X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=examples%2Fipsec-secgw%2Fsa.c;h=7bb9ef36c2d3eadbdbfa8eaf0e70ba6e4bc60bd9;hb=06cffd468fdd2b96bbc3c0f8b1269275e10c2a6e;hp=e3a1a5affeb0fe2d56a9ca16ca370d9b7d90af39;hpb=6738c0a956953b726cff55da48ee4d5574b0fdf5;p=dpdk.git

diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
index e3a1a5affe..7bb9ef36c2 100644
--- a/examples/ipsec-secgw/sa.c
+++ b/examples/ipsec-secgw/sa.c
@@ -160,6 +160,7 @@ const struct supported_aead_algo aead_algos[] = {
 
 #define SA_INIT_NB	128
 
+static uint32_t nb_crypto_sessions;
 struct ipsec_sa *sa_out;
 uint32_t nb_sa_out;
 static uint32_t sa_out_sz;
@@ -297,6 +298,7 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
 	uint32_t portid_p = 0;
 	uint32_t fallback_p = 0;
 	int16_t status_p = 0;
+	uint16_t udp_encap_p = 0;
 
 	if (strcmp(tokens[0], "in") == 0) {
 		ri = &nb_sa_in;
@@ -712,6 +714,7 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
 			}
 
 			rule->fallback_sessions = 1;
+			nb_crypto_sessions++;
 			fallback_p = 1;
 			continue;
 		}
@@ -755,6 +758,23 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
 			}
 			continue;
 		}
+		if (strcmp(tokens[ti], "udp-encap") == 0) {
+			APP_CHECK(ips->type ==
+				RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL,
+				status, "UDP encapsulation is allowed if the "
+				"session is of type lookaside-protocol-offload "
+				"only.");
+			if (status->status < 0)
+				return;
+			APP_CHECK_PRESENCE(udp_encap_p, tokens[ti], status);
+			if (status->status < 0)
+				return;
+
+			rule->udp_encap = 1;
+			app_sa_prm.udp_encap = 1;
+			udp_encap_p = 1;
+			continue;
+		}
 
 		/* unrecognizeable input */
 		APP_CHECK(0, status, "unrecognized input \"%s\"",
@@ -795,6 +815,7 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
 		ips->type = RTE_SECURITY_ACTION_TYPE_NONE;
 	}
 
+	nb_crypto_sessions++;
 	*ri = *ri + 1;
 }
 
@@ -1223,8 +1244,7 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[],
 			rc = create_ipsec_esp_flow(sa);
 			if (rc != 0)
 				RTE_LOG(ERR, IPSEC_ESP,
-					"create_ipsec_esp_flow() failed %s\n",
-					strerror(rc));
+					"create_ipsec_esp_flow() failed\n");
 		}
 		print_one_sa_rule(sa, inbound);
 	}
@@ -1625,3 +1645,9 @@ sa_sort_arr(void)
 	qsort(sa_in, nb_sa_in, sizeof(struct ipsec_sa), sa_cmp);
 	qsort(sa_out, nb_sa_out, sizeof(struct ipsec_sa), sa_cmp);
 }
+
+uint32_t
+get_nb_crypto_sessions(void)
+{
+	return nb_crypto_sessions;
+}