From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 02CFCA2E1B for ; Wed, 4 Sep 2019 16:16:57 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 47D741EDC8; Wed, 4 Sep 2019 16:16:57 +0200 (CEST) Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by dpdk.org (Postfix) with ESMTP id 381661ED9D for ; Wed, 4 Sep 2019 16:16:55 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Sep 2019 07:16:54 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,467,1559545200"; d="scan'208";a="199040880" Received: from msmoczyx-mobl.ger.corp.intel.com ([10.103.104.101]) by fmsmga001.fm.intel.com with ESMTP; 04 Sep 2019 07:16:53 -0700 From: Marcin Smoczynski To: konstantin.ananyev@intel.com, akhil.goyal@nxp.com Cc: dev@dpdk.org, Marcin Smoczynski Date: Wed, 4 Sep 2019 16:16:39 +0200 Message-Id: <20190904141642.14820-1-marcinx.smoczynski@intel.com> X-Mailer: git-send-email 2.21.0.windows.1 In-Reply-To: <20190814204847.15600-1-marcinx.smoczynski@intel.com> References: <20190814204847.15600-1-marcinx.smoczynski@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-dev] [PATCH v2 0/3] examples/ipsec-secgw: add fallback session X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Inline processing is limited to a specified subset of traffic. It is often unable to handle more complicated situations, such as fragmented traffic. When using inline processing such traffic is dropped. Introduce multiple sessions per SA allowing to configure a fallback lookaside session for packets that normally would be dropped. A fallback session type in the SA configuration by adding 'fallback' with 'lookaside-none' or 'lookaside-protocol' parameter to determine type of session. Fallback session feature is available only when using librte_ipsec. v1 to v2 changes: - disable fallback offload for outbound SAs - add test scripts Marcin Smoczynski (3): examples/ipsec-secgw: ipsec_sa structure cleanup examples/ipsec-secgw: add fallback session feature examples/ipsec-secgw: add offload fallback tests doc/guides/sample_app_ug/ipsec_secgw.rst | 17 +- examples/ipsec-secgw/esp.c | 35 ++-- examples/ipsec-secgw/ipsec-secgw.c | 16 +- examples/ipsec-secgw/ipsec.c | 99 ++++++----- examples/ipsec-secgw/ipsec.h | 61 +++++-- examples/ipsec-secgw/ipsec_process.c | 113 +++++++----- examples/ipsec-secgw/sa.c | 164 +++++++++++++----- .../test/trs_aesgcm_common_defs.sh | 4 +- .../trs_aesgcm_inline_crypto_fallback_defs.sh | 5 + .../test/tun_aesgcm_common_defs.sh | 6 +- .../tun_aesgcm_inline_crypto_fallback_defs.sh | 5 + 11 files changed, 358 insertions(+), 167 deletions(-) create mode 100644 examples/ipsec-secgw/test/trs_aesgcm_inline_crypto_fallback_defs.sh create mode 100644 examples/ipsec-secgw/test/tun_aesgcm_inline_crypto_fallback_defs.sh -- 2.21.0.windows.1