Message ID | 20211014160329.579970-1-radu.nicolau@intel.com (mailing list archive) |
---|---|
Headers |
Return-Path: <dev-bounces@dpdk.org> X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id A1167A0C4B; Thu, 14 Oct 2021 18:17:38 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 69F7340E01; Thu, 14 Oct 2021 18:17:38 +0200 (CEST) Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mails.dpdk.org (Postfix) with ESMTP id DD1D44003C for <dev@dpdk.org>; Thu, 14 Oct 2021 18:17:36 +0200 (CEST) X-IronPort-AV: E=McAfee;i="6200,9189,10137"; a="214879269" X-IronPort-AV: E=Sophos;i="5.85,372,1624345200"; d="scan'208";a="214879269" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Oct 2021 09:15:33 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.85,372,1624345200"; d="scan'208";a="442881511" Received: from silpixa00400884.ir.intel.com ([10.243.22.82]) by orsmga003.jf.intel.com with ESMTP; 14 Oct 2021 09:15:29 -0700 From: Radu Nicolau <radu.nicolau@intel.com> To: Cc: dev@dpdk.org, mdr@ashroe.eu, konstantin.ananyev@intel.com, vladimir.medvedkin@intel.com, bruce.richardson@intel.com, roy.fan.zhang@intel.com, hemant.agrawal@nxp.com, gakhil@marvell.com, anoobj@marvell.com, declan.doherty@intel.com, abhijit.sinha@intel.com, daniel.m.buckley@intel.com, marchana@marvell.com, ktejasree@marvell.com, matan@nvidia.com, Radu Nicolau <radu.nicolau@intel.com> Date: Thu, 14 Oct 2021 17:03:20 +0100 Message-Id: <20211014160329.579970-1-radu.nicolau@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210713133542.3550525-1-radu.nicolau@intel.com> References: <20210713133542.3550525-1-radu.nicolau@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-dev] [PATCH v10 0/9] new features for ipsec and security libraries X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions <dev.dpdk.org> List-Unsubscribe: <https://mails.dpdk.org/options/dev>, <mailto:dev-request@dpdk.org?subject=unsubscribe> List-Archive: <http://mails.dpdk.org/archives/dev/> List-Post: <mailto:dev@dpdk.org> List-Help: <mailto:dev-request@dpdk.org?subject=help> List-Subscribe: <https://mails.dpdk.org/listinfo/dev>, <mailto:dev-request@dpdk.org?subject=subscribe> Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org> |
Series |
new features for ipsec and security libraries
|
|
Message
Radu Nicolau
Oct. 14, 2021, 4:03 p.m. UTC
Add support for: NAT-T/UDP encapsulation AES_CCM, CHACHA20_POLY1305 and AES_GMAC SA telemetry ESN with initial SQN value Signed-off-by: Declan Doherty <declan.doherty@intel.com> Signed-off-by: Radu Nicolau <radu.nicolau@intel.com> Signed-off-by: Abhijit Sinha <abhijit.sinha@intel.com> Signed-off-by: Daniel Martin Buckley <daniel.m.buckley@intel.com> Radu Nicolau (9): security: add ESN field to ipsec_xform ipsec: add support for AEAD algorithms security: add UDP params for IPsec NAT-T ipsec: add support for NAT-T mbuf: add IPsec ESP tunnel type ipsec: add support for SA telemetry ipsec: add support for initial SQN value doc: remove unneeded ipsec new field deprecation doc: remove unneeded security deprecation doc/guides/prog_guide/ipsec_lib.rst | 12 +- doc/guides/rel_notes/deprecation.rst | 11 -- doc/guides/rel_notes/release_21_11.rst | 16 ++ lib/ipsec/crypto.h | 137 ++++++++++++++ lib/ipsec/esp_inb.c | 84 ++++++++- lib/ipsec/esp_outb.c | 91 ++++++++- lib/ipsec/ipsec_telemetry.c | 244 +++++++++++++++++++++++++ lib/ipsec/meson.build | 6 +- lib/ipsec/rte_ipsec.h | 23 +++ lib/ipsec/rte_ipsec_sa.h | 9 +- lib/ipsec/sa.c | 120 ++++++++++-- lib/ipsec/sa.h | 15 ++ lib/ipsec/version.map | 9 + lib/mbuf/rte_mbuf_core.h | 1 + lib/security/rte_security.h | 15 ++ 15 files changed, 745 insertions(+), 48 deletions(-) create mode 100644 lib/ipsec/ipsec_telemetry.c
Comments
> Add support for: > NAT-T/UDP encapsulation > AES_CCM, CHACHA20_POLY1305 and AES_GMAC > SA telemetry > ESN with initial SQN value > > Signed-off-by: Declan Doherty <declan.doherty@intel.com> > Signed-off-by: Radu Nicolau <radu.nicolau@intel.com> > Signed-off-by: Abhijit Sinha <abhijit.sinha@intel.com> > Signed-off-by: Daniel Martin Buckley <daniel.m.buckley@intel.com> > > Radu Nicolau (9): > security: add ESN field to ipsec_xform > ipsec: add support for AEAD algorithms > security: add UDP params for IPsec NAT-T > ipsec: add support for NAT-T > mbuf: add IPsec ESP tunnel type > ipsec: add support for SA telemetry > ipsec: add support for initial SQN value > doc: remove unneeded ipsec new field deprecation Can you specify why this field is not needed now? > doc: remove unneeded security deprecation Series Acked-by: Akhil Goyal <gakhil@marvell.com> Modified release notes and patch titles while merging. Applied to dpdk-next-crypto Thanks. > > doc/guides/prog_guide/ipsec_lib.rst | 12 +- > doc/guides/rel_notes/deprecation.rst | 11 -- > doc/guides/rel_notes/release_21_11.rst | 16 ++ > lib/ipsec/crypto.h | 137 ++++++++++++++ > lib/ipsec/esp_inb.c | 84 ++++++++- > lib/ipsec/esp_outb.c | 91 ++++++++- > lib/ipsec/ipsec_telemetry.c | 244 +++++++++++++++++++++++++ > lib/ipsec/meson.build | 6 +- > lib/ipsec/rte_ipsec.h | 23 +++ > lib/ipsec/rte_ipsec_sa.h | 9 +- > lib/ipsec/sa.c | 120 ++++++++++-- > lib/ipsec/sa.h | 15 ++ > lib/ipsec/version.map | 9 + > lib/mbuf/rte_mbuf_core.h | 1 + > lib/security/rte_security.h | 15 ++ > 15 files changed, 745 insertions(+), 48 deletions(-) > create mode 100644 lib/ipsec/ipsec_telemetry.c > > -- > > v2: fixed lib/ipsec/version.map updates to show correct version > v3: fixed build error and corrected misspelled email address > v4: add doxygen comments for the IPsec telemetry APIs > update inline comments refering to the wrong RFC > v5: update commit messages after feedback > update the UDP encapsulation patch to actually use the configured ports > v6: fix initial SQN value > v7: reworked the patches after feedback > v8: updated library doc, release notes and removed deprecation notices > v9: reworked telemetry, tso and esn patches > v10: removed TSO patch, addressed feedback > > 2.25.1
On 10/17/2021 1:17 PM, Akhil Goyal wrote: >> Add support for: >> NAT-T/UDP encapsulation >> AES_CCM, CHACHA20_POLY1305 and AES_GMAC >> SA telemetry >> ESN with initial SQN value >> >> Signed-off-by: Declan Doherty <declan.doherty@intel.com> >> Signed-off-by: Radu Nicolau <radu.nicolau@intel.com> >> Signed-off-by: Abhijit Sinha <abhijit.sinha@intel.com> >> Signed-off-by: Daniel Martin Buckley <daniel.m.buckley@intel.com> >> >> Radu Nicolau (9): >> security: add ESN field to ipsec_xform >> ipsec: add support for AEAD algorithms >> security: add UDP params for IPsec NAT-T >> ipsec: add support for NAT-T >> mbuf: add IPsec ESP tunnel type >> ipsec: add support for SA telemetry >> ipsec: add support for initial SQN value >> doc: remove unneeded ipsec new field deprecation > Can you specify why this field is not needed now? It was part of the TSO feature that is being reworked with no API changes. > >> doc: remove unneeded security deprecation > Series Acked-by: Akhil Goyal <gakhil@marvell.com> > > Modified release notes and patch titles while merging. > Applied to dpdk-next-crypto > > Thanks. Thank you!