]> git.droids-corp.org - dpdk.git/commitdiff
git.droids-corp.org / dpdk.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 651982e)
doc: add inline crypto feature
authorRadu Nicolau <radu.nicolau@intel.com>
Thu, 9 Nov 2017 12:29:42 +0000 (12:29 +0000)
committerThomas Monjalon <thomas@monjalon.net>
Sun, 12 Nov 2017 04:02:42 +0000 (05:02 +0100)
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
doc/guides/nics/features.rst patch | blob | history
doc/guides/nics/features/default.ini patch | blob | history
doc/guides/nics/features/ixgbe.ini patch | blob | history
doc/guides/nics/features/ixgbe_vec.ini patch | blob | history
doc/guides/nics/features/ixgbe_vf.ini patch | blob | history
doc/guides/nics/features/ixgbe_vf_vec.ini patch | blob | history
doc/guides/nics/ixgbe.rst patch | blob | history

diff --git a/doc/guides/nics/features.rst b/doc/guides/nics/features.rst
index d9917d4f585d3561d2558aac9bd9851f9d2078a3..d5bf38a216d1eef7dad750a3e0e171cd696ea2d3 100644 (file)
--- a/doc/guides/nics/features.rst
+++ b/doc/guides/nics/features.rst
@@ -506,6 +506,23 @@ Supports adding traffic mirroring rules.
 * **[related]    API**: ``rte_eth_mirror_rule_set()``, ``rte_eth_mirror_rule_reset()``.
 
 
+.. _nic_features_inline_crypto_doc:
+
+Inline crypto
+-------------
+
+Supports inline crypto processing (eg. inline IPsec). See Security library and PMD documentation for more details.
+
+* **[uses]       rte_eth_rxconf,rte_eth_rxmode**: ``offloads:DEV_RX_OFFLOAD_SECURITY``,
+* **[uses]       rte_eth_txconf,rte_eth_txmode**: ``offloads:DEV_TX_OFFLOAD_SECURITY``.
+* **[implements] rte_security_ops**: ``session_create``, ``session_update``,
+  ``session_stats_get``, ``session_destroy``, ``set_pkt_metadata``, ``capabilities_get``.
+* **[provides] rte_eth_dev_info**: ``rx_offload_capa,rx_queue_offload_capa:DEV_RX_OFFLOAD_SECURITY``,
+  ``tx_offload_capa,tx_queue_offload_capa:DEV_TX_OFFLOAD_SECURITY``.
+* **[provides]   mbuf**: ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD``,
+  ``mbuf.ol_flags:PKT_TX_SEC_OFFLOAD``, ``mbuf.ol_flags:PKT_RX_SEC_OFFLOAD_FAILED``.
+
+
 .. _nic_features_crc_offload:
 
 CRC offload
diff --git a/doc/guides/nics/features/default.ini b/doc/guides/nics/features/default.ini
index 95c56986907d747b82cb0a46bc25b06499998800..dae2ad776c56a3263c35a8e5273699230d7c50fc 100644 (file)
--- a/doc/guides/nics/features/default.ini
+++ b/doc/guides/nics/features/default.ini
@@ -44,6 +44,7 @@ Flow control         =
 Flow API             =
 Rate limitation      =
 Traffic mirroring    =
+Inline crypto        =
 CRC offload          =
 VLAN offload         =
 QinQ offload         =
diff --git a/doc/guides/nics/features/ixgbe.ini b/doc/guides/nics/features/ixgbe.ini
index 9ff5d8f8f753c6b769355edbe74da30670c908ee..1d68ee8e2a35c3157836dc2b237ee28ea70ee16b 100644 (file)
--- a/doc/guides/nics/features/ixgbe.ini
+++ b/doc/guides/nics/features/ixgbe.ini
@@ -33,6 +33,7 @@ Flow control         = Y
 Flow API             = Y
 Rate limitation      = Y
 Traffic mirroring    = Y
+Inline crypto        = Y
 CRC offload          = Y
 VLAN offload         = Y
 QinQ offload         = Y
diff --git a/doc/guides/nics/features/ixgbe_vec.ini b/doc/guides/nics/features/ixgbe_vec.ini
index 4d56df4f0d084d6c44ba5aa770d1094666222c5a..28bc0547d35f1c49122a147a9cc9bad03e53fe3d 100644 (file)
--- a/doc/guides/nics/features/ixgbe_vec.ini
+++ b/doc/guides/nics/features/ixgbe_vec.ini
@@ -32,6 +32,7 @@ Flow director        = Y
 Flow control         = Y
 Rate limitation      = Y
 Traffic mirroring    = Y
+Inline crypto        = Y
 Timesync             = Y
 Rx descriptor status = Y
 Tx descriptor status = Y
diff --git a/doc/guides/nics/features/ixgbe_vf.ini b/doc/guides/nics/features/ixgbe_vf.ini
index b63e32ce453055a283c0269fc772c0840319b379..0a15500b9c78c8452a9f29a1cc2112421bb65363 100644 (file)
--- a/doc/guides/nics/features/ixgbe_vf.ini
+++ b/doc/guides/nics/features/ixgbe_vf.ini
@@ -17,6 +17,7 @@ RSS hash             = Y
 RSS key update       = Y
 RSS reta update      = Y
 VLAN filter          = Y
+Inline crypto        = Y
 CRC offload          = Y
 VLAN offload         = Y
 QinQ offload         = Y
diff --git a/doc/guides/nics/features/ixgbe_vf_vec.ini b/doc/guides/nics/features/ixgbe_vf_vec.ini
index c994857ea219b1f99dc24c8837f80f049263ad37..80e7f3bd2c98ee604d59af0943b2c54375f1757f 100644 (file)
--- a/doc/guides/nics/features/ixgbe_vf_vec.ini
+++ b/doc/guides/nics/features/ixgbe_vf_vec.ini
@@ -17,6 +17,7 @@ RSS hash             = Y
 RSS key update       = Y
 RSS reta update      = Y
 VLAN filter          = Y
+Inline crypto        = Y
 Rx descriptor status = Y
 Tx descriptor status = Y
 Basic stats          = Y
diff --git a/doc/guides/nics/ixgbe.rst b/doc/guides/nics/ixgbe.rst
index c687c63ffa17d6d4165c207048a288e0409650c8..d477ea05051c3429e456d280f96f9fae2b997e23 100644 (file)
--- a/doc/guides/nics/ixgbe.rst
+++ b/doc/guides/nics/ixgbe.rst
@@ -239,6 +239,22 @@ There is no RTE API to add a VF's MAC address from the PF. On ixgbe, the
 as a workaround.
 
 
+Inline crypto processing support
+--------------------------------
+
+Inline IPsec processing is supported for ``RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO``
+mode for ESP packets only:
+
+- ESP authentication only: AES-128-GMAC (128-bit key)
+- ESP encryption and authentication: AES-128-GCM (128-bit key)
+
+IPsec Security Gateway Sample Application supports inline IPsec processing for
+ixgbe PMD.
+
+For more details see the IPsec Security Gateway Sample Application and Security
+library documentation.
+
+
 Supported Chipsets and NICs
 ---------------------------
 
DPDK repo used for reviews