+ i32 ret =
+ rte_cryptodev_sym_session_init (res->dev_id, session[0], xfs, mp[0]);
+ if (ret)
+ {
+ data->session_drv_failed[res->drv_id] += 1;
+ return clib_error_return (0, "failed to init session for drv %u",
+ res->drv_id);
+ }
+#endif /* DPDK_NO_AEAD */
+
+ hash_set (cwm->session_by_drv_id_and_sa_index, key.val, session[0]);
+
+ return 0;
+}
+
+static void __attribute__ ((unused)) clear_and_free_obj (void *obj)
+{
+ struct rte_mempool *mp = rte_mempool_from_obj (obj);
+
+ memset (obj, 0, mp->elt_size);
+
+ rte_mempool_put (mp, obj);
+}
+
+#if ! DPDK_NO_AEAD
+/* This is from rte_cryptodev_pmd.h */
+static inline void *
+get_session_private_data (const struct rte_cryptodev_sym_session *sess,
+ uint8_t driver_id)
+{
+ return sess->sess_private_data[driver_id];
+}
+
+/* This is from rte_cryptodev_pmd.h */
+static inline void
+set_session_private_data (struct rte_cryptodev_sym_session *sess,
+ uint8_t driver_id, void *private_data)
+{
+ sess->sess_private_data[driver_id] = private_data;
+}
+#endif
+
+static clib_error_t *
+add_del_sa_session (u32 sa_index, u8 is_add)
+{
+ ipsec_main_t *im = &ipsec_main;
+ dpdk_crypto_main_t *dcm = &dpdk_crypto_main;
+ crypto_worker_main_t *cwm;
+ struct rte_cryptodev_sym_session *s;
+ crypto_session_key_t key = { 0 };
+ uword *val;
+ u32 drv_id;
+ i32 ret;
+
+ key.sa_idx = sa_index;
+
+ if (is_add)
+ {
+#if 1
+ ipsec_sa_t *sa = pool_elt_at_index (im->sad, sa_index);
+ u32 seed;
+ switch (sa->crypto_alg)
+ {
+ case IPSEC_CRYPTO_ALG_AES_GCM_128:
+ case IPSEC_CRYPTO_ALG_AES_GCM_192:
+ case IPSEC_CRYPTO_ALG_AES_GCM_256:
+ clib_memcpy (&sa->salt, &sa->crypto_key[sa->crypto_key_len - 4], 4);
+ break;
+ default:
+ seed = (u32) clib_cpu_time_now ();
+ sa->salt = random_u32 (&seed);