DPDK patches and discussions
 help / color / mirror / Atom feed
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <akhil.goyal@nxp.com>,
	Konstantin Ananyev <konstantin.ananyev@intel.com>
Cc: Jerin Jacob Kollanukkaran <jerinj@marvell.com>,
	"Narayana Prasad Raju Athreya" <pathreya@marvell.com>,
	Ankur Dwivedi <adwivedi@marvell.com>,
	Archana Muniganti <marchana@marvell.com>,
	Tejasree Kondoj <ktejasree@marvell.com>,
	Vamsi Krishna Attunuru <vattunuru@marvell.com>,
	"dev@dpdk.org" <dev@dpdk.org>,
	Thomas Monjalon <thomas@monjalon.net>,
	"Radu Nicolau" <radu.nicolau@intel.com>,
	Lukas Bartosik <lbartosik@marvell.com>
Subject: Re: [dpdk-dev] [EXT] RE: [PATCH v4 12/15] examples/ipsec-secgw: add app mode worker
Date: Tue, 25 Feb 2020 12:13:20 +0000	[thread overview]
Message-ID: <MN2PR18MB2877EB75CA6367BDFAF5630EDFED0@MN2PR18MB2877.namprd18.prod.outlook.com> (raw)
In-Reply-To: <aae480a0-2e48-f919-1361-64bed14500c7@marvell.com>

Hi Akhil, Konstantin,

One question below.

Thanks,
Anoob

> -----Original Message-----
> From: Lukas Bartosik <lbartosik@marvell.com>
> Sent: Tuesday, February 25, 2020 5:21 PM
> To: Akhil Goyal <akhil.goyal@nxp.com>; Anoob Joseph <anoobj@marvell.com>
> Cc: Jerin Jacob Kollanukkaran <jerinj@marvell.com>; Narayana Prasad Raju
> Athreya <pathreya@marvell.com>; Ankur Dwivedi <adwivedi@marvell.com>;
> Archana Muniganti <marchana@marvell.com>; Tejasree Kondoj
> <ktejasree@marvell.com>; Vamsi Krishna Attunuru <vattunuru@marvell.com>;
> Konstantin Ananyev <konstantin.ananyev@intel.com>; dev@dpdk.org; Thomas
> Monjalon <thomas@monjalon.net>; Radu Nicolau <radu.nicolau@intel.com>
> Subject: Re: [EXT] RE: [PATCH v4 12/15] examples/ipsec-secgw: add app mode
> worker
> 
> Hi Akhil,
> 
> Please see my answers below.
> 
> Thanks,
> Lukasz
> 
> On 24.02.2020 15:13, Akhil Goyal wrote:
> > External Email
> >
> > ----------------------------------------------------------------------
> > Hi Lukasz/Anoob,
> >
> >>
> >> Add application inbound/outbound worker thread and IPsec application
> >> processing code for event mode.
> >>
> >> Example ipsec-secgw command in app mode:
> >> ipsec-secgw -w 0002:02:00.0,ipsec_in_max_spi=128 -w
> >> 0002:03:00.0,ipsec_in_max_spi=128 -w 0002:0e:00.0 -w 0002:10:00.1
> >> --log-level=8 -c 0x1 -- -P -p 0x3 -u 0x1 --config "(1,0,0),(0,0,0)"
> >> -f aes-gcm.cfg --transfer-mode event --event-schedule-type parallel
> >>
> >> Signed-off-by: Anoob Joseph <anoobj@marvell.com>
> >> Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
> >> Signed-off-by: Lukasz Bartosik <lbartosik@marvell.com>
> >> ---
> >
> > ...
> >
> >> +static inline enum pkt_type
> >> +process_ipsec_get_pkt_type(struct rte_mbuf *pkt, uint8_t **nlp) {
> >> +	struct rte_ether_hdr *eth;
> >> +
> >> +	eth = rte_pktmbuf_mtod(pkt, struct rte_ether_hdr *);
> >> +	if (eth->ether_type == rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV4)) {
> >> +		*nlp = RTE_PTR_ADD(eth, RTE_ETHER_HDR_LEN +
> >> +				offsetof(struct ip, ip_p));
> >> +		if (**nlp == IPPROTO_ESP)
> >> +			return PKT_TYPE_IPSEC_IPV4;
> >> +		else
> >> +			return PKT_TYPE_PLAIN_IPV4;
> >> +	} else if (eth->ether_type ==
> >> +rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV6))
> >> {
> >> +		*nlp = RTE_PTR_ADD(eth, RTE_ETHER_HDR_LEN +
> >> +				offsetof(struct ip6_hdr, ip6_nxt));
> >> +		if (**nlp == IPPROTO_ESP)
> >> +			return PKT_TYPE_IPSEC_IPV6;
> >> +		else
> >> +			return PKT_TYPE_PLAIN_IPV6;
> >> +	}
> >> +
> >> +	/* Unknown/Unsupported type */
> >> +	return PKT_TYPE_INVALID;
> >> +}
> >> +
> >> +static inline void
> >> +update_mac_addrs(struct rte_mbuf *pkt, uint16_t portid) {
> >> +	struct rte_ether_hdr *ethhdr;
> >> +
> >> +	ethhdr = rte_pktmbuf_mtod(pkt, struct rte_ether_hdr *);
> >> +	memcpy(&ethhdr->s_addr, &ethaddr_tbl[portid].src,
> >> RTE_ETHER_ADDR_LEN);
> >> +	memcpy(&ethhdr->d_addr, &ethaddr_tbl[portid].dst,
> >> RTE_ETHER_ADDR_LEN);
> >> +}
> >>
> >>  static inline void
> >>  ipsec_event_pre_forward(struct rte_mbuf *m, unsigned int port_id) @@
> >> -61,6 +101,290 @@ prepare_out_sessions_tbl(struct sa_ctx *sa_out,
> >>  	}
> >>  }
> >>
> >> +static inline int
> >> +check_sp(struct sp_ctx *sp, const uint8_t *nlp, uint32_t *sa_idx) {
> >> +	uint32_t res;
> >> +
> >> +	if (unlikely(sp == NULL))
> >> +		return 0;
> >> +
> >> +	rte_acl_classify((struct rte_acl_ctx *)sp, &nlp, &res, 1,
> >> +			DEFAULT_MAX_CATEGORIES);
> >> +
> >> +	if (unlikely(res == 0)) {
> >> +		/* No match */
> >> +		return 0;
> >> +	}
> >> +
> >> +	if (res == DISCARD)
> >> +		return 0;
> >> +	else if (res == BYPASS) {
> >> +		*sa_idx = -1;
> >> +		return 1;
> >> +	}
> >> +
> >> +	*sa_idx = res - 1;
> >> +	return 1;
> >> +}
> >> +
> >> +static inline uint16_t
> >> +route4_pkt(struct rte_mbuf *pkt, struct rt_ctx *rt_ctx) {
> >> +	uint32_t dst_ip;
> >> +	uint16_t offset;
> >> +	uint32_t hop;
> >> +	int ret;
> >> +
> >> +	offset = RTE_ETHER_HDR_LEN + offsetof(struct ip, ip_dst);
> >> +	dst_ip = *rte_pktmbuf_mtod_offset(pkt, uint32_t *, offset);
> >> +	dst_ip = rte_be_to_cpu_32(dst_ip);
> >> +
> >> +	ret = rte_lpm_lookup((struct rte_lpm *)rt_ctx, dst_ip, &hop);
> >> +
> >> +	if (ret == 0) {
> >> +		/* We have a hit */
> >> +		return hop;
> >> +	}
> >> +
> >> +	/* else */
> >> +	return RTE_MAX_ETHPORTS;
> >> +}
> >> +
> >> +/* TODO: To be tested */
> >> +static inline uint16_t
> >> +route6_pkt(struct rte_mbuf *pkt, struct rt_ctx *rt_ctx) {
> >> +	uint8_t dst_ip[16];
> >> +	uint8_t *ip6_dst;
> >> +	uint16_t offset;
> >> +	uint32_t hop;
> >> +	int ret;
> >> +
> >> +	offset = RTE_ETHER_HDR_LEN + offsetof(struct ip6_hdr, ip6_dst);
> >> +	ip6_dst = rte_pktmbuf_mtod_offset(pkt, uint8_t *, offset);
> >> +	memcpy(&dst_ip[0], ip6_dst, 16);
> >> +
> >> +	ret = rte_lpm6_lookup((struct rte_lpm6 *)rt_ctx, dst_ip, &hop);
> >> +
> >> +	if (ret == 0) {
> >> +		/* We have a hit */
> >> +		return hop;
> >> +	}
> >> +
> >> +	/* else */
> >> +	return RTE_MAX_ETHPORTS;
> >> +}
> >> +
> >> +static inline uint16_t
> >> +get_route(struct rte_mbuf *pkt, struct route_table *rt, enum
> >> +pkt_type type) {
> >> +	if (type == PKT_TYPE_PLAIN_IPV4 || type == PKT_TYPE_IPSEC_IPV4)
> >> +		return route4_pkt(pkt, rt->rt4_ctx);
> >> +	else if (type == PKT_TYPE_PLAIN_IPV6 || type == PKT_TYPE_IPSEC_IPV6)
> >> +		return route6_pkt(pkt, rt->rt6_ctx);
> >> +
> >> +	return RTE_MAX_ETHPORTS;
> >> +}
> >
> > Is it not possible to use the existing functions for finding routes, checking
> packet types and checking security policies.
> > It will be very difficult to manage two separate functions for same
> > work. I can see that the pkt->data_offs Are not required to be updated
> > in the inline case, but can we split the existing functions in two so that they can
> be Called in the appropriate cases.
> >
> > As you have said in the cover note as well to add lookaside protocol
> > support. I also tried adding it, and it will get very Difficult to manage separate
> functions for separate code paths.
> >
> 
> [Lukasz] This was also Konstantin's comment during review of one of previous
> revisions.
> The prepare_one_packet() and prepare_tx_pkt() do much more than we need
> and for performance reasons we crafted new functions. For example,
> process_ipsec_get_pkt_type function returns nlp and whether packet type is
> plain or IPsec. That's all. Prepare_one_packet() process packets in chunks and
> does much more - it adjusts mbuf and packet length then it demultiplex packets
> into plain and IPsec flows and finally does inline checks. This is similar for
> update_mac_addrs() vs prepare_tx_pkt() and check_sp() vs inbound_sp_sa() that
> prepare_tx_pkt() and inbound_sp_sa() do more that we need in event mode.
> 
> I understand your concern from the perspective of code maintenance but on the
> other hand we are concerned with performance.
> The current code is not optimized to support multiple mode processing
> introduced with rte_security. We can work on a common routines once we have
> other modes also added, so that we can come up with a better solution than
> what we have today.
> 
> >> +
> >> +static inline int
> >> +process_ipsec_ev_inbound(struct ipsec_ctx *ctx, struct route_table *rt,
> >> +		struct rte_event *ev)
> >> +{
> >> +	struct ipsec_sa *sa = NULL;
> >> +	struct rte_mbuf *pkt;
> >> +	uint16_t port_id = 0;
> >> +	enum pkt_type type;
> >> +	uint32_t sa_idx;
> >> +	uint8_t *nlp;
> >> +
> >> +	/* Get pkt from event */
> >> +	pkt = ev->mbuf;
> >> +
> >> +	/* Check the packet type */
> >> +	type = process_ipsec_get_pkt_type(pkt, &nlp);
> >> +
> >> +	switch (type) {
> >> +	case PKT_TYPE_PLAIN_IPV4:
> >> +		if (pkt->ol_flags & PKT_RX_SEC_OFFLOAD) {
> >> +			if (unlikely(pkt->ol_flags &
> >> +				     PKT_RX_SEC_OFFLOAD_FAILED)) {
> >> +				RTE_LOG(ERR, IPSEC,
> >> +					"Inbound security offload failed\n");
> >> +				goto drop_pkt_and_exit;
> >> +			}
> >> +			sa = pkt->userdata;
> >> +		}
> >> +
> >> +		/* Check if we have a match */
> >> +		if (check_sp(ctx->sp4_ctx, nlp, &sa_idx) == 0) {
> >> +			/* No valid match */
> >> +			goto drop_pkt_and_exit;
> >> +		}
> >> +		break;
> >> +
> >> +	case PKT_TYPE_PLAIN_IPV6:
> >> +		if (pkt->ol_flags & PKT_RX_SEC_OFFLOAD) {
> >> +			if (unlikely(pkt->ol_flags &
> >> +				     PKT_RX_SEC_OFFLOAD_FAILED)) {
> >> +				RTE_LOG(ERR, IPSEC,
> >> +					"Inbound security offload failed\n");
> >> +				goto drop_pkt_and_exit;
> >> +			}
> >> +			sa = pkt->userdata;
> >> +		}
> >> +
> >> +		/* Check if we have a match */
> >> +		if (check_sp(ctx->sp6_ctx, nlp, &sa_idx) == 0) {
> >> +			/* No valid match */
> >> +			goto drop_pkt_and_exit;
> >> +		}
> >> +		break;
> >> +
> >> +	default:
> >> +		RTE_LOG(ERR, IPSEC, "Unsupported packet type = %d\n", type);
> >> +		goto drop_pkt_and_exit;
> >> +	}
> >> +
> >> +	/* Check if the packet has to be bypassed */
> >> +	if (sa_idx == BYPASS)
> >> +		goto route_and_send_pkt;
> >> +
> >> +	/* Validate sa_idx */
> >> +	if (sa_idx >= ctx->sa_ctx->nb_sa)
> >> +		goto drop_pkt_and_exit;
> >> +
> >> +	/* Else the packet has to be protected with SA */
> >> +
> >> +	/* If the packet was IPsec processed, then SA pointer should be set */
> >> +	if (sa == NULL)
> >> +		goto drop_pkt_and_exit;
> >> +
> >> +	/* SPI on the packet should match with the one in SA */
> >> +	if (unlikely(sa->spi != ctx->sa_ctx->sa[sa_idx].spi))
> >> +		goto drop_pkt_and_exit;
> >> +
> >> +route_and_send_pkt:
> >> +	port_id = get_route(pkt, rt, type);
> >> +	if (unlikely(port_id == RTE_MAX_ETHPORTS)) {
> >> +		/* no match */
> >> +		goto drop_pkt_and_exit;
> >> +	}
> >> +	/* else, we have a matching route */
> >> +
> >> +	/* Update mac addresses */
> >> +	update_mac_addrs(pkt, port_id);
> >> +
> >> +	/* Update the event with the dest port */
> >> +	ipsec_event_pre_forward(pkt, port_id);
> >> +	return 1;
> >> +
> >> +drop_pkt_and_exit:
> >> +	RTE_LOG(ERR, IPSEC, "Inbound packet dropped\n");
> >> +	rte_pktmbuf_free(pkt);
> >> +	ev->mbuf = NULL;
> >> +	return 0;
> >> +}
> >> +
> >> +static inline int
> >> +process_ipsec_ev_outbound(struct ipsec_ctx *ctx, struct route_table *rt,
> >> +		struct rte_event *ev)
> >> +{
> >> +	struct rte_ipsec_session *sess;
> >> +	struct sa_ctx *sa_ctx;
> >> +	struct rte_mbuf *pkt;
> >> +	uint16_t port_id = 0;
> >> +	struct ipsec_sa *sa;
> >> +	enum pkt_type type;
> >> +	uint32_t sa_idx;
> >> +	uint8_t *nlp;
> >> +
> >> +	/* Get pkt from event */
> >> +	pkt = ev->mbuf;
> >> +
> >> +	/* Check the packet type */
> >> +	type = process_ipsec_get_pkt_type(pkt, &nlp);
> >> +
> >> +	switch (type) {
> >> +	case PKT_TYPE_PLAIN_IPV4:
> >> +		/* Check if we have a match */
> >> +		if (check_sp(ctx->sp4_ctx, nlp, &sa_idx) == 0) {
> >> +			/* No valid match */
> >> +			goto drop_pkt_and_exit;
> >> +		}
> >> +		break;
> >> +	case PKT_TYPE_PLAIN_IPV6:
> >> +		/* Check if we have a match */
> >> +		if (check_sp(ctx->sp6_ctx, nlp, &sa_idx) == 0) {
> >> +			/* No valid match */
> >> +			goto drop_pkt_and_exit;
> >> +		}
> >> +		break;
> >> +	default:
> >> +		/*
> >> +		 * Only plain IPv4 & IPv6 packets are allowed
> >> +		 * on protected port. Drop the rest.
> >> +		 */
> >> +		RTE_LOG(ERR, IPSEC, "Unsupported packet type = %d\n", type);
> >> +		goto drop_pkt_and_exit;
> >> +	}
> >> +
> >> +	/* Check if the packet has to be bypassed */
> >> +	if (sa_idx == BYPASS) {
> >> +		port_id = get_route(pkt, rt, type);
> >> +		if (unlikely(port_id == RTE_MAX_ETHPORTS)) {
> >> +			/* no match */
> >> +			goto drop_pkt_and_exit;
> >> +		}
> >> +		/* else, we have a matching route */
> >> +		goto send_pkt;
> >> +	}
> >> +
> >> +	/* Validate sa_idx */
> >> +	if (sa_idx >= ctx->sa_ctx->nb_sa)
> >> +		goto drop_pkt_and_exit;
> >> +
> >> +	/* Else the packet has to be protected */
> >> +
> >> +	/* Get SA ctx*/
> >> +	sa_ctx = ctx->sa_ctx;
> >> +
> >> +	/* Get SA */
> >> +	sa = &(sa_ctx->sa[sa_idx]);
> >> +
> >> +	/* Get IPsec session */
> >> +	sess = ipsec_get_primary_session(sa);
> >> +
> >> +	/* Allow only inline protocol for now */
> >> +	if (sess->type != RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL) {
> >> +		RTE_LOG(ERR, IPSEC, "SA type not supported\n");
> >> +		goto drop_pkt_and_exit;
> >> +	}
> >> +
> >> +	if (sess->security.ol_flags & RTE_SECURITY_TX_OLOAD_NEED_MDATA)
> >> +		pkt->userdata = sess->security.ses;
> >> +
> >> +	/* Mark the packet for Tx security offload */
> >> +	pkt->ol_flags |= PKT_TX_SEC_OFFLOAD;
> >> +
> >> +	/* Get the port to which this pkt need to be submitted */
> >> +	port_id = sa->portid;
> >> +
> >> +send_pkt:
> >> +	/* Update mac addresses */
> >> +	update_mac_addrs(pkt, port_id);
> >> +
> >> +	/* Update the event with the dest port */
> >> +	ipsec_event_pre_forward(pkt, port_id);
> >
> > How is IP checksum getting updated for the processed packet.
> > If the hardware is not updating it, should we add a fallback mechanism
> > for SW based Checksum update.
> >
> 
> [Lukasz] In case of outbound inline protocol checksum has to be calculated by
> HW as final packet is formed by crypto device. There is no need to calculate it in
> SW.
> 
> >> +	return 1;
> >
> > It will be better to use some MACROS while returning Like
> > #define PKT_FORWARD   1
> > #define PKT_DROPPED     0
> > #define PKT_POSTED       2  /*may be for lookaside cases */
> >
> >> +
> >> +drop_pkt_and_exit:
> >> +	RTE_LOG(ERR, IPSEC, "Outbound packet dropped\n");
> >> +	rte_pktmbuf_free(pkt);
> >> +	ev->mbuf = NULL;
> >> +	return 0;
> >> +}
> >> +
> >>  /*
> >>   * Event mode exposes various operating modes depending on the
> >>   * capabilities of the event device and the operating mode @@ -68,7
> >> +392,7 @@ prepare_out_sessions_tbl(struct sa_ctx *sa_out,
> >>   */
> >>
> >>  /* Workers registered */
> >> -#define IPSEC_EVENTMODE_WORKERS		1
> >> +#define IPSEC_EVENTMODE_WORKERS		2
> >>
> >>  /*
> >>   * Event mode worker
> >> @@ -146,7 +470,7 @@ ipsec_wrkr_non_burst_int_port_drv_mode(struct
> >> eh_event_link_info *links,
> >>  			}
> >>
> >>  			/* Save security session */
> >> -			pkt->udata64 = (uint64_t) sess_tbl[port_id];
> >> +			pkt->userdata = sess_tbl[port_id];
> >>
> >>  			/* Mark the packet for Tx security offload */
> >>  			pkt->ol_flags |= PKT_TX_SEC_OFFLOAD; @@ -165,6
> +489,94 @@
> >> ipsec_wrkr_non_burst_int_port_drv_mode(struct
> >> eh_event_link_info *links,
> >>  	}
> >>  }
> >>
> >> +/*
> >> + * Event mode worker
> >> + * Operating parameters : non-burst - Tx internal port - app mode
> >> +*/ static void ipsec_wrkr_non_burst_int_port_app_mode(struct
> >> +eh_event_link_info *links,
> >> +		uint8_t nb_links)
> >> +{
> >> +	struct lcore_conf_ev_tx_int_port_wrkr lconf;
> >> +	unsigned int nb_rx = 0;
> >> +	struct rte_event ev;
> >> +	uint32_t lcore_id;
> >> +	int32_t socket_id;
> >> +	int ret;
> >> +
> >> +	/* Check if we have links registered for this lcore */
> >> +	if (nb_links == 0) {
> >> +		/* No links registered - exit */
> >> +		return;
> >> +	}
> >> +
> >> +	/* We have valid links */
> >> +
> >> +	/* Get core ID */
> >> +	lcore_id = rte_lcore_id();
> >> +
> >> +	/* Get socket ID */
> >> +	socket_id = rte_lcore_to_socket_id(lcore_id);
> >> +
> >> +	/* Save routing table */
> >> +	lconf.rt.rt4_ctx = socket_ctx[socket_id].rt_ip4;
> >> +	lconf.rt.rt6_ctx = socket_ctx[socket_id].rt_ip6;
> >> +	lconf.inbound.sp4_ctx = socket_ctx[socket_id].sp_ip4_in;
> >> +	lconf.inbound.sp6_ctx = socket_ctx[socket_id].sp_ip6_in;
> >> +	lconf.inbound.sa_ctx = socket_ctx[socket_id].sa_in;
> >> +	lconf.inbound.session_pool = socket_ctx[socket_id].session_pool;
> >
> > Session_priv_pool should also be added for both inbound and outbound
> >
> 
> [Lukasz] I will add it in V5.

[Anoob] Actually, why do need both session_pool and private_pool? I think it's a remnant from the time we had session being created when the first packet arrives. 

@Konstantin, thoughts?
 
> 
> >> +	lconf.outbound.sp4_ctx = socket_ctx[socket_id].sp_ip4_out;
> >> +	lconf.outbound.sp6_ctx = socket_ctx[socket_id].sp_ip6_out;
> >> +	lconf.outbound.sa_ctx = socket_ctx[socket_id].sa_out;
> >> +	lconf.outbound.session_pool = socket_ctx[socket_id].session_pool;
> >> +
> >> +	RTE_LOG(INFO, IPSEC,
> >> +		"Launching event mode worker (non-burst - Tx internal port - "
> >> +		"app mode) on lcore %d\n", lcore_id);
> >> +
> >> +	/* Check if it's single link */
> >> +	if (nb_links != 1) {
> >> +		RTE_LOG(INFO, IPSEC,
> >> +			"Multiple links not supported. Using first link\n");
> >> +	}
> >> +
> >> +	RTE_LOG(INFO, IPSEC, " -- lcoreid=%u event_port_id=%u\n", lcore_id,
> >> +		links[0].event_port_id);
> >> +
> >> +	while (!force_quit) {
> >> +		/* Read packet from event queues */
> >> +		nb_rx = rte_event_dequeue_burst(links[0].eventdev_id,
> >> +				links[0].event_port_id,
> >> +				&ev,     /* events */
> >> +				1,       /* nb_events */
> >> +				0        /* timeout_ticks */);
> >> +
> >> +		if (nb_rx == 0)
> >> +			continue;
> >> +
> >
> > Event type should be checked here before dereferencing it.
> >
> 
> [Lukasz] I will add event type check in V5.
> 
> >> +		if (is_unprotected_port(ev.mbuf->port))
> >> +			ret = process_ipsec_ev_inbound(&lconf.inbound,
> >> +							&lconf.rt, &ev);
> >> +		else
> >> +			ret = process_ipsec_ev_outbound(&lconf.outbound,
> >> +							&lconf.rt, &ev);
> >> +		if (ret != 1)
> >> +			/* The pkt has been dropped */
> >> +			continue;
> >> +
> >> +		/*
> >> +		 * Since tx internal port is available, events can be
> >> +		 * directly enqueued to the adapter and it would be
> >> +		 * internally submitted to the eth device.
> >> +		 */
> >> +		rte_event_eth_tx_adapter_enqueue(links[0].eventdev_id,
> >> +				links[0].event_port_id,
> >> +				&ev,	/* events */
> >> +				1,	/* nb_events */
> >> +				0	/* flags */);
> >> +	}
> >> +}
> >> +
> >>  static uint8_t
> >>  ipsec_eventmode_populate_wrkr_params(struct eh_app_worker_params
> >> *wrkrs)
> >>  {
> >> @@ -180,6 +592,14 @@ ipsec_eventmode_populate_wrkr_params(struct
> >> eh_app_worker_params *wrkrs)
> >>  	wrkr->cap.ipsec_mode = EH_IPSEC_MODE_TYPE_DRIVER;
> >>  	wrkr->worker_thread = ipsec_wrkr_non_burst_int_port_drv_mode;
> >>  	wrkr++;
> >> +	nb_wrkr_param++;
> >> +
> >> +	/* Non-burst - Tx internal port - app mode */
> >> +	wrkr->cap.burst = EH_RX_TYPE_NON_BURST;
> >> +	wrkr->cap.tx_internal_port = EH_TX_TYPE_INTERNAL_PORT;
> >> +	wrkr->cap.ipsec_mode = EH_IPSEC_MODE_TYPE_APP;
> >> +	wrkr->worker_thread = ipsec_wrkr_non_burst_int_port_app_mode;
> >> +	nb_wrkr_param++;
> >>
> >>  	return nb_wrkr_param;
> >>  }
> >> diff --git a/examples/ipsec-secgw/ipsec_worker.h b/examples/ipsec-
> >> secgw/ipsec_worker.h new file mode 100644 index 0000000..87b4f22
> >> --- /dev/null
> >> +++ b/examples/ipsec-secgw/ipsec_worker.h
> >> @@ -0,0 +1,35 @@
> >> +/* SPDX-License-Identifier: BSD-3-Clause
> >> + * Copyright (C) 2020 Marvell International Ltd.
> >> + */
> >> +#ifndef _IPSEC_WORKER_H_
> >> +#define _IPSEC_WORKER_H_
> >> +
> >> +#include "ipsec.h"
> >> +
> >> +enum pkt_type {
> >> +	PKT_TYPE_PLAIN_IPV4 = 1,
> >> +	PKT_TYPE_IPSEC_IPV4,
> >> +	PKT_TYPE_PLAIN_IPV6,
> >> +	PKT_TYPE_IPSEC_IPV6,
> >> +	PKT_TYPE_INVALID
> >> +};
> >> +
> >> +struct route_table {
> >> +	struct rt_ctx *rt4_ctx;
> >> +	struct rt_ctx *rt6_ctx;
> >> +};
> >> +
> >> +/*
> >> + * Conf required by event mode worker with tx internal port  */
> >> +struct lcore_conf_ev_tx_int_port_wrkr {
> >> +	struct ipsec_ctx inbound;
> >> +	struct ipsec_ctx outbound;
> >> +	struct route_table rt;
> >> +} __rte_cache_aligned;
> >> +
> >> +void ipsec_poll_mode_worker(void);
> >> +
> >> +int ipsec_launch_one_lcore(void *args);
> >> +
> >> +#endif /* _IPSEC_WORKER_H_ */
> >> --
> >> 2.7.4
> >

  reply	other threads:[~2020-02-25 12:13 UTC|newest]

Thread overview: 147+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-12-08 12:30 [dpdk-dev] [PATCH 00/14] add eventmode to ipsec-secgw Anoob Joseph
2019-12-08 12:30 ` [dpdk-dev] [PATCH 01/14] examples/ipsec-secgw: add default rte_flow for inline Rx Anoob Joseph
2019-12-16 14:20   ` Ananyev, Konstantin
2019-12-16 15:58     ` Anoob Joseph
2020-01-09 12:01       ` Lukas Bartosik
2020-01-09 19:09         ` Ananyev, Konstantin
2020-01-13 11:40           ` Ananyev, Konstantin
2019-12-08 12:30 ` [dpdk-dev] [PATCH 02/14] examples/ipsec-secgw: add framework for eventmode helper Anoob Joseph
2019-12-08 12:30 ` [dpdk-dev] [PATCH 03/14] examples/ipsec-secgw: add eventdev port-lcore link Anoob Joseph
2019-12-08 12:30 ` [dpdk-dev] [PATCH 04/14] examples/ipsec-secgw: add Rx adapter support Anoob Joseph
2019-12-11 11:33   ` Akhil Goyal
2019-12-12  5:18     ` Anoob Joseph
2019-12-23 18:48   ` Ananyev, Konstantin
2020-01-07  6:12     ` Anoob Joseph
2020-01-07 14:32       ` Ananyev, Konstantin
2019-12-08 12:30 ` [dpdk-dev] [PATCH 05/14] examples/ipsec-secgw: add Tx " Anoob Joseph
2019-12-08 12:30 ` [dpdk-dev] [PATCH 06/14] examples/ipsec-secgw: add routines to display config Anoob Joseph
2019-12-08 12:30 ` [dpdk-dev] [PATCH 07/14] examples/ipsec-secgw: add routines to launch workers Anoob Joseph
2019-12-08 12:30 ` [dpdk-dev] [PATCH 08/14] examples/ipsec-secgw: add support for internal ports Anoob Joseph
2019-12-08 12:30 ` [dpdk-dev] [PATCH 09/14] examples/ipsec-secgw: add eventmode to ipsec-secgw Anoob Joseph
2019-12-23 16:43   ` Ananyev, Konstantin
2020-01-03 10:18     ` Anoob Joseph
2020-01-06 15:45       ` Ananyev, Konstantin
2020-01-09  6:17         ` Anoob Joseph
2019-12-24 12:47   ` Ananyev, Konstantin
2020-01-03 10:20     ` Anoob Joseph
2020-01-06 16:50       ` Ananyev, Konstantin
2020-01-07  6:56         ` Anoob Joseph
2020-01-07 14:38           ` Ananyev, Konstantin
2019-12-08 12:30 ` [dpdk-dev] [PATCH 10/14] examples/ipsec-secgw: add app inbound worker Anoob Joseph
2019-12-08 12:30 ` [dpdk-dev] [PATCH 11/14] examples/ipsec-secgw: add app processing code Anoob Joseph
2019-12-23 16:49   ` Ananyev, Konstantin
2020-01-10 14:28     ` [dpdk-dev] [EXT] " Lukas Bartosik
2019-12-24 13:13   ` [dpdk-dev] " Ananyev, Konstantin
2020-01-10 14:36     ` [dpdk-dev] [EXT] " Lukas Bartosik
2019-12-25 15:18   ` [dpdk-dev] " Ananyev, Konstantin
2020-01-07  6:16     ` Anoob Joseph
2019-12-08 12:30 ` [dpdk-dev] [PATCH 12/14] examples/ipsec-secgw: add driver outbound worker Anoob Joseph
2019-12-23 17:28   ` Ananyev, Konstantin
2020-01-04 10:58     ` Anoob Joseph
2020-01-06 17:46       ` Ananyev, Konstantin
2020-01-07  4:32         ` Anoob Joseph
2020-01-07 14:30           ` Ananyev, Konstantin
2020-01-09 11:49             ` Anoob Joseph
2019-12-08 12:30 ` [dpdk-dev] [PATCH 13/14] examples/ipsec-secgw: add app " Anoob Joseph
2019-12-08 12:30 ` [dpdk-dev] [PATCH 14/14] examples/ipsec-secgw: add cmd line option for bufs Anoob Joseph
2019-12-23 16:14   ` Ananyev, Konstantin
2019-12-23 16:16     ` Ananyev, Konstantin
2020-01-03  5:42       ` Anoob Joseph
2020-01-06 15:21         ` Ananyev, Konstantin
2020-01-20 13:45 ` [dpdk-dev] [PATCH v2 00/12] add eventmode to ipsec-secgw Anoob Joseph
2020-01-20 13:45   ` [dpdk-dev] [PATCH v2 01/12] examples/ipsec-secgw: add default rte_flow for inline Rx Anoob Joseph
2020-01-20 13:45   ` [dpdk-dev] [PATCH v2 02/12] examples/ipsec-secgw: add framework for eventmode helper Anoob Joseph
2020-01-20 13:45   ` [dpdk-dev] [PATCH v2 03/12] examples/ipsec-secgw: add eventdev port-lcore link Anoob Joseph
2020-01-20 13:45   ` [dpdk-dev] [PATCH v2 04/12] examples/ipsec-secgw: add Rx adapter support Anoob Joseph
2020-01-20 13:45   ` [dpdk-dev] [PATCH v2 05/12] examples/ipsec-secgw: add Tx " Anoob Joseph
2020-01-20 13:45   ` [dpdk-dev] [PATCH v2 06/12] examples/ipsec-secgw: add routines to display config Anoob Joseph
2020-01-20 13:45   ` [dpdk-dev] [PATCH v2 07/12] examples/ipsec-secgw: add routines to launch workers Anoob Joseph
2020-01-20 13:45   ` [dpdk-dev] [PATCH v2 08/12] examples/ipsec-secgw: add support for internal ports Anoob Joseph
2020-01-20 13:45   ` [dpdk-dev] [PATCH v2 09/12] examples/ipsec-secgw: add eventmode to ipsec-secgw Anoob Joseph
2020-01-29 23:31     ` Ananyev, Konstantin
2020-01-30 11:04       ` [dpdk-dev] [EXT] " Lukas Bartosik
2020-01-30 11:13         ` Ananyev, Konstantin
2020-01-30 22:21           ` Ananyev, Konstantin
2020-01-31  1:09             ` Lukas Bartosik
2020-02-02 23:00               ` Lukas Bartosik
2020-02-03  7:50                 ` Ananyev, Konstantin
2020-01-20 13:45   ` [dpdk-dev] [PATCH v2 10/12] examples/ipsec-secgw: add driver mode worker Anoob Joseph
2020-01-29 22:22     ` Ananyev, Konstantin
2020-01-20 13:45   ` [dpdk-dev] [PATCH v2 11/12] examples/ipsec-secgw: add app " Anoob Joseph
2020-01-29 15:34     ` Ananyev, Konstantin
2020-01-29 17:18       ` Anoob Joseph
2020-01-20 13:45   ` [dpdk-dev] [PATCH v2 12/12] examples/ipsec-secgw: add cmd line option for bufs Anoob Joseph
2020-01-29 14:40     ` Ananyev, Konstantin
2020-01-29 17:14       ` Anoob Joseph
2020-01-28  5:02   ` [dpdk-dev] [PATCH v2 00/12] add eventmode to ipsec-secgw Anoob Joseph
2020-01-28 13:00     ` Ananyev, Konstantin
2020-02-04 13:58   ` [dpdk-dev] [PATCH v3 00/13] " Lukasz Bartosik
2020-02-04 13:58     ` [dpdk-dev] [PATCH v3 01/13] examples/ipsec-secgw: add default rte flow for inline Rx Lukasz Bartosik
2020-02-04 13:58     ` [dpdk-dev] [PATCH v3 02/13] examples/ipsec-secgw: add framework for eventmode helper Lukasz Bartosik
2020-02-04 13:58     ` [dpdk-dev] [PATCH v3 03/13] examples/ipsec-secgw: add eventdev port-lcore link Lukasz Bartosik
2020-02-04 13:58     ` [dpdk-dev] [PATCH v3 04/13] examples/ipsec-secgw: add Rx adapter support Lukasz Bartosik
2020-02-04 13:58     ` [dpdk-dev] [PATCH v3 05/13] examples/ipsec-secgw: add Tx " Lukasz Bartosik
2020-02-04 13:58     ` [dpdk-dev] [PATCH v3 06/13] examples/ipsec-secgw: add routines to display config Lukasz Bartosik
2020-02-04 13:58     ` [dpdk-dev] [PATCH v3 07/13] examples/ipsec-secgw: add routines to launch workers Lukasz Bartosik
2020-02-04 13:58     ` [dpdk-dev] [PATCH v3 08/13] examples/ipsec-secgw: add support for internal ports Lukasz Bartosik
2020-02-04 13:58     ` [dpdk-dev] [PATCH v3 09/13] examples/ipsec-secgw: add event helper config init/uninit Lukasz Bartosik
2020-02-04 13:58     ` [dpdk-dev] [PATCH v3 10/13] examples/ipsec-secgw: add eventmode to ipsec-secgw Lukasz Bartosik
2020-02-04 13:58     ` [dpdk-dev] [PATCH v3 11/13] examples/ipsec-secgw: add driver mode worker Lukasz Bartosik
2020-02-04 13:58     ` [dpdk-dev] [PATCH v3 12/13] examples/ipsec-secgw: add app " Lukasz Bartosik
2020-02-04 13:58     ` [dpdk-dev] [PATCH v3 13/13] examples/ipsec-secgw: make number of buffers dynamic Lukasz Bartosik
2020-02-05 13:42       ` Ananyev, Konstantin
2020-02-05 16:08         ` [dpdk-dev] [EXT] " Lukas Bartosik
2020-02-20  8:01     ` [dpdk-dev] [PATCH v4 00/15] add eventmode to ipsec-secgw Lukasz Bartosik
2020-02-20  8:01       ` [dpdk-dev] [PATCH v4 01/15] examples/ipsec-secgw: add default rte flow for inline Rx Lukasz Bartosik
2020-02-20  8:01       ` [dpdk-dev] [PATCH v4 02/15] examples/ipsec-secgw: add framework for eventmode helper Lukasz Bartosik
2020-02-20  8:01       ` [dpdk-dev] [PATCH v4 03/15] examples/ipsec-secgw: add eventdev port-lcore link Lukasz Bartosik
2020-02-20  8:01       ` [dpdk-dev] [PATCH v4 04/15] examples/ipsec-secgw: add Rx adapter support Lukasz Bartosik
2020-02-20  8:01       ` [dpdk-dev] [PATCH v4 05/15] examples/ipsec-secgw: add Tx " Lukasz Bartosik
2020-02-20  8:01       ` [dpdk-dev] [PATCH v4 06/15] examples/ipsec-secgw: add routines to display config Lukasz Bartosik
2020-02-20  8:01       ` [dpdk-dev] [PATCH v4 07/15] examples/ipsec-secgw: add routines to launch workers Lukasz Bartosik
2020-02-20  8:02       ` [dpdk-dev] [PATCH v4 08/15] examples/ipsec-secgw: add support for internal ports Lukasz Bartosik
2020-02-20  8:02       ` [dpdk-dev] [PATCH v4 09/15] examples/ipsec-secgw: add event helper config init/uninit Lukasz Bartosik
2020-02-20  8:02       ` [dpdk-dev] [PATCH v4 10/15] examples/ipsec-secgw: add eventmode to ipsec-secgw Lukasz Bartosik
2020-02-20  8:02       ` [dpdk-dev] [PATCH v4 11/15] examples/ipsec-secgw: add driver mode worker Lukasz Bartosik
2020-02-20  8:02       ` [dpdk-dev] [PATCH v4 12/15] examples/ipsec-secgw: add app " Lukasz Bartosik
2020-02-24 14:13         ` Akhil Goyal
2020-02-25 11:50           ` [dpdk-dev] [EXT] " Lukas Bartosik
2020-02-25 12:13             ` Anoob Joseph [this message]
2020-02-25 16:03               ` Ananyev, Konstantin
2020-02-26  4:33                 ` Anoob Joseph
2020-02-26  5:55                   ` Akhil Goyal
2020-02-26 12:36                     ` Ananyev, Konstantin
2020-02-26  6:04             ` Akhil Goyal
2020-02-26 10:32               ` Lukas Bartosik
2020-02-27 12:07               ` Akhil Goyal
2020-02-27 14:31                 ` Lukas Bartosik
2020-02-20  8:02       ` [dpdk-dev] [PATCH v4 13/15] examples/ipsec-secgw: make number of buffers dynamic Lukasz Bartosik
2020-02-20  8:02       ` [dpdk-dev] [PATCH v4 14/15] doc: add event mode support to ipsec-secgw Lukasz Bartosik
2020-02-20  8:02       ` [dpdk-dev] [PATCH v4 15/15] examples/ipsec-secgw: reserve crypto queues in event mode Lukasz Bartosik
2020-02-24  5:20       ` [dpdk-dev] [PATCH v4 00/15] add eventmode to ipsec-secgw Anoob Joseph
2020-02-24 13:40       ` Akhil Goyal
2020-02-25 12:09         ` [dpdk-dev] [EXT] " Lukas Bartosik
2020-02-27 16:18       ` [dpdk-dev] [PATCH v5 " Lukasz Bartosik
2020-02-27 16:18         ` [dpdk-dev] [PATCH v5 01/15] examples/ipsec-secgw: add default rte flow for inline Rx Lukasz Bartosik
2020-02-27 16:18         ` [dpdk-dev] [PATCH v5 02/15] examples/ipsec-secgw: add framework for eventmode helper Lukasz Bartosik
2020-02-27 16:18         ` [dpdk-dev] [PATCH v5 03/15] examples/ipsec-secgw: add eventdev port-lcore link Lukasz Bartosik
2020-02-27 16:18         ` [dpdk-dev] [PATCH v5 04/15] examples/ipsec-secgw: add Rx adapter support Lukasz Bartosik
2020-02-27 16:18         ` [dpdk-dev] [PATCH v5 05/15] examples/ipsec-secgw: add Tx " Lukasz Bartosik
2020-02-27 16:18         ` [dpdk-dev] [PATCH v5 06/15] examples/ipsec-secgw: add routines to display config Lukasz Bartosik
2020-02-27 16:18         ` [dpdk-dev] [PATCH v5 07/15] examples/ipsec-secgw: add routines to launch workers Lukasz Bartosik
2020-02-27 16:18         ` [dpdk-dev] [PATCH v5 08/15] examples/ipsec-secgw: add support for internal ports Lukasz Bartosik
2020-02-27 16:18         ` [dpdk-dev] [PATCH v5 09/15] examples/ipsec-secgw: add event helper config init/uninit Lukasz Bartosik
2020-02-27 16:18         ` [dpdk-dev] [PATCH v5 10/15] examples/ipsec-secgw: add eventmode to ipsec-secgw Lukasz Bartosik
2020-02-27 16:18         ` [dpdk-dev] [PATCH v5 11/15] examples/ipsec-secgw: add driver mode worker Lukasz Bartosik
2020-02-27 16:18         ` [dpdk-dev] [PATCH v5 12/15] examples/ipsec-secgw: add app " Lukasz Bartosik
2020-02-27 16:18         ` [dpdk-dev] [PATCH v5 13/15] examples/ipsec-secgw: make number of buffers dynamic Lukasz Bartosik
2020-02-27 16:18         ` [dpdk-dev] [PATCH v5 14/15] doc: add event mode support to ipsec-secgw Lukasz Bartosik
2020-04-12 16:37           ` Thomas Monjalon
2020-02-27 16:18         ` [dpdk-dev] [PATCH v5 15/15] examples/ipsec-secgw: reserve crypto queues in event mode Lukasz Bartosik
2020-03-02  8:47         ` [dpdk-dev] [PATCH v5 00/15] add eventmode to ipsec-secgw Anoob Joseph
2020-03-02  8:57           ` Akhil Goyal
2020-03-03 18:00         ` Ananyev, Konstantin
2020-03-12  5:32           ` Anoob Joseph
2020-03-12  5:55             ` Akhil Goyal
2020-03-12  9:57               ` [dpdk-dev] [EXT] " Lukas Bartosik
2020-03-12 13:25                 ` Akhil Goyal

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=MN2PR18MB2877EB75CA6367BDFAF5630EDFED0@MN2PR18MB2877.namprd18.prod.outlook.com \
    --to=anoobj@marvell.com \
    --cc=adwivedi@marvell.com \
    --cc=akhil.goyal@nxp.com \
    --cc=dev@dpdk.org \
    --cc=jerinj@marvell.com \
    --cc=konstantin.ananyev@intel.com \
    --cc=ktejasree@marvell.com \
    --cc=lbartosik@marvell.com \
    --cc=marchana@marvell.com \
    --cc=pathreya@marvell.com \
    --cc=radu.nicolau@intel.com \
    --cc=thomas@monjalon.net \
    --cc=vattunuru@marvell.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).