"Power, Ciara" <ciara.po...@intel.com> writes: > Hi Aaron, > >> -----Original Message----- >> From: Aaron Conole <acon...@redhat.com> >> Sent: Tuesday, March 5, 2024 6:37 PM >> To: Power, Ciara <ciara.po...@intel.com> >> Cc: Sivaramakrishnan, VenkatX <venkatx.sivaramakrish...@intel.com>; Akhil >> Goyal <gak...@marvell.com>; Ji, Kai <kai...@intel.com>; pr...@iol.unh.edu; >> dev@dpdk.org >> Subject: Re: reg. https://patches.dpdk.org/project/dpdk/list/?series=31200 - >> patch result >> >> "Power, Ciara" <ciara.po...@intel.com> writes: >> >> > + Patrick >> > >> > >> > >> > From: Power, Ciara >> > Sent: Tuesday, March 5, 2024 10:05 AM >> > To: Sivaramakrishnan, VenkatX <venkatx.sivaramakrish...@intel.com>; >> > Akhil Goyal <gak...@marvell.com> >> > Cc: Ji, Kai <kai...@intel.com>; Aaron Conole <acon...@redhat.com> >> > Subject: RE: reg. >> > https://patches.dpdk.org/project/dpdk/list/?series=31200 - patch >> > result >> > >> > >> > >> > Hi folks, >> > >> > >> > >> > Had a quick look, I can also see this: >> > >> > crypto/ipsec_mb: IPSec_MB version >= 1.4.0 is required, found version >> > 1.2.0 >> >> This version of ipsec_mb is less than 1 year old. Did this pass any other CI >> testing? I would be surprised if it did - I'm not sure any downstream >> environments that would be using it already. > > We have been using 1.4 (and even 1.5 since it was released) for internal > regression testing and development. > Other than that, the library would be tested by Intel-ipsec-mb team directly. > 1.4 has been supported by the ipsec-mb SW PMDs since it was released, but now > we would like to make it the required version, > to remove the various ifdef codepaths in PMD, and use the newer, more > performant version of the library.
While that is a good goal, this patch series would cause build issues on some distributions (which is evident from the CI failures), and that there are new requirements isn't as clearly documented. AFAICT, it also shifts the requirements from either OpenSSL or IPSec-MB to IPSec-MB. Did I understand it correctly? >> >> > I guess the installed PMD .so file isn’t created because they are not >> > compiled in, due to the minimum version on environment not meeting the >> new requirements. >> >> I don't see any such new requirements anywhere on the crypto tree. The only >> change I know about was for QAT to try and default to IPSec_MB 1.4, but it is >> supposed to fall back to OpenSSL if that is unavailable. Did this change? > > This patchset introduces the requirement, it is not yet on the crypto tree. > It is a SW PMD change only - currently they require 1.1 ipsec-mb, but we want > to bump that to 1.4. > QAT dependencies are unchanged. In that case I think there needs to be some additional communications / announcements since it is changing a dependency. > Thanks, > Ciara
