diff mbox series

[v2] examples/ipsec-secgw: fix cryptodev to SA mapping

Message ID	20240223110113.122947-1-radu.nicolau@intel.com (mailing list archive)
State	Superseded, archived
Delegated to:	akhil goyal
Headers	From: Radu Nicolau <radu.nicolau@intel.com> To: dev@dpdk.org Cc: Radu Nicolau <radu.nicolau@intel.com>, stable@dpdk.org, vfialko@marvell.com, Ting-Kai Ku <ting-kai.ku@intel.com>, Ciara Power <ciara.power@intel.com>, Kai Ji <kai.ji@intel.com>, Akhil Goyal <gakhil@marvell.com> Subject: [PATCH v2] examples/ipsec-secgw: fix cryptodev to SA mapping Date: Fri, 23 Feb 2024 11:01:12 +0000 Message-Id: <20240223110113.122947-1-radu.nicolau@intel.com> In-Reply-To: <20231211095349.9895-1-radu.nicolau@intel.com> References: <20231211095349.9895-1-radu.nicolau@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: list Errors-To: dev-bounces@dpdk.org
Series	[v2] examples/ipsec-secgw: fix cryptodev to SA mapping \| [v2] examples/ipsec-secgw: fix cryptodev to SA mapping

Checks

Context	Check	Description
ci/checkpatch	warning	coding style issues
ci/loongarch-compilation	success	Compilation OK
ci/loongarch-unit-testing	success	Unit Testing PASS
ci/Intel-compilation	success	Compilation OK
ci/intel-Testing	success	Testing PASS
ci/github-robot: build	success	github build: passed
ci/intel-Functional	success	Functional PASS
ci/iol-intel-Performance	success	Performance Testing PASS
ci/iol-intel-Functional	success	Functional Testing PASS
ci/iol-mellanox-Performance	success	Performance Testing PASS
ci/iol-abi-testing	success	Testing PASS
ci/iol-unit-arm64-testing	success	Testing PASS
ci/iol-compile-amd64-testing	success	Testing PASS
ci/iol-compile-arm64-testing	success	Testing PASS
ci/iol-unit-amd64-testing	success	Testing PASS
ci/iol-broadcom-Performance	success	Performance Testing PASS
ci/iol-broadcom-Functional	success	Functional Testing PASS
ci/iol-sample-apps-testing	success	Testing PASS

Commit Message

Radu Nicolau Feb. 23, 2024, 11:01 a.m. UTC

  There are use cases where a SA should be able to use different cryptodevs on
different lcores, for example there can be cryptodevs with just 1 qp per VF.
For this purpose this patch relaxes the check in create lookaside session function.
Also add a check to verify that a CQP is available for the current lcore.

Fixes: a8ade12123c3 ("examples/ipsec-secgw: create lookaside sessions at init")
Cc: stable@dpdk.org
Cc: vfialko@marvell.com

Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Tested-by: Ting-Kai Ku <ting-kai.ku@intel.com>
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Ciara Power <ciara.power@intel.com>
Acked-by: Kai Ji <kai.ji@intel.com>
---
v2: add likely to CQP available branch

 examples/ipsec-secgw/ipsec.c | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

Comments

Anoob Joseph Feb. 26, 2024, 4:48 a.m. UTC | #1

Hi Radu,

Using same session across multiple devices would only work if the device instances are same. For example, if you use QAT device 0 & QAT device 1, then the sharing is okay. But if we have QAT and some SW crypto PMD, then the same session will not work. Is it possible to throw a warning when the crypto devices are not of same type?

Thanks,
Anoob

> -----Original Message-----
> From: Radu Nicolau <radu.nicolau@intel.com>
> Sent: Friday, February 23, 2024 4:31 PM
> To: dev@dpdk.org
> Cc: Radu Nicolau <radu.nicolau@intel.com>; stable@dpdk.org; Volodymyr Fialko
> <vfialko@marvell.com>; Ting-Kai Ku <ting-kai.ku@intel.com>; Ciara Power
> <ciara.power@intel.com>; Kai Ji <kai.ji@intel.com>; Akhil Goyal
> <gakhil@marvell.com>
> Subject: [EXT] [PATCH v2] examples/ipsec-secgw: fix cryptodev to SA mapping
> 
> External Email
> 
> ----------------------------------------------------------------------
> There are use cases where a SA should be able to use different cryptodevs on
> different lcores, for example there can be cryptodevs with just 1 qp per VF.
> For this purpose this patch relaxes the check in create lookaside session function.
> Also add a check to verify that a CQP is available for the current lcore.
> 
> Fixes: a8ade12123c3 ("examples/ipsec-secgw: create lookaside sessions at init")
> Cc: stable@dpdk.org
> Cc: vfialko@marvell.com
> 
> Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
> Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
> Tested-by: Ting-Kai Ku <ting-kai.ku@intel.com>
> Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
> Acked-by: Ciara Power <ciara.power@intel.com>
> Acked-by: Kai Ji <kai.ji@intel.com>
> ---
> v2: add likely to CQP available branch
> 
>  examples/ipsec-secgw/ipsec.c | 13 ++++++++-----
>  1 file changed, 8 insertions(+), 5 deletions(-)
> 
> diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c index
> f5cec4a928..7bb9646736 100644
> --- a/examples/ipsec-secgw/ipsec.c
> +++ b/examples/ipsec-secgw/ipsec.c
> @@ -288,10 +288,9 @@ create_lookaside_session(struct ipsec_ctx
> *ipsec_ctx_lcore[],
>  		if (cdev_id == RTE_CRYPTO_MAX_DEVS)
>  			cdev_id = ipsec_ctx->tbl[cdev_id_qp].id;
>  		else if (cdev_id != ipsec_ctx->tbl[cdev_id_qp].id) {
> -			RTE_LOG(ERR, IPSEC,
> -					"SA mapping to multiple cryptodevs is "
> -					"not supported!");
> -			return -EINVAL;
> +			RTE_LOG(WARNING, IPSEC,
> +				"SA mapped to multiple cryptodevs for SPI
> %d\n",
> +				sa->spi);
>  		}
> 
>  		/* Store per core queue pair information */ @@ -908,7 +907,11
> @@ ipsec_enqueue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
>  			continue;
>  		}
> 
> -		enqueue_cop(sa->cqp[ipsec_ctx->lcore_id], &priv->cop);
> +		if (likely(sa->cqp[ipsec_ctx->lcore_id]))
> +			enqueue_cop(sa->cqp[ipsec_ctx->lcore_id], &priv->cop);
> +		else
> +			RTE_LOG(ERR, IPSEC, "No CQP available for lcore %d\n",
> +					ipsec_ctx->lcore_id);
>  	}
>  }
> 
> --
> 2.34.1

diff mbox series

Patch

diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c
index f5cec4a928..7bb9646736 100644
--- a/examples/ipsec-secgw/ipsec.c
+++ b/examples/ipsec-secgw/ipsec.c
@@ -288,10 +288,9 @@  create_lookaside_session(struct ipsec_ctx *ipsec_ctx_lcore[],
 		if (cdev_id == RTE_CRYPTO_MAX_DEVS)
 			cdev_id = ipsec_ctx->tbl[cdev_id_qp].id;
 		else if (cdev_id != ipsec_ctx->tbl[cdev_id_qp].id) {
-			RTE_LOG(ERR, IPSEC,
-					"SA mapping to multiple cryptodevs is "
-					"not supported!");
-			return -EINVAL;
+			RTE_LOG(WARNING, IPSEC,
+				"SA mapped to multiple cryptodevs for SPI %d\n",
+				sa->spi);
 		}
 
 		/* Store per core queue pair information */
@@ -908,7 +907,11 @@  ipsec_enqueue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
 			continue;
 		}
 
-		enqueue_cop(sa->cqp[ipsec_ctx->lcore_id], &priv->cop);
+		if (likely(sa->cqp[ipsec_ctx->lcore_id]))
+			enqueue_cop(sa->cqp[ipsec_ctx->lcore_id], &priv->cop);
+		else
+			RTE_LOG(ERR, IPSEC, "No CQP available for lcore %d\n",
+					ipsec_ctx->lcore_id);
 	}
 }