Hi Thomas, Akhil, > Is there a reference explaining what exactly is a "soft packet expiry"?
The SA lifetime/expiry is described in security library. https://elixir.bootlin.com/dpdk/latest/source/lib/security/rte_security.h#L295 Thanks, Anoob > -----Original Message----- > From: Akhil Goyal <gak...@marvell.com> > Sent: Tuesday, April 19, 2022 3:44 PM > To: Thomas Monjalon <tho...@monjalon.net> > Cc: dev@dpdk.org; david.march...@redhat.com; > hemant.agra...@nxp.com; Anoob Joseph <ano...@marvell.com>; > konstantin.anan...@intel.com; ciara.po...@intel.com; > ferruh.yi...@intel.com; andrew.rybche...@oktetlabs.ru; Nithin Kumar > Dabilpuram <ndabilpu...@marvell.com>; Vamsi Krishna Attunuru > <vattun...@marvell.com> > Subject: RE: [EXT] Re: [PATCH v4 07/10] ethdev: add IPsec SA expiry event > subtypes > > Hi Thomas, > > > 16/04/2022 21:25, Akhil Goyal: > > > --- a/lib/ethdev/rte_ethdev.h > > > +++ b/lib/ethdev/rte_ethdev.h > > > @@ -3828,6 +3828,12 @@ enum rte_eth_event_ipsec_subtype { > > > RTE_ETH_EVENT_IPSEC_SA_TIME_EXPIRY, > > > /** Soft byte expiry of SA */ > > > RTE_ETH_EVENT_IPSEC_SA_BYTE_EXPIRY, > > > + /** Soft packet expiry of SA */ > > > > Is there a reference explaining what exactly is a "soft packet expiry"? > > SA expiry is a very common procedure in case of IPsec. > And all stacks must support this feature. > You can refer https://docs.strongswan.org/strongswan- > docs/5.9/config/rekeying.html > For details. > Time expiry means after x seconds SA will expire. > Packet expiry means after x packets processing SA will expire. > Byte expiry means after x bytes of packet processing SA will expire. > > > I think you should also mention what should be done in the event > > handler. > > I believe this is quite obvious as per IPsec specifications. > Application need to start rekeying or SA need to be created again. > > > > > > + RTE_ETH_EVENT_IPSEC_SA_PKT_EXPIRY, > > > + /** Hard byte expiry of SA */ > > > + RTE_ETH_EVENT_IPSEC_SA_BYTE_HARD_EXPIRY, > > > + /** Hard packet expiry of SA */ > > > + RTE_ETH_EVENT_IPSEC_SA_PKT_HARD_EXPIRY, > > > > Same comment for the 3 events. > > > > > /** Max value of this enum */ > > > RTE_ETH_EVENT_IPSEC_MAX > > > }; > > > > What is the impact of this "MAX" value on ABI compatibility? > I see no issues reported while running ABI check. > There is no array being used inside library based on MAX.
