[dpdk-dev] [PATCH] ethdev: allow multiple security sessions to use one rte flow

Ori Kam orika at mellanox.com
Tue Dec 10 21:47:42 CET 2019

Previous message: [dpdk-dev] [PATCH] ethdev: allow multiple security sessions to use one rte flow
Next message: [dpdk-dev] [PATCH] ethdev: allow multiple security sessions to use one rte flow
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]


> -----Original Message-----
> Subject: Re: [dpdk-dev] [PATCH] ethdev: allow multiple security sessions to
> use one rte flow
> 
> On Sun, Dec 8, 2019 at 4:19 PM Anoob Joseph <anoobj at marvell.com> wrote:
> >
> > The rte_security API which enables inline protocol/crypto feature
> > mandates that for every security session an rte_flow is created. This
> > would internally translate to a rule in the hardware which would do
> > packet classification.
> >
> > In rte_securty, one SA would be one security session. And if an rte_flow
> > need to be created for every session, the number of SAs supported by an
> > inline implementation would be limited by the number of rte_flows the
> > PMD would be able to support.
> >
> > If the fields SPI & IP addresses are allowed to be a range, then this
> > limitation can be overcome. Multiple flows will be able to use one rule
> > for SECURITY processing. In this case, the security session provided as
> > conf would be NULL.
> >
> > Application should do an rte_flow_validate() to make sure the flow is
> > supported on the PMD.
> >
> > Signed-off-by: Anoob Joseph <anoobj at marvell.com>
> 
> Reviewed-by: Jerin Jacob <jerinj at marvell.com>
> 
> 
> > ---

Acked-by: Ori Kam <orika at mellanox.com>
Thanks,
Ori

Previous message: [dpdk-dev] [PATCH] ethdev: allow multiple security sessions to use one rte flow
Next message: [dpdk-dev] [PATCH] ethdev: allow multiple security sessions to use one rte flow
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list