[PATCH v3 4/4] security: add IPsec option for IP reassembly

Ferruh Yigit ferruh.yigit at intel.com
Tue Feb 1 15:12:07 CET 2022

Previous message (by thread): [EXT] Re: [PATCH v3 3/4] ethdev: add mbuf dynfield for incomplete IP reassembly
Next message (by thread): [EXT] Re: [PATCH v3 4/4] security: add IPsec option for IP reassembly
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/30/2022 5:59 PM, Akhil Goyal wrote:
> A new option is added in IPsec to enable and attempt reassembly
> of inbound packets.
> 
> Signed-off-by: Akhil Goyal <gakhil at marvell.com>
> ---
>   devtools/libabigail.abignore | 14 ++++++++++++++
>   lib/security/rte_security.h  | 12 +++++++++++-


+Radu for review

>   2 files changed, 25 insertions(+), 1 deletion(-)
> 
> diff --git a/devtools/libabigail.abignore b/devtools/libabigail.abignore
> index 90f449c43a..c6e304282f 100644
> --- a/devtools/libabigail.abignore
> +++ b/devtools/libabigail.abignore
> @@ -16,3 +16,17 @@
>   [suppress_type]
>   	name = rte_eth_dev_info
>   	has_data_member_inserted_between = {offset_of(reserved_64s), end}
> +
> +; Ignore fields inserted in place of reserved_opts of rte_security_ipsec_sa_options
> +[suppress_type]
> +       name = rte_ipsec_sa_prm
> +       name = rte_security_ipsec_sa_options
> +       has_data_member_inserted_between = {offset_of(reserved_opts), end}
> +
> +[suppress_type]
> +       name = rte_security_capability
> +       has_data_member_inserted_between = {offset_of(reserved_opts), (offset_of(reserved_opts) + 18)}
> +
> +[suppress_type]
> +       name = rte_security_session_conf
> +       has_data_member_inserted_between = {offset_of(reserved_opts), (offset_of(reserved_opts) + 18)}
> diff --git a/lib/security/rte_security.h b/lib/security/rte_security.h
> index 1228b6c8b1..168b837a82 100644
> --- a/lib/security/rte_security.h
> +++ b/lib/security/rte_security.h
> @@ -264,6 +264,16 @@ struct rte_security_ipsec_sa_options {
>   	 */
>   	uint32_t l4_csum_enable : 1;
>   
> +	/** Enable reassembly on incoming packets.
> +	 *
> +	 * * 1: Enable driver to try reassembly of encrypted IP packets for
> +	 *      this SA, if supported by the driver. This feature will work
> +	 *      only if rx_offload RTE_ETH_RX_OFFLOAD_IP_REASSEMBLY is set in
> +	 *      inline Ethernet device.
> +	 * * 0: Disable reassembly of packets (default).
> +	 */
> +	uint32_t reass_en : 1;
> +
>   	/** Reserved bit fields for future extension
>   	 *
>   	 * User should ensure reserved_opts is cleared as it may change in
> @@ -271,7 +281,7 @@ struct rte_security_ipsec_sa_options {
>   	 *
>   	 * Note: Reduce number of bits in reserved_opts for every new option.
>   	 */
> -	uint32_t reserved_opts : 18;
> +	uint32_t reserved_opts : 17;
>   };
>   
>   /** IPSec security association direction */

Previous message (by thread): [EXT] Re: [PATCH v3 3/4] ethdev: add mbuf dynfield for incomplete IP reassembly
Next message (by thread): [EXT] Re: [PATCH v3 4/4] security: add IPsec option for IP reassembly
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list