[dpdk-dev] [PATCH 04/13] acl: allow zero verdict

[Michal Miroslaw]

On Tue, Dec 13, 2016 at 05:14:09PM +0100, Michal Miroslaw wrote:
> On Tue, Dec 13, 2016 at 03:13:42PM +0000, Ananyev, Konstantin wrote:
[...]
> > > Dear Konstantin,
> > > 
> > > Can you describe how the ACL code treats zero specially? I could not find
> > > anything, really. The only thing I found is that iff I use zero userdata
> > > in a rule I won't be able to differentiate a case where it matched from
> > > a case where no rule matched.
> > 
> > Yes, that's what I am talking about.
> > 
> > > If I all my rules have non-zero userdata,
> > > then this patch changes nothing.
> > 
> > Ok, then why do you remove a code that does checking for invalid userdata==0?
> > That supposed to prevent user to setup invalid value by mistake.
> > 
> >  But if I have a table where 0 means drop
> > > (default-drop policy) then being able to use zero userdata in DROP rules
> > > makes the ACLs just that more useful.
> > 
> > Ok, and what prevents you from do +1 to your policy values before
> > you insert it into the ACL table and -1 after you retrieved it via rte_acl_classify()? 
> 
> The check is enforcing an assumption that all users want to distinguish
> the cases whether any rule matched and whether no rules matched. Not all
> users do, hence the assumption is invalid and this patch removes it.
> 
> Yes, people can work around it by loosing 1 of 2^32 useful values and
> convoluting their code.
> 
> You seem to argue that 0 is somehow an invalid value, but I can't find
> anything in the ACL that would require it to be so. Could you point me
> to the code in DPDK where this actually matters?

I just noticed that it's probably you who wrote most of the ACLs code,
so I guest you're the right person to ask the question above.

Nice work, BTW. :-)

Best Regards,
Michał Mirosław