Re: [dpdk-dev] [PATCH v5 4/8] security: add cpu crypto action type

Tue, 04 Feb 2020 02:44:55 -0800 


Hi Akhil,

> > > Introduce CPU crypto action type allowing to differentiate between
> > > regular async 'none security' and synchronous, CPU crypto accelerated
> > > sessions.
> > >
> > > Signed-off-by: Marcin Smoczynski <marcinx.smoczyn...@intel.com>
> > > Acked-by: Konstantin Ananyev <konstantin.anan...@intel.com>
> > > Acked-by: Fan Zhang <roy.fan.zh...@intel.com>
> > > ---
> > >  lib/librte_security/rte_security.h | 8 ++++++--
> > >  1 file changed, 6 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/lib/librte_security/rte_security.h 
> > > b/lib/librte_security/rte_security.h
> > > index 546779df2..c8b2dd5ed 100644
> > > --- a/lib/librte_security/rte_security.h
> > > +++ b/lib/librte_security/rte_security.h
> > > @@ -1,6 +1,6 @@
> > >  /* SPDX-License-Identifier: BSD-3-Clause
> > >   * Copyright 2017,2019 NXP
> > > - * Copyright(c) 2017 Intel Corporation.
> > > + * Copyright(c) 2017-2020 Intel Corporation.
> > >   */
> > >
> > >  #ifndef _RTE_SECURITY_H_
> > > @@ -307,10 +307,14 @@ enum rte_security_session_action_type {
> > >   /**< All security protocol processing is performed inline during
> > >    * transmission
> > >    */
> > > - RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL
> > > + RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
> > >   /**< All security protocol processing including crypto is performed
> > >    * on a lookaside accelerator
> > >    */
> > > + RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO
> > > + /**< Crypto processing for security protocol is processed by CPU
> > > +  * synchronously
> > > +  */
> > I am not able to see the need for this enum.
> >
> > It is used by the app and ipsec library to identify the cpu-crypto codepath.
> >
> > I don't see any security action been performed for this action_type.
> >
> > This enum is just like NONE which is not used beyond the application/lib.
> > I think this needs to be documented properly in the description of the enum.
> >
> > It should be something like
> >
> > Similar to ACTION_TYPE_NONE, but the crypto processing is done on CPU
> > Synchronously.
> >
> > Also add documentation of this in the rte_security.rst in this patch only.
> > There should not be any separate patch for documentation.
> >
> 
> Could you please send the update to the patches that I requested.
> I wanted to apply these today.

Marcin works on v6 to address your comments.
Plan to send it by COB today.
Konstantin

Reply via email to