Also moved offloaded packets from cryptodev queues

Signed-off-by: Radu Nicolau <radu.nico...@intel.com>
---
 examples/ipsec-secgw/ipsec-secgw.c | 42 +++++++++++++++++++++++++++++++++++++-
 examples/ipsec-secgw/ipsec.c       | 31 ++++++++++++++--------------
 examples/ipsec-secgw/ipsec.h       |  4 ++--
 3 files changed, 58 insertions(+), 19 deletions(-)

diff --git a/examples/ipsec-secgw/ipsec-secgw.c 
b/examples/ipsec-secgw/ipsec-secgw.c
index c98454a..08d5b5a 100644
--- a/examples/ipsec-secgw/ipsec-secgw.c
+++ b/examples/ipsec-secgw/ipsec-secgw.c
@@ -1244,7 +1244,7 @@ cryptodevs_init(void)
        struct rte_cryptodev_config dev_conf;
        struct rte_cryptodev_qp_conf qp_conf;
        uint16_t idx, max_nb_qps, qp, i;
-       int16_t cdev_id;
+       int16_t cdev_id, port_id;
        struct rte_hash_parameters params = { 0 };
 
        params.entries = CDEV_MAP_ENTRIES;
@@ -1273,6 +1273,14 @@ cryptodevs_init(void)
                if (sess_sz > max_sess_sz)
                        max_sess_sz = sess_sz;
        }
+       for (port_id = 0; port_id < rte_eth_dev_count(); port_id++) {
+               if ((enabled_port_mask & (1 << port_id)) == 0)
+                       continue;
+               sess_sz = rte_security_session_get_size(
+                               rte_eth_dev_get_sec_ctx(port_id));
+               if (sess_sz > max_sess_sz)
+                       max_sess_sz = sess_sz;
+       }
 
        idx = 0;
        /* Start from last cdev id to give HW priority */
@@ -1343,6 +1351,38 @@ cryptodevs_init(void)
                                        cdev_id);
        }
 
+       /* create session pools for eth devices that implement security */
+       for (port_id = 0; port_id < rte_eth_dev_count(); port_id++) {
+               if ((enabled_port_mask & (1 << port_id)) &&
+                               rte_eth_dev_get_sec_ctx(port_id)) {
+                       int socket_id = rte_eth_dev_socket_id(port_id);
+
+                       if (!socket_ctx[socket_id].session_pool) {
+                               char mp_name[RTE_MEMPOOL_NAMESIZE];
+                               struct rte_mempool *sess_mp;
+
+                               snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
+                                               "sess_mp_%u", socket_id);
+                               sess_mp = rte_mempool_create(mp_name,
+                                               CDEV_MP_NB_OBJS,
+                                               max_sess_sz,
+                                               CDEV_MP_CACHE_SZ,
+                                               0, NULL, NULL, NULL,
+                                               NULL, socket_id,
+                                               0);
+                               if (sess_mp == NULL)
+                                       rte_exit(EXIT_FAILURE,
+                                               "Cannot create session pool "
+                                               "on socket %d\n", socket_id);
+                               else
+                                       printf("Allocated session pool "
+                                               "on socket %d\n", socket_id);
+                               socket_ctx[socket_id].session_pool = sess_mp;
+                       }
+               }
+       }
+
+
        printf("\n");
 
        return 0;
diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c
index 70ed227..708f29e 100644
--- a/examples/ipsec-secgw/ipsec.c
+++ b/examples/ipsec-secgw/ipsec.c
@@ -266,7 +266,6 @@ ipsec_enqueue(ipsec_xform_fn xform_func, struct ipsec_ctx 
*ipsec_ctx,
        struct ipsec_mbuf_metadata *priv;
        struct rte_crypto_sym_op *sym_cop;
        struct ipsec_sa *sa;
-       struct cdev_qp *cqp;
 
        for (i = 0; i < nb_pkts; i++) {
                if (unlikely(sas[i] == NULL)) {
@@ -345,8 +344,7 @@ ipsec_enqueue(ipsec_xform_fn xform_func, struct ipsec_ctx 
*ipsec_ctx,
                                continue;
                        }
 
-                       cqp = &ipsec_ctx->tbl[sa->cdev_id_qp];
-                       cqp->ol_pkts[cqp->ol_pkts_cnt++] = pkts[i];
+                       ipsec_ctx->ol_pkts[ipsec_ctx->ol_pkts_cnt++] = pkts[i];
                        if (sa->ol_flags & RTE_SECURITY_TX_OLOAD_NEED_MDATA)
                                rte_security_set_pkt_metadata(
                                                sa->security_ctx,
@@ -369,6 +367,20 @@ ipsec_dequeue(ipsec_xform_fn xform_func, struct ipsec_ctx 
*ipsec_ctx,
        struct ipsec_sa *sa;
        struct rte_mbuf *pkt;
 
+       while (ipsec_ctx->ol_pkts_cnt > 0 && nb_pkts < max_pkts) {
+               pkt = ipsec_ctx->ol_pkts[--ipsec_ctx->ol_pkts_cnt];
+               rte_prefetch0(pkt);
+               priv = get_priv(pkt);
+               sa = priv->sa;
+               ret = xform_func(pkt, sa, &priv->cop);
+               if (unlikely(ret)) {
+                       rte_pktmbuf_free(pkt);
+                       continue;
+               }
+               pkts[nb_pkts++] = pkt;
+       }
+
+
        for (i = 0; i < ipsec_ctx->nb_qps && nb_pkts < max_pkts; i++) {
                struct cdev_qp *cqp;
 
@@ -376,19 +388,6 @@ ipsec_dequeue(ipsec_xform_fn xform_func, struct ipsec_ctx 
*ipsec_ctx,
                if (ipsec_ctx->last_qp == ipsec_ctx->nb_qps)
                        ipsec_ctx->last_qp %= ipsec_ctx->nb_qps;
 
-               while (cqp->ol_pkts_cnt > 0 && nb_pkts < max_pkts) {
-                       pkt = cqp->ol_pkts[--cqp->ol_pkts_cnt];
-                       rte_prefetch0(pkt);
-                       priv = get_priv(pkt);
-                       sa = priv->sa;
-                       ret = xform_func(pkt, sa, &priv->cop);
-                       if (unlikely(ret)) {
-                               rte_pktmbuf_free(pkt);
-                               continue;
-                       }
-                       pkts[nb_pkts++] = pkt;
-               }
-
                if (cqp->in_flight == 0)
                        continue;
 
diff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h
index 775b316..eb7b539 100644
--- a/examples/ipsec-secgw/ipsec.h
+++ b/examples/ipsec-secgw/ipsec.h
@@ -159,8 +159,6 @@ struct cdev_qp {
        uint16_t in_flight;
        uint16_t len;
        struct rte_crypto_op *buf[MAX_PKT_BURST] __rte_aligned(sizeof(void *));
-       struct rte_mbuf *ol_pkts[MAX_PKT_BURST] __rte_aligned(sizeof(void *));
-       uint16_t ol_pkts_cnt;
 };
 
 struct ipsec_ctx {
@@ -172,6 +170,8 @@ struct ipsec_ctx {
        uint16_t last_qp;
        struct cdev_qp tbl[MAX_QP_PER_LCORE];
        struct rte_mempool *session_pool;
+       struct rte_mbuf *ol_pkts[MAX_PKT_BURST] __rte_aligned(sizeof(void *));
+       uint16_t ol_pkts_cnt;
 };
 
 struct cdev_key {
-- 
2.7.5

Reply via email to