From: "Ananyev, Konstantin" <konstantin.ananyev@intel.com>
To: Nithin Dabilpuram <ndabilpuram@marvell.com>,
"jerinj@marvell.com" <jerinj@marvell.com>,
"gakhil@marvell.com" <gakhil@marvell.com>,
"Zhang, Roy Fan" <roy.fan.zhang@intel.com>,
"hemant.agrawal@nxp.com" <hemant.agrawal@nxp.com>,
"matan@nvidia.com" <matan@nvidia.com>
Cc: "dev@dpdk.org" <dev@dpdk.org>,
"Yigit, Ferruh" <ferruh.yigit@intel.com>,
"Nicolau, Radu" <radu.nicolau@intel.com>,
"olivier.matz@6wind.com" <olivier.matz@6wind.com>,
"g.singh@nxp.com" <g.singh@nxp.com>,
"Doherty, Declan" <declan.doherty@intel.com>,
"jiawenwu@trustnetic.com" <jiawenwu@trustnetic.com>
Subject: Re: [dpdk-dev] [PATCH v5 2/3] security: add option for faster udata or mdata access
Date: Wed, 15 Sep 2021 14:33:04 +0000 [thread overview]
Message-ID: <BY5PR11MB4482D6CF86ACD245B29048339ADB9@BY5PR11MB4482.namprd11.prod.outlook.com> (raw)
In-Reply-To: <20210914151434.29922-3-ndabilpuram@marvell.com>
>
> Currently rte_security_set_pkt_metadata() and rte_security_get_userdata()
> methods to set pkt metadata on Inline outbound and get userdata
> after Inline inbound processing is always driver specific callbacks.
>
> For drivers that do not have much to do in the callbacks but just
> to update metadata in rte_security dynamic field and get userdata
> from rte_security dynamic field, having to just to PMD specific
> callback is costly per packet operation. This patch provides
> a mechanism to do the same in inline function and avoid function
> pointer jump if a driver supports the same.
>
> Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
> Acked-by: Akhil Goyal <gakhil@marvell.com>
> ---
> doc/guides/rel_notes/deprecation.rst | 4 ---
> doc/guides/rel_notes/release_21_08.rst | 6 +++++
> lib/security/rte_security.c | 8 +++---
> lib/security/rte_security.h | 48 +++++++++++++++++++++++++++++++---
> lib/security/version.map | 2 ++
> 5 files changed, 56 insertions(+), 12 deletions(-)
>
> diff --git a/doc/guides/rel_notes/deprecation.rst b/doc/guides/rel_notes/deprecation.rst
> index 59445a6..70ef45e 100644
> --- a/doc/guides/rel_notes/deprecation.rst
> +++ b/doc/guides/rel_notes/deprecation.rst
> @@ -276,10 +276,6 @@ Deprecation Notices
> content. On Linux and FreeBSD, supported prior to DPDK 20.11,
> original structure will be kept until DPDK 21.11.
>
> -* security: The functions ``rte_security_set_pkt_metadata`` and
> - ``rte_security_get_userdata`` will be made inline functions and additional
> - flags will be added in structure ``rte_security_ctx`` in DPDK 21.11.
> -
> * cryptodev: The structure ``rte_crypto_op`` would be updated to reduce
> reserved bytes to 2 (from 3), and use 1 byte to indicate warnings and other
> information from the crypto/security operation. This field will be used to
> diff --git a/doc/guides/rel_notes/release_21_08.rst b/doc/guides/rel_notes/release_21_08.rst
> index b4cbf2d..59ff15a 100644
> --- a/doc/guides/rel_notes/release_21_08.rst
> +++ b/doc/guides/rel_notes/release_21_08.rst
> @@ -223,6 +223,12 @@ ABI Changes
>
> * No ABI change that would break compatibility with 20.11.
>
> +* security: ``rte_security_set_pkt_metadata`` and ``rte_security_get_userdata``
> + routines used by Inline outbound and Inline inbound security processing are
> + made inline and enhanced to do simple 64-bit set/get for PMD's that donot
> + have much processing in PMD specific callbacks but just 64-bit set/get.
> + This avoids a per-pkt function pointer jump overhead for such PMD's.
> +
>
> Known Issues
> ------------
> diff --git a/lib/security/rte_security.c b/lib/security/rte_security.c
> index e8116d5..fe81ed3 100644
> --- a/lib/security/rte_security.c
> +++ b/lib/security/rte_security.c
> @@ -122,9 +122,9 @@ rte_security_session_destroy(struct rte_security_ctx *instance,
> }
>
> int
> -rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
> - struct rte_security_session *sess,
> - struct rte_mbuf *m, void *params)
> +__rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
> + struct rte_security_session *sess,
> + struct rte_mbuf *m, void *params)
> {
> #ifdef RTE_DEBUG
> RTE_PTR_OR_ERR_RET(sess, -EINVAL);
> @@ -137,7 +137,7 @@ rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
> }
>
> void *
> -rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md)
> +__rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md)
> {
> void *userdata = NULL;
>
> diff --git a/lib/security/rte_security.h b/lib/security/rte_security.h
> index 2e136d7..3124134 100644
> --- a/lib/security/rte_security.h
> +++ b/lib/security/rte_security.h
> @@ -71,8 +71,18 @@ struct rte_security_ctx {
> /**< Pointer to security ops for the device */
> uint16_t sess_cnt;
> /**< Number of sessions attached to this context */
> + uint32_t flags;
> + /**< Flags for security context */
> };
>
> +#define RTE_SEC_CTX_F_FAST_SET_MDATA 0x00000001
> +/**< Driver uses fast metadata update without using driver specific callback */
Probably worth to mention somewhere that it is driver responsibility to call
rte_security_dynfield_register() to expose that flag.
> +
> +#define RTE_SEC_CTX_F_FAST_GET_UDATA 0x00000002
> +/**< Driver provides udata using fast method without using driver specific
> + * callback.
> + */
> +
> /**
> * IPSEC tunnel parameters
> *
> @@ -494,6 +504,12 @@ static inline bool rte_security_dynfield_is_registered(void)
> return rte_security_dynfield_offset >= 0;
> }
>
> +/** Function to call PMD specific function pointer set_pkt_metadata() */
> +__rte_experimental
> +extern int __rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
> + struct rte_security_session *sess,
> + struct rte_mbuf *m, void *params);
> +
> /**
> * Updates the buffer with device-specific defined metadata
> *
> @@ -507,10 +523,26 @@ static inline bool rte_security_dynfield_is_registered(void)
> * - On success, zero.
> * - On failure, a negative value.
> */
> -int
> +static inline int
> rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
> struct rte_security_session *sess,
> - struct rte_mbuf *mb, void *params);
> + struct rte_mbuf *mb, void *params)
> +{
> + /* Fast Path */
> + if (instance->flags & RTE_SEC_CTX_F_FAST_SET_MDATA) {
> + *rte_security_dynfield(mb) =
> + (rte_security_dynfield_t)(sess->sess_private_data);
> + return 0;
> + }
> +
> + /* Jump to PMD specific function pointer */
> + return __rte_security_set_pkt_metadata(instance, sess, mb, params);
> +}
> +
> +/** Function to call PMD specific function pointer get_userdata() */
> +__rte_experimental
> +extern void *__rte_security_get_userdata(struct rte_security_ctx *instance,
> + uint64_t md);
>
> /**
> * Get userdata associated with the security session. Device specific metadata
> @@ -530,8 +562,16 @@ rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
> * - On failure, NULL
> */
> __rte_experimental
> -void *
> -rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md);
> +static inline void *
> +rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md)
> +{
> + /* Fast Path */
> + if (instance->flags & RTE_SEC_CTX_F_FAST_GET_UDATA)
> + return (void *)(uintptr_t)md;
> +
> + /* Jump to PMD specific function pointer */
> + return __rte_security_get_userdata(instance, md);
> +}
>
> /**
> * Attach a session to a symmetric crypto operation
> diff --git a/lib/security/version.map b/lib/security/version.map
> index c44c7f5..45ace9c 100644
> --- a/lib/security/version.map
> +++ b/lib/security/version.map
> @@ -20,4 +20,6 @@ EXPERIMENTAL {
> rte_security_get_userdata;
> rte_security_session_stats_get;
> rte_security_session_update;
> + __rte_security_set_pkt_metadata;
> + __rte_security_get_userdata;
> };
> --
> 2.8.4
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
next prev parent reply other threads:[~2021-09-15 14:33 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-24 10:28 [dpdk-dev] [PATCH 1/2] security: enforce semantics for Tx inline processing Akhil Goyal
2021-06-24 10:28 ` [dpdk-dev] [PATCH 2/2] examples/ipsec-secgw: modify event mode inline path Akhil Goyal
2021-07-06 9:13 ` [dpdk-dev] [PATCH 1/2] security: enforce semantics for Tx inline processing Akhil Goyal
2021-07-06 10:56 ` Ananyev, Konstantin
2021-07-06 12:27 ` Nithin Dabilpuram
2021-07-06 12:42 ` Ananyev, Konstantin
2021-07-06 12:58 ` Nithin Dabilpuram
2021-07-06 14:07 ` Ananyev, Konstantin
2021-07-07 9:07 ` Nithin Dabilpuram
2021-07-07 9:59 ` Ananyev, Konstantin
2021-07-07 11:22 ` Nithin Dabilpuram
2021-07-10 12:57 ` Ananyev, Konstantin
2021-07-12 17:01 ` Nithin Dabilpuram
2021-07-13 12:33 ` Ananyev, Konstantin
2021-07-13 14:08 ` Ananyev, Konstantin
2021-07-13 15:58 ` Nithin Dabilpuram
2021-07-14 11:09 ` Ananyev, Konstantin
2021-07-14 13:29 ` Nithin Dabilpuram
2021-07-14 17:28 ` Ananyev, Konstantin
2021-07-15 6:09 ` [dpdk-dev] [PATCH v2 0/3] security: Improve inline fast path routines Nithin Dabilpuram
2021-07-15 6:09 ` [dpdk-dev] [PATCH v2 1/3] security: enforce semantics for Tx inline processing Nithin Dabilpuram
2021-07-15 6:09 ` [dpdk-dev] [PATCH v2 2/3] security: add option for faster udata or mdata access Nithin Dabilpuram
2021-07-15 6:09 ` [dpdk-dev] [PATCH v2 3/3] examples/ipsec-secgw: update L2 length for Tx Nithin Dabilpuram
2021-08-10 6:07 ` [dpdk-dev] [PATCH v3 0/3] security: Improve inline fast path routines Nithin Dabilpuram
2021-08-10 6:07 ` [dpdk-dev] [PATCH v3 1/3] security: enforce semantics for Tx inline processing Nithin Dabilpuram
2021-08-10 6:07 ` [dpdk-dev] [PATCH v3 2/3] security: add option for faster udata or mdata access Nithin Dabilpuram
2021-08-10 6:07 ` [dpdk-dev] [PATCH v3 3/3] examples/ipsec-secgw: update event mode inline path Nithin Dabilpuram
2021-08-12 12:32 ` [dpdk-dev] [PATCH v4 0/4] security: Improve inline fast path routines Nithin Dabilpuram
2021-08-12 12:32 ` [dpdk-dev] [PATCH v4 1/4] security: enforce semantics for Tx inline processing Nithin Dabilpuram
2021-09-06 18:58 ` Akhil Goyal
2021-08-12 12:32 ` [dpdk-dev] [PATCH v4 2/4] security: add option for faster udata or mdata access Nithin Dabilpuram
2021-09-06 18:58 ` Akhil Goyal
2021-09-06 18:59 ` Akhil Goyal
2021-08-12 12:32 ` [dpdk-dev] [PATCH v4 3/4] examples/ipsec-secgw: update event mode inline path Nithin Dabilpuram
2021-09-06 18:59 ` Akhil Goyal
2021-08-12 12:32 ` [dpdk-dev] [PATCH v4 4/4] doc: remove deprecation notice for security fast path change Nithin Dabilpuram
2021-09-06 18:57 ` Akhil Goyal
2021-09-14 15:14 ` [dpdk-dev] [PATCH v5 0/3] security: Improve inline fast path routines Nithin Dabilpuram
2021-09-14 15:14 ` [dpdk-dev] [PATCH v5 1/3] security: enforce semantics for Tx inline processing Nithin Dabilpuram
2021-09-15 14:25 ` Ananyev, Konstantin
2021-09-14 15:14 ` [dpdk-dev] [PATCH v5 2/3] security: add option for faster udata or mdata access Nithin Dabilpuram
2021-09-15 14:33 ` Ananyev, Konstantin [this message]
2021-09-14 15:14 ` [dpdk-dev] [PATCH v5 3/3] examples/ipsec-secgw: update event mode inline path Nithin Dabilpuram
2021-09-15 14:34 ` Ananyev, Konstantin
2021-09-15 16:29 ` [dpdk-dev] [PATCH v6 0/3] security: Improve inline fast path routines Nithin Dabilpuram
2021-09-15 16:29 ` [dpdk-dev] [PATCH v6 1/3] security: enforce semantics for Tx inline processing Nithin Dabilpuram
2021-09-21 13:50 ` Akhil Goyal
2021-09-15 16:30 ` [dpdk-dev] [PATCH v6 2/3] security: add option for faster udata or mdata access Nithin Dabilpuram
2021-09-27 17:10 ` Thomas Monjalon
2021-09-28 8:24 ` [dpdk-dev] [EXT] " Akhil Goyal
2021-09-15 16:30 ` [dpdk-dev] [PATCH v6 3/3] examples/ipsec-secgw: update event mode inline path Nithin Dabilpuram
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=BY5PR11MB4482D6CF86ACD245B29048339ADB9@BY5PR11MB4482.namprd11.prod.outlook.com \
--to=konstantin.ananyev@intel.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=ferruh.yigit@intel.com \
--cc=g.singh@nxp.com \
--cc=gakhil@marvell.com \
--cc=hemant.agrawal@nxp.com \
--cc=jerinj@marvell.com \
--cc=jiawenwu@trustnetic.com \
--cc=matan@nvidia.com \
--cc=ndabilpuram@marvell.com \
--cc=olivier.matz@6wind.com \
--cc=radu.nicolau@intel.com \
--cc=roy.fan.zhang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).