From: Vladimir Medvedkin <vladimir.medvedkin@intel.com>
To: dev@dpdk.org
Cc: konstantin.ananyev@intel.com, akhil.goyal@nxp.com
Subject: [dpdk-dev] [PATCH v2 2/2] ipsec: use hash add and delete with precalculated signatures
Date: Thu, 26 Mar 2020 16:45:34 +0000 [thread overview]
Message-ID: <f5a045926bcbfbd3e436396d80602e65f9b62968.1585240684.git.vladimir.medvedkin@intel.com> (raw)
In-Reply-To: <2811605d29b62740ba467527271c7a30fe75cf78.1585240684.git.vladimir.medvedkin@intel.com>
In-Reply-To: <1583758545-375405-1-git-send-email-vladimir.medvedkin@intel.com>
Use rte_hash_add_key_with_hash and _del_key_with_hash with
precalculated hash signature for a key in rte_ipsec_sad_add and
rte_ipsec_sad_del.
Signed-off-by: Vladimir Medvedkin <vladimir.medvedkin@intel.com>
---
lib/librte_ipsec/ipsec_sad.c | 80 ++++++++++++++++++++++++++++----------------
1 file changed, 51 insertions(+), 29 deletions(-)
diff --git a/lib/librte_ipsec/ipsec_sad.c b/lib/librte_ipsec/ipsec_sad.c
index 3292968..6c95240 100644
--- a/lib/librte_ipsec/ipsec_sad.c
+++ b/lib/librte_ipsec/ipsec_sad.c
@@ -37,8 +37,7 @@ struct hash_cnt {
struct rte_ipsec_sad {
char name[RTE_IPSEC_SAD_NAMESIZE];
struct rte_hash *hash[RTE_IPSEC_SAD_KEY_TYPE_MASK];
- uint32_t spi_dip_keysize;
- uint32_t spi_dip_sip_keysize;
+ uint32_t keysize[RTE_IPSEC_SAD_KEY_TYPE_MASK];
uint32_t init_val;
/* Array to track number of more specific rules
* (spi_dip or spi_dip_sip). Used only in add/delete
@@ -75,29 +74,36 @@ add_specific(struct rte_ipsec_sad *sad, const void *key,
/* Check if the key is present in the table.
* Need for further accaunting in cnt_arr
*/
- ret = rte_hash_lookup(sad->hash[key_type], key);
+ ret = rte_hash_lookup_with_hash(sad->hash[key_type], key,
+ rte_hash_crc(key, sad->keysize[key_type], sad->init_val));
notexist = (ret == -ENOENT);
/* Add an SA to the corresponding table.*/
- ret = rte_hash_add_key_data(sad->hash[key_type], key, sa);
+ ret = rte_hash_add_key_with_hash_data(sad->hash[key_type], key,
+ rte_hash_crc(key, sad->keysize[key_type], sad->init_val), sa);
if (ret != 0)
return ret;
/* Check if there is an entry in SPI only table with the same SPI */
- ret = rte_hash_lookup_data(sad->hash[RTE_IPSEC_SAD_SPI_ONLY],
- key, &tmp_val);
+ ret = rte_hash_lookup_with_hash_data(sad->hash[RTE_IPSEC_SAD_SPI_ONLY],
+ key, rte_hash_crc(key, sad->keysize[RTE_IPSEC_SAD_SPI_ONLY],
+ sad->init_val), &tmp_val);
if (ret < 0)
tmp_val = NULL;
tmp_val = SET_BIT(tmp_val, key_type);
/* Add an entry into SPI only table */
- ret = rte_hash_add_key_data(sad->hash[RTE_IPSEC_SAD_SPI_ONLY],
- key, tmp_val);
+ ret = rte_hash_add_key_with_hash_data(
+ sad->hash[RTE_IPSEC_SAD_SPI_ONLY], key,
+ rte_hash_crc(key, sad->keysize[RTE_IPSEC_SAD_SPI_ONLY],
+ sad->init_val), tmp_val);
if (ret != 0)
return ret;
/* Update a counter for a given SPI */
- ret = rte_hash_lookup(sad->hash[RTE_IPSEC_SAD_SPI_ONLY], key);
+ ret = rte_hash_lookup_with_hash(sad->hash[RTE_IPSEC_SAD_SPI_ONLY], key,
+ rte_hash_crc(key, sad->keysize[RTE_IPSEC_SAD_SPI_ONLY],
+ sad->init_val));
if (key_type == RTE_IPSEC_SAD_SPI_DIP)
sad->cnt_arr[ret].cnt_dip += notexist;
else
@@ -127,15 +133,17 @@ rte_ipsec_sad_add(struct rte_ipsec_sad *sad,
*/
switch (key_type) {
case(RTE_IPSEC_SAD_SPI_ONLY):
- ret = rte_hash_lookup_data(sad->hash[key_type],
- key, &tmp_val);
+ ret = rte_hash_lookup_with_hash_data(sad->hash[key_type],
+ key, rte_hash_crc(key, sad->keysize[key_type],
+ sad->init_val), &tmp_val);
if (ret >= 0)
tmp_val = SET_BIT(sa, GET_BIT(tmp_val,
RTE_IPSEC_SAD_KEY_TYPE_MASK));
else
tmp_val = sa;
- ret = rte_hash_add_key_data(sad->hash[key_type],
- key, tmp_val);
+ ret = rte_hash_add_key_with_hash_data(sad->hash[key_type],
+ key, rte_hash_crc(key, sad->keysize[key_type],
+ sad->init_val), tmp_val);
return ret;
case(RTE_IPSEC_SAD_SPI_DIP):
case(RTE_IPSEC_SAD_SPI_DIP_SIP):
@@ -163,13 +171,15 @@ del_specific(struct rte_ipsec_sad *sad, const void *key, int key_type)
uint32_t *cnt;
/* Remove an SA from the corresponding table.*/
- ret = rte_hash_del_key(sad->hash[key_type], key);
+ ret = rte_hash_del_key_with_hash(sad->hash[key_type], key,
+ rte_hash_crc(key, sad->keysize[key_type], sad->init_val));
if (ret < 0)
return ret;
/* Get an index of cnt_arr entry for a given SPI */
- ret = rte_hash_lookup_data(sad->hash[RTE_IPSEC_SAD_SPI_ONLY],
- key, &tmp_val);
+ ret = rte_hash_lookup_with_hash_data(sad->hash[RTE_IPSEC_SAD_SPI_ONLY],
+ key, rte_hash_crc(key, sad->keysize[RTE_IPSEC_SAD_SPI_ONLY],
+ sad->init_val), &tmp_val);
if (ret < 0)
return ret;
cnt = (key_type == RTE_IPSEC_SAD_SPI_DIP) ?
@@ -187,10 +197,15 @@ del_specific(struct rte_ipsec_sad *sad, const void *key, int key_type)
* remove an entry from SPI_only table
*/
if (tmp_val == NULL)
- ret = rte_hash_del_key(sad->hash[RTE_IPSEC_SAD_SPI_ONLY], key);
+ ret = rte_hash_del_key_with_hash(
+ sad->hash[RTE_IPSEC_SAD_SPI_ONLY], key,
+ rte_hash_crc(key, sad->keysize[RTE_IPSEC_SAD_SPI_ONLY],
+ sad->init_val));
else
- ret = rte_hash_add_key_data(sad->hash[RTE_IPSEC_SAD_SPI_ONLY],
- key, tmp_val);
+ ret = rte_hash_add_key_with_hash_data(
+ sad->hash[RTE_IPSEC_SAD_SPI_ONLY], key,
+ rte_hash_crc(key, sad->keysize[RTE_IPSEC_SAD_SPI_ONLY],
+ sad->init_val), tmp_val);
if (ret < 0)
return ret;
return 0;
@@ -208,19 +223,23 @@ rte_ipsec_sad_del(struct rte_ipsec_sad *sad,
return -EINVAL;
switch (key_type) {
case(RTE_IPSEC_SAD_SPI_ONLY):
- ret = rte_hash_lookup_data(sad->hash[key_type],
- key, &tmp_val);
+ ret = rte_hash_lookup_with_hash_data(sad->hash[key_type],
+ key, rte_hash_crc(key, sad->keysize[key_type],
+ sad->init_val), &tmp_val);
if (ret < 0)
return ret;
if (GET_BIT(tmp_val, RTE_IPSEC_SAD_KEY_TYPE_MASK) == 0) {
- ret = rte_hash_del_key(sad->hash[key_type],
- key);
+ ret = rte_hash_del_key_with_hash(sad->hash[key_type],
+ key, rte_hash_crc(key, sad->keysize[key_type],
+ sad->init_val));
ret = ret < 0 ? ret : 0;
} else {
tmp_val = GET_BIT(tmp_val,
RTE_IPSEC_SAD_KEY_TYPE_MASK);
- ret = rte_hash_add_key_data(sad->hash[key_type],
- key, tmp_val);
+ ret = rte_hash_add_key_with_hash_data(
+ sad->hash[key_type], key,
+ rte_hash_crc(key, sad->keysize[key_type],
+ sad->init_val), tmp_val);
}
return ret;
case(RTE_IPSEC_SAD_SPI_DIP):
@@ -286,6 +305,7 @@ rte_ipsec_sad_create(const char *name, const struct rte_ipsec_sad_conf *conf)
/** Init hash[RTE_IPSEC_SAD_SPI_ONLY] for SPI only */
snprintf(hash_name, sizeof(hash_name), "sad_1_%p", sad);
hash_params.key_len = sizeof(((struct rte_ipsec_sadv4_key *)0)->spi);
+ sad->keysize[RTE_IPSEC_SAD_SPI_ONLY] = hash_params.key_len;
hash_params.entries = sa_sum;
sad->hash[RTE_IPSEC_SAD_SPI_ONLY] = rte_hash_create(&hash_params);
if (sad->hash[RTE_IPSEC_SAD_SPI_ONLY] == NULL) {
@@ -301,7 +321,7 @@ rte_ipsec_sad_create(const char *name, const struct rte_ipsec_sad_conf *conf)
else
hash_params.key_len +=
sizeof(((struct rte_ipsec_sadv4_key *)0)->dip);
- sad->spi_dip_keysize = hash_params.key_len;
+ sad->keysize[RTE_IPSEC_SAD_SPI_DIP] = hash_params.key_len;
hash_params.entries = RTE_MAX(MIN_HASH_ENTRIES,
conf->max_sa[RTE_IPSEC_SAD_SPI_DIP]);
sad->hash[RTE_IPSEC_SAD_SPI_DIP] = rte_hash_create(&hash_params);
@@ -318,7 +338,7 @@ rte_ipsec_sad_create(const char *name, const struct rte_ipsec_sad_conf *conf)
else
hash_params.key_len +=
sizeof(((struct rte_ipsec_sadv4_key *)0)->sip);
- sad->spi_dip_sip_keysize = hash_params.key_len;
+ sad->keysize[RTE_IPSEC_SAD_SPI_DIP_SIP] = hash_params.key_len;
hash_params.entries = RTE_MAX(MIN_HASH_ENTRIES,
conf->max_sa[RTE_IPSEC_SAD_SPI_DIP_SIP]);
sad->hash[RTE_IPSEC_SAD_SPI_DIP_SIP] = rte_hash_create(&hash_params);
@@ -472,13 +492,15 @@ __ipsec_sad_lookup(const struct rte_ipsec_sad *sad,
if ((uintptr_t)sa[i] & RTE_IPSEC_SAD_SPI_DIP_SIP) {
idx_3[n_3] = i;
hash_sig_3[n_3] = rte_hash_crc(keys[i],
- sad->spi_dip_sip_keysize, sad->init_val);
+ sad->keysize[RTE_IPSEC_SAD_SPI_DIP_SIP],
+ sad->init_val);
keys_3[n_3++] = keys[i];
}
if ((uintptr_t)sa[i] & RTE_IPSEC_SAD_SPI_DIP) {
idx_2[n_2] = i;
hash_sig_2[n_2] = rte_hash_crc(keys[i],
- sad->spi_dip_keysize, sad->init_val);
+ sad->keysize[RTE_IPSEC_SAD_SPI_DIP],
+ sad->init_val);
keys_2[n_2++] = keys[i];
}
/* clear 2 LSB's which indicate the presence
--
2.7.4
next prev parent reply other threads:[~2020-03-26 16:45 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-09 12:55 [dpdk-dev] [PATCH] ipsec: use hash lookup with hash sigs in sad lookup Vladimir Medvedkin
2020-03-24 19:57 ` Ananyev, Konstantin
2020-03-26 12:54 ` Medvedkin, Vladimir
2020-03-26 16:45 ` [dpdk-dev] [PATCH v2 1/2] " Vladimir Medvedkin
2020-04-07 12:58 ` Ananyev, Konstantin
2020-04-20 18:27 ` [dpdk-dev] [PATCH v3] " Vladimir Medvedkin
2020-04-21 13:28 ` Lukas Bartosik [C]
2020-04-21 14:25 ` Medvedkin, Vladimir
2020-04-25 13:55 ` Thomas Monjalon
2020-03-26 16:45 ` Vladimir Medvedkin [this message]
2020-04-07 12:59 ` [dpdk-dev] [PATCH v2 2/2] ipsec: use hash add and delete with precalculated signatures Ananyev, Konstantin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f5a045926bcbfbd3e436396d80602e65f9b62968.1585240684.git.vladimir.medvedkin@intel.com \
--to=vladimir.medvedkin@intel.com \
--cc=akhil.goyal@nxp.com \
--cc=dev@dpdk.org \
--cc=konstantin.ananyev@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).