Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/64676/?format=api
{ "id": 64676, "url": "http://patches.dpdk.org/api/patches/64676/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/patch/1579012036-326214-6-git-send-email-vladimir.medvedkin@intel.com/", "project": { "id": 1, "url": "http://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<1579012036-326214-6-git-send-email-vladimir.medvedkin@intel.com>", "list_archive_url": "https://inbox.dpdk.org/dev/1579012036-326214-6-git-send-email-vladimir.medvedkin@intel.com", "date": "2020-01-14T14:27:16", "name": "[v4,5/5] examples/ipsec-secgw: get rid of maximum sp limitation", "commit_ref": null, "pull_url": null, "state": "changes-requested", "archived": true, "hash": "df228887006fa976d1b325a950898e3ed410246f", "submitter": { "id": 1216, "url": "http://patches.dpdk.org/api/people/1216/?format=api", "name": "Vladimir Medvedkin", "email": "vladimir.medvedkin@intel.com" }, "delegate": { "id": 6690, "url": "http://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "http://patches.dpdk.org/project/dpdk/patch/1579012036-326214-6-git-send-email-vladimir.medvedkin@intel.com/mbox/", "series": [ { "id": 8120, "url": "http://patches.dpdk.org/api/series/8120/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=8120", "date": "2020-01-14T14:27:11", "name": "integrate librte_ipsec SAD into ipsec-secgw", "version": 4, "mbox": "http://patches.dpdk.org/series/8120/mbox/" } ], "comments": "http://patches.dpdk.org/api/patches/64676/comments/", "check": "fail", "checks": "http://patches.dpdk.org/api/patches/64676/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from dpdk.org (dpdk.org [92.243.14.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id EAF7FA04FF;\n\tTue, 14 Jan 2020 15:28:06 +0100 (CET)", "from [92.243.14.124] (localhost [127.0.0.1])\n\tby dpdk.org (Postfix) with ESMTP id 9AE3D1C1DE;\n\tTue, 14 Jan 2020 15:27:34 +0100 (CET)", "from mga07.intel.com (mga07.intel.com [134.134.136.100])\n by dpdk.org (Postfix) with ESMTP id 2247B1C1C7\n for <dev@dpdk.org>; Tue, 14 Jan 2020 15:27:25 +0100 (CET)", "from fmsmga002.fm.intel.com ([10.253.24.26])\n by orsmga105.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;\n 14 Jan 2020 06:27:25 -0800", "from silpixa00400072.ir.intel.com ([10.237.222.213])\n by fmsmga002.fm.intel.com with ESMTP; 14 Jan 2020 06:27:24 -0800" ], "X-Amp-Result": "SKIPPED(no attachment in message)", "X-Amp-File-Uploaded": "False", "X-ExtLoop1": "1", "X-IronPort-AV": "E=Sophos;i=\"5.69,433,1571727600\"; d=\"scan'208\";a=\"256316540\"", "From": "Vladimir Medvedkin <vladimir.medvedkin@intel.com>", "To": "dev@dpdk.org", "Cc": "konstantin.ananyev@intel.com,\n\takhil.goyal@nxp.com", "Date": "Tue, 14 Jan 2020 14:27:16 +0000", "Message-Id": "<1579012036-326214-6-git-send-email-vladimir.medvedkin@intel.com>", "X-Mailer": "git-send-email 2.7.4", "In-Reply-To": [ "<1579012036-326214-1-git-send-email-vladimir.medvedkin@intel.com>", "<1578920122-228017-1-git-send-email-vladimir.medvedkin@intel.com>" ], "References": [ "<1579012036-326214-1-git-send-email-vladimir.medvedkin@intel.com>", "<1578920122-228017-1-git-send-email-vladimir.medvedkin@intel.com>" ], "Subject": "[dpdk-dev] [PATCH v4 5/5] examples/ipsec-secgw: get rid of maximum\n\tsp limitation", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.15", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "Get rid of maximum SP limitation.\nKeep parsed SP's into the sorted by SPI value array.\nUse binary search in the sorted SP array to find appropriate SP\nfor a given SPI.\n\nSigned-off-by: Vladimir Medvedkin <vladimir.medvedkin@intel.com>\n---\n examples/ipsec-secgw/parser.c | 2 +\n examples/ipsec-secgw/parser.h | 6 +++\n examples/ipsec-secgw/sp4.c | 90 +++++++++++++++++++++++++++++++++----------\n examples/ipsec-secgw/sp6.c | 88 ++++++++++++++++++++++++++++++++----------\n 4 files changed, 144 insertions(+), 42 deletions(-)", "diff": "diff --git a/examples/ipsec-secgw/parser.c b/examples/ipsec-secgw/parser.c\nindex 67df170..65eb7e9 100644\n--- a/examples/ipsec-secgw/parser.c\n+++ b/examples/ipsec-secgw/parser.c\n@@ -643,6 +643,8 @@ parse_cfg_file(const char *cfg_filename)\n \tfclose(f);\n \n \tsa_sort_arr();\n+\tsp4_sort_arr();\n+\tsp6_sort_arr();\n \n \treturn 0;\n \ndiff --git a/examples/ipsec-secgw/parser.h b/examples/ipsec-secgw/parser.h\nindex 1f8bd3e..6e764fe 100644\n--- a/examples/ipsec-secgw/parser.h\n+++ b/examples/ipsec-secgw/parser.h\n@@ -67,10 +67,16 @@ int\n parse_range(const char *token, uint16_t *low, uint16_t *high);\n \n void\n+sp4_sort_arr(void);\n+\n+void\n parse_sp4_tokens(char **tokens, uint32_t n_tokens,\n \tstruct parse_status *status);\n \n void\n+sp6_sort_arr(void);\n+\n+void\n parse_sp6_tokens(char **tokens, uint32_t n_tokens,\n \tstruct parse_status *status);\n \ndiff --git a/examples/ipsec-secgw/sp4.c b/examples/ipsec-secgw/sp4.c\nindex 1dcec52..beddd7b 100644\n--- a/examples/ipsec-secgw/sp4.c\n+++ b/examples/ipsec-secgw/sp4.c\n@@ -15,7 +15,7 @@\n #include \"ipsec.h\"\n #include \"parser.h\"\n \n-#define MAX_ACL_RULE_NUM\t1024\n+#define INIT_ACL_RULE_NUM\t128\n \n #define IPV4_DST_FROM_SP(acr) \\\n \t\t(rte_cpu_to_be_32((acr).field[DST_FIELD_IPV4].value.u32))\n@@ -97,11 +97,39 @@ static struct rte_acl_field_def ip4_defs[NUM_FIELDS_IPV4] = {\n \n RTE_ACL_RULE_DEF(acl4_rules, RTE_DIM(ip4_defs));\n \n-static struct acl4_rules acl4_rules_out[MAX_ACL_RULE_NUM];\n+static struct acl4_rules *acl4_rules_out;\n static uint32_t nb_acl4_rules_out;\n+static uint32_t sp_out_sz;\n \n-static struct acl4_rules acl4_rules_in[MAX_ACL_RULE_NUM];\n+static struct acl4_rules *acl4_rules_in;\n static uint32_t nb_acl4_rules_in;\n+static uint32_t sp_in_sz;\n+\n+static int\n+extend_sp_arr(struct acl4_rules **sp_tbl, uint32_t cur_cnt, uint32_t *cur_sz)\n+{\n+\tif (*sp_tbl == NULL) {\n+\t\t*sp_tbl = calloc(INIT_ACL_RULE_NUM, sizeof(struct acl4_rules));\n+\t\tif (*sp_tbl == NULL)\n+\t\t\treturn -1;\n+\t\t*cur_sz = INIT_ACL_RULE_NUM;\n+\t\treturn 0;\n+\t}\n+\n+\tif (cur_cnt >= *cur_sz) {\n+\t\t*sp_tbl = realloc(*sp_tbl,\n+\t\t\t*cur_sz * sizeof(struct acl4_rules) * 2);\n+\t\tif (*sp_tbl == NULL)\n+\t\t\treturn -1;\n+\t\t/* clean reallocated extra space */\n+\t\tmemset(&(*sp_tbl)[*cur_sz], 0,\n+\t\t\t*cur_sz * sizeof(struct acl4_rules));\n+\t\t*cur_sz *= 2;\n+\t}\n+\n+\treturn 0;\n+}\n+\n \n void\n parse_sp4_tokens(char **tokens, uint32_t n_tokens,\n@@ -127,9 +155,8 @@ parse_sp4_tokens(char **tokens, uint32_t n_tokens,\n \tif (strcmp(tokens[1], \"in\") == 0) {\n \t\tri = &nb_acl4_rules_in;\n \n-\t\tAPP_CHECK(*ri <= MAX_ACL_RULE_NUM - 1, status,\n-\t\t\t\"too many sp rules, abort insertion\\n\");\n-\t\tif (status->status < 0)\n+\t\tif (extend_sp_arr(&acl4_rules_in, nb_acl4_rules_in,\n+\t\t\t\t&sp_in_sz) < 0)\n \t\t\treturn;\n \n \t\trule_ipv4 = &acl4_rules_in[*ri];\n@@ -137,9 +164,8 @@ parse_sp4_tokens(char **tokens, uint32_t n_tokens,\n \t} else if (strcmp(tokens[1], \"out\") == 0) {\n \t\tri = &nb_acl4_rules_out;\n \n-\t\tAPP_CHECK(*ri <= MAX_ACL_RULE_NUM - 1, status,\n-\t\t\t\"too many sp rules, abort insertion\\n\");\n-\t\tif (status->status < 0)\n+\t\tif (extend_sp_arr(&acl4_rules_out, nb_acl4_rules_out,\n+\t\t\t\t&sp_out_sz) < 0)\n \t\t\treturn;\n \n \t\trule_ipv4 = &acl4_rules_out[*ri];\n@@ -451,7 +477,7 @@ acl4_init(const char *name, int32_t socketid, const struct acl4_rules *rules,\n \tstruct rte_acl_config acl_build_param;\n \tstruct rte_acl_ctx *ctx;\n \n-\tprintf(\"Creating SP context with %u max rules\\n\", MAX_ACL_RULE_NUM);\n+\tprintf(\"Creating SP context with %u rules\\n\", rules_nb);\n \n \tmemset(&acl_param, 0, sizeof(acl_param));\n \n@@ -464,7 +490,7 @@ acl4_init(const char *name, int32_t socketid, const struct acl4_rules *rules,\n \tacl_param.name = s;\n \tacl_param.socket_id = socketid;\n \tacl_param.rule_size = RTE_ACL_RULE_SZ(RTE_DIM(ip4_defs));\n-\tacl_param.max_rule_num = MAX_ACL_RULE_NUM;\n+\tacl_param.max_rule_num = rules_nb;\n \n \tctx = rte_acl_create(&acl_param);\n \tif (ctx == NULL)\n@@ -566,6 +592,16 @@ sp4_init(struct socket_ctx *ctx, int32_t socket_id)\n \t\t\t\"specified\\n\");\n }\n \n+static int\n+sp_cmp(const void *p, const void *q)\n+{\n+\tuint32_t spi1 = ((const struct acl4_rules *)p)->data.userdata;\n+\tuint32_t spi2 = ((const struct acl4_rules *)q)->data.userdata;\n+\n+\treturn (int)(spi1 - spi2);\n+}\n+\n+\n /*\n * Search though SP rules for given SPI.\n */\n@@ -573,8 +609,10 @@ int\n sp4_spi_present(uint32_t spi, int inbound, struct ip_addr ip_addr[2],\n \t\t\tuint32_t mask[2])\n {\n-\tuint32_t i, num;\n+\tuint32_t num;\n+\tstruct acl4_rules *rule;\n \tconst struct acl4_rules *acr;\n+\tstruct acl4_rules tmpl;\n \n \tif (inbound != 0) {\n \t\tacr = acl4_rules_in;\n@@ -584,17 +622,27 @@ sp4_spi_present(uint32_t spi, int inbound, struct ip_addr ip_addr[2],\n \t\tnum = nb_acl4_rules_out;\n \t}\n \n-\tfor (i = 0; i != num; i++) {\n-\t\tif (acr[i].data.userdata == spi) {\n-\t\t\tif (NULL != ip_addr && NULL != mask) {\n-\t\t\t\tip_addr[0].ip.ip4 = IPV4_SRC_FROM_SP(acr[i]);\n-\t\t\t\tip_addr[1].ip.ip4 = IPV4_DST_FROM_SP(acr[i]);\n-\t\t\t\tmask[0] = IPV4_SRC_MASK_FROM_SP(acr[i]);\n-\t\t\t\tmask[1] = IPV4_DST_MASK_FROM_SP(acr[i]);\n-\t\t\t}\n-\t\t\treturn i;\n+\ttmpl.data.userdata = spi;\n+\n+\trule = bsearch(&tmpl, acr, num, sizeof(struct acl4_rules), sp_cmp);\n+\tif (rule != NULL) {\n+\t\tif (NULL != ip_addr && NULL != mask) {\n+\t\t\tip_addr[0].ip.ip4 = IPV4_SRC_FROM_SP(*rule);\n+\t\t\tip_addr[1].ip.ip4 = IPV4_DST_FROM_SP(*rule);\n+\t\t\tmask[0] = IPV4_SRC_MASK_FROM_SP(*rule);\n+\t\t\tmask[1] = IPV4_DST_MASK_FROM_SP(*rule);\n \t\t}\n+\t\treturn RTE_PTR_DIFF(rule, acr) / sizeof(struct acl4_rules);\n \t}\n \n \treturn -ENOENT;\n }\n+\n+void\n+sp4_sort_arr(void)\n+{\n+\tqsort(acl4_rules_in, nb_acl4_rules_in, sizeof(struct acl4_rules),\n+\t\tsp_cmp);\n+\tqsort(acl4_rules_out, nb_acl4_rules_out, sizeof(struct acl4_rules),\n+\t\tsp_cmp);\n+}\ndiff --git a/examples/ipsec-secgw/sp6.c b/examples/ipsec-secgw/sp6.c\nindex b489e15..328e085 100644\n--- a/examples/ipsec-secgw/sp6.c\n+++ b/examples/ipsec-secgw/sp6.c\n@@ -15,7 +15,7 @@\n #include \"ipsec.h\"\n #include \"parser.h\"\n \n-#define MAX_ACL_RULE_NUM\t1024\n+#define INIT_ACL_RULE_NUM\t128\n \n #define IPV6_FROM_SP(acr, fidx_low, fidx_high) \\\n \t\t(((uint64_t)(acr).field[(fidx_high)].value.u32 << 32) | \\\n@@ -146,11 +146,38 @@ static struct rte_acl_field_def ip6_defs[IP6_NUM] = {\n \n RTE_ACL_RULE_DEF(acl6_rules, RTE_DIM(ip6_defs));\n \n-static struct acl6_rules acl6_rules_out[MAX_ACL_RULE_NUM];\n+static struct acl6_rules *acl6_rules_out;\n static uint32_t nb_acl6_rules_out;\n+static uint32_t sp_out_sz;\n \n-static struct acl6_rules acl6_rules_in[MAX_ACL_RULE_NUM];\n+static struct acl6_rules *acl6_rules_in;\n static uint32_t nb_acl6_rules_in;\n+static uint32_t sp_in_sz;\n+\n+static int\n+extend_sp_arr(struct acl6_rules **sp_tbl, uint32_t cur_cnt, uint32_t *cur_sz)\n+{\n+\tif (*sp_tbl == NULL) {\n+\t\t*sp_tbl = calloc(INIT_ACL_RULE_NUM, sizeof(struct acl6_rules));\n+\t\tif (*sp_tbl == NULL)\n+\t\t\treturn -1;\n+\t\t*cur_sz = INIT_ACL_RULE_NUM;\n+\t\treturn 0;\n+\t}\n+\n+\tif (cur_cnt >= *cur_sz) {\n+\t\t*sp_tbl = realloc(*sp_tbl,\n+\t\t\t*cur_sz * sizeof(struct acl6_rules) * 2);\n+\t\tif (*sp_tbl == NULL)\n+\t\t\treturn -1;\n+\t\t/* clean reallocated extra space */\n+\t\tmemset(&(*sp_tbl)[*cur_sz], 0,\n+\t\t\t*cur_sz * sizeof(struct acl6_rules));\n+\t\t*cur_sz *= 2;\n+\t}\n+\n+\treturn 0;\n+}\n \n void\n parse_sp6_tokens(char **tokens, uint32_t n_tokens,\n@@ -176,9 +203,8 @@ parse_sp6_tokens(char **tokens, uint32_t n_tokens,\n \tif (strcmp(tokens[1], \"in\") == 0) {\n \t\tri = &nb_acl6_rules_in;\n \n-\t\tAPP_CHECK(*ri <= MAX_ACL_RULE_NUM - 1, status, \"too \"\n-\t\t\t\"many sp rules, abort insertion\\n\");\n-\t\tif (status->status < 0)\n+\t\tif (extend_sp_arr(&acl6_rules_in, nb_acl6_rules_in,\n+\t\t\t\t&sp_in_sz) < 0)\n \t\t\treturn;\n \n \t\trule_ipv6 = &acl6_rules_in[*ri];\n@@ -186,9 +212,8 @@ parse_sp6_tokens(char **tokens, uint32_t n_tokens,\n \t} else if (strcmp(tokens[1], \"out\") == 0) {\n \t\tri = &nb_acl6_rules_out;\n \n-\t\tAPP_CHECK(*ri <= MAX_ACL_RULE_NUM - 1, status, \"too \"\n-\t\t\t\"many sp rules, abort insertion\\n\");\n-\t\tif (status->status < 0)\n+\t\tif (extend_sp_arr(&acl6_rules_out, nb_acl6_rules_out,\n+\t\t\t\t&sp_out_sz) < 0)\n \t\t\treturn;\n \n \t\trule_ipv6 = &acl6_rules_out[*ri];\n@@ -583,7 +608,7 @@ acl6_init(const char *name, int32_t socketid, const struct acl6_rules *rules,\n \tstruct rte_acl_config acl_build_param;\n \tstruct rte_acl_ctx *ctx;\n \n-\tprintf(\"Creating SP context with %u max rules\\n\", MAX_ACL_RULE_NUM);\n+\tprintf(\"Creating SP context with %u rules\\n\", rules_nb);\n \n \tmemset(&acl_param, 0, sizeof(acl_param));\n \n@@ -596,7 +621,7 @@ acl6_init(const char *name, int32_t socketid, const struct acl6_rules *rules,\n \tacl_param.name = s;\n \tacl_param.socket_id = socketid;\n \tacl_param.rule_size = RTE_ACL_RULE_SZ(RTE_DIM(ip6_defs));\n-\tacl_param.max_rule_num = MAX_ACL_RULE_NUM;\n+\tacl_param.max_rule_num = rules_nb;\n \n \tctx = rte_acl_create(&acl_param);\n \tif (ctx == NULL)\n@@ -698,6 +723,15 @@ sp6_init(struct socket_ctx *ctx, int32_t socket_id)\n \t\t\t\"specified\\n\");\n }\n \n+static int\n+sp_cmp(const void *p, const void *q)\n+{\n+\tuint32_t spi1 = ((const struct acl6_rules *)p)->data.userdata;\n+\tuint32_t spi2 = ((const struct acl6_rules *)q)->data.userdata;\n+\n+\treturn (int)(spi1 - spi2);\n+}\n+\n /*\n * Search though SP rules for given SPI.\n */\n@@ -705,8 +739,10 @@ int\n sp6_spi_present(uint32_t spi, int inbound, struct ip_addr ip_addr[2],\n \t\t\tuint32_t mask[2])\n {\n-\tuint32_t i, num;\n+\tuint32_t num;\n+\tstruct acl6_rules *rule;\n \tconst struct acl6_rules *acr;\n+\tstruct acl6_rules tmpl;\n \n \tif (inbound != 0) {\n \t\tacr = acl6_rules_in;\n@@ -716,17 +752,27 @@ sp6_spi_present(uint32_t spi, int inbound, struct ip_addr ip_addr[2],\n \t\tnum = nb_acl6_rules_out;\n \t}\n \n-\tfor (i = 0; i != num; i++) {\n-\t\tif (acr[i].data.userdata == spi) {\n-\t\t\tif (NULL != ip_addr && NULL != mask) {\n-\t\t\t\tIPV6_SRC_FROM_SP(ip_addr[0], acr[i]);\n-\t\t\t\tIPV6_DST_FROM_SP(ip_addr[1], acr[i]);\n-\t\t\t\tIPV6_SRC_MASK_FROM_SP(mask[0], acr[i]);\n-\t\t\t\tIPV6_DST_MASK_FROM_SP(mask[1], acr[i]);\n-\t\t\t}\n-\t\t\treturn i;\n+\ttmpl.data.userdata = spi;\n+\n+\trule = bsearch(&tmpl, acr, num, sizeof(struct acl6_rules), sp_cmp);\n+\tif (rule != NULL) {\n+\t\tif (NULL != ip_addr && NULL != mask) {\n+\t\t\tIPV6_SRC_FROM_SP(ip_addr[0], *rule);\n+\t\t\tIPV6_DST_FROM_SP(ip_addr[1], *rule);\n+\t\t\tIPV6_SRC_MASK_FROM_SP(mask[0], *rule);\n+\t\t\tIPV6_DST_MASK_FROM_SP(mask[1], *rule);\n \t\t}\n+\t\treturn RTE_PTR_DIFF(rule, acr) / sizeof(struct acl6_rules);\n \t}\n \n \treturn -ENOENT;\n }\n+\n+void\n+sp6_sort_arr(void)\n+{\n+\tqsort(acl6_rules_in, nb_acl6_rules_in, sizeof(struct acl6_rules),\n+\t\tsp_cmp);\n+\tqsort(acl6_rules_out, nb_acl6_rules_out, sizeof(struct acl6_rules),\n+\t\tsp_cmp);\n+}\n", "prefixes": [ "v4", "5/5" ] }