[v3,0/8] crypto/security session framework rework
| Message ID | 20211018213452.2734720-1-gakhil@marvell.com (mailing list archive) |
|---|---|
| Headers |
Return-Path: <dev-bounces@dpdk.org> X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 923A5A0C52; Mon, 18 Oct 2021 23:35:11 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 2398940683; Mon, 18 Oct 2021 23:35:11 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id A846F40142 for <dev@dpdk.org>; Mon, 18 Oct 2021 23:35:09 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 19IK0YBq001417; Mon, 18 Oct 2021 14:35:04 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=BinuchZW4gmMcKaA1GibFrBwZoKdZzQPXHEKC8R2Lp0=; b=TcDI3NBhM0Scss3hR3hMNHCc4ePSCYbzwLUyTMm354fRF82fF0Vd1VbLgPwIEcBBQv+a 2tOPZ0leA3/1ooW0dM0Huw90xL6tw7mEaNZeFT8hNSGPU/nQV/Y5nus/LVfWG+YEXAhU p8y1+bDroH81ucB6++uYIWHeyYb8dk2FP9OkhjasjiBXid0tGX3tQ+9/VC4Hszrx75hf G2fgTdc6+aSoZzErw2e1TsG+B4mKcZzt+LvbQi5bTo9aGZ1xHSKVNPEQxbbUlJswVity uXDn28D9rrnHqzLcEMpTF0ojnk8ZsTLXzuSBuBgzGaNR7ipzdO9AZmllyXsAeVtV/I7A gw== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com with ESMTP id 3bsfk489pg-2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 18 Oct 2021 14:35:04 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Mon, 18 Oct 2021 14:35:02 -0700 Received: from maili.marvell.com (10.68.76.51) by dc5-exch01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Mon, 18 Oct 2021 14:35:02 -0700 Received: from localhost.localdomain (unknown [10.28.36.185]) by maili.marvell.com (Postfix) with ESMTP id 410563F7041; Mon, 18 Oct 2021 14:34:56 -0700 (PDT) From: Akhil Goyal <gakhil@marvell.com> To: <dev@dpdk.org> CC: <thomas@monjalon.net>, <david.marchand@redhat.com>, <hemant.agrawal@nxp.com>, <anoobj@marvell.com>, <pablo.de.lara.guarch@intel.com>, <fiona.trahe@intel.com>, <declan.doherty@intel.com>, <matan@nvidia.com>, <g.singh@nxp.com>, <roy.fan.zhang@intel.com>, <jianjay.zhou@huawei.com>, <asomalap@amd.com>, <ruifeng.wang@arm.com>, <konstantin.ananyev@intel.com>, <radu.nicolau@intel.com>, <ajit.khaparde@broadcom.com>, <rnagadheeraj@marvell.com>, <adwivedi@marvell.com>, <ciara.power@intel.com>, <haiyue.wang@intel.com>, <jiawenwu@trustnetic.com>, <jianwang@trustnetic.com>, Akhil Goyal <gakhil@marvell.com> Date: Tue, 19 Oct 2021 03:04:44 +0530 Message-ID: <20211018213452.2734720-1-gakhil@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211013192222.1582631-2-gakhil@marvell.com> References: <20211013192222.1582631-2-gakhil@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-ORIG-GUID: Zyfbop8QvxNPhMRaz-wgheOXExv7t822 X-Proofpoint-GUID: Zyfbop8QvxNPhMRaz-wgheOXExv7t822 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.0.607.475 definitions=2021-10-18_07,2021-10-18_01,2020-04-07_01 Subject: [dpdk-dev] [PATCH v3 0/8] crypto/security session framework rework X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions <dev.dpdk.org> List-Unsubscribe: <https://mails.dpdk.org/options/dev>, <mailto:dev-request@dpdk.org?subject=unsubscribe> List-Archive: <http://mails.dpdk.org/archives/dev/> List-Post: <mailto:dev@dpdk.org> List-Help: <mailto:dev-request@dpdk.org?subject=help> List-Subscribe: <https://mails.dpdk.org/listinfo/dev>, <mailto:dev-request@dpdk.org?subject=subscribe> Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org> |
Message
Akhil Goyal
Oct. 18, 2021, 9:34 p.m. UTC
As discussed in last release deprecation notice, crypto and security session framework are reworked to reduce the need of two mempool objects and remove the requirement to expose the rte_security_session and rte_cryptodev_sym_session structures. Design methodology is explained in the patch description. Similar work will need to be done for asymmetric sessions as well. Asymmetric session need another rework and is postponed to next release. Since it is still in experimental stage, we can modify the APIs in next release as well. The patches are compilable with all affected PMDs and tested with dpdk-test and test-crypto-perf app on CN9k platform. The series is rebased over "cryptodev: hide internal structures" https://patchwork.dpdk.org/project/dpdk/list/?series=19749 Changes in v3 - rebased over next-crypto TOT - Release notes updated and deprecation notice removed. - Documentation updates. - fix session less crypto - fix asym crypto issue for qp setup - add sess_iova param to PMD session configure APIs to pass physical address of session pointer. - rework cnxk net PMD based on the new session framework. - added missing op to get size of security session private data Changes in v2: - Added new parameter iova in PMD session configure APIs for session priv pointer to be used in QAT/CNXK/etc PMDs. - Hide rte_cryptodev_sym_session and rte_security_session structs. - Added compilation workaround for net PMDs(ixgbe/txgbe) for inline ipsec. Patches with actual fix is beynd the scope of this patchset. - Added inline APIs to access the opaque data and fast metadata. - Remove commented code. TODO - Asym APIs - postponed for next release. Akhil Goyal (8): security: rework session framework security: hide security session struct net/cnxk: rework security session framework security: pass session iova in PMD sess create drivers/crypto: support security session get size op cryptodev: rework session framework cryptodev: hide sym session structure cryptodev: pass session iova in configure session app/test-crypto-perf/cperf.h | 1 - app/test-crypto-perf/cperf_ops.c | 46 ++-- app/test-crypto-perf/cperf_ops.h | 6 +- app/test-crypto-perf/cperf_test_latency.c | 5 +- app/test-crypto-perf/cperf_test_latency.h | 1 - .../cperf_test_pmd_cyclecount.c | 7 +- .../cperf_test_pmd_cyclecount.h | 1 - app/test-crypto-perf/cperf_test_throughput.c | 5 +- app/test-crypto-perf/cperf_test_throughput.h | 1 - app/test-crypto-perf/cperf_test_verify.c | 5 +- app/test-crypto-perf/cperf_test_verify.h | 1 - app/test-crypto-perf/main.c | 29 +-- app/test/test_cryptodev.c | 147 ++++--------- app/test/test_cryptodev.h | 1 - app/test/test_cryptodev_asym.c | 3 +- app/test/test_cryptodev_blockcipher.c | 6 +- app/test/test_event_crypto_adapter.c | 28 +-- app/test/test_ipsec.c | 34 +-- app/test/test_ipsec_perf.c | 4 +- app/test/test_security.c | 196 ++++-------------- doc/guides/prog_guide/cryptodev_lib.rst | 10 +- doc/guides/prog_guide/rte_security.rst | 11 +- doc/guides/rel_notes/deprecation.rst | 9 - doc/guides/rel_notes/release_21_11.rst | 14 ++ drivers/crypto/armv8/armv8_pmd_private.h | 2 - drivers/crypto/armv8/rte_armv8_pmd.c | 21 +- drivers/crypto/armv8/rte_armv8_pmd_ops.c | 34 +-- drivers/crypto/bcmfs/bcmfs_sym_session.c | 36 +--- drivers/crypto/bcmfs/bcmfs_sym_session.h | 6 +- drivers/crypto/caam_jr/caam_jr.c | 71 ++----- drivers/crypto/ccp/ccp_pmd_ops.c | 32 +-- drivers/crypto/ccp/ccp_pmd_private.h | 2 - drivers/crypto/ccp/rte_ccp_pmd.c | 24 +-- drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 24 +-- drivers/crypto/cnxk/cn10k_ipsec.c | 53 +---- drivers/crypto/cnxk/cn9k_cryptodev_ops.c | 20 +- drivers/crypto/cnxk/cn9k_ipsec.c | 75 +++---- drivers/crypto/cnxk/cnxk_cryptodev_ops.c | 61 ++---- drivers/crypto/cnxk/cnxk_cryptodev_ops.h | 16 +- drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 76 ++----- drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c | 3 +- drivers/crypto/dpaa_sec/dpaa_sec.c | 75 ++----- drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c | 3 +- drivers/crypto/ipsec_mb/ipsec_mb_ops.c | 32 +-- drivers/crypto/ipsec_mb/ipsec_mb_private.h | 29 +-- drivers/crypto/ipsec_mb/pmd_aesni_gcm.c | 23 +- drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 40 ++-- drivers/crypto/ipsec_mb/pmd_chacha_poly.c | 1 - drivers/crypto/ipsec_mb/pmd_kasumi.c | 1 - drivers/crypto/ipsec_mb/pmd_snow3g.c | 1 - drivers/crypto/ipsec_mb/pmd_zuc.c | 1 - drivers/crypto/mlx5/mlx5_crypto.c | 25 +-- drivers/crypto/mvsam/mrvl_pmd_private.h | 3 - drivers/crypto/mvsam/rte_mrvl_pmd.c | 3 +- drivers/crypto/mvsam/rte_mrvl_pmd_ops.c | 55 ++--- drivers/crypto/nitrox/nitrox_sym.c | 33 +-- drivers/crypto/null/null_crypto_pmd.c | 20 +- drivers/crypto/null/null_crypto_pmd_ops.c | 34 +-- drivers/crypto/null/null_crypto_pmd_private.h | 2 - .../crypto/octeontx/otx_cryptodev_hw_access.h | 1 - drivers/crypto/octeontx/otx_cryptodev_ops.c | 68 +++--- drivers/crypto/octeontx2/otx2_cryptodev_ops.c | 63 +++--- .../octeontx2/otx2_cryptodev_ops_helper.h | 16 +- drivers/crypto/octeontx2/otx2_cryptodev_qp.h | 2 - drivers/crypto/octeontx2/otx2_cryptodev_sec.c | 77 +++---- drivers/crypto/openssl/openssl_pmd_private.h | 2 - drivers/crypto/openssl/rte_openssl_pmd.c | 18 +- drivers/crypto/openssl/rte_openssl_pmd_ops.c | 35 +--- drivers/crypto/qat/qat_sym.c | 3 +- drivers/crypto/qat/qat_sym.h | 8 +- drivers/crypto/qat/qat_sym_pmd.c | 1 + drivers/crypto/qat/qat_sym_session.c | 72 ++----- drivers/crypto/qat/qat_sym_session.h | 17 +- drivers/crypto/scheduler/scheduler_pmd_ops.c | 10 +- drivers/crypto/virtio/virtio_cryptodev.c | 32 +-- .../octeontx2/otx2_evdev_crypto_adptr_rx.h | 3 +- drivers/net/cnxk/cn10k_ethdev_sec.c | 64 +++--- drivers/net/cnxk/cn9k_ethdev_sec.c | 59 ++---- drivers/net/cnxk/cnxk_ethdev.c | 6 +- drivers/net/cnxk/cnxk_ethdev.h | 6 - drivers/net/cnxk/cnxk_ethdev_sec.c | 21 -- drivers/net/ixgbe/ixgbe_ipsec.c | 38 +--- drivers/net/octeontx2/otx2_ethdev_sec.c | 52 ++--- drivers/net/octeontx2/otx2_ethdev_sec_tx.h | 2 +- drivers/net/txgbe/txgbe_ipsec.c | 38 +--- examples/fips_validation/fips_dev_self_test.c | 32 +-- examples/fips_validation/main.c | 20 +- examples/ipsec-secgw/ipsec-secgw.c | 40 ---- examples/ipsec-secgw/ipsec.c | 12 +- examples/ipsec-secgw/ipsec.h | 1 - examples/ipsec-secgw/ipsec_worker.c | 4 - examples/l2fwd-crypto/main.c | 41 +--- examples/vhost_crypto/main.c | 16 +- lib/cryptodev/cryptodev_pmd.h | 33 ++- lib/cryptodev/rte_crypto.h | 2 +- lib/cryptodev/rte_crypto_sym.h | 2 +- lib/cryptodev/rte_cryptodev.c | 91 ++++---- lib/cryptodev/rte_cryptodev.h | 70 +++---- lib/cryptodev/rte_cryptodev_trace.h | 16 +- lib/ipsec/rte_ipsec.h | 4 +- lib/ipsec/rte_ipsec_group.h | 13 +- lib/ipsec/ses.c | 6 +- lib/pipeline/rte_table_action.c | 8 +- lib/pipeline/rte_table_action.h | 2 +- lib/security/rte_security.c | 32 +-- lib/security/rte_security.h | 85 +++++--- lib/security/rte_security_driver.h | 31 ++- lib/vhost/rte_vhost_crypto.h | 3 - lib/vhost/vhost_crypto.c | 7 +- 109 files changed, 913 insertions(+), 1880 deletions(-)