From patchwork Thu Sep 10 16:44:41 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tejasree Kondoj X-Patchwork-Id: 77203 X-Patchwork-Delegate: ferruh.yigit@amd.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id EFACBA04B5; Thu, 10 Sep 2020 17:51:42 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 643121C122; Thu, 10 Sep 2020 17:51:42 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by dpdk.org (Postfix) with ESMTP id D90A81C121 for ; Thu, 10 Sep 2020 17:51:40 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 08AFngD5027811; Thu, 10 Sep 2020 08:51:39 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=M9cMqL0vTlun3HfHX16myXjbHe8+TU4lygtpLjt5umc=; b=ky/jnn4BzCamuUN/3BxmhhahISEfkCYYRBwnGhyiLVdq2EFYREjazzz/linL7zFsb5zI 8yt/rm5/zLMU0+QqQhqt4+Q3XXXooO0qKnDVXdaPAB28/mlJCferRkpiXXG6Cnf6nAMW UvUUrRwDZNphEgAgX9j+Vmm/r77mK0O2dkR+c6qP/mSx7adQjxPEUyXQw+1TUVE7QPqr QK/GNeS3VdjZdvtVT8PleJG9IIh46fDJNHjC7xKVgzwEqkU+AqPWHhNaRjx1KaTtpstS asc6MbnA8oEYuppsQ/T7qxeiSaWePTrxP9n4zaU/DK3XtaZIl5XZ9ogcfVh/z095jot0 KQ== Received: from sc-exch03.marvell.com ([199.233.58.183]) by mx0a-0016f401.pphosted.com with ESMTP id 33c81q5dxw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 10 Sep 2020 08:51:39 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by SC-EXCH03.marvell.com (10.93.176.83) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 10 Sep 2020 08:51:38 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Thu, 10 Sep 2020 08:51:38 -0700 Received: from hyd1554T5810.caveonetworks.com.com (unknown [10.29.57.11]) by maili.marvell.com (Postfix) with ESMTP id 11BC63F703F; Thu, 10 Sep 2020 08:51:34 -0700 (PDT) From: Tejasree Kondoj To: Akhil Goyal , Radu Nicolau , Declan Doherty , Ori Kam , Thomas Monjalon , Ferruh Yigit , Andrew Rybchenko , Jerin Jacob CC: Tejasree Kondoj , Narayana Prasad , Anoob Joseph , Date: Thu, 10 Sep 2020 22:14:41 +0530 Message-ID: <20200910164441.7245-1-ktejasree@marvell.com> X-Mailer: git-send-email 2.27.0 MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-09-10_04:2020-09-10, 2020-09-10 signatures=0 Subject: [dpdk-dev] [PATCH] ethdev: add security flow item X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Introduce a new item type RTE_FLOW_ITEM_TYPE_SECURITY to distinguish plain packets from IPsec decrypted plain packets. Signed-off-by: Tejasree Kondoj --- doc/guides/prog_guide/rte_flow.rst | 25 +++++++++++++++++++++++++ lib/librte_ethdev/rte_flow.h | 9 +++++++++ 2 files changed, 34 insertions(+) diff --git a/doc/guides/prog_guide/rte_flow.rst b/doc/guides/prog_guide/rte_flow.rst index 3e5cd1e0d..a51a3e5d6 100644 --- a/doc/guides/prog_guide/rte_flow.rst +++ b/doc/guides/prog_guide/rte_flow.rst @@ -712,6 +712,31 @@ action sets metadata for a packet and the metadata will be reported via | ``mask`` | ``data`` | bit-mask applies to "spec" and "last" | +----------+----------+---------------------------------------+ +Item: ``SECURITY`` +^^^^^^^^^^^^^^^^^^ + +Matches packets that were security processed. It can be used to identify +packets after inline security processing. For example, in case of inline IPsec, +the packet headers would change after IPsec decapsulation and this item would +allow application to differentiate non-IPsec packets from packets after +inline IPsec processing. + +- ``spec``, ``last`` and ``mask`` are ignored. + +.. _table_rte_flow_item_security: + +.. table:: SECURITY + + +----------+---------+ + | Field | Value | + +==========+=========+ + | ``spec`` | ignored | + +----------+---------+ + | ``last`` | ignored | + +----------+---------+ + | ``mask`` | ignored | + +----------+---------+ + Data matching item types ~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/lib/librte_ethdev/rte_flow.h b/lib/librte_ethdev/rte_flow.h index da8bfa548..65499b758 100644 --- a/lib/librte_ethdev/rte_flow.h +++ b/lib/librte_ethdev/rte_flow.h @@ -537,6 +537,15 @@ enum rte_flow_item_type { */ RTE_FLOW_ITEM_TYPE_ECPRI, + /** + * [META] + * + * Matches security processed packets. + * + * No associated specification structure. + */ + RTE_FLOW_ITEM_TYPE_SECURITY, + }; /**