Re: [dpdk-dev] [PATCH 1/5] lib/ethdev: support for inline IPsec events

DPDK patches and discussions
 help / color / mirror / Atom feed

From: "Nicolau, Radu" <radu.nicolau@intel.com>
To: Anoob Joseph <Anoob.Joseph@caviumnetworks.com>,
	Akhil Goyal <akhil.goyal@nxp.com>,
	"Doherty, Declan" <declan.doherty@intel.com>
Cc: Jerin Jacob <jerin.jacob@caviumnetworks.com>,
	Narayana Prasad <narayanaprasad.athreya@caviumnetworks.com>,
	Nelio Laranjeiro <nelio.laranjeiro@6wind.com>,
	"dev@dpdk.org" <dev@dpdk.org>
Subject: Re: [dpdk-dev] [PATCH 1/5] lib/ethdev: support for inline IPsec events
Date: Wed, 28 Feb 2018 09:30:09 +0000	[thread overview]
Message-ID: <763A2F19A5EFF34F8B7F1657C992EE297B32C915@IRSMSX104.ger.corp.intel.com> (raw)
In-Reply-To: <0840bf62-cc79-4af7-74f9-9e4271a572d1@caviumnetworks.com>

Hi,

> -----Original Message-----
> From: Anoob Joseph [mailto:Anoob.Joseph@caviumnetworks.com]
> Sent: Tuesday, February 27, 2018 11:32 AM
> To: Nicolau, Radu <radu.nicolau@intel.com>; Akhil Goyal
> <akhil.goyal@nxp.com>; Doherty, Declan <declan.doherty@intel.com>
> Cc: Jerin Jacob <jerin.jacob@caviumnetworks.com>; Narayana Prasad
> <narayanaprasad.athreya@caviumnetworks.com>; Nelio Laranjeiro
> <nelio.laranjeiro@6wind.com>; dev@dpdk.org
> Subject: Re: [PATCH 1/5] lib/ethdev: support for inline IPsec events
> 
> Hi Radu,
> 
> Please see inline.
> 
> Thanks,
> 
> Anoob
> 
> 
> On 27/02/18 15:49, Nicolau, Radu wrote:
> >> -----Original Message-----
> >> From: Anoob Joseph [mailto:Anoob.Joseph@caviumnetworks.com]
> >> Sent: Tuesday, February 27, 2018 6:57 AM
> >> To: Nicolau, Radu <radu.nicolau@intel.com>; Akhil Goyal
> >> <akhil.goyal@nxp.com>; Doherty, Declan <declan.doherty@intel.com>
> >> Cc: Jerin Jacob <jerin.jacob@caviumnetworks.com>; Narayana Prasad
> >> <narayanaprasad.athreya@caviumnetworks.com>; Nelio Laranjeiro
> >> <nelio.laranjeiro@6wind.com>; dev@dpdk.org
> >> Subject: Re: [PATCH 1/5] lib/ethdev: support for inline IPsec events
> >>
> >> Hi Radu,
> >>
> >> Please see inline.
> >>
> >> Thanks,
> >> Anoob
> >>
> >> On 26/02/18 15:05, Nicolau, Radu wrote:
> >>>> -----Original Message-----
> >>>> From: Anoob Joseph [mailto:anoob.joseph@caviumnetworks.com]
> >>>> Sent: Wednesday, February 21, 2018 5:37 AM
> >>>> To: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
> >>>> <declan.doherty@intel.com>; Nicolau, Radu <radu.nicolau@intel.com>
> >>>> Cc: Anoob Joseph <anoob.joseph@caviumnetworks.com>; Jerin Jacob
> >>>> <jerin.jacob@caviumnetworks.com>; Narayana Prasad
> >>>> <narayanaprasad.athreya@caviumnetworks.com>; Nelio Laranjeiro
> >>>> <nelio.laranjeiro@6wind.com>; dev@dpdk.org
> >>>> Subject: [PATCH 1/5] lib/ethdev: support for inline IPsec events
> >>>>
> >>>> Adding support for IPsec events in rte_eth_event framework. In
> >>>> inline IPsec offload, the per packet protocol defined variables,
> >>>> like ESN, would be managed by PMD. In such cases, PMD would need
> >>>> IPsec events to notify application about various conditions like, ESN
> overflow.
> >>>>
> >>>> Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
> >>>> ---
> >>>>    lib/librte_ether/rte_ethdev.h | 22 ++++++++++++++++++++++
> >>>>    1 file changed, 22 insertions(+)
> >>>>
> >>>> diff --git a/lib/librte_ether/rte_ethdev.h
> >>>> b/lib/librte_ether/rte_ethdev.h index 0361533..4e4e18d 100644
> >>>> --- a/lib/librte_ether/rte_ethdev.h
> >>>> +++ b/lib/librte_ether/rte_ethdev.h
> >>>> @@ -2438,6 +2438,27 @@ int
> >>>>    rte_eth_tx_done_cleanup(uint16_t port_id, uint16_t queue_id,
> >>>> uint32_t free_cnt);
> >>>>
> >>>>    /**
> >>>> + * Subtypes for IPsec offload events raised by eth device.
> >>>> + */
> >>>> +enum rte_eth_event_ipsec_subtype {
> >>>> +	RTE_ETH_EVENT_IPSEC_ESN_OVERFLOW,
> >>>> +			/** Sequence number overflow in security offload */
> >>>> +	RTE_ETH_EVENT_IPSEC_MAX
> >>>> +			/** Max value of this enum */
> >>>> +};
> >>> I would add some more events to the list (to make it look less like
> >>> a very
> >> specific case implementation): crypto/auth failed and
> >> undefined/unspecified being the most obvious.
> >>> Apart from this, the patchset looks fine.
> >> Understood your point. But crypto/auth failed would be per packet, right?
> >> How are we handling such error cases presently? Just want to make
> >> sure we are not adding two error reporting mechanisms.
> > The only reason for my suggestion was to keep the API as flexible and
> generic as possible.
> I agree to your suggestion.
> > For the inline crypto on ixgbe we only flag the mbuf with the security error
> flag, but no extra info is added. I guess we can have a ipsec crypto error
> event with a list of failed mbufs or similar. In any case, it's just a suggestion.
> Do you think having a crypto error with failed mbufs would be useful? If yes, I
> can add that. While considering other SA specific events, there could be two
> other such events that we may need to consider.
> 1) Byte expiry of SA [1]
> 2) Time expiry of SA [1]
> 
You can add the flags even if we don't provide support for them in the sample app.

> Shall I add these events? Or do we need to make that a separate patch?
> Considering that it would need an entry in conf for actually of any use.
> 
> [1] https://tools.ietf.org/html/rfc4301#page-37
> >
> >>>> +
> >>>> +/**
> >>>> + * Descriptor for IPsec event. Used by eth dev to send extra
> >>>> +information of the
> >>>> + * event.
> >>>> + */
> >>>> +struct rte_eth_event_ipsec_desc {
> >>>> +	enum rte_eth_event_ipsec_subtype stype;
> >>>> +			/** Type of IPsec event */
> >>>> +	uint64_t md;
> >>>> +			/** Event specific metadata */
> >>>> +};
> >>>> +
> >>>> +/**
> >>>>     * The eth device event type for interrupt, and maybe others in
> >>>> the
> >> future.
> >>>>     */
> >>>>    enum rte_eth_event_type {
> >>>> @@ -2448,6 +2469,7 @@ enum rte_eth_event_type {
> >>>>    	RTE_ETH_EVENT_INTR_RESET,
> >>>>    			/**< reset interrupt event, sent to VF on PF reset */
> >>>>    	RTE_ETH_EVENT_VF_MBOX,  /**< message from the VF received by
> >> PF */
> >>>> +	RTE_ETH_EVENT_IPSEC,    /**< IPsec offload related event */
> >>>>    	RTE_ETH_EVENT_MACSEC,   /**< MACsec offload related event */
> >>>>    	RTE_ETH_EVENT_INTR_RMV, /**< device removal event */
> >>>>    	RTE_ETH_EVENT_NEW,      /**< port is probed */
> >>>> --
> >>>> 2.7.4

next prev parent reply	other threads:[~2018-02-28  9:30 UTC|newest]

Thread overview: 50+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <1516626668-9031-0-git-send-email-anoob.joseph@caviumnetworks.com>
2018-02-21  5:37 ` [dpdk-dev] [PATCH 0/5] handle seq no overflow in IPsec offload Anoob Joseph
2018-02-21  5:37   ` [dpdk-dev] [PATCH 1/5] lib/ethdev: support for inline IPsec events Anoob Joseph
2018-02-26  9:35     ` Nicolau, Radu
2018-02-27  6:56       ` Anoob Joseph
2018-02-27 10:19         ` Nicolau, Radu
2018-02-27 11:32           ` Anoob Joseph
2018-02-28  9:30             ` Nicolau, Radu [this message]
2018-02-21  5:37   ` [dpdk-dev] [PATCH 2/5] lib/security: add ESN soft limit in conf Anoob Joseph
2018-02-21  5:37   ` [dpdk-dev] [PATCH 3/5] lib/security: extend userdata for IPsec events Anoob Joseph
2018-02-21  5:37   ` [dpdk-dev] [PATCH 4/5] examples/ipsec-secgw: handle ESN soft limit event Anoob Joseph
2018-02-21  5:37   ` [dpdk-dev] [PATCH 5/5] app/testpmd: support for IPsec event Anoob Joseph
2018-03-01  9:21   ` [dpdk-dev] [PATCH v2 0/5] handle seq no overflow in IPsec offload Anoob Joseph
2018-03-01  9:21     ` [dpdk-dev] [PATCH v2 1/5] lib/ethdev: support for inline IPsec events Anoob Joseph
2018-03-01  9:21     ` [dpdk-dev] [PATCH v2 2/5] lib/security: add ESN soft limit in conf Anoob Joseph
2018-03-13 12:19       ` Akhil Goyal
2018-03-14  5:15         ` Anoob Joseph
2018-03-01  9:21     ` [dpdk-dev] [PATCH v2 3/5] lib/security: extend userdata for IPsec events Anoob Joseph
2018-03-01  9:21     ` [dpdk-dev] [PATCH v2 4/5] examples/ipsec-secgw: handle ESN soft limit event Anoob Joseph
2018-03-13 12:24       ` Akhil Goyal
2018-03-14  6:06         ` Anoob Joseph
2018-03-21  5:20           ` Anoob Joseph
2018-03-21  7:30             ` Akhil Goyal
2018-03-01  9:21     ` [dpdk-dev] [PATCH v2 5/5] app/testpmd: support for IPsec event Anoob Joseph
2018-03-08  5:57     ` [dpdk-dev] [PATCH v2 0/5] handle seq no overflow in IPsec offload Anoob Joseph
2018-03-21 11:11     ` [dpdk-dev] " Anoob Joseph
2018-03-21 11:11       ` [dpdk-dev] [PATCH v3 1/5] lib/ethdev: support for inline IPsec events Anoob Joseph
2018-03-21 11:42         ` Akhil Goyal
2018-04-03 14:27         ` Anoob Joseph
2018-04-10  5:10           ` Anoob Joseph
2018-04-10  9:11         ` Thomas Monjalon
2018-04-11  3:20           ` Anoob Joseph
2018-03-21 11:11       ` [dpdk-dev] [PATCH v3 2/5] lib/security: add ESN soft limit in conf Anoob Joseph
2018-04-03 14:27         ` Anoob Joseph
2018-03-21 11:11       ` [dpdk-dev] [PATCH v3 3/5] lib/security: extend userdata for IPsec events Anoob Joseph
2018-04-03 14:28         ` Anoob Joseph
2018-03-21 11:11       ` [dpdk-dev] [PATCH v3 4/5] examples/ipsec-secgw: handle ESN soft limit event Anoob Joseph
2018-04-03 14:28         ` Anoob Joseph
2018-03-21 11:11       ` [dpdk-dev] [PATCH v3 5/5] app/testpmd: support for IPsec event Anoob Joseph
2018-04-03 14:29         ` Anoob Joseph
2018-04-03 14:26       ` [dpdk-dev] [PATCH v3 0/5] handle seq no overflow in IPsec offload Anoob Joseph
2018-04-11  6:40       ` [dpdk-dev] [PATCH v4 " Anoob Joseph
2018-04-11  6:40         ` [dpdk-dev] [PATCH v4 1/5] lib/ethdev: support for inline IPsec events Anoob Joseph
2018-04-19  9:15           ` Anoob Joseph
2018-04-20 15:14             ` Stephen Hemminger
2018-04-19 10:26           ` Thomas Monjalon
2018-04-11  6:40         ` [dpdk-dev] [PATCH v4 2/5] lib/security: add ESN soft limit in conf Anoob Joseph
2018-04-11  6:40         ` [dpdk-dev] [PATCH v4 3/5] lib/security: extend userdata for IPsec events Anoob Joseph
2018-04-11  6:40         ` [dpdk-dev] [PATCH v4 4/5] examples/ipsec-secgw: handle ESN soft limit event Anoob Joseph
2018-04-11  6:40         ` [dpdk-dev] [PATCH v4 5/5] app/testpmd: support for IPsec event Anoob Joseph
2018-04-19 15:44         ` [dpdk-dev] [PATCH v4 0/5] handle seq no overflow in IPsec offload De Lara Guarch, Pablo

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=763A2F19A5EFF34F8B7F1657C992EE297B32C915@IRSMSX104.ger.corp.intel.com \
    --to=radu.nicolau@intel.com \
    --cc=Anoob.Joseph@caviumnetworks.com \
    --cc=akhil.goyal@nxp.com \
    --cc=declan.doherty@intel.com \
    --cc=dev@dpdk.org \
    --cc=jerin.jacob@caviumnetworks.com \
    --cc=narayanaprasad.athreya@caviumnetworks.com \
    --cc=nelio.laranjeiro@6wind.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).