From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-17.4 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,MSGID_FROM_MTA_HEADER,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS, USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id CEB7CC433F5 for ; Mon, 6 Sep 2021 11:09:24 +0000 (UTC) Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by mail.kernel.org (Postfix) with ESMTP id 4EC34606A5 for ; Mon, 6 Sep 2021 11:09:24 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 4EC34606A5 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=dpdk.org Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 6ECE141101; Mon, 6 Sep 2021 13:09:23 +0200 (CEST) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by mails.dpdk.org (Postfix) with ESMTP id 5A241410E6 for ; Mon, 6 Sep 2021 13:09:21 +0200 (CEST) X-IronPort-AV: E=McAfee;i="6200,9189,10098"; a="305505796" X-IronPort-AV: E=Sophos;i="5.85,272,1624345200"; d="scan'208";a="305505796" Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Sep 2021 04:09:20 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.85,272,1624345200"; d="scan'208";a="429855290" Received: from orsmsx605.amr.corp.intel.com ([10.22.229.18]) by orsmga006.jf.intel.com with ESMTP; 06 Sep 2021 04:09:20 -0700 Received: from orsmsx612.amr.corp.intel.com (10.22.229.25) by ORSMSX605.amr.corp.intel.com (10.22.229.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Mon, 6 Sep 2021 04:09:19 -0700 Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX612.amr.corp.intel.com (10.22.229.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Mon, 6 Sep 2021 04:09:19 -0700 Received: from ORSEDG601.ED.cps.intel.com (10.7.248.6) by orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12 via Frontend Transport; Mon, 6 Sep 2021 04:09:19 -0700 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (104.47.66.46) by edgegateway.intel.com (134.134.137.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.10; Mon, 6 Sep 2021 04:09:19 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=U3d4LfHZmV35FGhk6xJCNn6RpFJ51ccH+S8X7teOVV5vZ7GhI7M4AR7QBS/3mSty0UoV/0qNxC96+5fRtD1B9ZD6x8YO4FZqleFfeBY2OYc8kPQgsSZt6QsBzEiEn0IgKZDFkw7zWTtpBCy+O8BettxBFnMmykfJn43gUVWYDD/uoEPcvcTESnEogCgiUPGtYL45/HH/o4W+06hNMUd+ir8IgM2cC8pRdnNnCohytsp+cHs5bDprxe5+g7OkeJ6Wlibiv/e5TNRNHrpPMAD8AoG9ON3kw3zAYfDQpi6D+SJmrkloSR4RQNw8LyHCAdnm9WUpM8I1GsbmivBz7tNrsA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=1kVXMyAmSlxXz4NFAj5cjvcnqQRRfAQ4fvA5qFvmZQ8=; b=P1Q/66xXVfwPLp7zeCJk5BTTFzvOdJqzeNgiH0zum19kqVE4GHB4O146lRXX0zof4r3QkWFzZPK4MDwaDI3+sFDDSPVZCFtQWu+WDffFxwvepDFMG5Aw3wDpoOQ9oiYXPqiFlLYlGR4bwnEGeZuXVG5TkOLg2bZemp2fybXqptJyiVUoTLiSF5XFjs77UyW48v0dHl1WwkDMPQPD9yEgW3GVLmHGmXZ4KxHGA+EjXqOnpsijSWXzLRSYS5538Efb6mVm8hX+iVrzQpacaJpEg7CbpiJUCjXTFogaA8w0sqah+djIfTOaPRgWiZxwMvnwuRzalAJkJHuCWewHttMe1Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1kVXMyAmSlxXz4NFAj5cjvcnqQRRfAQ4fvA5qFvmZQ8=; b=zvA9NG+ip+rW4PIFrOJT0V4NrK8u6E0NS0IpC65YzqXskYD4Fw+qA2Uc3vQ47WsRLpnPKJmXAzjoo0EHFxDZdiiLaD7sV5prF0Sbqm0tLnCx1yVTgJ+AMkTl/bFZ0oNSEgv5yDrwsnnJ5OrYk5JrGDvU6af+pq5osTkVLGqIvJE= Authentication-Results: nvidia.com; dkim=none (message not signed) header.d=none;nvidia.com; dmarc=none action=none header.from=intel.com; Received: from CO1PR11MB4868.namprd11.prod.outlook.com (2603:10b6:303:90::19) by MWHPR11MB1295.namprd11.prod.outlook.com (2603:10b6:300:2b::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4478.22; Mon, 6 Sep 2021 11:09:17 +0000 Received: from CO1PR11MB4868.namprd11.prod.outlook.com ([fe80::6458:1368:f535:f287]) by CO1PR11MB4868.namprd11.prod.outlook.com ([fe80::6458:1368:f535:f287%9]) with mapi id 15.20.4478.025; Mon, 6 Sep 2021 11:09:17 +0000 To: Akhil Goyal , Declan Doherty CC: "dev@dpdk.org" , "mdr@ashroe.eu" , "konstantin.ananyev@intel.com" , "vladimir.medvedkin@intel.com" , "bruce.richardson@intel.com" , "roy.fan.zhang@intel.com" , "hemant.agrawal@nxp.com" , Anoob Joseph , "abhijit.sinha@intel.com" , "daniel.m.buckley@intel.com" , Archana Muniganti , Tejasree Kondoj , "matan@nvidia.com" References: <20210713133542.3550525-1-radu.nicolau@intel.com> <20210903112626.304692-1-radu.nicolau@intel.com> <20210903112626.304692-3-radu.nicolau@intel.com> From: "Nicolau, Radu" Message-ID: Date: Mon, 6 Sep 2021 12:09:10 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Firefox/78.0 Thunderbird/78.13.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-GB X-ClientProxiedBy: DB6PR0802CA0048.eurprd08.prod.outlook.com (2603:10a6:4:a3::34) To CO1PR11MB4868.namprd11.prod.outlook.com (2603:10b6:303:90::19) MIME-Version: 1.0 Received: from [192.168.1.12] (109.255.186.106) by DB6PR0802CA0048.eurprd08.prod.outlook.com (2603:10a6:4:a3::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4478.17 via Frontend Transport; Mon, 6 Sep 2021 11:09:14 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: f1ff059e-710a-4158-087c-08d97126c4d3 X-MS-TrafficTypeDiagnostic: MWHPR11MB1295: X-LD-Processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8882; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: LivW7n9nl6ZLjzc7RmxNVlvP8ge84tJuuOdJ8qhW9mRKvBxOvTeEzPIloINGB2p737QlVwOX7bNONMmr+az64C759Jmv+DYypBXAsECYZXRVOvd0vEbuUO+MkvXEtxbCHeEJ0s6f1DMGm5r/xA6KtvjG7U/RDCmyOz2wQZPw6sMS+Z9Q5/LwFvJChQKyyM3ymRG4Q+T556RMQWDJOm75+BGRyM0jRUeW2r2eN7VpaCT3Xj3Z9aeoOZL4iFw0lttyIP3fvKnXktbSTYo0IZxua3qraXfm3xJHSV1qd/la30cdPT26MVDl2HryarhAy3vaUeKNu6y1e3Y54YUDqg/ooVnB+w94SZ3WXuTwYWAwFR7ouemf56HO7NWaL8BU06JzUU0cRobRlrRRXMvvDYOzK/F0fXWnbEB4WWa/S8/+tv2NgmICW7JS6+rliF/aJlS0uEkSCgBY0xJiTv0IGhVdEZZFvfvyzhUQdbSLP2JhZF5gvyWhl2ptVy8edwzblRBuQ7qCZY2Www7d3dCab+S869uW2UgSk4SElXJt4V1/NcveJUmxlcx4ZOumA6rBk+RXLWNWVIrYtTCLYKjlbINBV5ijA+6lHvxB+lJpZFAbXQudmCswi77xaq8fqY+pD91soLh9IxLlKBCPQkr9ZOhTpnP1qaDAe1ALPuyAubIdlmEh9MdtRJyPhI3r1gNs2CuVgY6qt58z0/N66ppASZrY0/2sy0/JorlBmCUx+AdojLd1UuD1DxWgKPL0vEJbih1tCgTBNQrsIPP6wWv9b6Tq5Pr2eE0qkMe/TLPtISqCbJlKGa2l7Lc7pqVQbLutWWHh X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO1PR11MB4868.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(39860400002)(396003)(136003)(346002)(376002)(54906003)(16576012)(110136005)(316002)(186003)(966005)(38100700002)(31696002)(8936002)(15650500001)(5660300002)(6636002)(31686004)(4326008)(86362001)(36756003)(26005)(66946007)(2616005)(956004)(2906002)(6486002)(66476007)(55236004)(83380400001)(6666004)(66556008)(478600001)(8676002)(53546011)(45980500001)(43740500002); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?c1pYZzdpYXUzeUNuSlVwTERDMWZsbzhJRlF3eWJhbkNaWG1qR1E4RmpyaE5j?= =?utf-8?B?ei9ZOXg0ZWo0ZlNPcVk1K0x1STl5SjE5VmtFQ3BUSE1FVW90elFWZlFIYzhi?= =?utf-8?B?bVJUZTdjdHhNc2ppcjhRYTZ4djJJajZaY2Q4K052Q3pXcGJ5N2NuRnR4OEt0?= =?utf-8?B?OCtBdDFBck9LdTlBTnVxdVMwTlV2M01BajNPOU1LYTlZQTczZEE0M3RrNXA5?= =?utf-8?B?cnVPL2hqMmFWVUZiM1ZaZEJ6eGxHMjVWWkpTZmRuZEpvTkNNRExCK0ZNby9s?= =?utf-8?B?VWo3eTUyVUdmd2xWQVpEb2c1YXB0eHg5Yk9jSm5CL2xPdXFhVjNHdktMUEJ6?= =?utf-8?B?S1NpeENucWVDUWN0cmNiMWtGY0ExR09yNkZuWkpaQ2FPdHJvZFBFb1dITHFS?= =?utf-8?B?aUZBa3RXRTljZmRKZ2xaaGE2ZDhvR2Y1Mi9aTUlVRHJUbnBNNkxwUHNrV29S?= =?utf-8?B?SE16SXF6cUxXN05mVTczNHkyMzdCLzRHMnZ5THlnMWdyUDJET3l3eHIxWUJ6?= =?utf-8?B?TkxPbE1YcDFkY0M4akgxOUVTbFJWZ0ZlamVjTmlzZTJ1RUlRMEo3cDV1aUor?= =?utf-8?B?UkdXZmpxcHRQajZKdDRIMXBsNEVydjVGL204SUU1U2FJUXN5TmZDeWxaMEtq?= =?utf-8?B?TnlkVk5VMTNNUDBsWUFjcnlJTzdaM1lWRGhtRDU3WS9wN2pUU3VjOWhoNUEy?= =?utf-8?B?TzZRd0hEN2xQL2FUUVNldkRYNXRBbXUvYVVybzFET2NvM25GNEdaWmR6QzVX?= =?utf-8?B?Y1o2bkgweEZWZEdJMzVVNFRrUmZBR1FVZkQrL1RLMHBUY05yMXAyejlQS2VF?= =?utf-8?B?dkgweTJrUnBXenRiRDFyMEtyRE8xcjBxK3RQRi9FRndCVVoydGg3WkdzdDVx?= =?utf-8?B?R3cwN05mSURGSWwwNmR2Qm1IaXQySVRmZCsvSE1JaTdyeWp2K2pSalYwU2l1?= =?utf-8?B?Q3liekIvQ3JJVUpLdkYxS2s0ZVlEQ2d3cUZkVlR4V0p3U3VyZWRPWElFaDdN?= =?utf-8?B?Q1VKaldGQTNmQmpHTitIYUhFR2dja1pucGxCNmZhSlkzdjkwRGplYVRMRUho?= =?utf-8?B?SWo4YlNneHFlbkVsbEI3RXRkUHZ6R05kTjdWVkJ6Qk9jR25hZ05ueHF0QUVa?= =?utf-8?B?bjJsNkVIaTROSnluNlE4aFJLK2MrWHlkNi96Vk43dnpBcjhBSXdzdnFtSFN1?= =?utf-8?B?SHY0MEpmRmxuZHdMUVJNeGlwOVZMTG9kaEkvSC85R0gvZEQydzhDOU9KNm1I?= =?utf-8?B?SXM5REIydDBWbDdqYTQrRmNwY1VrSlp6YUREV3hNZmo2dDdJUWhYSllYeVkw?= =?utf-8?B?a1JQVWxJcXh0OW45TTExZzE1bDFrNzVtRStGUmdHV0RsUUJhcThRYlpjNWhK?= =?utf-8?B?NEZGOFhVWnMwRGwxb1JUc0xmdHZZczZ1RGx5T1VjK2cxeEJKaXI2VXZ5SGVv?= =?utf-8?B?SmZMVHArcU9FT0JCa29VYVRIL2orZlo1Y0Fzc3dyQytsL1V2Z21WdzN2K3ZQ?= =?utf-8?B?VmFUcFJ0WTBScDdUMG56VXQ0M1JBT21uUlVYajdpeHRYSERZUFRFN1BwY2tO?= =?utf-8?B?dkZoL0oveGtySnljUWZ3VGg3K09hcUQ2MjJPWDgvaTdvSFArdU12bkNXVkVy?= =?utf-8?B?Wis5MW93UFVJZ01jY1RBcVpyMnZkT3ZidkNSbTI1ZUlscXhSZVZXWTJSSENZ?= =?utf-8?B?V0VYWExBUzN3aGVFTDYra0pReHFPc3R2Yi9EeUluYjMvR0Y5WFgvZFhibVc5?= =?utf-8?Q?liVWsvBpFAbhbqts2dKE7Ul1lH2oBRjYeiNhYJH?= X-MS-Exchange-CrossTenant-Network-Message-Id: f1ff059e-710a-4158-087c-08d97126c4d3 X-MS-Exchange-CrossTenant-AuthSource: CO1PR11MB4868.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Sep 2021 11:09:17.6328 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: SnWd0dTGb6Dnl75f9cHMmonu5yidDlhrre4/eJWKWA+6f3rnVR16O/eyNHxrFwzIV/jaEJyctzcdr8lf7IsD3A== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR11MB1295 X-OriginatorOrg: intel.com Subject: Re: [dpdk-dev] [EXT] [PATCH v4 02/10] security: add UDP params for IPsec NAT-T X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" On 9/5/2021 3:19 PM, Akhil Goyal wrote: > Hi Radu, > >> Add support for specifying UDP port params for UDP encapsulation option. >> >> Signed-off-by: Declan Doherty >> Signed-off-by: Radu Nicolau >> Signed-off-by: Abhijit Sinha >> Signed-off-by: Daniel Martin Buckley > Do we really need to specify the port numbers for NAT-T? > I suppose they are fixed as 4500. > Could you please specify what the user need to set here for session > creation? From what I'm seeing here https://datatracker.ietf.org/doc/html/rfc3948#section-2.1 there is no requirement in general for UDP encapsulation so I think it's better to make the API flexible as to allow any port to be used. > >> --- >> lib/security/rte_security.h | 8 ++++++++ >> 1 file changed, 8 insertions(+) >> >> diff --git a/lib/security/rte_security.h b/lib/security/rte_security.h >> index 45896a77d0..03572b10ab 100644 >> --- a/lib/security/rte_security.h >> +++ b/lib/security/rte_security.h >> @@ -112,6 +112,12 @@ struct rte_security_ipsec_tunnel_param { >> }; >> }; >> >> +struct rte_security_ipsec_udp_param { >> + >> + uint16_t sport; >> + uint16_t dport; >> +}; >> + >> /** >> * IPsec Security Association option flags >> */ >> @@ -224,6 +230,8 @@ struct rte_security_ipsec_xform { >> /**< IPsec SA Mode - transport/tunnel */ >> struct rte_security_ipsec_tunnel_param tunnel; >> /**< Tunnel parameters, NULL for transport mode */ >> + struct rte_security_ipsec_udp_param udp; >> + /**< UDP parameters, ignored when udp_encap option not specified >> */ >> uint64_t esn_soft_limit; >> /**< ESN for which the overflow event need to be raised */ >> uint32_t replay_win_sz; >> -- >> 2.25.1