>
> +/**
> + * PDCP Mode of session
> + */
> +enum rte_security_pdcp_domain {
> +       RTE_SECURITY_PDCP_MODE_CONTROL, /**< PDCP control plane */
> +       RTE_SECURITY_PDCP_MODE_DATA,    /**< PDCP data plane */
> +};
> +
> +/** PDCP Frame direction */
> +enum rte_security_pdcp_direction {
> +       RTE_SECURITY_PDCP_UPLINK,       /**< Uplink */
> +       RTE_SECURITY_PDCP_DOWNLINK,     /**< Downlink */
> +};
> +
> +/**
> + * PDCP Sequence Number Size selectors
> + * @PDCP_SN_SIZE_5: 5bit sequence number
> + * @PDCP_SN_SIZE_7: 7bit sequence number
> + * @PDCP_SN_SIZE_12: 12bit sequence number
> + * @PDCP_SN_SIZE_15: 15bit sequence number
> + */
> +enum rte_security_pdcp_sn_size {
> +       RTE_SECURITY_PDCP_SN_SIZE_5 = 5,
> +       RTE_SECURITY_PDCP_SN_SIZE_7 = 7,
> +       RTE_SECURITY_PDCP_SN_SIZE_12 = 12,
> +       RTE_SECURITY_PDCP_SN_SIZE_15 = 15
> +};
[Anoob] SN size 18 is also possible
> +
> +/**
> + * PDCP security association configuration data.
> + *
> + * This structure contains data required to create a PDCP security session.
> + */
> +struct rte_security_pdcp_xform {
> +       int8_t bearer;  /**< PDCP bearer ID */
> +       enum rte_security_pdcp_domain domain;
> +               /** < PDCP mode of operation: Control or data */
> +       enum rte_security_pdcp_direction pkt_dir;
> +               /**< PDCP Frame Direction 0:UL 1:DL */
> +       enum rte_security_pdcp_sn_size sn_size;
> +               /**< Sequence number size, 5/7/12/15 */
> +       int8_t hfn_ovd; /**< Overwrite HFN per operation */
> +       uint32_t hfn;   /**< Hyper Frame Number */
> +       uint32_t hfn_threshold; /**< HFN Threashold for key renegotiation */
> +};
> +
>   /**
>    * Security session action type.
>    */
> @@ -232,6 +278,8 @@ enum rte_security_session_protocol {
>          /**< IPsec Protocol */
>          RTE_SECURITY_PROTOCOL_MACSEC,
>          /**< MACSec Protocol */
> +       RTE_SECURITY_PROTOCOL_PDCP,
> +       /**< PDCP Protocol */
>   };
>
>   /**
> @@ -246,6 +294,7 @@ struct rte_security_session_conf {
>          union {
>                  struct rte_security_ipsec_xform ipsec;
>                  struct rte_security_macsec_xform macsec;
> +               struct rte_security_pdcp_xform pdcp;
>          };
>          /**< Configuration parameters for security session */
>          struct rte_crypto_sym_xform *crypto_xform;
> @@ -413,6 +462,10 @@ struct rte_security_ipsec_stats {
>
>   };
>
> +struct rte_security_pdcp_stats {
> +       uint64_t reserved;
> +};
> +
>   struct rte_security_stats {
>          enum rte_security_session_protocol protocol;
>          /**< Security protocol to be configured */
> @@ -421,6 +474,7 @@ struct rte_security_stats {
>          union {
>                  struct rte_security_macsec_stats macsec;
>                  struct rte_security_ipsec_stats ipsec;
> +               struct rte_security_pdcp_stats pdcp;
>          };
>   };
>
> @@ -465,6 +519,11 @@ struct rte_security_capability {
>                          int dummy;
>                  } macsec;
>                  /**< MACsec capability */
> +               struct {
> +                       enum rte_security_pdcp_domain domain;
> +                       /** < PDCP mode of operation: Control or data */
> +               } pdcp;
> +               /**< PDCP capability */
>          };
>
>          const struct rte_cryptodev_capabilities *crypto_capabilities;
> @@ -506,6 +565,9 @@ struct rte_security_capability_idx {
>                          enum rte_security_ipsec_sa_mode mode;
>                          enum rte_security_ipsec_sa_direction direction;
>                  } ipsec;
> +               struct {
> +                       enum rte_security_pdcp_domain domain;
> +               } pdcp;
>          };
>   };
>
> --
> 2.17.1
>