From patchwork Tue Sep 14 15:14:32 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nithin Dabilpuram X-Patchwork-Id: 98858 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 4BA8EA0C43; Tue, 14 Sep 2021 17:14:54 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 23A1F410E7; Tue, 14 Sep 2021 17:14:51 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 9058B410E5 for ; Tue, 14 Sep 2021 17:14:49 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 18EAahCa026666; Tue, 14 Sep 2021 08:14:48 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=pfpt0220; bh=QCGNAxzIR/TWPXzGjCFI+5Nd/X+dECoMyu+AFIq9WbI=; b=JgsQwY81uzNdAlNqH4xeVhPDLa2ai+Q+N1Sph+bho39wjlfEbxxHa93H7R3VT9zLoVZ8 FTMDpU6gMhuIQUpzxfkoeIYlebydK0YIgEe4pcLCiwskerNswxaafzVf1ri4Wi6rfP55 arN5VEDrOkJUQb3NDpl2daqBXfqqqqd9+T/YKnupXj0FlMkLLEBtcMHJ+K1SWlesiG/C V9qO/uQvAzhrelB713v5SXXbilRh4fjounHVmnjMw7IdJfCCdxR15n2eoc1srN4JuCe9 1NvRiT1IAFK0GS06X+yegDe1HqH90deFQmMYPvyyP/MBIqLfxbOemqP05Tx6u55TMbWc Uw== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com with ESMTP id 3b2t41h5vp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 14 Sep 2021 08:14:48 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Tue, 14 Sep 2021 08:14:46 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Tue, 14 Sep 2021 08:14:46 -0700 Received: from hyd1588t430.marvell.com (unknown [10.29.52.204]) by maili.marvell.com (Postfix) with ESMTP id 3673E3F7065; Tue, 14 Sep 2021 08:14:41 -0700 (PDT) From: Nithin Dabilpuram To: , , , , , CC: , , , , , , , Date: Tue, 14 Sep 2021 20:44:32 +0530 Message-ID: <20210914151434.29922-2-ndabilpuram@marvell.com> X-Mailer: git-send-email 2.8.4 In-Reply-To: <20210914151434.29922-1-ndabilpuram@marvell.com> References: <20210624102848.3878788-1-gakhil@marvell.com> <20210914151434.29922-1-ndabilpuram@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: F4ReizW1dLsfUjHj_cAbuzjc4nDUebiO X-Proofpoint-ORIG-GUID: F4ReizW1dLsfUjHj_cAbuzjc4nDUebiO X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475 definitions=2021-09-14_06,2021-09-14_01,2020-04-07_01 Subject: [dpdk-dev] [PATCH v5 1/3] security: enforce semantics for Tx inline processing X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Not all net PMD's/HW can parse packet and identify L2 header and L3 header locations on Tx. This is inline with other Tx offloads requirements such as L3 checksum, L4 checksum offload, etc, where mbuf.l2_len, mbuf.l3_len etc, needs to be set for HW to be able to generate checksum. Since Inline IPSec is also such a Tx offload, some PMD's at least need mbuf.l2_len to be valid to find L3 header and perform Outbound IPSec processing. Hence, this patch updates documentation to enforce setting mbuf.l2_len while setting PKT_TX_SEC_OFFLOAD in mbuf.ol_flags for Inline IPSec Crypto / Protocol offload processing to work on Tx. Signed-off-by: Nithin Dabilpuram Acked-by: Akhil Goyal Acked-by: Konstantin Ananyev --- doc/guides/nics/features.rst | 2 ++ lib/mbuf/rte_mbuf_core.h | 2 ++ 2 files changed, 4 insertions(+) diff --git a/doc/guides/nics/features.rst b/doc/guides/nics/features.rst index a96e12d..4fce8cd 100644 --- a/doc/guides/nics/features.rst +++ b/doc/guides/nics/features.rst @@ -430,6 +430,7 @@ of protocol operations. See Security library and PMD documentation for more deta * **[uses] rte_eth_rxconf,rte_eth_rxmode**: ``offloads:DEV_RX_OFFLOAD_SECURITY``, * **[uses] rte_eth_txconf,rte_eth_txmode**: ``offloads:DEV_TX_OFFLOAD_SECURITY``. +* **[uses] mbuf**: ``mbuf.l2_len``. * **[implements] rte_security_ops**: ``session_create``, ``session_update``, ``session_stats_get``, ``session_destroy``, ``set_pkt_metadata``, ``capabilities_get``. * **[provides] rte_eth_dev_info**: ``rx_offload_capa,rx_queue_offload_capa:DEV_RX_OFFLOAD_SECURITY``, @@ -451,6 +452,7 @@ protocol operations. See security library and PMD documentation for more details * **[uses] rte_eth_rxconf,rte_eth_rxmode**: ``offloads:DEV_RX_OFFLOAD_SECURITY``, * **[uses] rte_eth_txconf,rte_eth_txmode**: ``offloads:DEV_TX_OFFLOAD_SECURITY``. +* **[uses] mbuf**: ``mbuf.l2_len``. * **[implements] rte_security_ops**: ``session_create``, ``session_update``, ``session_stats_get``, ``session_destroy``, ``set_pkt_metadata``, ``get_userdata``, ``capabilities_get``. diff --git a/lib/mbuf/rte_mbuf_core.h b/lib/mbuf/rte_mbuf_core.h index bb38d7f..9d8e3dd 100644 --- a/lib/mbuf/rte_mbuf_core.h +++ b/lib/mbuf/rte_mbuf_core.h @@ -228,6 +228,8 @@ extern "C" { /** * Request security offload processing on the TX packet. + * To use Tx security offload, the user needs to fill l2_len in mbuf + * indicating L2 header size and where L3 header starts. */ #define PKT_TX_SEC_OFFLOAD (1ULL << 43) From patchwork Tue Sep 14 15:14:33 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nithin Dabilpuram X-Patchwork-Id: 98859 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id DDC6CA0C43; Tue, 14 Sep 2021 17:15:00 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 41F0A410EF; Tue, 14 Sep 2021 17:14:56 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id C6BC0410ED for ; Tue, 14 Sep 2021 17:14:54 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 18E9q4xa024044; Tue, 14 Sep 2021 08:14:52 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=pfpt0220; bh=5vZe3PU4ZqiWxDC9MWAD8q33nhLYL4AjVVClibgMZgs=; b=P2biPwrP6XNEtZyLBO6mkEZxFd5zZF6nqF2FhxCO6aVaRLuRsfUDfITGddPFqvuZKi/l c8up9T7YLLAjyAidofsZldDJOc5s1lYTIzdqCMO1j7WkupipN+MesNmfPkkruvWLjsI7 TyBwCFzHxGD9N9SGmk5WEB9uNPKAxdAMuP+BEOqdjAnr5VNEmdVGb/iJg/hOyygejk/0 tN0nD5tcik6+YOL3Nd5SGgCLjwS/pc7rN5aIja1s3BR6rtR451aHI9fu1SOC3pnVhJYI gPrWgmFNGEh0VCMDkHEHvNMXl/t38djpVgDW+YQM5kd+BQpSFVq4MOtNlWohDegrLHtk fQ== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0a-0016f401.pphosted.com with ESMTP id 3b2sfshejr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 14 Sep 2021 08:14:52 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Tue, 14 Sep 2021 08:14:50 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Tue, 14 Sep 2021 08:14:50 -0700 Received: from hyd1588t430.marvell.com (unknown [10.29.52.204]) by maili.marvell.com (Postfix) with ESMTP id B2D803F7066; Tue, 14 Sep 2021 08:14:46 -0700 (PDT) From: Nithin Dabilpuram To: , , , , , CC: , , , , , , , Date: Tue, 14 Sep 2021 20:44:33 +0530 Message-ID: <20210914151434.29922-3-ndabilpuram@marvell.com> X-Mailer: git-send-email 2.8.4 In-Reply-To: <20210914151434.29922-1-ndabilpuram@marvell.com> References: <20210624102848.3878788-1-gakhil@marvell.com> <20210914151434.29922-1-ndabilpuram@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: 7CBIhG4w-73CUUbX_8AJ6D7AGDELTxVr X-Proofpoint-ORIG-GUID: 7CBIhG4w-73CUUbX_8AJ6D7AGDELTxVr X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475 definitions=2021-09-14_06,2021-09-14_01,2020-04-07_01 Subject: [dpdk-dev] [PATCH v5 2/3] security: add option for faster udata or mdata access X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Currently rte_security_set_pkt_metadata() and rte_security_get_userdata() methods to set pkt metadata on Inline outbound and get userdata after Inline inbound processing is always driver specific callbacks. For drivers that do not have much to do in the callbacks but just to update metadata in rte_security dynamic field and get userdata from rte_security dynamic field, having to just to PMD specific callback is costly per packet operation. This patch provides a mechanism to do the same in inline function and avoid function pointer jump if a driver supports the same. Signed-off-by: Nithin Dabilpuram Acked-by: Akhil Goyal Acked-by: Konstantin Ananyev --- doc/guides/rel_notes/deprecation.rst | 4 --- doc/guides/rel_notes/release_21_08.rst | 6 +++++ lib/security/rte_security.c | 8 +++--- lib/security/rte_security.h | 48 +++++++++++++++++++++++++++++++--- lib/security/version.map | 2 ++ 5 files changed, 56 insertions(+), 12 deletions(-) diff --git a/doc/guides/rel_notes/deprecation.rst b/doc/guides/rel_notes/deprecation.rst index 59445a6..70ef45e 100644 --- a/doc/guides/rel_notes/deprecation.rst +++ b/doc/guides/rel_notes/deprecation.rst @@ -276,10 +276,6 @@ Deprecation Notices content. On Linux and FreeBSD, supported prior to DPDK 20.11, original structure will be kept until DPDK 21.11. -* security: The functions ``rte_security_set_pkt_metadata`` and - ``rte_security_get_userdata`` will be made inline functions and additional - flags will be added in structure ``rte_security_ctx`` in DPDK 21.11. - * cryptodev: The structure ``rte_crypto_op`` would be updated to reduce reserved bytes to 2 (from 3), and use 1 byte to indicate warnings and other information from the crypto/security operation. This field will be used to diff --git a/doc/guides/rel_notes/release_21_08.rst b/doc/guides/rel_notes/release_21_08.rst index b4cbf2d..59ff15a 100644 --- a/doc/guides/rel_notes/release_21_08.rst +++ b/doc/guides/rel_notes/release_21_08.rst @@ -223,6 +223,12 @@ ABI Changes * No ABI change that would break compatibility with 20.11. +* security: ``rte_security_set_pkt_metadata`` and ``rte_security_get_userdata`` + routines used by Inline outbound and Inline inbound security processing are + made inline and enhanced to do simple 64-bit set/get for PMD's that donot + have much processing in PMD specific callbacks but just 64-bit set/get. + This avoids a per-pkt function pointer jump overhead for such PMD's. + Known Issues ------------ diff --git a/lib/security/rte_security.c b/lib/security/rte_security.c index e8116d5..fe81ed3 100644 --- a/lib/security/rte_security.c +++ b/lib/security/rte_security.c @@ -122,9 +122,9 @@ rte_security_session_destroy(struct rte_security_ctx *instance, } int -rte_security_set_pkt_metadata(struct rte_security_ctx *instance, - struct rte_security_session *sess, - struct rte_mbuf *m, void *params) +__rte_security_set_pkt_metadata(struct rte_security_ctx *instance, + struct rte_security_session *sess, + struct rte_mbuf *m, void *params) { #ifdef RTE_DEBUG RTE_PTR_OR_ERR_RET(sess, -EINVAL); @@ -137,7 +137,7 @@ rte_security_set_pkt_metadata(struct rte_security_ctx *instance, } void * -rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md) +__rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md) { void *userdata = NULL; diff --git a/lib/security/rte_security.h b/lib/security/rte_security.h index 2e136d7..3124134 100644 --- a/lib/security/rte_security.h +++ b/lib/security/rte_security.h @@ -71,8 +71,18 @@ struct rte_security_ctx { /**< Pointer to security ops for the device */ uint16_t sess_cnt; /**< Number of sessions attached to this context */ + uint32_t flags; + /**< Flags for security context */ }; +#define RTE_SEC_CTX_F_FAST_SET_MDATA 0x00000001 +/**< Driver uses fast metadata update without using driver specific callback */ + +#define RTE_SEC_CTX_F_FAST_GET_UDATA 0x00000002 +/**< Driver provides udata using fast method without using driver specific + * callback. + */ + /** * IPSEC tunnel parameters * @@ -494,6 +504,12 @@ static inline bool rte_security_dynfield_is_registered(void) return rte_security_dynfield_offset >= 0; } +/** Function to call PMD specific function pointer set_pkt_metadata() */ +__rte_experimental +extern int __rte_security_set_pkt_metadata(struct rte_security_ctx *instance, + struct rte_security_session *sess, + struct rte_mbuf *m, void *params); + /** * Updates the buffer with device-specific defined metadata * @@ -507,10 +523,26 @@ static inline bool rte_security_dynfield_is_registered(void) * - On success, zero. * - On failure, a negative value. */ -int +static inline int rte_security_set_pkt_metadata(struct rte_security_ctx *instance, struct rte_security_session *sess, - struct rte_mbuf *mb, void *params); + struct rte_mbuf *mb, void *params) +{ + /* Fast Path */ + if (instance->flags & RTE_SEC_CTX_F_FAST_SET_MDATA) { + *rte_security_dynfield(mb) = + (rte_security_dynfield_t)(sess->sess_private_data); + return 0; + } + + /* Jump to PMD specific function pointer */ + return __rte_security_set_pkt_metadata(instance, sess, mb, params); +} + +/** Function to call PMD specific function pointer get_userdata() */ +__rte_experimental +extern void *__rte_security_get_userdata(struct rte_security_ctx *instance, + uint64_t md); /** * Get userdata associated with the security session. Device specific metadata @@ -530,8 +562,16 @@ rte_security_set_pkt_metadata(struct rte_security_ctx *instance, * - On failure, NULL */ __rte_experimental -void * -rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md); +static inline void * +rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md) +{ + /* Fast Path */ + if (instance->flags & RTE_SEC_CTX_F_FAST_GET_UDATA) + return (void *)(uintptr_t)md; + + /* Jump to PMD specific function pointer */ + return __rte_security_get_userdata(instance, md); +} /** * Attach a session to a symmetric crypto operation diff --git a/lib/security/version.map b/lib/security/version.map index c44c7f5..45ace9c 100644 --- a/lib/security/version.map +++ b/lib/security/version.map @@ -20,4 +20,6 @@ EXPERIMENTAL { rte_security_get_userdata; rte_security_session_stats_get; rte_security_session_update; + __rte_security_set_pkt_metadata; + __rte_security_get_userdata; }; From patchwork Tue Sep 14 15:14:34 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nithin Dabilpuram X-Patchwork-Id: 98860 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id CE24BA0C43; Tue, 14 Sep 2021 17:15:06 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 5F4BB410F8; Tue, 14 Sep 2021 17:15:00 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 87EB8410F7 for ; Tue, 14 Sep 2021 17:14:58 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 18EAZeen024924; Tue, 14 Sep 2021 08:14:57 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=pfpt0220; bh=RwMC7obIGqNBt8VtAqouSyroPSciKSVKFLnNnqbV3/w=; b=hAiQR60ljGJoxDbnwtUSDa86b5AFDOUBNsRNQGCDSOQahsJAYQRD8OM2K9xAXRmo1G/X 2WYsTPIKYOrkuDd/SzXmqNeRdW71Y2tjJeO//Og1OWZAgvWzcENgchJFdUQLPNPgDoub hxYtzdDCWtvWH00AUFZUElViwmlKNvMqeooIRtx3Vq3YWKfA55+f78KYWn/Z7Cl2riv2 vOtrTzKlO7Vms3s4JWTOmfrlvbWZemOTptAeBj/aR9jQFMv3B+O5HL5lKQbRTH743pb1 qeGY0t+6PsmONcujzVwvacGp6kZ6ua/i3/dB605yCe+QhaEc8uia+Vnd14Us4KNVye26 NQ== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com with ESMTP id 3b2t41h5wh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 14 Sep 2021 08:14:57 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Tue, 14 Sep 2021 08:14:55 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Tue, 14 Sep 2021 08:14:55 -0700 Received: from hyd1588t430.marvell.com (unknown [10.29.52.204]) by maili.marvell.com (Postfix) with ESMTP id 477EE3F7065; Tue, 14 Sep 2021 08:14:51 -0700 (PDT) From: Nithin Dabilpuram To: , , , , , CC: , , , , , , , Date: Tue, 14 Sep 2021 20:44:34 +0530 Message-ID: <20210914151434.29922-4-ndabilpuram@marvell.com> X-Mailer: git-send-email 2.8.4 In-Reply-To: <20210914151434.29922-1-ndabilpuram@marvell.com> References: <20210624102848.3878788-1-gakhil@marvell.com> <20210914151434.29922-1-ndabilpuram@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: N_G6Uw0PjybbL97CGuyBqv8JaAcT4Lj3 X-Proofpoint-ORIG-GUID: N_G6Uw0PjybbL97CGuyBqv8JaAcT4Lj3 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475 definitions=2021-09-14_06,2021-09-14_01,2020-04-07_01 Subject: [dpdk-dev] [PATCH v5 3/3] examples/ipsec-secgw: update event mode inline path X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Update mbuf.l2_len with L2 header size for outbound inline processing. This patch also fixes a bug in arg parsing. Signed-off-by: Nithin Dabilpuram Acked-by: Akhil Goyal Acked-by: Konstantin Ananyev --- examples/ipsec-secgw/ipsec-secgw.c | 2 ++ examples/ipsec-secgw/ipsec_worker.c | 41 ++++++++++++++++++++++++------------- 2 files changed, 29 insertions(+), 14 deletions(-) diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c index f252d34..7ad94cb 100644 --- a/examples/ipsec-secgw/ipsec-secgw.c +++ b/examples/ipsec-secgw/ipsec-secgw.c @@ -1495,6 +1495,8 @@ parse_portmask(const char *portmask) char *end = NULL; unsigned long pm; + errno = 0; + /* parse hexadecimal string */ pm = strtoul(portmask, &end, 16); if ((portmask[0] == '\0') || (end == NULL) || (*end != '\0')) diff --git a/examples/ipsec-secgw/ipsec_worker.c b/examples/ipsec-secgw/ipsec_worker.c index 647e22d..c545497 100644 --- a/examples/ipsec-secgw/ipsec_worker.c +++ b/examples/ipsec-secgw/ipsec_worker.c @@ -12,6 +12,11 @@ #include "ipsec-secgw.h" #include "ipsec_worker.h" +struct port_drv_mode_data { + struct rte_security_session *sess; + struct rte_security_ctx *ctx; +}; + static inline enum pkt_type process_ipsec_get_pkt_type(struct rte_mbuf *pkt, uint8_t **nlp) { @@ -60,7 +65,8 @@ ipsec_event_pre_forward(struct rte_mbuf *m, unsigned int port_id) static inline void prepare_out_sessions_tbl(struct sa_ctx *sa_out, - struct rte_security_session **sess_tbl, uint16_t size) + struct port_drv_mode_data *data, + uint16_t size) { struct rte_ipsec_session *pri_sess; struct ipsec_sa *sa; @@ -95,9 +101,10 @@ prepare_out_sessions_tbl(struct sa_ctx *sa_out, } /* Use only first inline session found for a given port */ - if (sess_tbl[sa->portid]) + if (data[sa->portid].sess) continue; - sess_tbl[sa->portid] = pri_sess->security.ses; + data[sa->portid].sess = pri_sess->security.ses; + data[sa->portid].ctx = pri_sess->security.ctx; } } @@ -356,9 +363,8 @@ process_ipsec_ev_outbound(struct ipsec_ctx *ctx, struct route_table *rt, goto drop_pkt_and_exit; } - if (sess->security.ol_flags & RTE_SECURITY_TX_OLOAD_NEED_MDATA) - *(struct rte_security_session **)rte_security_dynfield(pkt) = - sess->security.ses; + rte_security_set_pkt_metadata(sess->security.ctx, + sess->security.ses, pkt, NULL); /* Mark the packet for Tx security offload */ pkt->ol_flags |= PKT_TX_SEC_OFFLOAD; @@ -367,6 +373,9 @@ process_ipsec_ev_outbound(struct ipsec_ctx *ctx, struct route_table *rt, port_id = sa->portid; send_pkt: + /* Provide L2 len for Outbound processing */ + pkt->l2_len = RTE_ETHER_HDR_LEN; + /* Update mac addresses */ update_mac_addrs(pkt, port_id); @@ -398,7 +407,7 @@ static void ipsec_wrkr_non_burst_int_port_drv_mode(struct eh_event_link_info *links, uint8_t nb_links) { - struct rte_security_session *sess_tbl[RTE_MAX_ETHPORTS] = { NULL }; + struct port_drv_mode_data data[RTE_MAX_ETHPORTS]; unsigned int nb_rx = 0; struct rte_mbuf *pkt; struct rte_event ev; @@ -412,6 +421,8 @@ ipsec_wrkr_non_burst_int_port_drv_mode(struct eh_event_link_info *links, return; } + memset(&data, 0, sizeof(struct port_drv_mode_data)); + /* Get core ID */ lcore_id = rte_lcore_id(); @@ -422,8 +433,8 @@ ipsec_wrkr_non_burst_int_port_drv_mode(struct eh_event_link_info *links, * Prepare security sessions table. In outbound driver mode * we always use first session configured for a given port */ - prepare_out_sessions_tbl(socket_ctx[socket_id].sa_out, sess_tbl, - RTE_MAX_ETHPORTS); + prepare_out_sessions_tbl(socket_ctx[socket_id].sa_out, data, + RTE_MAX_ETHPORTS); RTE_LOG(INFO, IPSEC, "Launching event mode worker (non-burst - Tx internal port - " @@ -460,19 +471,21 @@ ipsec_wrkr_non_burst_int_port_drv_mode(struct eh_event_link_info *links, if (!is_unprotected_port(port_id)) { - if (unlikely(!sess_tbl[port_id])) { + if (unlikely(!data[port_id].sess)) { rte_pktmbuf_free(pkt); continue; } /* Save security session */ - if (rte_security_dynfield_is_registered()) - *(struct rte_security_session **) - rte_security_dynfield(pkt) = - sess_tbl[port_id]; + rte_security_set_pkt_metadata(data[port_id].ctx, + data[port_id].sess, pkt, + NULL); /* Mark the packet for Tx security offload */ pkt->ol_flags |= PKT_TX_SEC_OFFLOAD; + + /* Provide L2 len for Outbound processing */ + pkt->l2_len = RTE_ETHER_HDR_LEN; } /*