From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM01-BN3-obe.outbound.protection.outlook.com (mail-bn3nam01on0040.outbound.protection.outlook.com [104.47.33.40]) by dpdk.org (Postfix) with ESMTP id 55C32E5D for ; Fri, 8 Dec 2017 15:00:18 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=CAVIUMNETWORKS.onmicrosoft.com; s=selector1-cavium-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=o63xU6FWcET20qTRhqAuVLwAWokYQwLYzOZHt8Ieoug=; b=A6DOfFUkFebD2IPGSTNi+QfZJMrPNQ6LjiezQn24sLuL9n39g7D8abNvk+xlcW1vrzNzKQXN0YP8npRahXMAIfhyY+xhwc8d2UahgFrl/6oeq6ha+kC2OMIqCQiNNmZ+zLOtxBo7/KHlR7yctWipEXYIFxPemkeu8w+SMTDasaE= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Anoob.Joseph@cavium.com; Received: from hyd1ajoseph-dt.caveonetworks.com (115.113.156.2) by SN4PR0701MB3646.namprd07.prod.outlook.com (2603:10b6:803:4d::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.282.5; Fri, 8 Dec 2017 14:00:15 +0000 To: Nelio Laranjeiro , Sergio Gonzalez Monroy , Radu Nicolau Cc: dev@dpdk.org References: <6ac80a2be156911ee35c894924a02f04c43f49fc.1511449894.git.nelio.laranjeiro@6wind.com> From: Anoob Message-ID: Date: Fri, 8 Dec 2017 19:30:03 +0530 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Originating-IP: [115.113.156.2] X-ClientProxiedBy: MWHPR1201CA0002.namprd12.prod.outlook.com (2603:10b6:301:4a::12) To SN4PR0701MB3646.namprd07.prod.outlook.com (2603:10b6:803:4d::12) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 8599b582-5d09-4c50-0890-08d53e4402f9 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(5600026)(4604075)(4534020)(4602075)(7168020)(4627115)(201703031133081)(201702281549075)(2017052603307); SRVR:SN4PR0701MB3646; X-Microsoft-Exchange-Diagnostics: 1; SN4PR0701MB3646; 3:JDymeAcACGnFcMpOL5JwefF5jdGxj4ckqqz0BeRgXucQ4w4G4WcfDJ6wammyCqkZsk7YV/+QE07DzmZVZmxwF3HDRXQ3SYbyK8O/mIf9Whp7hF4TJt8Yl5dyNlG0AAxLipsKIxA6VvkXrCDA8MRk5Feh1KeIXqYC+ZRGPpLcISGzhgTC3F/oL+ggmA1QQXLBhnU8fXurXp4T3feWtK6zesihyfLT2xNCk7bph9XI/7/64j9U9sD1PBmIiU7X3r8t; 25:Q/XY9oXqQRf4sEv0dEP3ZmA5zbdc7Ga6cdwT0nsQRu7a+t1sesr4lX1GgVTRFkpAprluzDfadXX/O8DejkTOqgYqTdkHWx9nPX81cOQ5RYIZ4jYg5GgkPgAzBiB0AxWNLN16Ig6P5jn1tNFrabBJ6srC7gjV7McEiEDS+hq2cC92qlAP43uwFrt8WuIZtYfHjjRDPveRTkLqUUGMGODaUYxPAIcDyzAKD0usgioQdhJP3b//LXOxlrxiyf1sqgg259eg8BbrUPB9m9g1283mcK29aYE1SmRt83RVYUDkDDuXg5k0GAAmAHe/DhWiWsDM9sfNsPbfyQaSO3Tuo4bXDw==; 31:lkuEYcNk4SlZuPoDLc40rfArgBaeUgNyIOZAi8l4c27KTqJOTT0R87dLPF79e0gAFyKLZx/kv+2eHmlpS/+hxpkVm5UPtEFGLHCWExylIWjSuDKyofHokjpLSJeV2vIGEvUv+Vc7oZuobjzkl/ixvkA2YNVArUrksQTQUfBo73BZJVhAMZ8NA+Zo068d8O+Q5ZPpfM+XwejavK/4ht3JHOjCUpvP6i01TH3ZBgCMvGE= X-MS-TrafficTypeDiagnostic: SN4PR0701MB3646: X-Microsoft-Exchange-Diagnostics: 1; SN4PR0701MB3646; 20:MfZeTopsMzVgwmjVmv84V1OzvWmI0K9Yn3o0WYLbYBiPF8qz1ardXIWWrDmybg3MHTRgIJMmXeXgjFykfbegNdFG8B3eX6d3lbshqDfeD3PD0Vw/2gI3Wv4X0I+e5OYMXjHpgPlJfdChhTNUh7Id24g9c2y689NqxHVAAqb42XuS5EbgdTqA8RugIFtgwrxCJRB66HiCt8/ennt39PwfvuhR/hSz2GI+jcR787SQdXz3GaTCgugRpqeAK/cChR0KuU2HKehJVdApI/SiI/bnsLiFev1TnXau0rjuTDLr3Wo0WCFhAPnyOwKn6R8b25FIHbKtM5MEtFd9v4KdQ8HyYATzRdVMs7VeJbmfQ3Ggf/WqbqVNAXyga5L62BKhshTbEKq+dU9t4vm1Zy0gsg6bcjtjS9IeXB9g+6knUo/304yFwPMYAvnBsueSQszrzxXdDAsRV31oM3tixu6zBqhsQ8c85WkrmPQJqbhHd5wQQweYyuZcr0pX5IkzP0JczONqQQInWOuJ5VX5f1q0APInF63o3+PQXlc0UU+1XiKsRuFgYhw+Janl5BRyHTV0990p47c9z9/le1LH63mvnri6gOVF8JJ1L9tG5b1WmnSH/30=; 4:fswKABAjfboiDz1FCRSZGA3FA3pD4OgU3+y9sSxeniS3RoXBNqyA9+o+L1rYwXcQ7j5NMaNyiMl16RkFzxcLGuwOYQqX+lz5uaz47FG8QzUDotpCOtyFM2qAG/N9/dFVdoMg5+BzsyBr5DQMXInpV337jeKe0JXdV1QHMVNG8HzHgPp/ecmigTS64SyszYNcn1QLArQnUhD18kTzqBrklLvqkRt9GC48mR1X3IkTyGEEPXLk0KFM5Ua1wU/UIy4lXqDnVk70swhs3woiSMvALF4OLuuq+MQzNTxnix9FZnSsEVWlq6p+UD8QNTCdAkra X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(192374486261705); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040450)(2401047)(8121501046)(5005006)(10201501046)(93006095)(3002001)(3231022)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123558100)(20161123564025)(20161123560025)(20161123555025)(6072148)(201708071742011); SRVR:SN4PR0701MB3646; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:SN4PR0701MB3646; X-Forefront-PRVS: 0515208626 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(376002)(346002)(366004)(24454002)(199004)(189003)(67846002)(23676004)(16526018)(52146003)(53416004)(97736004)(2486003)(83506002)(36756003)(72206003)(478600001)(58126008)(31686004)(66066001)(69596002)(6246003)(8936002)(68736007)(65806001)(316002)(47776003)(31696002)(65956001)(52116002)(6512007)(53936002)(110136005)(53546010)(65826007)(55236003)(33646002)(81166006)(42882006)(230700001)(76176011)(305945005)(25786009)(7736002)(6116002)(2906002)(81156014)(106356001)(105586002)(6506006)(6486002)(2950100002)(229853002)(50466002)(3846002)(6666003)(5660300001)(8676002)(64126003)(4326008); DIR:OUT; SFP:1101; SCL:1; SRVR:SN4PR0701MB3646; H:hyd1ajoseph-dt.caveonetworks.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: cavium.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtTTjRQUjA3MDFNQjM2NDY7MjM6eEQxWU1DQjFnK2N4bFdDZndOck9vVGxU?= =?utf-8?B?S3BOcGs0Vm84cmxHcWprZ3FhRThYZXRNbEQ1MmN0MWtLNWp1eVVZTVlxNHRt?= =?utf-8?B?RjJYTy9PdFBKRnNCZjZtTG9GNThlNndTRkFxTmQzZnY4ZHgwN0UrS01vSFJM?= =?utf-8?B?aDg3b0JYMDZhUUk3dUw3Ym8xOVN0NDI3YU1PYmJyTGtGWHNjenZDSFcxaFFt?= =?utf-8?B?aFNuQ1VkY1ZDUmYzaC85Wnc2K2xsdmRtYS9XZ2tGam83S1FnOU51bnRMbGV0?= =?utf-8?B?bG9lTDVRcnVTYzBicmlIRmNIOURFcUozdnJ1eWdMbThMWXRtV1IvWUozbEJh?= =?utf-8?B?cW14NWtkZEVjTmJjSm8yNkRpZk1tbm1ZK3poTTBCb3I3ekVVaC82YXNSdjlt?= =?utf-8?B?cFZLYWhqK0hKWG40dDkzc3F5SHhiN2IwMjhscjh3cUpxWEhOV0ZWOWtnbkNz?= =?utf-8?B?ZzhreUZNVjhLc0RIcmNqdzFEdkNiZG9jZ1ZQZlNtUWNQYlRFbnA4NnMvNFhN?= =?utf-8?B?bm5hMDBmcmhzQlNnOUNYTnhjRDlrY3NkL0ppZ0dqcjlhc2gvZ0FzUWNJNkVH?= =?utf-8?B?bGtGeDQ5dkt4MkR1K3JVZ3RGckhnWHZ5RVhEMTRDWmdCZ1FrUjRxL1h3MlRN?= =?utf-8?B?L1FLUXhaK1dyYk5YMm5xRmhtWWNyc1hDeFJyYVh5VUFQaVpYOXI1Wm5Cajdk?= =?utf-8?B?SVAzQUNGcWEyZHlZcHVvWkRWYWx4WUZtYnFaL0FKRWc3bi9HVkdjRlBrTXQz?= =?utf-8?B?WndzM1FuOW95TzdaeE82ZW8wVXZXdWhoQkh2MHlTN2lTOGNNRFZPTnVwWGha?= =?utf-8?B?YkV3M01sL3U4Tk84Y1E4ajZ2Z2FQaEtLaUV0VUpidVVJVU5adU9nV3YwOE5P?= =?utf-8?B?TG1Qck4yK1J3cU9Pbi9WSmYxSVRMRXVGaU1CcW5mZXJOajdkU2QySW1HNktr?= =?utf-8?B?STdubDMzTEsvYkE1TnlWK015NU4yd1ZaZ1hSR3BhMklsVnl6VEtabkJtaWNS?= =?utf-8?B?UVp4ZmhwcHptN015WEV1RXZ4N293aEloTUJLbFNTenA5RnJhQ2RQa0tDQzBR?= =?utf-8?B?QTlGK2o0SCtqWGhlN0lnMHJEeFBrMG5sRWVQZFh1aTBmeGkyWlR5RlNQc1pZ?= =?utf-8?B?SWNIV0FEMUYxREVFOEQ3YmFzQzcvaDhuZEx5YUh1cVppNXFGbVBJQlVHcXJH?= =?utf-8?B?WVYzMWFHeVdjdU5YOWVMOHBYb0g1c0dlREd3amFvN1ZYSXhSTm5wZldwYm91?= =?utf-8?B?MEFiMjliSGpseEU3UkxEdTdhMmZ3d3VUeXdldTRBMmhuTjMzM3hGV0RDd0pE?= =?utf-8?B?R2FTanNaT3NjWHhnWTZQRlIzR0V6aEFnd0ZnT1BvY012MklJYjVaK2Z4U0Y4?= =?utf-8?B?S3Nja3RCNTliUzMzTDBVbnB5aVV6MGpMVkhsM2VPOGJpRlBmZ3Y5aWJCbUlQ?= =?utf-8?B?M2FsdTVoY0x1MFFJM0tQQTFkMmY0UmxTb01pUHdocUdVbXVsWW5pUlNYencw?= =?utf-8?B?S0N2MHFaWldsMGQzajBxU1RwaE5hLzBLaUl4eTlFbzQySytVa2dKbEx3bzRQ?= =?utf-8?B?OUxsU0xZRlBCUFd2Z2crL2x6Nlc1ODllT3hPVk5PSWhWOTIrRGVMTUMxUk4w?= =?utf-8?B?bld2MFkrK2pSVTNGK2hsdVZ0Z21OQXlwWGEwV2x4Uk1iS1ZUSmx0c1FUTUJo?= =?utf-8?B?bTdONU9yU0RjenR0bWd2YVRldFI3NjYzUE0yeVNybVhkQm9mQ2xYUlFldHdJ?= =?utf-8?B?bEtpbWE1LzI3Zzdzd0xRQ3JFR0lZY0pubWxVeW9TOUwvelBtQzZyU2FrZ1FQ?= =?utf-8?B?WHA0b1djcmhmS2xIUE1qOUlZak43d2tvQ0hHM0JoK3FIV0V2UmJMcW5zSEt4?= =?utf-8?Q?APYsh0Vt1jy8A=3D?= X-Microsoft-Exchange-Diagnostics: 1; SN4PR0701MB3646; 6:Gaz92KTmwBpWG36O4l7qxCoA9XwDZ3777vYthCL6O/I4ykQ5RfSBO49pPo03tgeT2B2WNWVAmH75YYv69AyfLmPrBhiL4HC114MofMF9xS50DkD3obJ+eHydX2I/eYt6nDwdY77KZeuah9SUmQ2cp1IQpXJCY0ijlwjiVUCapjj0iiUZHCe0hYif6tPm7lJgC2Iw7AjBE3NzgE3bEBe+CZydmwBZ9MJ9H43mSosEuBhGX8Bz1Cgza9DvwDojB3fxsRBxw/0v8ugGCsZhPDNeBittWk8QYjMb77SYBoYesLUtc40R15GYYvvHAcDlW+weFKtJzdSn/LFCTkAhquW3dNUcToMjnrmdIbrCjmnuS5I=; 5:1HseFli85G3xxoD3vj+hC7GCx7OuapYmmc5qklOVFBAWl30qG7HIFlIIGqJq41jwkWmWsIh+84F/M6RXbc9UNNwTlToBiG03qlNr2BrPWvIPqoWOcYm2IEje44eQ5igyzVlNf6AyM9IJJCfF8g+YrZy5iru+Nk5+XEotx/TH6tw=; 24:JdXWQDnCqOR9dBjK0mW0D5YGiBccbLMvcxhFIB8IzM0wcTDsXy1rEtOIaXVBSSkoD/JtqtRDVyGQ5zbOsEye8W1pF1fQuCsANND6L7Bn9nY=; 7:DjxlIB72q9wiHslKWkKLctk+P6RYIHVAOrQUSHaMgvrTjsYVcXg1ZtjbsZhZexnmLEHecWM8IEuQWnln5vd/jeorQ6cWScTCkmMYV9FldvgGZTIF6k2GbcF2wrGEE9X8q6MdzegF19ktZUsILOHyFs/VH1Xhq6a8PbiSJgzLtEQ6lE4oUZ62/9DUyfmIE3gR9C7VGqYBwsz8ixAVSkmLN53hSJwumrGnqLDt8oMS0EZK4Pp6wz1LZe4ybcS7TjWL SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: caviumnetworks.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Dec 2017 14:00:15.4960 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 8599b582-5d09-4c50-0890-08d53e4402f9 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 711e4ccf-2e9b-4bcf-a551-4094005b6194 X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN4PR0701MB3646 Subject: Re: [dpdk-dev] [PATCH v2 2/2] examples/ipsec-secgw: add target queues in flow actions X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Dec 2017 14:00:19 -0000 Hi Nelio, On 12/04/2017 07:41 PM, Nelio Laranjeiro wrote: > Mellanox INNOVA NIC needs to have final target queue actions to perform > inline crypto. > > Signed-off-by: Nelio Laranjeiro > > --- > > Changes in v2: > > * Test the rule by PASSTHRU/RSS/QUEUE and apply the first one validated. > --- > examples/ipsec-secgw/ipsec.c | 81 ++++++++++++++++++++++++++++++++++++++++---- > examples/ipsec-secgw/ipsec.h | 2 +- > 2 files changed, 76 insertions(+), 7 deletions(-) > > diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c > index 17bd7620d..f8823fb94 100644 > --- a/examples/ipsec-secgw/ipsec.c > +++ b/examples/ipsec-secgw/ipsec.c > @@ -142,6 +142,7 @@ create_session(struct ipsec_ctx *ipsec_ctx, struct ipsec_sa *sa) > rte_eth_dev_get_sec_ctx( > sa->portid); > const struct rte_security_capability *sec_cap; > + int ret = 0; > > sa->sec_session = rte_security_session_create(ctx, > &sess_conf, ipsec_ctx->session_pool); > @@ -173,6 +174,10 @@ create_session(struct ipsec_ctx *ipsec_ctx, struct ipsec_sa *sa) > return -1; > } > > + sa->attr.egress = (sa->direction == > + RTE_SECURITY_IPSEC_SA_DIR_EGRESS); > + sa->attr.ingress = (sa->direction == > + RTE_SECURITY_IPSEC_SA_DIR_INGRESS); > sa->ol_flags = sec_cap->ol_flags; > sa->security_ctx = ctx; > sa->pattern[0].type = RTE_FLOW_ITEM_TYPE_ETH; > @@ -201,15 +206,79 @@ create_session(struct ipsec_ctx *ipsec_ctx, struct ipsec_sa *sa) > sa->action[0].type = RTE_FLOW_ACTION_TYPE_SECURITY; > sa->action[0].conf = sa->sec_session; > > - sa->action[1].type = RTE_FLOW_ACTION_TYPE_END; > - > - sa->attr.egress = (sa->direction == > - RTE_SECURITY_IPSEC_SA_DIR_EGRESS); > - sa->attr.ingress = (sa->direction == > - RTE_SECURITY_IPSEC_SA_DIR_INGRESS); > + if (sa->attr.ingress) { > + uint8_t rss_key[40]; > + struct rte_eth_rss_conf rss_conf = { > + .rss_key = rss_key, > + .rss_key_len = 40, > + }; > + struct rte_eth_dev *eth_dev; > + union { > + struct rte_flow_action_rss rss; > + struct { > + const struct rte_eth_rss_conf *rss_conf; > + uint16_t num; > + uint16_t queue[RTE_MAX_QUEUES_PER_PORT]; > + } local; > + } action_rss; > + unsigned int i; > + unsigned int j; > + > + sa->action[2].type = RTE_FLOW_ACTION_TYPE_END; > + /* > + * Try implicitly PASSTHRU, it can also be > + * explicit. > + */ > + sa->action[1].type = RTE_FLOW_ACTION_TYPE_END; > + ret = rte_flow_validate(sa->portid, &sa->attr, > + sa->pattern, sa->action, > + &err); > + if (!ret) > + goto flow_create; > + /* Try RSS. */ > + sa->action[1].type = RTE_FLOW_ACTION_TYPE_RSS; > + sa->action[1].conf = &action_rss; > + eth_dev = ctx->device; > + rte_eth_dev_rss_hash_conf_get(sa->portid, > + &rss_conf); > + for (i = 0, j = 0; > + i < eth_dev->data->nb_rx_queues; ++i) > + if (eth_dev->data->rx_queues[i]) > + action_rss.local.queue[j++] = i; > + action_rss.local.num = j; > + action_rss.local.rss_conf = &rss_conf; > + ret = rte_flow_validate(sa->portid, &sa->attr, > + sa->pattern, sa->action, > + &err); > + if (!ret) > + goto flow_create; > + /* Try Queue. */ > + for (i = 0; > + i < eth_dev->data->nb_rx_queues; ++i) > + if (eth_dev->data->rx_queues[i]) > + break; Is the following check correct? > + if (i != eth_dev->data->nb_rx_queues) > + return -1; > + sa->action[1].type = RTE_FLOW_ACTION_TYPE_QUEUE; > + sa->action[1].conf = > + &(struct rte_flow_action_queue){ > + .index = i, > + }; > + ret = rte_flow_validate(sa->portid, &sa->attr, > + sa->pattern, sa->action, > + &err); > + if (ret) > + goto flow_create_failure; > + } else { > + sa->action[1].type = > + RTE_FLOW_ACTION_TYPE_PASSTHRU; > + sa->action[2].type = RTE_FLOW_ACTION_TYPE_END; > + } > +flow_create: > sa->flow = rte_flow_create(sa->portid, > &sa->attr, sa->pattern, sa->action, &err); > if (sa->flow == NULL) { > +flow_create_failure: > RTE_LOG(ERR, IPSEC, > "Failed to create ipsec flow msg: %s\n", > err.message); > diff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h > index 775b316ff..82ffc1c6d 100644 > --- a/examples/ipsec-secgw/ipsec.h > +++ b/examples/ipsec-secgw/ipsec.h > @@ -133,7 +133,7 @@ struct ipsec_sa { > uint32_t ol_flags; > > #define MAX_RTE_FLOW_PATTERN (4) > -#define MAX_RTE_FLOW_ACTIONS (2) > +#define MAX_RTE_FLOW_ACTIONS (4) > struct rte_flow_item pattern[MAX_RTE_FLOW_PATTERN]; > struct rte_flow_action action[MAX_RTE_FLOW_ACTIONS]; > struct rte_flow_attr attr;