RE: [EXT] [PATCH v2] examples/ipsec-secgw: fix cryptodev to SA mapping

Sun, 25 Feb 2024 20:49:15 -0800 

Hi Radu,

Using same session across multiple devices would only work if the device 
instances are same. For example, if you use QAT device 0 & QAT device 1, then 
the sharing is okay. But if we have QAT and some SW crypto PMD, then the same 
session will not work. Is it possible to throw a warning when the crypto 
devices are not of same type?

Thanks,
Anoob

> -----Original Message-----
> From: Radu Nicolau <radu.nico...@intel.com>
> Sent: Friday, February 23, 2024 4:31 PM
> To: dev@dpdk.org
> Cc: Radu Nicolau <radu.nico...@intel.com>; sta...@dpdk.org; Volodymyr Fialko
> <vfia...@marvell.com>; Ting-Kai Ku <ting-kai...@intel.com>; Ciara Power
> <ciara.po...@intel.com>; Kai Ji <kai...@intel.com>; Akhil Goyal
> <gak...@marvell.com>
> Subject: [EXT] [PATCH v2] examples/ipsec-secgw: fix cryptodev to SA mapping
> 
> External Email
> 
> ----------------------------------------------------------------------
> There are use cases where a SA should be able to use different cryptodevs on
> different lcores, for example there can be cryptodevs with just 1 qp per VF.
> For this purpose this patch relaxes the check in create lookaside session 
> function.
> Also add a check to verify that a CQP is available for the current lcore.
> 
> Fixes: a8ade12123c3 ("examples/ipsec-secgw: create lookaside sessions at 
> init")
> Cc: sta...@dpdk.org
> Cc: vfia...@marvell.com
> 
> Signed-off-by: Radu Nicolau <radu.nico...@intel.com>
> Signed-off-by: Radu Nicolau <radu.nico...@intel.com>
> Tested-by: Ting-Kai Ku <ting-kai...@intel.com>
> Signed-off-by: Radu Nicolau <radu.nico...@intel.com>
> Acked-by: Ciara Power <ciara.po...@intel.com>
> Acked-by: Kai Ji <kai...@intel.com>
> ---
> v2: add likely to CQP available branch
> 
>  examples/ipsec-secgw/ipsec.c | 13 ++++++++-----
>  1 file changed, 8 insertions(+), 5 deletions(-)
> 
> diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c index
> f5cec4a928..7bb9646736 100644
> --- a/examples/ipsec-secgw/ipsec.c
> +++ b/examples/ipsec-secgw/ipsec.c
> @@ -288,10 +288,9 @@ create_lookaside_session(struct ipsec_ctx
> *ipsec_ctx_lcore[],
>               if (cdev_id == RTE_CRYPTO_MAX_DEVS)
>                       cdev_id = ipsec_ctx->tbl[cdev_id_qp].id;
>               else if (cdev_id != ipsec_ctx->tbl[cdev_id_qp].id) {
> -                     RTE_LOG(ERR, IPSEC,
> -                                     "SA mapping to multiple cryptodevs is "
> -                                     "not supported!");
> -                     return -EINVAL;
> +                     RTE_LOG(WARNING, IPSEC,
> +                             "SA mapped to multiple cryptodevs for SPI
> %d\n",
> +                             sa->spi);
>               }
> 
>               /* Store per core queue pair information */ @@ -908,7 +907,11
> @@ ipsec_enqueue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
>                       continue;
>               }
> 
> -             enqueue_cop(sa->cqp[ipsec_ctx->lcore_id], &priv->cop);
> +             if (likely(sa->cqp[ipsec_ctx->lcore_id]))
> +                     enqueue_cop(sa->cqp[ipsec_ctx->lcore_id], &priv->cop);
> +             else
> +                     RTE_LOG(ERR, IPSEC, "No CQP available for lcore %d\n",
> +                                     ipsec_ctx->lcore_id);
>       }
>  }
> 
> --
> 2.34.1

Reply via email to