Thanks Ting

I will submit ver 2 that uses EfiCreateProtocolNotifyEvent()




-----Original Message-----
From: Ye, Ting [***@intel.com]
Received: Wednesday, 01 Jul 2015, 8:42PM
To: edk2-***@lists.sourceforge.net [edk2-***@lists.sourceforge.net]
Subject: Re: [edk2] [PATCH] NetworkPkg: Locate IpSec protocol on IP4/IP6 packet processing only if it is installed

Hi Samer,

I think you are right. Previously I think we normally keep driver’s entry point simple and add more logic to driver binding start(). I agree that this is a case we’d better put into driver’s entry point to avoid each NIC to check whether IPsec protocol available redundantly.

Best Regards,
Ting

From: El-Haj-Mahmoud, Samer [mailto:samer.el-haj-***@hp.com]
Sent: Thursday, July 02, 2015 2:08 AM
To: edk2-***@lists.sourceforge.net
Subject: Re: [edk2] [PATCH] NetworkPkg: Locate IpSec protocol on IP4/IP6 packet processing only if it is installed

Ting,

What is the reason for wanting the registration moved from the IP driver’s entry point to DriverBindingStart()? The EfiIpSec2Protocol is installed in the IpSecDxe driver’s entry point, so why wait until DriverBinding to register? The IP driver’s notify function will get called anytime the IPSEC protocol is installed, which is in the IPSEC driver’s entry point. It doesn’t matter if the registration call is in the IP driver entry routine, or its DriverBinding.

The problem with having the registration in DriverBinding() is the registration will end up being called for each NIC/controller that the IP driver is attempting to bind to – so we have multiple registrations which are redundant. The IPSEC protocol is installed by the IPSEC driver in its entry point, and we do not need every IP service binding instance to know about the IPSEC protocol availability. This is just a global in the IP driver that apply to all service instances, and they only need to LocateProtocol for IPSEC once and use it during TX and RX for their respective service instances.

Thanks,
--Samer


From: El-Haj-Mahmoud, Samer
Sent: Sunday, June 28, 2015 8:44 PM
To: edk2-***@lists.sourceforge.net
Subject: RE: [edk2] [PATCH] NetworkPkg: Locate IpSec protocol on IP4/IP6 packet processing only if it is installed

Thanks Ting. I will make the changes and resubmit the patch.



-----Original Message-----
From: Ye, Ting [***@intel.com]
Received: Sunday, 28 Jun 2015, 8:24PM
To: edk2-***@lists.sourceforge.net<mailto:edk2-***@lists.sourceforge.net> [edk2-***@lists.sourceforge.net]
Subject: Re: [edk2] [PATCH] NetworkPkg: Locate IpSec protocol on IP4/IP6 packet processing only if it is installed
Hi Samer,

There is an API EfiCreateProtocolNotifyEvent() defined in UefiLib, so I don't think adding RegisterIpSec2ProtocolNotify() is needed. Besides that, I prefer to move the registration of protocol notify from driver entry point to driverbindingstart(). What do you think?

Best Regards,
Ting

-----Original Message-----
From: El-Haj-Mahmoud, Samer [mailto:samer.el-haj-***@hp.com]
Sent: Monday, June 29, 2015 12:41 AM
To: edk2-***@lists.sourceforge.net<mailto:edk2-***@lists.sourceforge.net>
Subject: [edk2] [PATCH] NetworkPkg: Locate IpSec protocol on IP4/IP6 packet processing only if it is installed

Modified the logic in Ip4Dxe and Ip6Dxe to not locate EFI_IPSEC2_PROTOCOL on each message transmit/receive. Instead, register a callback in the drivers entry points on the IpSec protocol installation, and process only if the protocol is installed. This speeds up the network stacks when IpSec is not installed since there is a penalty associated with searching the entire handle database on each packet processing.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Samer El-Haj-Mahmoud <samer.el-haj-***@hp.com<mailto:samer.el-haj-***@hp.com>>
---
MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c | 70 ++++++++++++++++++++++
MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.h | 4 ++
MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Input.c | 6 ++
NetworkPkg/Ip6Dxe/Ip6Driver.c | 73 +++++++++++++++++++++++
NetworkPkg/Ip6Dxe/Ip6Impl.h | 3 +
NetworkPkg/Ip6Dxe/Ip6Input.c | 6 ++
6 files changed, 162 insertions(+)

diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c
index 4944113..ee39820 100644
--- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c
+++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Driver.c
@@ -1,6 +1,7 @@
/** @file
The driver binding and service binding protocol for IP4 driver.

+(C) Copyright 2014 - 2015 Hewlett-Packard Development Company, L.P.<BR>
Copyright (c) 2005 - 2014, Intel Corporation. All rights reserved.<BR> This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -23,6 +24,72 @@ EFI_DRIVER_BINDING_PROTOCOL gIp4DriverBinding = {
NULL
};

+BOOLEAN mIpSec2Installed = FALSE;
+
+/**
+ Callback function for IpSec2 Protocol install.
+
+ @param[in] Event Event whose notification function is being invoked
+ @param[in] Context Pointer to the notification function's context
+
+**/
+VOID
+EFIAPI
+IpSec2InstalledCallback (
+ IN EFI_EVENT Event,
+ IN VOID *Context
+ )
+{
+ //
+ // Close the event so it does not get called again.
+ //
+ gBS->CloseEvent (Event);
+
+ mIpSec2Installed = TRUE;
+}
+
+/**
+ Register the Notification callback function for IpSec2 Protocol install.
+
+ @retval EFI_SUCCESS Successfully registered the callback function.
+ @retval other Registration was not successful.
+**/
+EFI_STATUS
+EFIAPI
+RegisterIpSec2ProtocolNotify (
+ VOID
+ )
+{
+ EFI_STATUS Status;
+ EFI_EVENT Event;
+ VOID *Registration;
+
+ //
+ // New event, to register for IpSec2 Protocol installation.
+ //
+ Status = gBS->CreateEvent (
+ EVT_NOTIFY_SIGNAL,
+ TPL_CALLBACK,
+ IpSec2InstalledCallback,
+ NULL,
+ &Event
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "RegisterIpSec2ProtocolNotify: CreateEvent
+ returned error %r\n", Status)); } else {
+ Status = gBS->RegisterProtocolNotify (
+ &gEfiIpSec2ProtocolGuid,
+ Event,
+ &Registration
+ );
+ if (EFI_ERROR (Status)) {
+ gBS->CloseEvent (Event);
+ }
+ }
+
+ return Status;
+}
+
/**
This is the declaration of an EFI image entry point. This entry point is
the same for UEFI Applications, UEFI OS Loaders, and UEFI Drivers including @@ -45,6 +112,9 @@ Ip4DriverEntryPoint (
IN EFI_SYSTEM_TABLE *SystemTable
)
{
+
+ RegisterIpSec2ProtocolNotify ();
+
return EfiLibInstallDriverBindingComponentName2 (
ImageHandle,
SystemTable,
diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.h b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.h
index c49e013..6f958db 100644
--- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.h
+++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Impl.h
@@ -1,5 +1,7 @@
/** @file
Ip4 internal functions and type defintions.
+
+(C) Copyright 2014 - 2015 Hewlett-Packard Development Company, L.P.<BR>

Copyright (c) 2005 - 2014, Intel Corporation. All rights reserved.<BR> This program and the accompanying materials @@ -376,4 +378,6 @@ Ip4FreeTxToken (

extern EFI_IPSEC2_PROTOCOL *mIpSec;

+extern BOOLEAN mIpSec2Installed;
+
#endif
diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Input.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Input.c
index 38ad1c3..cf0a65d 100644
--- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Input.c
+++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Input.c
@@ -1,6 +1,7 @@
/** @file
IP4 input process.

+(C) Copyright 2014 - 2015 Hewlett-Packard Development Company, L.P.<BR>
Copyright (c) 2005 - 2014, Intel Corporation. All rights reserved.<BR> This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -512,6 +513,11 @@ Ip4IpSecProcessPacket (
IP4_HEAD ZeroHead;

Status = EFI_SUCCESS;
+
+ if (!mIpSec2Installed) {
+ goto ON_EXIT;
+ }
+
Packet = *Netbuf;
RecycleEvent = NULL;
IpSecWrap = NULL;
diff --git a/NetworkPkg/Ip6Dxe/Ip6Driver.c b/NetworkPkg/Ip6Dxe/Ip6Driver.c index 6958784..ba877dd 100644
--- a/NetworkPkg/Ip6Dxe/Ip6Driver.c
+++ b/NetworkPkg/Ip6Dxe/Ip6Driver.c
@@ -1,6 +1,7 @@
/** @file
The driver binding and service binding protocol for IP6 driver.

+ (C) Copyright 2014 - 2015 Hewlett-Packard Development Company,
+ L.P.<BR>
Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>

This program and the accompanying materials @@ -24,6 +25,75 @@ EFI_DRIVER_BINDING_PROTOCOL gIp6DriverBinding = {
NULL
};

+BOOLEAN mIpSec2Installed = FALSE;
+
+/**
+ Callback function for IpSec2 Protocol install.
+
+ @param[in] Event Event whose notification function is being invoked
+ @param[in] Context Pointer to the notification function's context
+
+ @retval EFI_SUCCESS Callback successful.
+**/
+VOID
+EFIAPI
+IpSec2InstalledCallback (
+ IN EFI_EVENT Event,
+ IN VOID *Context
+ )
+{
+ //
+ // Close the event so it does not get called again.
+ //
+ gBS->CloseEvent (Event);
+
+ mIpSec2Installed = TRUE;
+
+ return;
+}
+
+/**
+ Register the Notification callback function for IpSec2 Protocol install.
+
+ @retval EFI_SUCCESS Successfully registered the callback function.
+ @retval other Registration was not successful.
+**/
+EFI_STATUS
+EFIAPI
+RegisterIpSec2ProtocolNotify (
+ VOID
+ )
+{
+ EFI_STATUS Status;
+ EFI_EVENT Event;
+ VOID *Registration;
+
+ //
+ // New event, to register for IpSec2 Protocol installation.
+ //
+ Status = gBS->CreateEvent (
+ EVT_NOTIFY_SIGNAL,
+ TPL_CALLBACK,
+ IpSec2InstalledCallback,
+ NULL,
+ &Event
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Ip6Dxe RegisterIpSec2ProtocolNotify:
+ CreateEvent returned error %r\n", Status)); } else {
+ Status = gBS->RegisterProtocolNotify (
+ &gEfiIpSec2ProtocolGuid,
+ Event,
+ &Registration
+ );
+ if (EFI_ERROR (Status)) {
+ gBS->CloseEvent (Event);
+ }
+ }
+
+ return Status;
+}
+
/**
This is the declaration of an EFI image entry point. This entry point is
the same for UEFI Applications, UEFI OS Loaders, and UEFI Drivers including @@ -46,6 +116,9 @@ Ip6DriverEntryPoint (
IN EFI_SYSTEM_TABLE *SystemTable
)
{
+
+ RegisterIpSec2ProtocolNotify ();
+
return EfiLibInstallDriverBindingComponentName2 (
ImageHandle,
SystemTable,
diff --git a/NetworkPkg/Ip6Dxe/Ip6Impl.h b/NetworkPkg/Ip6Dxe/Ip6Impl.h index 8f114bb..629d03f 100644
--- a/NetworkPkg/Ip6Dxe/Ip6Impl.h
+++ b/NetworkPkg/Ip6Dxe/Ip6Impl.h
@@ -1,6 +1,7 @@
/** @file
Implementation of EFI_IP6_PROTOCOL protocol interfaces and type definitions.

+ (C) Copyright 2014 - 2015 Hewlett-Packard Development Company,
+ L.P.<BR>
Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>

This program and the accompanying materials @@ -90,6 +91,8 @@

extern EFI_IPSEC2_PROTOCOL *mIpSec;

+extern BOOLEAN mIpSec2Installed;
+
//
// IP6_TXTOKEN_WRAP wraps the upper layer's transmit token.
// The user's data is kept in the Packet. When fragment is diff --git a/NetworkPkg/Ip6Dxe/Ip6Input.c b/NetworkPkg/Ip6Dxe/Ip6Input.c index cf88884..ed51859 100644
--- a/NetworkPkg/Ip6Dxe/Ip6Input.c
+++ b/NetworkPkg/Ip6Dxe/Ip6Input.c
@@ -1,6 +1,7 @@
/** @file
IP6 internal functions to process the incoming packets.

+ (C) Copyright 2014 - 2015 Hewlett-Packard Development Company,
+ L.P.<BR>
Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>

This program and the accompanying materials @@ -525,6 +526,11 @@ Ip6IpSecProcessPacket (
EFI_IP6_HEADER ZeroHead;

Status = EFI_SUCCESS;
+
+ if (!mIpSec2Installed) {
+ goto ON_EXIT;
+ }
+
Packet = *Netbuf;
RecycleEvent = NULL;
IpSecWrap = NULL;
--
1.9.5.msysgit.0


------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors
network devices and physical & virtual servers, alerts via email & sms
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
edk2-devel mailing list
edk2-***@lists.sourceforge.net<mailto:edk2-***@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/edk2-devel

------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors
network devices and physical & virtual servers, alerts via email & sms
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
edk2-devel mailing list
edk2-***@lists.sourceforge.net<mailto:edk2-***@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/edk2-devel