[dpdk-dev] [PATCH v3 2/6] crypto/aesni_gcm: cpu crypto support

2020-01-15 Thread Marcin Smoczynski
Add support for CPU crypto mode by introducing required handler. Crypto mode (sync/async) is chosen during sym session create if an appropriate flag is set in an xform type number. Authenticated encryption and decryption are supported with tag generation/verification. Signed-off-by: Marcin

[dpdk-dev] [PATCH v3 0/6] Introduce CPU crypto mode

2020-01-15 Thread Marcin Smoczynski
equeue, HW addresses computations, storing/dereferencing user provided data (mbuf) for each crypto-op, etc). The aim is to introduce a new optional API for SW crypto-devices to perform crypto processing in a synchronous manner. Marcin Smoczynski (6): cryptodev: introduce cpu crypto support AP

[dpdk-dev] [PATCH v3 3/6] security: add cpu crypto action type

2020-01-15 Thread Marcin Smoczynski
Introduce CPU crypto action type allowing to differentiate between regular async 'none security' and synchronous, CPU crypto accelerated sessions. Signed-off-by: Marcin Smoczynski --- lib/librte_security/rte_security.h | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) diff -

[dpdk-dev] [PATCH v3 1/6] cryptodev: introduce cpu crypto support API

2020-01-15 Thread Marcin Smoczynski
capability. Signed-off-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- lib/librte_cryptodev/rte_crypto_sym.h | 62 ++- lib/librte_cryptodev/rte_cryptodev.c | 30 + lib/librte_cryptodev/rte_cryptodev.h | 20 ++ lib/librte_cryptodev

[dpdk-dev] [PATCH v3 4/6] ipsec: introduce support for cpu crypto mode

2020-01-15 Thread Marcin Smoczynski
Update library to handle CPU cypto security mode which utilizes cryptodev's synchronous, CPU accelerated crypto operations. Signed-off-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- lib/librte_ipsec/esp_inb.c | 154 ++- lib/librte_ipsec/esp_o

[dpdk-dev] [PATCH v3 5/6] examples/ipsec-secgw: cpu crypto support

2020-01-15 Thread Marcin Smoczynski
Add support for CPU accelerated crypto. 'cpu-crypto' SA type has been introduced in configuration allowing to use abovementioned acceleration. Legacy mode is not currently supported. Signed-off-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- examples/ipsec-sec

[dpdk-dev] [PATCH v3 6/6] examples/ipsec-secgw: cpu crypto testing

2020-01-15 Thread Marcin Smoczynski
Enable cpu-crypto mode testing by adding dedicated environmental variable CRYPTO_PRIM_TYPE. Setting it to 'type cpu-crypto' allows to run test scenario with cpu crypto acceleration. Signed-off-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/test/comm

[dpdk-dev] [PATCH v4 0/8] Introduce CPU crypto mode

2020-01-27 Thread Marcin Smoczynski
ation when using cpu-crypto - add gmac in aesni-gcm - add tests for aesni-gcm/cpu crypto mode - add documentation: pg and rel notes - remove xform flags as no longer needed - add some extra API comments - remove compilation error from v3 Marcin Smoczynski (8): cryptodev: introduce cpu cryp

[dpdk-dev] [PATCH v4 1/8] cryptodev: introduce cpu crypto support API

2020-01-27 Thread Marcin Smoczynski
capability. Signed-off-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- lib/librte_cryptodev/rte_crypto_sym.h | 61 +++ lib/librte_cryptodev/rte_cryptodev.c | 33 ++ lib/librte_cryptodev/rte_cryptodev.h | 20 ++ lib/librte_cryptodev

[dpdk-dev] [PATCH v4 2/8] crypto/aesni_gcm: cpu crypto support

2020-01-27 Thread Marcin Smoczynski
Add support for CPU crypto mode by introducing required handler. Crypto mode (sync/async) is chosen during sym session create if an appropriate flag is set in an xform type number. Authenticated encryption and decryption are supported with tag generation/verification. Signed-off-by: Marcin

[dpdk-dev] [PATCH v4 4/8] security: add cpu crypto action type

2020-01-27 Thread Marcin Smoczynski
Introduce CPU crypto action type allowing to differentiate between regular async 'none security' and synchronous, CPU crypto accelerated sessions. Signed-off-by: Marcin Smoczynski --- lib/librte_security/rte_security.h | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) diff -

[dpdk-dev] [PATCH v4 3/8] test/crypto: add CPU crypto tests

2020-01-27 Thread Marcin Smoczynski
Add unit and performance tests for CPU crypto mode currently implemented by AESNI-GCM cryptodev. Unit tests cover AES-GCM and GMAC test vectors. Signed-off-by: Marcin Smoczynski --- app/test/Makefile | 1 + app/test/cpu_crypto_all_gcm_perf_test_cases.h | 11 + app

[dpdk-dev] [PATCH v4 5/8] ipsec: introduce support for cpu crypto mode

2020-01-27 Thread Marcin Smoczynski
Update library to handle CPU cypto security mode which utilizes cryptodev's synchronous, CPU accelerated crypto operations. Signed-off-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- lib/librte_ipsec/esp_inb.c | 154 ++- lib/librte_ipsec/esp_o

[dpdk-dev] [PATCH v4 8/8] doc: add cpu crypto related documentation

2020-01-27 Thread Marcin Smoczynski
Update documentation with a description of cpu crypto in cryptodev, ipsec and security libraries. Add release notes for 20.02. Signed-off-by: Marcin Smoczynski --- doc/guides/cryptodevs/aesni_gcm.rst | 5 doc/guides/prog_guide/cryptodev_lib.rst | 31 + doc

[dpdk-dev] [PATCH v4 6/8] examples/ipsec-secgw: cpu crypto support

2020-01-27 Thread Marcin Smoczynski
Add support for CPU accelerated crypto. 'cpu-crypto' SA type has been introduced in configuration allowing to use abovementioned acceleration. Legacy mode is not currently supported. Signed-off-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- examples/ipsec-sec

[dpdk-dev] [PATCH v4 7/8] examples/ipsec-secgw: cpu crypto testing

2020-01-27 Thread Marcin Smoczynski
Enable cpu-crypto mode testing by adding dedicated environmental variable CRYPTO_PRIM_TYPE. Setting it to 'type cpu-crypto' allows to run test scenario with cpu crypto acceleration. Signed-off-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/test/comm

[dpdk-dev] [PATCH v5 0/8] Introduce CPU crypto mode

2020-01-28 Thread Marcin Smoczynski
ing header include) - update licensing information Marcin Smoczynski (8): cryptodev: introduce cpu crypto support API crypto/aesni_gcm: cpu crypto support test/crypto: add CPU crypto tests security: add cpu crypto action type ipsec: introduce support for cpu crypto mode examples/ipsec-

[dpdk-dev] [PATCH v5 1/8] cryptodev: introduce cpu crypto support API

2020-01-28 Thread Marcin Smoczynski
capability. Signed-off-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- lib/librte_cryptodev/rte_crypto_sym.h | 63 ++- lib/librte_cryptodev/rte_cryptodev.c | 35 ++- lib/librte_cryptodev/rte_cryptodev.h | 22 ++- lib/librte_cryptodev

[dpdk-dev] [PATCH v5 4/8] security: add cpu crypto action type

2020-01-28 Thread Marcin Smoczynski
Introduce CPU crypto action type allowing to differentiate between regular async 'none security' and synchronous, CPU crypto accelerated sessions. Signed-off-by: Marcin Smoczynski Acked-by: Konstantin Ananyev Acked-by: Fan Zhang --- lib/librte_security/rte_security.h | 8 ++

[dpdk-dev] [PATCH v5 2/8] crypto/aesni_gcm: cpu crypto support

2020-01-28 Thread Marcin Smoczynski
Add support for CPU crypto mode by introducing required handler. Crypto mode (sync/async) is chosen during sym session create if an appropriate flag is set in an xform type number. Authenticated encryption and decryption are supported with tag generation/verification. Signed-off-by: Marcin

[dpdk-dev] [PATCH v5 3/8] test/crypto: add CPU crypto tests

2020-01-28 Thread Marcin Smoczynski
Add unit and performance tests for CPU crypto mode currently implemented by AESNI-GCM cryptodev. Unit tests cover AES-GCM and GMAC test vectors. Signed-off-by: Marcin Smoczynski Acked-by: Pablo de Lara --- app/test/Makefile | 3 +- app/test

[dpdk-dev] [PATCH v5 5/8] ipsec: introduce support for cpu crypto mode

2020-01-28 Thread Marcin Smoczynski
Update library to handle CPU cypto security mode which utilizes cryptodev's synchronous, CPU accelerated crypto operations. Signed-off-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski Acked-by: Fan Zhang --- lib/librte_ipsec/esp_inb.c | 156 ++-

[dpdk-dev] [PATCH v5 8/8] doc: add cpu crypto related documentation

2020-01-28 Thread Marcin Smoczynski
Update documentation with a description of cpu crypto in cryptodev, ipsec and security libraries. Add release notes for 20.02. Signed-off-by: Marcin Smoczynski --- doc/guides/cryptodevs/aesni_gcm.rst | 7 +- doc/guides/prog_guide/cryptodev_lib.rst | 33 - doc

[dpdk-dev] [PATCH v5 7/8] examples/ipsec-secgw: cpu crypto testing

2020-01-28 Thread Marcin Smoczynski
Enable cpu-crypto mode testing by adding dedicated environmental variable CRYPTO_PRIM_TYPE. Setting it to 'type cpu-crypto' allows to run test scenario with cpu crypto acceleration. Signed-off-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski Acked-by: Fan Zhang --- examples/i

[dpdk-dev] [PATCH v5 6/8] examples/ipsec-secgw: cpu crypto support

2020-01-28 Thread Marcin Smoczynski
Add support for CPU accelerated crypto. 'cpu-crypto' SA type has been introduced in configuration allowing to use abovementioned acceleration. Legacy mode is not currently supported. Signed-off-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski Acked-by: Fan Zhang --- exam

[dpdk-dev] [PATCH v6 2/8] crypto/aesni_gcm: cpu crypto support

2020-02-04 Thread Marcin Smoczynski
Add support for CPU crypto mode by introducing required handler. Authenticated encryption and decryption are supported with tag generation/verification. CPU crypto support include both AES-GCM and GMAC algorithms. Signed-off-by: Marcin Smoczynski Acked-by: Pablo de Lara Acked-by: Fan Zhang

[dpdk-dev] [PATCH v6 1/8] cryptodev: introduce cpu crypto support API

2020-02-04 Thread Marcin Smoczynski
-off-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- doc/guides/cryptodevs/features/default.ini| 1 + doc/guides/prog_guide/cryptodev_lib.rst | 33 - lib/librte_cryptodev/rte_crypto_sym.h | 128 +- lib/librte_cryptodev/rte_cryptodev.c

[dpdk-dev] [PATCH v6 3/8] security: add cpu crypto action type

2020-02-04 Thread Marcin Smoczynski
Introduce CPU crypto action type allowing to differentiate between regular async 'none security' and synchronous, CPU crypto accelerated sessions. This mode is similar to ACTION_TYPE_NONE but crypto processing is performed synchronously on a CPU. Signed-off-by: Marcin Smoczynski

[dpdk-dev] [PATCH v6 0/8] Introduce CPU crypto mode

2020-02-04 Thread Marcin Smoczynski
ing header include) - update licensing information v5 to v6 changes: - unit tests integrated in the current test application for cryptodev - iova fix - moved mbuf to sgl helper function to crypo sym header Marcin Smoczynski (8): cryptodev: introduce cpu crypto support API crypto/aesn

[dpdk-dev] [PATCH v6 4/8] test/crypto: add cpu crypto mode to tests

2020-02-04 Thread Marcin Smoczynski
This patch adds ability to run unit tests in cpu crypto mode and provides test for aesni_gcm's cpu crypto implementation. Signed-off-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- app/test/test_cryptodev.c | 161 +++--- 1 file changed

[dpdk-dev] [PATCH v6 8/8] doc: add release notes for cpu crypto

2020-02-04 Thread Marcin Smoczynski
Add release note for cpu crypto, a new features added to the cryptodev API. Signed-off-by: Marcin Smoczynski --- doc/guides/rel_notes/release_20_02.rst | 7 +++ 1 file changed, 7 insertions(+) diff --git a/doc/guides/rel_notes/release_20_02.rst b/doc/guides/rel_notes/release_20_02.rst

[dpdk-dev] [PATCH v6 6/8] examples/ipsec-secgw: cpu crypto support

2020-02-04 Thread Marcin Smoczynski
Add support for CPU accelerated crypto. 'cpu-crypto' SA type has been introduced in configuration allowing to use abovementioned acceleration. Legacy mode is not currently supported. Signed-off-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski Acked-by: Fan Zhang --- exam

[dpdk-dev] [PATCH v6 5/8] ipsec: introduce support for cpu crypto mode

2020-02-04 Thread Marcin Smoczynski
Update library to handle CPU cypto security mode which utilizes cryptodev's synchronous, CPU accelerated crypto operations. Signed-off-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski Acked-by: Fan Zhang Tested-by: Konstantin Ananyev --- doc/guides/prog_guide/ipsec_lib.rst

[dpdk-dev] [PATCH v6 7/8] examples/ipsec-secgw: cpu crypto testing

2020-02-04 Thread Marcin Smoczynski
Enable cpu-crypto mode testing by adding dedicated environmental variable CRYPTO_PRIM_TYPE. Setting it to 'type cpu-crypto' allows to run test scenario with cpu crypto acceleration. Signed-off-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski Acked-by: Fan Zhang --- examples/i

[dpdk-dev] [PATCH] cryptodev: fix missing doxygen comment

2020-02-06 Thread Marcin Smoczynski
Add missing doxygen comment of rte_crypto_mbuf_to_vec's fields. Signed-off-by: Marcin Smoczynski --- lib/librte_cryptodev/rte_crypto_sym.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h index deb4

[dpdk-dev] [PATCH] test/crypto: add cpu crypto mode tests

2020-02-07 Thread Marcin Smoczynski
This patch adds ability to run unit tests in cpu crypto mode for AESNI GCM cryptodev. Signed-off-by: Marcin Smoczynski --- app/test/test_cryptodev.c | 181 -- 1 file changed, 172 insertions(+), 9 deletions(-) diff --git a/app/test/test_cryptodev.c b/app/test

[dpdk-dev] [PATCH] examples/ipsec-secgw: add missing SPDX license tag

2020-02-11 Thread Marcin Smoczynski
Add missing BSD-3 license tag to inline fallback testing scripts. Signed-off-by: Marcin Smoczynski --- .../ipsec-secgw/test/trs_aesgcm_inline_crypto_fallback_defs.sh | 1 + .../ipsec-secgw/test/tun_aesgcm_inline_crypto_fallback_defs.sh | 1 + 2 files changed, 2 insertions(+) diff --git a

[dpdk-dev] [PATCH v1 0/2] examples/ipsec-secgw: add fallback session

2019-08-14 Thread Marcin Smoczynski
packets that normally would be dropped. A fallback session type in the SA configuration by adding 'fallback' with 'lookaside-none' or 'lookaside-protocol' parameter to determine type of session. Fallback session feature is available only when using librte_ipsec. Marcin Sm

[dpdk-dev] [PATCH v1 1/2] examples/ipsec-secgw: ipsec_sa structure cleanup

2019-08-14 Thread Marcin Smoczynski
rte_ipsec_session structure. Such refactoring is needed to introduce many sessions per SA feature, e.g. fallback session for inline offload processing. Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/esp.c | 35 +++ examples/ipsec-secgw/ipsec.c | 91

[dpdk-dev] [PATCH v1 2/2] examples/ipsec-secgw: add fallback session feature

2019-08-14 Thread Marcin Smoczynski
packets that normally would be dropped. A fallback session type in the SA configuration by adding 'fallback' with 'lookaside-none' or 'lookaside-protocol' parameter to determine type of session. Fallback session feature is available only when using librte_ipsec. Si

[dpdk-dev] [PATCH] examples/ipsec-secgw: fix gcm iv length

2019-10-31 Thread Marcin Smoczynski
ail/sp/800-38d/final Fixes: 0fbd75a99f ("cryptodev: move IV parameters to session") Cc: sta...@dpdk.org Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/sa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/s

[dpdk-dev] [PATCH v2 0/4] IPv6 with options support for IPsec transport

2019-06-24 Thread Marcin Smoczynski
for ipsec-secgw sample application which allows to automatically check how custom packets are processed. This patchset depends on the following patch: http://patchwork.dpdk.org/patch/53406/ Marcin Smoczynski (4): net: new ipv6 header extension parsing function ipsec: fix transport mode for

[dpdk-dev] [PATCH v2 4/4] examples/ipsec-secgw: add scapy based unittests

2019-06-24 Thread Marcin Smoczynski
with header extensions (trs_ipv6opts.py). Fix incomplete test log problem by disabling buffering of ipsec-secgw standard output with stdbuf application. Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/test/common_defs.sh | 58 +- .../ipsec-secgw/test/common_defs_secgw.sh

[dpdk-dev] [PATCH v2 1/4] net: new ipv6 header extension parsing function

2019-06-24 Thread Marcin Smoczynski
Introduce new function for IPv6 header extension parsing able to determine extension length and next protocol number. This function is helpful when implementing IPv6 header traversing. Signed-off-by: Marcin Smoczynski --- lib/librte_net/rte_ip.h | 49

[dpdk-dev] [PATCH v2 2/4] ipsec: fix transport mode for ipv6 with extensions

2019-06-24 Thread Marcin Smoczynski
ata contains a total length of the IPv6 header with header extensions up to ESP header. Signed-off-by: Marcin Smoczynski --- lib/Makefile | 3 ++- lib/librte_ipsec/iph.h | 55 -- lib/meson.build| 2 +- 3 files changed, 50 insertions(+), 1

[dpdk-dev] [PATCH v2 3/4] examples/ipsec-secgw: add support for ipv6 options

2019-06-24 Thread Marcin Smoczynski
traffic and to reconstruct L3 header by librte_ipsec. Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/ipsec-secgw.c | 35 +- examples/ipsec-secgw/sa.c | 5 + 2 files changed, 31 insertions(+), 9 deletions(-) diff --git a/examples/ipsec-secgw

[dpdk-dev] [PATCH] examples/ipsec-secgw: update pkttest requirements

2019-10-02 Thread Marcin Smoczynski
Update Scapy version requirement from 2.4.3rc1 to 2.4.3, which has been used because 2.4.2 had a bug which made this version unable to install. Accept future versions of Scapy too. Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/test/pkttest.py | 2 +- 1 file changed, 1 insertion

[dpdk-dev] [PATCH v6 0/4] add fallback session

2019-10-07 Thread Marcin Smoczynski
tl command line option which allows to change fragment lifetime v2 to v3 changes: - doc and commit log update - explicitly state feature limitations v1 to v2 changes: - disable fallback offload for outbound SAs - add test scripts Marcin Smoczynski (4): examples/ipsec-secgw: sa structure cle

[dpdk-dev] [PATCH v6 3/4] examples/ipsec-secgw: add frag TTL cmdline option

2019-10-07 Thread Marcin Smoczynski
saturated reassembly buckets with high bandwidth fragmented traffic. Acked-by: Konstantin Ananyev Tested-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- doc/guides/sample_app_ug/ipsec_secgw.rst | 7 + examples/ipsec-secgw/ipsec-secgw.c | 40 ++-- 2 files

[dpdk-dev] [PATCH v6 1/4] examples/ipsec-secgw: sa structure cleanup

2019-10-07 Thread Marcin Smoczynski
rte_ipsec_session structure. Such refactoring is needed to introduce many sessions per SA feature, e.g. fallback session for inline offload processing. Acked-by: Konstantin Ananyev Acked-by: Radu Nicolau Tested-by: Bernard Iremonger Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/esp.c

[dpdk-dev] [PATCH v6 4/4] examples/ipsec-secgw: add offload fallback tests

2019-10-07 Thread Marcin Smoczynski
Acked-by: Konstantin Ananyev Tested-by: Bernard Iremonger Signed-off-by: Marcin Smoczynski --- doc/guides/sample_app_ug/ipsec_secgw.rst| 5 + examples/ipsec-secgw/test/trs_aesgcm_common_defs.sh | 4 ++-- .../test/trs_aesgcm_inline_crypto_fallback_defs.sh

[dpdk-dev] [PATCH v6 2/4] examples/ipsec-secgw: add fallback session feature

2019-10-07 Thread Marcin Smoczynski
acy mode. Acked-by: Konstantin Ananyev Tested-by: Bernard Iremonger Signed-off-by: Marcin Smoczynski --- doc/guides/rel_notes/release_19_11.rst | 8 ++ doc/guides/sample_app_ug/ipsec_secgw.rst | 24 - examples/ipsec-secgw/esp.c | 4 +- examples/ipsec-secgw/ipsec-secg

[dpdk-dev] [PATCH v7 2/4] examples/ipsec-secgw: add fallback session feature

2019-10-14 Thread Marcin Smoczynski
this patch. Fallback session feature is not available in the legacy mode. Acked-by: Konstantin Ananyev Tested-by: Bernard Iremonger Signed-off-by: Marcin Smoczynski --- doc/guides/rel_notes/release_19_11.rst | 8 ++ doc/guides/sample_app_ug/ipsec_secgw.rst | 22 - examples/ipsec-secg

[dpdk-dev] [PATCH v7 0/4] add fallback session

2019-10-14 Thread Marcin Smoczynski
disable fallback offload for outbound SAs - add test scripts Marcin Smoczynski (4): examples/ipsec-secgw: sa structure cleanup examples/ipsec-secgw: add fallback session feature examples/ipsec-secgw: add frag TTL cmdline option examples/ipsec-secgw: add offload fallback tests doc/guide

[dpdk-dev] [PATCH v7 3/4] examples/ipsec-secgw: add frag TTL cmdline option

2019-10-14 Thread Marcin Smoczynski
saturated reassembly buckets with high bandwidth fragmented traffic. Acked-by: Konstantin Ananyev Tested-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- doc/guides/sample_app_ug/ipsec_secgw.rst | 7 + examples/ipsec-secgw/ipsec-secgw.c | 40 ++-- 2 files

[dpdk-dev] [PATCH v7 1/4] examples/ipsec-secgw: sa structure cleanup

2019-10-14 Thread Marcin Smoczynski
rte_ipsec_session structure. Such refactoring is needed to introduce many sessions per SA feature, e.g. fallback session for inline offload processing. Acked-by: Konstantin Ananyev Acked-by: Radu Nicolau Tested-by: Bernard Iremonger Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/esp.c

[dpdk-dev] [PATCH v7 4/4] examples/ipsec-secgw: add offload fallback tests

2019-10-14 Thread Marcin Smoczynski
Acked-by: Konstantin Ananyev Tested-by: Bernard Iremonger Signed-off-by: Marcin Smoczynski --- doc/guides/sample_app_ug/ipsec_secgw.rst| 5 + examples/ipsec-secgw/test/trs_aesgcm_common_defs.sh | 4 ++-- .../test/trs_aesgcm_inline_crypto_fallback_defs.sh

[dpdk-dev] [PATCH 1/3] net: new ipv6 header extension parsing function

2019-05-08 Thread Marcin Smoczynski
Introduce new function for IPv6 header extension parsing able to determine extension length and next protocol number. This function is helpful when implementing IPv6 header traversing. Signed-off-by: Marcin Smoczynski --- lib/librte_net/rte_ip.h | 49

[dpdk-dev] [PATCH 2/3] ipsec: fix transport mode for ipv6 with extensions

2019-05-08 Thread Marcin Smoczynski
ata contains a total length of the IPv6 header with header extensions up to ESP header. Signed-off-by: Marcin Smoczynski --- lib/Makefile | 3 ++- lib/librte_ipsec/iph.h | 55 -- 2 files changed, 49 insertions(+), 9 deletions(-) diff --git

[dpdk-dev] [PATCH 3/3] examples/ipsec-secgw: add support for ipv6 options

2019-05-08 Thread Marcin Smoczynski
assertions. Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/ipsec-secgw.c | 33 +++- examples/ipsec-secgw/sa.c | 5 +- examples/ipsec-secgw/test/test-scapy.py | 231 3 files changed, 260 insertions(+), 9 deletions(-) create mode 100755

[dpdk-dev] [PATCH] ipsec: fix missing ipsec headers after install

2019-05-08 Thread Marcin Smoczynski
Invalid statement is used to indicate header files to install. Fixed the statement and reformatted recipe file. Signed-off-by: Marcin Smoczynski --- lib/librte_ipsec/meson.build | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/librte_ipsec/meson.build b/lib

[dpdk-dev] [PATCH] examples/ipsec-secgw: fix Makefile indentation

2019-05-08 Thread Marcin Smoczynski
Fix invalid indentation - extra whitespace before error directive which is causing syntax error when no pkgconfig file for the DPDK is found and RTE_SDK is not specified. Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion

[dpdk-dev] [PATCH] build: enable BSD features visibility for FreeBSD

2019-05-14 Thread Marcin Smoczynski
]. [1] https://mails.dpdk.org/archives/dev/2019-May/131885.html [2] http://mails.dpdk.org/archives/test-report/2019-May/082263.html [3] https://mails.dpdk.org/archives/dev/2019-May/132110.html Signed-off-by: Marcin Smoczynski --- app/meson.build | 5 + drivers/meson.build

[dpdk-dev] [PATCH v2 0/1] Enable BSD features visibility for FreeBSD

2019-05-14 Thread Marcin Smoczynski
v1 -> v2 * merge multiple -D__BSD_VISIBLE into one * merge multiple -D_GNU_SOURCE into one * add -D__BSD_VISIBLE to pc file for FreeBSD Marcin Smoczynski (1): build: enable BSD features visibility for FreeBSD app/meson.build | 3 --- config/meson.build

[dpdk-dev] [PATCH v2 1/1] build: enable BSD features visibility for FreeBSD

2019-05-14 Thread Marcin Smoczynski
/dev/2019-May/132110.html Signed-off-by: Marcin Smoczynski --- app/meson.build | 3 --- config/meson.build| 8 drivers/meson.build | 3 --- examples/meson.build | 3 --- lib/meson.build | 3 --- meson.build | 6

[dpdk-dev] [PATCH v1] net/tap: fix blocked rx packets error

2019-09-02 Thread Marcin Smoczynski
ess than a max number of packets were received allowing next call to receive the rest. Fixes: a0d8e807d9 ("net/tap: add Rx trigger") Cc: sta...@dpdk.org Tested-by: Mariusz Drost Signed-off-by: Marcin Smoczynski --- drivers/net/tap/rte_eth_tap.c | 6 -- 1 file changed, 4 insert

[dpdk-dev] [PATCH v2 1/3] examples/ipsec-secgw: ipsec_sa structure cleanup

2019-09-04 Thread Marcin Smoczynski
rte_ipsec_session structure. Such refactoring is needed to introduce many sessions per SA feature, e.g. fallback session for inline offload processing. Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/esp.c | 35 +++ examples/ipsec-secgw/ipsec.c | 91

[dpdk-dev] [PATCH v2 0/3] examples/ipsec-secgw: add fallback session

2019-09-04 Thread Marcin Smoczynski
2 changes: - disable fallback offload for outbound SAs - add test scripts Marcin Smoczynski (3): examples/ipsec-secgw: ipsec_sa structure cleanup examples/ipsec-secgw: add fallback session feature examples/ipsec-secgw: add offload fallback tests doc/guides/sample_app_ug/ipsec_secgw.rst

[dpdk-dev] [PATCH v2 2/3] examples/ipsec-secgw: add fallback session feature

2019-09-04 Thread Marcin Smoczynski
packets that normally would be dropped. A fallback session type in the SA configuration by adding 'fallback' with 'lookaside-none' or 'lookaside-protocol' parameter to determine type of session. Fallback session feature is available only when using librte_ipsec. Si

[dpdk-dev] [PATCH v2 3/3] examples/ipsec-secgw: add offload fallback tests

2019-09-04 Thread Marcin Smoczynski
Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/test/trs_aesgcm_common_defs.sh | 4 ++-- .../test/trs_aesgcm_inline_crypto_fallback_defs.sh | 5 + examples/ipsec-secgw/test/tun_aesgcm_common_defs.sh | 6 -- .../test/tun_aesgcm_inline_crypto_fallba

[dpdk-dev] [PATCH v3 3/3] examples/ipsec-secgw: add offload fallback tests

2019-09-23 Thread Marcin Smoczynski
Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/test/trs_aesgcm_common_defs.sh | 4 ++-- .../test/trs_aesgcm_inline_crypto_fallback_defs.sh | 5 + examples/ipsec-secgw/test/tun_aesgcm_common_defs.sh | 6 -- .../test/tun_aesgcm_inline_crypto_fallba

[dpdk-dev] [PATCH v3 2/3] examples/ipsec-secgw: add fallback session feature

2019-09-23 Thread Marcin Smoczynski
on is of type 'inline-protocol-offload' or fallback session is 'lookaside-protocol' because SA sequence number is not synchronized between software and hardware sessions. Fallback sessions are also limited to ingress IPsec traffic. Fallback session feature is not available in

[dpdk-dev] [PATCH v3 1/3] examples/ipsec-secgw: ipsec_sa structure cleanup

2019-09-23 Thread Marcin Smoczynski
rte_ipsec_session structure. Such refactoring is needed to introduce many sessions per SA feature, e.g. fallback session for inline offload processing. Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/esp.c | 35 +++ examples/ipsec-secgw/ipsec.c | 91

[dpdk-dev] [PATCH v3 0/3] add fallback session

2019-09-23 Thread Marcin Smoczynski
ges: - disable fallback offload for outbound SAs - add test scripts Marcin Smoczynski (3): examples/ipsec-secgw: ipsec_sa structure cleanup examples/ipsec-secgw: add fallback session feature examples/ipsec-secgw: add offload fallback tests doc/guides/sample_app_ug/ipsec_secgw.rst | 20 ++-

[dpdk-dev] [PATCH v2 1/1] net/tap: fix blocked rx packets error

2019-09-23 Thread Marcin Smoczynski
ess than a max number of packets were received allowing next call to receive the rest. Remove unnecessary compiler barrier. Fixes: a0d8e807d9 ("net/tap: add Rx trigger") Cc: sta...@dpdk.org Tested-by: Mariusz Drost Tested-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski

[dpdk-dev] [PATCH v2 0/1] net/tap: fix blocked rx packets error

2019-09-23 Thread Marcin Smoczynski
ess than a max number of packets were received allowing next call to receive the rest. v1 to v2 changes: - fix typo in commit description - remove unnecessary compiler barrier Marcin Smoczynski (1): net/tap: fix blocked rx packets error drivers/net/tap/rte_eth_tap.c | 7 --- 1 file

[dpdk-dev] [PATCH] examples/ipsec-secgw: fix over MTU packet crash

2019-09-24 Thread Marcin Smoczynski
--ressemble option has not been set and packet exceeds MTU after encapsulation - drop it. Fixes: b01d1cd213 ("examples/ipsec-secgw: support fragmentation and reassembly") Cc: sta...@dpdk.org Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/ipsec-secgw.c | 4 +++- 1 file

[dpdk-dev] [PATCH v4 1/4] examples/ipsec-secgw: ipsec_sa structure cleanup

2019-09-27 Thread Marcin Smoczynski
rte_ipsec_session structure. Such refactoring is needed to introduce many sessions per SA feature, e.g. fallback session for inline offload processing. Acked-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/esp.c | 35 +++ examples/ipsec-secgw/ipsec.c

[dpdk-dev] [PATCH v4 2/4] examples/ipsec-secgw: add fallback session feature

2019-09-27 Thread Marcin Smoczynski
legacy mode. Acked-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- doc/guides/sample_app_ug/ipsec_secgw.rst | 24 - examples/ipsec-secgw/esp.c | 4 +- examples/ipsec-secgw/ipsec-secgw.c | 16 ++-- examples/ipsec-secgw/ipsec.c | 10 +

[dpdk-dev] [PATCH v4 0/4] add fallback session

2019-09-27 Thread Marcin Smoczynski
doc and commit log update - explicitly state feature limitations v1 to v2 changes: - disable fallback offload for outbound SAs - add test scripts Marcin Smoczynski (4): examples/ipsec-secgw: ipsec_sa structure cleanup examples/ipsec-secgw: add fallback session feature examples/ipsec-secg

[dpdk-dev] [PATCH v4 4/4] examples/ipsec-secgw: add offload fallback tests

2019-09-27 Thread Marcin Smoczynski
Acked-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/test/trs_aesgcm_common_defs.sh | 4 ++-- .../test/trs_aesgcm_inline_crypto_fallback_defs.sh | 5 + examples/ipsec-secgw/test/tun_aesgcm_common_defs.sh | 6 --

[dpdk-dev] [PATCH v4 3/4] examples/ipsec-secgw: add frag TTL cmdline option

2019-09-27 Thread Marcin Smoczynski
saturated reassembly buckets with high bandwidth fragmented traffic. Signed-off-by: Marcin Smoczynski --- doc/guides/sample_app_ug/ipsec_secgw.rst | 7 + examples/ipsec-secgw/ipsec-secgw.c | 40 ++-- 2 files changed, 37 insertions(+), 10 deletions(-) diff --git a/doc

[dpdk-dev] [PATCH v5 0/4] add fallback session

2019-09-27 Thread Marcin Smoczynski
add patch with --frag-ttl command line option which allows to change fragment lifetime v2 to v3 changes: - doc and commit log update - explicitly state feature limitations v1 to v2 changes: - disable fallback offload for outbound SAs - add test scripts Marcin Smoczynski (4): examples/ipsec-

[dpdk-dev] [PATCH v5 1/4] examples/ipsec-secgw: ipsec_sa structure cleanup

2019-09-27 Thread Marcin Smoczynski
rte_ipsec_session structure. Such refactoring is needed to introduce many sessions per SA feature, e.g. fallback session for inline offload processing. Acked-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/esp.c | 35 +++ examples/ipsec-secgw/ipsec.c

[dpdk-dev] [PATCH v5 2/4] examples/ipsec-secgw: add fallback session feature

2019-09-27 Thread Marcin Smoczynski
legacy mode. Acked-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- doc/guides/sample_app_ug/ipsec_secgw.rst | 24 - examples/ipsec-secgw/esp.c | 4 +- examples/ipsec-secgw/ipsec-secgw.c | 16 ++-- examples/ipsec-secgw/ipsec.c | 10 +

[dpdk-dev] [PATCH v5 3/4] examples/ipsec-secgw: add frag TTL cmdline option

2019-09-27 Thread Marcin Smoczynski
saturated reassembly buckets with high bandwidth fragmented traffic. Signed-off-by: Marcin Smoczynski --- doc/guides/sample_app_ug/ipsec_secgw.rst | 7 + examples/ipsec-secgw/ipsec-secgw.c | 40 ++-- 2 files changed, 37 insertions(+), 10 deletions(-) diff --git a/doc

[dpdk-dev] [PATCH v5 4/4] examples/ipsec-secgw: add offload fallback tests

2019-09-27 Thread Marcin Smoczynski
Acked-by: Konstantin Ananyev Signed-off-by: Marcin Smoczynski --- examples/ipsec-secgw/test/trs_aesgcm_common_defs.sh | 4 ++-- .../test/trs_aesgcm_inline_crypto_fallback_defs.sh | 5 + examples/ipsec-secgw/test/tun_aesgcm_common_defs.sh | 6 --