From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 696AAA0561; Mon, 20 Apr 2020 21:16:43 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 0F6761D6EF; Mon, 20 Apr 2020 21:16:42 +0200 (CEST) Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by dpdk.org (Postfix) with ESMTP id C9BFA1D588 for ; Mon, 20 Apr 2020 21:16:39 +0200 (CEST) IronPort-SDR: usrT0i3YYX1LsJ2SlZ8drk0MkA1a03UkN5GdjaLb0YDcLXUmSRgLkhsACmRNyEU5jQgsXse2vf d/9aiyshEGSw== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Apr 2020 12:16:38 -0700 IronPort-SDR: BT2990XEb3k9Dcr7WNXD3TPwNRPl4KStkGa07OuTUE4deAPBj5PCZw/dSMPjxctLoVJFO4fh7f iqmjWV3JdhzQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.72,407,1580803200"; d="scan'208";a="279339682" Received: from silpixa00400072.ir.intel.com ([10.237.222.213]) by fmsmga004.fm.intel.com with ESMTP; 20 Apr 2020 12:16:37 -0700 From: Vladimir Medvedkin To: dev@dpdk.org Cc: konstantin.ananyev@intel.com, akhil.goyal@nxp.com, vladimir.medvedkin@intel.com Date: Mon, 20 Apr 2020 20:16:35 +0100 Message-Id: <134a692052e2017bcb0312b3d572e68cd2f7d1e9.1587410155.git.vladimir.medvedkin@intel.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <6001e9c347d26c4e2f80765c8abc7f74fcf8bbf2.1586873664.git.vladimir.medvedkin@intel.com> References: <6001e9c347d26c4e2f80765c8abc7f74fcf8bbf2.1586873664.git.vladimir.medvedkin@intel.com> Subject: [dpdk-dev] [PATCH v3] examples/ipsec-secgw: remove limitation for crypto sessions X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Get rid of hardcoded limit of cryptodev sessions. Fixes: e1143d7dbbf4 ("examples/ipsec-secgw: get rid of maximum SA limitation") Cc: vladimir.medvedkin@intel.com Signed-off-by: Vladimir Medvedkin --- examples/ipsec-secgw/ipsec-secgw.c | 25 +++++++++++++++++++------ examples/ipsec-secgw/ipsec.h | 3 +++ examples/ipsec-secgw/sa.c | 9 +++++++++ 3 files changed, 31 insertions(+), 6 deletions(-) diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c index 5fde4f7..30fc985 100644 --- a/examples/ipsec-secgw/ipsec-secgw.c +++ b/examples/ipsec-secgw/ipsec-secgw.c @@ -62,7 +62,6 @@ volatile bool force_quit; #define CDEV_QUEUE_DESC 2048 #define CDEV_MAP_ENTRIES 16384 -#define CDEV_MP_NB_OBJS 1024 #define CDEV_MP_CACHE_SZ 64 #define MAX_QUEUE_PAIRS 1 @@ -2003,10 +2002,11 @@ cryptodevs_init(uint16_t req_queue_num) dev_conf.ff_disable = RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO; uint32_t dev_max_sess = cdev_info.sym.max_nb_sessions; - if (dev_max_sess != 0 && dev_max_sess < CDEV_MP_NB_OBJS) + if (dev_max_sess != 0 && + dev_max_sess < get_nb_crypto_sessions()) rte_exit(EXIT_FAILURE, "Device does not support at least %u " - "sessions", CDEV_MP_NB_OBJS); + "sessions", get_nb_crypto_sessions()); if (rte_cryptodev_configure(cdev_id, &dev_conf)) rte_panic("Failed to initialize cryptodev %u\n", @@ -2258,12 +2258,18 @@ session_pool_init(struct socket_ctx *ctx, int32_t socket_id, size_t sess_sz) { char mp_name[RTE_MEMPOOL_NAMESIZE]; struct rte_mempool *sess_mp; + uint32_t nb_sess; snprintf(mp_name, RTE_MEMPOOL_NAMESIZE, "sess_mp_%u", socket_id); + /* + * Doubled due to rte_security_session_create() uses one mempool for + * session and for session private data. + */ + nb_sess = (get_nb_crypto_sessions() + CDEV_MP_CACHE_SZ * + rte_lcore_count()) * 2; sess_mp = rte_cryptodev_sym_session_pool_create( - mp_name, CDEV_MP_NB_OBJS, - sess_sz, CDEV_MP_CACHE_SZ, 0, + mp_name, nb_sess, sess_sz, CDEV_MP_CACHE_SZ, 0, socket_id); ctx->session_pool = sess_mp; @@ -2280,11 +2286,18 @@ session_priv_pool_init(struct socket_ctx *ctx, int32_t socket_id, { char mp_name[RTE_MEMPOOL_NAMESIZE]; struct rte_mempool *sess_mp; + uint32_t nb_sess; snprintf(mp_name, RTE_MEMPOOL_NAMESIZE, "sess_mp_priv_%u", socket_id); + /* + * Doubled due to rte_security_session_create() uses one mempool for + * session and for session private data. + */ + nb_sess = (get_nb_crypto_sessions() + CDEV_MP_CACHE_SZ * + rte_lcore_count()) * 2; sess_mp = rte_mempool_create(mp_name, - CDEV_MP_NB_OBJS, + nb_sess, sess_sz, CDEV_MP_CACHE_SZ, 0, NULL, NULL, NULL, diff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h index 1f264c0..8ad3082 100644 --- a/examples/ipsec-secgw/ipsec.h +++ b/examples/ipsec-secgw/ipsec.h @@ -409,4 +409,7 @@ int create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa, struct rte_ipsec_session *ips); +uint32_t +get_nb_crypto_sessions(void); + #endif /* __IPSEC_H__ */ diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c index a6bf5e8..2063db8 100644 --- a/examples/ipsec-secgw/sa.c +++ b/examples/ipsec-secgw/sa.c @@ -135,6 +135,7 @@ const struct supported_aead_algo aead_algos[] = { #define SA_INIT_NB 128 +static uint32_t nb_crypto_sessions; struct ipsec_sa *sa_out; uint32_t nb_sa_out; static uint32_t sa_out_sz; @@ -680,6 +681,7 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens, } rule->fallback_sessions = 1; + nb_crypto_sessions++; fallback_p = 1; continue; } @@ -724,6 +726,7 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens, rule->portid = -1; } + nb_crypto_sessions++; *ri = *ri + 1; } @@ -1542,3 +1545,9 @@ sa_sort_arr(void) qsort(sa_in, nb_sa_in, sizeof(struct ipsec_sa), sa_cmp); qsort(sa_out, nb_sa_out, sizeof(struct ipsec_sa), sa_cmp); } + +uint32_t +get_nb_crypto_sessions(void) +{ + return nb_crypto_sessions; +} -- 2.7.4