1 /* SPDX-License-Identifier: BSD-3-Clause
2 * Copyright(c) 2016 Intel Corporation
10 #include <netinet/in.h>
11 #include <netinet/ip.h>
12 #include <netinet/ip6.h>
14 #include <sys/queue.h>
19 #include <rte_common.h>
20 #include <rte_byteorder.h>
23 #include <rte_launch.h>
24 #include <rte_atomic.h>
25 #include <rte_cycles.h>
26 #include <rte_prefetch.h>
27 #include <rte_lcore.h>
28 #include <rte_per_lcore.h>
29 #include <rte_branch_prediction.h>
30 #include <rte_interrupts.h>
31 #include <rte_random.h>
32 #include <rte_debug.h>
33 #include <rte_ether.h>
34 #include <rte_ethdev.h>
35 #include <rte_mempool.h>
41 #include <rte_jhash.h>
42 #include <rte_cryptodev.h>
47 #define RTE_LOGTYPE_IPSEC RTE_LOGTYPE_USER1
49 #define MAX_JUMBO_PKT_LEN 9600
51 #define MEMPOOL_CACHE_SIZE 256
53 #define NB_MBUF (32000)
55 #define CDEV_QUEUE_DESC 2048
56 #define CDEV_MAP_ENTRIES 1024
57 #define CDEV_MP_NB_OBJS 2048
58 #define CDEV_MP_CACHE_SZ 64
59 #define MAX_QUEUE_PAIRS 1
61 #define OPTION_CONFIG "config"
62 #define OPTION_SINGLE_SA "single-sa"
63 #define OPTION_CRYPTODEV_MASK "cryptodev_mask"
65 #define BURST_TX_DRAIN_US 100 /* TX drain every ~100us */
69 /* Configure how many packets ahead to prefetch, when reading packets */
70 #define PREFETCH_OFFSET 3
72 #define MAX_RX_QUEUE_PER_LCORE 16
74 #define MAX_LCORE_PARAMS 1024
76 #define UNPROTECTED_PORT(port) (unprotected_port_mask & (1 << portid))
79 * Configurable number of RX/TX ring descriptors
81 #define IPSEC_SECGW_RX_DESC_DEFAULT 128
82 #define IPSEC_SECGW_TX_DESC_DEFAULT 512
83 static uint16_t nb_rxd = IPSEC_SECGW_RX_DESC_DEFAULT;
84 static uint16_t nb_txd = IPSEC_SECGW_TX_DESC_DEFAULT;
86 #if RTE_BYTE_ORDER != RTE_LITTLE_ENDIAN
87 #define __BYTES_TO_UINT64(a, b, c, d, e, f, g, h) \
88 (((uint64_t)((a) & 0xff) << 56) | \
89 ((uint64_t)((b) & 0xff) << 48) | \
90 ((uint64_t)((c) & 0xff) << 40) | \
91 ((uint64_t)((d) & 0xff) << 32) | \
92 ((uint64_t)((e) & 0xff) << 24) | \
93 ((uint64_t)((f) & 0xff) << 16) | \
94 ((uint64_t)((g) & 0xff) << 8) | \
95 ((uint64_t)(h) & 0xff))
97 #define __BYTES_TO_UINT64(a, b, c, d, e, f, g, h) \
98 (((uint64_t)((h) & 0xff) << 56) | \
99 ((uint64_t)((g) & 0xff) << 48) | \
100 ((uint64_t)((f) & 0xff) << 40) | \
101 ((uint64_t)((e) & 0xff) << 32) | \
102 ((uint64_t)((d) & 0xff) << 24) | \
103 ((uint64_t)((c) & 0xff) << 16) | \
104 ((uint64_t)((b) & 0xff) << 8) | \
105 ((uint64_t)(a) & 0xff))
107 #define ETHADDR(a, b, c, d, e, f) (__BYTES_TO_UINT64(a, b, c, d, e, f, 0, 0))
109 #define ETHADDR_TO_UINT64(addr) __BYTES_TO_UINT64( \
110 addr.addr_bytes[0], addr.addr_bytes[1], \
111 addr.addr_bytes[2], addr.addr_bytes[3], \
112 addr.addr_bytes[4], addr.addr_bytes[5], \
115 /* port/source ethernet addr and destination ethernet addr */
116 struct ethaddr_info {
120 struct ethaddr_info ethaddr_tbl[RTE_MAX_ETHPORTS] = {
121 { 0, ETHADDR(0x00, 0x16, 0x3e, 0x7e, 0x94, 0x9a) },
122 { 0, ETHADDR(0x00, 0x16, 0x3e, 0x22, 0xa1, 0xd9) },
123 { 0, ETHADDR(0x00, 0x16, 0x3e, 0x08, 0x69, 0x26) },
124 { 0, ETHADDR(0x00, 0x16, 0x3e, 0x49, 0x9e, 0xdd) }
127 /* mask of enabled ports */
128 static uint32_t enabled_port_mask;
129 static uint64_t enabled_cryptodev_mask = UINT64_MAX;
130 static uint32_t unprotected_port_mask;
131 static int32_t promiscuous_on = 1;
132 static int32_t numa_on = 1; /**< NUMA is enabled by default. */
133 static uint32_t nb_lcores;
134 static uint32_t single_sa;
135 static uint32_t single_sa_idx;
136 static uint32_t frame_size;
138 struct lcore_rx_queue {
141 } __rte_cache_aligned;
143 struct lcore_params {
147 } __rte_cache_aligned;
149 static struct lcore_params lcore_params_array[MAX_LCORE_PARAMS];
151 static struct lcore_params *lcore_params;
152 static uint16_t nb_lcore_params;
154 static struct rte_hash *cdev_map_in;
155 static struct rte_hash *cdev_map_out;
159 struct rte_mbuf *m_table[MAX_PKT_BURST] __rte_aligned(sizeof(void *));
163 uint16_t nb_rx_queue;
164 struct lcore_rx_queue rx_queue_list[MAX_RX_QUEUE_PER_LCORE];
165 uint16_t tx_queue_id[RTE_MAX_ETHPORTS];
166 struct buffer tx_mbufs[RTE_MAX_ETHPORTS];
167 struct ipsec_ctx inbound;
168 struct ipsec_ctx outbound;
169 struct rt_ctx *rt4_ctx;
170 struct rt_ctx *rt6_ctx;
171 } __rte_cache_aligned;
173 static struct lcore_conf lcore_conf[RTE_MAX_LCORE];
175 static struct rte_eth_conf port_conf = {
177 .mq_mode = ETH_MQ_RX_RSS,
178 .max_rx_pkt_len = ETHER_MAX_LEN,
180 .offloads = DEV_RX_OFFLOAD_CHECKSUM |
181 DEV_RX_OFFLOAD_CRC_STRIP,
182 .ignore_offload_bitfield = 1,
187 .rss_hf = ETH_RSS_IP | ETH_RSS_UDP |
188 ETH_RSS_TCP | ETH_RSS_SCTP,
192 .mq_mode = ETH_MQ_TX_NONE,
193 .offloads = (DEV_TX_OFFLOAD_IPV4_CKSUM |
194 DEV_TX_OFFLOAD_MULTI_SEGS),
198 static struct socket_ctx socket_ctx[NB_SOCKETS];
200 struct traffic_type {
201 const uint8_t *data[MAX_PKT_BURST * 2];
202 struct rte_mbuf *pkts[MAX_PKT_BURST * 2];
203 uint32_t res[MAX_PKT_BURST * 2];
207 struct ipsec_traffic {
208 struct traffic_type ipsec;
209 struct traffic_type ip4;
210 struct traffic_type ip6;
214 prepare_one_packet(struct rte_mbuf *pkt, struct ipsec_traffic *t)
217 struct ether_hdr *eth;
219 eth = rte_pktmbuf_mtod(pkt, struct ether_hdr *);
220 if (eth->ether_type == rte_cpu_to_be_16(ETHER_TYPE_IPv4)) {
221 nlp = (uint8_t *)rte_pktmbuf_adj(pkt, ETHER_HDR_LEN);
222 nlp = RTE_PTR_ADD(nlp, offsetof(struct ip, ip_p));
223 if (*nlp == IPPROTO_ESP)
224 t->ipsec.pkts[(t->ipsec.num)++] = pkt;
226 t->ip4.data[t->ip4.num] = nlp;
227 t->ip4.pkts[(t->ip4.num)++] = pkt;
229 } else if (eth->ether_type == rte_cpu_to_be_16(ETHER_TYPE_IPv6)) {
230 nlp = (uint8_t *)rte_pktmbuf_adj(pkt, ETHER_HDR_LEN);
231 nlp = RTE_PTR_ADD(nlp, offsetof(struct ip6_hdr, ip6_nxt));
232 if (*nlp == IPPROTO_ESP)
233 t->ipsec.pkts[(t->ipsec.num)++] = pkt;
235 t->ip6.data[t->ip6.num] = nlp;
236 t->ip6.pkts[(t->ip6.num)++] = pkt;
239 /* Unknown/Unsupported type, drop the packet */
240 RTE_LOG(ERR, IPSEC, "Unsupported packet type\n");
241 rte_pktmbuf_free(pkt);
244 /* Check if the packet has been processed inline. For inline protocol
245 * processed packets, the metadata in the mbuf can be used to identify
246 * the security processing done on the packet. The metadata will be
247 * used to retrieve the application registered userdata associated
248 * with the security session.
251 if (pkt->ol_flags & PKT_RX_SEC_OFFLOAD) {
253 struct ipsec_mbuf_metadata *priv;
254 struct rte_security_ctx *ctx = (struct rte_security_ctx *)
255 rte_eth_dev_get_sec_ctx(
258 /* Retrieve the userdata registered. Here, the userdata
259 * registered is the SA pointer.
262 sa = (struct ipsec_sa *)
263 rte_security_get_userdata(ctx, pkt->udata64);
266 /* userdata could not be retrieved */
270 /* Save SA as priv member in mbuf. This will be used in the
271 * IPsec selector(SP-SA) check.
274 priv = get_priv(pkt);
280 prepare_traffic(struct rte_mbuf **pkts, struct ipsec_traffic *t,
289 for (i = 0; i < (nb_pkts - PREFETCH_OFFSET); i++) {
290 rte_prefetch0(rte_pktmbuf_mtod(pkts[i + PREFETCH_OFFSET],
292 prepare_one_packet(pkts[i], t);
294 /* Process left packets */
295 for (; i < nb_pkts; i++)
296 prepare_one_packet(pkts[i], t);
300 prepare_tx_pkt(struct rte_mbuf *pkt, uint16_t port)
303 struct ether_hdr *ethhdr;
305 ip = rte_pktmbuf_mtod(pkt, struct ip *);
307 ethhdr = (struct ether_hdr *)rte_pktmbuf_prepend(pkt, ETHER_HDR_LEN);
309 if (ip->ip_v == IPVERSION) {
310 pkt->ol_flags |= PKT_TX_IP_CKSUM | PKT_TX_IPV4;
311 pkt->l3_len = sizeof(struct ip);
312 pkt->l2_len = ETHER_HDR_LEN;
314 ethhdr->ether_type = rte_cpu_to_be_16(ETHER_TYPE_IPv4);
316 pkt->ol_flags |= PKT_TX_IPV6;
317 pkt->l3_len = sizeof(struct ip6_hdr);
318 pkt->l2_len = ETHER_HDR_LEN;
320 ethhdr->ether_type = rte_cpu_to_be_16(ETHER_TYPE_IPv6);
323 memcpy(ðhdr->s_addr, ðaddr_tbl[port].src,
324 sizeof(struct ether_addr));
325 memcpy(ðhdr->d_addr, ðaddr_tbl[port].dst,
326 sizeof(struct ether_addr));
330 prepare_tx_burst(struct rte_mbuf *pkts[], uint16_t nb_pkts, uint16_t port)
333 const int32_t prefetch_offset = 2;
335 for (i = 0; i < (nb_pkts - prefetch_offset); i++) {
336 rte_mbuf_prefetch_part2(pkts[i + prefetch_offset]);
337 prepare_tx_pkt(pkts[i], port);
339 /* Process left packets */
340 for (; i < nb_pkts; i++)
341 prepare_tx_pkt(pkts[i], port);
344 /* Send burst of packets on an output interface */
345 static inline int32_t
346 send_burst(struct lcore_conf *qconf, uint16_t n, uint16_t port)
348 struct rte_mbuf **m_table;
352 queueid = qconf->tx_queue_id[port];
353 m_table = (struct rte_mbuf **)qconf->tx_mbufs[port].m_table;
355 prepare_tx_burst(m_table, n, port);
357 ret = rte_eth_tx_burst(port, queueid, m_table, n);
358 if (unlikely(ret < n)) {
360 rte_pktmbuf_free(m_table[ret]);
367 /* Enqueue a single packet, and send burst if queue is filled */
368 static inline int32_t
369 send_single_packet(struct rte_mbuf *m, uint16_t port)
373 struct lcore_conf *qconf;
375 lcore_id = rte_lcore_id();
377 qconf = &lcore_conf[lcore_id];
378 len = qconf->tx_mbufs[port].len;
379 qconf->tx_mbufs[port].m_table[len] = m;
382 /* enough pkts to be sent */
383 if (unlikely(len == MAX_PKT_BURST)) {
384 send_burst(qconf, MAX_PKT_BURST, port);
388 qconf->tx_mbufs[port].len = len;
393 inbound_sp_sa(struct sp_ctx *sp, struct sa_ctx *sa, struct traffic_type *ip,
397 uint32_t i, j, res, sa_idx;
399 if (ip->num == 0 || sp == NULL)
402 rte_acl_classify((struct rte_acl_ctx *)sp, ip->data, ip->res,
403 ip->num, DEFAULT_MAX_CATEGORIES);
406 for (i = 0; i < ip->num; i++) {
418 /* Only check SPI match for processed IPSec packets */
419 if (i < lim && ((m->ol_flags & PKT_RX_SEC_OFFLOAD) == 0)) {
424 sa_idx = ip->res[i] & PROTECT_MASK;
425 if (sa_idx == 0 || !inbound_sa_check(sa, m, sa_idx)) {
435 process_pkts_inbound(struct ipsec_ctx *ipsec_ctx,
436 struct ipsec_traffic *traffic)
439 uint16_t idx, nb_pkts_in, i, n_ip4, n_ip6;
441 nb_pkts_in = ipsec_inbound(ipsec_ctx, traffic->ipsec.pkts,
442 traffic->ipsec.num, MAX_PKT_BURST);
444 n_ip4 = traffic->ip4.num;
445 n_ip6 = traffic->ip6.num;
447 /* SP/ACL Inbound check ipsec and ip4 */
448 for (i = 0; i < nb_pkts_in; i++) {
449 m = traffic->ipsec.pkts[i];
450 struct ip *ip = rte_pktmbuf_mtod(m, struct ip *);
451 if (ip->ip_v == IPVERSION) {
452 idx = traffic->ip4.num++;
453 traffic->ip4.pkts[idx] = m;
454 traffic->ip4.data[idx] = rte_pktmbuf_mtod_offset(m,
455 uint8_t *, offsetof(struct ip, ip_p));
456 } else if (ip->ip_v == IP6_VERSION) {
457 idx = traffic->ip6.num++;
458 traffic->ip6.pkts[idx] = m;
459 traffic->ip6.data[idx] = rte_pktmbuf_mtod_offset(m,
461 offsetof(struct ip6_hdr, ip6_nxt));
466 inbound_sp_sa(ipsec_ctx->sp4_ctx, ipsec_ctx->sa_ctx, &traffic->ip4,
469 inbound_sp_sa(ipsec_ctx->sp6_ctx, ipsec_ctx->sa_ctx, &traffic->ip6,
474 outbound_sp(struct sp_ctx *sp, struct traffic_type *ip,
475 struct traffic_type *ipsec)
478 uint32_t i, j, sa_idx;
480 if (ip->num == 0 || sp == NULL)
483 rte_acl_classify((struct rte_acl_ctx *)sp, ip->data, ip->res,
484 ip->num, DEFAULT_MAX_CATEGORIES);
487 for (i = 0; i < ip->num; i++) {
489 sa_idx = ip->res[i] & PROTECT_MASK;
490 if ((ip->res[i] == 0) || (ip->res[i] & DISCARD))
492 else if (sa_idx != 0) {
493 ipsec->res[ipsec->num] = sa_idx;
494 ipsec->pkts[ipsec->num++] = m;
502 process_pkts_outbound(struct ipsec_ctx *ipsec_ctx,
503 struct ipsec_traffic *traffic)
506 uint16_t idx, nb_pkts_out, i;
508 /* Drop any IPsec traffic from protected ports */
509 for (i = 0; i < traffic->ipsec.num; i++)
510 rte_pktmbuf_free(traffic->ipsec.pkts[i]);
512 traffic->ipsec.num = 0;
514 outbound_sp(ipsec_ctx->sp4_ctx, &traffic->ip4, &traffic->ipsec);
516 outbound_sp(ipsec_ctx->sp6_ctx, &traffic->ip6, &traffic->ipsec);
518 nb_pkts_out = ipsec_outbound(ipsec_ctx, traffic->ipsec.pkts,
519 traffic->ipsec.res, traffic->ipsec.num,
522 for (i = 0; i < nb_pkts_out; i++) {
523 m = traffic->ipsec.pkts[i];
524 struct ip *ip = rte_pktmbuf_mtod(m, struct ip *);
525 if (ip->ip_v == IPVERSION) {
526 idx = traffic->ip4.num++;
527 traffic->ip4.pkts[idx] = m;
529 idx = traffic->ip6.num++;
530 traffic->ip6.pkts[idx] = m;
536 process_pkts_inbound_nosp(struct ipsec_ctx *ipsec_ctx,
537 struct ipsec_traffic *traffic)
540 uint32_t nb_pkts_in, i, idx;
542 /* Drop any IPv4 traffic from unprotected ports */
543 for (i = 0; i < traffic->ip4.num; i++)
544 rte_pktmbuf_free(traffic->ip4.pkts[i]);
546 traffic->ip4.num = 0;
548 /* Drop any IPv6 traffic from unprotected ports */
549 for (i = 0; i < traffic->ip6.num; i++)
550 rte_pktmbuf_free(traffic->ip6.pkts[i]);
552 traffic->ip6.num = 0;
554 nb_pkts_in = ipsec_inbound(ipsec_ctx, traffic->ipsec.pkts,
555 traffic->ipsec.num, MAX_PKT_BURST);
557 for (i = 0; i < nb_pkts_in; i++) {
558 m = traffic->ipsec.pkts[i];
559 struct ip *ip = rte_pktmbuf_mtod(m, struct ip *);
560 if (ip->ip_v == IPVERSION) {
561 idx = traffic->ip4.num++;
562 traffic->ip4.pkts[idx] = m;
564 idx = traffic->ip6.num++;
565 traffic->ip6.pkts[idx] = m;
571 process_pkts_outbound_nosp(struct ipsec_ctx *ipsec_ctx,
572 struct ipsec_traffic *traffic)
575 uint32_t nb_pkts_out, i;
578 /* Drop any IPsec traffic from protected ports */
579 for (i = 0; i < traffic->ipsec.num; i++)
580 rte_pktmbuf_free(traffic->ipsec.pkts[i]);
582 traffic->ipsec.num = 0;
584 for (i = 0; i < traffic->ip4.num; i++)
585 traffic->ip4.res[i] = single_sa_idx;
587 for (i = 0; i < traffic->ip6.num; i++)
588 traffic->ip6.res[i] = single_sa_idx;
590 nb_pkts_out = ipsec_outbound(ipsec_ctx, traffic->ip4.pkts,
591 traffic->ip4.res, traffic->ip4.num,
594 /* They all sue the same SA (ip4 or ip6 tunnel) */
595 m = traffic->ipsec.pkts[i];
596 ip = rte_pktmbuf_mtod(m, struct ip *);
597 if (ip->ip_v == IPVERSION)
598 traffic->ip4.num = nb_pkts_out;
600 traffic->ip6.num = nb_pkts_out;
603 static inline int32_t
604 get_hop_for_offload_pkt(struct rte_mbuf *pkt, int is_ipv6)
606 struct ipsec_mbuf_metadata *priv;
609 priv = get_priv(pkt);
612 if (unlikely(sa == NULL)) {
613 RTE_LOG(ERR, IPSEC, "SA not saved in private data\n");
621 return (sa->portid | RTE_LPM_LOOKUP_SUCCESS);
632 route4_pkts(struct rt_ctx *rt_ctx, struct rte_mbuf *pkts[], uint8_t nb_pkts)
634 uint32_t hop[MAX_PKT_BURST * 2];
635 uint32_t dst_ip[MAX_PKT_BURST * 2];
638 uint16_t lpm_pkts = 0;
643 /* Need to do an LPM lookup for non-inline packets. Inline packets will
644 * have port ID in the SA
647 for (i = 0; i < nb_pkts; i++) {
648 if (!(pkts[i]->ol_flags & PKT_TX_SEC_OFFLOAD)) {
649 /* Security offload not enabled. So an LPM lookup is
650 * required to get the hop
652 offset = offsetof(struct ip, ip_dst);
653 dst_ip[lpm_pkts] = *rte_pktmbuf_mtod_offset(pkts[i],
655 dst_ip[lpm_pkts] = rte_be_to_cpu_32(dst_ip[lpm_pkts]);
660 rte_lpm_lookup_bulk((struct rte_lpm *)rt_ctx, dst_ip, hop, lpm_pkts);
664 for (i = 0; i < nb_pkts; i++) {
665 if (pkts[i]->ol_flags & PKT_TX_SEC_OFFLOAD) {
666 /* Read hop from the SA */
667 pkt_hop = get_hop_for_offload_pkt(pkts[i], 0);
669 /* Need to use hop returned by lookup */
670 pkt_hop = hop[lpm_pkts++];
673 if ((pkt_hop & RTE_LPM_LOOKUP_SUCCESS) == 0) {
674 rte_pktmbuf_free(pkts[i]);
677 send_single_packet(pkts[i], pkt_hop & 0xff);
682 route6_pkts(struct rt_ctx *rt_ctx, struct rte_mbuf *pkts[], uint8_t nb_pkts)
684 int32_t hop[MAX_PKT_BURST * 2];
685 uint8_t dst_ip[MAX_PKT_BURST * 2][16];
689 uint16_t lpm_pkts = 0;
694 /* Need to do an LPM lookup for non-inline packets. Inline packets will
695 * have port ID in the SA
698 for (i = 0; i < nb_pkts; i++) {
699 if (!(pkts[i]->ol_flags & PKT_TX_SEC_OFFLOAD)) {
700 /* Security offload not enabled. So an LPM lookup is
701 * required to get the hop
703 offset = offsetof(struct ip6_hdr, ip6_dst);
704 ip6_dst = rte_pktmbuf_mtod_offset(pkts[i], uint8_t *,
706 memcpy(&dst_ip[lpm_pkts][0], ip6_dst, 16);
711 rte_lpm6_lookup_bulk_func((struct rte_lpm6 *)rt_ctx, dst_ip, hop,
716 for (i = 0; i < nb_pkts; i++) {
717 if (pkts[i]->ol_flags & PKT_TX_SEC_OFFLOAD) {
718 /* Read hop from the SA */
719 pkt_hop = get_hop_for_offload_pkt(pkts[i], 1);
721 /* Need to use hop returned by lookup */
722 pkt_hop = hop[lpm_pkts++];
726 rte_pktmbuf_free(pkts[i]);
729 send_single_packet(pkts[i], pkt_hop & 0xff);
734 process_pkts(struct lcore_conf *qconf, struct rte_mbuf **pkts,
735 uint8_t nb_pkts, uint16_t portid)
737 struct ipsec_traffic traffic;
739 prepare_traffic(pkts, &traffic, nb_pkts);
741 if (unlikely(single_sa)) {
742 if (UNPROTECTED_PORT(portid))
743 process_pkts_inbound_nosp(&qconf->inbound, &traffic);
745 process_pkts_outbound_nosp(&qconf->outbound, &traffic);
747 if (UNPROTECTED_PORT(portid))
748 process_pkts_inbound(&qconf->inbound, &traffic);
750 process_pkts_outbound(&qconf->outbound, &traffic);
753 route4_pkts(qconf->rt4_ctx, traffic.ip4.pkts, traffic.ip4.num);
754 route6_pkts(qconf->rt6_ctx, traffic.ip6.pkts, traffic.ip6.num);
758 drain_buffers(struct lcore_conf *qconf)
763 for (portid = 0; portid < RTE_MAX_ETHPORTS; portid++) {
764 buf = &qconf->tx_mbufs[portid];
767 send_burst(qconf, buf->len, portid);
772 /* main processing loop */
774 main_loop(__attribute__((unused)) void *dummy)
776 struct rte_mbuf *pkts[MAX_PKT_BURST];
778 uint64_t prev_tsc, diff_tsc, cur_tsc;
782 struct lcore_conf *qconf;
784 const uint64_t drain_tsc = (rte_get_tsc_hz() + US_PER_S - 1)
785 / US_PER_S * BURST_TX_DRAIN_US;
786 struct lcore_rx_queue *rxql;
789 lcore_id = rte_lcore_id();
790 qconf = &lcore_conf[lcore_id];
791 rxql = qconf->rx_queue_list;
792 socket_id = rte_lcore_to_socket_id(lcore_id);
794 qconf->rt4_ctx = socket_ctx[socket_id].rt_ip4;
795 qconf->rt6_ctx = socket_ctx[socket_id].rt_ip6;
796 qconf->inbound.sp4_ctx = socket_ctx[socket_id].sp_ip4_in;
797 qconf->inbound.sp6_ctx = socket_ctx[socket_id].sp_ip6_in;
798 qconf->inbound.sa_ctx = socket_ctx[socket_id].sa_in;
799 qconf->inbound.cdev_map = cdev_map_in;
800 qconf->inbound.session_pool = socket_ctx[socket_id].session_pool;
801 qconf->outbound.sp4_ctx = socket_ctx[socket_id].sp_ip4_out;
802 qconf->outbound.sp6_ctx = socket_ctx[socket_id].sp_ip6_out;
803 qconf->outbound.sa_ctx = socket_ctx[socket_id].sa_out;
804 qconf->outbound.cdev_map = cdev_map_out;
805 qconf->outbound.session_pool = socket_ctx[socket_id].session_pool;
807 if (qconf->nb_rx_queue == 0) {
808 RTE_LOG(INFO, IPSEC, "lcore %u has nothing to do\n", lcore_id);
812 RTE_LOG(INFO, IPSEC, "entering main loop on lcore %u\n", lcore_id);
814 for (i = 0; i < qconf->nb_rx_queue; i++) {
815 portid = rxql[i].port_id;
816 queueid = rxql[i].queue_id;
818 " -- lcoreid=%u portid=%u rxqueueid=%hhu\n",
819 lcore_id, portid, queueid);
823 cur_tsc = rte_rdtsc();
825 /* TX queue buffer drain */
826 diff_tsc = cur_tsc - prev_tsc;
828 if (unlikely(diff_tsc > drain_tsc)) {
829 drain_buffers(qconf);
833 /* Read packet from RX queues */
834 for (i = 0; i < qconf->nb_rx_queue; ++i) {
835 portid = rxql[i].port_id;
836 queueid = rxql[i].queue_id;
837 nb_rx = rte_eth_rx_burst(portid, queueid,
838 pkts, MAX_PKT_BURST);
841 process_pkts(qconf, pkts, nb_rx, portid);
850 uint16_t portid, nb_ports;
854 if (lcore_params == NULL) {
855 printf("Error: No port/queue/core mappings\n");
859 nb_ports = rte_eth_dev_count();
861 for (i = 0; i < nb_lcore_params; ++i) {
862 lcore = lcore_params[i].lcore_id;
863 if (!rte_lcore_is_enabled(lcore)) {
864 printf("error: lcore %hhu is not enabled in "
865 "lcore mask\n", lcore);
868 socket_id = rte_lcore_to_socket_id(lcore);
869 if (socket_id != 0 && numa_on == 0) {
870 printf("warning: lcore %hhu is on socket %d "
874 portid = lcore_params[i].port_id;
875 if ((enabled_port_mask & (1 << portid)) == 0) {
876 printf("port %u is not enabled in port mask\n", portid);
879 if (portid >= nb_ports) {
880 printf("port %u is not present on the board\n", portid);
888 get_port_nb_rx_queues(const uint16_t port)
893 for (i = 0; i < nb_lcore_params; ++i) {
894 if (lcore_params[i].port_id == port &&
895 lcore_params[i].queue_id > queue)
896 queue = lcore_params[i].queue_id;
898 return (uint8_t)(++queue);
902 init_lcore_rx_queues(void)
904 uint16_t i, nb_rx_queue;
907 for (i = 0; i < nb_lcore_params; ++i) {
908 lcore = lcore_params[i].lcore_id;
909 nb_rx_queue = lcore_conf[lcore].nb_rx_queue;
910 if (nb_rx_queue >= MAX_RX_QUEUE_PER_LCORE) {
911 printf("error: too many queues (%u) for lcore: %u\n",
912 nb_rx_queue + 1, lcore);
915 lcore_conf[lcore].rx_queue_list[nb_rx_queue].port_id =
916 lcore_params[i].port_id;
917 lcore_conf[lcore].rx_queue_list[nb_rx_queue].queue_id =
918 lcore_params[i].queue_id;
919 lcore_conf[lcore].nb_rx_queue++;
926 print_usage(const char *prgname)
928 printf("%s [EAL options] -- -p PORTMASK -P -u PORTMASK"
929 " --"OPTION_CONFIG" (port,queue,lcore)[,(port,queue,lcore]"
930 " --single-sa SAIDX -f CONFIG_FILE\n"
931 " -p PORTMASK: hexadecimal bitmask of ports to configure\n"
932 " -P : enable promiscuous mode\n"
933 " -u PORTMASK: hexadecimal bitmask of unprotected ports\n"
934 " -j FRAMESIZE: jumbo frame maximum size\n"
935 " --"OPTION_CONFIG": (port,queue,lcore): "
936 "rx queues configuration\n"
937 " --single-sa SAIDX: use single SA index for outbound, "
939 " --cryptodev_mask MASK: hexadecimal bitmask of the "
940 "crypto devices to configure\n"
941 " -f CONFIG_FILE: Configuration file path\n",
946 parse_portmask(const char *portmask)
951 /* parse hexadecimal string */
952 pm = strtoul(portmask, &end, 16);
953 if ((portmask[0] == '\0') || (end == NULL) || (*end != '\0'))
956 if ((pm == 0) && errno)
963 parse_decimal(const char *str)
968 num = strtoul(str, &end, 10);
969 if ((str[0] == '\0') || (end == NULL) || (*end != '\0'))
976 parse_config(const char *q_arg)
979 const char *p, *p0 = q_arg;
987 unsigned long int_fld[_NUM_FLD];
988 char *str_fld[_NUM_FLD];
994 while ((p = strchr(p0, '(')) != NULL) {
1001 if (size >= sizeof(s))
1004 snprintf(s, sizeof(s), "%.*s", size, p);
1005 if (rte_strsplit(s, sizeof(s), str_fld, _NUM_FLD, ',') !=
1008 for (i = 0; i < _NUM_FLD; i++) {
1010 int_fld[i] = strtoul(str_fld[i], &end, 0);
1011 if (errno != 0 || end == str_fld[i] || int_fld[i] > 255)
1014 if (nb_lcore_params >= MAX_LCORE_PARAMS) {
1015 printf("exceeded max number of lcore params: %hu\n",
1019 lcore_params_array[nb_lcore_params].port_id =
1020 (uint8_t)int_fld[FLD_PORT];
1021 lcore_params_array[nb_lcore_params].queue_id =
1022 (uint8_t)int_fld[FLD_QUEUE];
1023 lcore_params_array[nb_lcore_params].lcore_id =
1024 (uint8_t)int_fld[FLD_LCORE];
1027 lcore_params = lcore_params_array;
1031 #define __STRNCMP(name, opt) (!strncmp(name, opt, sizeof(opt)))
1033 parse_args_long_options(struct option *lgopts, int32_t option_index)
1036 const char *optname = lgopts[option_index].name;
1038 if (__STRNCMP(optname, OPTION_CONFIG)) {
1039 ret = parse_config(optarg);
1041 printf("invalid config\n");
1044 if (__STRNCMP(optname, OPTION_SINGLE_SA)) {
1045 ret = parse_decimal(optarg);
1048 single_sa_idx = ret;
1049 printf("Configured with single SA index %u\n",
1055 if (__STRNCMP(optname, OPTION_CRYPTODEV_MASK)) {
1056 ret = parse_portmask(optarg);
1058 enabled_cryptodev_mask = ret;
1068 parse_args(int32_t argc, char **argv)
1072 int32_t option_index;
1073 char *prgname = argv[0];
1074 static struct option lgopts[] = {
1075 {OPTION_CONFIG, 1, 0, 0},
1076 {OPTION_SINGLE_SA, 1, 0, 0},
1077 {OPTION_CRYPTODEV_MASK, 1, 0, 0},
1080 int32_t f_present = 0;
1084 while ((opt = getopt_long(argc, argvopt, "p:Pu:f:j:",
1085 lgopts, &option_index)) != EOF) {
1089 enabled_port_mask = parse_portmask(optarg);
1090 if (enabled_port_mask == 0) {
1091 printf("invalid portmask\n");
1092 print_usage(prgname);
1097 printf("Promiscuous mode selected\n");
1101 unprotected_port_mask = parse_portmask(optarg);
1102 if (unprotected_port_mask == 0) {
1103 printf("invalid unprotected portmask\n");
1104 print_usage(prgname);
1109 if (f_present == 1) {
1110 printf("\"-f\" option present more than "
1112 print_usage(prgname);
1115 if (parse_cfg_file(optarg) < 0) {
1116 printf("parsing file \"%s\" failed\n",
1118 print_usage(prgname);
1125 int32_t size = parse_decimal(optarg);
1127 printf("Invalid jumbo frame size\n");
1129 print_usage(prgname);
1132 printf("Using default value 9000\n");
1138 printf("Enabled jumbo frames size %u\n", frame_size);
1141 if (parse_args_long_options(lgopts, option_index)) {
1142 print_usage(prgname);
1147 print_usage(prgname);
1152 if (f_present == 0) {
1153 printf("Mandatory option \"-f\" not present\n");
1158 argv[optind-1] = prgname;
1161 optind = 1; /* reset getopt lib */
1166 print_ethaddr(const char *name, const struct ether_addr *eth_addr)
1168 char buf[ETHER_ADDR_FMT_SIZE];
1169 ether_format_addr(buf, ETHER_ADDR_FMT_SIZE, eth_addr);
1170 printf("%s%s", name, buf);
1173 /* Check the link status of all ports in up to 9s, and print them finally */
1175 check_all_ports_link_status(uint16_t port_num, uint32_t port_mask)
1177 #define CHECK_INTERVAL 100 /* 100ms */
1178 #define MAX_CHECK_TIME 90 /* 9s (90 * 100ms) in total */
1180 uint8_t count, all_ports_up, print_flag = 0;
1181 struct rte_eth_link link;
1183 printf("\nChecking link status");
1185 for (count = 0; count <= MAX_CHECK_TIME; count++) {
1187 for (portid = 0; portid < port_num; portid++) {
1188 if ((port_mask & (1 << portid)) == 0)
1190 memset(&link, 0, sizeof(link));
1191 rte_eth_link_get_nowait(portid, &link);
1192 /* print link status if flag set */
1193 if (print_flag == 1) {
1194 if (link.link_status)
1196 "Port%d Link Up - speed %u Mbps -%s\n",
1197 portid, link.link_speed,
1198 (link.link_duplex == ETH_LINK_FULL_DUPLEX) ?
1199 ("full-duplex") : ("half-duplex\n"));
1201 printf("Port %d Link Down\n", portid);
1204 /* clear all_ports_up flag if any link down */
1205 if (link.link_status == ETH_LINK_DOWN) {
1210 /* after finally printing all link status, get out */
1211 if (print_flag == 1)
1214 if (all_ports_up == 0) {
1217 rte_delay_ms(CHECK_INTERVAL);
1220 /* set the print_flag if all ports up or timeout */
1221 if (all_ports_up == 1 || count == (MAX_CHECK_TIME - 1)) {
1229 add_mapping(struct rte_hash *map, const char *str, uint16_t cdev_id,
1230 uint16_t qp, struct lcore_params *params,
1231 struct ipsec_ctx *ipsec_ctx,
1232 const struct rte_cryptodev_capabilities *cipher,
1233 const struct rte_cryptodev_capabilities *auth,
1234 const struct rte_cryptodev_capabilities *aead)
1238 struct cdev_key key = { 0 };
1240 key.lcore_id = params->lcore_id;
1242 key.cipher_algo = cipher->sym.cipher.algo;
1244 key.auth_algo = auth->sym.auth.algo;
1246 key.aead_algo = aead->sym.aead.algo;
1248 ret = rte_hash_lookup(map, &key);
1252 for (i = 0; i < ipsec_ctx->nb_qps; i++)
1253 if (ipsec_ctx->tbl[i].id == cdev_id)
1256 if (i == ipsec_ctx->nb_qps) {
1257 if (ipsec_ctx->nb_qps == MAX_QP_PER_LCORE) {
1258 printf("Maximum number of crypto devices assigned to "
1259 "a core, increase MAX_QP_PER_LCORE value\n");
1262 ipsec_ctx->tbl[i].id = cdev_id;
1263 ipsec_ctx->tbl[i].qp = qp;
1264 ipsec_ctx->nb_qps++;
1265 printf("%s cdev mapping: lcore %u using cdev %u qp %u "
1266 "(cdev_id_qp %lu)\n", str, key.lcore_id,
1270 ret = rte_hash_add_key_data(map, &key, (void *)i);
1272 printf("Faled to insert cdev mapping for (lcore %u, "
1273 "cdev %u, qp %u), errno %d\n",
1274 key.lcore_id, ipsec_ctx->tbl[i].id,
1275 ipsec_ctx->tbl[i].qp, ret);
1283 add_cdev_mapping(struct rte_cryptodev_info *dev_info, uint16_t cdev_id,
1284 uint16_t qp, struct lcore_params *params)
1287 const struct rte_cryptodev_capabilities *i, *j;
1288 struct rte_hash *map;
1289 struct lcore_conf *qconf;
1290 struct ipsec_ctx *ipsec_ctx;
1293 qconf = &lcore_conf[params->lcore_id];
1295 if ((unprotected_port_mask & (1 << params->port_id)) == 0) {
1297 ipsec_ctx = &qconf->outbound;
1301 ipsec_ctx = &qconf->inbound;
1305 /* Required cryptodevs with operation chainning */
1306 if (!(dev_info->feature_flags &
1307 RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING))
1310 for (i = dev_info->capabilities;
1311 i->op != RTE_CRYPTO_OP_TYPE_UNDEFINED; i++) {
1312 if (i->op != RTE_CRYPTO_OP_TYPE_SYMMETRIC)
1315 if (i->sym.xform_type == RTE_CRYPTO_SYM_XFORM_AEAD) {
1316 ret |= add_mapping(map, str, cdev_id, qp, params,
1317 ipsec_ctx, NULL, NULL, i);
1321 if (i->sym.xform_type != RTE_CRYPTO_SYM_XFORM_CIPHER)
1324 for (j = dev_info->capabilities;
1325 j->op != RTE_CRYPTO_OP_TYPE_UNDEFINED; j++) {
1326 if (j->op != RTE_CRYPTO_OP_TYPE_SYMMETRIC)
1329 if (j->sym.xform_type != RTE_CRYPTO_SYM_XFORM_AUTH)
1332 ret |= add_mapping(map, str, cdev_id, qp, params,
1333 ipsec_ctx, i, j, NULL);
1340 /* Check if the device is enabled by cryptodev_mask */
1342 check_cryptodev_mask(uint8_t cdev_id)
1344 if (enabled_cryptodev_mask & (1 << cdev_id))
1351 cryptodevs_init(void)
1353 struct rte_cryptodev_config dev_conf;
1354 struct rte_cryptodev_qp_conf qp_conf;
1355 uint16_t idx, max_nb_qps, qp, i;
1357 struct rte_hash_parameters params = { 0 };
1359 params.entries = CDEV_MAP_ENTRIES;
1360 params.key_len = sizeof(struct cdev_key);
1361 params.hash_func = rte_jhash;
1362 params.hash_func_init_val = 0;
1363 params.socket_id = rte_socket_id();
1365 params.name = "cdev_map_in";
1366 cdev_map_in = rte_hash_create(¶ms);
1367 if (cdev_map_in == NULL)
1368 rte_panic("Failed to create cdev_map hash table, errno = %d\n",
1371 params.name = "cdev_map_out";
1372 cdev_map_out = rte_hash_create(¶ms);
1373 if (cdev_map_out == NULL)
1374 rte_panic("Failed to create cdev_map hash table, errno = %d\n",
1377 printf("lcore/cryptodev/qp mappings:\n");
1379 uint32_t max_sess_sz = 0, sess_sz;
1380 for (cdev_id = 0; cdev_id < rte_cryptodev_count(); cdev_id++) {
1381 sess_sz = rte_cryptodev_get_private_session_size(cdev_id);
1382 if (sess_sz > max_sess_sz)
1383 max_sess_sz = sess_sz;
1387 for (cdev_id = 0; cdev_id < rte_cryptodev_count(); cdev_id++) {
1388 struct rte_cryptodev_info cdev_info;
1390 if (check_cryptodev_mask((uint8_t)cdev_id))
1393 rte_cryptodev_info_get(cdev_id, &cdev_info);
1395 if (nb_lcore_params > cdev_info.max_nb_queue_pairs)
1396 max_nb_qps = cdev_info.max_nb_queue_pairs;
1398 max_nb_qps = nb_lcore_params;
1402 while (qp < max_nb_qps && i < nb_lcore_params) {
1403 if (add_cdev_mapping(&cdev_info, cdev_id, qp,
1404 &lcore_params[idx]))
1407 idx = idx % nb_lcore_params;
1414 dev_conf.socket_id = rte_cryptodev_socket_id(cdev_id);
1415 dev_conf.nb_queue_pairs = qp;
1417 if (!socket_ctx[dev_conf.socket_id].session_pool) {
1418 char mp_name[RTE_MEMPOOL_NAMESIZE];
1419 struct rte_mempool *sess_mp;
1421 snprintf(mp_name, RTE_MEMPOOL_NAMESIZE,
1422 "sess_mp_%u", dev_conf.socket_id);
1423 sess_mp = rte_mempool_create(mp_name,
1427 0, NULL, NULL, NULL,
1428 NULL, dev_conf.socket_id,
1430 if (sess_mp == NULL)
1431 rte_exit(EXIT_FAILURE,
1432 "Cannot create session pool on socket %d\n",
1433 dev_conf.socket_id);
1435 printf("Allocated session pool on socket %d\n",
1436 dev_conf.socket_id);
1437 socket_ctx[dev_conf.socket_id].session_pool = sess_mp;
1440 if (rte_cryptodev_configure(cdev_id, &dev_conf))
1441 rte_panic("Failed to initialize cryptodev %u\n",
1444 qp_conf.nb_descriptors = CDEV_QUEUE_DESC;
1445 for (qp = 0; qp < dev_conf.nb_queue_pairs; qp++)
1446 if (rte_cryptodev_queue_pair_setup(cdev_id, qp,
1447 &qp_conf, dev_conf.socket_id,
1448 socket_ctx[dev_conf.socket_id].session_pool))
1449 rte_panic("Failed to setup queue %u for "
1450 "cdev_id %u\n", 0, cdev_id);
1452 if (rte_cryptodev_start(cdev_id))
1453 rte_panic("Failed to start cryptodev %u\n",
1463 port_init(uint16_t portid)
1465 struct rte_eth_dev_info dev_info;
1466 struct rte_eth_txconf *txconf;
1467 uint16_t nb_tx_queue, nb_rx_queue;
1468 uint16_t tx_queueid, rx_queueid, queue, lcore_id;
1469 int32_t ret, socket_id;
1470 struct lcore_conf *qconf;
1471 struct ether_addr ethaddr;
1472 struct rte_eth_conf local_port_conf = port_conf;
1474 rte_eth_dev_info_get(portid, &dev_info);
1476 printf("Configuring device port %u:\n", portid);
1478 rte_eth_macaddr_get(portid, ðaddr);
1479 ethaddr_tbl[portid].src = ETHADDR_TO_UINT64(ethaddr);
1480 print_ethaddr("Address: ", ðaddr);
1483 nb_rx_queue = get_port_nb_rx_queues(portid);
1484 nb_tx_queue = nb_lcores;
1486 if (nb_rx_queue > dev_info.max_rx_queues)
1487 rte_exit(EXIT_FAILURE, "Error: queue %u not available "
1488 "(max rx queue is %u)\n",
1489 nb_rx_queue, dev_info.max_rx_queues);
1491 if (nb_tx_queue > dev_info.max_tx_queues)
1492 rte_exit(EXIT_FAILURE, "Error: queue %u not available "
1493 "(max tx queue is %u)\n",
1494 nb_tx_queue, dev_info.max_tx_queues);
1496 printf("Creating queues: nb_rx_queue=%d nb_tx_queue=%u...\n",
1497 nb_rx_queue, nb_tx_queue);
1500 local_port_conf.rxmode.max_rx_pkt_len = frame_size;
1501 local_port_conf.rxmode.offloads |= DEV_RX_OFFLOAD_JUMBO_FRAME;
1504 if (dev_info.rx_offload_capa & DEV_RX_OFFLOAD_SECURITY)
1505 local_port_conf.rxmode.offloads |= DEV_RX_OFFLOAD_SECURITY;
1506 if (dev_info.tx_offload_capa & DEV_TX_OFFLOAD_SECURITY)
1507 local_port_conf.txmode.offloads |= DEV_TX_OFFLOAD_SECURITY;
1508 if (dev_info.tx_offload_capa & DEV_TX_OFFLOAD_MBUF_FAST_FREE)
1509 local_port_conf.txmode.offloads |=
1510 DEV_TX_OFFLOAD_MBUF_FAST_FREE;
1511 ret = rte_eth_dev_configure(portid, nb_rx_queue, nb_tx_queue,
1514 rte_exit(EXIT_FAILURE, "Cannot configure device: "
1515 "err=%d, port=%d\n", ret, portid);
1517 ret = rte_eth_dev_adjust_nb_rx_tx_desc(portid, &nb_rxd, &nb_txd);
1519 rte_exit(EXIT_FAILURE, "Cannot adjust number of descriptors: "
1520 "err=%d, port=%d\n", ret, portid);
1522 /* init one TX queue per lcore */
1524 for (lcore_id = 0; lcore_id < RTE_MAX_LCORE; lcore_id++) {
1525 if (rte_lcore_is_enabled(lcore_id) == 0)
1529 socket_id = (uint8_t)rte_lcore_to_socket_id(lcore_id);
1534 printf("Setup txq=%u,%d,%d\n", lcore_id, tx_queueid, socket_id);
1536 txconf = &dev_info.default_txconf;
1537 txconf->txq_flags = ETH_TXQ_FLAGS_IGNORE;
1538 txconf->offloads = local_port_conf.txmode.offloads;
1540 ret = rte_eth_tx_queue_setup(portid, tx_queueid, nb_txd,
1543 rte_exit(EXIT_FAILURE, "rte_eth_tx_queue_setup: "
1544 "err=%d, port=%d\n", ret, portid);
1546 qconf = &lcore_conf[lcore_id];
1547 qconf->tx_queue_id[portid] = tx_queueid;
1550 /* init RX queues */
1551 for (queue = 0; queue < qconf->nb_rx_queue; ++queue) {
1552 struct rte_eth_rxconf rxq_conf;
1554 if (portid != qconf->rx_queue_list[queue].port_id)
1557 rx_queueid = qconf->rx_queue_list[queue].queue_id;
1559 printf("Setup rxq=%d,%d,%d\n", portid, rx_queueid,
1562 rxq_conf = dev_info.default_rxconf;
1563 rxq_conf.offloads = local_port_conf.rxmode.offloads;
1564 ret = rte_eth_rx_queue_setup(portid, rx_queueid,
1565 nb_rxd, socket_id, &rxq_conf,
1566 socket_ctx[socket_id].mbuf_pool);
1568 rte_exit(EXIT_FAILURE,
1569 "rte_eth_rx_queue_setup: err=%d, "
1570 "port=%d\n", ret, portid);
1577 pool_init(struct socket_ctx *ctx, int32_t socket_id, uint32_t nb_mbuf)
1580 uint32_t buff_size = frame_size ? (frame_size + RTE_PKTMBUF_HEADROOM) :
1581 RTE_MBUF_DEFAULT_BUF_SIZE;
1584 snprintf(s, sizeof(s), "mbuf_pool_%d", socket_id);
1585 ctx->mbuf_pool = rte_pktmbuf_pool_create(s, nb_mbuf,
1586 MEMPOOL_CACHE_SIZE, ipsec_metadata_size(),
1589 if (ctx->mbuf_pool == NULL)
1590 rte_exit(EXIT_FAILURE, "Cannot init mbuf pool on socket %d\n",
1593 printf("Allocated mbuf pool on socket %d\n", socket_id);
1597 main(int32_t argc, char **argv)
1602 uint16_t portid, nb_ports;
1605 ret = rte_eal_init(argc, argv);
1607 rte_exit(EXIT_FAILURE, "Invalid EAL parameters\n");
1611 /* parse application arguments (after the EAL ones) */
1612 ret = parse_args(argc, argv);
1614 rte_exit(EXIT_FAILURE, "Invalid parameters\n");
1616 if ((unprotected_port_mask & enabled_port_mask) !=
1617 unprotected_port_mask)
1618 rte_exit(EXIT_FAILURE, "Invalid unprotected portmask 0x%x\n",
1619 unprotected_port_mask);
1621 nb_ports = rte_eth_dev_count();
1623 if (check_params() < 0)
1624 rte_exit(EXIT_FAILURE, "check_params failed\n");
1626 ret = init_lcore_rx_queues();
1628 rte_exit(EXIT_FAILURE, "init_lcore_rx_queues failed\n");
1630 nb_lcores = rte_lcore_count();
1632 /* Replicate each context per socket */
1633 for (lcore_id = 0; lcore_id < RTE_MAX_LCORE; lcore_id++) {
1634 if (rte_lcore_is_enabled(lcore_id) == 0)
1638 socket_id = (uint8_t)rte_lcore_to_socket_id(lcore_id);
1642 if (socket_ctx[socket_id].mbuf_pool)
1645 sa_init(&socket_ctx[socket_id], socket_id);
1647 sp4_init(&socket_ctx[socket_id], socket_id);
1649 sp6_init(&socket_ctx[socket_id], socket_id);
1651 rt_init(&socket_ctx[socket_id], socket_id);
1653 pool_init(&socket_ctx[socket_id], socket_id, NB_MBUF);
1656 for (portid = 0; portid < nb_ports; portid++) {
1657 if ((enabled_port_mask & (1 << portid)) == 0)
1666 for (portid = 0; portid < nb_ports; portid++) {
1667 if ((enabled_port_mask & (1 << portid)) == 0)
1671 ret = rte_eth_dev_start(portid);
1673 rte_exit(EXIT_FAILURE, "rte_eth_dev_start: "
1674 "err=%d, port=%d\n", ret, portid);
1676 * If enabled, put device in promiscuous mode.
1677 * This allows IO forwarding mode to forward packets
1678 * to itself through 2 cross-connected ports of the
1682 rte_eth_promiscuous_enable(portid);
1685 check_all_ports_link_status(nb_ports, enabled_port_mask);
1687 /* launch per-lcore init on every lcore */
1688 rte_eal_mp_remote_launch(main_loop, NULL, CALL_MASTER);
1689 RTE_LCORE_FOREACH_SLAVE(lcore_id) {
1690 if (rte_eal_wait_lcore(lcore_id) < 0)
git.droids-corp.org / dpdk.git / blob