examples/ipsec-secgw: fix session mempool initialisation
diff mbox series

Message ID 1603807420-268020-1-git-send-email-vladimir.medvedkin@intel.com
State Accepted
Delegated to: akhil goyal
Headers show
Series
  • examples/ipsec-secgw: fix session mempool initialisation
Related show

Checks

Context Check Description
ci/iol-mellanox-Performance success Performance Testing PASS
ci/iol-intel-Performance success Performance Testing PASS
ci/iol-intel-Functional success Functional Testing PASS
ci/iol-testing success Testing PASS
ci/travis-robot success Travis build: passed
ci/Intel-compilation success Compilation OK
ci/checkpatch success coding style OK

Commit Message

Medvedkin, Vladimir Oct. 27, 2020, 2:03 p.m. UTC
Creation of a session mempool may fail in the case of a single lcore
and a low number of SA.

Fixes: e30b2833c47c ("security: update session create API")
Cc: akhil.goyal@nxp.com

Signed-off-by: Vladimir Medvedkin <vladimir.medvedkin@intel.com>
---
 examples/ipsec-secgw/ipsec-secgw.c | 5 +++++
 1 file changed, 5 insertions(+)

Comments

Akhil Goyal Oct. 28, 2020, 12:30 p.m. UTC | #1
Hi Vladimir,

> -----Original Message-----
> From: Vladimir Medvedkin <vladimir.medvedkin@intel.com>
> Sent: Tuesday, October 27, 2020 7:34 PM
> To: dev@dpdk.org
> Cc: Akhil Goyal <akhil.goyal@nxp.com>; Radu Nicolau <radu.nicolau@intel.com>
> Subject: [PATCH] examples/ipsec-secgw: fix session mempool initialisation
> 
> Creation of a session mempool may fail in the case of a single lcore
> and a low number of SA.
> 

I am not able to understand the reason why the number need to be increased.
Could you please explain?

> Fixes: e30b2833c47c ("security: update session create API")
> Cc: akhil.goyal@nxp.com
> 
> Signed-off-by: Vladimir Medvedkin <vladimir.medvedkin@intel.com>
> ---
>  examples/ipsec-secgw/ipsec-secgw.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-
> secgw/ipsec-secgw.c
> index 2219148..935829e 100644
> --- a/examples/ipsec-secgw/ipsec-secgw.c
> +++ b/examples/ipsec-secgw/ipsec-secgw.c
> @@ -65,6 +65,7 @@ volatile bool force_quit;
>  #define CDEV_QUEUE_DESC 2048
>  #define CDEV_MAP_ENTRIES 16384
>  #define CDEV_MP_CACHE_SZ 64
> +#define CDEV_MP_CACHE_MULTIPLIER 1.5 /* from rte_mempool.c */
>  #define MAX_QUEUE_PAIRS 1
> 
>  #define BURST_TX_DRAIN_US 100 /* TX drain every ~100us */
> @@ -2350,6 +2351,8 @@ session_pool_init(struct socket_ctx *ctx, int32_t
> socket_id, size_t sess_sz)
>  			"sess_mp_%u", socket_id);
>  	nb_sess = (get_nb_crypto_sessions() + CDEV_MP_CACHE_SZ *
>  		rte_lcore_count());
> +	nb_sess = RTE_MAX(nb_sess, CDEV_MP_CACHE_SZ *
> +			CDEV_MP_CACHE_MULTIPLIER);
>  	sess_mp = rte_cryptodev_sym_session_pool_create(
>  			mp_name, nb_sess, sess_sz, CDEV_MP_CACHE_SZ, 0,
>  			socket_id);
> @@ -2374,6 +2377,8 @@ session_priv_pool_init(struct socket_ctx *ctx, int32_t
> socket_id,
>  			"sess_mp_priv_%u", socket_id);
>  	nb_sess = (get_nb_crypto_sessions() + CDEV_MP_CACHE_SZ *
>  		rte_lcore_count());
> +	nb_sess = RTE_MAX(nb_sess, CDEV_MP_CACHE_SZ *
> +			CDEV_MP_CACHE_MULTIPLIER);
>  	sess_mp = rte_mempool_create(mp_name,
>  			nb_sess,
>  			sess_sz,
> --
> 2.7.4
Medvedkin, Vladimir Oct. 28, 2020, 12:53 p.m. UTC | #2
Hi Akhil,

On 28/10/2020 12:30, Akhil Goyal wrote:
> Hi Vladimir,
> 
>> -----Original Message-----
>> From: Vladimir Medvedkin <vladimir.medvedkin@intel.com>
>> Sent: Tuesday, October 27, 2020 7:34 PM
>> To: dev@dpdk.org
>> Cc: Akhil Goyal <akhil.goyal@nxp.com>; Radu Nicolau <radu.nicolau@intel.com>
>> Subject: [PATCH] examples/ipsec-secgw: fix session mempool initialisation
>>
>> Creation of a session mempool may fail in the case of a single lcore
>> and a low number of SA.
>>
> 
> I am not able to understand the reason why the number need to be increased.
> Could you please explain?
> 

Sure. Starting ipsec-secgw with 4 configured SA with single lcore fails 
with:

CRYPTODEV: rte_cryptodev_sym_session_pool_create() line 1420: 
rte_cryptodev_sym_session_pool_create(name=sess_mp_0) failed, rte_errno=22

In case when there is only one lcore and number of configures SA less 
then (0.5 * CDEV_MP_CACHE_SZ) then creation of the mempool fails with 
EINVAL. This is because the number of requested items is less than 
(cache size * 1.5)

from rte_mempool_create_empty():

         /* asked cache too big */
         if (cache_size > RTE_MEMPOOL_CACHE_MAX_SIZE ||
             CALC_CACHE_FLUSHTHRESH(cache_size) > n) {
                 rte_errno = EINVAL;
                 return NULL;
         }

, where n is nb_sess and CALC_CACHE_FLUSHTHRESH(cache_size) is just (1.5 
* cache_size). This was mentioned in rte_mempool_create() documentation:
@param cache_size
...
  *   This argument must be lower or equal to
  *   RTE_MEMPOOL_CACHE_MAX_SIZE and n / 1.5.
...

Before https://patches.dpdk.org/patch/81245/ there was no such a problem 
due to multiplying nb_sess by 2.


>> Fixes: e30b2833c47c ("security: update session create API")
>> Cc: akhil.goyal@nxp.com
>>
>> Signed-off-by: Vladimir Medvedkin <vladimir.medvedkin@intel.com>
>> ---
>>   examples/ipsec-secgw/ipsec-secgw.c | 5 +++++
>>   1 file changed, 5 insertions(+)
>>
>> diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-
>> secgw/ipsec-secgw.c
>> index 2219148..935829e 100644
>> --- a/examples/ipsec-secgw/ipsec-secgw.c
>> +++ b/examples/ipsec-secgw/ipsec-secgw.c
>> @@ -65,6 +65,7 @@ volatile bool force_quit;
>>   #define CDEV_QUEUE_DESC 2048
>>   #define CDEV_MAP_ENTRIES 16384
>>   #define CDEV_MP_CACHE_SZ 64
>> +#define CDEV_MP_CACHE_MULTIPLIER 1.5 /* from rte_mempool.c */
>>   #define MAX_QUEUE_PAIRS 1
>>
>>   #define BURST_TX_DRAIN_US 100 /* TX drain every ~100us */
>> @@ -2350,6 +2351,8 @@ session_pool_init(struct socket_ctx *ctx, int32_t
>> socket_id, size_t sess_sz)
>>   			"sess_mp_%u", socket_id);
>>   	nb_sess = (get_nb_crypto_sessions() + CDEV_MP_CACHE_SZ *
>>   		rte_lcore_count());
>> +	nb_sess = RTE_MAX(nb_sess, CDEV_MP_CACHE_SZ *
>> +			CDEV_MP_CACHE_MULTIPLIER);
>>   	sess_mp = rte_cryptodev_sym_session_pool_create(
>>   			mp_name, nb_sess, sess_sz, CDEV_MP_CACHE_SZ, 0,
>>   			socket_id);
>> @@ -2374,6 +2377,8 @@ session_priv_pool_init(struct socket_ctx *ctx, int32_t
>> socket_id,
>>   			"sess_mp_priv_%u", socket_id);
>>   	nb_sess = (get_nb_crypto_sessions() + CDEV_MP_CACHE_SZ *
>>   		rte_lcore_count());
>> +	nb_sess = RTE_MAX(nb_sess, CDEV_MP_CACHE_SZ *
>> +			CDEV_MP_CACHE_MULTIPLIER);
>>   	sess_mp = rte_mempool_create(mp_name,
>>   			nb_sess,
>>   			sess_sz,
>> --
>> 2.7.4
>
Akhil Goyal Oct. 29, 2020, 3:06 p.m. UTC | #3
> Hi Akhil,
> 
> On 28/10/2020 12:30, Akhil Goyal wrote:
> > Hi Vladimir,
> >
> >> -----Original Message-----
> >> From: Vladimir Medvedkin <vladimir.medvedkin@intel.com>
> >> Sent: Tuesday, October 27, 2020 7:34 PM
> >> To: dev@dpdk.org
> >> Cc: Akhil Goyal <akhil.goyal@nxp.com>; Radu Nicolau
> <radu.nicolau@intel.com>
> >> Subject: [PATCH] examples/ipsec-secgw: fix session mempool initialisation
> >>
> >> Creation of a session mempool may fail in the case of a single lcore
> >> and a low number of SA.
> >>
> >
> > I am not able to understand the reason why the number need to be increased.
> > Could you please explain?
> >
> 
> Sure. Starting ipsec-secgw with 4 configured SA with single lcore fails
> with:
> 
> CRYPTODEV: rte_cryptodev_sym_session_pool_create() line 1420:
> rte_cryptodev_sym_session_pool_create(name=sess_mp_0) failed,
> rte_errno=22
> 
> In case when there is only one lcore and number of configures SA less
> then (0.5 * CDEV_MP_CACHE_SZ) then creation of the mempool fails with
> EINVAL. This is because the number of requested items is less than
> (cache size * 1.5)
> 
> from rte_mempool_create_empty():
> 
>          /* asked cache too big */
>          if (cache_size > RTE_MEMPOOL_CACHE_MAX_SIZE ||
>              CALC_CACHE_FLUSHTHRESH(cache_size) > n) {
>                  rte_errno = EINVAL;
>                  return NULL;
>          }
> 
> , where n is nb_sess and CALC_CACHE_FLUSHTHRESH(cache_size) is just (1.5
> * cache_size). This was mentioned in rte_mempool_create() documentation:
> @param cache_size
> ...
>   *   This argument must be lower or equal to
>   *   RTE_MEMPOOL_CACHE_MAX_SIZE and n / 1.5.
> ...
> 
Applied to dpdk-next-crypto

Patch description updated as per the explanation.

Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

Thanks.

Patch
diff mbox series

diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
index 2219148..935829e 100644
--- a/examples/ipsec-secgw/ipsec-secgw.c
+++ b/examples/ipsec-secgw/ipsec-secgw.c
@@ -65,6 +65,7 @@  volatile bool force_quit;
 #define CDEV_QUEUE_DESC 2048
 #define CDEV_MAP_ENTRIES 16384
 #define CDEV_MP_CACHE_SZ 64
+#define CDEV_MP_CACHE_MULTIPLIER 1.5 /* from rte_mempool.c */
 #define MAX_QUEUE_PAIRS 1
 
 #define BURST_TX_DRAIN_US 100 /* TX drain every ~100us */
@@ -2350,6 +2351,8 @@  session_pool_init(struct socket_ctx *ctx, int32_t socket_id, size_t sess_sz)
 			"sess_mp_%u", socket_id);
 	nb_sess = (get_nb_crypto_sessions() + CDEV_MP_CACHE_SZ *
 		rte_lcore_count());
+	nb_sess = RTE_MAX(nb_sess, CDEV_MP_CACHE_SZ *
+			CDEV_MP_CACHE_MULTIPLIER);
 	sess_mp = rte_cryptodev_sym_session_pool_create(
 			mp_name, nb_sess, sess_sz, CDEV_MP_CACHE_SZ, 0,
 			socket_id);
@@ -2374,6 +2377,8 @@  session_priv_pool_init(struct socket_ctx *ctx, int32_t socket_id,
 			"sess_mp_priv_%u", socket_id);
 	nb_sess = (get_nb_crypto_sessions() + CDEV_MP_CACHE_SZ *
 		rte_lcore_count());
+	nb_sess = RTE_MAX(nb_sess, CDEV_MP_CACHE_SZ *
+			CDEV_MP_CACHE_MULTIPLIER);
 	sess_mp = rte_mempool_create(mp_name,
 			nb_sess,
 			sess_sz,