[dpdk-dev] [RFC] lib/crypto: mark asym session-buffer non-reuseable
Trahe, Fiona
fiona.trahe at intel.com
Wed Jul 17 16:03:36 CEST 2019
Hi Ayuj,
> -----Original Message-----
> From: Ayuj Verma [mailto:ayverma at marvell.com]
> Sent: Wednesday, July 17, 2019 1:34 PM
> To: akhil.goyal at nxp.com
> Cc: Kusztal, ArkadiuszX <arkadiuszx.kusztal at intel.com>; Trahe, Fiona <fiona.trahe at intel.com>;
> shallyv at marvell.com; ssahu at marvell.com; kkotamarthy at marvell.com; dev at dpdk.org; Ayuj Verma
> <ayverma at marvell.com>
> Subject: [RFC] lib/crypto: mark asym session-buffer non-reuseable
>
> Update asym xform usage in cryptodev documentation.
>
> Xform are immutable, non-reuseable entity till
> life time of session. This allow some PMD to optimize
> session setup time.
>
> Signed-off-by: Ayuj Verma <ayverma at marvell.com>
> Signed-off-by: Shally Verma <shallyv at marvell.com>
> ---
> doc/guides/prog_guide/cryptodev_lib.rst | 6 ++++++
> lib/librte_cryptodev/rte_cryptodev_pmd.h | 2 +-
> 2 files changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/doc/guides/prog_guide/cryptodev_lib.rst b/doc/guides/prog_guide/cryptodev_lib.rst
> index 9719944..c97a239 100644
> --- a/doc/guides/prog_guide/cryptodev_lib.rst
> +++ b/doc/guides/prog_guide/cryptodev_lib.rst
> @@ -894,6 +894,12 @@ asymmetric crypto chaining is Diffie-Hellman private key generation followed
> by
> public generation. Also, currently API does not support chaining of symmetric and
> asymmetric crypto xforms.
>
> +Transform is attached to session during asym session initialization and can't be
> +modified during session configuration. It remains constant till the end of life
[Fiona] I agree with the intent of the RFC. And suggest being more explicit and
saying "It and all the data buffers it points to should remain constant..."
> +span of a session. It should be used as it is in PMD, PMDs which requires
> +modification of these immutable data should internally do memcpy of data and
> +perform required operations.
[Fiona] for security I suggest adding here "It's the PMDs responsibility to ensure that any private data
copied to local PMD storage is not stored by the PMD for longer than the session lifetime.
> Each xform defines specific asymmetric crypto algo. Currently supported are:
> * RSA
> * Modular operations (Exponentiation and Inverse)
> diff --git a/lib/librte_cryptodev/rte_cryptodev_pmd.h b/lib/librte_cryptodev/rte_cryptodev_pmd.h
> index defe05e..1f083ea 100644
> --- a/lib/librte_cryptodev/rte_cryptodev_pmd.h
> +++ b/lib/librte_cryptodev/rte_cryptodev_pmd.h
> @@ -290,7 +290,7 @@ typedef int (*cryptodev_sym_configure_session_t)(struct rte_cryptodev *dev,
> * - Returns -ENOMEM if the private session could not be allocated.
> */
> typedef int (*cryptodev_asym_configure_session_t)(struct rte_cryptodev *dev,
> - struct rte_crypto_asym_xform *xform,
> + const struct rte_crypto_asym_xform *xform,
> struct rte_cryptodev_asym_session *session,
> struct rte_mempool *mp);
> /**
> --
> 1.8.3.1
More information about the dev
mailing list