Change-Id: Ica3bc74ffbb1c0df4e198b0abff8df10cdeb2182
Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
crypto_dev_t *dev;
u32 thread_idx, i;
u16 res_idx, *idx;
crypto_dev_t *dev;
u32 thread_idx, i;
u16 res_idx, *idx;
+ u8 dev_idx, auto_en = 0;
if (!unformat_user (input, unformat_line_input, line_input))
return clib_error_return (0, "invalid syntax");
if (!unformat_user (input, unformat_line_input, line_input))
return clib_error_return (0, "invalid syntax");
if (sa_index0 != last_sa_index)
{
if (sa_index0 != last_sa_index)
{
- last_sa_index = sa_index0;
-
sa0 = pool_elt_at_index (im->sad, sa_index0);
cipher_alg = vec_elt_at_index (dcm->cipher_algs, sa0->crypto_alg);
sa0 = pool_elt_at_index (im->sad, sa_index0);
cipher_alg = vec_elt_at_index (dcm->cipher_algs, sa0->crypto_alg);
n_left_to_next -= 1;
goto trace;
}
n_left_to_next -= 1;
goto trace;
}
+
+ last_sa_index = sa_index0;
}
/* anti-replay check */
}
/* anti-replay check */
digest = vlib_buffer_get_tail (b0) - trunc_size;
digest = vlib_buffer_get_tail (b0) - trunc_size;
- if (cipher_alg->alg == RTE_CRYPTO_CIPHER_AES_CBC)
+ if (!is_aead && cipher_alg->alg == RTE_CRYPTO_CIPHER_AES_CBC)
clib_memcpy(icb, iv, 16);
else /* CTR/GCM */
{
clib_memcpy(icb, iv, 16);
else /* CTR/GCM */
{
if (sa_index0 != last_sa_index)
{
if (sa_index0 != last_sa_index)
{
- last_sa_index = sa_index0;
-
sa0 = pool_elt_at_index (im->sad, sa_index0);
cipher_alg =
sa0 = pool_elt_at_index (im->sad, sa_index0);
cipher_alg =
n_left_to_next -= 1;
goto trace;
}
n_left_to_next -= 1;
goto trace;
}
+
+ last_sa_index = sa_index0;
}
if (PREDICT_FALSE (esp_seq_advance (sa0)))
}
if (PREDICT_FALSE (esp_seq_advance (sa0)))
rewrite_len + ip4_header_bytes (&ih0->ip4));
oh0->ip4.protocol = IP_PROTOCOL_IPSEC_ESP;
esp0 =
rewrite_len + ip4_header_bytes (&ih0->ip4));
oh0->ip4.protocol = IP_PROTOCOL_IPSEC_ESP;
esp0 =
- (esp_header_t *) (oh6_0 + ip4_header_bytes (&ih0->ip4));
+ (esp_header_t *) (oh0 + ip4_header_bytes (&ih0->ip4));
}
esp0->spi = clib_host_to_net_u32 (sa0->spi);
esp0->seq = clib_host_to_net_u32 (sa0->seq);
}
esp0->spi = clib_host_to_net_u32 (sa0->spi);
esp0->seq = clib_host_to_net_u32 (sa0->seq);
u32 *aad = NULL;
u8 *digest = vlib_buffer_get_tail (b0) - trunc_size;
u32 *aad = NULL;
u8 *digest = vlib_buffer_get_tail (b0) - trunc_size;
- if (cipher_alg->alg == RTE_CRYPTO_CIPHER_AES_CBC)
+ if (!is_aead && cipher_alg->alg == RTE_CRYPTO_CIPHER_AES_CBC)
{
cipher_off = sizeof (esp_header_t);
cipher_len = iv_size + pad_payload_len;
{
cipher_off = sizeof (esp_header_t);
cipher_len = iv_size + pad_payload_len;
ipsec_sa_t *sa = 0;
uword *p;
u32 sa_index;
ipsec_sa_t *sa = 0;
uword *p;
u32 sa_index;
clib_warning ("id %u spi %u", new_sa->id, new_sa->spi);
clib_warning ("id %u spi %u", new_sa->id, new_sa->spi);
return VNET_API_ERROR_SYSCALL_ERROR_1; /* sa used in policy */
}
hash_unset (im->sa_index_by_sa_id, sa->id);
return VNET_API_ERROR_SYSCALL_ERROR_1; /* sa used in policy */
}
hash_unset (im->sa_index_by_sa_id, sa->id);
- if (im->cb.add_del_sa_sess_cb &&
- im->cb.add_del_sa_sess_cb (sa_index, 0) < 0)
- return VNET_API_ERROR_SYSCALL_ERROR_1;
+ if (im->cb.add_del_sa_sess_cb)
+ {
+ err = im->cb.add_del_sa_sess_cb (sa_index, 0);
+ if (err)
+ return VNET_API_ERROR_SYSCALL_ERROR_1;
+ }
pool_put (im->sad, sa);
}
else /* create new SA */
pool_put (im->sad, sa);
}
else /* create new SA */
clib_memcpy (sa, new_sa, sizeof (*sa));
sa_index = sa - im->sad;
hash_set (im->sa_index_by_sa_id, sa->id, sa_index);
clib_memcpy (sa, new_sa, sizeof (*sa));
sa_index = sa - im->sad;
hash_set (im->sa_index_by_sa_id, sa->id, sa_index);
- if (im->cb.add_del_sa_sess_cb &&
- im->cb.add_del_sa_sess_cb (sa_index, 1) < 0)
- return VNET_API_ERROR_SYSCALL_ERROR_1;
+ if (im->cb.add_del_sa_sess_cb)
+ {
+ err = im->cb.add_del_sa_sess_cb (sa_index, 1);
+ if (err)
+ return VNET_API_ERROR_SYSCALL_ERROR_1;
+ }
uword *p;
u32 sa_index;
ipsec_sa_t *sa = 0;
uword *p;
u32 sa_index;
ipsec_sa_t *sa = 0;
p = hash_get (im->sa_index_by_sa_id, sa_update->id);
if (!p)
p = hash_get (im->sa_index_by_sa_id, sa_update->id);
if (!p)
if (0 < sa_update->crypto_key_len || 0 < sa_update->integ_key_len)
{
if (0 < sa_update->crypto_key_len || 0 < sa_update->integ_key_len)
{
- if (im->cb.add_del_sa_sess_cb &&
- im->cb.add_del_sa_sess_cb (sa_index, 0) < 0)
- return VNET_API_ERROR_SYSCALL_ERROR_1;
+ if (im->cb.add_del_sa_sess_cb)
+ {
+ err = im->cb.add_del_sa_sess_cb (sa_index, 0);
+ if (err)
+ return VNET_API_ERROR_SYSCALL_ERROR_1;
+ }