doc: add inline protocol in feature list
diff mbox series

Message ID 1575960780-1171-1-git-send-email-anoobj@marvell.com
State Superseded, archived
Delegated to: akhil goyal
Headers show
Series
  • doc: add inline protocol in feature list
Related show

Checks

Context Check Description
ci/travis-robot warning Travis build: failed
ci/Intel-compilation success Compilation OK
ci/checkpatch success coding style OK

Commit Message

Anoob Joseph Dec. 10, 2019, 6:53 a.m. UTC
Update feature list to include inline protocol offload.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 doc/guides/nics/features.rst         | 18 ++++++++++++++++++
 doc/guides/nics/features/default.ini |  1 +
 2 files changed, 19 insertions(+)

Comments

Anoob Joseph Jan. 21, 2020, 5:40 a.m. UTC | #1
Hi Ferruh,

Can you review this patch?

Thanks,
Anoob

> -----Original Message-----
> From: dev <dev-bounces@dpdk.org> On Behalf Of Anoob Joseph
> Sent: Tuesday, December 10, 2019 12:23 PM
> To: John McNamara <john.mcnamara@intel.com>; Marko Kovacevic
> <marko.kovacevic@intel.com>; Ferruh Yigit <ferruh.yigit@intel.com>
> Cc: Anoob Joseph <anoobj@marvell.com>; Jerin Jacob Kollanukkaran
> <jerinj@marvell.com>; Narayana Prasad Raju Athreya
> <pathreya@marvell.com>; dev@dpdk.org
> Subject: [dpdk-dev] [PATCH] doc: add inline protocol in feature list
> 
> Update feature list to include inline protocol offload.
> 
> Signed-off-by: Anoob Joseph <anoobj@marvell.com>
> ---
>  doc/guides/nics/features.rst         | 18 ++++++++++++++++++
>  doc/guides/nics/features/default.ini |  1 +
>  2 files changed, 19 insertions(+)
> 
> diff --git a/doc/guides/nics/features.rst b/doc/guides/nics/features.rst index
> 8394a65..f4eb2a9 100644
> --- a/doc/guides/nics/features.rst
> +++ b/doc/guides/nics/features.rst
> @@ -433,6 +433,24 @@ Supports inline crypto processing (e.g. inline IPsec). See
> Security library and
>    ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``,
> ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``.
> 
> 
> +.. _nic_features_inline_protocol_doc:
> +
> +Inline protocol
> +---------------
> +
> +Supports inline protocol processing (e.g. inline IPsec). See Security library and
> PMD documentation for more details.
> +
> +* **[uses]       rte_eth_rxconf,rte_eth_rxmode**:
> ``offloads:DEV_RX_OFFLOAD_SECURITY``,
> +* **[uses]       rte_eth_txconf,rte_eth_txmode**:
> ``offloads:DEV_TX_OFFLOAD_SECURITY``.
> +* **[implements] rte_security_ops**: ``session_create``,
> +``session_update``,
> +  ``session_stats_get``, ``session_destroy``, ``set_pkt_metadata``,
> +``get_userdata``,
> +  ``capabilities_get``.
> +* **[provides] rte_eth_dev_info**:
> +``rx_offload_capa,rx_queue_offload_capa:DEV_RX_OFFLOAD_SECURITY``,
> +  ``tx_offload_capa,tx_queue_offload_capa:DEV_TX_OFFLOAD_SECURITY``.
> +* **[provides]   mbuf**: ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD``,
> +  ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``,
> ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``.
> +
> +
>  .. _nic_features_crc_offload:
> 
>  CRC offload
> diff --git a/doc/guides/nics/features/default.ini
> b/doc/guides/nics/features/default.ini
> index 91ec619..4d0ad32 100644
> --- a/doc/guides/nics/features/default.ini
> +++ b/doc/guides/nics/features/default.ini
> @@ -42,6 +42,7 @@ Flow API             =
>  Rate limitation      =
>  Traffic mirroring    =
>  Inline crypto        =
> +Inline protocol      =
>  CRC offload          =
>  VLAN offload         =
>  QinQ offload         =
> --
> 2.7.4
Ferruh Yigit Jan. 21, 2020, 4:12 p.m. UTC | #2
On 1/21/2020 5:40 AM, Anoob Joseph wrote:
> Hi Ferruh,
> 
> Can you review this patch?

Hi Anoob,

What is the difference between "Inline crypto" in that document and this "Inline
protocol"? Both seems providing same outpout.
Is there a way to differentiate them more clearly?

> 
> Thanks,
> Anoob
> 
>> -----Original Message-----
>> From: dev <dev-bounces@dpdk.org> On Behalf Of Anoob Joseph
>> Sent: Tuesday, December 10, 2019 12:23 PM
>> To: John McNamara <john.mcnamara@intel.com>; Marko Kovacevic
>> <marko.kovacevic@intel.com>; Ferruh Yigit <ferruh.yigit@intel.com>
>> Cc: Anoob Joseph <anoobj@marvell.com>; Jerin Jacob Kollanukkaran
>> <jerinj@marvell.com>; Narayana Prasad Raju Athreya
>> <pathreya@marvell.com>; dev@dpdk.org
>> Subject: [dpdk-dev] [PATCH] doc: add inline protocol in feature list
>>
>> Update feature list to include inline protocol offload.
>>
>> Signed-off-by: Anoob Joseph <anoobj@marvell.com>
>> ---
>>  doc/guides/nics/features.rst         | 18 ++++++++++++++++++
>>  doc/guides/nics/features/default.ini |  1 +
>>  2 files changed, 19 insertions(+)
>>
>> diff --git a/doc/guides/nics/features.rst b/doc/guides/nics/features.rst index
>> 8394a65..f4eb2a9 100644
>> --- a/doc/guides/nics/features.rst
>> +++ b/doc/guides/nics/features.rst
>> @@ -433,6 +433,24 @@ Supports inline crypto processing (e.g. inline IPsec). See
>> Security library and
>>    ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``,
>> ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``.
>>
>>
>> +.. _nic_features_inline_protocol_doc:
>> +
>> +Inline protocol
>> +---------------
>> +
>> +Supports inline protocol processing (e.g. inline IPsec). See Security library and
>> PMD documentation for more details.
>> +
>> +* **[uses]       rte_eth_rxconf,rte_eth_rxmode**:
>> ``offloads:DEV_RX_OFFLOAD_SECURITY``,
>> +* **[uses]       rte_eth_txconf,rte_eth_txmode**:
>> ``offloads:DEV_TX_OFFLOAD_SECURITY``.
>> +* **[implements] rte_security_ops**: ``session_create``,
>> +``session_update``,
>> +  ``session_stats_get``, ``session_destroy``, ``set_pkt_metadata``,
>> +``get_userdata``,
>> +  ``capabilities_get``.
>> +* **[provides] rte_eth_dev_info**:
>> +``rx_offload_capa,rx_queue_offload_capa:DEV_RX_OFFLOAD_SECURITY``,
>> +  ``tx_offload_capa,tx_queue_offload_capa:DEV_TX_OFFLOAD_SECURITY``.
>> +* **[provides]   mbuf**: ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD``,
>> +  ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``,
>> ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``.
>> +
>> +
>>  .. _nic_features_crc_offload:
>>
>>  CRC offload
>> diff --git a/doc/guides/nics/features/default.ini
>> b/doc/guides/nics/features/default.ini
>> index 91ec619..4d0ad32 100644
>> --- a/doc/guides/nics/features/default.ini
>> +++ b/doc/guides/nics/features/default.ini
>> @@ -42,6 +42,7 @@ Flow API             =
>>  Rate limitation      =
>>  Traffic mirroring    =
>>  Inline crypto        =
>> +Inline protocol      =
>>  CRC offload          =
>>  VLAN offload         =
>>  QinQ offload         =
>> --
>> 2.7.4
>
Anoob Joseph Jan. 22, 2020, 9:47 a.m. UTC | #3
Hi Ferruh,

Please see inline.

Thanks,
Anoob

> -----Original Message-----
> From: Ferruh Yigit <ferruh.yigit@intel.com>
> Sent: Tuesday, January 21, 2020 9:42 PM
> To: Anoob Joseph <anoobj@marvell.com>; John McNamara
> <john.mcnamara@intel.com>; Marko Kovacevic
> <marko.kovacevic@intel.com>
> Cc: Jerin Jacob Kollanukkaran <jerinj@marvell.com>; Narayana Prasad Raju
> Athreya <pathreya@marvell.com>; dev@dpdk.org
> Subject: [EXT] Re: [dpdk-dev] [PATCH] doc: add inline protocol in feature list
> 
> External Email
> 
> ----------------------------------------------------------------------
> On 1/21/2020 5:40 AM, Anoob Joseph wrote:
> > Hi Ferruh,
> >
> > Can you review this patch?
> 
> Hi Anoob,
> 
> What is the difference between "Inline crypto" in that document and this
> "Inline protocol"? Both seems providing same outpout.

[Anoob] Yes. It is partly because the description of "inline crypto" is not accurate. The feature, "inline crypto" is not ipsec aware but would do crypto operation in the ipsec. This summary points to the security documentation for further details and that doc clearly explains the difference between both modes.
 
> Is there a way to differentiate them more clearly?

[Anoob] There are two options I can think of,
1. Update the feature list to describe the difference between the two. Have a line like,
	"As compared to inline crypto, inline protocol will handle the entire protocol offload in addition to the crypto operation."
2. Both inline crypto and inline protocol falls under security. So could even rename "Inline crypto" to "Inline security offload" and we should be good to go. Also, under inline protocol, there are various protocols possible. Say, tomorrow when we add MACSEC support, the same question would arise (as in whether it's a new feature or would it be under "inline protocol").
 
> 
> >
> > Thanks,
> > Anoob
> >
> >> -----Original Message-----
> >> From: dev <dev-bounces@dpdk.org> On Behalf Of Anoob Joseph
> >> Sent: Tuesday, December 10, 2019 12:23 PM
> >> To: John McNamara <john.mcnamara@intel.com>; Marko Kovacevic
> >> <marko.kovacevic@intel.com>; Ferruh Yigit <ferruh.yigit@intel.com>
> >> Cc: Anoob Joseph <anoobj@marvell.com>; Jerin Jacob Kollanukkaran
> >> <jerinj@marvell.com>; Narayana Prasad Raju Athreya
> >> <pathreya@marvell.com>; dev@dpdk.org
> >> Subject: [dpdk-dev] [PATCH] doc: add inline protocol in feature list
> >>
> >> Update feature list to include inline protocol offload.
> >>
> >> Signed-off-by: Anoob Joseph <anoobj@marvell.com>
> >> ---
> >>  doc/guides/nics/features.rst         | 18 ++++++++++++++++++
> >>  doc/guides/nics/features/default.ini |  1 +
> >>  2 files changed, 19 insertions(+)
> >>
> >> diff --git a/doc/guides/nics/features.rst
> >> b/doc/guides/nics/features.rst index
> >> 8394a65..f4eb2a9 100644
> >> --- a/doc/guides/nics/features.rst
> >> +++ b/doc/guides/nics/features.rst
> >> @@ -433,6 +433,24 @@ Supports inline crypto processing (e.g. inline
> >> IPsec). See Security library and
> >>    ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``,
> >> ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``.
> >>
> >>
> >> +.. _nic_features_inline_protocol_doc:
> >> +
> >> +Inline protocol
> >> +---------------
> >> +
> >> +Supports inline protocol processing (e.g. inline IPsec). See
> >> +Security library and
> >> PMD documentation for more details.
> >> +
> >> +* **[uses]       rte_eth_rxconf,rte_eth_rxmode**:
> >> ``offloads:DEV_RX_OFFLOAD_SECURITY``,
> >> +* **[uses]       rte_eth_txconf,rte_eth_txmode**:
> >> ``offloads:DEV_TX_OFFLOAD_SECURITY``.
> >> +* **[implements] rte_security_ops**: ``session_create``,
> >> +``session_update``,
> >> +  ``session_stats_get``, ``session_destroy``, ``set_pkt_metadata``,
> >> +``get_userdata``,
> >> +  ``capabilities_get``.
> >> +* **[provides] rte_eth_dev_info**:
> >>
> +``rx_offload_capa,rx_queue_offload_capa:DEV_RX_OFFLOAD_SECURITY``,
> >> +
> ``tx_offload_capa,tx_queue_offload_capa:DEV_TX_OFFLOAD_SECURITY``.
> >> +* **[provides]   mbuf**: ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD``,
> >> +  ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``,
> >> ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``.
> >> +
> >> +
> >>  .. _nic_features_crc_offload:
> >>
> >>  CRC offload
> >> diff --git a/doc/guides/nics/features/default.ini
> >> b/doc/guides/nics/features/default.ini
> >> index 91ec619..4d0ad32 100644
> >> --- a/doc/guides/nics/features/default.ini
> >> +++ b/doc/guides/nics/features/default.ini
> >> @@ -42,6 +42,7 @@ Flow API             =
> >>  Rate limitation      =
> >>  Traffic mirroring    =
> >>  Inline crypto        =
> >> +Inline protocol      =
> >>  CRC offload          =
> >>  VLAN offload         =
> >>  QinQ offload         =
> >> --
> >> 2.7.4
> >
Ferruh Yigit Feb. 4, 2020, 2:35 p.m. UTC | #4
On 1/22/2020 9:47 AM, Anoob Joseph wrote:
> Hi Ferruh,
> 
> Please see inline.
> 
> Thanks,
> Anoob
> 
>> -----Original Message-----
>> From: Ferruh Yigit <ferruh.yigit@intel.com>
>> Sent: Tuesday, January 21, 2020 9:42 PM
>> To: Anoob Joseph <anoobj@marvell.com>; John McNamara
>> <john.mcnamara@intel.com>; Marko Kovacevic
>> <marko.kovacevic@intel.com>
>> Cc: Jerin Jacob Kollanukkaran <jerinj@marvell.com>; Narayana Prasad Raju
>> Athreya <pathreya@marvell.com>; dev@dpdk.org
>> Subject: [EXT] Re: [dpdk-dev] [PATCH] doc: add inline protocol in feature list
>>
>> External Email
>>
>> ----------------------------------------------------------------------
>> On 1/21/2020 5:40 AM, Anoob Joseph wrote:
>>> Hi Ferruh,
>>>
>>> Can you review this patch?
>>
>> Hi Anoob,
>>
>> What is the difference between "Inline crypto" in that document and this
>> "Inline protocol"? Both seems providing same outpout.
> 
> [Anoob] Yes. It is partly because the description of "inline crypto" is not accurate. The feature, "inline crypto" is not ipsec aware but would do crypto operation in the ipsec. This summary points to the security documentation for further details and that doc clearly explains the difference between both modes.
>  
>> Is there a way to differentiate them more clearly?
> 
> [Anoob] There are two options I can think of,
> 1. Update the feature list to describe the difference between the two. Have a line like,
> 	"As compared to inline crypto, inline protocol will handle the entire protocol offload in addition to the crypto operation."
> 2. Both inline crypto and inline protocol falls under security. So could even rename "Inline crypto" to "Inline security offload" and we should be good to go. Also, under inline protocol, there are various protocols possible. Say, tomorrow when we add MACSEC support, the same question would arise (as in whether it's a new feature or would it be under "inline protocol").

Hi Anoob,

These seems security related and I don't know enough to comment if this is
correct thing to do. I have cc'ed a few more people for comment.

@Akhil, would you mind if I assign this to you?

Thanks,
ferruh

>  
>>
>>>
>>> Thanks,
>>> Anoob
>>>
>>>> -----Original Message-----
>>>> From: dev <dev-bounces@dpdk.org> On Behalf Of Anoob Joseph
>>>> Sent: Tuesday, December 10, 2019 12:23 PM
>>>> To: John McNamara <john.mcnamara@intel.com>; Marko Kovacevic
>>>> <marko.kovacevic@intel.com>; Ferruh Yigit <ferruh.yigit@intel.com>
>>>> Cc: Anoob Joseph <anoobj@marvell.com>; Jerin Jacob Kollanukkaran
>>>> <jerinj@marvell.com>; Narayana Prasad Raju Athreya
>>>> <pathreya@marvell.com>; dev@dpdk.org
>>>> Subject: [dpdk-dev] [PATCH] doc: add inline protocol in feature list
>>>>
>>>> Update feature list to include inline protocol offload.
>>>>
>>>> Signed-off-by: Anoob Joseph <anoobj@marvell.com>
>>>> ---
>>>>  doc/guides/nics/features.rst         | 18 ++++++++++++++++++
>>>>  doc/guides/nics/features/default.ini |  1 +
>>>>  2 files changed, 19 insertions(+)
>>>>
>>>> diff --git a/doc/guides/nics/features.rst
>>>> b/doc/guides/nics/features.rst index
>>>> 8394a65..f4eb2a9 100644
>>>> --- a/doc/guides/nics/features.rst
>>>> +++ b/doc/guides/nics/features.rst
>>>> @@ -433,6 +433,24 @@ Supports inline crypto processing (e.g. inline
>>>> IPsec). See Security library and
>>>>    ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``,
>>>> ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``.
>>>>
>>>>
>>>> +.. _nic_features_inline_protocol_doc:
>>>> +
>>>> +Inline protocol
>>>> +---------------
>>>> +
>>>> +Supports inline protocol processing (e.g. inline IPsec). See
>>>> +Security library and
>>>> PMD documentation for more details.
>>>> +
>>>> +* **[uses]       rte_eth_rxconf,rte_eth_rxmode**:
>>>> ``offloads:DEV_RX_OFFLOAD_SECURITY``,
>>>> +* **[uses]       rte_eth_txconf,rte_eth_txmode**:
>>>> ``offloads:DEV_TX_OFFLOAD_SECURITY``.
>>>> +* **[implements] rte_security_ops**: ``session_create``,
>>>> +``session_update``,
>>>> +  ``session_stats_get``, ``session_destroy``, ``set_pkt_metadata``,
>>>> +``get_userdata``,
>>>> +  ``capabilities_get``.
>>>> +* **[provides] rte_eth_dev_info**:
>>>>
>> +``rx_offload_capa,rx_queue_offload_capa:DEV_RX_OFFLOAD_SECURITY``,
>>>> +
>> ``tx_offload_capa,tx_queue_offload_capa:DEV_TX_OFFLOAD_SECURITY``.
>>>> +* **[provides]   mbuf**: ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD``,
>>>> +  ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``,
>>>> ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``.
>>>> +
>>>> +
>>>>  .. _nic_features_crc_offload:
>>>>
>>>>  CRC offload
>>>> diff --git a/doc/guides/nics/features/default.ini
>>>> b/doc/guides/nics/features/default.ini
>>>> index 91ec619..4d0ad32 100644
>>>> --- a/doc/guides/nics/features/default.ini
>>>> +++ b/doc/guides/nics/features/default.ini
>>>> @@ -42,6 +42,7 @@ Flow API             =
>>>>  Rate limitation      =
>>>>  Traffic mirroring    =
>>>>  Inline crypto        =
>>>> +Inline protocol      =
>>>>  CRC offload          =
>>>>  VLAN offload         =
>>>>  QinQ offload         =
>>>> --
>>>> 2.7.4
>>>
>
Anoob Joseph Feb. 10, 2020, 5:44 a.m. UTC | #5
Hi Akhil, 

Can you review this patch?

Thanks,
Anoob

> -----Original Message-----
> From: Ferruh Yigit <ferruh.yigit@intel.com>
> Sent: Tuesday, February 4, 2020 8:06 PM
> To: Anoob Joseph <anoobj@marvell.com>; John McNamara
> <john.mcnamara@intel.com>; Marko Kovacevic
> <marko.kovacevic@intel.com>
> Cc: Jerin Jacob Kollanukkaran <jerinj@marvell.com>; Narayana Prasad Raju
> Athreya <pathreya@marvell.com>; dev@dpdk.org; Akhil Goyal
> <akhil.goyal@nxp.com>; Konstantin Ananyev
> <konstantin.ananyev@intel.com>; Hemant Agrawal
> <hemant.agrawal@nxp.com>; Fan Zhang <roy.fan.zhang@intel.com>; Fiona
> Trahe <fiona.trahe@intel.com>
> Subject: Re: [EXT] Re: [dpdk-dev] [PATCH] doc: add inline protocol in feature
> list
> 
> On 1/22/2020 9:47 AM, Anoob Joseph wrote:
> > Hi Ferruh,
> >
> > Please see inline.
> >
> > Thanks,
> > Anoob
> >
> >> -----Original Message-----
> >> From: Ferruh Yigit <ferruh.yigit@intel.com>
> >> Sent: Tuesday, January 21, 2020 9:42 PM
> >> To: Anoob Joseph <anoobj@marvell.com>; John McNamara
> >> <john.mcnamara@intel.com>; Marko Kovacevic
> >> <marko.kovacevic@intel.com>
> >> Cc: Jerin Jacob Kollanukkaran <jerinj@marvell.com>; Narayana Prasad
> >> Raju Athreya <pathreya@marvell.com>; dev@dpdk.org
> >> Subject: [EXT] Re: [dpdk-dev] [PATCH] doc: add inline protocol in
> >> feature list
> >>
> >> External Email
> >>
> >> ---------------------------------------------------------------------
> >> - On 1/21/2020 5:40 AM, Anoob Joseph wrote:
> >>> Hi Ferruh,
> >>>
> >>> Can you review this patch?
> >>
> >> Hi Anoob,
> >>
> >> What is the difference between "Inline crypto" in that document and
> >> this "Inline protocol"? Both seems providing same outpout.
> >
> > [Anoob] Yes. It is partly because the description of "inline crypto" is not
> accurate. The feature, "inline crypto" is not ipsec aware but would do crypto
> operation in the ipsec. This summary points to the security documentation
> for further details and that doc clearly explains the difference between both
> modes.
> >
> >> Is there a way to differentiate them more clearly?
> >
> > [Anoob] There are two options I can think of, 1. Update the feature
> > list to describe the difference between the two. Have a line like,
> > 	"As compared to inline crypto, inline protocol will handle the entire
> protocol offload in addition to the crypto operation."
> > 2. Both inline crypto and inline protocol falls under security. So could even
> rename "Inline crypto" to "Inline security offload" and we should be good to
> go. Also, under inline protocol, there are various protocols possible. Say,
> tomorrow when we add MACSEC support, the same question would arise (as
> in whether it's a new feature or would it be under "inline protocol").
> 
> Hi Anoob,
> 
> These seems security related and I don't know enough to comment if this is
> correct thing to do. I have cc'ed a few more people for comment.
> 
> @Akhil, would you mind if I assign this to you?
> 
> Thanks,
> ferruh
> 
> >
> >>
> >>>
> >>> Thanks,
> >>> Anoob
> >>>
> >>>> -----Original Message-----
> >>>> From: dev <dev-bounces@dpdk.org> On Behalf Of Anoob Joseph
> >>>> Sent: Tuesday, December 10, 2019 12:23 PM
> >>>> To: John McNamara <john.mcnamara@intel.com>; Marko Kovacevic
> >>>> <marko.kovacevic@intel.com>; Ferruh Yigit <ferruh.yigit@intel.com>
> >>>> Cc: Anoob Joseph <anoobj@marvell.com>; Jerin Jacob Kollanukkaran
> >>>> <jerinj@marvell.com>; Narayana Prasad Raju Athreya
> >>>> <pathreya@marvell.com>; dev@dpdk.org
> >>>> Subject: [dpdk-dev] [PATCH] doc: add inline protocol in feature
> >>>> list
> >>>>
> >>>> Update feature list to include inline protocol offload.
> >>>>
> >>>> Signed-off-by: Anoob Joseph <anoobj@marvell.com>
> >>>> ---
> >>>>  doc/guides/nics/features.rst         | 18 ++++++++++++++++++
> >>>>  doc/guides/nics/features/default.ini |  1 +
> >>>>  2 files changed, 19 insertions(+)
> >>>>
> >>>> diff --git a/doc/guides/nics/features.rst
> >>>> b/doc/guides/nics/features.rst index
> >>>> 8394a65..f4eb2a9 100644
> >>>> --- a/doc/guides/nics/features.rst
> >>>> +++ b/doc/guides/nics/features.rst
> >>>> @@ -433,6 +433,24 @@ Supports inline crypto processing (e.g. inline
> >>>> IPsec). See Security library and
> >>>>    ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``,
> >>>> ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``.
> >>>>
> >>>>
> >>>> +.. _nic_features_inline_protocol_doc:
> >>>> +
> >>>> +Inline protocol
> >>>> +---------------
> >>>> +
> >>>> +Supports inline protocol processing (e.g. inline IPsec). See
> >>>> +Security library and
> >>>> PMD documentation for more details.
> >>>> +
> >>>> +* **[uses]       rte_eth_rxconf,rte_eth_rxmode**:
> >>>> ``offloads:DEV_RX_OFFLOAD_SECURITY``,
> >>>> +* **[uses]       rte_eth_txconf,rte_eth_txmode**:
> >>>> ``offloads:DEV_TX_OFFLOAD_SECURITY``.
> >>>> +* **[implements] rte_security_ops**: ``session_create``,
> >>>> +``session_update``,
> >>>> +  ``session_stats_get``, ``session_destroy``,
> >>>> +``set_pkt_metadata``, ``get_userdata``,
> >>>> +  ``capabilities_get``.
> >>>> +* **[provides] rte_eth_dev_info**:
> >>>>
> >>
> +``rx_offload_capa,rx_queue_offload_capa:DEV_RX_OFFLOAD_SECURITY``,
> >>>> +
> >>
> ``tx_offload_capa,tx_queue_offload_capa:DEV_TX_OFFLOAD_SECURITY``.
> >>>> +* **[provides]   mbuf**: ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD``,
> >>>> +  ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``,
> >>>> ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``.
> >>>> +
> >>>> +
> >>>>  .. _nic_features_crc_offload:
> >>>>
> >>>>  CRC offload
> >>>> diff --git a/doc/guides/nics/features/default.ini
> >>>> b/doc/guides/nics/features/default.ini
> >>>> index 91ec619..4d0ad32 100644
> >>>> --- a/doc/guides/nics/features/default.ini
> >>>> +++ b/doc/guides/nics/features/default.ini
> >>>> @@ -42,6 +42,7 @@ Flow API             =
> >>>>  Rate limitation      =
> >>>>  Traffic mirroring    =
> >>>>  Inline crypto        =
> >>>> +Inline protocol      =
> >>>>  CRC offload          =
> >>>>  VLAN offload         =
> >>>>  QinQ offload         =
> >>>> --
> >>>> 2.7.4
> >>>
> >
Akhil Goyal Feb. 12, 2020, 10:25 a.m. UTC | #6
Hi Anoob,
> > >>
> > >> Hi Anoob,
> > >>
> > >> What is the difference between "Inline crypto" in that document and
> > >> this "Inline protocol"? Both seems providing same outpout.
> > >
> > > [Anoob] Yes. It is partly because the description of "inline crypto" is not
> > accurate. The feature, "inline crypto" is not ipsec aware but would do crypto
> > operation in the ipsec. This summary points to the security documentation
> > for further details and that doc clearly explains the difference between both
> > modes.
> > >
> > >> Is there a way to differentiate them more clearly?
> > >
> > > [Anoob] There are two options I can think of, 1. Update the feature
> > > list to describe the difference between the two. Have a line like,
> > > 	"As compared to inline crypto, inline protocol will handle the entire
> > protocol offload in addition to the crypto operation."
> > > 2. Both inline crypto and inline protocol falls under security. So could even
> > rename "Inline crypto" to "Inline security offload" and we should be good to
> > go. Also, under inline protocol, there are various protocols possible. Say,
> > tomorrow when we add MACSEC support, the same question would arise (as
> > in whether it's a new feature or would it be under "inline protocol").

Please re-phrase the description of inline crypto as well so that there is a clear 
Differentiation between the two modes. Referring to rte_security is not enough.

It can be something like
For Inline crypto: An operation defined in rte_security lib to perform only crypto
Operations of the security protocol while the packet is received at NIC. NIC is not aware
of the protocol operations. See Security library and PMD documentation for more details.

For Inline protocol : An operation defined in rte_security lib to perform protocol processing for
the security protocol (e.g. IPSEC, MACSEC) while the packet is received at the NIC. The NIC is capable
to understand the security protocol operations. See Security library and PMD documentation for more details.


> >
> > Hi Anoob,
> >
> > These seems security related and I don't know enough to comment if this is
> > correct thing to do. I have cc'ed a few more people for comment.
> >
> > @Akhil, would you mind if I assign this to you?
> >
> > Thanks,
> > ferruh
> >
> > >
> > >>
> > >>>
> > >>> Thanks,
> > >>> Anoob
> > >>>
> > >>>> -----Original Message-----
> > >>>> From: dev <dev-bounces@dpdk.org> On Behalf Of Anoob Joseph
> > >>>> Sent: Tuesday, December 10, 2019 12:23 PM
> > >>>> To: John McNamara <john.mcnamara@intel.com>; Marko Kovacevic
> > >>>> <marko.kovacevic@intel.com>; Ferruh Yigit <ferruh.yigit@intel.com>
> > >>>> Cc: Anoob Joseph <anoobj@marvell.com>; Jerin Jacob Kollanukkaran
> > >>>> <jerinj@marvell.com>; Narayana Prasad Raju Athreya
> > >>>> <pathreya@marvell.com>; dev@dpdk.org
> > >>>> Subject: [dpdk-dev] [PATCH] doc: add inline protocol in feature
> > >>>> list
> > >>>>
> > >>>> Update feature list to include inline protocol offload.
> > >>>>
> > >>>> Signed-off-by: Anoob Joseph <anoobj@marvell.com>
> > >>>> ---
> > >>>>  doc/guides/nics/features.rst         | 18 ++++++++++++++++++
> > >>>>  doc/guides/nics/features/default.ini |  1 +
> > >>>>  2 files changed, 19 insertions(+)
> > >>>>
> > >>>> diff --git a/doc/guides/nics/features.rst
> > >>>> b/doc/guides/nics/features.rst index
> > >>>> 8394a65..f4eb2a9 100644
> > >>>> --- a/doc/guides/nics/features.rst
> > >>>> +++ b/doc/guides/nics/features.rst
> > >>>> @@ -433,6 +433,24 @@ Supports inline crypto processing (e.g. inline
> > >>>> IPsec). See Security library and
> > >>>>    ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``,
> > >>>> ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``.
> > >>>>
> > >>>>
> > >>>> +.. _nic_features_inline_protocol_doc:
> > >>>> +
> > >>>> +Inline protocol
> > >>>> +---------------
> > >>>> +
> > >>>> +Supports inline protocol processing (e.g. inline IPsec). See
> > >>>> +Security library and
> > >>>> PMD documentation for more details.
> > >>>> +
> > >>>> +* **[uses]       rte_eth_rxconf,rte_eth_rxmode**:
> > >>>> ``offloads:DEV_RX_OFFLOAD_SECURITY``,
> > >>>> +* **[uses]       rte_eth_txconf,rte_eth_txmode**:
> > >>>> ``offloads:DEV_TX_OFFLOAD_SECURITY``.
> > >>>> +* **[implements] rte_security_ops**: ``session_create``,
> > >>>> +``session_update``,
> > >>>> +  ``session_stats_get``, ``session_destroy``,
> > >>>> +``set_pkt_metadata``, ``get_userdata``,
> > >>>> +  ``capabilities_get``.
> > >>>> +* **[provides] rte_eth_dev_info**:
> > >>>>
> > >>
> > +``rx_offload_capa,rx_queue_offload_capa:DEV_RX_OFFLOAD_SECURITY``,
> > >>>> +
> > >>
> > ``tx_offload_capa,tx_queue_offload_capa:DEV_TX_OFFLOAD_SECURITY``.
> > >>>> +* **[provides]   mbuf**: ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD``,
> > >>>> +  ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``,
> > >>>> ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``.
> > >>>> +
> > >>>> +
> > >>>>  .. _nic_features_crc_offload:
> > >>>>
> > >>>>  CRC offload
> > >>>> diff --git a/doc/guides/nics/features/default.ini
> > >>>> b/doc/guides/nics/features/default.ini
> > >>>> index 91ec619..4d0ad32 100644
> > >>>> --- a/doc/guides/nics/features/default.ini
> > >>>> +++ b/doc/guides/nics/features/default.ini
> > >>>> @@ -42,6 +42,7 @@ Flow API             =
> > >>>>  Rate limitation      =
> > >>>>  Traffic mirroring    =
> > >>>>  Inline crypto        =
> > >>>> +Inline protocol      =
> > >>>>  CRC offload          =
> > >>>>  VLAN offload         =
> > >>>>  QinQ offload         =
> > >>>> --
> > >>>> 2.7.4
> > >>>
> > >
Ferruh Yigit Feb. 12, 2020, 1:30 p.m. UTC | #7
On 2/12/2020 10:25 AM, Akhil Goyal wrote:
> Hi Anoob,
>>>>>
>>>>> Hi Anoob,
>>>>>
>>>>> What is the difference between "Inline crypto" in that document and
>>>>> this "Inline protocol"? Both seems providing same outpout.
>>>>
>>>> [Anoob] Yes. It is partly because the description of "inline crypto" is not
>>> accurate. The feature, "inline crypto" is not ipsec aware but would do crypto
>>> operation in the ipsec. This summary points to the security documentation
>>> for further details and that doc clearly explains the difference between both
>>> modes.
>>>>
>>>>> Is there a way to differentiate them more clearly?
>>>>
>>>> [Anoob] There are two options I can think of, 1. Update the feature
>>>> list to describe the difference between the two. Have a line like,
>>>> 	"As compared to inline crypto, inline protocol will handle the entire
>>> protocol offload in addition to the crypto operation."
>>>> 2. Both inline crypto and inline protocol falls under security. So could even
>>> rename "Inline crypto" to "Inline security offload" and we should be good to
>>> go. Also, under inline protocol, there are various protocols possible. Say,
>>> tomorrow when we add MACSEC support, the same question would arise (as
>>> in whether it's a new feature or would it be under "inline protocol").
> 
> Please re-phrase the description of inline crypto as well so that there is a clear 
> Differentiation between the two modes. Referring to rte_security is not enough.
> 
> It can be something like
> For Inline crypto: An operation defined in rte_security lib to perform only crypto
> Operations of the security protocol while the packet is received at NIC. NIC is not aware
> of the protocol operations. See Security library and PMD documentation for more details.
> 
> For Inline protocol : An operation defined in rte_security lib to perform protocol processing for
> the security protocol (e.g. IPSEC, MACSEC) while the packet is received at the NIC. The NIC is capable
> to understand the security protocol operations. See Security library and PMD documentation for more details.

Since both using the rte_security, for a PMD isn't there a way to say if it is
supporting any one of them or both? If so what do you think documenting it too?

> 
> 
>>>
>>> Hi Anoob,
>>>
>>> These seems security related and I don't know enough to comment if this is
>>> correct thing to do. I have cc'ed a few more people for comment.
>>>
>>> @Akhil, would you mind if I assign this to you?
>>>
>>> Thanks,
>>> ferruh
>>>
>>>>
>>>>>
>>>>>>
>>>>>> Thanks,
>>>>>> Anoob
>>>>>>
>>>>>>> -----Original Message-----
>>>>>>> From: dev <dev-bounces@dpdk.org> On Behalf Of Anoob Joseph
>>>>>>> Sent: Tuesday, December 10, 2019 12:23 PM
>>>>>>> To: John McNamara <john.mcnamara@intel.com>; Marko Kovacevic
>>>>>>> <marko.kovacevic@intel.com>; Ferruh Yigit <ferruh.yigit@intel.com>
>>>>>>> Cc: Anoob Joseph <anoobj@marvell.com>; Jerin Jacob Kollanukkaran
>>>>>>> <jerinj@marvell.com>; Narayana Prasad Raju Athreya
>>>>>>> <pathreya@marvell.com>; dev@dpdk.org
>>>>>>> Subject: [dpdk-dev] [PATCH] doc: add inline protocol in feature
>>>>>>> list
>>>>>>>
>>>>>>> Update feature list to include inline protocol offload.
>>>>>>>
>>>>>>> Signed-off-by: Anoob Joseph <anoobj@marvell.com>
>>>>>>> ---
>>>>>>>  doc/guides/nics/features.rst         | 18 ++++++++++++++++++
>>>>>>>  doc/guides/nics/features/default.ini |  1 +
>>>>>>>  2 files changed, 19 insertions(+)
>>>>>>>
>>>>>>> diff --git a/doc/guides/nics/features.rst
>>>>>>> b/doc/guides/nics/features.rst index
>>>>>>> 8394a65..f4eb2a9 100644
>>>>>>> --- a/doc/guides/nics/features.rst
>>>>>>> +++ b/doc/guides/nics/features.rst
>>>>>>> @@ -433,6 +433,24 @@ Supports inline crypto processing (e.g. inline
>>>>>>> IPsec). See Security library and
>>>>>>>    ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``,
>>>>>>> ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``.
>>>>>>>
>>>>>>>
>>>>>>> +.. _nic_features_inline_protocol_doc:
>>>>>>> +
>>>>>>> +Inline protocol
>>>>>>> +---------------
>>>>>>> +
>>>>>>> +Supports inline protocol processing (e.g. inline IPsec). See
>>>>>>> +Security library and
>>>>>>> PMD documentation for more details.
>>>>>>> +
>>>>>>> +* **[uses]       rte_eth_rxconf,rte_eth_rxmode**:
>>>>>>> ``offloads:DEV_RX_OFFLOAD_SECURITY``,
>>>>>>> +* **[uses]       rte_eth_txconf,rte_eth_txmode**:
>>>>>>> ``offloads:DEV_TX_OFFLOAD_SECURITY``.
>>>>>>> +* **[implements] rte_security_ops**: ``session_create``,
>>>>>>> +``session_update``,
>>>>>>> +  ``session_stats_get``, ``session_destroy``,
>>>>>>> +``set_pkt_metadata``, ``get_userdata``,
>>>>>>> +  ``capabilities_get``.
>>>>>>> +* **[provides] rte_eth_dev_info**:
>>>>>>>
>>>>>
>>> +``rx_offload_capa,rx_queue_offload_capa:DEV_RX_OFFLOAD_SECURITY``,
>>>>>>> +
>>>>>
>>> ``tx_offload_capa,tx_queue_offload_capa:DEV_TX_OFFLOAD_SECURITY``.
>>>>>>> +* **[provides]   mbuf**: ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD``,
>>>>>>> +  ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``,
>>>>>>> ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``.
>>>>>>> +
>>>>>>> +
>>>>>>>  .. _nic_features_crc_offload:
>>>>>>>
>>>>>>>  CRC offload
>>>>>>> diff --git a/doc/guides/nics/features/default.ini
>>>>>>> b/doc/guides/nics/features/default.ini
>>>>>>> index 91ec619..4d0ad32 100644
>>>>>>> --- a/doc/guides/nics/features/default.ini
>>>>>>> +++ b/doc/guides/nics/features/default.ini
>>>>>>> @@ -42,6 +42,7 @@ Flow API             =
>>>>>>>  Rate limitation      =
>>>>>>>  Traffic mirroring    =
>>>>>>>  Inline crypto        =
>>>>>>> +Inline protocol      =
>>>>>>>  CRC offload          =
>>>>>>>  VLAN offload         =
>>>>>>>  QinQ offload         =
>>>>>>> --
>>>>>>> 2.7.4
>>>>>>
>>>>
>
Akhil Goyal Feb. 12, 2020, 1:48 p.m. UTC | #8
Hi Ferruh,
> 
> 
> Since both using the rte_security, for a PMD isn't there a way to say if it is
> supporting any one of them or both? If so what do you think documenting it too?
> 
I think that is mentioned in the rte_security capabilities about the action types
Which are supported by the driver. One of the dev->security_ctx->ops is to get the security
Capabilities which will return the supported action type by the PMD.

I am not sure if we can add that here or not. It is your call.

- Akhil
Ferruh Yigit Feb. 12, 2020, 1:53 p.m. UTC | #9
On 2/12/2020 1:48 PM, Akhil Goyal wrote:
> Hi Ferruh,
>>
>>
>> Since both using the rte_security, for a PMD isn't there a way to say if it is
>> supporting any one of them or both? If so what do you think documenting it too?
>>
> I think that is mentioned in the rte_security capabilities about the action types
> Which are supported by the driver. One of the dev->security_ctx->ops is to get the security
> Capabilities which will return the supported action type by the PMD.
> 
> I am not sure if we can add that here or not. It is your call.
> 

I think it make sense to document action types needs to be supported to claim
that the feature is supported, but most probably you will judge better on the
matter.
Akhil Goyal Feb. 12, 2020, 2:10 p.m. UTC | #10
> On 2/12/2020 1:48 PM, Akhil Goyal wrote:
> > Hi Ferruh,
> >>
> >>
> >> Since both using the rte_security, for a PMD isn't there a way to say if it is
> >> supporting any one of them or both? If so what do you think documenting it
> too?
> >>
> > I think that is mentioned in the rte_security capabilities about the action types
> > Which are supported by the driver. One of the dev->security_ctx->ops is to get
> the security
> > Capabilities which will return the supported action type by the PMD.
> >
> > I am not sure if we can add that here or not. It is your call.
> >
> 
> I think it make sense to document action types needs to be supported to claim
> that the feature is supported, but most probably you will judge better on the
> matter.

If we can add specifics of security in ethernet feature definition,
Then probably we can add 
**[provides]   rte_security_ops, capabilities_get**: `` action: RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO ``

For inline crypto
And
**[provides]   rte_security_ops, capabilities_get**: `` action: RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL`` 

Please check my syntax if it is not correct.

Patch
diff mbox series

diff --git a/doc/guides/nics/features.rst b/doc/guides/nics/features.rst
index 8394a65..f4eb2a9 100644
--- a/doc/guides/nics/features.rst
+++ b/doc/guides/nics/features.rst
@@ -433,6 +433,24 @@  Supports inline crypto processing (e.g. inline IPsec). See Security library and
   ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``, ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``.
 
 
+.. _nic_features_inline_protocol_doc:
+
+Inline protocol
+---------------
+
+Supports inline protocol processing (e.g. inline IPsec). See Security library and PMD documentation for more details.
+
+* **[uses]       rte_eth_rxconf,rte_eth_rxmode**: ``offloads:DEV_RX_OFFLOAD_SECURITY``,
+* **[uses]       rte_eth_txconf,rte_eth_txmode**: ``offloads:DEV_TX_OFFLOAD_SECURITY``.
+* **[implements] rte_security_ops**: ``session_create``, ``session_update``,
+  ``session_stats_get``, ``session_destroy``, ``set_pkt_metadata``, ``get_userdata``,
+  ``capabilities_get``.
+* **[provides] rte_eth_dev_info**: ``rx_offload_capa,rx_queue_offload_capa:DEV_RX_OFFLOAD_SECURITY``,
+  ``tx_offload_capa,tx_queue_offload_capa:DEV_TX_OFFLOAD_SECURITY``.
+* **[provides]   mbuf**: ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD``,
+  ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``, ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``.
+
+
 .. _nic_features_crc_offload:
 
 CRC offload
diff --git a/doc/guides/nics/features/default.ini b/doc/guides/nics/features/default.ini
index 91ec619..4d0ad32 100644
--- a/doc/guides/nics/features/default.ini
+++ b/doc/guides/nics/features/default.ini
@@ -42,6 +42,7 @@  Flow API             =
 Rate limitation      =
 Traffic mirroring    =
 Inline crypto        =
+Inline protocol      =
 CRC offload          =
 VLAN offload         =
 QinQ offload         =