From: "Ananyev, Konstantin" <konstantin.ananyev@intel.com>
To: Akhil Goyal <gakhil@marvell.com>,
Anoob Joseph <anoobj@marvell.com>,
"Doherty, Declan" <declan.doherty@intel.com>,
"Zhang, Roy Fan" <roy.fan.zhang@intel.com>,
"hemant.agrawal@nxp.com" <hemant.agrawal@nxp.com>
Cc: Jerin Jacob Kollanukkaran <jerinj@marvell.com>,
Ankur Dwivedi <adwivedi@marvell.com>,
Tejasree Kondoj <ktejasree@marvell.com>,
"dev@dpdk.org" <dev@dpdk.org>,
Archana Muniganti <marchana@marvell.com>
Subject: Re: [dpdk-dev] [PATCH 2/2] lib/security: add SA lifetime configuration
Date: Tue, 27 Jul 2021 11:40:17 +0000 [thread overview]
Message-ID: <DM6PR11MB4491FAA94FC049038F52F28A9AE99@DM6PR11MB4491.namprd11.prod.outlook.com> (raw)
In-Reply-To: <CO6PR18MB448449F0CBFF5120967A6970D8E89@CO6PR18MB4484.namprd18.prod.outlook.com>
Hi Akhil,
> Hi Konstantin,
> > > There are two options that we considered,
> > > 1. Extend the enum, rte_crypto_op_status, to cover warnings [1]
> > > 2. There are reserved fields in rte_cryto_op structure. So we can use bits in
> > them to indicate various cases. [2]
> > >
> > > Both the submitted patches follow approach 1 (following how it's done
> > currently), but we can switch to approach 2 if we think there can be
> > > more such "warnings" that can occur simultaneously. Can you share your
> > thoughts on how we should extend the library to handle such
> > > cases?
> > >
> > > [1] https://doc.dpdk.org/api/rte__crypto_8h.html#afe16508b77c2a8dc5caf74a4e9850171
> > > [2] https://doc.dpdk.org/api/rte__crypto_8h_source.html
> >
> > My vote would probably be for option #2 (use one of the reserved fields for
> > it).
> > That way - existing code wouldn't need to be changed.
>
> Adding a single enum or multiple enums is the same thing. Right wrt code changes?
> However, if the check is something like
> If (status != RTE_CRYPTO_OP_STATUS_SUCCESS)
> Report appropriate error number
> App code will need to be updated to take care the warnings in both options.
> It will be something like
> Option #1
> If (status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
> If (status < RTE_CRYPTO_OP_STATUS_SUCCESS)
> Report appropriate error number.
> Else
> Report appropriate warning number probably in debug prints.
> }
> Option #2
> If (op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
> If (op->status == RTE_CRYPTO_OP_STATUS_WARNING) {
> Report appropriate warning based on op->reserved[0]
> } else {
> Report appropriate error number
> }
> }
> Here both the options are same wrt performance.
> But in option #2, driver and app need to fill and decode 2 separate variables
> As against 1 variable in option #1
>
> In both the options, there will be similar code changes.
> Do you suspect any other code change?
Hmm, I think there is some sort of contradiction here.
From Anoob original mail:
"Both the above will be an IPsec operation completed successfully but with additional information
that PMD can pass on to application for indicating status of offloads."
So my understanding after reading Anoob mail was :
a) warnings will be set when crypto-op completed successfully, i.e:
op->status == RTE_CRYPTO_OP_STATUS_SUCCESS
b) It is not mandatory for the application to process the warnings.
Yes it is a recommended but still an optional.
Though from your mail it seems visa-versa:
Warnings are just some extra error codes (op->status != RTE_CRYPTO_OP_STATUS_SUCCESS)
and obviously each app have to handle them.
So could you tell me which approach did you mean?
If these 'warnings' are just new error codes and app is required to handle them,
then why do we need to introduce 'warnings' at all?
Lets treat them as error - add new RTE_CRYPTO_OP_STATUS_ error codes for them
and that's would be it.
If processing them is optional, then I think we better have a new field for them
So app code will look like:
if (op->status == RTE_CRYPTO_OP_STATUS_SUCCESS) {
if (op->warning != 0) {
/* handle warning conditions here */
}
/* do normal success processing */
}
In that case existing apps will be continue to work without any modifications.
Yes, they would just ignore these new warnings, but nothing will be broken.
> > Again these warnings, it probably needs to be a bit-flags, correct?
>
> We can deal with both bit flags as well as new enums in the status.
> I believe both are same and in fact using enum in application is more convenient
> for user, instead of decoding bit flags.
> However, it is personal choice. People may differ on that.
From what I understand from previous mails: same op can have multiple warnings set.
Let say both SOFT_LIMIT can be reached and L4 checksum is not correct.
That's why I presumed that warnings have to be a bit-flag.
Konstantin
next prev parent reply other threads:[~2021-07-27 11:40 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-20 5:46 [dpdk-dev] [PATCH 0/2] Improvements to rte_security Anoob Joseph
2021-07-20 5:46 ` [dpdk-dev] [PATCH 1/2] lib/security: add IV generation Anoob Joseph
2021-07-20 5:46 ` [dpdk-dev] [PATCH 2/2] lib/security: add SA lifetime configuration Anoob Joseph
2021-07-20 6:20 ` Anoob Joseph
2021-07-26 13:50 ` Ananyev, Konstantin
2021-07-26 15:50 ` Akhil Goyal
2021-07-27 11:40 ` Ananyev, Konstantin [this message]
2021-07-27 19:29 ` Akhil Goyal
2021-07-28 10:59 ` Ananyev, Konstantin
2021-07-28 12:58 ` Akhil Goyal
2021-07-28 14:38 ` Anoob Joseph
2021-07-29 10:23 ` Ananyev, Konstantin
2021-08-02 7:07 ` Anoob Joseph
2021-08-03 11:51 ` Ananyev, Konstantin
2021-08-03 12:03 ` Anoob Joseph
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DM6PR11MB4491FAA94FC049038F52F28A9AE99@DM6PR11MB4491.namprd11.prod.outlook.com \
--to=konstantin.ananyev@intel.com \
--cc=adwivedi@marvell.com \
--cc=anoobj@marvell.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
--cc=hemant.agrawal@nxp.com \
--cc=jerinj@marvell.com \
--cc=ktejasree@marvell.com \
--cc=marchana@marvell.com \
--cc=roy.fan.zhang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).