Re: [dpdk-dev] [PATCH v4 01/10] security: add support for TSO on IPsec session

Fri, 03 Sep 2021 05:50:47 -0700 


> -----Original Message-----
> From: Nicolau, Radu <radu.nico...@intel.com>
> Sent: Friday, September 3, 2021 12:26 PM
> To: Akhil Goyal <gak...@marvell.com>; Doherty, Declan
> <declan.dohe...@intel.com>
> Cc: dev@dpdk.org; m...@ashroe.eu; Ananyev, Konstantin
> <konstantin.anan...@intel.com>; Medvedkin, Vladimir
> <vladimir.medved...@intel.com>; Richardson, Bruce
> <bruce.richard...@intel.com>; Zhang, Roy Fan <roy.fan.zh...@intel.com>;
> hemant.agra...@nxp.com; ano...@marvell.com; Sinha, Abhijit
> <abhijit.si...@intel.com>; Buckley, Daniel M <daniel.m.buck...@intel.com>;
> march...@marvell.com; ktejas...@marvell.com; ma...@nvidia.com;
> Nicolau, Radu <radu.nico...@intel.com>
> Subject: [PATCH v4 01/10] security: add support for TSO on IPsec session
> 
> Allow user to provision a per security session maximum segment size
> (MSS) for use when Transmit Segmentation Offload (TSO) is supported.
> The MSS value will be used when PKT_TX_TCP_SEG or PKT_TX_UDP_SEG
> ol_flags are specified in mbuf.
> 
> Signed-off-by: Declan Doherty <declan.dohe...@intel.com>
> Signed-off-by: Radu Nicolau <radu.nico...@intel.com>
> Signed-off-by: Abhijit Sinha <abhijit.si...@intel.com>
> Signed-off-by: Daniel Martin Buckley <daniel.m.buck...@intel.com>
> ---
>  lib/security/rte_security.h | 15 +++++++++++++++
>  1 file changed, 15 insertions(+)
> 
> diff --git a/lib/security/rte_security.h b/lib/security/rte_security.h
> index 88d31de0a6..45896a77d0 100644
> --- a/lib/security/rte_security.h
> +++ b/lib/security/rte_security.h
> @@ -181,6 +181,19 @@ struct rte_security_ipsec_sa_options {
>        * * 0: Disable per session security statistics collection for this SA.
>        */
>       uint32_t stats : 1;
> +
> +     /** Transmit Segmentation Offload (TSO)
> +      *
> +      * * 1: Enable per session security TSO support, use MSS value
> provide
> +      *      in IPsec security session when PKT_TX_TCP_SEG or
> PKT_TX_UDP_SEG
> +      *      ol_flags are set in mbuf.
> +      *      this SA, if supported by the driver.
> +      * * 0: No TSO support for offload IPsec packets. Hardware will not
> +      *      attempt to segment packet, and packet transmission will fail if
> +      *      larger than MTU of interface
> +      */
> +     uint32_t tso : 1;
> +
>  };
> 
>  /** IPSec security association direction */
> @@ -217,6 +230,8 @@ struct rte_security_ipsec_xform {
>       /**< Anti replay window size to enable sequence replay attack
> handling.
>        * replay checking is disabled if the window size is 0.
>        */
> +     uint32_t mss;
> +     /**< IPsec payload Maximum Segment Size */
>  };
> 
>  /**
> --
> 2.25.1
Acked-by: Fan Zhang <roy.fan.zh...@intel.com>






















					Reply via email to