test/crypto: add packet hard expiry cases

[dpdk.git] / doc / guides / rel_notes / release_21_11.rst

diff --git a/doc/guides/rel_notes/release_21_11.rst b/doc/guides/rel_notes/release_21_11.rst
index 2a13459..afbe744 100644 (file)
--- a/doc/guides/rel_notes/release_21_11.rst
+++ b/doc/guides/rel_notes/release_21_11.rst
@@ -102,6 +102,8 @@ New Features
   * Added tests to verify error reporting with ICV corruption.
   * Added tests to verify IV generation.
   * Added tests to verify UDP encapsulation.
+  * Added tests to validate packets soft expiry.
+  * Added tests to validate packets hard expiry.
 
 
 Removed Items
@@ -147,6 +149,11 @@ API Changes
   as it is for drivers only and should be private to DPDK, and not
   installed for app use.
 
+* cryptodev: A ``reserved`` byte from structure ``rte_crypto_op`` was
+  renamed to ``aux_flags`` to indicate warnings and other information from
+  the crypto/security operation. This field will be used to communicate
+  events such as soft expiry with IPsec in lookaside mode.
+
 
 ABI Changes
 -----------
@@ -173,6 +180,11 @@ ABI Changes
   ``rte_security_ipsec_sa_options`` to disable IV generation inside PMD,
   so that application can provide its own IV and test known test vectors.
 
+* security: A new structure ``rte_security_ipsec_lifetime`` was added to
+  replace ``esn_soft_limit`` in IPsec configuration structure
+  ``rte_security_ipsec_xform`` to allow applications to configure SA soft
+  and hard expiry limits. Limits can be either in number of packets or bytes.
+
 
 Known Issues
 ------------