[v2] examples/ipsec-secgw: fix Tx checksum offload flag
Checks
Commit Message
For the inline crypto path set the Tx checksum offload flag
only if the device supports it.
Fixes: d24471e5786b ("examples/ipsec-secgw: disable Tx checksum for inline")
Cc: ndabilpuram@marvell.com
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
---
v2: when supported the checksum offload flag needs to also be set for ports that don't have SAs programmed
examples/ipsec-secgw/sa.c | 44 ++++++++++++++++++++++-----------------
1 file changed, 25 insertions(+), 19 deletions(-)
Comments
> For the inline crypto path set the Tx checksum offload flag
> only if the device supports it.
>
> Fixes: d24471e5786b ("examples/ipsec-secgw: disable Tx checksum for inline")
> Cc: ndabilpuram@marvell.com
>
> Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
> Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
> Acked-by: Akhil Goyal <gakhil@marvell.com>
> ---
> v2: when supported the checksum offload flag needs to also be set for ports
> that don't have SAs programmed
V1 was already applied to crypto tree.
Please make sure to send incremental patch if the patch is applied.
For now, I have replaced this patch with v1 on the tree as it was not pulled to main.
@@ -1828,37 +1828,43 @@ sa_check_offloads(uint16_t port_id, uint64_t *rx_offloads,
for (idx_sa = 0; idx_sa < nb_sa_out; idx_sa++) {
rule = &sa_out[idx_sa];
rule_type = ipsec_get_action_type(rule);
- switch (rule_type) {
- case RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL:
- /* Checksum offload is not needed for inline protocol as
- * all processing for Outbound IPSec packets will be
- * implicitly taken care and for non-IPSec packets,
- * there is no need of IPv4 Checksum offload.
- */
- if (rule->portid == port_id) {
+ if (rule->portid == port_id) {
+ switch (rule_type) {
+ case RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL:
+ /* Checksum offload is not needed for inline
+ * protocol as all processing for Outbound IPSec
+ * packets will be implicitly taken care and for
+ * non-IPSec packets, there is no need of
+ * IPv4 Checksum offload.
+ */
*tx_offloads |= RTE_ETH_TX_OFFLOAD_SECURITY;
if (rule->mss)
*tx_offloads |= (RTE_ETH_TX_OFFLOAD_TCP_TSO |
RTE_ETH_TX_OFFLOAD_IPV4_CKSUM);
- }
- break;
- case RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO:
- if (rule->portid == port_id) {
+ break;
+ case RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO:
*tx_offloads |= RTE_ETH_TX_OFFLOAD_SECURITY;
if (rule->mss)
*tx_offloads |=
RTE_ETH_TX_OFFLOAD_TCP_TSO;
- *tx_offloads |= RTE_ETH_TX_OFFLOAD_IPV4_CKSUM;
+ if (dev_info.tx_offload_capa &
+ RTE_ETH_TX_OFFLOAD_IPV4_CKSUM)
+ *tx_offloads |=
+ RTE_ETH_TX_OFFLOAD_IPV4_CKSUM;
+ break;
+ default:
+ /* Enable IPv4 checksum offload even if
+ * one of lookaside SA's are present.
+ */
+ if (dev_info.tx_offload_capa &
+ RTE_ETH_TX_OFFLOAD_IPV4_CKSUM)
+ *tx_offloads |= RTE_ETH_TX_OFFLOAD_IPV4_CKSUM;
+ break;
}
- break;
- default:
- /* Enable IPv4 checksum offload even if one of lookaside
- * SA's are present.
- */
+ } else {
if (dev_info.tx_offload_capa &
RTE_ETH_TX_OFFLOAD_IPV4_CKSUM)
*tx_offloads |= RTE_ETH_TX_OFFLOAD_IPV4_CKSUM;
- break;
}
}
return 0;