/* setup crypto section */
if (ss->type == RTE_SECURITY_ACTION_TYPE_NONE) {
if (sa->crypto_session == NULL) {
- rc = create_session(ctx, sa);
+ rc = create_lookaside_session(ctx, sa);
if (rc != 0)
return rc;
}
ss->crypto.ses = sa->crypto_session;
/* setup session action type */
- } else {
+ } else if (sa->type == RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL) {
if (sa->sec_session == NULL) {
- rc = create_session(ctx, sa);
+ rc = create_lookaside_session(ctx, sa);
if (rc != 0)
return rc;
}
ss->security.ses = sa->sec_session;
ss->security.ctx = sa->security_ctx;
ss->security.ol_flags = sa->ol_flags;
- }
+ } else
+ RTE_ASSERT(0);
rc = rte_ipsec_session_prepare(ss);
if (rc != 0)
pg = grp + i;
sa = pg->id.ptr;
- /* no valid SA found */
- if (sa == NULL)
- k = 0;
-
ips = &sa->ips;
- satp = rte_ipsec_sa_type(ips->sa);
/* no valid HW session for that SA, try to create one */
- if (ips->crypto.ses == NULL &&
- fill_ipsec_session(ips, ctx, sa) != 0)
+ if (sa == NULL || (ips->crypto.ses == NULL &&
+ fill_ipsec_session(ips, ctx, sa) != 0))
k = 0;
/* process packets inline */
sa->type ==
RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL) {
+ satp = rte_ipsec_sa_type(ips->sa);
+
/*
* This is just to satisfy inbound_sa_check()
* and get_hop_for_offload_pkt().