From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id D3D85A0C57; Wed, 8 Sep 2021 16:24:44 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 959E6411EA; Wed, 8 Sep 2021 16:24:44 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id CB276411D6 for ; Wed, 8 Sep 2021 16:24:42 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 1889TZmU030893; Wed, 8 Sep 2021 07:24:41 -0700 Received: from nam10-mw2-obe.outbound.protection.outlook.com (mail-mw2nam10lp2102.outbound.protection.outlook.com [104.47.55.102]) by mx0a-0016f401.pphosted.com with ESMTP id 3axtka96tf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 08 Sep 2021 07:24:41 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VCopIEoCpMs95+LLglpO0KHycpeXJiu9rmT07Cq6UowddTpjkmEwUHcQIHfAr1nMkhNrDypa6gPGDcJnGOWPFTHCQretyVcMnt0mBjJSDEvV4bgG+oVcrbM6KqMl4c29EQ9d3djitgpj+YiKBdvqqGPXmjJHWZLGr5GBjkNK63OC81MiamxxOfieW+4tAZflsie8Dcv+tkVEUqZmhUIWq4Pm61J8OvzntHi5hwv+o/Ct2dIRiyUyrMmJ74Zi9BT3u156qxFirO2D2fC14FHQ2AsOwhIWFLG5+L8OjZBdYeaTINAc8x7QwFvDPAiDhZNqMupCqGptny3rgqouAMs1rQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=GRKUulv3zvJ853IxszvU307+bybJJHazQI1C32sF1is=; b=i/aK+Z1DZrapEZgtxVJ497I1lJvzu9wNwz64yb8Zr/Hf4kFmKGpL2MIpKv/sNrBsEpT1gNek3R5RDx+fUIcchmWzFHQdQhCgrLAHDmtfwGreYIXy9VXwuO8pvpaITfE3U+anc3hlIvRQEluC/OiJ4BYJS1YcY+zbbanKOwNx7gq10rAF6YICW95aLceUomhP3O59SqOTrUmGk/1sjQExNzVSSg8ljlPjImBtqDGWSQrxeQnCjl3bKlXmQwjjBPjdLnOAwIzH8/90aX9ClB1i/SyJM84TDtyotXV3hatCrItVBme7WdfVE5LkHT8QVT4LLfxJ3RxTHMnPw5fpw4vd4A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=marvell.com; dmarc=pass action=none header.from=marvell.com; dkim=pass header.d=marvell.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.onmicrosoft.com; s=selector1-marvell-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GRKUulv3zvJ853IxszvU307+bybJJHazQI1C32sF1is=; b=C3bzwn8dBNFkCVmRt/JuKZtVQBDrYmVD8yhLXliYDhUeA8afytzqvLnD8dDry4FJ1TqIv6vnluiIU5pd9776R51kONBF/Ei22RRLShyy+7NkN9PEhD1nEeoiKVRGyj3e28mIG85fYw0Zk2clRTHGH++XlQbdL6z8hFN/XvI3LiE= Received: from PH0PR18MB4491.namprd18.prod.outlook.com (2603:10b6:510:e6::13) by PH0PR18MB4490.namprd18.prod.outlook.com (2603:10b6:510:ea::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.14; Wed, 8 Sep 2021 14:24:39 +0000 Received: from PH0PR18MB4491.namprd18.prod.outlook.com ([fe80::5511:79c8:c025:a250]) by PH0PR18MB4491.namprd18.prod.outlook.com ([fe80::5511:79c8:c025:a250%7]) with mapi id 15.20.4500.016; Wed, 8 Sep 2021 14:24:39 +0000 From: Akhil Goyal To: Radu Nicolau CC: "dev@dpdk.org" , "declan.doherty@intel.com" Thread-Topic: [EXT] [PATCH 7/7] examples/ipsec-secgw: add ethdev reset callback Thread-Index: AQHXoLbpks5gLCrjeEiA+eXhQHzlXauaNZvw Date: Wed, 8 Sep 2021 14:24:38 +0000 Message-ID: References: <20210903112257.303961-1-radu.nicolau@intel.com> <20210903112257.303961-8-radu.nicolau@intel.com> In-Reply-To: <20210903112257.303961-8-radu.nicolau@intel.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=marvell.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: e0bbfb29-56be-4693-41c6-08d972d4643f x-ms-traffictypediagnostic: PH0PR18MB4490: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:5797; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 8YOelT6GSnZD/1nfOumgQV2tgPRRNOykQ1eRr+JjQBcsaZBBVvMJ0Kgq4t7ZDkcCix98XhfDAKfhIv8QgqL9nnpAAAzYihBLJjdXrD6x27FeNwwrkJy53fZ7AX5XFL9BF7v5PpKnymbzswwuph5VVwN04/VYYrjknkPPX3X5E/aIn9JyZq2jfRY4Wp8K6ex+sNEaUdUPGxtSfQNB9UIIFI5NvugTjihRtY89DQnn/8hNv4mDsYDm4UzaNKQoAVe/ecUIo6Pt9WPd4hrX81whWYroixuPuplrIC04MqbdBWqkS4Ci5sYjlv2nn+N+EOioP7ZnvK1rDH28vo98E3B7EVY+kLpsBVYMiUUgT9FjpN4heUqI8gSaRpBg0Rlx73vpuQGtIgcNl0nU2x2ILzo5RPK5IaPmbj39Wizt0DBEwqOIteQsO/jmSxzXYYV+b4PATbnHT9vACu7Xfn98NkqywMFzQFEZ29oE96hsy3CiFs/7xS2YkKLuUgDN6TcWCiJTQqkGEsPnmoBOVHz8DHGMcgbJqRg3YtUaqDe1SL1Jw1dt1xhyCJRLXHQSQ9h2LGbhWSLL3BveyhnaQLMAb0PECHgH/QrK9w3MACFOR3yVX7aiLKPxEmaMTBxkDAfuj6vY+RYdHEKycLdy0vZe2yp/C6r2dP2oEiRh+0kxrill/FGeL+q35suiERewDR4BmhK2WyM2O+KcVa0aeNsjHruEEA== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR18MB4491.namprd18.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(39860400002)(346002)(376002)(136003)(396003)(66946007)(76116006)(6506007)(66476007)(64756008)(66446008)(38070700005)(66556008)(2906002)(52536014)(186003)(26005)(86362001)(33656002)(83380400001)(55016002)(8676002)(9686003)(71200400001)(7696005)(5660300002)(122000001)(6916009)(478600001)(8936002)(54906003)(316002)(4326008)(38100700002); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?4Wf2V/PID/a02n7Fm7aRG+DToa9DUFuYA5UnnL2qDhdL7QE96LNTlCKwuyuV?= =?us-ascii?Q?Enhf7FKb8O/jZVmsZz0MEaIm4OtwyIWJt08F6U4cc6fwtsBDEm7v2Dh4a7NK?= =?us-ascii?Q?GUwi7LP82xPj5a1G42uqbghFTmr3Zr/LImzJWYpE4n229r/lIcgVWj1vs70B?= =?us-ascii?Q?dsoCzLMkfACkARatbO6hq3luozvBJ1OSRLl6PPcJvazwYcJRQzx1YOb3hJ6g?= =?us-ascii?Q?hGleDlpYF+gBT2YydhE1K8mbD6bCQ87kky+qrYLk7bNe35+Zl3cilvOQeHns?= =?us-ascii?Q?ZQ4OiEcaGIyo+LWdN1O79WptkQonECB/AFR2EurgI4vvsWzT13yNBlaOOOo0?= =?us-ascii?Q?xU6TVOz4VsxcHibkh1n+djlCsH1ASzfd7+qMyzjasOY9SSu16f7UiAKrAo5c?= =?us-ascii?Q?3mRh6W+UTt9mk3sA1vL3/aBXhDNcl6TUI6AfIKLiEGU/nSE9YF+SsBiOZ+L/?= =?us-ascii?Q?LX6BO/RPooYWLc2kJeziO4O4+uHE437IYICgl/uNYgr2LxwIR2iJXtXuhlpE?= =?us-ascii?Q?mXUUASJDA9YddntpD+gGF8DDucRBZTds9gmyyruZVRnWyJHOLdNMYfs/2qhu?= =?us-ascii?Q?BBF/qOm+ohwewAbQ8Dw0O2dIdfwe86sDShNw5LO0t5VJrKs/BCftpemYMoBV?= =?us-ascii?Q?aIuWSXpDnm2DlthMuIdbj1FaPe5hy208ZPTaBoo0Vfcz3nnZXWF+PNCXH2T3?= =?us-ascii?Q?w9z1GI+ElyxfKoUekNs7C3KsPH9dNhYfmWhgRmLFSQRmwFj/JdYE3W3V6djX?= =?us-ascii?Q?ISedAYYWDmJvhQh6psxdtMJrg9wnpn58OBh92Bu5CPnX1OAEwvatLS77u2e6?= =?us-ascii?Q?BtbkCoKmwbRJsmMJpneMZ9uoYMwaI5JwQG5viZK5cYN8O656TuMxJeqOgYL1?= =?us-ascii?Q?TlKJpAMtEaqj2mcwr1SVFaIhbiEij8gc709eV8F85reuqo8LMUGxVNOYvIiW?= =?us-ascii?Q?WyCIb4qHo5cFif2+42P8DU6NTGccNtYsm+VkCAoW/DH/s+95FOTaVur5+b4A?= =?us-ascii?Q?wPSPUe/NjSN/r+4/L7+K6L+18cyjl0t2Z8ZldiNclUIuyumgBYK0kzFPRyrJ?= =?us-ascii?Q?tPahtS9FeoW5dF7UQ+XF6iRDVKkEtOFt5sYP2QWzFJbMxLYk3L5liJtAPIyX?= =?us-ascii?Q?tq0SIoVoFhQebAepsfHHY12nyeB8rc06BVv/5cxiGbkP6qo+7WpZKOZjDAP6?= =?us-ascii?Q?OWRx+dSxa7i3KCQYj/ZiviYLQaD1b3xzxwR1LGY8gWP/lYOx4j1iueHXUhGm?= =?us-ascii?Q?rHZbfjG8kH0NNR8dYjzU8gklraj07QpFzA4yI1uFrCHCgN6tgPP4FISXXZon?= =?us-ascii?Q?uaWvYfwoE0pyJsSzgPVuvD3x?= x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: marvell.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR18MB4491.namprd18.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: e0bbfb29-56be-4693-41c6-08d972d4643f X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Sep 2021 14:24:38.9220 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 70e1fb47-1155-421d-87fc-2e58f638b6e0 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: DWroqhe5RlgM8cIRoLQFbHlHVJWrmHvCUr+KtVblt9j4VIIZH+ZIhk4M6r3vwDCSLZ2EO0nI2KYmFwX0NhYVwg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR18MB4490 X-Proofpoint-GUID: CQXrQp0bFyMjkFsaChEZ0Y6RSjldf1zo X-Proofpoint-ORIG-GUID: CQXrQp0bFyMjkFsaChEZ0Y6RSjldf1zo X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475 definitions=2021-09-08_06,2021-09-07_02,2020-04-07_01 Subject: Re: [dpdk-dev] [EXT] [PATCH 7/7] examples/ipsec-secgw: add ethdev reset callback X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" > Add event handler for ethdev reset callback I believe the below patch need to be split in 4-5 patches. It has a lot of irrelevant stuff. >=20 > Signed-off-by: Declan Doherty > Signed-off-by: Radu Nicolau > --- > examples/ipsec-secgw/ipsec-secgw.c | 18 +++- > examples/ipsec-secgw/ipsec.h | 4 +- > examples/ipsec-secgw/sa.c | 130 +++++++++++++++++++++++++++-- > 3 files changed, 139 insertions(+), 13 deletions(-) >=20 > diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec- > secgw/ipsec-secgw.c > index e725d84e7c..9ba9568978 100644 > --- a/examples/ipsec-secgw/ipsec-secgw.c > +++ b/examples/ipsec-secgw/ipsec-secgw.c > @@ -2254,7 +2254,7 @@ port_init(uint16_t portid, uint64_t > req_rx_offloads, uint64_t req_tx_offloads) > local_port_conf.rxmode.offloads) > rte_exit(EXIT_FAILURE, > "Error: port %u required RX offloads: 0x%" PRIx64 > - ", avaialbe RX offloads: 0x%" PRIx64 "\n", > + ", available RX offloads: 0x%" PRIx64 "\n", > portid, local_port_conf.rxmode.offloads, > dev_info.rx_offload_capa); >=20 > @@ -2262,7 +2262,7 @@ port_init(uint16_t portid, uint64_t > req_rx_offloads, uint64_t req_tx_offloads) > local_port_conf.txmode.offloads) > rte_exit(EXIT_FAILURE, > "Error: port %u required TX offloads: 0x%" PRIx64 > - ", avaialbe TX offloads: 0x%" PRIx64 "\n", > + ", available TX offloads: 0x%" PRIx64 "\n", > portid, local_port_conf.txmode.offloads, > dev_info.tx_offload_capa); Submit a separate patch for above so that it can be back ported. >=20 > @@ -2543,6 +2543,17 @@ inline_ipsec_event_callback(uint16_t port_id, > enum rte_eth_event_type type, > return -1; > } >=20 > +static int > +ethdev_reset_event_callback(uint16_t port_id, > + enum rte_eth_event_type type __rte_unused, > + void *param __rte_unused, void *ret_param __rte_unused) > +{ > + printf("Reset Event on port id %d\n", port_id); > + printf("Force quit application"); > + force_quit =3D true; > + return 0; > +} > + > static uint16_t > rx_callback(__rte_unused uint16_t port, __rte_unused uint16_t queue, > struct rte_mbuf *pkt[], uint16_t nb_pkts, > @@ -3317,6 +3328,9 @@ main(int32_t argc, char **argv) > rte_strerror(-ret), portid); > } >=20 > + rte_eth_dev_callback_register(portid, > RTE_ETH_EVENT_INTR_RESET, > + ethdev_reset_event_callback, NULL); > + > rte_eth_dev_callback_register(portid, > RTE_ETH_EVENT_IPSEC, inline_ipsec_event_callback, > NULL); > } > diff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h > index db7988604a..e8752e0bde 100644 > --- a/examples/ipsec-secgw/ipsec.h > +++ b/examples/ipsec-secgw/ipsec.h > @@ -65,7 +65,7 @@ struct ip_addr { > } ip; > }; >=20 > -#define MAX_KEY_SIZE 36 > +#define MAX_KEY_SIZE 132 Reason?? This change do not match with the patch description. >=20 > /* > * application wide SA parameters > @@ -146,7 +146,7 @@ struct ipsec_sa { > uint8_t udp_encap; > uint16_t portid; > uint16_t mss; > - uint16_t esn; > + uint32_t esn; >=20 > uint8_t fdir_qid; > uint8_t fdir_flag; > diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c > index 3ee5ed7dcf..0be8bdef7a 100644 > --- a/examples/ipsec-secgw/sa.c > +++ b/examples/ipsec-secgw/sa.c > @@ -46,6 +46,7 @@ struct supported_cipher_algo { > struct supported_auth_algo { > const char *keyword; > enum rte_crypto_auth_algorithm algo; > + uint16_t iv_len; > uint16_t digest_len; > uint16_t key_len; > uint8_t key_not_req; > @@ -98,6 +99,20 @@ const struct supported_cipher_algo cipher_algos[] =3D = { > .block_size =3D 4, > .key_len =3D 20 > }, > + { > + .keyword =3D "aes-192-ctr", > + .algo =3D RTE_CRYPTO_CIPHER_AES_CTR, > + .iv_len =3D 16, > + .block_size =3D 16, > + .key_len =3D 28 > + }, > + { > + .keyword =3D "aes-256-ctr", > + .algo =3D RTE_CRYPTO_CIPHER_AES_CTR, > + .iv_len =3D 16, > + .block_size =3D 16, > + .key_len =3D 36 > + }, I think the above change need a separate patch to add support for new algos= . > { > .keyword =3D "3des-cbc", > .algo =3D RTE_CRYPTO_CIPHER_3DES_CBC, > @@ -126,6 +141,31 @@ const struct supported_auth_algo auth_algos[] =3D { > .algo =3D RTE_CRYPTO_AUTH_SHA256_HMAC, > .digest_len =3D 16, > .key_len =3D 32 > + }, > + { > + .keyword =3D "sha384-hmac", > + .algo =3D RTE_CRYPTO_AUTH_SHA384_HMAC, > + .digest_len =3D 24, > + .key_len =3D 48 > + }, > + { > + .keyword =3D "sha512-hmac", > + .algo =3D RTE_CRYPTO_AUTH_SHA512_HMAC, > + .digest_len =3D 32, > + .key_len =3D 64 > + }, > + { > + .keyword =3D "aes-gmac", > + .algo =3D RTE_CRYPTO_AUTH_AES_GMAC, > + .iv_len =3D 8, > + .digest_len =3D 16, > + .key_len =3D 20 > + }, > + { > + .keyword =3D "aes-xcbc-mac-96", > + .algo =3D RTE_CRYPTO_AUTH_AES_XCBC_MAC, > + .digest_len =3D 12, > + .key_len =3D 16 > } > }; >=20 > @@ -156,6 +196,42 @@ const struct supported_aead_algo aead_algos[] =3D { > .key_len =3D 36, > .digest_len =3D 16, > .aad_len =3D 8, > + }, > + { > + .keyword =3D "aes-128-ccm", > + .algo =3D RTE_CRYPTO_AEAD_AES_CCM, > + .iv_len =3D 8, > + .block_size =3D 4, > + .key_len =3D 20, > + .digest_len =3D 16, > + .aad_len =3D 8, > + }, > + { > + .keyword =3D "aes-192-ccm", > + .algo =3D RTE_CRYPTO_AEAD_AES_CCM, > + .iv_len =3D 8, > + .block_size =3D 4, > + .key_len =3D 28, > + .digest_len =3D 16, > + .aad_len =3D 8, > + }, > + { > + .keyword =3D "aes-256-ccm", > + .algo =3D RTE_CRYPTO_AEAD_AES_CCM, > + .iv_len =3D 8, > + .block_size =3D 4, > + .key_len =3D 36, > + .digest_len =3D 16, > + .aad_len =3D 8, > + }, > + { > + .keyword =3D "chacha20-poly1305", > + .algo =3D RTE_CRYPTO_AEAD_CHACHA20_POLY1305, > + .iv_len =3D 12, > + .block_size =3D 64, > + .key_len =3D 36, > + .digest_len =3D 16, > + .aad_len =3D 8, Above changes are also not relevant to this patch. And MAX_KEY_SIZE is updated as 132, but max size that I see here is 64. =20 > } > }; >=20 > @@ -352,6 +428,8 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens, > } else if (strcmp(tokens[ti], "ipv6-udp-tunnel") =3D=3D 0) { > sa_cnt->nb_v6++; > rule->flags |=3D IP6_TUNNEL | > NATT_UDP_TUNNEL; > + rule->udp.sport =3D 0; > + rule->udp.dport =3D 4500; Again irrelevant change as per the description. > } else if (strcmp(tokens[ti], "transport") =3D=3D 0) { > sa_cnt->nb_v4++; > sa_cnt->nb_v6++; > @@ -499,6 +577,15 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens, > if (status->status < 0) > return; >=20 > + if (algo->algo =3D=3D RTE_CRYPTO_AUTH_AES_GMAC) { > + key_len -=3D 4; > + rule->auth_key_len =3D key_len; > + rule->iv_len =3D algo->iv_len; > + memcpy(&rule->salt, > + &rule->auth_key[key_len], 4); > + } > + > + Extra line and irrelevant change. > auth_algo_p =3D 1; > continue; > } > @@ -1209,10 +1296,15 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct > ipsec_sa entries[], > sa->aead_algo =3D=3D RTE_CRYPTO_AEAD_AES_CCM || > sa->aead_algo =3D=3D > RTE_CRYPTO_AEAD_CHACHA20_POLY1305) { >=20 > - if (ips->type =3D=3D > RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO) > + if (ips->type =3D=3D > + > RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO) { > iv_length =3D 8; > - else > - iv_length =3D 12; > + } else { > + if (sa->aead_algo =3D=3D > RTE_CRYPTO_AEAD_AES_CCM) > + iv_length =3D 11; > + else > + iv_length =3D 12; > + } >=20 > sa_ctx->xf[idx].a.type =3D > RTE_CRYPTO_SYM_XFORM_AEAD; > sa_ctx->xf[idx].a.aead.algo =3D sa->aead_algo; > @@ -1236,10 +1328,8 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct > ipsec_sa entries[], > case RTE_CRYPTO_CIPHER_NULL: > case RTE_CRYPTO_CIPHER_3DES_CBC: > case RTE_CRYPTO_CIPHER_AES_CBC: > - iv_length =3D sa->iv_len; > - break; > case RTE_CRYPTO_CIPHER_AES_CTR: > - iv_length =3D 16; > + iv_length =3D sa->iv_len; > break; > default: > RTE_LOG(ERR, IPSEC_ESP, > @@ -1248,6 +1338,15 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct > ipsec_sa entries[], > return -EINVAL; > } >=20 > + if (sa->auth_algo =3D=3D RTE_CRYPTO_AUTH_AES_GMAC) > { > + if (ips->type =3D=3D > + > RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO) { > + iv_length =3D 8; > + } else { > + iv_length =3D 12; > + } > + } > + > if (inbound) { > sa_ctx->xf[idx].b.type =3D > RTE_CRYPTO_SYM_XFORM_CIPHER; > sa_ctx->xf[idx].b.cipher.algo =3D sa- > >cipher_algo; > @@ -1269,6 +1368,9 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct > ipsec_sa entries[], > sa->digest_len; > sa_ctx->xf[idx].a.auth.op =3D > RTE_CRYPTO_AUTH_OP_VERIFY; > + sa_ctx->xf[idx].a.auth.iv.offset =3D IV_OFFSET; > + sa_ctx->xf[idx].a.auth.iv.length =3D iv_length; > + > } else { /* outbound */ > sa_ctx->xf[idx].a.type =3D > RTE_CRYPTO_SYM_XFORM_CIPHER; > sa_ctx->xf[idx].a.cipher.algo =3D sa- > >cipher_algo; > @@ -1290,11 +1392,21 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct > ipsec_sa entries[], > sa->digest_len; > sa_ctx->xf[idx].b.auth.op =3D > RTE_CRYPTO_AUTH_OP_GENERATE; > + sa_ctx->xf[idx].b.auth.iv.offset =3D IV_OFFSET; > + sa_ctx->xf[idx].b.auth.iv.length =3D iv_length; > + > } >=20 > - sa_ctx->xf[idx].a.next =3D &sa_ctx->xf[idx].b; > - sa_ctx->xf[idx].b.next =3D NULL; > - sa->xforms =3D &sa_ctx->xf[idx].a; > + if (sa->auth_algo =3D=3D RTE_CRYPTO_AUTH_AES_GMAC) > { > + sa->xforms =3D inbound ? > + &sa_ctx->xf[idx].a : &sa_ctx- > >xf[idx].b; > + sa->xforms->next =3D NULL; > + > + } else { > + sa_ctx->xf[idx].a.next =3D &sa_ctx->xf[idx].b; > + sa_ctx->xf[idx].b.next =3D NULL; > + sa->xforms =3D &sa_ctx->xf[idx].a; > + } > } >=20 > if (ips->type =3D=3D > -- > 2.25.1