[RFC,0/4] cpu-crypto API choices
| Message ID | 20191105184122.15172-1-konstantin.ananyev@intel.com (mailing list archive) |
|---|---|
| Headers |
Return-Path: <dev-bounces@dpdk.org> X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 9BEECA04A2; Tue, 5 Nov 2019 19:41:44 +0100 (CET) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id D2FFF1BED4; Tue, 5 Nov 2019 19:41:43 +0100 (CET) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by dpdk.org (Postfix) with ESMTP id E07B51BECA; Tue, 5 Nov 2019 19:41:41 +0100 (CET) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 05 Nov 2019 10:41:40 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.68,271,1569308400"; d="scan'208";a="403454395" Received: from sivswdev08.ir.intel.com ([10.237.217.47]) by fmsmga006.fm.intel.com with ESMTP; 05 Nov 2019 10:41:38 -0800 From: Konstantin Ananyev <konstantin.ananyev@intel.com> To: dev@dpdk.org, techboard@dpdk.org Cc: roy.fan.zhang@intel.com, declan.doherty@intel.com, akhil.goyal@nxp.com, Konstantin Ananyev <konstantin.ananyev@intel.com> Date: Tue, 5 Nov 2019 18:41:18 +0000 Message-Id: <20191105184122.15172-1-konstantin.ananyev@intel.com> X-Mailer: git-send-email 2.18.0 Subject: [dpdk-dev] [RFC 0/4] cpu-crypto API choices X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions <dev.dpdk.org> List-Unsubscribe: <https://mails.dpdk.org/options/dev>, <mailto:dev-request@dpdk.org?subject=unsubscribe> List-Archive: <http://mails.dpdk.org/archives/dev/> List-Post: <mailto:dev@dpdk.org> List-Help: <mailto:dev-request@dpdk.org?subject=help> List-Subscribe: <https://mails.dpdk.org/listinfo/dev>, <mailto:dev-request@dpdk.org?subject=subscribe> Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org> |
Message
Ananyev, Konstantin
Nov. 5, 2019, 6:41 p.m. UTC
Originally both SW and HW crypto PMDs use rte_crypot_op based API to process the crypto workload asynchronously. This way provides uniformity to both PMD types, but also introduce unnecessary performance penalty to SW PMDs that have to "simulate" HW async behavior (crypto-ops enqueue/dequeue, HW addresses computations, storing/dereferencing user provided data (mbuf) for each crypto-op, etc). The aim is to introduce a new optional API for SW crypto-devices to perform crypto processing in a synchronous manner. As summarized by Akhil, we need a synchronous API to perform crypto operations on raw data using SW PMDs, that provides: - no crypto-ops. - avoid using mbufs inside this API, use raw data buffers instead. - no separate enqueue-dequeue, only single process() API for data path. - input data buffers should be grouped by session, i.e. each process() call takes one session and group of input buffers that belong to that session. - All parameters that are constant accross session, should be stored inside the session itself and reused by all incoming data buffers. While there seems no controversy about need of such functionality, there seems to be no agreement on what would be the best API for that. So I am requesting for TB input on that matter. Series structure: - patch #1 - intorduce basic data structures to be used by sync API (no controversy here, I hope ..) [RFC 1/4] cpu-crypto: Introduce basic data structures - patch #2 - Intel initial approach for new API (via rte_security) [RFC 2/4] security: introduce cpu-crypto API - patch #3 - approach that reuses existing rte_cryptodev API as much as possible [RFC 3/4] cryptodev: introduce cpu-crypto API - patch #4 - approach via introducing new session data structure and API [RFC 4/4] cryptodev: introduce rte_crypto_cpu_sym_session API Patches 2,3,4 are mutually exclusive, and we probably have to choose which one to go forward with. I put some explanations in each of the patches, hopefully that will help to understand pros and cons of each one. Akhil strongly supports #3, AFAIK mainly because it allows PMDs to reuse existing API and minimize API level changes. My favorite is #4, #2 is less preferable but ok too. #3 seems problematic to me by the reasons I outlined in #4 patch description. Please provide your opinion. Konstantin Ananyev (4): cpu-crypto: Introduce basic data structures security: introduce cpu-crypto API cryptodev: introduce cpu-crypto API cryptodev: introduce rte_crypto_cpu_sym_session API lib/librte_cryptodev/rte_crypto_sym.h | 63 +++++++++++++++++++++-- lib/librte_cryptodev/rte_cryptodev.c | 14 +++++ lib/librte_cryptodev/rte_cryptodev.h | 24 +++++++++ lib/librte_cryptodev/rte_cryptodev_pmd.h | 22 ++++++++ lib/librte_security/rte_security.c | 11 ++++ lib/librte_security/rte_security.h | 28 +++++++++- lib/librte_security/rte_security_driver.h | 20 +++++++ 7 files changed, 177 insertions(+), 5 deletions(-)