DPDK patches and discussions
 help / color / mirror / Atom feed
* [dpdk-dev] [PATCH 0/6] examples/ipsec-secgw: fix 1st pkt dropped
@ 2019-03-06 16:00 Bernard Iremonger
  2019-03-06 16:00 ` [dpdk-dev] [PATCH 1/6] examples/ipsec-secgw: fix 1st pkt dropped for inline crypto Bernard Iremonger
                   ` (9 more replies)
  0 siblings, 10 replies; 93+ messages in thread
From: Bernard Iremonger @ 2019-03-06 16:00 UTC (permalink / raw)
  To: dev, konstantin.ananyev, akhil.goyal; +Cc: Bernard Iremonger

This patchset fixes the issue of the first inbound packet
being dropped for inline crypto. It also improves the debug 
output in esp.c, sa.c and ipsec-secgw.c 

Bernard Iremonger (6):
  examples/ipsec-secgw: fix 1st pkt dropped for inline crypto
  examples/ipsec-secgw: fix 1st packet dropped patch two
  examples/ipsec-secgw: fix 1st packet dropped patch three
  examples/ipsec-secgw: fix debug in esp.c
  examples/ipsec-secgw: fix debug in sa.c
  examples/ipsec-secgw: fix debug in ipsec-secgw.c

 examples/ipsec-secgw/esp.c           |   5 +-
 examples/ipsec-secgw/ipsec-secgw.c   | 252 ++++++++++++++++++-----------------
 examples/ipsec-secgw/ipsec.c         | 123 +++++++++++------
 examples/ipsec-secgw/ipsec.h         |   5 +-
 examples/ipsec-secgw/ipsec_process.c |   9 +-
 examples/ipsec-secgw/sa.c            |  67 ++++++++--
 6 files changed, 274 insertions(+), 187 deletions(-)

-- 
2.7.4

^ permalink raw reply	[flat|nested] 93+ messages in thread
* Re: [dpdk-dev] [PATCH v4 1/2] examples/ipsec-secgw: fix 1st packet dropped for inline crypto
@ 2019-04-18 13:51 Akhil Goyal
  2019-04-18 13:51 ` Akhil Goyal
                   ` (2 more replies)
  0 siblings, 3 replies; 93+ messages in thread
From: Akhil Goyal @ 2019-04-18 13:51 UTC (permalink / raw)
  To: Bernard Iremonger, dev, konstantin.ananyev; +Cc: stable

Hi Bernard,

> -       RTE_LOG_DP(DEBUG, IPSEC, "Create session for SA spi %u on cryptodev "
> -                       "%u qp %u\n", sa->spi,
> -                       ipsec_ctx->tbl[cdev_id_qp].id,
> -                       ipsec_ctx->tbl[cdev_id_qp].qp);
> +       if ((sa == NULL) || (pool == NULL))
> +               return -EINVAL;
> 
> -       if (sa->type != RTE_SECURITY_ACTION_TYPE_NONE) {
> -               struct rte_security_session_conf sess_conf = {
> +       struct rte_security_session_conf sess_conf = {
>                         .action_type = sa->type,
>                         .protocol = RTE_SECURITY_PROTOCOL_IPSEC,
>                         {.ipsec = {
> @@ -90,247 +65,340 @@ create_session(struct ipsec_ctx *ipsec_ctx, struct
> ipsec_sa *sa)
>                         } },
>                         .crypto_xform = sa->xforms,
>                         .userdata = NULL,
> -
>                 };
> 
> -               if (sa->type == RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL)
> {
> -                       struct rte_security_ctx *ctx = (struct rte_security_ctx *)
> -                                                       rte_cryptodev_get_sec_ctx(
> -                                                       ipsec_ctx->tbl[cdev_id_qp].id);
> -
> -                       /* Set IPsec parameters in conf */
> -                       set_ipsec_conf(sa, &(sess_conf.ipsec));
> -
> -                       sa->sec_session = rte_security_session_create(ctx,
> -                                       &sess_conf, ipsec_ctx->session_pool);
> -                       if (sa->sec_session == NULL) {
> -                               RTE_LOG(ERR, IPSEC,
> -                               "SEC Session init failed: err: %d\n", ret);
> -                               return -1;
> -                       }
> -               } else if (sa->type == RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO) {
> -                       struct rte_flow_error err;
> -                       struct rte_security_ctx *ctx = (struct rte_security_ctx *)
> -                                                       rte_eth_dev_get_sec_ctx(
> -                                                       sa->portid);
> -                       const struct rte_security_capability *sec_cap;
> -                       int ret = 0;
> -
> -                       sa->sec_session = rte_security_session_create(ctx,
> -                                       &sess_conf, ipsec_ctx->session_pool);
> -                       if (sa->sec_session == NULL) {
> -                               RTE_LOG(ERR, IPSEC,
> -                               "SEC Session init failed: err: %d\n", ret);
> -                               return -1;
> -                       }
> +       if (sa->type == RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL) {
> +               ctx = (struct rte_security_ctx *)
> +                               rte_eth_dev_get_sec_ctx(sa->portid);

This is breaking the lookaside mode. Ctx was retrieved using the ipsec_ctx->tbl
struct rte_security_ctx *ctx = (struct rte_security_ctx *)
				rte_cryptodev_get_sec_ctx(
				ipsec_ctx->tbl[cdev_id_qp].id);

I am looking into it, but I don't have time left to get it integrated in RC2. So this has to be pushed to RC3



> 
> -                       sec_cap = rte_security_capabilities_get(ctx);
> +               /* Set IPsec parameters in conf */
> +               set_ipsec_conf(sa, &(sess_conf.ipsec));
> 
> -                       /* iterate until ESP tunnel*/
> -                       while (sec_cap->action !=
> -                                       RTE_SECURITY_ACTION_TYPE_NONE) {
> +               sa->sec_session = rte_security_session_create(ctx,
> +                               &sess_conf, pool);
> +               if (sa->sec_session == NULL) {
> +                       RTE_LOG(ERR, IPSEC,
> +                               "SEC Session init failed: err: %d\n",
> +                               ret);
> +                       return -1;
> +               }

^ permalink raw reply	[flat|nested] 93+ messages in thread
* Re: [dpdk-dev] [PATCH v4 1/2] examples/ipsec-secgw: fix 1st packet dropped for inline crypto
@ 2019-04-22  6:25 Akhil Goyal
  2019-04-22  6:25 ` Akhil Goyal
  0 siblings, 1 reply; 93+ messages in thread
From: Akhil Goyal @ 2019-04-22  6:25 UTC (permalink / raw)
  To: Iremonger, Bernard, dev, Ananyev, Konstantin; +Cc: stable

Hi Bernard,

> 
> Hi Akhil,
> 
> <snip>
> 
> > Subject: RE: [PATCH v4 1/2] examples/ipsec-secgw: fix 1st packet dropped
> > for inline crypto
> 
> <snip>
> > > +       if (sa->type ==
> > RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL) {
> > > +               ctx = (struct rte_security_ctx *)
> > > +                               rte_eth_dev_get_sec_ctx(sa->portid);
> >
> > This is breaking the lookaside mode. Ctx was retrieved using the ipsec_ctx-
> > >tbl struct rte_security_ctx *ctx = (struct rte_security_ctx *)
> >                               rte_cryptodev_get_sec_ctx(
> >                               ipsec_ctx->tbl[cdev_id_qp].id);
> >
> > I am looking into it, but I don't have time left to get it integrated in RC2. So
> > this has to be pushed to RC3
> 
> <snip>
> 
> Unfortunately we do not have the HW to test this feature.
> What HW are you using to test this?
> 
> Having looked at the code previously
> ipsec_ctx->tbl[cdev_id_qp].id   turned out to be the port_id.
> 
> So we had expected it to work.
> 
> We will need your help with this.

I am looking into this. Will let you know when I get the fix.
> 
> Regards,
> 
> Bernard.

^ permalink raw reply	[flat|nested] 93+ messages in thread

end of thread, other threads:[~2019-07-19 15:41 UTC | newest]

Thread overview: 93+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-03-06 16:00 [dpdk-dev] [PATCH 0/6] examples/ipsec-secgw: fix 1st pkt dropped Bernard Iremonger
2019-03-06 16:00 ` [dpdk-dev] [PATCH 1/6] examples/ipsec-secgw: fix 1st pkt dropped for inline crypto Bernard Iremonger
2019-03-06 16:00 ` [dpdk-dev] [PATCH 2/6] examples/ipsec-secgw: fix 1st packet dropped patch two Bernard Iremonger
2019-03-06 19:39   ` Ananyev, Konstantin
2019-03-07  9:54     ` Iremonger, Bernard
2019-03-06 16:00 ` [dpdk-dev] [PATCH 3/6] examples/ipsec-secgw: fix 1st packet dropped patch three Bernard Iremonger
2019-03-06 16:00 ` [dpdk-dev] [PATCH 4/6] examples/ipsec-secgw: fix debug in esp.c Bernard Iremonger
2019-03-06 16:00 ` [dpdk-dev] [PATCH 5/6] examples/ipsec-secgw: fix debug in sa.c Bernard Iremonger
2019-03-06 16:00 ` [dpdk-dev] [PATCH 6/6] examples/ipsec-secgw: fix debug in ipsec-secgw.c Bernard Iremonger
2019-03-06 16:14 ` [dpdk-dev] [PATCH 0/6] examples/ipsec-secgw: fix 1st pkt dropped Akhil Goyal
2019-03-07 10:06   ` Iremonger, Bernard
2019-03-07 14:57 ` [dpdk-dev] [PATCH v2 0/2] " Bernard Iremonger
2019-03-08 15:35   ` Ananyev, Konstantin
2019-04-04 13:28   ` [dpdk-dev] [PATCH v3 " Bernard Iremonger
2019-04-04 13:28     ` Bernard Iremonger
2019-04-05 11:15     ` Ananyev, Konstantin
2019-04-05 11:15       ` Ananyev, Konstantin
2019-04-17 13:42     ` [dpdk-dev] [PATCH v4 " Bernard Iremonger
2019-04-17 13:42       ` Bernard Iremonger
2019-06-06 11:12       ` [dpdk-dev] [PATCH v5 " Bernard Iremonger
2019-06-12 14:51         ` [dpdk-dev] [PATCH v6 " Bernard Iremonger
2019-07-10 11:23           ` [dpdk-dev] [PATCH v7 " Bernard Iremonger
2019-07-19 12:53             ` Akhil Goyal
2019-07-19 13:03               ` Iremonger, Bernard
2019-07-19 15:40                 ` Iremonger, Bernard
2019-07-10 11:23           ` [dpdk-dev] [PATCH v7 1/2] examples/ipsec-secgw: fix 1st pkt dropped for inline crypto Bernard Iremonger
2019-07-10 11:23           ` [dpdk-dev] [PATCH v7 2/2] examples/ipsec-secgw/test: fix inline test scripts Bernard Iremonger
2019-06-12 14:52         ` [dpdk-dev] [PATCH v6 1/2] examples/ipsec-secgw: fix 1st pkt dropped for inline crypto Bernard Iremonger
2019-06-13 12:34           ` Ananyev, Konstantin
2019-07-03 10:04             ` Akhil Goyal
2019-07-03 10:13               ` Iremonger, Bernard
2019-07-03 10:18                 ` Akhil Goyal
2019-07-03 10:30                   ` Iremonger, Bernard
2019-07-03 10:32                     ` Akhil Goyal
2019-06-12 14:52         ` [dpdk-dev] [PATCH v6 2/2] examples/ipsec-secgw/test: fix inline test scripts Bernard Iremonger
2019-06-13 12:34           ` Ananyev, Konstantin
2019-06-06 11:12       ` [dpdk-dev] [PATCH v5 1/2] examples/ipsec-secgw: fix 1st pkt dropped for inline crypto Bernard Iremonger
2019-06-11 15:29         ` Ananyev, Konstantin
2019-06-12  9:29           ` Iremonger, Bernard
2019-06-06 11:12       ` [dpdk-dev] [PATCH v5 2/2] examples/ipsec-secgw/test: fix inline test scripts Bernard Iremonger
2019-04-17 13:42     ` [dpdk-dev] [PATCH v4 1/2] examples/ipsec-secgw: fix 1st packet dropped for inline crypto Bernard Iremonger
2019-04-17 13:42       ` Bernard Iremonger
2019-04-17 13:42     ` [dpdk-dev] [PATCH v4 2/2] examples/ipsec-secgw/test: fix inline test scripts Bernard Iremonger
2019-04-17 13:42       ` Bernard Iremonger
2019-04-04 13:28   ` [dpdk-dev] [PATCH v3 1/2] examples/ipsec-secgw: fix 1st packet dropped for inline crypto Bernard Iremonger
2019-04-04 13:28     ` Bernard Iremonger
2019-04-17 11:51     ` Akhil Goyal
2019-04-17 11:51       ` Akhil Goyal
2019-04-17 12:53       ` Iremonger, Bernard
2019-04-17 12:53         ` Iremonger, Bernard
2019-04-17 13:01         ` [dpdk-dev] [EXT] " Akhil Goyal
2019-04-17 13:01           ` Akhil Goyal
2019-04-04 13:28   ` [dpdk-dev] [PATCH v3 2/2] examples/ipsec-secgw/test: fix inline test scripts Bernard Iremonger
2019-04-04 13:28     ` Bernard Iremonger
2019-03-07 14:57 ` [dpdk-dev] [PATCH v2 1/2] examples/ipsec-secgw: fix 1st pkt dropped for inline crypto Bernard Iremonger
2019-03-22 13:18   ` Akhil Goyal
2019-03-22 13:18     ` Akhil Goyal
2019-03-26 10:22     ` Iremonger, Bernard
2019-03-26 10:22       ` Iremonger, Bernard
2019-03-26 11:04       ` Akhil Goyal
2019-03-26 11:04         ` Akhil Goyal
2019-03-26 11:41         ` Iremonger, Bernard
2019-03-26 11:41           ` Iremonger, Bernard
2019-03-26 11:48           ` Akhil Goyal
2019-03-26 11:48             ` Akhil Goyal
2019-03-26 12:29             ` Ananyev, Konstantin
2019-03-26 12:29               ` Ananyev, Konstantin
2019-03-26 12:55               ` Akhil Goyal
2019-03-26 12:55                 ` Akhil Goyal
2019-03-07 14:57 ` [dpdk-dev] [PATCH v2 2/2] examples/ipsec-secgw/test: fix inline test scripts Bernard Iremonger
2019-04-18 13:51 [dpdk-dev] [PATCH v4 1/2] examples/ipsec-secgw: fix 1st packet dropped for inline crypto Akhil Goyal
2019-04-18 13:51 ` Akhil Goyal
2019-04-18 14:58 ` Iremonger, Bernard
2019-04-18 14:58   ` Iremonger, Bernard
2019-04-18 15:23   ` Iremonger, Bernard
2019-04-18 15:23     ` Iremonger, Bernard
2019-04-23 11:14 ` Akhil Goyal
2019-04-23 11:14   ` Akhil Goyal
2019-04-23 13:21   ` Ananyev, Konstantin
2019-04-23 13:21     ` Ananyev, Konstantin
2019-04-23 13:32     ` Akhil Goyal
2019-04-23 13:32       ` Akhil Goyal
2019-04-23 14:04       ` Ananyev, Konstantin
2019-04-23 14:04         ` Ananyev, Konstantin
2019-04-24  6:34         ` Akhil Goyal
2019-04-24  6:34           ` Akhil Goyal
2019-04-24 10:40           ` Iremonger, Bernard
2019-04-24 10:40             ` Iremonger, Bernard
2019-05-13 14:29             ` Ananyev, Konstantin
2019-05-13 14:29               ` Ananyev, Konstantin
2019-05-27  8:58               ` Iremonger, Bernard
2019-04-22  6:25 Akhil Goyal
2019-04-22  6:25 ` Akhil Goyal

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).