[RFC] lib/crypto: mark asym session-buffer non-reuseable

Message ID 1563366852-23118-2-git-send-email-ayverma@marvell.com
State New
Delegated to: akhil goyal
Headers show
Series
  • [RFC] lib/crypto: mark asym session-buffer non-reuseable
Related show

Checks

Context Check Description
ci/Intel-compilation success Compilation OK
ci/checkpatch success coding style OK

Commit Message

Ayuj Verma July 17, 2019, 12:34 p.m.
Update asym xform usage in cryptodev documentation.

Xform are immutable, non-reuseable entity till
life time of session. This allow some PMD to optimize
session setup time.

Signed-off-by: Ayuj Verma <ayverma@marvell.com>
Signed-off-by: Shally Verma <shallyv@marvell.com>
---
 doc/guides/prog_guide/cryptodev_lib.rst  | 6 ++++++
 lib/librte_cryptodev/rte_cryptodev_pmd.h | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

Comments

Trahe, Fiona July 17, 2019, 2:03 p.m. | #1
Hi Ayuj,

> -----Original Message-----
> From: Ayuj Verma [mailto:ayverma@marvell.com]
> Sent: Wednesday, July 17, 2019 1:34 PM
> To: akhil.goyal@nxp.com
> Cc: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; Trahe, Fiona <fiona.trahe@intel.com>;
> shallyv@marvell.com; ssahu@marvell.com; kkotamarthy@marvell.com; dev@dpdk.org; Ayuj Verma
> <ayverma@marvell.com>
> Subject: [RFC] lib/crypto: mark asym session-buffer non-reuseable
> 
> Update asym xform usage in cryptodev documentation.
> 
> Xform are immutable, non-reuseable entity till
> life time of session. This allow some PMD to optimize
> session setup time.
> 
> Signed-off-by: Ayuj Verma <ayverma@marvell.com>
> Signed-off-by: Shally Verma <shallyv@marvell.com>
> ---
>  doc/guides/prog_guide/cryptodev_lib.rst  | 6 ++++++
>  lib/librte_cryptodev/rte_cryptodev_pmd.h | 2 +-
>  2 files changed, 7 insertions(+), 1 deletion(-)
> 
> diff --git a/doc/guides/prog_guide/cryptodev_lib.rst b/doc/guides/prog_guide/cryptodev_lib.rst
> index 9719944..c97a239 100644
> --- a/doc/guides/prog_guide/cryptodev_lib.rst
> +++ b/doc/guides/prog_guide/cryptodev_lib.rst
> @@ -894,6 +894,12 @@ asymmetric crypto chaining is Diffie-Hellman private key generation followed
> by
>  public generation. Also, currently API does not support chaining of symmetric and
>  asymmetric crypto xforms.
> 
> +Transform is attached to session during asym session initialization and can't be
> +modified during session configuration. It remains constant till the end of life
[Fiona] I agree with the intent of the RFC. And suggest being more explicit and 
saying "It and all the data buffers it points to should remain constant..."

> +span of a session. It should be used as it is in PMD, PMDs which requires
> +modification of these immutable data should internally do memcpy of data and
> +perform required operations.
[Fiona] for security I suggest adding here "It's the PMDs responsibility to ensure that any private data
copied to local PMD storage is not stored by the PMD for longer than the session lifetime.

>  Each xform defines specific asymmetric crypto algo. Currently supported are:
>  * RSA
>  * Modular operations (Exponentiation and Inverse)
> diff --git a/lib/librte_cryptodev/rte_cryptodev_pmd.h b/lib/librte_cryptodev/rte_cryptodev_pmd.h
> index defe05e..1f083ea 100644
> --- a/lib/librte_cryptodev/rte_cryptodev_pmd.h
> +++ b/lib/librte_cryptodev/rte_cryptodev_pmd.h
> @@ -290,7 +290,7 @@ typedef int (*cryptodev_sym_configure_session_t)(struct rte_cryptodev *dev,
>   *  - Returns -ENOMEM if the private session could not be allocated.
>   */
>  typedef int (*cryptodev_asym_configure_session_t)(struct rte_cryptodev *dev,
> -		struct rte_crypto_asym_xform *xform,
> +		const struct rte_crypto_asym_xform *xform,
>  		struct rte_cryptodev_asym_session *session,
>  		struct rte_mempool *mp);
>  /**
> --
> 1.8.3.1
Kusztal, ArkadiuszX July 17, 2019, 2:10 p.m. | #2
> -----Original Message-----
> From: Trahe, Fiona
> Sent: Wednesday, July 17, 2019 4:04 PM
> To: Ayuj Verma <ayverma@marvell.com>; akhil.goyal@nxp.com
> Cc: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>;
> shallyv@marvell.com; ssahu@marvell.com; kkotamarthy@marvell.com;
> dev@dpdk.org; Trahe, Fiona <fiona.trahe@intel.com>
> Subject: RE: [RFC] lib/crypto: mark asym session-buffer non-reuseable
> 
> Hi Ayuj,
> 
> > -----Original Message-----
> > From: Ayuj Verma [mailto:ayverma@marvell.com]
> > Sent: Wednesday, July 17, 2019 1:34 PM
> > To: akhil.goyal@nxp.com
> > Cc: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; Trahe, Fiona
> > <fiona.trahe@intel.com>; shallyv@marvell.com; ssahu@marvell.com;
> > kkotamarthy@marvell.com; dev@dpdk.org; Ayuj Verma
> > <ayverma@marvell.com>
> > Subject: [RFC] lib/crypto: mark asym session-buffer non-reuseable
> >
> > Update asym xform usage in cryptodev documentation.
> >
> > Xform are immutable, non-reuseable entity till life time of session.
> > This allow some PMD to optimize session setup time.
> >
> > Signed-off-by: Ayuj Verma <ayverma@marvell.com>
> > Signed-off-by: Shally Verma <shallyv@marvell.com>
> > ---
> >  doc/guides/prog_guide/cryptodev_lib.rst  | 6 ++++++
> > lib/librte_cryptodev/rte_cryptodev_pmd.h | 2 +-
> >  2 files changed, 7 insertions(+), 1 deletion(-)
> >
> > diff --git a/doc/guides/prog_guide/cryptodev_lib.rst
> > b/doc/guides/prog_guide/cryptodev_lib.rst
> > index 9719944..c97a239 100644
> > --- a/doc/guides/prog_guide/cryptodev_lib.rst
> > +++ b/doc/guides/prog_guide/cryptodev_lib.rst
> > @@ -894,6 +894,12 @@ asymmetric crypto chaining is Diffie-Hellman
> > private key generation followed by  public generation. Also, currently
> > API does not support chaining of symmetric and  asymmetric crypto
> > xforms.
> >
> > +Transform is attached to session during asym session initialization
> > +and can't be modified during session configuration. It remains
> > +constant till the end of life
> [Fiona] I agree with the intent of the RFC. And suggest being more explicit
> and saying "It and all the data buffers it points to should remain constant..."
[AK] I agree with RFC and Fiona :).
> 
> > +span of a session. It should be used as it is in PMD, PMDs which
> > +requires modification of these immutable data should internally do
> > +memcpy of data and perform required operations.
> [Fiona] for security I suggest adding here "It's the PMDs responsibility to
> ensure that any private data copied to local PMD storage is not stored by the
> PMD for longer than the session lifetime.
> 
> >  Each xform defines specific asymmetric crypto algo. Currently supported
> are:
> >  * RSA
> >  * Modular operations (Exponentiation and Inverse) diff --git
> > a/lib/librte_cryptodev/rte_cryptodev_pmd.h
> > b/lib/librte_cryptodev/rte_cryptodev_pmd.h
> > index defe05e..1f083ea 100644
> > --- a/lib/librte_cryptodev/rte_cryptodev_pmd.h
> > +++ b/lib/librte_cryptodev/rte_cryptodev_pmd.h
> > @@ -290,7 +290,7 @@ typedef int
> (*cryptodev_sym_configure_session_t)(struct rte_cryptodev *dev,
> >   *  - Returns -ENOMEM if the private session could not be allocated.
> >   */
> >  typedef int (*cryptodev_asym_configure_session_t)(struct rte_cryptodev
> *dev,
> > -		struct rte_crypto_asym_xform *xform,
> > +		const struct rte_crypto_asym_xform *xform,
> >  		struct rte_cryptodev_asym_session *session,
> >  		struct rte_mempool *mp);
> >  /**
> > --
> > 1.8.3.1
Ayuj Verma July 18, 2019, 9:56 a.m. | #3
Hi Arek, Fiona


Please see in-line.


Thanks and regards

Ayuj Verma
Ayuj Verma July 18, 2019, 10:49 a.m. | #4
Hi Arek, Fiona,



> [Fiona] I agree with the intent of the RFC. And suggest being more explicit
> and saying "It and all the data buffers it points to should remain constant..."
[AK] I agree with RFC and Fiona :).
[Ayuj] ACK. will submit a v2.
>> Correction: Will incorporate this in Patch v1.

Thanks and regards
Ayuj Verma

Patch

diff --git a/doc/guides/prog_guide/cryptodev_lib.rst b/doc/guides/prog_guide/cryptodev_lib.rst
index 9719944..c97a239 100644
--- a/doc/guides/prog_guide/cryptodev_lib.rst
+++ b/doc/guides/prog_guide/cryptodev_lib.rst
@@ -894,6 +894,12 @@  asymmetric crypto chaining is Diffie-Hellman private key generation followed by
 public generation. Also, currently API does not support chaining of symmetric and
 asymmetric crypto xforms.
 
+Transform is attached to session during asym session initialization and can't be
+modified during session configuration. It remains constant till the end of life
+span of a session. It should be used as it is in PMD, PMDs which requires
+modification of these immutable data should internally do memcpy of data and
+perform required operations.
+
 Each xform defines specific asymmetric crypto algo. Currently supported are:
 * RSA
 * Modular operations (Exponentiation and Inverse)
diff --git a/lib/librte_cryptodev/rte_cryptodev_pmd.h b/lib/librte_cryptodev/rte_cryptodev_pmd.h
index defe05e..1f083ea 100644
--- a/lib/librte_cryptodev/rte_cryptodev_pmd.h
+++ b/lib/librte_cryptodev/rte_cryptodev_pmd.h
@@ -290,7 +290,7 @@  typedef int (*cryptodev_sym_configure_session_t)(struct rte_cryptodev *dev,
  *  - Returns -ENOMEM if the private session could not be allocated.
  */
 typedef int (*cryptodev_asym_configure_session_t)(struct rte_cryptodev *dev,
-		struct rte_crypto_asym_xform *xform,
+		const struct rte_crypto_asym_xform *xform,
 		struct rte_cryptodev_asym_session *session,
 		struct rte_mempool *mp);
 /**