examples/ipsec-secgw: extend inline session to non AES-GCM

This patch extends creation of inline session to all the algorithms.
Previously the inline session was enabled only for AES-GCM cipher.

Fixes: 3a690d5a65e2 ("examples/ipsec-secgw: fix first packet with inline crypto")
Cc: stable@dpdk.org
Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
index e75b687..4822d6b 100644 (file)
--- a/examples/ipsec-secgw/sa.c
+++ b/examples/ipsec-secgw/sa.c
@@ -1057,7 +1057,6 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[],
                }
 
                if (sa->aead_algo == RTE_CRYPTO_AEAD_AES_GCM) {
-                       struct rte_ipsec_session *ips;
                        iv_length = 12;
 
                        sa_ctx->xf[idx].a.type = RTE_CRYPTO_SYM_XFORM_AEAD;
@@ -1077,19 +1076,6 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[],
                                sa->digest_len;
 
                        sa->xforms = &sa_ctx->xf[idx].a;
-
-                       ips = ipsec_get_primary_session(sa);
-                       if (ips->type ==
-                               RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL ||
-                               ips->type ==
-                               RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO) {
-                               rc = create_inline_session(skt_ctx, sa, ips);
-                               if (rc != 0) {
-                                       RTE_LOG(ERR, IPSEC_ESP,
-                                               "create_inline_session() failed\n");
-                                       return -EINVAL;
-                               }
-                       }
                } else {
                        switch (sa->cipher_algo) {
                        case RTE_CRYPTO_CIPHER_NULL:
@@ -1156,6 +1142,18 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[],
                        sa->xforms = &sa_ctx->xf[idx].a;
                }
 
+               if (ips->type ==
+                       RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL ||
+                       ips->type ==
+                       RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO) {
+                       rc = create_inline_session(skt_ctx, sa, ips);
+                       if (rc != 0) {
+                               RTE_LOG(ERR, IPSEC_ESP,
+                                       "create_inline_session() failed\n");
+                               return -EINVAL;
+                       }
+               }
+
                print_one_sa_rule(sa, inbound);
        }