From: "Ananyev, Konstantin" <konstantin.ananyev@intel.com>
To: "Iremonger, Bernard" <bernard.iremonger@intel.com>,
"dev@dpdk.org" <dev@dpdk.org>,
"akhil.goyal@nxp.com" <akhil.goyal@nxp.com>
Subject: Re: [dpdk-dev] [PATCH 1/2] examples/ipsec-secgw: set default to IPsec library mode
Date: Thu, 26 Sep 2019 13:47:35 +0000 [thread overview]
Message-ID: <2601191342CEEE43887BDE71AB977258019196B20C@irsmsx105.ger.corp.intel.com> (raw)
In-Reply-To: <1567069173-10505-2-git-send-email-bernard.iremonger@intel.com>
>
> Set the default code path to librte_ipsec mode.
> Add parameter 0 | 1 to -l option
> Check for conflicting options, -w -a -e and reassembly options are
> not supported in legacy mode.
> Show fragment table size.
> Update print_usage.
> Update the ipsec-secgw guide.
> Update the release notes.
>
> Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
> ---
> doc/guides/rel_notes/release_19_11.rst | 8 ++++++
> doc/guides/sample_app_ug/ipsec_secgw.rst | 6 +++--
> examples/ipsec-secgw/ipsec-secgw.c | 44 ++++++++++++++++++++------------
> 3 files changed, 40 insertions(+), 18 deletions(-)
>
> diff --git a/doc/guides/rel_notes/release_19_11.rst b/doc/guides/rel_notes/release_19_11.rst
> index 8490d89..70143c5 100644
> --- a/doc/guides/rel_notes/release_19_11.rst
> +++ b/doc/guides/rel_notes/release_19_11.rst
> @@ -56,6 +56,14 @@ New Features
> Also, make sure to start the actual text at the margin.
> =========================================================
>
> +* **Updated the IPsec Security Gateway application.**
> +
> + The ``librte_ipsec`` code path is now the default code path in
> + ``ipsec-secgw``
> +
> + * The ``-l`` command line option has been extended to take a 0 | 1 argument.
> + 0 enables the code path that uses legacy code.
> + 1 enables the code path that uses ``librte_ipsec``.
>
> Removed Items
> -------------
> diff --git a/doc/guides/sample_app_ug/ipsec_secgw.rst b/doc/guides/sample_app_ug/ipsec_secgw.rst
> index ad2d79e..17b00c0 100644
> --- a/doc/guides/sample_app_ug/ipsec_secgw.rst
> +++ b/doc/guides/sample_app_ug/ipsec_secgw.rst
> @@ -92,7 +92,7 @@ The application has a number of command line options::
>
> ./build/ipsec-secgw [EAL options] --
> -p PORTMASK -P -u PORTMASK -j FRAMESIZE
> - -l -w REPLAY_WINOW_SIZE -e -a
> + -l 0 -w REPLAY_WINOW_SIZE -e -a
> --config (port,queue,lcore)[,(port,queue,lcore]
> --single-sa SAIDX
> --rxoffload MASK
> @@ -120,7 +120,9 @@ Where:
> Minimum value: RTE_MBUF_DEFAULT_BUF_SIZE (2176)
> Maximum value: UINT16_MAX (65535).
>
> -* ``-l``: enables code-path that uses librte_ipsec.
> +* ``-l 0 | 1``: Default is ``librte_ipsec`` code path.
> + 0 enables the code path that uses legacy code.
> + 1 enables the code path that uses ``librte_ipsec``.
>
> * ``-w REPLAY_WINOW_SIZE``: specifies the IPsec sequence number replay window
> size for each Security Association (available only with librte_ipsec
> diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
> index 0d1fd6a..3e4b9e0 100644
> --- a/examples/ipsec-secgw/ipsec-secgw.c
> +++ b/examples/ipsec-secgw/ipsec-secgw.c
> @@ -188,7 +188,7 @@ static uint32_t frame_buf_size = RTE_MBUF_DEFAULT_BUF_SIZE;
> static uint32_t mtu_size = RTE_ETHER_MTU;
>
> /* application wide librte_ipsec/SA parameters */
> -struct app_sa_prm app_sa_prm = {.enable = 0};
> +struct app_sa_prm app_sa_prm = {.enable = 1};
>
> struct lcore_rx_queue {
> uint16_t port_id;
> @@ -1259,7 +1259,7 @@ print_usage(const char *prgname)
> " [-P]"
> " [-u PORTMASK]"
> " [-j FRAMESIZE]"
> - " [-l]"
> + " [-l 0 | 1]"
> " [-w REPLAY_WINDOW_SIZE]"
> " [-e]"
> " [-a]"
> @@ -1277,7 +1277,8 @@ print_usage(const char *prgname)
> " -u PORTMASK: Hexadecimal bitmask of unprotected ports\n"
> " -j FRAMESIZE: Data buffer size, minimum (and default)\n"
> " value: RTE_MBUF_DEFAULT_BUF_SIZE\n"
> - " -l enables code-path that uses librte_ipsec\n"
> + " -l 0 enables code-path that uses the legacy code\n"
> + " -l 1 enables code-path that uses librte_ipsec\n"
> " -w REPLAY_WINDOW_SIZE specifies IPsec SQN replay window\n"
> " size for each SA\n"
> " -e enables ESN\n"
> @@ -1418,6 +1419,7 @@ print_app_sa_prm(const struct app_sa_prm *prm)
> printf("replay window size: %u\n", prm->window_size);
> printf("ESN: %s\n", (prm->enable_esn == 0) ? "disabled" : "enabled");
> printf("SA flags: %#" PRIx64 "\n", prm->flags);
> + printf("Fragment Table size %u\n", frag_tbl_sz);
> }
>
> static int32_t
> @@ -1431,7 +1433,7 @@ parse_args(int32_t argc, char **argv)
>
> argvopt = argv;
>
> - while ((opt = getopt_long(argc, argvopt, "aelp:Pu:f:j:w:",
> + while ((opt = getopt_long(argc, argvopt, "aep:Pu:f:j:w:l:",
> lgopts, &option_index)) != EOF) {
>
> switch (opt) {
> @@ -1483,18 +1485,28 @@ parse_args(int32_t argc, char **argv)
> printf("Custom frame buffer size %u\n", frame_buf_size);
> break;
> case 'l':
> - app_sa_prm.enable = 1;
> + ret = parse_decimal(optarg);
> + if (ret == -1) {
> + printf("Invalid argument l %s\n", optarg);
Just as a nit, probably a bit better:
printf("Invalid argument: \'%s\' for: \'%c\' option\n", optarg, opt);
Apart from that:
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Tested-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
> + print_usage(prgname);
> + return -1;
> + } else if (ret == 0)
> + app_sa_prm.enable = 0;
> + else if (ret == 1)
> + app_sa_prm.enable = 1;
> + else {
> + printf("Invalid argument l %d\n", ret);
> + print_usage(prgname);
> + return -1;
> + }
> break;
> case 'w':
> - app_sa_prm.enable = 1;
> app_sa_prm.window_size = parse_decimal(optarg);
> break;
> case 'e':
> - app_sa_prm.enable = 1;
> app_sa_prm.enable_esn = 1;
> break;
> case 'a':
> - app_sa_prm.enable = 1;
> app_sa_prm.flags |= RTE_IPSEC_SAFLAG_SQN_ATOM;
> break;
> case CMD_LINE_OPT_CONFIG_NUM:
> @@ -1579,14 +1591,14 @@ parse_args(int32_t argc, char **argv)
> return -1;
> }
>
> - /* check do we need to enable multi-seg support */
> - if (multi_seg_required()) {
> - /* legacy mode doesn't support multi-seg */
> - app_sa_prm.enable = 1;
> - printf("frame buf size: %u, mtu: %u, "
> - "number of reassemble entries: %u\n"
> - "multi-segment support is required\n",
> - frame_buf_size, mtu_size, frag_tbl_sz);
> + if (app_sa_prm.enable == 0 &&
> + (app_sa_prm.window_size > 0 ||
> + app_sa_prm.enable_esn ||
> + app_sa_prm.flags != 0 ||
> + multi_seg_required())) {
> + printf("-w -e -a and reassembly options are not "
> + "supported in legacy mode\n");
> + return -1;
> }
>
> print_app_sa_prm(&app_sa_prm);
> --
> 2.7.4
next prev parent reply other threads:[~2019-09-26 13:47 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-29 8:59 [dpdk-dev] [PATCH 0/2] examples/ipsec-secgw: set default Bernard Iremonger
2019-08-29 8:59 ` [dpdk-dev] [PATCH 1/2] examples/ipsec-secgw: set default to IPsec library mode Bernard Iremonger
2019-09-26 13:47 ` Ananyev, Konstantin [this message]
2019-09-26 13:51 ` Iremonger, Bernard
2019-08-29 8:59 ` [dpdk-dev] [PATCH 2/2] examples/ipsec-secgw: add -l 0 parameter to old scripts Bernard Iremonger
2019-09-26 13:43 ` Ananyev, Konstantin
2019-09-26 13:46 ` Iremonger, Bernard
2019-10-01 15:17 ` [dpdk-dev] [PATCH v2 0/3] examples/ipsec-secgw: set default Bernard Iremonger
2019-10-01 17:30 ` Ananyev, Konstantin
2019-10-02 8:59 ` Iremonger, Bernard
2019-10-02 9:11 ` Ananyev, Konstantin
2019-10-11 12:40 ` Akhil Goyal
2019-10-11 15:13 ` Iremonger, Bernard
2019-10-11 15:23 ` Thomas Monjalon
2019-10-15 6:42 ` Akhil Goyal
2019-10-15 8:54 ` Iremonger, Bernard
2019-10-15 15:05 ` Akhil Goyal
2019-10-16 10:44 ` Ananyev, Konstantin
2019-10-30 9:29 ` Iremonger, Bernard
2019-11-01 13:19 ` Akhil Goyal
2019-11-04 15:24 ` Ananyev, Konstantin
2019-11-05 8:01 ` Akhil Goyal
2019-11-05 9:10 ` Ananyev, Konstantin
2019-11-06 13:55 ` Anoob Joseph
2019-11-18 13:03 ` Ananyev, Konstantin
2019-10-16 4:18 ` Anoob Joseph
2019-10-01 15:17 ` [dpdk-dev] [PATCH v2 1/3] examples/ipsec-secgw: set default to IPsec library mode Bernard Iremonger
2019-10-14 13:53 ` Nicolau, Radu
2019-10-01 15:17 ` [dpdk-dev] [PATCH v2 2/3] examples/ipsec-secgw: add -l 0 parameter to old scripts Bernard Iremonger
2019-10-01 17:28 ` Ananyev, Konstantin
2019-10-14 13:55 ` Nicolau, Radu
2019-10-01 15:18 ` [dpdk-dev] [PATCH v2 3/3] examples/ipsec-secgw: update pktest.sh script Bernard Iremonger
2019-10-01 17:29 ` Ananyev, Konstantin
2019-10-14 13:56 ` Nicolau, Radu
-- strict thread matches above, loose matches on Subject: below --
2019-08-29 8:45 [dpdk-dev] [PATCH 0/2] Bernard Iremonger
2019-08-29 8:45 ` [dpdk-dev] [PATCH 1/2] examples/ipsec-secgw: set default to IPsec library mode Bernard Iremonger
2019-08-29 8:35 Bernard Iremonger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2601191342CEEE43887BDE71AB977258019196B20C@irsmsx105.ger.corp.intel.com \
--to=konstantin.ananyev@intel.com \
--cc=akhil.goyal@nxp.com \
--cc=bernard.iremonger@intel.com \
--cc=dev@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).