From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70058.outbound.protection.outlook.com [40.107.7.58]) by dpdk.org (Postfix) with ESMTP id A95D81B9D0; Thu, 18 Apr 2019 15:51:20 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KKXUkqbS4FxHKRIIFmpMfPRjfLykaE529B2+gT0txoo=; b=BQUHTejd1P3DRaNEr6GXQ+nAHM4NpxdXkg7RoiMbqgZ7wDlMcOnHOrtppCpw4aLMBfZeAfFX3begi6WTAL0+vOSrssrxbYvxqvPdWetBrLnLoUoc7Okm0VDy1+NEMg+MVaWfKw7Ea2UqfHtbxgTuLy0M0jZz3oXUkCtjIfsGj34= Received: from VI1PR04MB4893.eurprd04.prod.outlook.com (20.177.49.154) by VI1PR04MB4109.eurprd04.prod.outlook.com (52.133.14.148) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1792.17; Thu, 18 Apr 2019 13:51:19 +0000 Received: from VI1PR04MB4893.eurprd04.prod.outlook.com ([fe80::98b0:84a6:1c08:57c7]) by VI1PR04MB4893.eurprd04.prod.outlook.com ([fe80::98b0:84a6:1c08:57c7%3]) with mapi id 15.20.1813.013; Thu, 18 Apr 2019 13:51:19 +0000 From: Akhil Goyal To: Bernard Iremonger , "dev@dpdk.org" , "konstantin.ananyev@intel.com" CC: "stable@dpdk.org" Thread-Topic: [PATCH v4 1/2] examples/ipsec-secgw: fix 1st packet dropped for inline crypto Thread-Index: AdT17cOXKHHL5EBLSxux3RG5b2/emQ== Date: Thu, 18 Apr 2019 13:51:19 +0000 Message-ID: Accept-Language: en-IN, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=akhil.goyal@nxp.com; x-originating-ip: [92.120.1.65] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 46314864-bf7f-4299-a589-08d6c404ef4b x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600141)(711020)(4605104)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:VI1PR04MB4109; x-ms-traffictypediagnostic: VI1PR04MB4109: x-microsoft-antispam-prvs: x-forefront-prvs: 0011612A55 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(396003)(366004)(376002)(346002)(136003)(199004)(189003)(74316002)(81156014)(478600001)(5660300002)(86362001)(7696005)(55016002)(14454004)(256004)(2201001)(81166006)(229853002)(66066001)(8676002)(9686003)(71190400001)(486006)(3846002)(6436002)(44832011)(6116002)(52536014)(8936002)(99286004)(71200400001)(6506007)(305945005)(186003)(97736004)(68736007)(25786009)(33656002)(6246003)(53936002)(2906002)(26005)(110136005)(316002)(102836004)(476003)(2501003)(7736002)(14444005)(4326008); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR04MB4109; H:VI1PR04MB4893.eurprd04.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: nxp.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: +PfTqjCf1iwAoBfT74jed4eD8TCtstuNZJ1BcUOnGeUeN3I9Q6IDFwGlhfv9hJiffUG01gCGXRnVkLR05MQr/74O553XsWudHalNRdflGt0L96k1eayuPBdvA7bKjYIpD3jJGPCB+73g3IIMlV+QGiMwNw7yAqUBNB11ul5QMPnbSQygI4JkYfs3RUrQBt4T7qKJvPKbbhL+TYadBuoRyoT8nBU8REMFPoiyxgge8/zRHlGA8PQPCjuX07VqIupA3IyDqebrhcEp36WFUIuGQuEVFa6viR00mR3YvJyE2gx4IeYvZMa4LJM5RPvtgfgQcGX4eLtPPqFIFAFEX97RckZqc15/U6E+ucaZdV0JFIH2L4BRparkBwhOBp9MueXZJmXA5k26IKMGwtXBDunGQSKKOWaa8qvyPa2NDE7YqjE= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: 46314864-bf7f-4299-a589-08d6c404ef4b X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Apr 2019 13:51:19.1508 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR04MB4109 Subject: Re: [dpdk-dev] [PATCH v4 1/2] examples/ipsec-secgw: fix 1st packet dropped for inline crypto X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Apr 2019 13:51:21 -0000 Hi Bernard, > - RTE_LOG_DP(DEBUG, IPSEC, "Create session for SA spi %u on cryptod= ev " > - "%u qp %u\n", sa->spi, > - ipsec_ctx->tbl[cdev_id_qp].id, > - ipsec_ctx->tbl[cdev_id_qp].qp); > + if ((sa =3D=3D NULL) || (pool =3D=3D NULL)) > + return -EINVAL; >=20 > - if (sa->type !=3D RTE_SECURITY_ACTION_TYPE_NONE) { > - struct rte_security_session_conf sess_conf =3D { > + struct rte_security_session_conf sess_conf =3D { > .action_type =3D sa->type, > .protocol =3D RTE_SECURITY_PROTOCOL_IPSEC, > {.ipsec =3D { > @@ -90,247 +65,340 @@ create_session(struct ipsec_ctx *ipsec_ctx, struct > ipsec_sa *sa) > } }, > .crypto_xform =3D sa->xforms, > .userdata =3D NULL, > - > }; >=20 > - if (sa->type =3D=3D RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PR= OTOCOL) > { > - struct rte_security_ctx *ctx =3D (struct rte_secu= rity_ctx *) > - rte_cryptodev_get= _sec_ctx( > - ipsec_ctx->tbl[cd= ev_id_qp].id); > - > - /* Set IPsec parameters in conf */ > - set_ipsec_conf(sa, &(sess_conf.ipsec)); > - > - sa->sec_session =3D rte_security_session_create(c= tx, > - &sess_conf, ipsec_ctx->session_po= ol); > - if (sa->sec_session =3D=3D NULL) { > - RTE_LOG(ERR, IPSEC, > - "SEC Session init failed: err: %d\n", ret= ); > - return -1; > - } > - } else if (sa->type =3D=3D RTE_SECURITY_ACTION_TYPE_INLIN= E_CRYPTO) { > - struct rte_flow_error err; > - struct rte_security_ctx *ctx =3D (struct rte_secu= rity_ctx *) > - rte_eth_dev_get_s= ec_ctx( > - sa->portid); > - const struct rte_security_capability *sec_cap; > - int ret =3D 0; > - > - sa->sec_session =3D rte_security_session_create(c= tx, > - &sess_conf, ipsec_ctx->session_po= ol); > - if (sa->sec_session =3D=3D NULL) { > - RTE_LOG(ERR, IPSEC, > - "SEC Session init failed: err: %d\n", ret= ); > - return -1; > - } > + if (sa->type =3D=3D RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL) = { > + ctx =3D (struct rte_security_ctx *) > + rte_eth_dev_get_sec_ctx(sa->portid); This is breaking the lookaside mode. Ctx was retrieved using the ipsec_ctx-= >tbl struct rte_security_ctx *ctx =3D (struct rte_security_ctx *) rte_cryptodev_get_sec_ctx( ipsec_ctx->tbl[cdev_id_qp].id); I am looking into it, but I don't have time left to get it integrated in RC= 2. So this has to be pushed to RC3 >=20 > - sec_cap =3D rte_security_capabilities_get(ctx); > + /* Set IPsec parameters in conf */ > + set_ipsec_conf(sa, &(sess_conf.ipsec)); >=20 > - /* iterate until ESP tunnel*/ > - while (sec_cap->action !=3D > - RTE_SECURITY_ACTION_TYPE_NONE) { > + sa->sec_session =3D rte_security_session_create(ctx, > + &sess_conf, pool); > + if (sa->sec_session =3D=3D NULL) { > + RTE_LOG(ERR, IPSEC, > + "SEC Session init failed: err: %d\n", > + ret); > + return -1; > + } From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by dpdk.space (Postfix) with ESMTP id 96F1BA00E6 for ; Thu, 18 Apr 2019 15:51:24 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 65C181B9E6; Thu, 18 Apr 2019 15:51:22 +0200 (CEST) Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70058.outbound.protection.outlook.com [40.107.7.58]) by dpdk.org (Postfix) with ESMTP id A95D81B9D0; Thu, 18 Apr 2019 15:51:20 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KKXUkqbS4FxHKRIIFmpMfPRjfLykaE529B2+gT0txoo=; b=BQUHTejd1P3DRaNEr6GXQ+nAHM4NpxdXkg7RoiMbqgZ7wDlMcOnHOrtppCpw4aLMBfZeAfFX3begi6WTAL0+vOSrssrxbYvxqvPdWetBrLnLoUoc7Okm0VDy1+NEMg+MVaWfKw7Ea2UqfHtbxgTuLy0M0jZz3oXUkCtjIfsGj34= Received: from VI1PR04MB4893.eurprd04.prod.outlook.com (20.177.49.154) by VI1PR04MB4109.eurprd04.prod.outlook.com (52.133.14.148) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1792.17; Thu, 18 Apr 2019 13:51:19 +0000 Received: from VI1PR04MB4893.eurprd04.prod.outlook.com ([fe80::98b0:84a6:1c08:57c7]) by VI1PR04MB4893.eurprd04.prod.outlook.com ([fe80::98b0:84a6:1c08:57c7%3]) with mapi id 15.20.1813.013; Thu, 18 Apr 2019 13:51:19 +0000 From: Akhil Goyal To: Bernard Iremonger , "dev@dpdk.org" , "konstantin.ananyev@intel.com" CC: "stable@dpdk.org" Thread-Topic: [PATCH v4 1/2] examples/ipsec-secgw: fix 1st packet dropped for inline crypto Thread-Index: AdT17cOXKHHL5EBLSxux3RG5b2/emQ== Date: Thu, 18 Apr 2019 13:51:19 +0000 Message-ID: Accept-Language: en-IN, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=akhil.goyal@nxp.com; x-originating-ip: [92.120.1.65] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 46314864-bf7f-4299-a589-08d6c404ef4b x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600141)(711020)(4605104)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:VI1PR04MB4109; x-ms-traffictypediagnostic: VI1PR04MB4109: x-microsoft-antispam-prvs: x-forefront-prvs: 0011612A55 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(396003)(366004)(376002)(346002)(136003)(199004)(189003)(74316002)(81156014)(478600001)(5660300002)(86362001)(7696005)(55016002)(14454004)(256004)(2201001)(81166006)(229853002)(66066001)(8676002)(9686003)(71190400001)(486006)(3846002)(6436002)(44832011)(6116002)(52536014)(8936002)(99286004)(71200400001)(6506007)(305945005)(186003)(97736004)(68736007)(25786009)(33656002)(6246003)(53936002)(2906002)(26005)(110136005)(316002)(102836004)(476003)(2501003)(7736002)(14444005)(4326008); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR04MB4109; H:VI1PR04MB4893.eurprd04.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: nxp.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: +PfTqjCf1iwAoBfT74jed4eD8TCtstuNZJ1BcUOnGeUeN3I9Q6IDFwGlhfv9hJiffUG01gCGXRnVkLR05MQr/74O553XsWudHalNRdflGt0L96k1eayuPBdvA7bKjYIpD3jJGPCB+73g3IIMlV+QGiMwNw7yAqUBNB11ul5QMPnbSQygI4JkYfs3RUrQBt4T7qKJvPKbbhL+TYadBuoRyoT8nBU8REMFPoiyxgge8/zRHlGA8PQPCjuX07VqIupA3IyDqebrhcEp36WFUIuGQuEVFa6viR00mR3YvJyE2gx4IeYvZMa4LJM5RPvtgfgQcGX4eLtPPqFIFAFEX97RckZqc15/U6E+ucaZdV0JFIH2L4BRparkBwhOBp9MueXZJmXA5k26IKMGwtXBDunGQSKKOWaa8qvyPa2NDE7YqjE= Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: 46314864-bf7f-4299-a589-08d6c404ef4b X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Apr 2019 13:51:19.1508 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR04MB4109 Subject: Re: [dpdk-dev] [PATCH v4 1/2] examples/ipsec-secgw: fix 1st packet dropped for inline crypto X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Message-ID: <20190418135119.sItq_VGlMEF9zcqDzfl6HEb44nHQRTh2eHRdjaypXnI@z> Hi Bernard, > - RTE_LOG_DP(DEBUG, IPSEC, "Create session for SA spi %u on cryptod= ev " > - "%u qp %u\n", sa->spi, > - ipsec_ctx->tbl[cdev_id_qp].id, > - ipsec_ctx->tbl[cdev_id_qp].qp); > + if ((sa =3D=3D NULL) || (pool =3D=3D NULL)) > + return -EINVAL; >=20 > - if (sa->type !=3D RTE_SECURITY_ACTION_TYPE_NONE) { > - struct rte_security_session_conf sess_conf =3D { > + struct rte_security_session_conf sess_conf =3D { > .action_type =3D sa->type, > .protocol =3D RTE_SECURITY_PROTOCOL_IPSEC, > {.ipsec =3D { > @@ -90,247 +65,340 @@ create_session(struct ipsec_ctx *ipsec_ctx, struct > ipsec_sa *sa) > } }, > .crypto_xform =3D sa->xforms, > .userdata =3D NULL, > - > }; >=20 > - if (sa->type =3D=3D RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PR= OTOCOL) > { > - struct rte_security_ctx *ctx =3D (struct rte_secu= rity_ctx *) > - rte_cryptodev_get= _sec_ctx( > - ipsec_ctx->tbl[cd= ev_id_qp].id); > - > - /* Set IPsec parameters in conf */ > - set_ipsec_conf(sa, &(sess_conf.ipsec)); > - > - sa->sec_session =3D rte_security_session_create(c= tx, > - &sess_conf, ipsec_ctx->session_po= ol); > - if (sa->sec_session =3D=3D NULL) { > - RTE_LOG(ERR, IPSEC, > - "SEC Session init failed: err: %d\n", ret= ); > - return -1; > - } > - } else if (sa->type =3D=3D RTE_SECURITY_ACTION_TYPE_INLIN= E_CRYPTO) { > - struct rte_flow_error err; > - struct rte_security_ctx *ctx =3D (struct rte_secu= rity_ctx *) > - rte_eth_dev_get_s= ec_ctx( > - sa->portid); > - const struct rte_security_capability *sec_cap; > - int ret =3D 0; > - > - sa->sec_session =3D rte_security_session_create(c= tx, > - &sess_conf, ipsec_ctx->session_po= ol); > - if (sa->sec_session =3D=3D NULL) { > - RTE_LOG(ERR, IPSEC, > - "SEC Session init failed: err: %d\n", ret= ); > - return -1; > - } > + if (sa->type =3D=3D RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL) = { > + ctx =3D (struct rte_security_ctx *) > + rte_eth_dev_get_sec_ctx(sa->portid); This is breaking the lookaside mode. Ctx was retrieved using the ipsec_ctx-= >tbl struct rte_security_ctx *ctx =3D (struct rte_security_ctx *) rte_cryptodev_get_sec_ctx( ipsec_ctx->tbl[cdev_id_qp].id); I am looking into it, but I don't have time left to get it integrated in RC= 2. So this has to be pushed to RC3 >=20 > - sec_cap =3D rte_security_capabilities_get(ctx); > + /* Set IPsec parameters in conf */ > + set_ipsec_conf(sa, &(sess_conf.ipsec)); >=20 > - /* iterate until ESP tunnel*/ > - while (sec_cap->action !=3D > - RTE_SECURITY_ACTION_TYPE_NONE) { > + sa->sec_session =3D rte_security_session_create(ctx, > + &sess_conf, pool); > + if (sa->sec_session =3D=3D NULL) { > + RTE_LOG(ERR, IPSEC, > + "SEC Session init failed: err: %d\n", > + ret); > + return -1; > + }