[v4,02/15] crypto: add total raw buffer length
Checks
Commit Message
From: Gagandeep Singh <g.singh@nxp.com>
The current crypto raw data vectors is extended to support
rte_security usecases, where we need total data length to know
how much additional memory space is available in buffer other
than data length so that driver/HW can write expanded size
data after encryption.
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
---
doc/guides/rel_notes/deprecation.rst | 7 -------
lib/cryptodev/rte_crypto_sym.h | 7 +++++++
2 files changed, 7 insertions(+), 7 deletions(-)
Comments
Hi Hemant,
I still think it is enough to use rte_crypto_vec as well as
rte_crypto_sym_ofs is enough to describe the data including both the data
and aad.
Imagine 2 10 bytes segments case, encryption/hash size of 12 and aad of 8.
We will have
struct rte_crypto_vec sgl[2] = {{.base = x, .len = 10}, {.base = y, .len = 10}};
union rte_crypto_sym_ofs ofs = {.cipher.head = 0, .cipher.tail = 8, .auth.head = 0, .auth.tail = 8};
The driver shall understand there are 8 bytes not included for cipher/auth.
Regards,
Fan
> -----Original Message-----
> From: Hemant Agrawal <hemant.agrawal@nxp.com>
> Sent: Wednesday, October 13, 2021 8:00 PM
> To: dev@dpdk.org; gakhil@marvell.com
> Cc: Ananyev, Konstantin <konstantin.ananyev@intel.com>; Zhang, Roy Fan
> <roy.fan.zhang@intel.com>; Gagandeep Singh <g.singh@nxp.com>
> Subject: [PATCH v4 02/15] crypto: add total raw buffer length
>
> From: Gagandeep Singh <g.singh@nxp.com>
>
> The current crypto raw data vectors is extended to support
> rte_security usecases, where we need total data length to know
> how much additional memory space is available in buffer other
> than data length so that driver/HW can write expanded size
> data after encryption.
>
> Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> Acked-by: Akhil Goyal <gakhil@marvell.com>
> ---
> doc/guides/rel_notes/deprecation.rst | 7 -------
> lib/cryptodev/rte_crypto_sym.h | 7 +++++++
> 2 files changed, 7 insertions(+), 7 deletions(-)
>
> diff --git a/doc/guides/rel_notes/deprecation.rst
> b/doc/guides/rel_notes/deprecation.rst
> index a4e86b31f5..53155459a0 100644
> --- a/doc/guides/rel_notes/deprecation.rst
> +++ b/doc/guides/rel_notes/deprecation.rst
> @@ -188,13 +188,6 @@ Deprecation Notices
> This field will be null for inplace processing.
> This change is targeted for DPDK 21.11.
>
> -* cryptodev: The structure ``rte_crypto_vec`` would be updated to add
> - ``tot_len`` to support total buffer length.
> - This is required for security cases like IPsec and PDCP encryption offload
> - to know how much additional memory space is available in buffer other
> than
> - data length so that driver/HW can write expanded size data after
> encryption.
> - This change is targeted for DPDK 21.11.
> -
> * cryptodev: Hide structures ``rte_cryptodev_sym_session`` and
> ``rte_cryptodev_asym_session`` to remove unnecessary indirection
> between
> session and the private data of session. An opaque pointer can be exposed
> diff --git a/lib/cryptodev/rte_crypto_sym.h
> b/lib/cryptodev/rte_crypto_sym.h
> index dcc0bd5933..6be283e83c 100644
> --- a/lib/cryptodev/rte_crypto_sym.h
> +++ b/lib/cryptodev/rte_crypto_sym.h
> @@ -37,6 +37,8 @@ struct rte_crypto_vec {
> rte_iova_t iova;
> /** length of the data buffer */
> uint32_t len;
> + /** total buffer length */
> + uint32_t tot_len;
> };
>
> /**
> @@ -980,12 +982,14 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf
> *mb, uint32_t ofs, uint32_t len,
> seglen = mb->data_len - ofs;
> if (len <= seglen) {
> vec[0].len = len;
> + vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb)
> - ofs;
> return 1;
> }
>
> /* data spread across segments */
> vec[0].len = seglen;
> left = len - seglen;
> + vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;
> for (i = 1, nseg = mb->next; nseg != NULL; nseg = nseg->next, i++) {
>
> vec[i].base = rte_pktmbuf_mtod(nseg, void *);
> @@ -995,6 +999,8 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb,
> uint32_t ofs, uint32_t len,
> if (left <= seglen) {
> /* whole requested data is completed */
> vec[i].len = left;
> + vec[i].tot_len = mb->buf_len -
> rte_pktmbuf_headroom(mb)
> + - ofs;
> left = 0;
> break;
> }
> @@ -1002,6 +1008,7 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf
> *mb, uint32_t ofs, uint32_t len,
> /* use whole segment */
> vec[i].len = seglen;
> left -= seglen;
> + vec[i].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb)
> - ofs;
> }
>
> RTE_ASSERT(left == 0);
> --
> 2.17.1
> The current crypto raw data vectors is extended to support
> rte_security usecases, where we need total data length to know
> how much additional memory space is available in buffer other
> than data length so that driver/HW can write expanded size
> data after encryption.
>
> Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> Acked-by: Akhil Goyal <gakhil@marvell.com>
> ---
> doc/guides/rel_notes/deprecation.rst | 7 -------
> lib/cryptodev/rte_crypto_sym.h | 7 +++++++
> 2 files changed, 7 insertions(+), 7 deletions(-)
>
> diff --git a/doc/guides/rel_notes/deprecation.rst b/doc/guides/rel_notes/deprecation.rst
> index a4e86b31f5..53155459a0 100644
> --- a/doc/guides/rel_notes/deprecation.rst
> +++ b/doc/guides/rel_notes/deprecation.rst
> @@ -188,13 +188,6 @@ Deprecation Notices
> This field will be null for inplace processing.
> This change is targeted for DPDK 21.11.
>
> -* cryptodev: The structure ``rte_crypto_vec`` would be updated to add
> - ``tot_len`` to support total buffer length.
> - This is required for security cases like IPsec and PDCP encryption offload
> - to know how much additional memory space is available in buffer other than
> - data length so that driver/HW can write expanded size data after encryption.
> - This change is targeted for DPDK 21.11.
> -
> * cryptodev: Hide structures ``rte_cryptodev_sym_session`` and
> ``rte_cryptodev_asym_session`` to remove unnecessary indirection between
> session and the private data of session. An opaque pointer can be exposed
> diff --git a/lib/cryptodev/rte_crypto_sym.h b/lib/cryptodev/rte_crypto_sym.h
> index dcc0bd5933..6be283e83c 100644
> --- a/lib/cryptodev/rte_crypto_sym.h
> +++ b/lib/cryptodev/rte_crypto_sym.h
> @@ -37,6 +37,8 @@ struct rte_crypto_vec {
> rte_iova_t iova;
> /** length of the data buffer */
> uint32_t len;
> + /** total buffer length */
> + uint32_t tot_len;
> };
>
> /**
> @@ -980,12 +982,14 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len,
> seglen = mb->data_len - ofs;
> if (len <= seglen) {
> vec[0].len = len;
> + vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;
> return 1;
> }
>
> /* data spread across segments */
> vec[0].len = seglen;
> left = len - seglen;
> + vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;
As a nit this line and similar line above can be merged into one and put
before 'if' statement above, i.e.:
vec[0].base = rte_pktmbuf_mtod_offset(mb, void *, ofs);
vec[0].iova = rte_pktmbuf_iova_offset(mb, ofs);
vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;
> for (i = 1, nseg = mb->next; nseg != NULL; nseg = nseg->next, i++) {
>
> vec[i].base = rte_pktmbuf_mtod(nseg, void *);
> @@ -995,6 +999,8 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len,
> if (left <= seglen) {
> /* whole requested data is completed */
> vec[i].len = left;
> + vec[i].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb)
> + - ofs;
Same as above - these two lines can be put as one before 'if'.
> left = 0;
> break;
> }
> @@ -1002,6 +1008,7 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len,
> /* use whole segment */
> vec[i].len = seglen;
> left -= seglen;
> + vec[i].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;
> }
>
> RTE_ASSERT(left == 0);
> --
> 2.17.1
With nits above applied:
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Hi Fan
On 10/14/2021 6:09 PM, Zhang, Roy Fan wrote:
> Hi Hemant,
>
> I still think it is enough to use rte_crypto_vec as well as
> rte_crypto_sym_ofs is enough to describe the data including both the data
> and aad.
>
> Imagine 2 10 bytes segments case, encryption/hash size of 12 and aad of 8.
> We will have
> struct rte_crypto_vec sgl[2] = {{.base = x, .len = 10}, {.base = y, .len = 10}};
> union rte_crypto_sym_ofs ofs = {.cipher.head = 0, .cipher.tail = 8, .auth.head = 0, .auth.tail = 8};
>
> The driver shall understand there are 8 bytes not included for cipher/auth.
This is the protocol offload case. It won't work in that case.
>
> Regards,
> Fan
>
>> -----Original Message-----
>> From: Hemant Agrawal <hemant.agrawal@nxp.com>
>> Sent: Wednesday, October 13, 2021 8:00 PM
>> To: dev@dpdk.org; gakhil@marvell.com
>> Cc: Ananyev, Konstantin <konstantin.ananyev@intel.com>; Zhang, Roy Fan
>> <roy.fan.zhang@intel.com>; Gagandeep Singh <g.singh@nxp.com>
>> Subject: [PATCH v4 02/15] crypto: add total raw buffer length
>>
>> From: Gagandeep Singh <g.singh@nxp.com>
>>
>> The current crypto raw data vectors is extended to support
>> rte_security usecases, where we need total data length to know
>> how much additional memory space is available in buffer other
>> than data length so that driver/HW can write expanded size
>> data after encryption.
>>
>> Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
>> Acked-by: Akhil Goyal <gakhil@marvell.com>
>> ---
>> doc/guides/rel_notes/deprecation.rst | 7 -------
>> lib/cryptodev/rte_crypto_sym.h | 7 +++++++
>> 2 files changed, 7 insertions(+), 7 deletions(-)
>>
>> diff --git a/doc/guides/rel_notes/deprecation.rst
>> b/doc/guides/rel_notes/deprecation.rst
>> index a4e86b31f5..53155459a0 100644
>> --- a/doc/guides/rel_notes/deprecation.rst
>> +++ b/doc/guides/rel_notes/deprecation.rst
>> @@ -188,13 +188,6 @@ Deprecation Notices
>> This field will be null for inplace processing.
>> This change is targeted for DPDK 21.11.
>>
>> -* cryptodev: The structure ``rte_crypto_vec`` would be updated to add
>> - ``tot_len`` to support total buffer length.
>> - This is required for security cases like IPsec and PDCP encryption offload
>> - to know how much additional memory space is available in buffer other
>> than
>> - data length so that driver/HW can write expanded size data after
>> encryption.
>> - This change is targeted for DPDK 21.11.
>> -
>> * cryptodev: Hide structures ``rte_cryptodev_sym_session`` and
>> ``rte_cryptodev_asym_session`` to remove unnecessary indirection
>> between
>> session and the private data of session. An opaque pointer can be exposed
>> diff --git a/lib/cryptodev/rte_crypto_sym.h
>> b/lib/cryptodev/rte_crypto_sym.h
>> index dcc0bd5933..6be283e83c 100644
>> --- a/lib/cryptodev/rte_crypto_sym.h
>> +++ b/lib/cryptodev/rte_crypto_sym.h
>> @@ -37,6 +37,8 @@ struct rte_crypto_vec {
>> rte_iova_t iova;
>> /** length of the data buffer */
>> uint32_t len;
>> + /** total buffer length */
>> + uint32_t tot_len;
>> };
>>
>> /**
>> @@ -980,12 +982,14 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf
>> *mb, uint32_t ofs, uint32_t len,
>> seglen = mb->data_len - ofs;
>> if (len <= seglen) {
>> vec[0].len = len;
>> + vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb)
>> - ofs;
>> return 1;
>> }
>>
>> /* data spread across segments */
>> vec[0].len = seglen;
>> left = len - seglen;
>> + vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;
>> for (i = 1, nseg = mb->next; nseg != NULL; nseg = nseg->next, i++) {
>>
>> vec[i].base = rte_pktmbuf_mtod(nseg, void *);
>> @@ -995,6 +999,8 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb,
>> uint32_t ofs, uint32_t len,
>> if (left <= seglen) {
>> /* whole requested data is completed */
>> vec[i].len = left;
>> + vec[i].tot_len = mb->buf_len -
>> rte_pktmbuf_headroom(mb)
>> + - ofs;
>> left = 0;
>> break;
>> }
>> @@ -1002,6 +1008,7 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf
>> *mb, uint32_t ofs, uint32_t len,
>> /* use whole segment */
>> vec[i].len = seglen;
>> left -= seglen;
>> + vec[i].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb)
>> - ofs;
>> }
>>
>> RTE_ASSERT(left == 0);
>> --
>> 2.17.1
@@ -188,13 +188,6 @@ Deprecation Notices
This field will be null for inplace processing.
This change is targeted for DPDK 21.11.
-* cryptodev: The structure ``rte_crypto_vec`` would be updated to add
- ``tot_len`` to support total buffer length.
- This is required for security cases like IPsec and PDCP encryption offload
- to know how much additional memory space is available in buffer other than
- data length so that driver/HW can write expanded size data after encryption.
- This change is targeted for DPDK 21.11.
-
* cryptodev: Hide structures ``rte_cryptodev_sym_session`` and
``rte_cryptodev_asym_session`` to remove unnecessary indirection between
session and the private data of session. An opaque pointer can be exposed
@@ -37,6 +37,8 @@ struct rte_crypto_vec {
rte_iova_t iova;
/** length of the data buffer */
uint32_t len;
+ /** total buffer length */
+ uint32_t tot_len;
};
/**
@@ -980,12 +982,14 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len,
seglen = mb->data_len - ofs;
if (len <= seglen) {
vec[0].len = len;
+ vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;
return 1;
}
/* data spread across segments */
vec[0].len = seglen;
left = len - seglen;
+ vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;
for (i = 1, nseg = mb->next; nseg != NULL; nseg = nseg->next, i++) {
vec[i].base = rte_pktmbuf_mtod(nseg, void *);
@@ -995,6 +999,8 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len,
if (left <= seglen) {
/* whole requested data is completed */
vec[i].len = left;
+ vec[i].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb)
+ - ofs;
left = 0;
break;
}
@@ -1002,6 +1008,7 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len,
/* use whole segment */
vec[i].len = seglen;
left -= seglen;
+ vec[i].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;
}
RTE_ASSERT(left == 0);