#define SA_INIT_NB 128
-static struct ipsec_sa *sa_out;
+struct ipsec_sa *sa_out;
+uint32_t nb_sa_out;
static uint32_t sa_out_sz;
-static uint32_t nb_sa_out;
static struct ipsec_sa_cnt sa_out_cnt;
-static struct ipsec_sa *sa_in;
+struct ipsec_sa *sa_in;
+uint32_t nb_sa_in;
static uint32_t sa_in_sz;
-static uint32_t nb_sa_in;
static struct ipsec_sa_cnt sa_in_cnt;
static const struct supported_cipher_algo *
if (status->status < 0)
return;
fb = ipsec_get_fallback_session(rule);
- if (strcmp(tokens[ti], "lookaside-none") == 0) {
+ if (strcmp(tokens[ti], "lookaside-none") == 0)
fb->type = RTE_SECURITY_ACTION_TYPE_NONE;
- } else {
+ else if (strcmp(tokens[ti], "cpu-crypto") == 0)
+ fb->type = RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO;
+ else {
APP_CHECK(0, status, "unrecognized fallback "
"type %s.", tokens[ti]);
return;
printf("\n");
}
-struct ipsec_xf {
- struct rte_crypto_sym_xform a;
- struct rte_crypto_sym_xform b;
-};
-
-struct sa_ctx {
- void *satbl; /* pointer to array of rte_ipsec_sa objects*/
- struct ipsec_sad sad;
- struct ipsec_xf *xf;
- uint32_t nb_sa;
- struct ipsec_sa sa[];
-};
-
static struct sa_ctx *
sa_create(const char *name, int32_t socket_id, uint32_t nb_sa)
{