Code Review
/
vpp.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
ipsec: Support async mode per-SA
[vpp.git]
/
src
/
vnet
/
ipsec
/
ipsec_sa.c
diff --git
a/src/vnet/ipsec/ipsec_sa.c
b/src/vnet/ipsec/ipsec_sa.c
index
7e2dc20
..
b1e3374
100644
(file)
--- a/
src/vnet/ipsec/ipsec_sa.c
+++ b/
src/vnet/ipsec/ipsec_sa.c
@@
-245,7
+245,15
@@
ipsec_sa_add_and_lock (u32 id, u32 spi, ipsec_protocol_t proto,
if (im->async_mode)
sa->crypto_op_data = sa->async_op_data.data;
else
if (im->async_mode)
sa->crypto_op_data = sa->async_op_data.data;
else
- sa->crypto_op_data = sa->sync_op_data.data;
+ {
+ if (ipsec_sa_is_set_IS_ASYNC (sa))
+ {
+ vnet_crypto_request_async_mode (1);
+ sa->crypto_op_data = sa->async_op_data.data;
+ }
+ else
+ sa->crypto_op_data = sa->sync_op_data.data;
+ }
err = ipsec_check_support_cb (im, sa);
if (err)
err = ipsec_check_support_cb (im, sa);
if (err)
@@
-332,6
+340,8
@@
ipsec_sa_del (ipsec_sa_t * sa)
/* no recovery possible when deleting an SA */
(void) ipsec_call_add_del_callbacks (im, sa, sa_index, 0);
/* no recovery possible when deleting an SA */
(void) ipsec_call_add_del_callbacks (im, sa, sa_index, 0);
+ if (ipsec_sa_is_set_IS_ASYNC (sa))
+ vnet_crypto_request_async_mode (0);
if (ipsec_sa_is_set_UDP_ENCAP (sa) && ipsec_sa_is_set_IS_INBOUND (sa))
ipsec_unregister_udp_port (clib_net_to_host_u16 (sa->udp_hdr.dst_port));
if (ipsec_sa_is_set_UDP_ENCAP (sa) && ipsec_sa_is_set_IS_INBOUND (sa))
ipsec_unregister_udp_port (clib_net_to_host_u16 (sa->udp_hdr.dst_port));