From mboxrd@z Thu Jan 1 00:00:00 1970 From: Hemant Agrawal Subject: Re: [PATCH 09/11] net/ixgbe: enable inline ipsec Date: Fri, 15 Sep 2017 10:18:47 +0530 Message-ID: References: <20170914082651.26232-1-akhil.goyal@nxp.com> <20170914082651.26232-10-akhil.goyal@nxp.com> Mime-Version: 1.0 Content-Type: text/plain; charset="windows-1252"; format=flowed Content-Transfer-Encoding: 7bit Cc: , , , , , , , To: Akhil Goyal , Return-path: Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on0042.outbound.protection.outlook.com [104.47.37.42]) by dpdk.org (Postfix) with ESMTP id D9BBE2BBE for ; Fri, 15 Sep 2017 06:48:55 +0200 (CEST) In-Reply-To: <20170914082651.26232-10-akhil.goyal@nxp.com> List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Hi Radu, On 9/14/2017 1:56 PM, Akhil Goyal wrote: > +static const struct rte_security_capability ixgbe_security_capabilities[] = { > + { /* IPsec Inline Crypto AH Transport Egress */ > + .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO, > + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, > + .ipsec = { > + .proto = RTE_SECURITY_IPSEC_SA_PROTO_AH, You are supporting AH, however only ESP is proposed in other patch for addition to rte_flow? > + .mode = RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT, > + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, > + .options = { 0 }, > + }, > + .crypto_capabilities = aes_gmac_crypto_capabilities > + }, > + { /* IPsec Inline Crypto ESP Transport Egress */ > + .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO, > + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, > + .ipsec = { > + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, > + .mode = RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT, > + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, > + .options = { 0 } > + }, > + .crypto_capabilities = aes_gcm_gmac_crypto_capabilities > + }, > + { /* IPsec Inline Crypto AH Transport Ingress */ > + .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO, > + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, > + .ipsec = { > + .proto = RTE_SECURITY_IPSEC_SA_PROTO_AH, > + .mode = RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT, > + .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS, > + .options = { 0 } > + }, > + .crypto_capabilities = aes_gmac_crypto_capabilities > + }, > + { /* IPsec Inline Crypto AH Tunnel Ingress */ > + .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO, > + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, > + .ipsec = { > + .proto = RTE_SECURITY_IPSEC_SA_PROTO_AH, > + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, > + .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS, > + .options = { 0 } > + }, > + .crypto_capabilities = aes_gmac_crypto_capabilities > + }, > + { /* IPsec Inline Crypto ESP Transport Ingress */ > + .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO, > + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, > + .ipsec = { > + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, > + .mode = RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT, > + .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS, > + .options = { 0 } > + }, > + .crypto_capabilities = aes_gcm_gmac_crypto_capabilities > + }, > + { /* IPsec Inline Crypto ESP Tunnel Ingress */ > + .action = RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO, > + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, > + .ipsec = { > + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, > + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, > + .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS, > + .options = { 0 } > + }, > + .crypto_capabilities = aes_gcm_gmac_crypto_capabilities > + }, > + { > + .action = RTE_SECURITY_ACTION_TYPE_NONE > + } > +};