[v2,26/31] net/cnxk: limit port specific SA table size
Checks
Commit Message
Limit port specific SA table size to 1 entry when not used.
This is usefule when inline device is enabled as then
Port specific SA table will not be used for Inline IPsec
inbound processing.
Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
---
drivers/net/cnxk/cnxk_ethdev.c | 4 ++++
drivers/net/cnxk/cnxk_ethdev.h | 5 ++++-
drivers/net/cnxk/cnxk_ethdev_devargs.c | 3 +--
3 files changed, 9 insertions(+), 3 deletions(-)
@@ -103,6 +103,10 @@ nix_security_setup(struct cnxk_eth_dev *dev)
int i, rc = 0;
if (dev->rx_offloads & RTE_ETH_RX_OFFLOAD_SECURITY) {
+ /* Setup minimum SA table when inline device is used */
+ nix->ipsec_in_min_spi = dev->inb.no_inl_dev ? dev->inb.min_spi : 0;
+ nix->ipsec_in_max_spi = dev->inb.no_inl_dev ? dev->inb.max_spi : 1;
+
/* Setup Inline Inbound */
rc = roc_nix_inl_inb_init(nix);
if (rc) {
@@ -273,8 +273,11 @@ TAILQ_HEAD(cnxk_eth_sec_sess_list, cnxk_eth_sec_sess);
/* Inbound security data */
struct cnxk_eth_dev_sec_inb {
+ /* IPSec inbound min SPI */
+ uint32_t min_spi;
+
/* IPSec inbound max SPI */
- uint16_t max_spi;
+ uint32_t max_spi;
/* Using inbound with inline device */
bool inl_dev;
@@ -320,12 +320,11 @@ cnxk_ethdev_parse_devargs(struct rte_devargs *devargs, struct cnxk_eth_dev *dev)
null_devargs:
dev->scalar_ena = !!scalar_enable;
dev->inb.no_inl_dev = !!no_inl_dev;
+ dev->inb.min_spi = ipsec_in_min_spi;
dev->inb.max_spi = ipsec_in_max_spi;
dev->outb.max_sa = ipsec_out_max_sa;
dev->outb.nb_desc = outb_nb_desc;
dev->outb.nb_crypto_qs = outb_nb_crypto_qs;
- dev->nix.ipsec_in_min_spi = ipsec_in_min_spi;
- dev->nix.ipsec_in_max_spi = ipsec_in_max_spi;
dev->nix.ipsec_out_max_sa = ipsec_out_max_sa;
dev->nix.rss_tag_as_xor = !!rss_tag_as_xor;
dev->nix.max_sqb_count = sqb_count;