sessions
for crypto offload to ethernet device.
Signed-off-by: Boris Pismenny
Signed-off-by: Aviad Yehezkel
Signed-off-by: Radu Nicolau
Signed-off-by: Declan Doherty
---
lib/librte_ether/rte_ethdev.c | 7 +++
lib/librte_ether/rte_ethdev.h | 8
lib/librte_ether
On 10/22/2017 11:59 PM, Thomas Monjalon wrote:
22/10/2017 22:37, Akhil Goyal:
Hi All,
On 10/21/2017 9:43 PM, Akhil Goyal wrote:
Hi Thomas,
On 10/20/2017 3:02 PM, Thomas Monjalon wrote:
16/10/2017 12:44, Thomas Monjalon:
15/10/2017 00:17, Akhil Goyal:
This patchset introduce the rte_securit
I talked with Akhil. I will send v3 of patches by EOD and hold back this
patch.
The reason I don't have time to deep dive regression tests and get back
with an example in the upcoming days.
Thanks!
On 10/23/2017 1:54 PM, De Lara Guarch, Pablo wrote:
Hi Aviad,
-Original Message-
F
...@mellanox.com; akhil.go...@nxp.com;
hemant.agra...@nxp.com; Nicolau, Radu ;
Doherty, Declan ; avia...@dev.mellanox.co.il;
lir...@mellanox.com; nelio.laranje...@6wind.com; tho...@monjalon.net
Subject: [dpdk-dev][PATCH v2 1/6] examples/ipsec-secgw: fix initialization
of aead crypto devices
From: Aviad
Solved that issue, this was an issue with mlx5 PMD with the new inline
ipsec code.
The PMD wasn't updating mbuf->data_len correctly.
Thanks!
On 10/16/2017 3:03 PM, Sergio Gonzalez Monroy wrote:
On 16/10/2017 12:44, Aviad Yehezkel wrote:
On 10/16/2017 12:43 PM, Sergio Gonzalez Monr
Yes, just finished my testing.
Will send v2 in a moment and Akhil will send v5 rebased above them for
rte_security.
Thanks!
On 10/19/2017 9:16 PM, De Lara Guarch, Pablo wrote:
-Original Message-
From: Aviad Yehezkel [mailto:avia...@dev.mellanox.co.il]
Sent: Monday, October 16
On 10/19/2017 6:58 PM, Radu Nicolau wrote:
Added cmdline option for jumbo frames.
Switched port initialization to the new offload API.
Signed-off-by: Radu Nicolau
---
v2: updated commit message
v3: addressed feedback
doc/guides/sample_app_ug/ipsec_secgw.rst | 6 +-
examples/ipsec-sec
On 10/16/2017 12:43 PM, Sergio Gonzalez Monroy wrote:
On 14/10/2017 14:28, avia...@dev.mellanox.co.il wrote:
From: Aviad Yehezkel
IP length was incorrect causing corrupted ICMP packets for example
Signed-off-by: Aviad Yehezkel
---
examples/ipsec-secgw/esp.c | 4 ++--
1 file changed, 2
On 10/16/2017 12:27 PM, Sergio Gonzalez Monroy wrote:
Hi Aviad,
On 14/10/2017 14:27, avia...@dev.mellanox.co.il wrote:
From: Aviad Yehezkel
As agreed with Sergio and Pablo
I don't think the commit message is relevant.
Either me or Pablo acking the patch would have the same me
Reviewed-by: Aviad Yehezkel
On 10/16/2017 12:56 PM, Sergio Gonzalez Monroy wrote:
On 13/10/2017 13:50, Tomasz Duszynski wrote:
Since new_ip and ip4 are overlapping buffers copying ip4 over new_ip
using memmove() might overwrite memory at ip4. This could happen if
following condition holds
On 10/16/2017 12:30 PM, Sergio Gonzalez Monroy wrote:
On 14/10/2017 14:27, avia...@dev.mellanox.co.il wrote:
From: Aviad Yehezkel
Seems like transport was broken for a long time
Commit message needs to be improved. Just mentioned what is wrong or
how do you fix it.
Given that it is a fix
On 10/16/2017 12:44 PM, Sergio Gonzalez Monroy wrote:
On 14/10/2017 14:28, avia...@dev.mellanox.co.il wrote:
From: Aviad Yehezkel
Signed-off-by: Aviad Yehezkel
Signed-off-by: Nicolai Radu
---
app/test-pmd/cmdline.c | 13 ++---
app/test-pmd/config.c | 12 +++-
2 files
On 10/16/2017 12:42 PM, Sergio Gonzalez Monroy wrote:
On 14/10/2017 14:28, avia...@dev.mellanox.co.il wrote:
From: Aviad Yehezkel
To be compatibile with Linux kernel
I am not sure what you are trying to achieve with this change.
The requirement is that the IV is unique, IMO changing the
On 10/14/2017 4:28 PM, avia...@dev.mellanox.co.il wrote:
From: Aviad Yehezkel
Signed-off-by: Aviad Yehezkel
---
examples/ipsec-secgw/Makefile | 1 +
examples/ipsec-secgw/ep0.cfg | 6 +
examples/ipsec-secgw/ep1.cfg | 6 +
examples/ipsec-secgw/eth.c | 238
On 10/14/2017 4:28 PM, avia...@dev.mellanox.co.il wrote:
From: Aviad Yehezkel
Signed-off-by: Aviad Yehezkel
Signed-off-by: Nicolai Radu
---
app/test-pmd/cmdline.c | 13 ++---
app/test-pmd/config.c | 12 +++-
2 files changed, 21 insertions(+), 4 deletions(-)
diff --git
On 10/14/2017 4:28 PM, avia...@dev.mellanox.co.il wrote:
From: Aviad Yehezkel
IP length was incorrect causing corrupted ICMP packets for example
Signed-off-by: Aviad Yehezkel
---
examples/ipsec-secgw/esp.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/examples
On 10/14/2017 4:28 PM, avia...@dev.mellanox.co.il wrote:
From: Aviad Yehezkel
To be compatibile with Linux kernel
Signed-off-by: Aviad Yehezkel
---
examples/ipsec-secgw/esp.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/examples/ipsec-secgw/esp.c b
On 10/14/2017 4:27 PM, avia...@dev.mellanox.co.il wrote:
From: Aviad Yehezkel
Signed-off-by: Aviad Yehezkel
---
examples/ipsec-secgw/esp.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/examples/ipsec-secgw/esp.c b/examples/ipsec-secgw/esp.c
index 689e917..aa2233d
On 10/14/2017 4:27 PM, avia...@dev.mellanox.co.il wrote:
From: Aviad Yehezkel
Search for session also with aead key
Signed-off-by: Aviad Yehezkel
---
examples/ipsec-secgw/ipsec.c | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/examples/ipsec-secgw/ipsec.c b
On 10/14/2017 4:27 PM, avia...@dev.mellanox.co.il wrote:
From: Aviad Yehezkel
This cause auth failure issue
Seems like this was broken for aes-gcm for a long time
Signed-off-by: Aviad Yehezkel
---
examples/ipsec-secgw/sa.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff
On 10/14/2017 4:27 PM, avia...@dev.mellanox.co.il wrote:
From: Aviad Yehezkel
Signed-off-by: Aviad Yehezkel
---
examples/ipsec-secgw/esp.c | 51 ++
1 file changed, 29 insertions(+), 22 deletions(-)
diff --git a/examples/ipsec-secgw/esp.c b
On 10/14/2017 4:27 PM, avia...@dev.mellanox.co.il wrote:
From: Aviad Yehezkel
Seems like transport was broken for a long time
Signed-off-by: Aviad Yehezkel
---
examples/ipsec-secgw/esp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/examples/ipsec-secgw/esp.c b
On 10/14/2017 4:27 PM, avia...@dev.mellanox.co.il wrote:
From: Aviad Yehezkel
As agreed with Sergio and Pablo
Signed-off-by: Aviad Yehezkel
---
MAINTAINERS | 1 +
1 file changed, 1 insertion(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index c00d6d8..d814ac1 100644
--- a/MAINTAINERS
+++ b
On 10/14/2017 4:27 PM, avia...@dev.mellanox.co.il wrote:
From: Aviad Yehezkel
This was broken since new aead xfrom was introduced
Signed-off-by: Aviad Yehezkel
---
examples/ipsec-secgw/ipsec-secgw.c | 29 +++--
examples/ipsec-secgw/ipsec.h | 1 +
2 files
ethernet devices.
4. non protocol offload
Signed-off-by: Akhil Goyal
Signed-off-by: Radu Nicolau
Signed-off-by: Boris Pismenny
Signed-off-by: Declan Doherty
Signed-off-by: Aviad Yehezkel
---
doc/guides/sample_app_ug/ipsec_secgw.rst | 52 +-
examples/ipsec-secgw/esp.c
On 10/15/2017 1:17 AM, Akhil Goyal wrote:
From: Radu Nicolau
Signed-off-by: Radu Nicolau
Signed-off-by: Declan Doherty
---
drivers/net/Makefile | 2 +-
drivers/net/ixgbe/Makefile | 2 +-
drivers/net/ixgbe/base/ixgbe_osdep.h | 8 +
drivers/net/ixgbe
) += -lrte_security
_LDLIBS-$(CONFIG_RTE_LIBRTE_EVENTDEV) += -lrte_eventdev
_LDLIBS-$(CONFIG_RTE_LIBRTE_MEMPOOL)+= -lrte_mempool
_LDLIBS-$(CONFIG_RTE_DRIVER_MEMPOOL_RING) += -lrte_mempool_ring
Tested-by: Aviad Yehezkel
| SECURITY |
+ +---+--+
+ | 1 | END |
+ +---+--+
+
Negative types
~~
Tested-by: Aviad Yehezkel
On 10/15/2017 1:17 AM, Akhil Goyal wrote:
From: Boris Pismenny
The crypto action is specified by an application to request
crypto offload for a flow.
Signed-off-by: Boris Pismenny
Signed-off-by: Aviad Yehezkel
---
lib/librte_ether/rte_flow.h | 38
On 10/15/2017 1:17 AM, Akhil Goyal wrote:
From: Declan Doherty
rte_flow_action type and ethdev updated to support rte_security
sessions for crypto offload to ethernet device.
Signed-off-by: Boris Pismenny
Signed-off-by: Aviad Yehezkel
Signed-off-by: Radu Nicolau
Signed-off-by: Declan
On 10/15/2017 1:17 AM, Akhil Goyal wrote:
From: Boris Pismenny
Add security crypto flags and update mbuf fields to support
IPsec crypto offload for transmitted packets, and to indicate
crypto result for received packets.
Signed-off-by: Aviad Yehezkel
Signed-off-by: Boris Pismenny
Signed
On 10/15/2017 1:17 AM, Akhil Goyal wrote:
From: Boris Pismenny
The ESP header is required for IPsec crypto actions.
Signed-off-by: Boris Pismenny
Signed-off-by: Aviad Yehezkel
---
doc/api/doxy-api-index.md | 3 ++-
lib/librte_ether/rte_flow.h | 26
lib
ptodev_version.map
index 919b6cc..7ef1b0f 100644
--- a/lib/librte_cryptodev/rte_cryptodev_version.map
+++ b/lib/librte_cryptodev/rte_cryptodev_version.map
@@ -84,5 +84,6 @@ DPDK_17.11 {
global:
rte_cryptodev_name_get;
+ rte_cryptodev_get_sec_ctx;
} DPDK_17.08;
Tested-by: Aviad Yehezkel
+---+ +--++++-+
+
+However, the API can represent, IPsec crypto offload with any
encapsulation:
++---++----++-+
+| Eth | -> ... -> | ESP | -> | END |
++---++++-+
Tested-by: Aviad Yehezkel
Doherty
Signed-off-by: Aviad Yehezkel
---
lib/librte_security/Makefile | 53 +++
lib/librte_security/rte_security.c | 149
lib/librte_security/rte_security.h | 535 +++
lib/librte_security/rte_security_driver.h| 155
35 matches
Mail list logo
