| Message ID | 20210910113240.872971-1-radu.nicolau@intel.com (mailing list archive) |
|---|---|
| Headers |
Return-Path: <dev-bounces@dpdk.org> X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 7DC14A0547; Fri, 10 Sep 2021 13:39:47 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id EDD8C40DDE; Fri, 10 Sep 2021 13:39:46 +0200 (CEST) Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by mails.dpdk.org (Postfix) with ESMTP id F0CBB406B4 for <dev@dpdk.org>; Fri, 10 Sep 2021 13:39:44 +0200 (CEST) X-IronPort-AV: E=McAfee;i="6200,9189,10102"; a="208168222" X-IronPort-AV: E=Sophos;i="5.85,282,1624345200"; d="scan'208";a="208168222" Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Sep 2021 04:39:43 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.85,282,1624345200"; d="scan'208";a="697094459" Received: from silpixa00400884.ir.intel.com ([10.243.22.82]) by fmsmga005.fm.intel.com with ESMTP; 10 Sep 2021 04:39:40 -0700 From: Radu Nicolau <radu.nicolau@intel.com> To: Cc: dev@dpdk.org, mdr@ashroe.eu, konstantin.ananyev@intel.com, vladimir.medvedkin@intel.com, bruce.richardson@intel.com, roy.fan.zhang@intel.com, hemant.agrawal@nxp.com, gakhil@marvell.com, anoobj@marvell.com, declan.doherty@intel.com, abhijit.sinha@intel.com, daniel.m.buckley@intel.com, marchana@marvell.com, ktejasree@marvell.com, matan@nvidia.com, Radu Nicolau <radu.nicolau@intel.com> Date: Fri, 10 Sep 2021 12:32:30 +0100 Message-Id: <20210910113240.872971-1-radu.nicolau@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210713133542.3550525-1-radu.nicolau@intel.com> References: <20210713133542.3550525-1-radu.nicolau@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-dev] [PATCH v5 00/10] new features for ipsec and security libraries X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions <dev.dpdk.org> List-Unsubscribe: <https://mails.dpdk.org/options/dev>, <mailto:dev-request@dpdk.org?subject=unsubscribe> List-Archive: <http://mails.dpdk.org/archives/dev/> List-Post: <mailto:dev@dpdk.org> List-Help: <mailto:dev-request@dpdk.org?subject=help> List-Subscribe: <https://mails.dpdk.org/listinfo/dev>, <mailto:dev-request@dpdk.org?subject=subscribe> Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org> |
| Series |
new features for ipsec and security libraries
|
|
Message
Radu Nicolau
Sept. 10, 2021, 11:32 a.m. UTC
Add support for: TSO, NAT-T/UDP encapsulation, ESN AES_CCM, CHACHA20_POLY1305 and AES_GMAC SA telemetry mbuf offload flags Initial SQN value Signed-off-by: Declan Doherty <declan.doherty@intel.com> Signed-off-by: Radu Nicolau <radu.nicolau@intel.com> Signed-off-by: Abhijit Sinha <abhijit.sinha@intel.com> Signed-off-by: Daniel Martin Buckley <daniel.m.buckley@intel.com> Radu Nicolau (10): security: add support for TSO on IPsec session security: add UDP params for IPsec NAT-T security: add ESN field to ipsec_xform mbuf: add IPsec ESP tunnel type ipsec: add support for AEAD algorithms ipsec: add transmit segmentation offload support ipsec: add support for NAT-T ipsec: add support for SA telemetry ipsec: add support for initial SQN value ipsec: add ol_flags support lib/ipsec/crypto.h | 137 ++++++++++++ lib/ipsec/esp_inb.c | 88 +++++++- lib/ipsec/esp_outb.c | 262 +++++++++++++++++++---- lib/ipsec/iph.h | 27 ++- lib/ipsec/meson.build | 2 +- lib/ipsec/rte_ipsec.h | 23 ++ lib/ipsec/rte_ipsec_sa.h | 11 +- lib/ipsec/sa.c | 406 ++++++++++++++++++++++++++++++++++-- lib/ipsec/sa.h | 43 ++++ lib/ipsec/version.map | 9 + lib/mbuf/rte_mbuf_core.h | 1 + lib/security/rte_security.h | 31 +++ 12 files changed, 967 insertions(+), 73 deletions(-) -- v2: fixed lib/ipsec/version.map updates to show correct version v3: fixed build error and corrected misspelled email address v4: add doxygen comments for the IPsec telemetry APIs update inline comments refering to the wrong RFC v5: update commit messages after feedback update the UDP encapsulation patch to actually use the configured ports 2.25.1
Comments
Hi Radu, > Add support for: > TSO, NAT-T/UDP encapsulation, ESN > AES_CCM, CHACHA20_POLY1305 and AES_GMAC > SA telemetry > mbuf offload flags > Initial SQN value After applying your patches I am seeing functional ipsec tests (examples/ipsec-secgw/test) failing - both lookaside and inline mode. Could you please have a look. Thanks Konstantin > > Signed-off-by: Declan Doherty <declan.doherty@intel.com> > Signed-off-by: Radu Nicolau <radu.nicolau@intel.com> > Signed-off-by: Abhijit Sinha <abhijit.sinha@intel.com> > Signed-off-by: Daniel Martin Buckley <daniel.m.buckley@intel.com> > > Radu Nicolau (10): > security: add support for TSO on IPsec session > security: add UDP params for IPsec NAT-T > security: add ESN field to ipsec_xform > mbuf: add IPsec ESP tunnel type > ipsec: add support for AEAD algorithms > ipsec: add transmit segmentation offload support > ipsec: add support for NAT-T > ipsec: add support for SA telemetry > ipsec: add support for initial SQN value > ipsec: add ol_flags support > > lib/ipsec/crypto.h | 137 ++++++++++++ > lib/ipsec/esp_inb.c | 88 +++++++- > lib/ipsec/esp_outb.c | 262 +++++++++++++++++++---- > lib/ipsec/iph.h | 27 ++- > lib/ipsec/meson.build | 2 +- > lib/ipsec/rte_ipsec.h | 23 ++ > lib/ipsec/rte_ipsec_sa.h | 11 +- > lib/ipsec/sa.c | 406 ++++++++++++++++++++++++++++++++++-- > lib/ipsec/sa.h | 43 ++++ > lib/ipsec/version.map | 9 + > lib/mbuf/rte_mbuf_core.h | 1 + > lib/security/rte_security.h | 31 +++ > 12 files changed, 967 insertions(+), 73 deletions(-) > > -- > v2: fixed lib/ipsec/version.map updates to show correct version > v3: fixed build error and corrected misspelled email address > v4: add doxygen comments for the IPsec telemetry APIs > update inline comments refering to the wrong RFC > v5: update commit messages after feedback > update the UDP encapsulation patch to actually use the configured ports > > 2.25.1