[dpdk-dev,1/5] lib/ethdev: support for inline IPsec events
Checks
Commit Message
Adding support for IPsec events in rte_eth_event framework. In inline
IPsec offload, the per packet protocol defined variables, like ESN,
would be managed by PMD. In such cases, PMD would need IPsec events
to notify application about various conditions like, ESN overflow.
Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
---
lib/librte_ether/rte_ethdev.h | 22 ++++++++++++++++++++++
1 file changed, 22 insertions(+)
Comments
> -----Original Message-----
> From: Anoob Joseph [mailto:anoob.joseph@caviumnetworks.com]
> Sent: Wednesday, February 21, 2018 5:37 AM
> To: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
> <declan.doherty@intel.com>; Nicolau, Radu <radu.nicolau@intel.com>
> Cc: Anoob Joseph <anoob.joseph@caviumnetworks.com>; Jerin Jacob
> <jerin.jacob@caviumnetworks.com>; Narayana Prasad
> <narayanaprasad.athreya@caviumnetworks.com>; Nelio Laranjeiro
> <nelio.laranjeiro@6wind.com>; dev@dpdk.org
> Subject: [PATCH 1/5] lib/ethdev: support for inline IPsec events
>
> Adding support for IPsec events in rte_eth_event framework. In inline IPsec
> offload, the per packet protocol defined variables, like ESN, would be
> managed by PMD. In such cases, PMD would need IPsec events to notify
> application about various conditions like, ESN overflow.
>
> Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
> ---
> lib/librte_ether/rte_ethdev.h | 22 ++++++++++++++++++++++
> 1 file changed, 22 insertions(+)
>
> diff --git a/lib/librte_ether/rte_ethdev.h b/lib/librte_ether/rte_ethdev.h
> index 0361533..4e4e18d 100644
> --- a/lib/librte_ether/rte_ethdev.h
> +++ b/lib/librte_ether/rte_ethdev.h
> @@ -2438,6 +2438,27 @@ int
> rte_eth_tx_done_cleanup(uint16_t port_id, uint16_t queue_id, uint32_t
> free_cnt);
>
> /**
> + * Subtypes for IPsec offload events raised by eth device.
> + */
> +enum rte_eth_event_ipsec_subtype {
> + RTE_ETH_EVENT_IPSEC_ESN_OVERFLOW,
> + /** Sequence number overflow in security offload */
> + RTE_ETH_EVENT_IPSEC_MAX
> + /** Max value of this enum */
> +};
I would add some more events to the list (to make it look less like a very specific case implementation): crypto/auth failed and undefined/unspecified being the most obvious.
Apart from this, the patchset looks fine.
> +
> +/**
> + * Descriptor for IPsec event. Used by eth dev to send extra
> +information of the
> + * event.
> + */
> +struct rte_eth_event_ipsec_desc {
> + enum rte_eth_event_ipsec_subtype stype;
> + /** Type of IPsec event */
> + uint64_t md;
> + /** Event specific metadata */
> +};
> +
> +/**
> * The eth device event type for interrupt, and maybe others in the future.
> */
> enum rte_eth_event_type {
> @@ -2448,6 +2469,7 @@ enum rte_eth_event_type {
> RTE_ETH_EVENT_INTR_RESET,
> /**< reset interrupt event, sent to VF on PF reset */
> RTE_ETH_EVENT_VF_MBOX, /**< message from the VF received by
> PF */
> + RTE_ETH_EVENT_IPSEC, /**< IPsec offload related event */
> RTE_ETH_EVENT_MACSEC, /**< MACsec offload related event */
> RTE_ETH_EVENT_INTR_RMV, /**< device removal event */
> RTE_ETH_EVENT_NEW, /**< port is probed */
> --
> 2.7.4
Hi Radu,
Please see inline.
Thanks,
Anoob
On 26/02/18 15:05, Nicolau, Radu wrote:
>
>> -----Original Message-----
>> From: Anoob Joseph [mailto:anoob.joseph@caviumnetworks.com]
>> Sent: Wednesday, February 21, 2018 5:37 AM
>> To: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
>> <declan.doherty@intel.com>; Nicolau, Radu <radu.nicolau@intel.com>
>> Cc: Anoob Joseph <anoob.joseph@caviumnetworks.com>; Jerin Jacob
>> <jerin.jacob@caviumnetworks.com>; Narayana Prasad
>> <narayanaprasad.athreya@caviumnetworks.com>; Nelio Laranjeiro
>> <nelio.laranjeiro@6wind.com>; dev@dpdk.org
>> Subject: [PATCH 1/5] lib/ethdev: support for inline IPsec events
>>
>> Adding support for IPsec events in rte_eth_event framework. In inline IPsec
>> offload, the per packet protocol defined variables, like ESN, would be
>> managed by PMD. In such cases, PMD would need IPsec events to notify
>> application about various conditions like, ESN overflow.
>>
>> Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
>> ---
>> lib/librte_ether/rte_ethdev.h | 22 ++++++++++++++++++++++
>> 1 file changed, 22 insertions(+)
>>
>> diff --git a/lib/librte_ether/rte_ethdev.h b/lib/librte_ether/rte_ethdev.h
>> index 0361533..4e4e18d 100644
>> --- a/lib/librte_ether/rte_ethdev.h
>> +++ b/lib/librte_ether/rte_ethdev.h
>> @@ -2438,6 +2438,27 @@ int
>> rte_eth_tx_done_cleanup(uint16_t port_id, uint16_t queue_id, uint32_t
>> free_cnt);
>>
>> /**
>> + * Subtypes for IPsec offload events raised by eth device.
>> + */
>> +enum rte_eth_event_ipsec_subtype {
>> + RTE_ETH_EVENT_IPSEC_ESN_OVERFLOW,
>> + /** Sequence number overflow in security offload */
>> + RTE_ETH_EVENT_IPSEC_MAX
>> + /** Max value of this enum */
>> +};
> I would add some more events to the list (to make it look less like a very specific case implementation): crypto/auth failed and undefined/unspecified being the most obvious.
> Apart from this, the patchset looks fine.
Understood your point. But crypto/auth failed would be per packet,
right? How are we handling such error cases presently? Just want to make
sure we are not adding two error reporting mechanisms.
>
>> +
>> +/**
>> + * Descriptor for IPsec event. Used by eth dev to send extra
>> +information of the
>> + * event.
>> + */
>> +struct rte_eth_event_ipsec_desc {
>> + enum rte_eth_event_ipsec_subtype stype;
>> + /** Type of IPsec event */
>> + uint64_t md;
>> + /** Event specific metadata */
>> +};
>> +
>> +/**
>> * The eth device event type for interrupt, and maybe others in the future.
>> */
>> enum rte_eth_event_type {
>> @@ -2448,6 +2469,7 @@ enum rte_eth_event_type {
>> RTE_ETH_EVENT_INTR_RESET,
>> /**< reset interrupt event, sent to VF on PF reset */
>> RTE_ETH_EVENT_VF_MBOX, /**< message from the VF received by
>> PF */
>> + RTE_ETH_EVENT_IPSEC, /**< IPsec offload related event */
>> RTE_ETH_EVENT_MACSEC, /**< MACsec offload related event */
>> RTE_ETH_EVENT_INTR_RMV, /**< device removal event */
>> RTE_ETH_EVENT_NEW, /**< port is probed */
>> --
>> 2.7.4
> -----Original Message-----
> From: Anoob Joseph [mailto:Anoob.Joseph@caviumnetworks.com]
> Sent: Tuesday, February 27, 2018 6:57 AM
> To: Nicolau, Radu <radu.nicolau@intel.com>; Akhil Goyal
> <akhil.goyal@nxp.com>; Doherty, Declan <declan.doherty@intel.com>
> Cc: Jerin Jacob <jerin.jacob@caviumnetworks.com>; Narayana Prasad
> <narayanaprasad.athreya@caviumnetworks.com>; Nelio Laranjeiro
> <nelio.laranjeiro@6wind.com>; dev@dpdk.org
> Subject: Re: [PATCH 1/5] lib/ethdev: support for inline IPsec events
>
> Hi Radu,
>
> Please see inline.
>
> Thanks,
> Anoob
>
> On 26/02/18 15:05, Nicolau, Radu wrote:
> >
> >> -----Original Message-----
> >> From: Anoob Joseph [mailto:anoob.joseph@caviumnetworks.com]
> >> Sent: Wednesday, February 21, 2018 5:37 AM
> >> To: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
> >> <declan.doherty@intel.com>; Nicolau, Radu <radu.nicolau@intel.com>
> >> Cc: Anoob Joseph <anoob.joseph@caviumnetworks.com>; Jerin Jacob
> >> <jerin.jacob@caviumnetworks.com>; Narayana Prasad
> >> <narayanaprasad.athreya@caviumnetworks.com>; Nelio Laranjeiro
> >> <nelio.laranjeiro@6wind.com>; dev@dpdk.org
> >> Subject: [PATCH 1/5] lib/ethdev: support for inline IPsec events
> >>
> >> Adding support for IPsec events in rte_eth_event framework. In inline
> >> IPsec offload, the per packet protocol defined variables, like ESN,
> >> would be managed by PMD. In such cases, PMD would need IPsec events
> >> to notify application about various conditions like, ESN overflow.
> >>
> >> Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
> >> ---
> >> lib/librte_ether/rte_ethdev.h | 22 ++++++++++++++++++++++
> >> 1 file changed, 22 insertions(+)
> >>
> >> diff --git a/lib/librte_ether/rte_ethdev.h
> >> b/lib/librte_ether/rte_ethdev.h index 0361533..4e4e18d 100644
> >> --- a/lib/librte_ether/rte_ethdev.h
> >> +++ b/lib/librte_ether/rte_ethdev.h
> >> @@ -2438,6 +2438,27 @@ int
> >> rte_eth_tx_done_cleanup(uint16_t port_id, uint16_t queue_id,
> >> uint32_t free_cnt);
> >>
> >> /**
> >> + * Subtypes for IPsec offload events raised by eth device.
> >> + */
> >> +enum rte_eth_event_ipsec_subtype {
> >> + RTE_ETH_EVENT_IPSEC_ESN_OVERFLOW,
> >> + /** Sequence number overflow in security offload */
> >> + RTE_ETH_EVENT_IPSEC_MAX
> >> + /** Max value of this enum */
> >> +};
> > I would add some more events to the list (to make it look less like a very
> specific case implementation): crypto/auth failed and undefined/unspecified
> being the most obvious.
> > Apart from this, the patchset looks fine.
> Understood your point. But crypto/auth failed would be per packet, right?
> How are we handling such error cases presently? Just want to make sure we
> are not adding two error reporting mechanisms.
The only reason for my suggestion was to keep the API as flexible and generic as possible.
For the inline crypto on ixgbe we only flag the mbuf with the security error flag, but no extra info is added. I guess we can have a ipsec crypto error event with a list of failed mbufs or similar. In any case, it's just a suggestion.
> >
> >> +
> >> +/**
> >> + * Descriptor for IPsec event. Used by eth dev to send extra
> >> +information of the
> >> + * event.
> >> + */
> >> +struct rte_eth_event_ipsec_desc {
> >> + enum rte_eth_event_ipsec_subtype stype;
> >> + /** Type of IPsec event */
> >> + uint64_t md;
> >> + /** Event specific metadata */
> >> +};
> >> +
> >> +/**
> >> * The eth device event type for interrupt, and maybe others in the
> future.
> >> */
> >> enum rte_eth_event_type {
> >> @@ -2448,6 +2469,7 @@ enum rte_eth_event_type {
> >> RTE_ETH_EVENT_INTR_RESET,
> >> /**< reset interrupt event, sent to VF on PF reset */
> >> RTE_ETH_EVENT_VF_MBOX, /**< message from the VF received by
> PF */
> >> + RTE_ETH_EVENT_IPSEC, /**< IPsec offload related event */
> >> RTE_ETH_EVENT_MACSEC, /**< MACsec offload related event */
> >> RTE_ETH_EVENT_INTR_RMV, /**< device removal event */
> >> RTE_ETH_EVENT_NEW, /**< port is probed */
> >> --
> >> 2.7.4
Hi Radu,
Please see inline.
Thanks,
Anoob
On 27/02/18 15:49, Nicolau, Radu wrote:
>> -----Original Message-----
>> From: Anoob Joseph [mailto:Anoob.Joseph@caviumnetworks.com]
>> Sent: Tuesday, February 27, 2018 6:57 AM
>> To: Nicolau, Radu <radu.nicolau@intel.com>; Akhil Goyal
>> <akhil.goyal@nxp.com>; Doherty, Declan <declan.doherty@intel.com>
>> Cc: Jerin Jacob <jerin.jacob@caviumnetworks.com>; Narayana Prasad
>> <narayanaprasad.athreya@caviumnetworks.com>; Nelio Laranjeiro
>> <nelio.laranjeiro@6wind.com>; dev@dpdk.org
>> Subject: Re: [PATCH 1/5] lib/ethdev: support for inline IPsec events
>>
>> Hi Radu,
>>
>> Please see inline.
>>
>> Thanks,
>> Anoob
>>
>> On 26/02/18 15:05, Nicolau, Radu wrote:
>>>> -----Original Message-----
>>>> From: Anoob Joseph [mailto:anoob.joseph@caviumnetworks.com]
>>>> Sent: Wednesday, February 21, 2018 5:37 AM
>>>> To: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
>>>> <declan.doherty@intel.com>; Nicolau, Radu <radu.nicolau@intel.com>
>>>> Cc: Anoob Joseph <anoob.joseph@caviumnetworks.com>; Jerin Jacob
>>>> <jerin.jacob@caviumnetworks.com>; Narayana Prasad
>>>> <narayanaprasad.athreya@caviumnetworks.com>; Nelio Laranjeiro
>>>> <nelio.laranjeiro@6wind.com>; dev@dpdk.org
>>>> Subject: [PATCH 1/5] lib/ethdev: support for inline IPsec events
>>>>
>>>> Adding support for IPsec events in rte_eth_event framework. In inline
>>>> IPsec offload, the per packet protocol defined variables, like ESN,
>>>> would be managed by PMD. In such cases, PMD would need IPsec events
>>>> to notify application about various conditions like, ESN overflow.
>>>>
>>>> Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
>>>> ---
>>>> lib/librte_ether/rte_ethdev.h | 22 ++++++++++++++++++++++
>>>> 1 file changed, 22 insertions(+)
>>>>
>>>> diff --git a/lib/librte_ether/rte_ethdev.h
>>>> b/lib/librte_ether/rte_ethdev.h index 0361533..4e4e18d 100644
>>>> --- a/lib/librte_ether/rte_ethdev.h
>>>> +++ b/lib/librte_ether/rte_ethdev.h
>>>> @@ -2438,6 +2438,27 @@ int
>>>> rte_eth_tx_done_cleanup(uint16_t port_id, uint16_t queue_id,
>>>> uint32_t free_cnt);
>>>>
>>>> /**
>>>> + * Subtypes for IPsec offload events raised by eth device.
>>>> + */
>>>> +enum rte_eth_event_ipsec_subtype {
>>>> + RTE_ETH_EVENT_IPSEC_ESN_OVERFLOW,
>>>> + /** Sequence number overflow in security offload */
>>>> + RTE_ETH_EVENT_IPSEC_MAX
>>>> + /** Max value of this enum */
>>>> +};
>>> I would add some more events to the list (to make it look less like a very
>> specific case implementation): crypto/auth failed and undefined/unspecified
>> being the most obvious.
>>> Apart from this, the patchset looks fine.
>> Understood your point. But crypto/auth failed would be per packet, right?
>> How are we handling such error cases presently? Just want to make sure we
>> are not adding two error reporting mechanisms.
> The only reason for my suggestion was to keep the API as flexible and generic as possible.
I agree to your suggestion.
> For the inline crypto on ixgbe we only flag the mbuf with the security error flag, but no extra info is added. I guess we can have a ipsec crypto error event with a list of failed mbufs or similar. In any case, it's just a suggestion.
Do you think having a crypto error with failed mbufs would be useful? If
yes, I can add that. While considering other SA specific events, there
could be two other such events that we may need to consider.
1) Byte expiry of SA [1]
2) Time expiry of SA [1]
Shall I add these events? Or do we need to make that a separate patch?
Considering that it would need an entry in conf for actually of any use.
[1] https://tools.ietf.org/html/rfc4301#page-37
>
>>>> +
>>>> +/**
>>>> + * Descriptor for IPsec event. Used by eth dev to send extra
>>>> +information of the
>>>> + * event.
>>>> + */
>>>> +struct rte_eth_event_ipsec_desc {
>>>> + enum rte_eth_event_ipsec_subtype stype;
>>>> + /** Type of IPsec event */
>>>> + uint64_t md;
>>>> + /** Event specific metadata */
>>>> +};
>>>> +
>>>> +/**
>>>> * The eth device event type for interrupt, and maybe others in the
>> future.
>>>> */
>>>> enum rte_eth_event_type {
>>>> @@ -2448,6 +2469,7 @@ enum rte_eth_event_type {
>>>> RTE_ETH_EVENT_INTR_RESET,
>>>> /**< reset interrupt event, sent to VF on PF reset */
>>>> RTE_ETH_EVENT_VF_MBOX, /**< message from the VF received by
>> PF */
>>>> + RTE_ETH_EVENT_IPSEC, /**< IPsec offload related event */
>>>> RTE_ETH_EVENT_MACSEC, /**< MACsec offload related event */
>>>> RTE_ETH_EVENT_INTR_RMV, /**< device removal event */
>>>> RTE_ETH_EVENT_NEW, /**< port is probed */
>>>> --
>>>> 2.7.4
Hi,
> -----Original Message-----
> From: Anoob Joseph [mailto:Anoob.Joseph@caviumnetworks.com]
> Sent: Tuesday, February 27, 2018 11:32 AM
> To: Nicolau, Radu <radu.nicolau@intel.com>; Akhil Goyal
> <akhil.goyal@nxp.com>; Doherty, Declan <declan.doherty@intel.com>
> Cc: Jerin Jacob <jerin.jacob@caviumnetworks.com>; Narayana Prasad
> <narayanaprasad.athreya@caviumnetworks.com>; Nelio Laranjeiro
> <nelio.laranjeiro@6wind.com>; dev@dpdk.org
> Subject: Re: [PATCH 1/5] lib/ethdev: support for inline IPsec events
>
> Hi Radu,
>
> Please see inline.
>
> Thanks,
>
> Anoob
>
>
> On 27/02/18 15:49, Nicolau, Radu wrote:
> >> -----Original Message-----
> >> From: Anoob Joseph [mailto:Anoob.Joseph@caviumnetworks.com]
> >> Sent: Tuesday, February 27, 2018 6:57 AM
> >> To: Nicolau, Radu <radu.nicolau@intel.com>; Akhil Goyal
> >> <akhil.goyal@nxp.com>; Doherty, Declan <declan.doherty@intel.com>
> >> Cc: Jerin Jacob <jerin.jacob@caviumnetworks.com>; Narayana Prasad
> >> <narayanaprasad.athreya@caviumnetworks.com>; Nelio Laranjeiro
> >> <nelio.laranjeiro@6wind.com>; dev@dpdk.org
> >> Subject: Re: [PATCH 1/5] lib/ethdev: support for inline IPsec events
> >>
> >> Hi Radu,
> >>
> >> Please see inline.
> >>
> >> Thanks,
> >> Anoob
> >>
> >> On 26/02/18 15:05, Nicolau, Radu wrote:
> >>>> -----Original Message-----
> >>>> From: Anoob Joseph [mailto:anoob.joseph@caviumnetworks.com]
> >>>> Sent: Wednesday, February 21, 2018 5:37 AM
> >>>> To: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
> >>>> <declan.doherty@intel.com>; Nicolau, Radu <radu.nicolau@intel.com>
> >>>> Cc: Anoob Joseph <anoob.joseph@caviumnetworks.com>; Jerin Jacob
> >>>> <jerin.jacob@caviumnetworks.com>; Narayana Prasad
> >>>> <narayanaprasad.athreya@caviumnetworks.com>; Nelio Laranjeiro
> >>>> <nelio.laranjeiro@6wind.com>; dev@dpdk.org
> >>>> Subject: [PATCH 1/5] lib/ethdev: support for inline IPsec events
> >>>>
> >>>> Adding support for IPsec events in rte_eth_event framework. In
> >>>> inline IPsec offload, the per packet protocol defined variables,
> >>>> like ESN, would be managed by PMD. In such cases, PMD would need
> >>>> IPsec events to notify application about various conditions like, ESN
> overflow.
> >>>>
> >>>> Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
> >>>> ---
> >>>> lib/librte_ether/rte_ethdev.h | 22 ++++++++++++++++++++++
> >>>> 1 file changed, 22 insertions(+)
> >>>>
> >>>> diff --git a/lib/librte_ether/rte_ethdev.h
> >>>> b/lib/librte_ether/rte_ethdev.h index 0361533..4e4e18d 100644
> >>>> --- a/lib/librte_ether/rte_ethdev.h
> >>>> +++ b/lib/librte_ether/rte_ethdev.h
> >>>> @@ -2438,6 +2438,27 @@ int
> >>>> rte_eth_tx_done_cleanup(uint16_t port_id, uint16_t queue_id,
> >>>> uint32_t free_cnt);
> >>>>
> >>>> /**
> >>>> + * Subtypes for IPsec offload events raised by eth device.
> >>>> + */
> >>>> +enum rte_eth_event_ipsec_subtype {
> >>>> + RTE_ETH_EVENT_IPSEC_ESN_OVERFLOW,
> >>>> + /** Sequence number overflow in security offload */
> >>>> + RTE_ETH_EVENT_IPSEC_MAX
> >>>> + /** Max value of this enum */
> >>>> +};
> >>> I would add some more events to the list (to make it look less like
> >>> a very
> >> specific case implementation): crypto/auth failed and
> >> undefined/unspecified being the most obvious.
> >>> Apart from this, the patchset looks fine.
> >> Understood your point. But crypto/auth failed would be per packet, right?
> >> How are we handling such error cases presently? Just want to make
> >> sure we are not adding two error reporting mechanisms.
> > The only reason for my suggestion was to keep the API as flexible and
> generic as possible.
> I agree to your suggestion.
> > For the inline crypto on ixgbe we only flag the mbuf with the security error
> flag, but no extra info is added. I guess we can have a ipsec crypto error
> event with a list of failed mbufs or similar. In any case, it's just a suggestion.
> Do you think having a crypto error with failed mbufs would be useful? If yes, I
> can add that. While considering other SA specific events, there could be two
> other such events that we may need to consider.
> 1) Byte expiry of SA [1]
> 2) Time expiry of SA [1]
>
You can add the flags even if we don't provide support for them in the sample app.
> Shall I add these events? Or do we need to make that a separate patch?
> Considering that it would need an entry in conf for actually of any use.
>
> [1] https://tools.ietf.org/html/rfc4301#page-37
> >
> >>>> +
> >>>> +/**
> >>>> + * Descriptor for IPsec event. Used by eth dev to send extra
> >>>> +information of the
> >>>> + * event.
> >>>> + */
> >>>> +struct rte_eth_event_ipsec_desc {
> >>>> + enum rte_eth_event_ipsec_subtype stype;
> >>>> + /** Type of IPsec event */
> >>>> + uint64_t md;
> >>>> + /** Event specific metadata */
> >>>> +};
> >>>> +
> >>>> +/**
> >>>> * The eth device event type for interrupt, and maybe others in
> >>>> the
> >> future.
> >>>> */
> >>>> enum rte_eth_event_type {
> >>>> @@ -2448,6 +2469,7 @@ enum rte_eth_event_type {
> >>>> RTE_ETH_EVENT_INTR_RESET,
> >>>> /**< reset interrupt event, sent to VF on PF reset */
> >>>> RTE_ETH_EVENT_VF_MBOX, /**< message from the VF received by
> >> PF */
> >>>> + RTE_ETH_EVENT_IPSEC, /**< IPsec offload related event */
> >>>> RTE_ETH_EVENT_MACSEC, /**< MACsec offload related event */
> >>>> RTE_ETH_EVENT_INTR_RMV, /**< device removal event */
> >>>> RTE_ETH_EVENT_NEW, /**< port is probed */
> >>>> --
> >>>> 2.7.4
@@ -2438,6 +2438,27 @@ int
rte_eth_tx_done_cleanup(uint16_t port_id, uint16_t queue_id, uint32_t free_cnt);
/**
+ * Subtypes for IPsec offload events raised by eth device.
+ */
+enum rte_eth_event_ipsec_subtype {
+ RTE_ETH_EVENT_IPSEC_ESN_OVERFLOW,
+ /** Sequence number overflow in security offload */
+ RTE_ETH_EVENT_IPSEC_MAX
+ /** Max value of this enum */
+};
+
+/**
+ * Descriptor for IPsec event. Used by eth dev to send extra information of the
+ * event.
+ */
+struct rte_eth_event_ipsec_desc {
+ enum rte_eth_event_ipsec_subtype stype;
+ /** Type of IPsec event */
+ uint64_t md;
+ /** Event specific metadata */
+};
+
+/**
* The eth device event type for interrupt, and maybe others in the future.
*/
enum rte_eth_event_type {
@@ -2448,6 +2469,7 @@ enum rte_eth_event_type {
RTE_ETH_EVENT_INTR_RESET,
/**< reset interrupt event, sent to VF on PF reset */
RTE_ETH_EVENT_VF_MBOX, /**< message from the VF received by PF */
+ RTE_ETH_EVENT_IPSEC, /**< IPsec offload related event */
RTE_ETH_EVENT_MACSEC, /**< MACsec offload related event */
RTE_ETH_EVENT_INTR_RMV, /**< device removal event */
RTE_ETH_EVENT_NEW, /**< port is probed */