DPDK patches and discussions
 help / color / mirror / Atom feed
From: "Morten Brørup" <mb@smartsharesystems.com>
To: "Thomas Monjalon" <thomas@monjalon.net>,
	"Jerin Jacob" <jerinjacobk@gmail.com>
Cc: "Stephen Hemminger" <stephen@networkplumber.org>,
	"Nithin Dabilpuram" <ndabilpuram@marvell.com>,
	"Akhil Goyal" <gakhil@marvell.com>, <jerinj@marvell.com>,
	<dev@dpdk.org>, <techboard@dpdk.org>
Subject: RE: [PATCH 1/3] security: introduce out of place support for inline ingress
Date: Wed, 31 May 2023 11:26:35 +0200	[thread overview]
Message-ID: <98CBD80474FA8B44BF855DF32C47DC35D87967@smartserver.smartshare.dk> (raw)
In-Reply-To: <1887881.GKX7oQKdZx@thomas>

> From: Thomas Monjalon [mailto:thomas@monjalon.net]
> Sent: Tuesday, 30 May 2023 15.52
> 
> 30/05/2023 11:23, Jerin Jacob:
> > > > > > > +      */
> > > > > > > +     uint32_t ingress_oop : 1;
> > > > > > > +
> > > > > > >       /** Reserved bit fields for future extension
> > > > > > >        *
> > > > > > >        * User should ensure reserved_opts is cleared as it may
> change in
> > > > > > > @@ -282,7 +293,7 @@ struct rte_security_ipsec_sa_options {
> > > > > > >        *
> > > > > > >        * Note: Reduce number of bits in reserved_opts for every
> new option.
> > > > > > >        */
> > > > > > > -     uint32_t reserved_opts : 17;
> > > > > > > +     uint32_t reserved_opts : 16;
> > > > > > >  };
> > > > > >
> > > > > > NAK
> > > > > > Let me repeat the reserved bit rant. YAGNI
> > > > > >
> > > > > > Reserved space is not usable without ABI breakage unless the
> existing
> > > > > > code enforces that reserved space has to be zero.
> > > > > >
> > > > > > Just saying "User should ensure reserved_opts is cleared" is not
> enough.
> > > > >
> > > > > Yes. I think, we need to enforce to have _init functions for the
> > > > > structures which is using reserved filed.
> > > > >
> > > > > On the same note on YAGNI, I am wondering why NOT introduce
> > > > > RTE_NEXT_ABI marco kind of scheme to compile out ABI breaking changes.
> > > > > By keeping RTE_NEXT_ABI disable by default, enable explicitly if user
> > > > > wants it to avoid waiting for one year any ABI breaking changes.
> > > > > There are a lot of "fixed appliance" customers (not OS distribution
> > > > > driven customer) they are willing to recompile DPDK for new feature.
> > > > > What we are loosing with this scheme?
> > > >
> > > > RTE_NEXT_ABI is described in the ABI policy.
> > > > We are not doing it currently, but I think we could
> > > > when it is not too much complicate in the code.
> > > >
> > > > The only problems I see are:
> > > > - more #ifdef clutter
> > > > - 2 binary versions to test
> > > > - CI and checks must handle RTE_NEXT_ABI version
> > >
> > > I think, we have two buckets of ABI breakages via RTE_NEXT_ABI
> > >
> > > 1) Changes that introduces compilation failures like adding new
> > > argument to API or change API name etc
> > > 2) Structure size change which won't affect the compilation but breaks
> > > the ABI for shared library usage.
> > >
> > > I think, (1) is very distributive, and I don't see recently such
> > > changes. I think, we should avoid (1) for non XX.11 releases.(or two
> > > or three-year cycles if we decide that path)
> > >
> > > The (2) comes are very common due to the fact HW features are
> > > evolving. I think, to address the (2), we have two options
> > > a) Have reserved fields and have _init() function to initialize the
> structures

High probability that (a) is not going to work: There will not be enough reserved fields, and/or they will be in the wrong places in the structures.

Also, (a) is really intrusive on existing applications: They MUST be rewritten to call the _init() function instead of using pre-initialized structures, or the library will behave unexpectedly. Extreme example, to prove my point: A new field "allow_ingress" (don't drop all packets on ingress) is introduced, and _init() sets it to true. If the application doesn't call _init(), it will not receive any packets.

Are _init() functions required on all structures, or only some? And how about structures containing other structures?

How does the application developer know which structures have _init() functions, and which do not?

<irony>
We could also switch to C++, where the _init() function comes native in the form of an object constructor.
</irony>

> > > b) Follow YAGNI style and introduce RTE_NEXT_ABI for structure size
> change.

+1 for (b), because (a) is too problematic.

> > >
> > > The above concerns[1] can greatly reduce with option b OR option a.
> > >
> > > [1]
> > >  1) more #ifdef clutter
> > > For option (a) this is not needed or option (b) the clutter will be
> > > limited, it will be around structure which add the new filed and
> > > around the FULL block where new functions are added (not inside the
> > > functions)
> > >
> > > 2) 2 binary versions to test
> > > For option (a) this is not needed, for option (b) it is limited as for
> > > new features only one needs to test another binary (rather than NOT
> > > adding a new feature).
> > >
> > >  3) CI and checks must handle RTE_NEXT_ABI version
> > >
> > > I think, it is cheap to add this, at least for compilation test.
> > >
> > > IMO, We need to change the API break release to 3 year kind of time
> > > frame to have very good end user experience
> > > and allow ABI related change to get in every release and force
> > > _rebuild_ shared objects in major LTS release.
> > >
> > > I think, in this major LTS version(23.11) if we can decide (a) vs (b)
> > > then we can align the code accordingly . e.s.p for (a) we need to add
> > > _init() functions.
> > >
> > > Thoughts?
> >
> > Not much input from mailing list. Can we discuss this next TB meeting?
> > Especially how to align with next LTS release on
> > -YAGNI vs reserved fileds with init()

Whichever decision is made on this, remember to also consider if it has any consequences regarding older LTS versions and possibly backporting.

> > -What it takes to Extend the API breaking release more than a year as
> > first step.

Others might disagree, but in my personal opinion, DPDK is still evolving much too rapidly to lock down its ABI/API for more than one year. For reference, consider what has been changed within the last three years, i.e. since DPDK 20.05, and if those changes could have been done within the DPDK 20.05 ABI/API without requiring a substantial additional effort, and while still providing clean and understandable APIs (and not a bunch of weird hacks to shoehorn the new features into the existing APIs).

If you want continuity, use an LTS release. If we lock down the ABI/API for multiple years at a time, what is the point of the LTS releases?

PS: If we start using the RTE_NEXT_ABI concept more, we should remember to promote the additions with each ABI/API breaking release. And we should probably have a rule of thumb to choose between using RTE_NEXT_ABI and using "experimental" marking.

> 
> Yes I agree it should be discussed interactively in techboard meeting.

I'm unable to participate in today's techboard meeting, so I have provided my opinions in this email.

-Morten


  reply	other threads:[~2023-05-31  9:26 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-03-09  8:56 [RFC 1/2] " Nithin Dabilpuram
2023-03-09  8:56 ` [RFC 2/2] test/security: add unittest for inline ingress oop Nithin Dabilpuram
2023-04-11 10:04 ` [PATCH 1/3] security: introduce out of place support for inline ingress Nithin Dabilpuram
2023-04-11 10:04   ` [PATCH 2/3] net/cnxk: support inline ingress out of place session Nithin Dabilpuram
2023-04-11 10:04   ` [PATCH 3/3] test/security: add unittest for inline ingress oop Nithin Dabilpuram
2023-04-11 18:05   ` [PATCH 1/3] security: introduce out of place support for inline ingress Stephen Hemminger
2023-04-18  8:33     ` Jerin Jacob
2023-04-24 22:41       ` Thomas Monjalon
2023-05-19  8:07         ` Jerin Jacob
2023-05-30  9:23           ` Jerin Jacob
2023-05-30 13:51             ` Thomas Monjalon
2023-05-31  9:26               ` Morten Brørup [this message]
2023-07-01  7:15   ` [PATCH] doc: announce addition of new security IPsec SA option Nithin Dabilpuram
2023-07-03 14:35     ` Akhil Goyal
2023-07-04  5:15     ` [PATCH v2] " Nithin Dabilpuram
2023-07-05 14:07       ` Jerin Jacob
2023-07-11  8:55         ` [EXT] " Akhil Goyal
2023-07-06 23:05     ` [PATCH] " Ji, Kai
2023-08-11  8:54 ` [PATCH 1/3] security: introduce out of place support for inline ingress Nithin Dabilpuram
2023-08-11  8:54   ` [PATCH 2/3] net/cnxk: support inline ingress out of place session Nithin Dabilpuram
2023-08-11  8:54   ` [PATCH 3/3] test/security: add unittest for inline ingress oop Nithin Dabilpuram
2023-09-19 19:55   ` [PATCH 1/3] security: introduce out of place support for inline ingress Akhil Goyal
2023-09-21  2:15 ` [PATCH v2 " Nithin Dabilpuram
2023-09-21  2:15   ` [PATCH v2 2/3] net/cnxk: support inline ingress out of place session Nithin Dabilpuram
2023-09-21  2:15   ` [PATCH v2 3/3] test/security: add unittest for inline ingress oop Nithin Dabilpuram
2023-09-21 10:44   ` [PATCH v2 1/3] security: introduce out of place support for inline ingress Akhil Goyal

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=98CBD80474FA8B44BF855DF32C47DC35D87967@smartserver.smartshare.dk \
    --to=mb@smartsharesystems.com \
    --cc=dev@dpdk.org \
    --cc=gakhil@marvell.com \
    --cc=jerinj@marvell.com \
    --cc=jerinjacobk@gmail.com \
    --cc=ndabilpuram@marvell.com \
    --cc=stephen@networkplumber.org \
    --cc=techboard@dpdk.org \
    --cc=thomas@monjalon.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).