git.droids-corp.org
/
dpdk.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
net/bnxt: fix Rx queue startup state
[dpdk.git]
/
examples
/
ipsec-secgw
/
ipsec.c
diff --git
a/examples/ipsec-secgw/ipsec.c
b/examples/ipsec-secgw/ipsec.c
index
bf88d80
..
5b032fe
100644
(file)
--- a/
examples/ipsec-secgw/ipsec.c
+++ b/
examples/ipsec-secgw/ipsec.c
@@
-52,6
+52,7
@@
set_ipsec_conf(struct ipsec_sa *sa, struct rte_security_ipsec_xform *ipsec)
ipsec->esn_soft_limit = IPSEC_OFFLOAD_ESN_SOFTLIMIT;
ipsec->replay_win_sz = app_sa_prm.window_size;
ipsec->options.esn = app_sa_prm.enable_esn;
ipsec->esn_soft_limit = IPSEC_OFFLOAD_ESN_SOFTLIMIT;
ipsec->replay_win_sz = app_sa_prm.window_size;
ipsec->options.esn = app_sa_prm.enable_esn;
+ ipsec->options.udp_encap = sa->udp_encap;
}
int
}
int
@@
-117,7
+118,8
@@
create_lookaside_session(struct ipsec_ctx *ipsec_ctx, struct ipsec_sa *sa,
set_ipsec_conf(sa, &(sess_conf.ipsec));
ips->security.ses = rte_security_session_create(ctx,
set_ipsec_conf(sa, &(sess_conf.ipsec));
ips->security.ses = rte_security_session_create(ctx,
- &sess_conf, ipsec_ctx->session_priv_pool);
+ &sess_conf, ipsec_ctx->session_pool,
+ ipsec_ctx->session_priv_pool);
if (ips->security.ses == NULL) {
RTE_LOG(ERR, IPSEC,
"SEC Session init failed: err: %d\n", ret);
if (ips->security.ses == NULL) {
RTE_LOG(ERR, IPSEC,
"SEC Session init failed: err: %d\n", ret);
@@
-198,7
+200,8
@@
create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa,
}
ips->security.ses = rte_security_session_create(sec_ctx,
}
ips->security.ses = rte_security_session_create(sec_ctx,
- &sess_conf, skt_ctx->session_pool);
+ &sess_conf, skt_ctx->session_pool,
+ skt_ctx->session_priv_pool);
if (ips->security.ses == NULL) {
RTE_LOG(ERR, IPSEC,
"SEC Session init failed: err: %d\n", ret);
if (ips->security.ses == NULL) {
RTE_LOG(ERR, IPSEC,
"SEC Session init failed: err: %d\n", ret);
@@
-378,7
+381,8
@@
flow_create_failure:
sess_conf.userdata = (void *) sa;
ips->security.ses = rte_security_session_create(sec_ctx,
sess_conf.userdata = (void *) sa;
ips->security.ses = rte_security_session_create(sec_ctx,
- &sess_conf, skt_ctx->session_pool);
+ &sess_conf, skt_ctx->session_pool,
+ skt_ctx->session_priv_pool);
if (ips->security.ses == NULL) {
RTE_LOG(ERR, IPSEC,
"SEC Session init failed: err: %d\n", ret);
if (ips->security.ses == NULL) {
RTE_LOG(ERR, IPSEC,
"SEC Session init failed: err: %d\n", ret);
@@
-500,7
+504,7
@@
enqueue_cop_burst(struct cdev_qp *cqp)
cqp->id, cqp->qp, ret, len);
/* drop packets that we fail to enqueue */
for (i = ret; i < len; i++)
cqp->id, cqp->qp, ret, len);
/* drop packets that we fail to enqueue */
for (i = ret; i < len; i++)
-
rte_pktmbuf_free(cqp->buf[i]->sym->m_src
);
+
free_pkts(&cqp->buf[i]->sym->m_src, 1
);
}
cqp->in_flight += ret;
cqp->len = 0;
}
cqp->in_flight += ret;
cqp->len = 0;
@@
-528,7
+532,7
@@
ipsec_enqueue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
for (i = 0; i < nb_pkts; i++) {
if (unlikely(sas[i] == NULL)) {
for (i = 0; i < nb_pkts; i++) {
if (unlikely(sas[i] == NULL)) {
-
rte_pktmbuf_free(pkts[i]
);
+
free_pkts(&pkts[i], 1
);
continue;
}
continue;
}
@@
-549,7
+553,16
@@
ipsec_enqueue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
if ((unlikely(ips->security.ses == NULL)) &&
create_lookaside_session(ipsec_ctx, sa, ips)) {
if ((unlikely(ips->security.ses == NULL)) &&
create_lookaside_session(ipsec_ctx, sa, ips)) {
- rte_pktmbuf_free(pkts[i]);
+ free_pkts(&pkts[i], 1);
+ continue;
+ }
+
+ if (unlikely((pkts[i]->packet_type &
+ (RTE_PTYPE_TUNNEL_MASK |
+ RTE_PTYPE_L4_MASK)) ==
+ MBUF_PTYPE_TUNNEL_ESP_IN_UDP &&
+ sa->udp_encap != 1)) {
+ free_pkts(&pkts[i], 1);
continue;
}
continue;
}
@@
-563,7
+576,7
@@
ipsec_enqueue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
case RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO:
RTE_LOG(ERR, IPSEC, "CPU crypto is not supported by the"
" legacy mode.");
case RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO:
RTE_LOG(ERR, IPSEC, "CPU crypto is not supported by the"
" legacy mode.");
-
rte_pktmbuf_free(pkts[i]
);
+
free_pkts(&pkts[i], 1
);
continue;
case RTE_SECURITY_ACTION_TYPE_NONE:
continue;
case RTE_SECURITY_ACTION_TYPE_NONE:
@@
-575,7
+588,7
@@
ipsec_enqueue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
if ((unlikely(ips->crypto.ses == NULL)) &&
create_lookaside_session(ipsec_ctx, sa, ips)) {
if ((unlikely(ips->crypto.ses == NULL)) &&
create_lookaside_session(ipsec_ctx, sa, ips)) {
-
rte_pktmbuf_free(pkts[i]
);
+
free_pkts(&pkts[i], 1
);
continue;
}
continue;
}
@@
-584,7
+597,7
@@
ipsec_enqueue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
ret = xform_func(pkts[i], sa, &priv->cop);
if (unlikely(ret)) {
ret = xform_func(pkts[i], sa, &priv->cop);
if (unlikely(ret)) {
-
rte_pktmbuf_free(pkts[i]
);
+
free_pkts(&pkts[i], 1
);
continue;
}
break;
continue;
}
break;
@@
-608,7
+621,7
@@
ipsec_enqueue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
ret = xform_func(pkts[i], sa, &priv->cop);
if (unlikely(ret)) {
ret = xform_func(pkts[i], sa, &priv->cop);
if (unlikely(ret)) {
-
rte_pktmbuf_free(pkts[i]
);
+
free_pkts(&pkts[i], 1
);
continue;
}
continue;
}
@@
-643,7
+656,7
@@
ipsec_inline_dequeue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
sa = priv->sa;
ret = xform_func(pkt, sa, &priv->cop);
if (unlikely(ret)) {
sa = priv->sa;
ret = xform_func(pkt, sa, &priv->cop);
if (unlikely(ret)) {
-
rte_pktmbuf_free(pkt
);
+
free_pkts(&pkt, 1
);
continue;
}
pkts[nb_pkts++] = pkt;
continue;
}
pkts[nb_pkts++] = pkt;
@@
-690,13
+703,13
@@
ipsec_dequeue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
RTE_SECURITY_ACTION_TYPE_NONE) {
ret = xform_func(pkt, sa, cops[j]);
if (unlikely(ret)) {
RTE_SECURITY_ACTION_TYPE_NONE) {
ret = xform_func(pkt, sa, cops[j]);
if (unlikely(ret)) {
-
rte_pktmbuf_free(pkt
);
+
free_pkts(&pkt, 1
);
continue;
}
} else if (ipsec_get_action_type(sa) ==
RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL) {
if (cops[j]->status) {
continue;
}
} else if (ipsec_get_action_type(sa) ==
RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL) {
if (cops[j]->status) {
-
rte_pktmbuf_free(pkt
);
+
free_pkts(&pkt, 1
);
continue;
}
}
continue;
}
}