DPDK patches and discussions
 help / color / mirror / Atom feed
From: Stephen Hemminger <stephen@networkplumber.org>
To: Akhil Goyal <gakhil@marvell.com>
Cc: Thomas Monjalon <thomas@monjalon.net>,
	"dev@dpdk.org" <dev@dpdk.org>,
	"david.marchand@redhat.com" <david.marchand@redhat.com>,
	"hemant.agrawal@nxp.com" <hemant.agrawal@nxp.com>,
	Anoob Joseph <anoobj@marvell.com>,
	"pablo.de.lara.guarch@intel.com" <pablo.de.lara.guarch@intel.com>,
	"fiona.trahe@intel.com" <fiona.trahe@intel.com>,
	"declan.doherty@intel.com" <declan.doherty@intel.com>,
	"matan@nvidia.com" <matan@nvidia.com>,
	"g.singh@nxp.com" <g.singh@nxp.com>,
	"roy.fan.zhang@intel.com" <roy.fan.zhang@intel.com>,
	"jianjay.zhou@huawei.com" <jianjay.zhou@huawei.com>,
	"asomalap@amd.com" <asomalap@amd.com>,
	"ruifeng.wang@arm.com" <ruifeng.wang@arm.com>,
	"konstantin.ananyev@intel.com" <konstantin.ananyev@intel.com>,
	"radu.nicolau@intel.com" <radu.nicolau@intel.com>,
	"ajit.khaparde@broadcom.com" <ajit.khaparde@broadcom.com>,
	Nagadheeraj Rottela <rnagadheeraj@marvell.com>,
	Ankur Dwivedi <adwivedi@marvell.com>,
	"ciara.power@intel.com" <ciara.power@intel.com>,
	"ray.kinsella@intel.com" <ray.kinsella@intel.com>,
	"bruce.richardson@intel.com" <bruce.richardson@intel.com>
Subject: Re: [dpdk-dev] [EXT] Re: [PATCH v2 3/3] security: add reserved bitfields
Date: Mon, 11 Oct 2021 15:15:46 -0700	[thread overview]
Message-ID: <20211011151546.3c5fffbb@hermes.local> (raw)
In-Reply-To: <CO6PR18MB4484178A39F0C08486B70662D8B59@CO6PR18MB4484.namprd18.prod.outlook.com>

On Mon, 11 Oct 2021 16:58:24 +0000
Akhil Goyal <gakhil@marvell.com> wrote:

> > 08/10/2021 22:45, Akhil Goyal:  
> > > In struct rte_security_ipsec_sa_options, for every new option
> > > added, there is an ABI breakage, to avoid, a reserved_opts
> > > bitfield is added to for the remaining bits available in the
> > > structure.
> > > Now for every new sa option, these reserved_opts can be reduced
> > > and new option can be added.  
> > 
> > How do you make sure this field is initialized to 0?
> >   
> Struct rte_security_ipsec_xform Is part of rte_security_capability as well
> As a configuration structure in session create.
> User, should ensure that if a device support that option(in capability), then
> only these options will take into effect or else it will be don't care for the PMD.
> The initial values of capabilities are set by PMD statically based on the features
> that it support.
> So if someone sets a bit in reserved_opts, it will work only if PMD support it
> And sets the corresponding field in capabilities.
> But yes, if a new field is added in future, and user sets the reserved_opts by mistake
> And the PMD supports that feature as well, then that feature will be enabled.
> This may or may not create issue depending on the feature which is enabled.
> 
> Should I add a note in the comments to clarify that reserved_opts should be set as 0
> And future releases may change this without notice(But reserved in itself suggest that)?
> Adding an explicit check in session_create does not make sense to me.
> What do you suggest?
> 
> Regards,
> Akhil
> 

The problem is if user creates an on stack variable and sets the unreserved
fields to good values but other parts are garbage.  This passes API/ABI unless
you strictly enforce that all reserved fields are zero.

  reply	other threads:[~2021-10-11 22:15 UTC|newest]

Thread overview: 47+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-07-31 18:13 [dpdk-dev] [PATCH 0/4] cryptodev and security ABI improvements Akhil Goyal
2021-07-31 18:13 ` [dpdk-dev] [PATCH 1/4] cryptodev: remove LIST_END enumerators Akhil Goyal
2021-07-31 18:13 ` [dpdk-dev] [PATCH 2/4] cryptodev: promote asym APIs to stable Akhil Goyal
2021-08-30 15:49   ` Kusztal, ArkadiuszX
2021-09-03 15:17     ` Akhil Goyal
2021-09-07 11:42       ` Kusztal, ArkadiuszX
2021-09-07 11:45         ` Akhil Goyal
2021-09-08 12:37           ` Kinsella, Ray
2023-02-02 10:49             ` [EXT] " Akhil Goyal
2023-02-02 11:02               ` Hemant Agrawal
2023-02-14 18:05               ` Kusztal, ArkadiuszX
2021-07-31 18:13 ` [dpdk-dev] [PATCH 3/4] security: hide internal API Akhil Goyal
2021-09-15 15:54   ` Ananyev, Konstantin
2021-07-31 18:13 ` [dpdk-dev] [PATCH 4/4] security: add reserved bitfields Akhil Goyal
2021-09-15 15:55   ` Ananyev, Konstantin
2021-09-15 16:43   ` Stephen Hemminger
2021-07-31 18:17 ` [dpdk-dev] [PATCH 0/4] cryptodev and security ABI improvements Akhil Goyal
2021-10-08 20:45 ` [dpdk-dev] [PATCH v2 1/3] cryptodev: remove LIST_END enumerators Akhil Goyal
2021-10-08 20:45   ` [dpdk-dev] [PATCH v2 2/3] security: hide internal API Akhil Goyal
2021-10-12  8:50     ` Kinsella, Ray
2021-10-08 20:45   ` [dpdk-dev] [PATCH v2 3/3] security: add reserved bitfields Akhil Goyal
2021-10-11  8:31     ` Thomas Monjalon
2021-10-11 16:58       ` [dpdk-dev] [EXT] " Akhil Goyal
2021-10-11 22:15         ` Stephen Hemminger [this message]
2021-10-12  8:31           ` Kinsella, Ray
2021-10-12  6:59         ` Thomas Monjalon
2021-10-12  8:53           ` Kinsella, Ray
2021-10-12  8:50     ` [dpdk-dev] " Kinsella, Ray
2021-10-11 10:46   ` [dpdk-dev] [PATCH v2 1/3] cryptodev: remove LIST_END enumerators Zhang, Roy Fan
2021-10-12  9:55   ` Kinsella, Ray
2021-10-12 10:19     ` [dpdk-dev] [EXT] " Akhil Goyal
2021-10-12 10:50       ` Anoob Joseph
2021-10-12 11:28         ` Kinsella, Ray
2021-10-12 11:34           ` Anoob Joseph
2021-10-12 11:52             ` Thomas Monjalon
2021-10-12 13:38               ` Anoob Joseph
2021-10-12 13:54                 ` Thomas Monjalon
2021-10-12 14:18                   ` Anoob Joseph
2021-10-12 14:47                     ` Kinsella, Ray
2021-10-12 15:06                       ` Thomas Monjalon
2021-10-13  5:36                         ` Anoob Joseph
2021-10-13  7:02                           ` Thomas Monjalon
2021-10-13  7:04                             ` Anoob Joseph
2021-10-13  8:39                               ` Kinsella, Ray
2021-10-18  5:22   ` [dpdk-dev] [PATCH v3 1/2] security: hide internal API Akhil Goyal
2021-10-18  5:22     ` [dpdk-dev] [PATCH v3 2/2] security: add reserved bitfields Akhil Goyal
2021-10-18 15:39       ` Akhil Goyal

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20211011151546.3c5fffbb@hermes.local \
    --to=stephen@networkplumber.org \
    --cc=adwivedi@marvell.com \
    --cc=ajit.khaparde@broadcom.com \
    --cc=anoobj@marvell.com \
    --cc=asomalap@amd.com \
    --cc=bruce.richardson@intel.com \
    --cc=ciara.power@intel.com \
    --cc=david.marchand@redhat.com \
    --cc=declan.doherty@intel.com \
    --cc=dev@dpdk.org \
    --cc=fiona.trahe@intel.com \
    --cc=g.singh@nxp.com \
    --cc=gakhil@marvell.com \
    --cc=hemant.agrawal@nxp.com \
    --cc=jianjay.zhou@huawei.com \
    --cc=konstantin.ananyev@intel.com \
    --cc=matan@nvidia.com \
    --cc=pablo.de.lara.guarch@intel.com \
    --cc=radu.nicolau@intel.com \
    --cc=ray.kinsella@intel.com \
    --cc=rnagadheeraj@marvell.com \
    --cc=roy.fan.zhang@intel.com \
    --cc=ruifeng.wang@arm.com \
    --cc=thomas@monjalon.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).