X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=examples%2Fipsec-secgw%2Fipsec_process.c;h=868f1a28d501562392934bd5b1477bb405b04f47;hb=ce0ed702a1598c0b3949a651f6be168459c911cf;hp=e403c461aa6678b94a57fe7bee7ea1e769200655;hpb=3e5f4625dc17064e5e44d7fddaf57d9d9afb7ae4;p=dpdk.git diff --git a/examples/ipsec-secgw/ipsec_process.c b/examples/ipsec-secgw/ipsec_process.c index e403c461aa..868f1a28d5 100644 --- a/examples/ipsec-secgw/ipsec_process.c +++ b/examples/ipsec-secgw/ipsec_process.c @@ -95,22 +95,23 @@ fill_ipsec_session(struct rte_ipsec_session *ss, struct ipsec_ctx *ctx, /* setup crypto section */ if (ss->type == RTE_SECURITY_ACTION_TYPE_NONE) { if (sa->crypto_session == NULL) { - rc = create_session(ctx, sa); + rc = create_lookaside_session(ctx, sa); if (rc != 0) return rc; } ss->crypto.ses = sa->crypto_session; /* setup session action type */ - } else { + } else if (sa->type == RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL) { if (sa->sec_session == NULL) { - rc = create_session(ctx, sa); + rc = create_lookaside_session(ctx, sa); if (rc != 0) return rc; } ss->security.ses = sa->sec_session; ss->security.ctx = sa->security_ctx; ss->security.ol_flags = sa->ol_flags; - } + } else + RTE_ASSERT(0); rc = rte_ipsec_session_prepare(ss); if (rc != 0) @@ -217,16 +218,11 @@ ipsec_process(struct ipsec_ctx *ctx, struct ipsec_traffic *trf) pg = grp + i; sa = pg->id.ptr; - /* no valid SA found */ - if (sa == NULL) - k = 0; - ips = &sa->ips; - satp = rte_ipsec_sa_type(ips->sa); /* no valid HW session for that SA, try to create one */ - if (ips->crypto.ses == NULL && - fill_ipsec_session(ips, ctx, sa) != 0) + if (sa == NULL || (ips->crypto.ses == NULL && + fill_ipsec_session(ips, ctx, sa) != 0)) k = 0; /* process packets inline */ @@ -234,6 +230,8 @@ ipsec_process(struct ipsec_ctx *ctx, struct ipsec_traffic *trf) sa->type == RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL) { + satp = rte_ipsec_sa_type(ips->sa); + /* * This is just to satisfy inbound_sa_check() * and get_hop_for_offload_pkt().