From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id B4C9EA0353; Fri, 21 Jan 2022 13:05:35 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 7C3F04275C; Fri, 21 Jan 2022 13:05:12 +0100 (CET) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 495494275C for ; Fri, 21 Jan 2022 13:05:11 +0100 (CET) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id 20LA2lWq029271; Fri, 21 Jan 2022 04:05:10 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=pfpt0220; bh=c6fWd/DyOArAwqRkQEeZ3GdNC7oipAv6zxg9WRgNJXc=; b=VXqiCEAsjybrxSWVelzFzAgASTmw/7USNr7YWSfZMWSu/mhuKpGe7womWR7qJ374tC8e esly7TqXtlpcvwJy9aQLx7Z6eaHMxr7SsIUhoc4rh2tNBdhmNh4eLKm2KqdQhqJFemdU lXoMpuWifK0zaQzIOwUAUM/l6y5UEFQATn6bquEx/JImDrjg++voqaohDVVA7D8gG+Qf FC1mO9sPI+Y7E9PvtfD98Gqr183N4KxnCkGQrVvBeNLHkPRtJ9QZ9mzItMm0y41Hfl0o Ri8HPRqLPd28AA+t5/perbxVgM5akC/4qYrxBNbmUNkVRiUOZ3GcS9PNpxWuEQWuXWmI Qg== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3dqj05hu3h-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Fri, 21 Jan 2022 04:05:10 -0800 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 21 Jan 2022 04:05:07 -0800 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Fri, 21 Jan 2022 04:05:07 -0800 Received: from hyd1588t430.marvell.com (unknown [10.29.52.204]) by maili.marvell.com (Postfix) with ESMTP id 4B9483F708F; Fri, 21 Jan 2022 04:05:05 -0800 (PST) From: Nithin Dabilpuram To: , Nithin Dabilpuram , "Kiran Kumar K" , Sunil Kumar Kori , Satha Rao CC: , Subject: [PATCH v2 10/10] net/cnxk: synchronize inline session create and destroy Date: Fri, 21 Jan 2022 17:34:24 +0530 Message-ID: <20220121120424.28166-10-ndabilpuram@marvell.com> X-Mailer: git-send-email 2.8.4 In-Reply-To: <20220121120424.28166-1-ndabilpuram@marvell.com> References: <20211209091342.27017-1-ndabilpuram@marvell.com> <20220121120424.28166-1-ndabilpuram@marvell.com> MIME-Version: 1.0 Content-Type: text/plain X-Proofpoint-GUID: TNyCg5HAaczXOqzM5TnfansJ4RaxFUjc X-Proofpoint-ORIG-GUID: TNyCg5HAaczXOqzM5TnfansJ4RaxFUjc X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.816,Hydra:6.0.425,FMLib:17.11.62.513 definitions=2022-01-21_06,2022-01-21_01,2021-12-02_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Synchronize inline session create and destroy using spinlock. Also move security related error prints outside the spinlock. Signed-off-by: Nithin Dabilpuram --- drivers/net/cnxk/cn10k_ethdev_sec.c | 35 ++++++++++++++++++++++++++++------- drivers/net/cnxk/cn9k_ethdev_sec.c | 32 ++++++++++++++++++++++++++------ drivers/net/cnxk/cnxk_ethdev.c | 7 +++++-- drivers/net/cnxk/cnxk_ethdev.h | 6 ++++++ 4 files changed, 65 insertions(+), 15 deletions(-) diff --git a/drivers/net/cnxk/cn10k_ethdev_sec.c b/drivers/net/cnxk/cn10k_ethdev_sec.c index 235c168..12cec0a 100644 --- a/drivers/net/cnxk/cn10k_ethdev_sec.c +++ b/drivers/net/cnxk/cn10k_ethdev_sec.c @@ -238,6 +238,8 @@ cn10k_eth_sec_session_create(void *device, struct rte_crypto_sym_xform *crypto; struct cnxk_eth_sec_sess *eth_sec; bool inbound, inl_dev; + rte_spinlock_t *lock; + char tbuf[128] = {0}; int rc = 0; if (conf->action_type != RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL) @@ -272,6 +274,9 @@ cn10k_eth_sec_session_create(void *device, memset(eth_sec, 0, sizeof(struct cnxk_eth_sec_sess)); sess_priv.u64 = 0; + lock = inbound ? &dev->inb.lock : &dev->outb.lock; + rte_spinlock_lock(lock); + /* Acquire lock on inline dev for inbound */ if (inbound && inl_dev) roc_nix_inl_dev_lock(); @@ -287,12 +292,14 @@ cn10k_eth_sec_session_create(void *device, /* Get Inbound SA from NIX_RX_IPSEC_SA_BASE */ sa = roc_nix_inl_inb_sa_get(&dev->nix, inl_dev, ipsec->spi); if (!sa && dev->inb.inl_dev) { - plt_err("Failed to create ingress sa, inline dev " - "not found or spi not in range"); + snprintf(tbuf, sizeof(tbuf), + "Failed to create ingress sa, inline dev " + "not found or spi not in range"); rc = -ENOTSUP; goto mempool_put; } else if (!sa) { - plt_err("Failed to create ingress sa"); + snprintf(tbuf, sizeof(tbuf), + "Failed to create ingress sa"); rc = -EFAULT; goto mempool_put; } @@ -301,8 +308,9 @@ cn10k_eth_sec_session_create(void *device, /* Check if SA is already in use */ if (inb_sa->w2.s.valid) { - plt_err("Inbound SA with SPI %u already in use", - ipsec->spi); + snprintf(tbuf, sizeof(tbuf), + "Inbound SA with SPI %u already in use", + ipsec->spi); rc = -EBUSY; goto mempool_put; } @@ -313,7 +321,8 @@ cn10k_eth_sec_session_create(void *device, /* Fill inbound sa params */ rc = cnxk_ot_ipsec_inb_sa_fill(inb_sa_dptr, ipsec, crypto); if (rc) { - plt_err("Failed to init inbound sa, rc=%d", rc); + snprintf(tbuf, sizeof(tbuf), + "Failed to init inbound sa, rc=%d", rc); goto mempool_put; } @@ -371,7 +380,8 @@ cn10k_eth_sec_session_create(void *device, /* Fill outbound sa params */ rc = cnxk_ot_ipsec_outb_sa_fill(outb_sa_dptr, ipsec, crypto); if (rc) { - plt_err("Failed to init outbound sa, rc=%d", rc); + snprintf(tbuf, sizeof(tbuf), + "Failed to init outbound sa, rc=%d", rc); rc |= cnxk_eth_outb_sa_idx_put(dev, sa_idx); goto mempool_put; } @@ -409,6 +419,7 @@ cn10k_eth_sec_session_create(void *device, } if (inbound && inl_dev) roc_nix_inl_dev_unlock(); + rte_spinlock_unlock(lock); plt_nix_dbg("Created %s session with spi=%u, sa_idx=%u inl_dev=%u", inbound ? "inbound" : "outbound", eth_sec->spi, @@ -422,7 +433,11 @@ cn10k_eth_sec_session_create(void *device, mempool_put: if (inbound && inl_dev) roc_nix_inl_dev_unlock(); + rte_spinlock_unlock(lock); + rte_mempool_put(mempool, eth_sec); + if (rc) + plt_err("%s", tbuf); return rc; } @@ -433,12 +448,16 @@ cn10k_eth_sec_session_destroy(void *device, struct rte_security_session *sess) struct cnxk_eth_dev *dev = cnxk_eth_pmd_priv(eth_dev); struct cnxk_eth_sec_sess *eth_sec; struct rte_mempool *mp; + rte_spinlock_t *lock; void *sa_dptr; eth_sec = cnxk_eth_sec_sess_get_by_sess(dev, sess); if (!eth_sec) return -ENOENT; + lock = eth_sec->inb ? &dev->inb.lock : &dev->outb.lock; + rte_spinlock_lock(lock); + if (eth_sec->inl_dev) roc_nix_inl_dev_lock(); @@ -468,6 +487,8 @@ cn10k_eth_sec_session_destroy(void *device, struct rte_security_session *sess) if (eth_sec->inl_dev) roc_nix_inl_dev_unlock(); + rte_spinlock_unlock(lock); + plt_nix_dbg("Destroyed %s session with spi=%u, sa_idx=%u, inl_dev=%u", eth_sec->inb ? "inbound" : "outbound", eth_sec->spi, eth_sec->sa_idx, eth_sec->inl_dev); diff --git a/drivers/net/cnxk/cn9k_ethdev_sec.c b/drivers/net/cnxk/cn9k_ethdev_sec.c index b070ad5..27930d1 100644 --- a/drivers/net/cnxk/cn9k_ethdev_sec.c +++ b/drivers/net/cnxk/cn9k_ethdev_sec.c @@ -146,6 +146,8 @@ cn9k_eth_sec_session_create(void *device, struct cn9k_sec_sess_priv sess_priv; struct rte_crypto_sym_xform *crypto; struct cnxk_eth_sec_sess *eth_sec; + rte_spinlock_t *lock; + char tbuf[128] = {0}; bool inbound; int rc = 0; @@ -174,6 +176,9 @@ cn9k_eth_sec_session_create(void *device, return -ENOMEM; } + lock = inbound ? &dev->inb.lock : &dev->outb.lock; + rte_spinlock_lock(lock); + memset(eth_sec, 0, sizeof(struct cnxk_eth_sec_sess)); sess_priv.u64 = 0; @@ -188,17 +193,19 @@ cn9k_eth_sec_session_create(void *device, * device always for CN9K. */ inb_sa = (struct roc_onf_ipsec_inb_sa *) - roc_nix_inl_inb_sa_get(&dev->nix, false, ipsec->spi); + roc_nix_inl_inb_sa_get(&dev->nix, false, ipsec->spi); if (!inb_sa) { - plt_err("Failed to create ingress sa"); + snprintf(tbuf, sizeof(tbuf), + "Failed to create ingress sa"); rc = -EFAULT; goto mempool_put; } /* Check if SA is already in use */ if (inb_sa->ctl.valid) { - plt_err("Inbound SA with SPI %u already in use", - ipsec->spi); + snprintf(tbuf, sizeof(tbuf), + "Inbound SA with SPI %u already in use", + ipsec->spi); rc = -EBUSY; goto mempool_put; } @@ -208,7 +215,8 @@ cn9k_eth_sec_session_create(void *device, /* Fill inbound sa params */ rc = cnxk_onf_ipsec_inb_sa_fill(inb_sa, ipsec, crypto); if (rc) { - plt_err("Failed to init inbound sa, rc=%d", rc); + snprintf(tbuf, sizeof(tbuf), + "Failed to init inbound sa, rc=%d", rc); goto mempool_put; } @@ -263,7 +271,8 @@ cn9k_eth_sec_session_create(void *device, /* Fill outbound sa params */ rc = cnxk_onf_ipsec_outb_sa_fill(outb_sa, ipsec, crypto); if (rc) { - plt_err("Failed to init outbound sa, rc=%d", rc); + snprintf(tbuf, sizeof(tbuf), + "Failed to init outbound sa, rc=%d", rc); rc |= cnxk_eth_outb_sa_idx_put(dev, sa_idx); goto mempool_put; } @@ -300,6 +309,8 @@ cn9k_eth_sec_session_create(void *device, /* Sync SA content */ plt_atomic_thread_fence(__ATOMIC_ACQ_REL); + rte_spinlock_unlock(lock); + plt_nix_dbg("Created %s session with spi=%u, sa_idx=%u", inbound ? "inbound" : "outbound", eth_sec->spi, eth_sec->sa_idx); @@ -310,7 +321,10 @@ cn9k_eth_sec_session_create(void *device, return 0; mempool_put: + rte_spinlock_unlock(lock); rte_mempool_put(mempool, eth_sec); + if (rc) + plt_err("%s", tbuf); return rc; } @@ -323,11 +337,15 @@ cn9k_eth_sec_session_destroy(void *device, struct rte_security_session *sess) struct roc_onf_ipsec_inb_sa *inb_sa; struct cnxk_eth_sec_sess *eth_sec; struct rte_mempool *mp; + rte_spinlock_t *lock; eth_sec = cnxk_eth_sec_sess_get_by_sess(dev, sess); if (!eth_sec) return -ENOENT; + lock = eth_sec->inb ? &dev->inb.lock : &dev->outb.lock; + rte_spinlock_lock(lock); + if (eth_sec->inb) { inb_sa = eth_sec->sa; /* Disable SA */ @@ -349,6 +367,8 @@ cn9k_eth_sec_session_destroy(void *device, struct rte_security_session *sess) /* Sync SA content */ plt_atomic_thread_fence(__ATOMIC_ACQ_REL); + rte_spinlock_unlock(lock); + plt_nix_dbg("Destroyed %s session with spi=%u, sa_idx=%u", eth_sec->inb ? "inbound" : "outbound", eth_sec->spi, eth_sec->sa_idx); diff --git a/drivers/net/cnxk/cnxk_ethdev.c b/drivers/net/cnxk/cnxk_ethdev.c index 74f6255..c2e7f2f 100644 --- a/drivers/net/cnxk/cnxk_ethdev.c +++ b/drivers/net/cnxk/cnxk_ethdev.c @@ -1605,8 +1605,6 @@ cnxk_eth_dev_init(struct rte_eth_dev *eth_dev) sec_ctx->flags = (RTE_SEC_CTX_F_FAST_SET_MDATA | RTE_SEC_CTX_F_FAST_GET_UDATA); eth_dev->security_ctx = sec_ctx; - TAILQ_INIT(&dev->inb.list); - TAILQ_INIT(&dev->outb.list); /* For secondary processes, the primary has done all the work */ if (rte_eal_process_type() != RTE_PROC_PRIMARY) @@ -1642,6 +1640,11 @@ cnxk_eth_dev_init(struct rte_eth_dev *eth_dev) dev->configured = 0; dev->ptype_disable = 0; + TAILQ_INIT(&dev->inb.list); + TAILQ_INIT(&dev->outb.list); + rte_spinlock_init(&dev->inb.lock); + rte_spinlock_init(&dev->outb.lock); + /* For vfs, returned max_entries will be 0. but to keep default mac * address, one entry must be allocated. so setting up to 1. */ diff --git a/drivers/net/cnxk/cnxk_ethdev.h b/drivers/net/cnxk/cnxk_ethdev.h index 5bfda3d..db1fb4b 100644 --- a/drivers/net/cnxk/cnxk_ethdev.h +++ b/drivers/net/cnxk/cnxk_ethdev.h @@ -271,6 +271,9 @@ struct cnxk_eth_dev_sec_inb { /* DPTR for WRITE_SA microcode op */ void *sa_dptr; + + /* Lock to synchronize sa setup/release */ + rte_spinlock_t lock; }; /* Outbound security data */ @@ -304,6 +307,9 @@ struct cnxk_eth_dev_sec_outb { /* DPTR for WRITE_SA microcode op */ void *sa_dptr; + + /* Lock to synchronize sa setup/release */ + rte_spinlock_t lock; }; struct cnxk_eth_dev { -- 2.8.4