diff mbox series

examples/ipsec-secgw: fix wrong session size

Message ID 1536299726-20927-1-git-send-email-anoob.joseph@caviumnetworks.com (mailing list archive)
State Accepted, archived
Delegated to: akhil goyal
Headers
Series examples/ipsec-secgw: fix wrong session size |

Checks

Context Check Description
ci/checkpatch success coding style OK
ci/Intel-compilation success Compilation OK

Commit Message

Anoob Joseph Sept. 7, 2018, 5:55 a.m. UTC 
  Crypto devices, which support lookaside protocol, exposes security
session size in addition to the crypto private symmetric session data
size. For applications using the security capabilities, both these
sizes need to be considered.

Fixes: ec17993a145a ("examples/ipsec-secgw: support security offload")

Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
Signed-off-by: Archana Muniganti <muniganti.archana@caviumnetworks.com>
---
 examples/ipsec-secgw/ipsec-secgw.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

Comments

Anoob Joseph Sept. 25, 2018, 10:52 a.m. UTC | #1 
Hi Akhil, Radu,

Can you please review this patch and let me know your thoughts?

Anoob

On 07-09-2018 11:25, Anoob Joseph wrote:
> Crypto devices, which support lookaside protocol, exposes security
> session size in addition to the crypto private symmetric session data
> size. For applications using the security capabilities, both these
> sizes need to be considered.
>
> Fixes: ec17993a145a ("examples/ipsec-secgw: support security offload")
>
> Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
> Signed-off-by: Archana Muniganti <muniganti.archana@caviumnetworks.com>
> ---
>   examples/ipsec-secgw/ipsec-secgw.c | 18 ++++++++++++++++++
>   1 file changed, 18 insertions(+)
>
> diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
> index b45b87b..47ac26a 100644
> --- a/examples/ipsec-secgw/ipsec-secgw.c
> +++ b/examples/ipsec-secgw/ipsec-secgw.c
> @@ -1392,9 +1392,27 @@ cryptodevs_init(void)
>   
>   	uint32_t max_sess_sz = 0, sess_sz;
>   	for (cdev_id = 0; cdev_id < rte_cryptodev_count(); cdev_id++) {
> +		void *sec_ctx;
> +
> +		/* Get crypto priv session size */
>   		sess_sz = rte_cryptodev_sym_get_private_session_size(cdev_id);
>   		if (sess_sz > max_sess_sz)
>   			max_sess_sz = sess_sz;
> +
> +		/*
> +		 * If crypto device is security capable, need to check the
> +		 * size of security session as well.
> +		 */
> +
> +		/* Get security context of the crypto device */
> +		sec_ctx = rte_cryptodev_get_sec_ctx(cdev_id);
> +		if (sec_ctx == NULL)
> +			continue;
> +
> +		/* Get size of security session */
> +		sess_sz = rte_security_session_get_size(sec_ctx);
> +		if (sess_sz > max_sess_sz)
> +			max_sess_sz = sess_sz;
>   	}
>   	RTE_ETH_FOREACH_DEV(port_id) {
>   		void *sec_ctx;
Akhil Goyal Sept. 25, 2018, 11:01 a.m. UTC | #2 
On 9/7/2018 11:25 AM, Anoob Joseph wrote:
> Crypto devices, which support lookaside protocol, exposes security
> session size in addition to the crypto private symmetric session data
> size. For applications using the security capabilities, both these
> sizes need to be considered.
>
> Fixes: ec17993a145a ("examples/ipsec-secgw: support security offload")
>
> Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
> Signed-off-by: Archana Muniganti <muniganti.archana@caviumnetworks.com>
> ---
>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Akhil Goyal Sept. 26, 2018, 12:26 p.m. UTC | #3 
On 9/7/2018 11:25 AM, Anoob Joseph wrote:
> Crypto devices, which support lookaside protocol, exposes security
> session size in addition to the crypto private symmetric session data
> size. For applications using the security capabilities, both these
> sizes need to be considered.
>
> Fixes: ec17993a145a ("examples/ipsec-secgw: support security offload")
>
> Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
> Signed-off-by: Archana Muniganti <muniganti.archana@caviumnetworks.com>
> ---
>   examples/ipsec-secgw/ipsec-secgw.c | 18 ++++++++++++++++++
>   1 file changed, 18 insertions(+)
>
cc: stable@dpdk.org
Applied to dpdk-next-crypto

Thanks
diff mbox series

Patch

diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
index b45b87b..47ac26a 100644
--- a/examples/ipsec-secgw/ipsec-secgw.c
+++ b/examples/ipsec-secgw/ipsec-secgw.c
@@ -1392,9 +1392,27 @@  cryptodevs_init(void)
 
 	uint32_t max_sess_sz = 0, sess_sz;
 	for (cdev_id = 0; cdev_id < rte_cryptodev_count(); cdev_id++) {
+		void *sec_ctx;
+
+		/* Get crypto priv session size */
 		sess_sz = rte_cryptodev_sym_get_private_session_size(cdev_id);
 		if (sess_sz > max_sess_sz)
 			max_sess_sz = sess_sz;
+
+		/*
+		 * If crypto device is security capable, need to check the
+		 * size of security session as well.
+		 */
+
+		/* Get security context of the crypto device */
+		sec_ctx = rte_cryptodev_get_sec_ctx(cdev_id);
+		if (sec_ctx == NULL)
+			continue;
+
+		/* Get size of security session */
+		sess_sz = rte_security_session_get_size(sec_ctx);
+		if (sess_sz > max_sess_sz)
+			max_sess_sz = sess_sz;
 	}
 	RTE_ETH_FOREACH_DEV(port_id) {
 		void *sec_ctx;