From: Anoob Joseph <Anoob.Joseph@caviumnetworks.com>
To: "Nicolau, Radu" <radu.nicolau@intel.com>,
Akhil Goyal <akhil.goyal@nxp.com>,
"Doherty, Declan" <declan.doherty@intel.com>
Cc: Jerin Jacob <jerin.jacob@caviumnetworks.com>,
Narayana Prasad <narayanaprasad.athreya@caviumnetworks.com>,
Nelio Laranjeiro <nelio.laranjeiro@6wind.com>,
"dev@dpdk.org" <dev@dpdk.org>
Subject: Re: [dpdk-dev] [PATCH 1/5] lib/ethdev: support for inline IPsec events
Date: Tue, 27 Feb 2018 17:02:28 +0530 [thread overview]
Message-ID: <0840bf62-cc79-4af7-74f9-9e4271a572d1@caviumnetworks.com> (raw)
In-Reply-To: <763A2F19A5EFF34F8B7F1657C992EE297B32B3F6@IRSMSX104.ger.corp.intel.com>
Hi Radu,
Please see inline.
Thanks,
Anoob
On 27/02/18 15:49, Nicolau, Radu wrote:
>> -----Original Message-----
>> From: Anoob Joseph [mailto:Anoob.Joseph@caviumnetworks.com]
>> Sent: Tuesday, February 27, 2018 6:57 AM
>> To: Nicolau, Radu <radu.nicolau@intel.com>; Akhil Goyal
>> <akhil.goyal@nxp.com>; Doherty, Declan <declan.doherty@intel.com>
>> Cc: Jerin Jacob <jerin.jacob@caviumnetworks.com>; Narayana Prasad
>> <narayanaprasad.athreya@caviumnetworks.com>; Nelio Laranjeiro
>> <nelio.laranjeiro@6wind.com>; dev@dpdk.org
>> Subject: Re: [PATCH 1/5] lib/ethdev: support for inline IPsec events
>>
>> Hi Radu,
>>
>> Please see inline.
>>
>> Thanks,
>> Anoob
>>
>> On 26/02/18 15:05, Nicolau, Radu wrote:
>>>> -----Original Message-----
>>>> From: Anoob Joseph [mailto:anoob.joseph@caviumnetworks.com]
>>>> Sent: Wednesday, February 21, 2018 5:37 AM
>>>> To: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
>>>> <declan.doherty@intel.com>; Nicolau, Radu <radu.nicolau@intel.com>
>>>> Cc: Anoob Joseph <anoob.joseph@caviumnetworks.com>; Jerin Jacob
>>>> <jerin.jacob@caviumnetworks.com>; Narayana Prasad
>>>> <narayanaprasad.athreya@caviumnetworks.com>; Nelio Laranjeiro
>>>> <nelio.laranjeiro@6wind.com>; dev@dpdk.org
>>>> Subject: [PATCH 1/5] lib/ethdev: support for inline IPsec events
>>>>
>>>> Adding support for IPsec events in rte_eth_event framework. In inline
>>>> IPsec offload, the per packet protocol defined variables, like ESN,
>>>> would be managed by PMD. In such cases, PMD would need IPsec events
>>>> to notify application about various conditions like, ESN overflow.
>>>>
>>>> Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
>>>> ---
>>>> lib/librte_ether/rte_ethdev.h | 22 ++++++++++++++++++++++
>>>> 1 file changed, 22 insertions(+)
>>>>
>>>> diff --git a/lib/librte_ether/rte_ethdev.h
>>>> b/lib/librte_ether/rte_ethdev.h index 0361533..4e4e18d 100644
>>>> --- a/lib/librte_ether/rte_ethdev.h
>>>> +++ b/lib/librte_ether/rte_ethdev.h
>>>> @@ -2438,6 +2438,27 @@ int
>>>> rte_eth_tx_done_cleanup(uint16_t port_id, uint16_t queue_id,
>>>> uint32_t free_cnt);
>>>>
>>>> /**
>>>> + * Subtypes for IPsec offload events raised by eth device.
>>>> + */
>>>> +enum rte_eth_event_ipsec_subtype {
>>>> + RTE_ETH_EVENT_IPSEC_ESN_OVERFLOW,
>>>> + /** Sequence number overflow in security offload */
>>>> + RTE_ETH_EVENT_IPSEC_MAX
>>>> + /** Max value of this enum */
>>>> +};
>>> I would add some more events to the list (to make it look less like a very
>> specific case implementation): crypto/auth failed and undefined/unspecified
>> being the most obvious.
>>> Apart from this, the patchset looks fine.
>> Understood your point. But crypto/auth failed would be per packet, right?
>> How are we handling such error cases presently? Just want to make sure we
>> are not adding two error reporting mechanisms.
> The only reason for my suggestion was to keep the API as flexible and generic as possible.
I agree to your suggestion.
> For the inline crypto on ixgbe we only flag the mbuf with the security error flag, but no extra info is added. I guess we can have a ipsec crypto error event with a list of failed mbufs or similar. In any case, it's just a suggestion.
Do you think having a crypto error with failed mbufs would be useful? If
yes, I can add that. While considering other SA specific events, there
could be two other such events that we may need to consider.
1) Byte expiry of SA [1]
2) Time expiry of SA [1]
Shall I add these events? Or do we need to make that a separate patch?
Considering that it would need an entry in conf for actually of any use.
[1] https://tools.ietf.org/html/rfc4301#page-37
>
>>>> +
>>>> +/**
>>>> + * Descriptor for IPsec event. Used by eth dev to send extra
>>>> +information of the
>>>> + * event.
>>>> + */
>>>> +struct rte_eth_event_ipsec_desc {
>>>> + enum rte_eth_event_ipsec_subtype stype;
>>>> + /** Type of IPsec event */
>>>> + uint64_t md;
>>>> + /** Event specific metadata */
>>>> +};
>>>> +
>>>> +/**
>>>> * The eth device event type for interrupt, and maybe others in the
>> future.
>>>> */
>>>> enum rte_eth_event_type {
>>>> @@ -2448,6 +2469,7 @@ enum rte_eth_event_type {
>>>> RTE_ETH_EVENT_INTR_RESET,
>>>> /**< reset interrupt event, sent to VF on PF reset */
>>>> RTE_ETH_EVENT_VF_MBOX, /**< message from the VF received by
>> PF */
>>>> + RTE_ETH_EVENT_IPSEC, /**< IPsec offload related event */
>>>> RTE_ETH_EVENT_MACSEC, /**< MACsec offload related event */
>>>> RTE_ETH_EVENT_INTR_RMV, /**< device removal event */
>>>> RTE_ETH_EVENT_NEW, /**< port is probed */
>>>> --
>>>> 2.7.4
next prev parent reply other threads:[~2018-02-27 11:32 UTC|newest]
Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1516626668-9031-0-git-send-email-anoob.joseph@caviumnetworks.com>
2018-02-21 5:37 ` [dpdk-dev] [PATCH 0/5] handle seq no overflow in IPsec offload Anoob Joseph
2018-02-21 5:37 ` [dpdk-dev] [PATCH 1/5] lib/ethdev: support for inline IPsec events Anoob Joseph
2018-02-26 9:35 ` Nicolau, Radu
2018-02-27 6:56 ` Anoob Joseph
2018-02-27 10:19 ` Nicolau, Radu
2018-02-27 11:32 ` Anoob Joseph [this message]
2018-02-28 9:30 ` Nicolau, Radu
2018-02-21 5:37 ` [dpdk-dev] [PATCH 2/5] lib/security: add ESN soft limit in conf Anoob Joseph
2018-02-21 5:37 ` [dpdk-dev] [PATCH 3/5] lib/security: extend userdata for IPsec events Anoob Joseph
2018-02-21 5:37 ` [dpdk-dev] [PATCH 4/5] examples/ipsec-secgw: handle ESN soft limit event Anoob Joseph
2018-02-21 5:37 ` [dpdk-dev] [PATCH 5/5] app/testpmd: support for IPsec event Anoob Joseph
2018-03-01 9:21 ` [dpdk-dev] [PATCH v2 0/5] handle seq no overflow in IPsec offload Anoob Joseph
2018-03-01 9:21 ` [dpdk-dev] [PATCH v2 1/5] lib/ethdev: support for inline IPsec events Anoob Joseph
2018-03-01 9:21 ` [dpdk-dev] [PATCH v2 2/5] lib/security: add ESN soft limit in conf Anoob Joseph
2018-03-13 12:19 ` Akhil Goyal
2018-03-14 5:15 ` Anoob Joseph
2018-03-01 9:21 ` [dpdk-dev] [PATCH v2 3/5] lib/security: extend userdata for IPsec events Anoob Joseph
2018-03-01 9:21 ` [dpdk-dev] [PATCH v2 4/5] examples/ipsec-secgw: handle ESN soft limit event Anoob Joseph
2018-03-13 12:24 ` Akhil Goyal
2018-03-14 6:06 ` Anoob Joseph
2018-03-21 5:20 ` Anoob Joseph
2018-03-21 7:30 ` Akhil Goyal
2018-03-01 9:21 ` [dpdk-dev] [PATCH v2 5/5] app/testpmd: support for IPsec event Anoob Joseph
2018-03-08 5:57 ` [dpdk-dev] [PATCH v2 0/5] handle seq no overflow in IPsec offload Anoob Joseph
2018-03-21 11:11 ` [dpdk-dev] " Anoob Joseph
2018-03-21 11:11 ` [dpdk-dev] [PATCH v3 1/5] lib/ethdev: support for inline IPsec events Anoob Joseph
2018-03-21 11:42 ` Akhil Goyal
2018-04-03 14:27 ` Anoob Joseph
2018-04-10 5:10 ` Anoob Joseph
2018-04-10 9:11 ` Thomas Monjalon
2018-04-11 3:20 ` Anoob Joseph
2018-03-21 11:11 ` [dpdk-dev] [PATCH v3 2/5] lib/security: add ESN soft limit in conf Anoob Joseph
2018-04-03 14:27 ` Anoob Joseph
2018-03-21 11:11 ` [dpdk-dev] [PATCH v3 3/5] lib/security: extend userdata for IPsec events Anoob Joseph
2018-04-03 14:28 ` Anoob Joseph
2018-03-21 11:11 ` [dpdk-dev] [PATCH v3 4/5] examples/ipsec-secgw: handle ESN soft limit event Anoob Joseph
2018-04-03 14:28 ` Anoob Joseph
2018-03-21 11:11 ` [dpdk-dev] [PATCH v3 5/5] app/testpmd: support for IPsec event Anoob Joseph
2018-04-03 14:29 ` Anoob Joseph
2018-04-03 14:26 ` [dpdk-dev] [PATCH v3 0/5] handle seq no overflow in IPsec offload Anoob Joseph
2018-04-11 6:40 ` [dpdk-dev] [PATCH v4 " Anoob Joseph
2018-04-11 6:40 ` [dpdk-dev] [PATCH v4 1/5] lib/ethdev: support for inline IPsec events Anoob Joseph
2018-04-19 9:15 ` Anoob Joseph
2018-04-20 15:14 ` Stephen Hemminger
2018-04-19 10:26 ` Thomas Monjalon
2018-04-11 6:40 ` [dpdk-dev] [PATCH v4 2/5] lib/security: add ESN soft limit in conf Anoob Joseph
2018-04-11 6:40 ` [dpdk-dev] [PATCH v4 3/5] lib/security: extend userdata for IPsec events Anoob Joseph
2018-04-11 6:40 ` [dpdk-dev] [PATCH v4 4/5] examples/ipsec-secgw: handle ESN soft limit event Anoob Joseph
2018-04-11 6:40 ` [dpdk-dev] [PATCH v4 5/5] app/testpmd: support for IPsec event Anoob Joseph
2018-04-19 15:44 ` [dpdk-dev] [PATCH v4 0/5] handle seq no overflow in IPsec offload De Lara Guarch, Pablo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0840bf62-cc79-4af7-74f9-9e4271a572d1@caviumnetworks.com \
--to=anoob.joseph@caviumnetworks.com \
--cc=akhil.goyal@nxp.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=jerin.jacob@caviumnetworks.com \
--cc=narayanaprasad.athreya@caviumnetworks.com \
--cc=nelio.laranjeiro@6wind.com \
--cc=radu.nicolau@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).