git.droids-corp.org - dpdk.git/commit

author	Marcin Smoczynski <marcinx.smoczynski@intel.com>
	Mon, 14 Oct 2019 13:48:40 +0000 (15:48 +0200)
committer	Akhil Goyal <akhil.goyal@nxp.com>
	Fri, 8 Nov 2019 12:51:16 +0000 (13:51 +0100)
commit	ba66534fc763b30ac4dc17225f18a65ebfe72b33
tree	277cba83122892022e9ae1a68481f0b86015f858	tree \| snapshot
parent	4a67af84f11335e956fae9bcbece2ed12f02019e	commit \| diff

examples/ipsec-secgw: support fallback session

Inline processing is limited to a specified subset of traffic. It is
often unable to handle more complicated situations, such as fragmented
traffic. When using inline processing such traffic is dropped.

Introduce fallback session for inline crypto processing allowing
handling packets that normally would be dropped. A fallback session is
configured by adding 'fallback' keyword with 'lookaside-none' parameter
to an SA configuration. Only 'inline-crypto-offload" as a primary
session and 'lookaside-none' as a fall-back session combination is
supported by this patch.

Fallback session feature is not available in the legacy mode.

Signed-off-by: Marcin Smoczynski <marcinx.smoczynski@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Tested-by: Bernard Iremonger <bernard.iremonger@intel.com>

doc/guides/rel_notes/release_19_11.rst		diff \| blob \| history
doc/guides/sample_app_ug/ipsec_secgw.rst		diff \| blob \| history
examples/ipsec-secgw/esp.c		diff \| blob \| history
examples/ipsec-secgw/ipsec-secgw.c		diff \| blob \| history
examples/ipsec-secgw/ipsec.c		diff \| blob \| history
examples/ipsec-secgw/ipsec.h		diff \| blob \| history
examples/ipsec-secgw/ipsec_process.c		diff \| blob \| history
examples/ipsec-secgw/sa.c		diff \| blob \| history