Cover Detail

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 61426,
    "url": "http://patches.dpdk.org/api/covers/61426/?format=api",
    "web_url": "http://patches.dpdk.org/project/dpdk/cover/cover.1571322982.git.vladimir.medvedkin@intel.com/",
    "project": {
        "id": 1,
        "url": "http://patches.dpdk.org/api/projects/1/?format=api",
        "name": "DPDK",
        "link_name": "dpdk",
        "list_id": "dev.dpdk.org",
        "list_email": "dev@dpdk.org",
        "web_url": "http://core.dpdk.org",
        "scm_url": "git://dpdk.org/dpdk",
        "webscm_url": "http://git.dpdk.org/dpdk",
        "list_archive_url": "https://inbox.dpdk.org/dev",
        "list_archive_url_format": "https://inbox.dpdk.org/dev/{}",
        "commit_url_format": ""
    },
    "msgid": "<cover.1571322982.git.vladimir.medvedkin@intel.com>",
    "list_archive_url": "https://inbox.dpdk.org/dev/cover.1571322982.git.vladimir.medvedkin@intel.com",
    "date": "2019-10-17T15:47:57",
    "name": "[v6,0/6] ipsec: add inbound SAD",
    "submitter": {
        "id": 1216,
        "url": "http://patches.dpdk.org/api/people/1216/?format=api",
        "name": "Vladimir Medvedkin",
        "email": "vladimir.medvedkin@intel.com"
    },
    "mbox": "http://patches.dpdk.org/project/dpdk/cover/cover.1571322982.git.vladimir.medvedkin@intel.com/mbox/",
    "series": [
        {
            "id": 6917,
            "url": "http://patches.dpdk.org/api/series/6917/?format=api",
            "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=6917",
            "date": "2019-10-17T15:47:57",
            "name": "ipsec: add inbound SAD",
            "version": 6,
            "mbox": "http://patches.dpdk.org/series/6917/mbox/"
        }
    ],
    "comments": "http://patches.dpdk.org/api/covers/61426/comments/",
    "headers": {
        "Return-Path": "<dev-bounces@dpdk.org>",
        "X-Original-To": "patchwork@dpdk.org",
        "Delivered-To": "patchwork@dpdk.org",
        "Received": [
            "from [92.243.14.124] (localhost [127.0.0.1])\n\tby dpdk.org (Postfix) with ESMTP id 0619B1E989;\n\tThu, 17 Oct 2019 17:48:11 +0200 (CEST)",
            "from mga12.intel.com (mga12.intel.com [192.55.52.136])\n\tby dpdk.org (Postfix) with ESMTP id 2D2941E930\n\tfor <dev@dpdk.org>; Thu, 17 Oct 2019 17:48:08 +0200 (CEST)",
            "from orsmga005.jf.intel.com ([10.7.209.41])\n\tby fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;\n\t17 Oct 2019 08:48:08 -0700",
            "from silpixa00400072.ir.intel.com ([10.237.222.213])\n\tby orsmga005.jf.intel.com with ESMTP; 17 Oct 2019 08:48:06 -0700"
        ],
        "X-Amp-Result": "SKIPPED(no attachment in message)",
        "X-Amp-File-Uploaded": "False",
        "X-ExtLoop1": "1",
        "X-IronPort-AV": "E=Sophos;i=\"5.67,308,1566889200\"; d=\"scan'208\";a=\"371174127\"",
        "From": "Vladimir Medvedkin <vladimir.medvedkin@intel.com>",
        "To": "dev@dpdk.org",
        "Cc": "konstantin.ananyev@intel.com, bernard.iremonger@intel.com,\n\takhil.goyal@nxp.com",
        "Date": "Thu, 17 Oct 2019 16:47:57 +0100",
        "Message-Id": "<cover.1571322982.git.vladimir.medvedkin@intel.com>",
        "X-Mailer": "git-send-email 2.7.4",
        "MIME-Version": "1.0",
        "In-Reply-To": "<cover.1570725871.git.vladimir.medvedkin@intel.com>",
        "References": "<cover.1570725871.git.vladimir.medvedkin@intel.com>",
        "Content-Type": "text/plain; charset=UTF-8",
        "Content-Transfer-Encoding": "8bit",
        "Subject": "[dpdk-dev] [PATCH v6 0/6] ipsec: add inbound SAD",
        "X-BeenThere": "dev@dpdk.org",
        "X-Mailman-Version": "2.1.15",
        "Precedence": "list",
        "List-Id": "DPDK patches and discussions <dev.dpdk.org>",
        "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n\t<mailto:dev-request@dpdk.org?subject=unsubscribe>",
        "List-Archive": "<http://mails.dpdk.org/archives/dev/>",
        "List-Post": "<mailto:dev@dpdk.org>",
        "List-Help": "<mailto:dev-request@dpdk.org?subject=help>",
        "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n\t<mailto:dev-request@dpdk.org?subject=subscribe>",
        "Errors-To": "dev-bounces@dpdk.org",
        "Sender": "\"dev\" <dev-bounces@dpdk.org>"
    },
    "content": "According to RFC 4301 IPSec implementation needs an inbound SA database (SAD).\nFor each incoming inbound IPSec-protected packet (ESP or AH) it has to\nperform a lookup within it’s SAD.\nLookup should be performed by:\nSecurity Parameters Index (SPI) + destination IP (DIP) + source IP (SIP)\n  or SPI + DIP\n  or SPI only\nand an implementation has to return the “longest” existing match.\nThese series extend DPDK IPsec library with SAD table implementation that:\n- conforms to the RFC requirements above\n- can scale up to millions of entries\n- supports fast lookups\n- supports incremental updates\n\nInitial series provide an API to create/destroy SAD, and to\nadd/delete/lookup entries within given SAD table.\nUnder the hood it uses three librte_hash tables each of which contains\nan entries for a specific SA type (either it is addressed by SPI only\nor SPI+DIP or SPI+DIP+SIP) Also this patch series introduce test-sad\napplication to measure performance of the library. According to our\nmeasurements on SKX for 1M entries average lookup cost is ~80 cycles,\naverage add cost ~500 cycles.\n\nv6:\n- fix rte_ipsec_sad_lookup() comments regarding return value\n- added parallel lookup feature to test-sad app\n- added read/write concurrency support flag to test-sad app\n- added programmer's guide\n- updated release notes\n\nv5:\n- small fix in rte_ipsec_sad_create()\n- add comments in rte_ipsec_sad.h\n\nv4:\n- fixes in test-sad app\n- small fixes in rte_ipsec_sad_create()\n- fixes in test_find_existing() from unittests\n\nv3:\n- fixes in rte_ipsec_sad_create() and rte_ipsec_sad_find_existing()\n- fix typos\n- updated commit messages\n- added test_find_existing() in unittests\n\nv2:\n- various bugs fixed\n- rte_ipsec_sad_free renamed to rte_ipsec_sad_destroy\n- added const qualifier to rte_ipsec_sad_key *key for add/delete\n- added more comments into the code\n- added ipv6 support into the testsad app\n- added <DEL> measurement into the testsad app\n- random SPI values are generated without dups\n- added support for configurable burst size in testsad app\n- added verbose mode into the testsad app\n\nVladimir Medvedkin (6):\n  ipsec: add inbound SAD API\n  ipsec: add SAD create/destroy implementation\n  ipsec: add SAD add/delete/lookup implementation\n  test/ipsec: add ipsec SAD autotests\n  app: add test-sad application\n  doc/ipsec: update ipsec programmer's guide\n\n app/Makefile                           |   1 +\n app/meson.build                        |   3 +-\n app/test-sad/Makefile                  |  18 +\n app/test-sad/main.c                    | 668 +++++++++++++++++++++++++\n app/test-sad/meson.build               |   6 +\n app/test/Makefile                      |   1 +\n app/test/autotest_data.py              |   6 +\n app/test/meson.build                   |   1 +\n app/test/test_ipsec_sad.c              | 887 +++++++++++++++++++++++++++++++++\n doc/guides/prog_guide/ipsec_lib.rst    | 152 ++++++\n doc/guides/rel_notes/release_19_11.rst |   3 +\n lib/librte_ipsec/Makefile              |   4 +-\n lib/librte_ipsec/ipsec_sad.c           | 515 +++++++++++++++++++\n lib/librte_ipsec/meson.build           |   6 +-\n lib/librte_ipsec/rte_ipsec_sad.h       | 176 +++++++\n lib/librte_ipsec/rte_ipsec_version.map |   7 +\n 16 files changed, 2449 insertions(+), 5 deletions(-)\n create mode 100644 app/test-sad/Makefile\n create mode 100644 app/test-sad/main.c\n create mode 100644 app/test-sad/meson.build\n create mode 100644 app/test/test_ipsec_sad.c\n create mode 100644 lib/librte_ipsec/ipsec_sad.c\n create mode 100644 lib/librte_ipsec/rte_ipsec_sad.h"
}