| Message ID | 20220811035933.802-1-anoobj@marvell.com (mailing list archive) |
|---|---|
| Headers |
Return-Path: <dev-bounces@dpdk.org> X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 0A43FA0545; Thu, 11 Aug 2022 05:59:40 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id BE0F640DDA; Thu, 11 Aug 2022 05:59:39 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 6963440A87 for <dev@dpdk.org>; Thu, 11 Aug 2022 05:59:38 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 27ALYk7c030395; Wed, 10 Aug 2022 20:59:37 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=xt4MPrmkaRmg3tTD0fhLmHtLkCmLeu8BtW7SMCaoH7U=; b=KcvvPJ4Bp2w6MrwTwFAVM/FWGFUyIwpVek7D+q/4VBCFX5aYB0lh51obQy8dFKfoFWyb PPTecQg1Ng2/SBdohP0OMWQH2YNlFUiDbUtqETL98qm1JNsv6uPtS9nOw8saYAiikF7s 6TM3cgO5/A4qywrXtgG9SceboxSZtw4o+ohlZmxF9y86ovbJ9uDJQ3+4PxC6a5tpSNFu oXpFx4jXu8nOESV41ANTlPUy60BDztQNoglH9tgNULBAyH+AsznRSF8xL/PORJ4FtIai aDXbrXcMunnBJuvDy8Q5jFvkSVEE87LpI144IvBFkTAXdbgaqmjxfaVaic1Rfw3BWzFp OQ== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3huwr36beg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 10 Aug 2022 20:59:37 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Wed, 10 Aug 2022 20:59:35 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Wed, 10 Aug 2022 20:59:35 -0700 Received: from BG-LT92004.corp.innovium.com (unknown [10.193.69.70]) by maili.marvell.com (Postfix) with ESMTP id 71A2A3F7085; Wed, 10 Aug 2022 20:59:32 -0700 (PDT) From: Anoob Joseph <anoobj@marvell.com> To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com>, "Thomas Monjalon" <thomas@monjalon.net>, Hemant Agrawal <hemant.agrawal@nxp.com>, Sachin Saxena <sachin.saxena@oss.nxp.com>, Ciara Power <ciara.power@intel.com> CC: Aakash Sasidharan <asasidharan@marvell.com>, <dev@dpdk.org> Subject: [PATCH 0/1] Add security perf application Date: Thu, 11 Aug 2022 09:29:32 +0530 Message-ID: <20220811035933.802-1-anoobj@marvell.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-GUID: OLRS1lDVDXNIh6o7vJQgfw-Fo_7YcZnq X-Proofpoint-ORIG-GUID: OLRS1lDVDXNIh6o7vJQgfw-Fo_7YcZnq X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.883,Hydra:6.0.517,FMLib:17.11.122.1 definitions=2022-08-11_02,2022-08-10_01,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions <dev.dpdk.org> List-Unsubscribe: <https://mails.dpdk.org/options/dev>, <mailto:dev-request@dpdk.org?subject=unsubscribe> List-Archive: <http://mails.dpdk.org/archives/dev/> List-Post: <mailto:dev@dpdk.org> List-Help: <mailto:dev-request@dpdk.org?subject=help> List-Subscribe: <https://mails.dpdk.org/listinfo/dev>, <mailto:dev-request@dpdk.org?subject=subscribe> Errors-To: dev-bounces@dpdk.org |
| Series |
Add security perf application
|
|
Message
Anoob Joseph
Aug. 11, 2022, 3:59 a.m. UTC
Add performance application to test security session create & destroy rates supported by the security enabled cryptodev PMD. The application would create specified number of sessions and captures the time taken for the same before proceeding to destroy of the same. When operating on multi-core, the number of sessions would be evenly distributed across all cores. The application would test with all combinations of cipher & auth algorithms supported by the PMD. The app is similar to 'test-flow-perf' tool which captures the rate at which flow rules can be created and destroyed. Anoob Joseph (1): app/test-security-perf: add security perf app MAINTAINERS | 6 + app/meson.build | 1 + app/test-security-perf/meson.build | 14 + app/test-security-perf/test_security_perf.c | 554 ++++++++++++++++++++ doc/guides/tools/index.rst | 1 + doc/guides/tools/securityperf.rst | 47 ++ 6 files changed, 623 insertions(+) create mode 100644 app/test-security-perf/meson.build create mode 100644 app/test-security-perf/test_security_perf.c create mode 100644 doc/guides/tools/securityperf.rst -- 2.25.1
Comments
Hi Anoob, > Subject: [PATCH 0/1] Add security perf application > > Add performance application to test security session create & destroy > rates supported by the security enabled cryptodev PMD. The > application would create specified number of sessions and captures the > time taken for the same before proceeding to destroy of the same. When > operating on multi-core, the number of sessions would be evenly > distributed across all cores. > > The application would test with all combinations of cipher & auth > algorithms supported by the PMD. > > The app is similar to 'test-flow-perf' tool which captures the rate > at which flow rules can be created and destroyed. > Is it not good to add this into dpdk-test-crypto-perf? Can we add as a separate .c file, say, cperf_test_sec_session.c in test-crypto-perf folder and use the existing framework. This way we can leverage it for crypto sessions also. > Anoob Joseph (1): > app/test-security-perf: add security perf app > > MAINTAINERS | 6 + > app/meson.build | 1 + > app/test-security-perf/meson.build | 14 + > app/test-security-perf/test_security_perf.c | 554 ++++++++++++++++++++ > doc/guides/tools/index.rst | 1 + > doc/guides/tools/securityperf.rst | 47 ++ > 6 files changed, 623 insertions(+) > create mode 100644 app/test-security-perf/meson.build > create mode 100644 app/test-security-perf/test_security_perf.c > create mode 100644 doc/guides/tools/securityperf.rst > > -- > 2.25.1
Hi Akhil, Please see inline. Thanks, Anoob > > Hi Anoob, > > Subject: [PATCH 0/1] Add security perf application > > > > Add performance application to test security session create & destroy > > rates supported by the security enabled cryptodev PMD. The application > > would create specified number of sessions and captures the time taken > > for the same before proceeding to destroy of the same. When operating > > on multi-core, the number of sessions would be evenly distributed > > across all cores. > > > > The application would test with all combinations of cipher & auth > > algorithms supported by the PMD. > > > > The app is similar to 'test-flow-perf' tool which captures the rate at > > which flow rules can be created and destroyed. > > > Is it not good to add this into dpdk-test-crypto-perf? [Anoob] IMO, It is not good. Following are the reasons, Dpdk-test-crypto-perf is primarily for capturing crypto operation throughputs. And so the framework allocates minimal number of sessions and the datapath function pointer etc deals with only one session. The entire framework available in that application is for populating crypto_op and mbuf, which is not required for this app. Touching that framework would mean throughput tests would get affected, which I don't think is the right thing to do. And for PMDs like Intel's (which don't have security support), it would be an unnecessary performance drop. The proposed app currently runs for all supported ciphers while in dpdk-test-crypto-perf, it runs only for a specific algorithm combination. If we want to limit the functionality of the proposed app to match dpdk-test-crypto-perf usage, that also calls for a major rework. And the only thing that can be reused is probably cryptodev init & queue pair configuration. As you are well aware, security device can be cryptodev or an ethdev. Dpdk-test-crypto-perf doesn't have support for initializing ethdev and rightfully so. Adding this to an already complicated framework will be counter productive in the long run. > Can we add as a separate .c file, say, cperf_test_sec_session.c in test-crypto- > perf folder and use the existing framework. [Anoob] As I mentioned earlier, nothing from the framework can be leveraged for this application. If you insist on not having a new app, then all this can be integrated into dpdk-test-crypto-perf, but that will follow it's own path from very early stage (mempool allocations etc need to happen differently). And it would mean adding more command line options (which is currently at 37) as we add more options for measuring security perf. > This way we can leverage it for crypto sessions also. > > > > Anoob Joseph (1): > > app/test-security-perf: add security perf app > > > > MAINTAINERS | 6 + > > app/meson.build | 1 + > > app/test-security-perf/meson.build | 14 + > > app/test-security-perf/test_security_perf.c | 554 > ++++++++++++++++++++ > > doc/guides/tools/index.rst | 1 + > > doc/guides/tools/securityperf.rst | 47 ++ > > 6 files changed, 623 insertions(+) > > create mode 100644 app/test-security-perf/meson.build > > create mode 100644 app/test-security-perf/test_security_perf.c > > create mode 100644 doc/guides/tools/securityperf.rst > > > > -- > > 2.25.1
Hi Akhil, Do you have any further comments? Thanks, Anoob > -----Original Message----- > From: Anoob Joseph <anoobj@marvell.com> > Sent: Friday, August 19, 2022 12:50 PM > To: Akhil Goyal <gakhil@marvell.com> > Cc: Aakash Sasidharan <asasidharan@marvell.com>; dev@dpdk.org; > techboard@dpdk.org; Jerin Jacob Kollanukkaran <jerinj@marvell.com>; Thomas > Monjalon <thomas@monjalon.net>; Hemant Agrawal > <hemant.agrawal@nxp.com>; Sachin Saxena <sachin.saxena@oss.nxp.com>; > Ciara Power <ciara.power@intel.com> > Subject: [EXT] RE: [PATCH 0/1] Add security perf application > > External Email > > ---------------------------------------------------------------------- > Hi Akhil, > > Please see inline. > > Thanks, > Anoob > > > > > Hi Anoob, > > > Subject: [PATCH 0/1] Add security perf application > > > > > > Add performance application to test security session create & > > > destroy rates supported by the security enabled cryptodev PMD. The > > > application would create specified number of sessions and captures > > > the time taken for the same before proceeding to destroy of the > > > same. When operating on multi-core, the number of sessions would be > > > evenly distributed across all cores. > > > > > > The application would test with all combinations of cipher & auth > > > algorithms supported by the PMD. > > > > > > The app is similar to 'test-flow-perf' tool which captures the rate > > > at which flow rules can be created and destroyed. > > > > > Is it not good to add this into dpdk-test-crypto-perf? > > [Anoob] IMO, It is not good. Following are the reasons, > > Dpdk-test-crypto-perf is primarily for capturing crypto operation throughputs. > And so the framework allocates minimal number of sessions and the datapath > function pointer etc deals with only one session. The entire framework available > in that application is for populating crypto_op and mbuf, which is not required > for this app. Touching that framework would mean throughput tests would get > affected, which I don't think is the right thing to do. And for PMDs like Intel's > (which don't have security support), it would be an unnecessary performance > drop. > > The proposed app currently runs for all supported ciphers while in dpdk-test- > crypto-perf, it runs only for a specific algorithm combination. If we want to limit > the functionality of the proposed app to match dpdk-test-crypto-perf usage, > that also calls for a major rework. > > And the only thing that can be reused is probably cryptodev init & queue pair > configuration. As you are well aware, security device can be cryptodev or an > ethdev. Dpdk-test-crypto-perf doesn't have support for initializing ethdev and > rightfully so. Adding this to an already complicated framework will be counter > productive in the long run. > > > Can we add as a separate .c file, say, cperf_test_sec_session.c in > > test-crypto- perf folder and use the existing framework. > > [Anoob] As I mentioned earlier, nothing from the framework can be leveraged > for this application. If you insist on not having a new app, then all this can be > integrated into dpdk-test-crypto-perf, but that will follow it's own path from > very early stage (mempool allocations etc need to happen differently). And it > would mean adding more command line options (which is currently at 37) as we > add more options for measuring security perf. > > > This way we can leverage it for crypto sessions also. > > > > > > > Anoob Joseph (1): > > > app/test-security-perf: add security perf app > > > > > > MAINTAINERS | 6 + > > > app/meson.build | 1 + > > > app/test-security-perf/meson.build | 14 + > > > app/test-security-perf/test_security_perf.c | 554 > > ++++++++++++++++++++ > > > doc/guides/tools/index.rst | 1 + > > > doc/guides/tools/securityperf.rst | 47 ++ > > > 6 files changed, 623 insertions(+) > > > create mode 100644 app/test-security-perf/meson.build > > > create mode 100644 app/test-security-perf/test_security_perf.c > > > create mode 100644 doc/guides/tools/securityperf.rst > > > > > > -- > > > 2.25.1
Hi Anoob, > Hi Akhil, > > Do you have any further comments? > > > > Subject: [PATCH 0/1] Add security perf application > > > > > > > > Add performance application to test security session create & > > > > destroy rates supported by the security enabled cryptodev PMD. The > > > > application would create specified number of sessions and captures > > > > the time taken for the same before proceeding to destroy of the > > > > same. When operating on multi-core, the number of sessions would be > > > > evenly distributed across all cores. > > > > > > > > The application would test with all combinations of cipher & auth > > > > algorithms supported by the PMD. > > > > > > > > The app is similar to 'test-flow-perf' tool which captures the rate > > > > at which flow rules can be created and destroyed. > > > > > > > Is it not good to add this into dpdk-test-crypto-perf? > > > > [Anoob] IMO, It is not good. Following are the reasons, > > > > Dpdk-test-crypto-perf is primarily for capturing crypto operation throughputs. > > And so the framework allocates minimal number of sessions and the datapath > > function pointer etc deals with only one session. The entire framework > available > > in that application is for populating crypto_op and mbuf, which is not required > > for this app. Touching that framework would mean throughput tests would get > > affected, which I don't think is the right thing to do. And for PMDs like Intel's > > (which don't have security support), it would be an unnecessary performance > > drop. > > > > The proposed app currently runs for all supported ciphers while in dpdk-test- > > crypto-perf, it runs only for a specific algorithm combination. If we want to > limit > > the functionality of the proposed app to match dpdk-test-crypto-perf usage, > > that also calls for a major rework. > > > > And the only thing that can be reused is probably cryptodev init & queue pair > > configuration. As you are well aware, security device can be cryptodev or an > > ethdev. Dpdk-test-crypto-perf doesn't have support for initializing ethdev and > > rightfully so. Adding this to an already complicated framework will be counter > > productive in the long run. > > > > > Can we add as a separate .c file, say, cperf_test_sec_session.c in > > > test-crypto- perf folder and use the existing framework. > > > > [Anoob] As I mentioned earlier, nothing from the framework can be leveraged > > for this application. If you insist on not having a new app, then all this can be > > integrated into dpdk-test-crypto-perf, but that will follow it's own path from > > very early stage (mempool allocations etc need to happen differently). And it > > would mean adding more command line options (which is currently at 37) as > we > > add more options for measuring security perf. > > Are you planning to add more options is that app? if not, then adding just one more option about nb_sess would do trick in test-crypto-perf. You would just need to add 2 new functions (test_security_session_perf and sec_conf_init) in a new .c file in app/test-crypto-perf/ and the mempool_init is being called from cperf_initialize_cryptodev() which we can hook to get the nb_sessions from the command line arguments. I do not suspect any changes in datapath - so it won't be an issue. The point is not about the things being common in the two apps. The point is whether we can accommodate in existing app or not. We cannot have too many different apps. We only introduce apps which are not possible to accommodate in existing ones. I remember, there was discussion in past about having a new app for testing multi-process for crypto. But that was dropped as we do not want too many apps. I agree that common part would be init only but it can scale for non-security sessions easily. Regards, Akhil
Hi Akhil, +Techboard for guidance > I agree that common part would be init only but it can scale for non-security > sessions easily. Currently, dpdk-test-crypto-perf has a data path framework which prepares crypto_operations based on session. The proposed application is about measuring performance when creating and destroying sessions. So it would take rte_security_conf as the argument and current data path framework would be completely bypassed. Current dpdk-test-crypto-perf creates mbuf_pool etc and creates one session per core. This app would need larger pool for sessions and no pool for crypto_op or mbuf. Moreover, dpdk-test-crypto-perf works on cryptodev while security-perf can work on rte_ethdevs as well. I still do not see any community feedback on whether plugging rte_ethdev init etc in dpdk-test-crypto-perf is the right thing to do. So other than basic eal_init(), I do not see anything common and even in the long run, this gulf is bound to grow. If the app has to be integrated into dpdk-test-crypto-perf, then it will be separate .c & .h files and completely branch out after very early init phase. The testing methodology and philosophy would also be different (for security-perf, we are running all algos supported as there is no need for command line parsing of all algos. CL parsing would be added for protocol features like custom AR window size). DPDK community had earlier encountered same issue with "test-flow-perf" which could have been integrated into "test-pmd" in a similar manner. But DPDK community decided to allow "test-flow-perf" and so the same logic can be applied here as well. Thanks, Anoob > -----Original Message----- > From: Akhil Goyal <gakhil@marvell.com> > Sent: Wednesday, September 28, 2022 12:47 AM > To: Anoob Joseph <anoobj@marvell.com> > Cc: Aakash Sasidharan <asasidharan@marvell.com>; dev@dpdk.org; > techboard@dpdk.org; Jerin Jacob Kollanukkaran <jerinj@marvell.com>; > Thomas Monjalon <thomas@monjalon.net>; Hemant Agrawal > <hemant.agrawal@nxp.com>; Sachin Saxena > <sachin.saxena@oss.nxp.com>; Ciara Power <ciara.power@intel.com> > Subject: RE: [PATCH 0/1] Add security perf application > > Hi Anoob, > > Hi Akhil, > > > > Do you have any further comments? > > > > > Subject: [PATCH 0/1] Add security perf application > > > > > > > > > > Add performance application to test security session create & > > > > > destroy rates supported by the security enabled cryptodev PMD. > > > > > The application would create specified number of sessions and > > > > > captures the time taken for the same before proceeding to > > > > > destroy of the same. When operating on multi-core, the number of > > > > > sessions would be evenly distributed across all cores. > > > > > > > > > > The application would test with all combinations of cipher & > > > > > auth algorithms supported by the PMD. > > > > > > > > > > The app is similar to 'test-flow-perf' tool which captures the > > > > > rate at which flow rules can be created and destroyed. > > > > > > > > > Is it not good to add this into dpdk-test-crypto-perf? > > > > > > [Anoob] IMO, It is not good. Following are the reasons, > > > > > > Dpdk-test-crypto-perf is primarily for capturing crypto operation > throughputs. > > > And so the framework allocates minimal number of sessions and the > > > datapath function pointer etc deals with only one session. The > > > entire framework > > available > > > in that application is for populating crypto_op and mbuf, which is > > > not required for this app. Touching that framework would mean > > > throughput tests would get affected, which I don't think is the > > > right thing to do. And for PMDs like Intel's (which don't have > > > security support), it would be an unnecessary performance drop. > > > > > > The proposed app currently runs for all supported ciphers while in > > > dpdk-test- crypto-perf, it runs only for a specific algorithm > > > combination. If we want to > > limit > > > the functionality of the proposed app to match dpdk-test-crypto-perf > > > usage, that also calls for a major rework. > > > > > > And the only thing that can be reused is probably cryptodev init & > > > queue pair configuration. As you are well aware, security device can > > > be cryptodev or an ethdev. Dpdk-test-crypto-perf doesn't have > > > support for initializing ethdev and rightfully so. Adding this to an > > > already complicated framework will be counter productive in the long > run. > > > > > > > Can we add as a separate .c file, say, cperf_test_sec_session.c in > > > > test-crypto- perf folder and use the existing framework. > > > > > > [Anoob] As I mentioned earlier, nothing from the framework can be > > > leveraged for this application. If you insist on not having a new > > > app, then all this can be integrated into dpdk-test-crypto-perf, but > > > that will follow it's own path from very early stage (mempool > > > allocations etc need to happen differently). And it would mean > > > adding more command line options (which is currently at 37) as > > we > > > add more options for measuring security perf. > > > > Are you planning to add more options is that app? > if not, then adding just one more option about nb_sess would do trick in > test-crypto-perf. > You would just need to add 2 new functions (test_security_session_perf and > sec_conf_init) in a new .c file in app/test-crypto-perf/ and the mempool_init > is being called from > cperf_initialize_cryptodev() which we can hook to get the nb_sessions from > the command line arguments. > I do not suspect any changes in datapath - so it won't be an issue. > The point is not about the things being common in the two apps. The point is > whether we can accommodate in existing app or not. We cannot have too > many different apps. > We only introduce apps which are not possible to accommodate in existing > ones. > I remember, there was discussion in past about having a new app for testing > multi-process for crypto. > But that was dropped as we do not want too many apps. > I agree that common part would be init only but it can scale for non-security > sessions easily. > > Regards, > Akhil
> Hi Akhil, > > +Techboard for guidance > The proposal is accepted in techboard. Please fix compilation issues reported in CI. > > I agree that common part would be init only but it can scale for non-security > > sessions easily. > > Currently, dpdk-test-crypto-perf has a data path framework which prepares > crypto_operations based on session. The proposed application is about > measuring performance when creating and destroying sessions. So it would take > rte_security_conf as the argument and current data path framework would be > completely bypassed. Current dpdk-test-crypto-perf creates mbuf_pool etc and > creates one session per core. This app would need larger pool for sessions and > no pool for crypto_op or mbuf. Moreover, dpdk-test-crypto-perf works on > cryptodev while security-perf can work on rte_ethdevs as well. I still do not see > any community feedback on whether plugging rte_ethdev init etc in dpdk-test- > crypto-perf is the right thing to do. > > So other than basic eal_init(), I do not see anything common and even in the > long run, this gulf is bound to grow. If the app has to be integrated into dpdk- > test-crypto-perf, then it will be separate .c & .h files and completely branch out > after very early init phase. The testing methodology and philosophy would also > be different (for security-perf, we are running all algos supported as there is no > need for command line parsing of all algos. CL parsing would be added for > protocol features like custom AR window size). DPDK community had earlier > encountered same issue with "test-flow-perf" which could have been integrated > into "test-pmd" in a similar manner. But DPDK community decided to allow > "test-flow-perf" and so the same logic can be applied here as well. > > Thanks, > Anoob > > > -----Original Message----- > > From: Akhil Goyal <gakhil@marvell.com> > > Sent: Wednesday, September 28, 2022 12:47 AM > > To: Anoob Joseph <anoobj@marvell.com> > > Cc: Aakash Sasidharan <asasidharan@marvell.com>; dev@dpdk.org; > > techboard@dpdk.org; Jerin Jacob Kollanukkaran <jerinj@marvell.com>; > > Thomas Monjalon <thomas@monjalon.net>; Hemant Agrawal > > <hemant.agrawal@nxp.com>; Sachin Saxena > > <sachin.saxena@oss.nxp.com>; Ciara Power <ciara.power@intel.com> > > Subject: RE: [PATCH 0/1] Add security perf application > > > > Hi Anoob, > > > Hi Akhil, > > > > > > Do you have any further comments? > > > > > > Subject: [PATCH 0/1] Add security perf application > > > > > > > > > > > > Add performance application to test security session create & > > > > > > destroy rates supported by the security enabled cryptodev PMD. > > > > > > The application would create specified number of sessions and > > > > > > captures the time taken for the same before proceeding to > > > > > > destroy of the same. When operating on multi-core, the number of > > > > > > sessions would be evenly distributed across all cores. > > > > > > > > > > > > The application would test with all combinations of cipher & > > > > > > auth algorithms supported by the PMD. > > > > > > > > > > > > The app is similar to 'test-flow-perf' tool which captures the > > > > > > rate at which flow rules can be created and destroyed. > > > > > > > > > > > Is it not good to add this into dpdk-test-crypto-perf? > > > > > > > > [Anoob] IMO, It is not good. Following are the reasons, > > > > > > > > Dpdk-test-crypto-perf is primarily for capturing crypto operation > > throughputs. > > > > And so the framework allocates minimal number of sessions and the > > > > datapath function pointer etc deals with only one session. The > > > > entire framework > > > available > > > > in that application is for populating crypto_op and mbuf, which is > > > > not required for this app. Touching that framework would mean > > > > throughput tests would get affected, which I don't think is the > > > > right thing to do. And for PMDs like Intel's (which don't have > > > > security support), it would be an unnecessary performance drop. > > > > > > > > The proposed app currently runs for all supported ciphers while in > > > > dpdk-test- crypto-perf, it runs only for a specific algorithm > > > > combination. If we want to > > > limit > > > > the functionality of the proposed app to match dpdk-test-crypto-perf > > > > usage, that also calls for a major rework. > > > > > > > > And the only thing that can be reused is probably cryptodev init & > > > > queue pair configuration. As you are well aware, security device can > > > > be cryptodev or an ethdev. Dpdk-test-crypto-perf doesn't have > > > > support for initializing ethdev and rightfully so. Adding this to an > > > > already complicated framework will be counter productive in the long > > run. > > > > > > > > > Can we add as a separate .c file, say, cperf_test_sec_session.c in > > > > > test-crypto- perf folder and use the existing framework. > > > > > > > > [Anoob] As I mentioned earlier, nothing from the framework can be > > > > leveraged for this application. If you insist on not having a new > > > > app, then all this can be integrated into dpdk-test-crypto-perf, but > > > > that will follow it's own path from very early stage (mempool > > > > allocations etc need to happen differently). And it would mean > > > > adding more command line options (which is currently at 37) as > > > we > > > > add more options for measuring security perf. > > > > > > Are you planning to add more options is that app? > > if not, then adding just one more option about nb_sess would do trick in > > test-crypto-perf. > > You would just need to add 2 new functions (test_security_session_perf and > > sec_conf_init) in a new .c file in app/test-crypto-perf/ and the mempool_init > > is being called from > > cperf_initialize_cryptodev() which we can hook to get the nb_sessions from > > the command line arguments. > > I do not suspect any changes in datapath - so it won't be an issue. > > The point is not about the things being common in the two apps. The point is > > whether we can accommodate in existing app or not. We cannot have too > > many different apps. > > We only introduce apps which are not possible to accommodate in existing > > ones. > > I remember, there was discussion in past about having a new app for testing > > multi-process for crypto. > > But that was dropped as we do not want too many apps. > > I agree that common part would be init only but it can scale for non-security > > sessions easily. > > > > Regards, > > Akhil