Hi Ayuj, > -----Original Message----- > From: Ayuj Verma [mailto:ayve...@marvell.com] > Sent: Wednesday, July 17, 2019 1:34 PM > To: akhil.go...@nxp.com > Cc: Kusztal, ArkadiuszX <arkadiuszx.kusz...@intel.com>; Trahe, Fiona > <fiona.tr...@intel.com>; > shal...@marvell.com; ss...@marvell.com; kkotamar...@marvell.com; > dev@dpdk.org; Ayuj Verma > <ayve...@marvell.com> > Subject: [RFC] lib/crypto: mark asym session-buffer non-reuseable > > Update asym xform usage in cryptodev documentation. > > Xform are immutable, non-reuseable entity till > life time of session. This allow some PMD to optimize > session setup time. > > Signed-off-by: Ayuj Verma <ayve...@marvell.com> > Signed-off-by: Shally Verma <shal...@marvell.com> > --- > doc/guides/prog_guide/cryptodev_lib.rst | 6 ++++++ > lib/librte_cryptodev/rte_cryptodev_pmd.h | 2 +- > 2 files changed, 7 insertions(+), 1 deletion(-) > > diff --git a/doc/guides/prog_guide/cryptodev_lib.rst > b/doc/guides/prog_guide/cryptodev_lib.rst > index 9719944..c97a239 100644 > --- a/doc/guides/prog_guide/cryptodev_lib.rst > +++ b/doc/guides/prog_guide/cryptodev_lib.rst > @@ -894,6 +894,12 @@ asymmetric crypto chaining is Diffie-Hellman private key > generation followed > by > public generation. Also, currently API does not support chaining of > symmetric and > asymmetric crypto xforms. > > +Transform is attached to session during asym session initialization and > can't be > +modified during session configuration. It remains constant till the end of > life [Fiona] I agree with the intent of the RFC. And suggest being more explicit and saying "It and all the data buffers it points to should remain constant..."
> +span of a session. It should be used as it is in PMD, PMDs which requires > +modification of these immutable data should internally do memcpy of data and > +perform required operations. [Fiona] for security I suggest adding here "It's the PMDs responsibility to ensure that any private data copied to local PMD storage is not stored by the PMD for longer than the session lifetime. > Each xform defines specific asymmetric crypto algo. Currently supported are: > * RSA > * Modular operations (Exponentiation and Inverse) > diff --git a/lib/librte_cryptodev/rte_cryptodev_pmd.h > b/lib/librte_cryptodev/rte_cryptodev_pmd.h > index defe05e..1f083ea 100644 > --- a/lib/librte_cryptodev/rte_cryptodev_pmd.h > +++ b/lib/librte_cryptodev/rte_cryptodev_pmd.h > @@ -290,7 +290,7 @@ typedef int (*cryptodev_sym_configure_session_t)(struct > rte_cryptodev *dev, > * - Returns -ENOMEM if the private session could not be allocated. > */ > typedef int (*cryptodev_asym_configure_session_t)(struct rte_cryptodev *dev, > - struct rte_crypto_asym_xform *xform, > + const struct rte_crypto_asym_xform *xform, > struct rte_cryptodev_asym_session *session, > struct rte_mempool *mp); > /** > -- > 1.8.3.1
