[dpdk-dev] [PATCH v2] examples/ipsec-secgw: remove limitation for crypto sessions

[Vladimir Medvedkin]

Get rid of hardcoded limit of cryptodev sessions.

Fixes: e1143d7dbbf4 ("examples/ipsec-secgw: get rid of maximum SA limitation")
Cc: vladimir.medvedkin at intel.com

Signed-off-by: Vladimir Medvedkin <vladimir.medvedkin at intel.com>
---
 examples/ipsec-secgw/ipsec-secgw.c | 12 +++++++-----
 examples/ipsec-secgw/ipsec.h       |  3 +++
 examples/ipsec-secgw/sa.c          |  9 +++++++++
 3 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
index 4799bc9..0b8177b 100644
--- a/examples/ipsec-secgw/ipsec-secgw.c
+++ b/examples/ipsec-secgw/ipsec-secgw.c
@@ -58,7 +58,6 @@
 
 #define CDEV_QUEUE_DESC 2048
 #define CDEV_MAP_ENTRIES 16384
-#define CDEV_MP_NB_OBJS 1024
 #define CDEV_MP_CACHE_SZ 64
 #define MAX_QUEUE_PAIRS 1
 
@@ -1916,10 +1915,11 @@ cryptodevs_init(void)
 		dev_conf.ff_disable = RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO;
 
 		uint32_t dev_max_sess = cdev_info.sym.max_nb_sessions;
-		if (dev_max_sess != 0 && dev_max_sess < CDEV_MP_NB_OBJS)
+		if (dev_max_sess != 0 &&
+				dev_max_sess < get_nb_crypto_sessions())
 			rte_exit(EXIT_FAILURE,
 				"Device does not support at least %u "
-				"sessions", CDEV_MP_NB_OBJS);
+				"sessions", get_nb_crypto_sessions());
 
 		if (rte_cryptodev_configure(cdev_id, &dev_conf))
 			rte_panic("Failed to initialize cryptodev %u\n",
@@ -2175,7 +2175,8 @@ session_pool_init(struct socket_ctx *ctx, int32_t socket_id, size_t sess_sz)
 	snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
 			"sess_mp_%u", socket_id);
 	sess_mp = rte_cryptodev_sym_session_pool_create(
-			mp_name, CDEV_MP_NB_OBJS,
+			mp_name, get_nb_crypto_sessions() +
+			CDEV_MP_CACHE_SZ * rte_lcore_count(),
 			sess_sz, CDEV_MP_CACHE_SZ, 0,
 			socket_id);
 	ctx->session_pool = sess_mp;
@@ -2197,7 +2198,8 @@ session_priv_pool_init(struct socket_ctx *ctx, int32_t socket_id,
 	snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
 			"sess_mp_priv_%u", socket_id);
 	sess_mp = rte_mempool_create(mp_name,
-			CDEV_MP_NB_OBJS,
+			get_nb_crypto_sessions() +
+			CDEV_MP_CACHE_SZ * rte_lcore_count(),
 			sess_sz,
 			CDEV_MP_CACHE_SZ,
 			0, NULL, NULL, NULL,
diff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h
index 4f2fd61..a5c4923 100644
--- a/examples/ipsec-secgw/ipsec.h
+++ b/examples/ipsec-secgw/ipsec.h
@@ -384,4 +384,7 @@ int
 create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa,
 		struct rte_ipsec_session *ips);
 
+uint32_t
+get_nb_crypto_sessions(void);
+
 #endif /* __IPSEC_H__ */
diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
index 4822d6b..5c3c2a8 100644
--- a/examples/ipsec-secgw/sa.c
+++ b/examples/ipsec-secgw/sa.c
@@ -135,6 +135,7 @@ const struct supported_aead_algo aead_algos[] = {
 
 #define SA_INIT_NB	128
 
+static uint32_t nb_crypto_sessions;
 static struct ipsec_sa *sa_out;
 static uint32_t sa_out_sz;
 static uint32_t nb_sa_out;
@@ -678,6 +679,7 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
 			}
 
 			rule->fallback_sessions = 1;
+			nb_crypto_sessions++;
 			fallback_p = 1;
 			continue;
 		}
@@ -722,6 +724,7 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
 		rule->portid = -1;
 	}
 
+	nb_crypto_sessions++;
 	*ri = *ri + 1;
 }
 
@@ -1553,3 +1556,9 @@ sa_sort_arr(void)
 	qsort(sa_in, nb_sa_in, sizeof(struct ipsec_sa), sa_cmp);
 	qsort(sa_out, nb_sa_out, sizeof(struct ipsec_sa), sa_cmp);
 }
+
+uint32_t
+get_nb_crypto_sessions(void)
+{
+	return nb_crypto_sessions;
+}
-- 
2.7.4