Hi Thomas, Akhil, > Is there a reference explaining what exactly is a "soft packet expiry"?
The SA lifetime/expiry is described in security library. https://elixir.bootlin.com/dpdk/latest/source/lib/security/rte_security.h#L295 Thanks, Anoob > -----Original Message----- > From: Akhil Goyal <[email protected]> > Sent: Tuesday, April 19, 2022 3:44 PM > To: Thomas Monjalon <[email protected]> > Cc: [email protected]; [email protected]; > [email protected]; Anoob Joseph <[email protected]>; > [email protected]; [email protected]; > [email protected]; [email protected]; Nithin Kumar > Dabilpuram <[email protected]>; Vamsi Krishna Attunuru > <[email protected]> > Subject: RE: [EXT] Re: [PATCH v4 07/10] ethdev: add IPsec SA expiry event > subtypes > > Hi Thomas, > > > 16/04/2022 21:25, Akhil Goyal: > > > --- a/lib/ethdev/rte_ethdev.h > > > +++ b/lib/ethdev/rte_ethdev.h > > > @@ -3828,6 +3828,12 @@ enum rte_eth_event_ipsec_subtype { > > > RTE_ETH_EVENT_IPSEC_SA_TIME_EXPIRY, > > > /** Soft byte expiry of SA */ > > > RTE_ETH_EVENT_IPSEC_SA_BYTE_EXPIRY, > > > + /** Soft packet expiry of SA */ > > > > Is there a reference explaining what exactly is a "soft packet expiry"? > > SA expiry is a very common procedure in case of IPsec. > And all stacks must support this feature. > You can refer https://docs.strongswan.org/strongswan- > docs/5.9/config/rekeying.html > For details. > Time expiry means after x seconds SA will expire. > Packet expiry means after x packets processing SA will expire. > Byte expiry means after x bytes of packet processing SA will expire. > > > I think you should also mention what should be done in the event > > handler. > > I believe this is quite obvious as per IPsec specifications. > Application need to start rekeying or SA need to be created again. > > > > > > + RTE_ETH_EVENT_IPSEC_SA_PKT_EXPIRY, > > > + /** Hard byte expiry of SA */ > > > + RTE_ETH_EVENT_IPSEC_SA_BYTE_HARD_EXPIRY, > > > + /** Hard packet expiry of SA */ > > > + RTE_ETH_EVENT_IPSEC_SA_PKT_HARD_EXPIRY, > > > > Same comment for the 3 events. > > > > > /** Max value of this enum */ > > > RTE_ETH_EVENT_IPSEC_MAX > > > }; > > > > What is the impact of this "MAX" value on ABI compatibility? > I see no issues reported while running ABI check. > There is no array being used inside library based on MAX.
