From: Stephen Hemminger <stephen@networkplumber.org>
To: Akhil Goyal <gakhil@marvell.com>
Cc: Thomas Monjalon <thomas@monjalon.net>,
"dev@dpdk.org" <dev@dpdk.org>,
"david.marchand@redhat.com" <david.marchand@redhat.com>,
"hemant.agrawal@nxp.com" <hemant.agrawal@nxp.com>,
Anoob Joseph <anoobj@marvell.com>,
"pablo.de.lara.guarch@intel.com" <pablo.de.lara.guarch@intel.com>,
"fiona.trahe@intel.com" <fiona.trahe@intel.com>,
"declan.doherty@intel.com" <declan.doherty@intel.com>,
"matan@nvidia.com" <matan@nvidia.com>,
"g.singh@nxp.com" <g.singh@nxp.com>,
"roy.fan.zhang@intel.com" <roy.fan.zhang@intel.com>,
"jianjay.zhou@huawei.com" <jianjay.zhou@huawei.com>,
"asomalap@amd.com" <asomalap@amd.com>,
"ruifeng.wang@arm.com" <ruifeng.wang@arm.com>,
"konstantin.ananyev@intel.com" <konstantin.ananyev@intel.com>,
"radu.nicolau@intel.com" <radu.nicolau@intel.com>,
"ajit.khaparde@broadcom.com" <ajit.khaparde@broadcom.com>,
Nagadheeraj Rottela <rnagadheeraj@marvell.com>,
Ankur Dwivedi <adwivedi@marvell.com>,
"ciara.power@intel.com" <ciara.power@intel.com>,
"ray.kinsella@intel.com" <ray.kinsella@intel.com>,
"bruce.richardson@intel.com" <bruce.richardson@intel.com>
Subject: Re: [dpdk-dev] [EXT] Re: [PATCH v2 3/3] security: add reserved bitfields
Date: Mon, 11 Oct 2021 15:15:46 -0700 [thread overview]
Message-ID: <20211011151546.3c5fffbb@hermes.local> (raw)
In-Reply-To: <CO6PR18MB4484178A39F0C08486B70662D8B59@CO6PR18MB4484.namprd18.prod.outlook.com>
On Mon, 11 Oct 2021 16:58:24 +0000
Akhil Goyal <gakhil@marvell.com> wrote:
> > 08/10/2021 22:45, Akhil Goyal:
> > > In struct rte_security_ipsec_sa_options, for every new option
> > > added, there is an ABI breakage, to avoid, a reserved_opts
> > > bitfield is added to for the remaining bits available in the
> > > structure.
> > > Now for every new sa option, these reserved_opts can be reduced
> > > and new option can be added.
> >
> > How do you make sure this field is initialized to 0?
> >
> Struct rte_security_ipsec_xform Is part of rte_security_capability as well
> As a configuration structure in session create.
> User, should ensure that if a device support that option(in capability), then
> only these options will take into effect or else it will be don't care for the PMD.
> The initial values of capabilities are set by PMD statically based on the features
> that it support.
> So if someone sets a bit in reserved_opts, it will work only if PMD support it
> And sets the corresponding field in capabilities.
> But yes, if a new field is added in future, and user sets the reserved_opts by mistake
> And the PMD supports that feature as well, then that feature will be enabled.
> This may or may not create issue depending on the feature which is enabled.
>
> Should I add a note in the comments to clarify that reserved_opts should be set as 0
> And future releases may change this without notice(But reserved in itself suggest that)?
> Adding an explicit check in session_create does not make sense to me.
> What do you suggest?
>
> Regards,
> Akhil
>
The problem is if user creates an on stack variable and sets the unreserved
fields to good values but other parts are garbage. This passes API/ABI unless
you strictly enforce that all reserved fields are zero.
next prev parent reply other threads:[~2021-10-11 22:15 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-31 18:13 [dpdk-dev] [PATCH 0/4] cryptodev and security ABI improvements Akhil Goyal
2021-07-31 18:13 ` [dpdk-dev] [PATCH 1/4] cryptodev: remove LIST_END enumerators Akhil Goyal
2021-07-31 18:13 ` [dpdk-dev] [PATCH 2/4] cryptodev: promote asym APIs to stable Akhil Goyal
2021-08-30 15:49 ` Kusztal, ArkadiuszX
2021-09-03 15:17 ` Akhil Goyal
2021-09-07 11:42 ` Kusztal, ArkadiuszX
2021-09-07 11:45 ` Akhil Goyal
2021-09-08 12:37 ` Kinsella, Ray
2023-02-02 10:49 ` [EXT] " Akhil Goyal
2023-02-02 11:02 ` Hemant Agrawal
2023-02-14 18:05 ` Kusztal, ArkadiuszX
2021-07-31 18:13 ` [dpdk-dev] [PATCH 3/4] security: hide internal API Akhil Goyal
2021-09-15 15:54 ` Ananyev, Konstantin
2021-07-31 18:13 ` [dpdk-dev] [PATCH 4/4] security: add reserved bitfields Akhil Goyal
2021-09-15 15:55 ` Ananyev, Konstantin
2021-09-15 16:43 ` Stephen Hemminger
2021-07-31 18:17 ` [dpdk-dev] [PATCH 0/4] cryptodev and security ABI improvements Akhil Goyal
2021-10-08 20:45 ` [dpdk-dev] [PATCH v2 1/3] cryptodev: remove LIST_END enumerators Akhil Goyal
2021-10-08 20:45 ` [dpdk-dev] [PATCH v2 2/3] security: hide internal API Akhil Goyal
2021-10-12 8:50 ` Kinsella, Ray
2021-10-08 20:45 ` [dpdk-dev] [PATCH v2 3/3] security: add reserved bitfields Akhil Goyal
2021-10-11 8:31 ` Thomas Monjalon
2021-10-11 16:58 ` [dpdk-dev] [EXT] " Akhil Goyal
2021-10-11 22:15 ` Stephen Hemminger [this message]
2021-10-12 8:31 ` Kinsella, Ray
2021-10-12 6:59 ` Thomas Monjalon
2021-10-12 8:53 ` Kinsella, Ray
2021-10-12 8:50 ` [dpdk-dev] " Kinsella, Ray
2021-10-11 10:46 ` [dpdk-dev] [PATCH v2 1/3] cryptodev: remove LIST_END enumerators Zhang, Roy Fan
2021-10-12 9:55 ` Kinsella, Ray
2021-10-12 10:19 ` [dpdk-dev] [EXT] " Akhil Goyal
2021-10-12 10:50 ` Anoob Joseph
2021-10-12 11:28 ` Kinsella, Ray
2021-10-12 11:34 ` Anoob Joseph
2021-10-12 11:52 ` Thomas Monjalon
2021-10-12 13:38 ` Anoob Joseph
2021-10-12 13:54 ` Thomas Monjalon
2021-10-12 14:18 ` Anoob Joseph
2021-10-12 14:47 ` Kinsella, Ray
2021-10-12 15:06 ` Thomas Monjalon
2021-10-13 5:36 ` Anoob Joseph
2021-10-13 7:02 ` Thomas Monjalon
2021-10-13 7:04 ` Anoob Joseph
2021-10-13 8:39 ` Kinsella, Ray
2021-10-18 5:22 ` [dpdk-dev] [PATCH v3 1/2] security: hide internal API Akhil Goyal
2021-10-18 5:22 ` [dpdk-dev] [PATCH v3 2/2] security: add reserved bitfields Akhil Goyal
2021-10-18 15:39 ` Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211011151546.3c5fffbb@hermes.local \
--to=stephen@networkplumber.org \
--cc=adwivedi@marvell.com \
--cc=ajit.khaparde@broadcom.com \
--cc=anoobj@marvell.com \
--cc=asomalap@amd.com \
--cc=bruce.richardson@intel.com \
--cc=ciara.power@intel.com \
--cc=david.marchand@redhat.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=fiona.trahe@intel.com \
--cc=g.singh@nxp.com \
--cc=gakhil@marvell.com \
--cc=hemant.agrawal@nxp.com \
--cc=jianjay.zhou@huawei.com \
--cc=konstantin.ananyev@intel.com \
--cc=matan@nvidia.com \
--cc=pablo.de.lara.guarch@intel.com \
--cc=radu.nicolau@intel.com \
--cc=ray.kinsella@intel.com \
--cc=rnagadheeraj@marvell.com \
--cc=roy.fan.zhang@intel.com \
--cc=ruifeng.wang@arm.com \
--cc=thomas@monjalon.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).