diff mbox series

[v5,4/8] security: add cpu crypto action type

Message ID	20200128142220.16644-5-marcinx.smoczynski@intel.com (mailing list archive)
State	Superseded, archived
Delegated to:	akhil goyal
Headers	From: Marcin Smoczynski <marcinx.smoczynski@intel.com> To: akhil.goyal@nxp.com, konstantin.ananyev@intel.com, roy.fan.zhang@intel.com, declan.doherty@intel.com, radu.nicolau@intel.com, pablo.de.lara.guarch@intel.com Cc: dev@dpdk.org, Marcin Smoczynski <marcinx.smoczynski@intel.com> Date: Tue, 28 Jan 2020 15:22:16 +0100 Message-Id: <20200128142220.16644-5-marcinx.smoczynski@intel.com> In-Reply-To: <20200128142220.16644-1-marcinx.smoczynski@intel.com> References: <20200128031642.15256-1-marcinx.smoczynski@intel.com> <20200128142220.16644-1-marcinx.smoczynski@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-dev] [PATCH v5 4/8] security: add cpu crypto action type Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>
Series	Introduce CPU crypto mode \| [v5,0/8] Introduce CPU crypto mode [v5,1/8] cryptodev: introduce cpu crypto support API [v5,2/8] crypto/aesni_gcm: cpu crypto support [v5,3/8] test/crypto: add CPU crypto tests [v5,4/8] security: add cpu crypto action type [v5,5/8] ipsec: introduce support for cpu crypto mode [v5,6/8] examples/ipsec-secgw: cpu crypto support [v5,7/8] examples/ipsec-secgw: cpu crypto testing [v5,8/8] doc: add cpu crypto related documentation

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/Intel-compilation	fail	Compilation issues

Commit Message

Marcin Smoczynski Jan. 28, 2020, 2:22 p.m. UTC

  Introduce CPU crypto action type allowing to differentiate between
regular async 'none security' and synchronous, CPU crypto accelerated
sessions.

Signed-off-by: Marcin Smoczynski <marcinx.smoczynski@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
---
 lib/librte_security/rte_security.h | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

Comments

Akhil Goyal Jan. 31, 2020, 2:26 p.m. UTC | #1

Hi Marcin/Konstantin,

> Introduce CPU crypto action type allowing to differentiate between
> regular async 'none security' and synchronous, CPU crypto accelerated
> sessions.
> 
> Signed-off-by: Marcin Smoczynski <marcinx.smoczynski@intel.com>
> Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
> Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
> ---
>  lib/librte_security/rte_security.h | 8 ++++++--
>  1 file changed, 6 insertions(+), 2 deletions(-)
> 
> diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h
> index 546779df2..c8b2dd5ed 100644
> --- a/lib/librte_security/rte_security.h
> +++ b/lib/librte_security/rte_security.h
> @@ -1,6 +1,6 @@
>  /* SPDX-License-Identifier: BSD-3-Clause
>   * Copyright 2017,2019 NXP
> - * Copyright(c) 2017 Intel Corporation.
> + * Copyright(c) 2017-2020 Intel Corporation.
>   */
> 
>  #ifndef _RTE_SECURITY_H_
> @@ -307,10 +307,14 @@ enum rte_security_session_action_type {
>  	/**< All security protocol processing is performed inline during
>  	 * transmission
>  	 */
> -	RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL
> +	RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
>  	/**< All security protocol processing including crypto is performed
>  	 * on a lookaside accelerator
>  	 */
> +	RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO
> +	/**< Crypto processing for security protocol is processed by CPU
> +	 * synchronously
> +	 */
I am not able to see the need for this enum.

It is used by the app and ipsec library to identify the cpu-crypto codepath.

I don't see any security action been performed for this action_type.

This enum is just like NONE which is not used beyond the application/lib.
I think this needs to be documented properly in the description of the enum.

It should be something like

Similar to ACTION_TYPE_NONE, but the crypto processing is done on CPU
Synchronously.

Also add documentation of this in the rte_security.rst in this patch only.
There should not be any separate patch for documentation.

Regards,
Akhil

Akhil Goyal Feb. 4, 2020, 10:36 a.m. UTC | #2

> Hi Marcin/Konstantin,
> 
> > Introduce CPU crypto action type allowing to differentiate between
> > regular async 'none security' and synchronous, CPU crypto accelerated
> > sessions.
> >
> > Signed-off-by: Marcin Smoczynski <marcinx.smoczynski@intel.com>
> > Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
> > Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
> > ---
> >  lib/librte_security/rte_security.h | 8 ++++++--
> >  1 file changed, 6 insertions(+), 2 deletions(-)
> >
> > diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h
> > index 546779df2..c8b2dd5ed 100644
> > --- a/lib/librte_security/rte_security.h
> > +++ b/lib/librte_security/rte_security.h
> > @@ -1,6 +1,6 @@
> >  /* SPDX-License-Identifier: BSD-3-Clause
> >   * Copyright 2017,2019 NXP
> > - * Copyright(c) 2017 Intel Corporation.
> > + * Copyright(c) 2017-2020 Intel Corporation.
> >   */
> >
> >  #ifndef _RTE_SECURITY_H_
> > @@ -307,10 +307,14 @@ enum rte_security_session_action_type {
> >  	/**< All security protocol processing is performed inline during
> >  	 * transmission
> >  	 */
> > -	RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL
> > +	RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
> >  	/**< All security protocol processing including crypto is performed
> >  	 * on a lookaside accelerator
> >  	 */
> > +	RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO
> > +	/**< Crypto processing for security protocol is processed by CPU
> > +	 * synchronously
> > +	 */
> I am not able to see the need for this enum.
> 
> It is used by the app and ipsec library to identify the cpu-crypto codepath.
> 
> I don't see any security action been performed for this action_type.
> 
> This enum is just like NONE which is not used beyond the application/lib.
> I think this needs to be documented properly in the description of the enum.
> 
> It should be something like
> 
> Similar to ACTION_TYPE_NONE, but the crypto processing is done on CPU
> Synchronously.
> 
> Also add documentation of this in the rte_security.rst in this patch only.
> There should not be any separate patch for documentation.
> 

Could you please send the update to the patches that I requested.
I wanted to apply these today.

Ananyev, Konstantin Feb. 4, 2020, 10:43 a.m. UTC | #3

Hi Akhil,

> > > Introduce CPU crypto action type allowing to differentiate between
> > > regular async 'none security' and synchronous, CPU crypto accelerated
> > > sessions.
> > >
> > > Signed-off-by: Marcin Smoczynski <marcinx.smoczynski@intel.com>
> > > Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
> > > Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
> > > ---
> > >  lib/librte_security/rte_security.h | 8 ++++++--
> > >  1 file changed, 6 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h
> > > index 546779df2..c8b2dd5ed 100644
> > > --- a/lib/librte_security/rte_security.h
> > > +++ b/lib/librte_security/rte_security.h
> > > @@ -1,6 +1,6 @@
> > >  /* SPDX-License-Identifier: BSD-3-Clause
> > >   * Copyright 2017,2019 NXP
> > > - * Copyright(c) 2017 Intel Corporation.
> > > + * Copyright(c) 2017-2020 Intel Corporation.
> > >   */
> > >
> > >  #ifndef _RTE_SECURITY_H_
> > > @@ -307,10 +307,14 @@ enum rte_security_session_action_type {
> > >  	/**< All security protocol processing is performed inline during
> > >  	 * transmission
> > >  	 */
> > > -	RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL
> > > +	RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
> > >  	/**< All security protocol processing including crypto is performed
> > >  	 * on a lookaside accelerator
> > >  	 */
> > > +	RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO
> > > +	/**< Crypto processing for security protocol is processed by CPU
> > > +	 * synchronously
> > > +	 */
> > I am not able to see the need for this enum.
> >
> > It is used by the app and ipsec library to identify the cpu-crypto codepath.
> >
> > I don't see any security action been performed for this action_type.
> >
> > This enum is just like NONE which is not used beyond the application/lib.
> > I think this needs to be documented properly in the description of the enum.
> >
> > It should be something like
> >
> > Similar to ACTION_TYPE_NONE, but the crypto processing is done on CPU
> > Synchronously.
> >
> > Also add documentation of this in the rte_security.rst in this patch only.
> > There should not be any separate patch for documentation.
> >
> 
> Could you please send the update to the patches that I requested.
> I wanted to apply these today.

Marcin works on v6 to address your comments.
Plan to send it by COB today.
Konstantin

diff mbox series

Patch

diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h
index 546779df2..c8b2dd5ed 100644
--- a/lib/librte_security/rte_security.h
+++ b/lib/librte_security/rte_security.h
@@ -1,6 +1,6 @@ 
 /* SPDX-License-Identifier: BSD-3-Clause
  * Copyright 2017,2019 NXP
- * Copyright(c) 2017 Intel Corporation.
+ * Copyright(c) 2017-2020 Intel Corporation.
  */
 
 #ifndef _RTE_SECURITY_H_
@@ -307,10 +307,14 @@  enum rte_security_session_action_type {
 	/**< All security protocol processing is performed inline during
 	 * transmission
 	 */
-	RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL
+	RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
 	/**< All security protocol processing including crypto is performed
 	 * on a lookaside accelerator
 	 */
+	RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO
+	/**< Crypto processing for security protocol is processed by CPU
+	 * synchronously
+	 */
 };
 
 /** Security session protocol definition */