[v1] doc/users-guide: add cryptographic services section

Message ID 1450180879-3227-1-git-send-email-alexandru.badicioiu@linaro.org
State Accepted
Commit 07971b739edf562807e3e73276b2be7e6bdba070
Headers show

Commit Message

Alexandru Badicioiu Dec. 15, 2015, 12:01 p.m.
From: Alexandru Badicioiu <alexandru.badicioiu@linaro.org>

Signed-off-by: Alexandru Badicioiu <alexandru.badicioiu@linaro.org>
---
 doc/users-guide/users-guide.adoc | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

Comments

Bill Fischofer Dec. 17, 2015, 3:44 a.m. | #1
This needs significant expansion, but it's a worthwhile start.

On Tue, Dec 15, 2015 at 6:01 AM, <alexandru.badicioiu@linaro.org> wrote:

> From: Alexandru Badicioiu <alexandru.badicioiu@linaro.org>



> Signed-off-by: Alexandru Badicioiu <alexandru.badicioiu@linaro.org>

>


Reviewed-by: Bill Fischofer <bill.fischofer@linaro.org>



> ---

>  doc/users-guide/users-guide.adoc | 21 +++++++++++++++++++++

>  1 file changed, 21 insertions(+)

>

> diff --git a/doc/users-guide/users-guide.adoc

> b/doc/users-guide/users-guide.adoc

> index 2e30f3a..7ec7957 100644

> --- a/doc/users-guide/users-guide.adoc

> +++ b/doc/users-guide/users-guide.adoc

> @@ -738,6 +738,27 @@ NOTE: Both ordered and parallel queues improve

> throughput over atomic queues

>  due to parallel event processing, but require that the application take

>  steps to ensure context data synchronization if needed.

>

> +=== Cryptographic services

> +

> +ODP provides support for cryptographic operations required by various

> security

> +protocols (e.g. IPSec). To apply a cryptographic operation to a packet a

> session

> +must be created first. Packets processed by a session share the same

> cryptographic

> +parameters like algorithms, keys, initialization vectors. A session is

> created with

> +odp_crypto_session_create() call. After session creation a cryptographic

> operation

> +can be applied to a packet using odp_crypto_operation() call.

> +Depending on the session type - synchronous or asynchronous the operation

> returns

> +when the operation completed or after the request has been submitted. In

> the

> +asynchronous case an operation completion event will be enqueued on the

> session

> +completion queue. The completion event conveys the status of the

> operation and

> +the result. The application has the responsibility to free the completion

> event.

> +The operation arguments specify for each packet the areas which are to be

> encrypted

> +or decrypted and authenticated. Also, in asynchronous case a context can

> be

> +associated with a given operation and when the operation completion event

> is

> +retrieved the associated context can be retrieved. An operation can be

> executed

> +in-place, when the output packet is the same as the input packet or the

> output

> +packet can be a new packet provided by the application or allocated by the

> +implementation from the session output pool.

> +

>  == Glossary

>  [glossary]

>  worker thread::

> --

> 1.9.3

>

> _______________________________________________

> lng-odp mailing list

> lng-odp@lists.linaro.org

> https://lists.linaro.org/mailman/listinfo/lng-odp

>
Maxim Uvarov Dec. 17, 2015, 8:39 a.m. | #2
Merged.

On 12/17/2015 06:44, Bill Fischofer wrote:
> This needs significant expansion, but it's a worthwhile start.
>
> On Tue, Dec 15, 2015 at 6:01 AM, <alexandru.badicioiu@linaro.org 
> <mailto:alexandru.badicioiu@linaro.org>> wrote:
>
>     From: Alexandru Badicioiu <alexandru.badicioiu@linaro.org
>     <mailto:alexandru.badicioiu@linaro.org>> 
>
>
>     Signed-off-by: Alexandru Badicioiu <alexandru.badicioiu@linaro.org
>     <mailto:alexandru.badicioiu@linaro.org>>
>
>
> Reviewed-by: Bill Fischofer <bill.fischofer@linaro.org 
> <mailto:bill.fischofer@linaro.org>>
>
>     ---
>      doc/users-guide/users-guide.adoc | 21 +++++++++++++++++++++
>      1 file changed, 21 insertions(+)
>
>     diff --git a/doc/users-guide/users-guide.adoc
>     b/doc/users-guide/users-guide.adoc
>     index 2e30f3a..7ec7957 100644
>     --- a/doc/users-guide/users-guide.adoc
>     +++ b/doc/users-guide/users-guide.adoc
>     @@ -738,6 +738,27 @@ NOTE: Both ordered and parallel queues
>     improve throughput over atomic queues
>      due to parallel event processing, but require that the
>     application take
>      steps to ensure context data synchronization if needed.
>
>     +=== Cryptographic services
>     +
>     +ODP provides support for cryptographic operations required by
>     various security
>     +protocols (e.g. IPSec). To apply a cryptographic operation to a
>     packet a session
>     +must be created first. Packets processed by a session share the
>     same cryptographic
>     +parameters like algorithms, keys, initialization vectors. A
>     session is created with
>     +odp_crypto_session_create() call. After session creation a
>     cryptographic operation
>     +can be applied to a packet using odp_crypto_operation() call.
>     +Depending on the session type - synchronous or asynchronous the
>     operation returns
>     +when the operation completed or after the request has been
>     submitted. In the
>     +asynchronous case an operation completion event will be enqueued
>     on the session
>     +completion queue. The completion event conveys the status of the
>     operation and
>     +the result. The application has the responsibility to free the
>     completion event.
>     +The operation arguments specify for each packet the areas which
>     are to be encrypted
>     +or decrypted and authenticated. Also, in asynchronous case a
>     context can be
>     +associated with a given operation and when the operation
>     completion event is
>     +retrieved the associated context can be retrieved. An operation
>     can be executed
>     +in-place, when the output packet is the same as the input packet
>     or the output
>     +packet can be a new packet provided by the application or
>     allocated by the
>     +implementation from the session output pool.
>     +
>      == Glossary
>      [glossary]
>      worker thread::
>     --
>     1.9.3
>
>     _______________________________________________
>     lng-odp mailing list
>     lng-odp@lists.linaro.org <mailto:lng-odp@lists.linaro.org>
>     https://lists.linaro.org/mailman/listinfo/lng-odp
>
>
>
>
> _______________________________________________
> lng-odp mailing list
> lng-odp@lists.linaro.org
> https://lists.linaro.org/mailman/listinfo/lng-odp

Patch

diff --git a/doc/users-guide/users-guide.adoc b/doc/users-guide/users-guide.adoc
index 2e30f3a..7ec7957 100644
--- a/doc/users-guide/users-guide.adoc
+++ b/doc/users-guide/users-guide.adoc
@@ -738,6 +738,27 @@  NOTE: Both ordered and parallel queues improve throughput over atomic queues
 due to parallel event processing, but require that the application take
 steps to ensure context data synchronization if needed.
 
+=== Cryptographic services
+
+ODP provides support for cryptographic operations required by various security
+protocols (e.g. IPSec). To apply a cryptographic operation to a packet a session
+must be created first. Packets processed by a session share the same cryptographic
+parameters like algorithms, keys, initialization vectors. A session is created with
+odp_crypto_session_create() call. After session creation a cryptographic operation
+can be applied to a packet using odp_crypto_operation() call.
+Depending on the session type - synchronous or asynchronous the operation returns
+when the operation completed or after the request has been submitted. In the
+asynchronous case an operation completion event will be enqueued on the session
+completion queue. The completion event conveys the status of the operation and
+the result. The application has the responsibility to free the completion event.
+The operation arguments specify for each packet the areas which are to be encrypted
+or decrypted and authenticated. Also, in asynchronous case a context can be
+associated with a given operation and when the operation completion event is
+retrieved the associated context can be retrieved. An operation can be executed
+in-place, when the output packet is the same as the input packet or the output
+packet can be a new packet provided by the application or allocated by the
+implementation from the session output pool.
+
 == Glossary
 [glossary]
 worker thread::