patch 'net/cnxk: fix inline IPsec security error handling' has been queued to stable release 21.11.1

Kevin Traynor ktraynor at redhat.com
Tue Mar 1 11:42:47 CET 2022

Previous message (by thread): patch 'net/cnxk: register callback early to handle initial packets' has been queued to stable release 21.11.1
Next message (by thread): patch 'net/cnxk: fix build with GCC 12' has been queued to stable release 21.11.1
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

FYI, your patch has been queued to stable release 21.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 03/06/22. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://github.com/kevintraynor/dpdk-stable

This queued commit can be viewed at:
https://github.com/kevintraynor/dpdk-stable/commit/9e10cdbd2d28c66b036c3c4221ebba553817c5ac

Thanks.

Kevin

---
>From 9e10cdbd2d28c66b036c3c4221ebba553817c5ac Mon Sep 17 00:00:00 2001
From: Nithin Dabilpuram <ndabilpuram at marvell.com>
Date: Wed, 23 Feb 2022 01:05:06 +0530
Subject: [PATCH] net/cnxk: fix inline IPsec security error handling

[ upstream commit ea695031a73ce0e61b9055860eb967406ef8c004 ]

Use raw mbuf free on inline security error to simulate
HW NPA free instead of doing rte_pktmbuf_free(). This
is needed as the callback will not be called from
DPDK lcore.

Fixes: 69daa9e5022b ("net/cnxk: support inline security setup for cn10k")

Signed-off-by: Nithin Dabilpuram <ndabilpuram at marvell.com>
Acked-by: Jerin Jacob <jerinj at marvell.com>
---
 drivers/net/cnxk/cn10k_ethdev_sec.c | 37 +++++++++++++++++++++++++----
 1 file changed, 32 insertions(+), 5 deletions(-)

diff --git a/drivers/net/cnxk/cn10k_ethdev_sec.c b/drivers/net/cnxk/cn10k_ethdev_sec.c
index a517421b12..f84a0fe80c 100644
--- a/drivers/net/cnxk/cn10k_ethdev_sec.c
+++ b/drivers/net/cnxk/cn10k_ethdev_sec.c
@@ -139,4 +139,18 @@ static const struct rte_security_capability cn10k_eth_sec_capabilities[] = {
 };
 
+static inline void
+cnxk_pktmbuf_free_no_cache(struct rte_mbuf *mbuf)
+{
+	struct rte_mbuf *next;
+
+	if (!mbuf)
+		return;
+	do {
+		next = mbuf->next;
+		roc_npa_aura_op_free(mbuf->pool->pool_id, 1, (rte_iova_t)mbuf);
+		mbuf = next;
+	} while (mbuf != NULL);
+}
+
 void
 cn10k_eth_sec_sso_work_cb(uint64_t *gw, void *args)
@@ -149,4 +163,5 @@ cn10k_eth_sec_sso_work_cb(uint64_t *gw, void *args)
 	struct rte_eth_dev *eth_dev;
 	struct cnxk_eth_dev *dev;
+	static uint64_t warn_cnt;
 	uint16_t dlen_adj, rlen;
 	struct rte_mbuf *mbuf;
@@ -162,5 +177,5 @@ cn10k_eth_sec_sso_work_cb(uint64_t *gw, void *args)
 		mbuf = (struct rte_mbuf *)(gw[1] - sizeof(struct rte_mbuf));
 		plt_nix_dbg("Received mbuf %p from inline dev inbound", mbuf);
-		rte_pktmbuf_free(mbuf);
+		cnxk_pktmbuf_free_no_cache(mbuf);
 		return;
 	case RTE_EVENT_TYPE_CPU:
@@ -213,8 +228,20 @@ cn10k_eth_sec_sso_work_cb(uint64_t *gw, void *args)
 		desc.subtype = RTE_ETH_EVENT_IPSEC_ESN_OVERFLOW;
 		break;
+	case ROC_IE_OT_UCC_ERR_PKT_IP:
+		warn_cnt++;
+		if (warn_cnt % 10000 == 0)
+			plt_warn("Outbound error, bad ip pkt, mbuf %p,"
+				 " sa_index %u (total warnings %" PRIu64 ")",
+				 mbuf, sess_priv.sa_idx, warn_cnt);
+		desc.subtype = RTE_ETH_EVENT_IPSEC_UNKNOWN;
+		break;
 	default:
-		plt_warn("Outbound error, mbuf %p, sa_index %u, "
-			 "compcode %x uc %x", mbuf, sess_priv.sa_idx,
-			 res->compcode, res->uc_compcode);
+		warn_cnt++;
+		if (warn_cnt % 10000 == 0)
+			plt_warn("Outbound error, mbuf %p, sa_index %u,"
+				 " compcode %x uc %x,"
+				 " (total warnings %" PRIu64 ")",
+				 mbuf, sess_priv.sa_idx, res->compcode,
+				 res->uc_compcode, warn_cnt);
 		desc.subtype = RTE_ETH_EVENT_IPSEC_UNKNOWN;
 		break;
@@ -223,5 +250,5 @@ cn10k_eth_sec_sso_work_cb(uint64_t *gw, void *args)
 	desc.metadata = (uint64_t)priv->userdata;
 	rte_eth_dev_callback_process(eth_dev, RTE_ETH_EVENT_IPSEC, &desc);
-	rte_pktmbuf_free(mbuf);
+	cnxk_pktmbuf_free_no_cache(mbuf);
 }
 
-- 
2.34.1

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2022-03-01 10:41:03.908029567 +0000
+++ 0091-net-cnxk-fix-inline-IPsec-security-error-handling.patch	2022-03-01 10:41:01.459244130 +0000
@@ -1 +1 @@
-From ea695031a73ce0e61b9055860eb967406ef8c004 Mon Sep 17 00:00:00 2001
+From 9e10cdbd2d28c66b036c3c4221ebba553817c5ac Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit ea695031a73ce0e61b9055860eb967406ef8c004 ]
+
@@ -12 +13,0 @@
-Cc: stable at dpdk.org
@@ -21 +22 @@
-index ac45056936..044b20c637 100644
+index a517421b12..f84a0fe80c 100644

Previous message (by thread): patch 'net/cnxk: register callback early to handle initial packets' has been queued to stable release 21.11.1
Next message (by thread): patch 'net/cnxk: fix build with GCC 12' has been queued to stable release 21.11.1
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the stable mailing list