[dpdk-dev] [RFC] ipsec: new library for IPsec data-path processing
Ananyev, Konstantin
konstantin.ananyev at intel.com
Mon Sep 3 20:21:30 CEST 2018
Hi Anoob,
> Hi Konstantin,
>
> Few comments. Please see inline.
>
> Thanks,
>
> Anoob
>
> On 24-08-2018 22:23, Konstantin Ananyev wrote:
> > External Email
> >
> > This RFC introduces a new library within DPDK: librte_ipsec.
> > The aim is to provide DPDK native high performance library for IPsec
> > data-path processing.
> > The library is supposed to utilize existing DPDK crypto-dev and
> > security API to provide application with transparent IPsec processing API.
> > The library is concentrated on data-path protocols processing (ESP and AH),
> > IKE protocol(s) implementation is out of scope for that library.
> > Though hook/callback mechanisms will be defined to allow integrate it
> > with existing IKE implementations.
> > Due to quite complex nature of IPsec protocol suite and variety of user
> > requirements and usage scenarios a few API levels will be provided:
> > 1) Security Association (SA-level) API
> > Operates at SA level, provides functions to:
> > - initialize/teardown SA object
> > - process inbound/outbound ESP/AH packets associated with the given SA
> > (decrypt/encrypt, authenticate, check integrity,
> > add/remove ESP/AH related headers and data, etc.).
> > 2) Security Association Database (SAD) API
> > API to create/manage/destroy IPsec SAD.
> > While DPDK IPsec library plans to have its own implementation,
> > the intention is to keep it as independent from the other parts
> > of IPsec library as possible.
> > That is supposed to give users the ability to provide their own
> > implementation of the SAD compatible with the other parts of the
> > IPsec library.
> > 3) IPsec Context (CTX) API
> > This is supposed to be a high-level API, where each IPsec CTX is an
> > abstraction of 'independent copy of the IPsec stack'.
> > CTX owns set of SAs, SADs and assigned to it crypto-dev queues, etc.
> > and provides:
> > - de-multiplexing stream of inbound packets to particular SAs and
> > further IPsec related processing.
> > - IPsec related processing for the outbound packets.
> > - SA add/delete/update functionality
> [Anoob]: Security Policy is an important aspect of IPsec. An IPsec
> library without Security Policy API would be incomplete. For inline
> protocol offload, the final SP-SA check(selector check) is the only
> IPsec part being done by ipsec-secgw now. Would make sense to add that
> also in the library.
You mean here, that we need some sort of SPD implementation, correct?
> > Current RFC concentrates on SA-level API only (1),
> > detailed discussion for 2) and 3) will be subjects for separate RFC(s).
> >
> > SA (low) level API
> > ==================
> >
> > API described below operates on SA level.
> > It provides functionality that allows user for given SA to process
> > inbound and outbound IPsec packets.
> > To be more specific:
> > - for inbound ESP/AH packets perform decryption, authentication,
> > integrity checking, remove ESP/AH related headers
> [Anoob] Anti-replay check would also be required.
Yep, anti-replay and ESN support is implied as part of "integrity checking".
Probably I have to be more specific here.
> > - for outbound packets perform payload encryption, attach ICV,
> > update/add IP headers, add ESP/AH headers/trailers,
> > setup related mbuf felids (ol_flags, tx_offloads, etc.).
> [Anoob] Do we have any plans to handle ESN expiry? Some means to
> initiate an IKE renegotiation? I'm assuming application won't be aware
> of the sequence numbers, in this case.
> > - initialize/un-initialize given SA based on user provided parameters.
> >
> > Processed inbound/outbound packets could be grouped by user provided
> > flow id (opaque 64-bit number associated by user with given SA).
> >
> > SA-level API is based on top of crypto-dev/security API and relies on them
> > to perform actual cipher and integrity checking.
> > Due to the nature of crypto-dev API (enqueue/deque model) we use
> > asynchronous API for IPsec packets destined to be processed
> > by crypto-device:
> > rte_ipsec_crypto_prepare()->rte_cryptodev_enqueue_burst()->
> > rte_cryptodev_dequeue_burst()->rte_ipsec_crypto_process().
> > Though for packets destined for inline processing no extra overhead
> > is required and simple and synchronous API: rte_ipsec_inline_process()
> > is introduced for that case.
> [Anoob] The API should include event-delivery as a crypto-op completion
> mechanism as well. The application could configure the event crypto
> adapter and then enqueue and dequeue to crypto device using events (via
> event dev).
Not sure what particular extra API you think is required here?
As I understand in both cases (with or without event crypto-adapter) we still have to:
1) fill crypto-op properly
2) enqueue it to crypto-dev (via eventdev or directly)
3) receive processed by crypto-dev crypto-op (either via eventdev or directly)
4) check crypto-op status, do further post-processing if any
So #1 and #4 (SA-level API respnibility) remain the same for both cases.
> > The following functionality:
> > - match inbound/outbound packets to particular SA
> > - manage crypto/security devices
> > - provide SAD/SPD related functionality
> > - determine what crypto/security device has to be used
> > for given packet(s)
> > is out of scope for SA-level API.
> >
> > Below is the brief (and simplified) overview of expected SA-level
> > API usage.
> >
> > /* allocate and initialize SA */
> > size_t sz = rte_ipsec_sa_size();
> > struct rte_ipsec_sa *sa = rte_malloc(sz);
> > struct rte_ipsec_sa_prm prm;
> > /* fill prm */
> > rc = rte_ipsec_sa_init(sa, &prm);
> > if (rc != 0) { /*handle error */}
> > .....
> >
> > /* process inbound/outbound IPsec packets that belongs to given SA */
> >
> > /* inline IPsec processing was done for these packets */
> > if (use_inline_ipsec)
> > n = rte_ipsec_inline_process(sa, pkts, nb_pkts);
> > /* use crypto-device to process the packets */
> > else {
> > struct rte_crypto_op *cop[nb_pkts];
> > struct rte_ipsec_group grp[nb_pkts];
> >
> > ....
> > /* prepare crypto ops */
> > n = rte_ipsec_crypto_prepare(sa, pkts, cops, nb_pkts);
> > /* enqueue crypto ops to related crypto-dev */
> > n = rte_cryptodev_enqueue_burst(..., cops, n);
> > if (n != nb_pkts) { /*handle failed packets */}
> > /* dequeue finished crypto ops from related crypto-dev */
> > n = rte_cryptodev_dequeue_burst(..., cops, nb_pkts);
> > /* finish IPsec processing for associated packets */
> > n = rte_ipsec_crypto_process(cop, pkts, grp, n);
> [Anoob] Does the SA based grouping apply to both inbound and outbound?
Yes, the plan is to have it available for both cases.
> > /* now we have <n> group of packets grouped by SA flow id */
> > ....
> > }
> > ...
> >
> > /* uninit given SA */
> > rte_ipsec_sa_fini(sa);
> >
> > Planned scope for 18.11:
> > ========================
> >
> > - SA-level API definition
> > - ESP tunnel mode support (both IPv4/IPv6)
> > - Supported algorithms: AES-CBC, AES-GCM, HMAC-SHA1, NULL.
> > - UT
> [Anoob] What is UT?
Unit-Test
> > Note: Still WIP, so not all planned for 18.11 functionality is in place.
> >
> > Post 18.11:
> > ===========
> > - ESP transport mode support (both IPv4/IPv6)
> > - update examples/ipsec-secgw to use librte_ipsec
> > - SAD and high-level API definition and implementation
> >
> >
> > Signed-off-by: Mohammad Abdul Awal <mohammad.abdul.awal at intel.com>
> > Signed-off-by: Declan Doherty <declan.doherty at intel.com>
> > Signed-off-by: Konstantin Ananyev <konstantin.ananyev at intel.com>
> > ---
> > config/common_base | 5 +
> > lib/Makefile | 2 +
> > lib/librte_ipsec/Makefile | 24 +
> > lib/librte_ipsec/meson.build | 10 +
> > lib/librte_ipsec/pad.h | 45 ++
> > lib/librte_ipsec/rte_ipsec.h | 245 +++++++++
> > lib/librte_ipsec/rte_ipsec_version.map | 13 +
> > lib/librte_ipsec/sa.c | 921 +++++++++++++++++++++++++++++++++
> > lib/librte_net/rte_esp.h | 10 +-
> > lib/meson.build | 2 +
> > mk/rte.app.mk | 2 +
> > 11 files changed, 1278 insertions(+), 1 deletion(-)
> > create mode 100644 lib/librte_ipsec/Makefile
> > create mode 100644 lib/librte_ipsec/meson.build
> > create mode 100644 lib/librte_ipsec/pad.h
> > create mode 100644 lib/librte_ipsec/rte_ipsec.h
> > create mode 100644 lib/librte_ipsec/rte_ipsec_version.map
> > create mode 100644 lib/librte_ipsec/sa.c
> <snip>
> > +static inline uint16_t
> > +esp_outb_tun_prepare(struct rte_ipsec_sa *sa, struct rte_mbuf *mb[],
> > + struct rte_crypto_op *cop[], uint16_t num)
> > +{
> > + int32_t rc;
> > + uint32_t i, n;
> > + union sym_op_data icv;
> > +
> > + n = esn_outb_check_sqn(sa, num);
> > +
> > + for (i = 0; i != n; i++) {
> > +
> > + sa->sqn++;
> [Anoob] Shouldn't this be done atomically?
If we want to have MT-safe API for SA-datapath API, then yes.
Though it would make things more complicated here, especially for inbound with anti-replay support.
I think it is doable (spin-lock?), but would cause extra overhead and complexity.
Right now I am not sure it really worth it - comments/suggestions are welcome.
What probably could be a good compromise - runtime decision per SA basis (at sa_init()),
do we need an ST or MT behavior for given SA.
> > + sa->iv.v8 = rte_cpu_to_be_64(sa->sqn);
> > +
> > + /* update the packet itself */
> > + rc = esp_outb_tun_pkt_prepare(sa, mb[i], &icv);
> > + if (rc < 0) {
> > + rte_errno = -rc;
> > + break;
> > + }
> > +
> > + /* update crypto op */
> > + esp_outb_tun_cop_prepare(cop[i], sa, mb[i], &icv, rc);
> > + }
> > +
> > + return i;
> > +}
> >
> <snip>
Thanks
Konstantin
More information about the dev
mailing list