[dpdk-dev] [PATCH v2] examples/ipsec-secgw: fix pool usage for security session

[Ananyev, Konstantin]

> -----Original Message-----
> From: Akhil Goyal [mailto:akhil.goyal at nxp.com]
> Sent: Tuesday, April 23, 2019 1:20 PM
> To: dev at dpdk.org
> Cc: Nicolau, Radu <radu.nicolau at intel.com>; Ananyev, Konstantin <konstantin.ananyev at intel.com>; Akhil Goyal <akhil.goyal at nxp.com>;
> Zhang, Roy Fan <roy.fan.zhang at intel.com>; stable at dpdk.org
> Subject: [PATCH v2] examples/ipsec-secgw: fix pool usage for security session
> 
> Currently, two separate mempools are being used for creating crypto
> sessions and its private data.
> crypto sessions are created and initialized separately, so a separate
> mempool is passed to each API, but in case of security sessions, where
> only one API create and initialize the private data as well.
> So if session mempool is passed to create a security session, the
> mempool element size is not sufficient enough to hold the private
> data as well.
> As a perfect solution, the security session create API should take 2
> mempools for header and private data and initiatlize accordingly,
> but that would mean an API breakage, which will be done in the next
> release cycle. So introducing this patch as a workaround to resolve this
> issue.
> 
> Fixes: 261bbff75e34 ("examples: use separate crypto session mempools")
> Cc: roy.fan.zhang at intel.com
> Cc: stable at dpdk.org
> 
> Signed-off-by: Akhil Goyal <akhil.goyal at nxp.com>
> ---
> v2: incorporated Konstantin's comments.
> 
> 
>  examples/ipsec-secgw/ipsec-secgw.c | 5 +++--
>  examples/ipsec-secgw/ipsec.c       | 4 ++--
>  2 files changed, 5 insertions(+), 4 deletions(-)
> 
> diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
> index 2e203393d..478dd80c2 100644
> --- a/examples/ipsec-secgw/ipsec-secgw.c
> +++ b/examples/ipsec-secgw/ipsec-secgw.c
> @@ -1791,7 +1791,7 @@ cryptodevs_init(void)
>  				rte_eth_dev_get_sec_ctx(port_id)) {
>  			int socket_id = rte_eth_dev_socket_id(port_id);
> 
> -			if (!socket_ctx[socket_id].session_pool) {
> +			if (!socket_ctx[socket_id].session_priv_pool) {
>  				char mp_name[RTE_MEMPOOL_NAMESIZE];
>  				struct rte_mempool *sess_mp;
> 
> @@ -1811,7 +1811,8 @@ cryptodevs_init(void)
>  				else
>  					printf("Allocated session pool "
>  						"on socket %d\n", socket_id);
> -				socket_ctx[socket_id].session_pool = sess_mp;
> +				socket_ctx[socket_id].session_priv_pool =
> +						sess_mp;
>  			}
>  		}
>  	}
> diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c
> index 4352cb842..7b8533077 100644
> --- a/examples/ipsec-secgw/ipsec.c
> +++ b/examples/ipsec-secgw/ipsec.c
> @@ -102,7 +102,7 @@ create_session(struct ipsec_ctx *ipsec_ctx, struct ipsec_sa *sa)
>  			set_ipsec_conf(sa, &(sess_conf.ipsec));
> 
>  			sa->sec_session = rte_security_session_create(ctx,
> -					&sess_conf, ipsec_ctx->session_pool);
> +					&sess_conf, ipsec_ctx->session_priv_pool);
>  			if (sa->sec_session == NULL) {
>  				RTE_LOG(ERR, IPSEC,
>  				"SEC Session init failed: err: %d\n", ret);
> @@ -117,7 +117,7 @@ create_session(struct ipsec_ctx *ipsec_ctx, struct ipsec_sa *sa)
>  			int ret = 0;
> 
>  			sa->sec_session = rte_security_session_create(ctx,
> -					&sess_conf, ipsec_ctx->session_pool);
> +					&sess_conf, ipsec_ctx->session_priv_pool);
>  			if (sa->sec_session == NULL) {
>  				RTE_LOG(ERR, IPSEC,
>  				"SEC Session init failed: err: %d\n", ret);

Acked-by: Konstantin Ananyev <konstantin.ananyev at intel.com>

> --
> 2.17.1