| Message ID | 20211013190032.2308-3-hemant.agrawal@nxp.com (mailing list archive) |
|---|---|
| State | Superseded, archived |
| Delegated to: | akhil goyal |
| Headers | show |
| Series | crypto: add raw vector support in DPAAx | expand |
| Context | Check | Description |
|---|---|---|
| ci/checkpatch | success | coding style OK |
Hi Hemant,
I still think it is enough to use rte_crypto_vec as well as
rte_crypto_sym_ofs is enough to describe the data including both the data
and aad.
Imagine 2 10 bytes segments case, encryption/hash size of 12 and aad of 8.
We will have
struct rte_crypto_vec sgl[2] = {{.base = x, .len = 10}, {.base = y, .len = 10}};
union rte_crypto_sym_ofs ofs = {.cipher.head = 0, .cipher.tail = 8, .auth.head = 0, .auth.tail = 8};
The driver shall understand there are 8 bytes not included for cipher/auth.
Regards,
Fan
> -----Original Message-----
> From: Hemant Agrawal <hemant.agrawal@nxp.com>
> Sent: Wednesday, October 13, 2021 8:00 PM
> To: dev@dpdk.org; gakhil@marvell.com
> Cc: Ananyev, Konstantin <konstantin.ananyev@intel.com>; Zhang, Roy Fan
> <roy.fan.zhang@intel.com>; Gagandeep Singh <g.singh@nxp.com>
> Subject: [PATCH v4 02/15] crypto: add total raw buffer length
>
> From: Gagandeep Singh <g.singh@nxp.com>
>
> The current crypto raw data vectors is extended to support
> rte_security usecases, where we need total data length to know
> how much additional memory space is available in buffer other
> than data length so that driver/HW can write expanded size
> data after encryption.
>
> Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> Acked-by: Akhil Goyal <gakhil@marvell.com>
> ---
> doc/guides/rel_notes/deprecation.rst | 7 -------
> lib/cryptodev/rte_crypto_sym.h | 7 +++++++
> 2 files changed, 7 insertions(+), 7 deletions(-)
>
> diff --git a/doc/guides/rel_notes/deprecation.rst
> b/doc/guides/rel_notes/deprecation.rst
> index a4e86b31f5..53155459a0 100644
> --- a/doc/guides/rel_notes/deprecation.rst
> +++ b/doc/guides/rel_notes/deprecation.rst
> @@ -188,13 +188,6 @@ Deprecation Notices
> This field will be null for inplace processing.
> This change is targeted for DPDK 21.11.
>
> -* cryptodev: The structure ``rte_crypto_vec`` would be updated to add
> - ``tot_len`` to support total buffer length.
> - This is required for security cases like IPsec and PDCP encryption offload
> - to know how much additional memory space is available in buffer other
> than
> - data length so that driver/HW can write expanded size data after
> encryption.
> - This change is targeted for DPDK 21.11.
> -
> * cryptodev: Hide structures ``rte_cryptodev_sym_session`` and
> ``rte_cryptodev_asym_session`` to remove unnecessary indirection
> between
> session and the private data of session. An opaque pointer can be exposed
> diff --git a/lib/cryptodev/rte_crypto_sym.h
> b/lib/cryptodev/rte_crypto_sym.h
> index dcc0bd5933..6be283e83c 100644
> --- a/lib/cryptodev/rte_crypto_sym.h
> +++ b/lib/cryptodev/rte_crypto_sym.h
> @@ -37,6 +37,8 @@ struct rte_crypto_vec {
> rte_iova_t iova;
> /** length of the data buffer */
> uint32_t len;
> + /** total buffer length */
> + uint32_t tot_len;
> };
>
> /**
> @@ -980,12 +982,14 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf
> *mb, uint32_t ofs, uint32_t len,
> seglen = mb->data_len - ofs;
> if (len <= seglen) {
> vec[0].len = len;
> + vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb)
> - ofs;
> return 1;
> }
>
> /* data spread across segments */
> vec[0].len = seglen;
> left = len - seglen;
> + vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs;
> for (i = 1, nseg = mb->next; nseg != NULL; nseg = nseg->next, i++) {
>
> vec[i].base = rte_pktmbuf_mtod(nseg, void *);
> @@ -995,6 +999,8 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb,
> uint32_t ofs, uint32_t len,
> if (left <= seglen) {
> /* whole requested data is completed */
> vec[i].len = left;
> + vec[i].tot_len = mb->buf_len -
> rte_pktmbuf_headroom(mb)
> + - ofs;
> left = 0;
> break;
> }
> @@ -1002,6 +1008,7 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf
> *mb, uint32_t ofs, uint32_t len,
> /* use whole segment */
> vec[i].len = seglen;
> left -= seglen;
> + vec[i].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb)
> - ofs;
> }
>
> RTE_ASSERT(left == 0);
> --
> 2.17.1
> The current crypto raw data vectors is extended to support > rte_security usecases, where we need total data length to know > how much additional memory space is available in buffer other > than data length so that driver/HW can write expanded size > data after encryption. > > Signed-off-by: Gagandeep Singh <g.singh@nxp.com> > Acked-by: Akhil Goyal <gakhil@marvell.com> > --- > doc/guides/rel_notes/deprecation.rst | 7 ------- > lib/cryptodev/rte_crypto_sym.h | 7 +++++++ > 2 files changed, 7 insertions(+), 7 deletions(-) > > diff --git a/doc/guides/rel_notes/deprecation.rst b/doc/guides/rel_notes/deprecation.rst > index a4e86b31f5..53155459a0 100644 > --- a/doc/guides/rel_notes/deprecation.rst > +++ b/doc/guides/rel_notes/deprecation.rst > @@ -188,13 +188,6 @@ Deprecation Notices > This field will be null for inplace processing. > This change is targeted for DPDK 21.11. > > -* cryptodev: The structure ``rte_crypto_vec`` would be updated to add > - ``tot_len`` to support total buffer length. > - This is required for security cases like IPsec and PDCP encryption offload > - to know how much additional memory space is available in buffer other than > - data length so that driver/HW can write expanded size data after encryption. > - This change is targeted for DPDK 21.11. > - > * cryptodev: Hide structures ``rte_cryptodev_sym_session`` and > ``rte_cryptodev_asym_session`` to remove unnecessary indirection between > session and the private data of session. An opaque pointer can be exposed > diff --git a/lib/cryptodev/rte_crypto_sym.h b/lib/cryptodev/rte_crypto_sym.h > index dcc0bd5933..6be283e83c 100644 > --- a/lib/cryptodev/rte_crypto_sym.h > +++ b/lib/cryptodev/rte_crypto_sym.h > @@ -37,6 +37,8 @@ struct rte_crypto_vec { > rte_iova_t iova; > /** length of the data buffer */ > uint32_t len; > + /** total buffer length */ > + uint32_t tot_len; > }; > > /** > @@ -980,12 +982,14 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len, > seglen = mb->data_len - ofs; > if (len <= seglen) { > vec[0].len = len; > + vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs; > return 1; > } > > /* data spread across segments */ > vec[0].len = seglen; > left = len - seglen; > + vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs; As a nit this line and similar line above can be merged into one and put before 'if' statement above, i.e.: vec[0].base = rte_pktmbuf_mtod_offset(mb, void *, ofs); vec[0].iova = rte_pktmbuf_iova_offset(mb, ofs); vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs; > for (i = 1, nseg = mb->next; nseg != NULL; nseg = nseg->next, i++) { > > vec[i].base = rte_pktmbuf_mtod(nseg, void *); > @@ -995,6 +999,8 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len, > if (left <= seglen) { > /* whole requested data is completed */ > vec[i].len = left; > + vec[i].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) > + - ofs; Same as above - these two lines can be put as one before 'if'. > left = 0; > break; > } > @@ -1002,6 +1008,7 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len, > /* use whole segment */ > vec[i].len = seglen; > left -= seglen; > + vec[i].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs; > } > > RTE_ASSERT(left == 0); > -- > 2.17.1 With nits above applied: Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Hi Fan On 10/14/2021 6:09 PM, Zhang, Roy Fan wrote: > Hi Hemant, > > I still think it is enough to use rte_crypto_vec as well as > rte_crypto_sym_ofs is enough to describe the data including both the data > and aad. > > Imagine 2 10 bytes segments case, encryption/hash size of 12 and aad of 8. > We will have > struct rte_crypto_vec sgl[2] = {{.base = x, .len = 10}, {.base = y, .len = 10}}; > union rte_crypto_sym_ofs ofs = {.cipher.head = 0, .cipher.tail = 8, .auth.head = 0, .auth.tail = 8}; > > The driver shall understand there are 8 bytes not included for cipher/auth. This is the protocol offload case. It won't work in that case. > > Regards, > Fan > >> -----Original Message----- >> From: Hemant Agrawal <hemant.agrawal@nxp.com> >> Sent: Wednesday, October 13, 2021 8:00 PM >> To: dev@dpdk.org; gakhil@marvell.com >> Cc: Ananyev, Konstantin <konstantin.ananyev@intel.com>; Zhang, Roy Fan >> <roy.fan.zhang@intel.com>; Gagandeep Singh <g.singh@nxp.com> >> Subject: [PATCH v4 02/15] crypto: add total raw buffer length >> >> From: Gagandeep Singh <g.singh@nxp.com> >> >> The current crypto raw data vectors is extended to support >> rte_security usecases, where we need total data length to know >> how much additional memory space is available in buffer other >> than data length so that driver/HW can write expanded size >> data after encryption. >> >> Signed-off-by: Gagandeep Singh <g.singh@nxp.com> >> Acked-by: Akhil Goyal <gakhil@marvell.com> >> --- >> doc/guides/rel_notes/deprecation.rst | 7 ------- >> lib/cryptodev/rte_crypto_sym.h | 7 +++++++ >> 2 files changed, 7 insertions(+), 7 deletions(-) >> >> diff --git a/doc/guides/rel_notes/deprecation.rst >> b/doc/guides/rel_notes/deprecation.rst >> index a4e86b31f5..53155459a0 100644 >> --- a/doc/guides/rel_notes/deprecation.rst >> +++ b/doc/guides/rel_notes/deprecation.rst >> @@ -188,13 +188,6 @@ Deprecation Notices >> This field will be null for inplace processing. >> This change is targeted for DPDK 21.11. >> >> -* cryptodev: The structure ``rte_crypto_vec`` would be updated to add >> - ``tot_len`` to support total buffer length. >> - This is required for security cases like IPsec and PDCP encryption offload >> - to know how much additional memory space is available in buffer other >> than >> - data length so that driver/HW can write expanded size data after >> encryption. >> - This change is targeted for DPDK 21.11. >> - >> * cryptodev: Hide structures ``rte_cryptodev_sym_session`` and >> ``rte_cryptodev_asym_session`` to remove unnecessary indirection >> between >> session and the private data of session. An opaque pointer can be exposed >> diff --git a/lib/cryptodev/rte_crypto_sym.h >> b/lib/cryptodev/rte_crypto_sym.h >> index dcc0bd5933..6be283e83c 100644 >> --- a/lib/cryptodev/rte_crypto_sym.h >> +++ b/lib/cryptodev/rte_crypto_sym.h >> @@ -37,6 +37,8 @@ struct rte_crypto_vec { >> rte_iova_t iova; >> /** length of the data buffer */ >> uint32_t len; >> + /** total buffer length */ >> + uint32_t tot_len; >> }; >> >> /** >> @@ -980,12 +982,14 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf >> *mb, uint32_t ofs, uint32_t len, >> seglen = mb->data_len - ofs; >> if (len <= seglen) { >> vec[0].len = len; >> + vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) >> - ofs; >> return 1; >> } >> >> /* data spread across segments */ >> vec[0].len = seglen; >> left = len - seglen; >> + vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs; >> for (i = 1, nseg = mb->next; nseg != NULL; nseg = nseg->next, i++) { >> >> vec[i].base = rte_pktmbuf_mtod(nseg, void *); >> @@ -995,6 +999,8 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, >> uint32_t ofs, uint32_t len, >> if (left <= seglen) { >> /* whole requested data is completed */ >> vec[i].len = left; >> + vec[i].tot_len = mb->buf_len - >> rte_pktmbuf_headroom(mb) >> + - ofs; >> left = 0; >> break; >> } >> @@ -1002,6 +1008,7 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf >> *mb, uint32_t ofs, uint32_t len, >> /* use whole segment */ >> vec[i].len = seglen; >> left -= seglen; >> + vec[i].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) >> - ofs; >> } >> >> RTE_ASSERT(left == 0); >> -- >> 2.17.1
diff --git a/doc/guides/rel_notes/deprecation.rst b/doc/guides/rel_notes/deprecation.rst index a4e86b31f5..53155459a0 100644 --- a/doc/guides/rel_notes/deprecation.rst +++ b/doc/guides/rel_notes/deprecation.rst @@ -188,13 +188,6 @@ Deprecation Notices This field will be null for inplace processing. This change is targeted for DPDK 21.11. -* cryptodev: The structure ``rte_crypto_vec`` would be updated to add - ``tot_len`` to support total buffer length. - This is required for security cases like IPsec and PDCP encryption offload - to know how much additional memory space is available in buffer other than - data length so that driver/HW can write expanded size data after encryption. - This change is targeted for DPDK 21.11. - * cryptodev: Hide structures ``rte_cryptodev_sym_session`` and ``rte_cryptodev_asym_session`` to remove unnecessary indirection between session and the private data of session. An opaque pointer can be exposed diff --git a/lib/cryptodev/rte_crypto_sym.h b/lib/cryptodev/rte_crypto_sym.h index dcc0bd5933..6be283e83c 100644 --- a/lib/cryptodev/rte_crypto_sym.h +++ b/lib/cryptodev/rte_crypto_sym.h @@ -37,6 +37,8 @@ struct rte_crypto_vec { rte_iova_t iova; /** length of the data buffer */ uint32_t len; + /** total buffer length */ + uint32_t tot_len; }; /** @@ -980,12 +982,14 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len, seglen = mb->data_len - ofs; if (len <= seglen) { vec[0].len = len; + vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs; return 1; } /* data spread across segments */ vec[0].len = seglen; left = len - seglen; + vec[0].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs; for (i = 1, nseg = mb->next; nseg != NULL; nseg = nseg->next, i++) { vec[i].base = rte_pktmbuf_mtod(nseg, void *); @@ -995,6 +999,8 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len, if (left <= seglen) { /* whole requested data is completed */ vec[i].len = left; + vec[i].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) + - ofs; left = 0; break; } @@ -1002,6 +1008,7 @@ rte_crypto_mbuf_to_vec(const struct rte_mbuf *mb, uint32_t ofs, uint32_t len, /* use whole segment */ vec[i].len = seglen; left -= seglen; + vec[i].tot_len = mb->buf_len - rte_pktmbuf_headroom(mb) - ofs; } RTE_ASSERT(left == 0);