#define IP6_FULL_MASK (sizeof(((struct ip_addr *)NULL)->ip.ip6.ip6) * CHAR_BIT)
-#define MBUF_NO_SEC_OFFLOAD(m) ((m->ol_flags & PKT_RX_SEC_OFFLOAD) == 0)
+#define MBUF_NO_SEC_OFFLOAD(m) ((m->ol_flags & RTE_MBUF_F_RX_SEC_OFFLOAD) == 0)
struct supported_cipher_algo {
const char *keyword;
#define SA_INIT_NB 128
+static uint32_t nb_crypto_sessions;
struct ipsec_sa *sa_out;
uint32_t nb_sa_out;
static uint32_t sa_out_sz;
uint32_t portid_p = 0;
uint32_t fallback_p = 0;
int16_t status_p = 0;
+ uint16_t udp_encap_p = 0;
if (strcmp(tokens[0], "in") == 0) {
ri = &nb_sa_in;
}
rule->fallback_sessions = 1;
+ nb_crypto_sessions++;
fallback_p = 1;
continue;
}
}
continue;
}
+ if (strcmp(tokens[ti], "udp-encap") == 0) {
+ switch (ips->type) {
+ case RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL:
+ case RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL:
+ APP_CHECK_PRESENCE(udp_encap_p, tokens[ti],
+ status);
+ if (status->status < 0)
+ return;
+
+ rule->udp_encap = 1;
+ app_sa_prm.udp_encap = 1;
+ udp_encap_p = 1;
+ break;
+ default:
+ APP_CHECK(0, status,
+ "UDP encapsulation not supported for "
+ "security session type %d",
+ ips->type);
+ return;
+ }
+ continue;
+ }
/* unrecognizeable input */
APP_CHECK(0, status, "unrecognized input \"%s\"",
ips->type = RTE_SECURITY_ACTION_TYPE_NONE;
}
+ nb_crypto_sessions++;
*ri = *ri + 1;
}
rc = create_ipsec_esp_flow(sa);
if (rc != 0)
RTE_LOG(ERR, IPSEC_ESP,
- "create_ipsec_esp_flow() failed %s\n",
- strerror(rc));
+ "create_ipsec_esp_flow() failed\n");
}
print_one_sa_rule(sa, inbound);
}
qsort(sa_in, nb_sa_in, sizeof(struct ipsec_sa), sa_cmp);
qsort(sa_out, nb_sa_out, sizeof(struct ipsec_sa), sa_cmp);
}
+
+uint32_t
+get_nb_crypto_sessions(void)
+{
+ return nb_crypto_sessions;
+}