From: Radu Nicolau <radu.nicolau@intel.com>
To: dev@dpdk.org
Cc: konstantin.ananyev@intel.com, ferruh.yigit@intel.com,
sergio.gonzalez.monroy@intel.com, pablo.de.lara.guarch@intel.com,
declan.doherty@intel.com, akhil.goyal@nxp.com,
Radu Nicolau <radu.nicolau@intel.com>
Subject: [dpdk-dev] [PATCH 3/3] examples/ipsec_secgw: create session mempools for ethdevs
Date: Tue, 12 Dec 2017 12:50:27 +0000 [thread overview]
Message-ID: <1513083027-11741-3-git-send-email-radu.nicolau@intel.com> (raw)
In-Reply-To: <1513083027-11741-1-git-send-email-radu.nicolau@intel.com>
Also moved offloaded packets from cryptodev queues
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
---
examples/ipsec-secgw/ipsec-secgw.c | 42 +++++++++++++++++++++++++++++++++++++-
examples/ipsec-secgw/ipsec.c | 31 ++++++++++++++--------------
examples/ipsec-secgw/ipsec.h | 4 ++--
3 files changed, 58 insertions(+), 19 deletions(-)
diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
index c98454a..08d5b5a 100644
--- a/examples/ipsec-secgw/ipsec-secgw.c
+++ b/examples/ipsec-secgw/ipsec-secgw.c
@@ -1244,7 +1244,7 @@ cryptodevs_init(void)
struct rte_cryptodev_config dev_conf;
struct rte_cryptodev_qp_conf qp_conf;
uint16_t idx, max_nb_qps, qp, i;
- int16_t cdev_id;
+ int16_t cdev_id, port_id;
struct rte_hash_parameters params = { 0 };
params.entries = CDEV_MAP_ENTRIES;
@@ -1273,6 +1273,14 @@ cryptodevs_init(void)
if (sess_sz > max_sess_sz)
max_sess_sz = sess_sz;
}
+ for (port_id = 0; port_id < rte_eth_dev_count(); port_id++) {
+ if ((enabled_port_mask & (1 << port_id)) == 0)
+ continue;
+ sess_sz = rte_security_session_get_size(
+ rte_eth_dev_get_sec_ctx(port_id));
+ if (sess_sz > max_sess_sz)
+ max_sess_sz = sess_sz;
+ }
idx = 0;
/* Start from last cdev id to give HW priority */
@@ -1343,6 +1351,38 @@ cryptodevs_init(void)
cdev_id);
}
+ /* create session pools for eth devices that implement security */
+ for (port_id = 0; port_id < rte_eth_dev_count(); port_id++) {
+ if ((enabled_port_mask & (1 << port_id)) &&
+ rte_eth_dev_get_sec_ctx(port_id)) {
+ int socket_id = rte_eth_dev_socket_id(port_id);
+
+ if (!socket_ctx[socket_id].session_pool) {
+ char mp_name[RTE_MEMPOOL_NAMESIZE];
+ struct rte_mempool *sess_mp;
+
+ snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
+ "sess_mp_%u", socket_id);
+ sess_mp = rte_mempool_create(mp_name,
+ CDEV_MP_NB_OBJS,
+ max_sess_sz,
+ CDEV_MP_CACHE_SZ,
+ 0, NULL, NULL, NULL,
+ NULL, socket_id,
+ 0);
+ if (sess_mp == NULL)
+ rte_exit(EXIT_FAILURE,
+ "Cannot create session pool "
+ "on socket %d\n", socket_id);
+ else
+ printf("Allocated session pool "
+ "on socket %d\n", socket_id);
+ socket_ctx[socket_id].session_pool = sess_mp;
+ }
+ }
+ }
+
+
printf("\n");
return 0;
diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c
index 70ed227..708f29e 100644
--- a/examples/ipsec-secgw/ipsec.c
+++ b/examples/ipsec-secgw/ipsec.c
@@ -266,7 +266,6 @@ ipsec_enqueue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
struct ipsec_mbuf_metadata *priv;
struct rte_crypto_sym_op *sym_cop;
struct ipsec_sa *sa;
- struct cdev_qp *cqp;
for (i = 0; i < nb_pkts; i++) {
if (unlikely(sas[i] == NULL)) {
@@ -345,8 +344,7 @@ ipsec_enqueue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
continue;
}
- cqp = &ipsec_ctx->tbl[sa->cdev_id_qp];
- cqp->ol_pkts[cqp->ol_pkts_cnt++] = pkts[i];
+ ipsec_ctx->ol_pkts[ipsec_ctx->ol_pkts_cnt++] = pkts[i];
if (sa->ol_flags & RTE_SECURITY_TX_OLOAD_NEED_MDATA)
rte_security_set_pkt_metadata(
sa->security_ctx,
@@ -369,6 +367,20 @@ ipsec_dequeue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
struct ipsec_sa *sa;
struct rte_mbuf *pkt;
+ while (ipsec_ctx->ol_pkts_cnt > 0 && nb_pkts < max_pkts) {
+ pkt = ipsec_ctx->ol_pkts[--ipsec_ctx->ol_pkts_cnt];
+ rte_prefetch0(pkt);
+ priv = get_priv(pkt);
+ sa = priv->sa;
+ ret = xform_func(pkt, sa, &priv->cop);
+ if (unlikely(ret)) {
+ rte_pktmbuf_free(pkt);
+ continue;
+ }
+ pkts[nb_pkts++] = pkt;
+ }
+
+
for (i = 0; i < ipsec_ctx->nb_qps && nb_pkts < max_pkts; i++) {
struct cdev_qp *cqp;
@@ -376,19 +388,6 @@ ipsec_dequeue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
if (ipsec_ctx->last_qp == ipsec_ctx->nb_qps)
ipsec_ctx->last_qp %= ipsec_ctx->nb_qps;
- while (cqp->ol_pkts_cnt > 0 && nb_pkts < max_pkts) {
- pkt = cqp->ol_pkts[--cqp->ol_pkts_cnt];
- rte_prefetch0(pkt);
- priv = get_priv(pkt);
- sa = priv->sa;
- ret = xform_func(pkt, sa, &priv->cop);
- if (unlikely(ret)) {
- rte_pktmbuf_free(pkt);
- continue;
- }
- pkts[nb_pkts++] = pkt;
- }
-
if (cqp->in_flight == 0)
continue;
diff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h
index 775b316..eb7b539 100644
--- a/examples/ipsec-secgw/ipsec.h
+++ b/examples/ipsec-secgw/ipsec.h
@@ -159,8 +159,6 @@ struct cdev_qp {
uint16_t in_flight;
uint16_t len;
struct rte_crypto_op *buf[MAX_PKT_BURST] __rte_aligned(sizeof(void *));
- struct rte_mbuf *ol_pkts[MAX_PKT_BURST] __rte_aligned(sizeof(void *));
- uint16_t ol_pkts_cnt;
};
struct ipsec_ctx {
@@ -172,6 +170,8 @@ struct ipsec_ctx {
uint16_t last_qp;
struct cdev_qp tbl[MAX_QP_PER_LCORE];
struct rte_mempool *session_pool;
+ struct rte_mbuf *ol_pkts[MAX_PKT_BURST] __rte_aligned(sizeof(void *));
+ uint16_t ol_pkts_cnt;
};
struct cdev_key {
--
2.7.5
next prev parent reply other threads:[~2017-12-12 12:55 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-12 12:50 [dpdk-dev] [PATCH 1/3] lib/librte_security: added get size Radu Nicolau
2017-12-12 12:50 ` [dpdk-dev] [PATCH 2/3] net/ixgbe: implemented security session " Radu Nicolau
2018-01-08 10:15 ` De Lara Guarch, Pablo
2018-01-15 10:27 ` Radu Nicolau
2017-12-12 12:50 ` Radu Nicolau [this message]
2018-01-08 11:03 ` [dpdk-dev] [PATCH 3/3] examples/ipsec_secgw: create session mempools for ethdevs De Lara Guarch, Pablo
2018-01-15 10:41 ` Radu Nicolau
2018-01-08 10:14 ` [dpdk-dev] [PATCH 1/3] lib/librte_security: added get size De Lara Guarch, Pablo
2018-01-08 11:28 ` Akhil Goyal
2018-01-15 10:39 ` [dpdk-dev] [PATCH v2 1/3] security: add get session size function Radu Nicolau
2018-01-15 10:39 ` [dpdk-dev] [PATCH v2 2/3] net/ixgbe: implement security session get size Radu Nicolau
2018-01-15 10:39 ` [dpdk-dev] [PATCH v2 3/3] examples/ipsec_secgw: create session mempools for ethdevs Radu Nicolau
2018-01-18 9:58 ` Akhil Goyal
2018-01-18 15:11 ` De Lara Guarch, Pablo
2018-01-18 15:18 ` Nicolau, Radu
2018-01-18 15:41 ` [dpdk-dev] [PATCH v3 1/3] security: add get session size function Radu Nicolau
2018-01-18 15:41 ` [dpdk-dev] [PATCH v3 2/3] net/ixgbe: implement security session get size Radu Nicolau
2018-01-18 15:41 ` [dpdk-dev] [PATCH v3 3/3] examples/ipsec_secgw: create session mempools for ethdevs Radu Nicolau
2018-01-19 8:55 ` [dpdk-dev] [PATCH v3 1/3] security: add get session size function De Lara Guarch, Pablo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1513083027-11741-3-git-send-email-radu.nicolau@intel.com \
--to=radu.nicolau@intel.com \
--cc=akhil.goyal@nxp.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=ferruh.yigit@intel.com \
--cc=konstantin.ananyev@intel.com \
--cc=pablo.de.lara.guarch@intel.com \
--cc=sergio.gonzalez.monroy@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).