From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 4BFB8A0503;
	Thu, 28 Apr 2022 07:25:41 +0200 (CEST)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id E53A0410DC;
	Thu, 28 Apr 2022 07:25:40 +0200 (CEST)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id B737340E78
 for <dev@dpdk.org>; Thu, 28 Apr 2022 07:25:39 +0200 (CEST)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id 23S3922d019070;
 Wed, 27 Apr 2022 22:25:39 -0700
Received: from nam02-sn1-obe.outbound.protection.outlook.com
 (mail-sn1anam02lp2041.outbound.protection.outlook.com [104.47.57.41])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3fqhpn18uc-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
 Wed, 27 Apr 2022 22:25:38 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=d+gGtzMEioMaMH7KW6Kr2YjMlf50xN4zBIIohvxJzQ/WtGxQzZ/GWWqFtYIe7Uz7Xrttt29gVRhR1GFNnu4sbtlcSsJUsmT6+bE7Iou1M72Q3mhXJ/tLTSlelloZNskBMb+ayw56BCAylaCsTCZhmTdSEretZia79zq8GgJTgpWOHErk61BFu3AEEJA1UX2EL70NSFDPZhNPt8z5+FBhOuTw6AJuGVo1HGui+uZGE7NiNYJihLXo2GnEFkMp+7VV0OeKu38e0BRUsWxG44U2bfgOeSEPOKbZkR1BfQpURZ8dOssCJZZu05ZB7PXfOYwqPy6jYfn/Izy16BAFJxDNBg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; 
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=qsW0fClyyhAzwIArrLn+9jztlzky+EENmJ917xSatho=;
 b=Clt5oQRIhxmNpd8fiql6E5KcvshCvIPMmhS3WtIE/S0zw8DiJnBIXwPBZ+UGj1LUWO7BmhZIlbTDXemFNdImuqlaDvGh8aY04OKfwLYbjXTXQ9e/qIWxFzDiYIStvOOyw2qB0MIKJqrE/mx/TnKnCW8xlso9MKMnDs2o4mjfEEZ1kxi61g8xXU6JIv/OR1+UhAw8kPo6vDl9i4rBHwlSQW029ju9VFgcNmJp82XLM9jawHxPbMyP9yjNMeysXLLoD2w3vsU7jnfKZE5B/UTjgWv/smbARMlZTuU8+5j4x8urCflioUL8+QBx2AgmjSscv4AFJiynC393lzviheGieA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=marvell.com; dmarc=pass action=none header.from=marvell.com;
 dkim=pass header.d=marvell.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=marvell.onmicrosoft.com; s=selector1-marvell-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=qsW0fClyyhAzwIArrLn+9jztlzky+EENmJ917xSatho=;
 b=H6yTiAihKxEuVIc3QZtzGzmIOsIyLtqMzCtIwWqJIB3OgDaMBXoSji3vqgYOYXAyEt8UXd7yPqwZ8tFt/3uo0+VVrJL3pEB/ZHI7zFrNV9CtaOSzjhdXe8iCaB8IytT+wWqhtvi4kzMW2BmkDBJiP4kum5ji0pvDc+yX+qotrzE=
Received: from PH0PR18MB4672.namprd18.prod.outlook.com (2603:10b6:510:c9::16)
 by SN7PR18MB3952.namprd18.prod.outlook.com (2603:10b6:806:10a::5)
 with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5206.14; Thu, 28 Apr
 2022 05:25:36 +0000
Received: from PH0PR18MB4672.namprd18.prod.outlook.com
 ([fe80::141b:43fb:348e:f3a]) by PH0PR18MB4672.namprd18.prod.outlook.com
 ([fe80::141b:43fb:348e:f3a%5]) with mapi id 15.20.5206.013; Thu, 28 Apr 2022
 05:25:36 +0000
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, "dev@dpdk.org" <dev@dpdk.org>
CC: "thomas@monjalon.net" <thomas@monjalon.net>, "david.marchand@redhat.com"
 <david.marchand@redhat.com>, "hemant.agrawal@nxp.com"
 <hemant.agrawal@nxp.com>, "konstantin.ananyev@intel.com"
 <konstantin.ananyev@intel.com>, "ciara.power@intel.com"
 <ciara.power@intel.com>, "ferruh.yigit@intel.com" <ferruh.yigit@intel.com>,
 "andrew.rybchenko@oktetlabs.ru" <andrew.rybchenko@oktetlabs.ru>,
 Nithin Kumar Dabilpuram <ndabilpuram@marvell.com>, Vamsi Krishna Attunuru
 <vattunuru@marvell.com>, Akhil Goyal <gakhil@marvell.com>
Subject: RE: [PATCH v5 6/7] test/security: add ESN and anti-replay cases for
 inline
Thread-Topic: [PATCH v5 6/7] test/security: add ESN and anti-replay cases for
 inline
Thread-Index: AQHYWkk7cjXO7QoxaEqv2d34vTWmrq0Expyw
Date: Thu, 28 Apr 2022 05:25:36 +0000
Message-ID: <PH0PR18MB467283B142569B5670818EF0DFFD9@PH0PR18MB4672.namprd18.prod.outlook.com>
References: <20220416192530.173895-1-gakhil@marvell.com>
 <20220427151054.2536675-1-gakhil@marvell.com>
 <20220427151054.2536675-7-gakhil@marvell.com>
In-Reply-To: <20220427151054.2536675-7-gakhil@marvell.com>
Accept-Language: en-IN, en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8885c14d-5572-4b06-e3bf-08da28d78655
x-ms-traffictypediagnostic: SN7PR18MB3952:EE_
x-microsoft-antispam-prvs: <SN7PR18MB3952534DD11D05B8309EF0C4DFFD9@SN7PR18MB3952.namprd18.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: OS+/POs5aOsCxyStpWa0tgd5k4V+tkoWXafLJArlqRtFgKgHKw1vS6d7ejl5OPLQmPmtKFxATK2dFHFm/xCu68pch0/bytfS+52JWSTcCYsQCDhGGrjDXyPm+x7rQjfMO5qM1AV2YvI18HB6TylIiIiT1WKY8PBw+kMCNYvvkGb6yuWe2sVkIz//SPdflH7i1EBtMWSLl787xHD+J+nb6wdk95S/7Wm3Cv3v4PqHQ1/l5WdWG0NOh3gkoBGNiLJaPlMzfwJUCCNt4KiJOBMWLvNa8gjKauvatmxe66zzgC6NkGlyaBC1+Hi81iRfqprCC7b8C7uLyUsP7oIPkA4Ku6XxY19LQs8gYv11x1TOUxhNnygY4miIOzxER9hML7iJPgZkUM45CYuua41xZ6du7A7nYP+SHDB4uw14OmN+4hqC+rovRcRj4jRT+cR9y7COkP/llFXHkOcrZE+0/HzziLW6d7t+buAQwxU+IzOKc5sEprHB/J29tMqyg2TyYKEgCu9MVvfAmvRz12Pvf7Lozf7XUmDAKCLaEBVKFlYmMzFLzQHciCM3PKLpf0HoUcQ/8isDyLUnmuKv590IoAkfeky78+cGCPZhq6jRfnMhsnDpKUf3a+nfGddDDWENYhhLMyWOK5nixjtbK0z7NkKZ9xcbX1jD+6ehdJWuA+eKUhZPtfQmC97i4jC61um0ncQVrOMlg7T5LLJJwfy+gshLxg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
 IPV:NLI; SFV:NSPM; H:PH0PR18MB4672.namprd18.prod.outlook.com; PTR:; CAT:NONE;
 SFS:(13230001)(4636009)(366004)(55016003)(316002)(9686003)(71200400001)(4326008)(26005)(86362001)(107886003)(508600001)(5660300002)(110136005)(54906003)(38070700005)(38100700002)(8936002)(7696005)(52536014)(6506007)(122000001)(186003)(33656002)(15650500001)(83380400001)(76116006)(8676002)(66446008)(66476007)(66556008)(2906002)(64756008)(66946007);
 DIR:OUT; SFP:1101; 
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?wORIVrsfPDkbBbRbrdP8y62hCphI0TgAEZCwdd+ghRy4ygJ3sfuDElzVjteK?=
 =?us-ascii?Q?riraWnQsWZXJhDSBcGfves4dZzq4t+zUyLAZAilJNnpTTvhwcGXJqbq9QXYw?=
 =?us-ascii?Q?L1qAzu1wDjd1E55Rt1HibQlMJpxkOe37NZ3D1hhNnSOEUBnkxgDSDbqJBzzE?=
 =?us-ascii?Q?h7rrK/bDMNUFyfU4PgLX2ElsQwL9T4RdNygTDzc+BSAXMGyT91pNrbgXP6CY?=
 =?us-ascii?Q?z2t7UyCEFw2BTXIgyk2B6xJTPqQUkDP79wctKZvv+xkqOmJzJ6+r3/+e/u4x?=
 =?us-ascii?Q?Y6RZEiqNt4xSJzd4hQKtdwQnmHr1NXjWlRYJtY+/swCRll1kQPEAth9i9EwE?=
 =?us-ascii?Q?nmL1BzL5LplNdhG8a8h5L/R0aYXmDJ5937okFyal505tYulijtgzJd/XfC7N?=
 =?us-ascii?Q?8JUn8GmfZW8Qcqrmjn6gbThkqdQIJ4U+eRaiG72MhhephSC31zCMVJuOv47w?=
 =?us-ascii?Q?tHqBJ6wZpU+vbRZ5Bcm/r07a5YC1kbXvo9fPpCG0SgdEpd42meeC2PQBz2i1?=
 =?us-ascii?Q?QkqUIyMns8B2s+bZjDCegarDak5uMKMl9q2VMVRLmIeR5lnmwxK0iLBfZBfd?=
 =?us-ascii?Q?PV3f5IYmmbm+whwEFRYE1OrldnLdzeZkEyu5K21qFBDqhQgwZtYsi5nIJ8Tu?=
 =?us-ascii?Q?8z3dVSFuwK2+kvJ0GbNdNU6KxLQTyFj7XNIfrhjYZtiC3BT7Zfl2BthDlBYH?=
 =?us-ascii?Q?644ITSSoTQGGsG8QvINqWMZkINmbaUV9PlSttCJvGP+4VtseFhw4HlZdilAp?=
 =?us-ascii?Q?rZBLidYmrbLH7gDS4t4ExuQx9iSKa/rhmXLCKFtNQkytJwjM6v4jRbKRz7sz?=
 =?us-ascii?Q?wJOjHD2/2e3Z4r+tLNtQRYasas18BkIun4zKebtRJQYnZ2jfs4Wev+eN5rGH?=
 =?us-ascii?Q?YxAtGv88wo1+NC0jmHbLS/6yYyg32LKiCKC8fjcFZ+fHsp2LWQUksowu4zxU?=
 =?us-ascii?Q?DT+ul//+ft/fPiQI+o92UFF7quP4yQ1ws7DsX79MAe38U9d6iiuUfxhogGIG?=
 =?us-ascii?Q?J2t5MUpP1fVcbWNPCz5j38WaT1upF2KIZ+qF/PiueuiYzaIHX00l2EnkHoeA?=
 =?us-ascii?Q?NEcqOeLThgUNOW0FfbF7Jkcfg0BF1aEV2Qsaaf+gxNeZ+C+QaysXkcd6x7iU?=
 =?us-ascii?Q?DR/CttII0z8RWC3E3+LXMDx5ZhynB6Q2zr2Py8Vw8msTOCz1fNUa7P4tT4sa?=
 =?us-ascii?Q?WAAaRblkUKHXNr4IWr0T3RO0VESCyTC7WbajvIVRo5NvkatCmflu4aZ5CioD?=
 =?us-ascii?Q?p2aIhRI/Pezok70qtngGHEVHZx5d8tTyU1MRO+mL4GmF6VhAkkGkSQMRafC7?=
 =?us-ascii?Q?mMx4D9qmGhZPnCfj+GOAgUHRPSmXHPf1GNGjxfv8AQOivz74j7nII0EWLKSN?=
 =?us-ascii?Q?sA8yC7jVhSPaewxbU/GyTKhL8oFC9ZSxhHr3Tk3lAj9Ly3zpB7WDUKUFU4cG?=
 =?us-ascii?Q?fIZHtt6S44xfohnMkKC41FEUlHi1UIuJnuwt/KN0AdWDWYICCLW3TXiX2j0u?=
 =?us-ascii?Q?A8wGF+oMxN5wZxmhc5cjUEKo8+My0lYczWI2LnNv9n2Sa4e7JTszd24SdMNM?=
 =?us-ascii?Q?ARWGHGv8hk41JkNSlzFoPbqORzBaNWXCbxvjFLFDnv6/PYEsNYviwKPDEW37?=
 =?us-ascii?Q?aQpBP23Ck6od4fD/JzZEqqqcqaksQr/Jh0CoUY0VlZRPChPUw8G2xifspJMD?=
 =?us-ascii?Q?VpkkEg5LvKSPhMUEyBNS3LIlinyrdtiviS9YgI5YqH6xsr7oDceIdeVfhyWN?=
 =?us-ascii?Q?39SSDiSPow=3D=3D?=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: marvell.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR18MB4672.namprd18.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 8885c14d-5572-4b06-e3bf-08da28d78655
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Apr 2022 05:25:36.2577 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 70e1fb47-1155-421d-87fc-2e58f638b6e0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: jX/MelwiXBid1n5NAX9sKeY7dMSEyBGUvGJd2vNArQzd3zmzFhO4Rf1irRT9zdrWH+G+ZEVwefC74lKOfV/GxA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR18MB3952
X-Proofpoint-GUID: YiFm4mtoPuiZ7nCtvUzzUxed0U2w17Mu
X-Proofpoint-ORIG-GUID: YiFm4mtoPuiZ7nCtvUzzUxed0U2w17Mu
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.858,Hydra:6.0.486,FMLib:17.11.64.514
 definitions=2022-04-27_04,2022-04-27_01,2022-02-23_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Hi Akhil,

Please see inline.

Thanks,
Anoob

> Subject: [PATCH v5 6/7] test/security: add ESN and anti-replay cases for =
inline
>=20
> Added cases to test anti replay for inline IPsec processing with and with=
out
> extended sequence number support.
>=20
> Signed-off-by: Akhil Goyal <gakhil@marvell.com>
> ---
>  app/test/test_security_inline_proto.c | 308
> ++++++++++++++++++++++++++
>  1 file changed, 308 insertions(+)
>=20
> diff --git a/app/test/test_security_inline_proto.c
> b/app/test/test_security_inline_proto.c
> index 055b753634..009405f403 100644
> --- a/app/test/test_security_inline_proto.c
> +++ b/app/test/test_security_inline_proto.c
> @@ -1091,6 +1091,136 @@ test_ipsec_inline_proto_all(const struct
> ipsec_test_flags *flags)
>  		return TEST_SKIPPED;
>  }
>=20
> +static int
> +test_ipsec_inline_proto_process_with_esn(struct ipsec_test_data td[],
> +		struct ipsec_test_data res_d[],
> +		int nb_pkts,
> +		bool silent,
> +		const struct ipsec_test_flags *flags) {
> +	struct rte_security_session_conf sess_conf =3D {0};
> +	struct ipsec_test_data *res_d_tmp =3D NULL;
> +	struct rte_crypto_sym_xform cipher =3D {0};
> +	struct rte_crypto_sym_xform auth =3D {0};
> +	struct rte_crypto_sym_xform aead =3D {0};
> +	struct rte_mbuf *rx_pkt =3D NULL;
> +	struct rte_mbuf *tx_pkt =3D NULL;
> +	int nb_rx, nb_sent;
> +	struct rte_security_session *ses;
> +	struct rte_security_ctx *ctx;
> +	uint32_t ol_flags;
> +	int i, ret;
> +
> +	if (td[0].aead) {
> +		sess_conf.crypto_xform =3D &aead;
> +	} else {
> +		if (td[0].ipsec_xform.direction =3D=3D
> +				RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
> +			sess_conf.crypto_xform =3D &cipher;
> +			sess_conf.crypto_xform->type =3D
> RTE_CRYPTO_SYM_XFORM_CIPHER;
> +			sess_conf.crypto_xform->next =3D &auth;
> +			sess_conf.crypto_xform->next->type =3D
> RTE_CRYPTO_SYM_XFORM_AUTH;
> +		} else {
> +			sess_conf.crypto_xform =3D &auth;
> +			sess_conf.crypto_xform->type =3D
> RTE_CRYPTO_SYM_XFORM_AUTH;
> +			sess_conf.crypto_xform->next =3D &cipher;
> +			sess_conf.crypto_xform->next->type =3D
> RTE_CRYPTO_SYM_XFORM_CIPHER;
> +		}
> +	}
> +
> +	/* Create Inline IPsec session. */
> +	ret =3D create_inline_ipsec_session(&td[0], port_id, &ses, &ctx,
> +					  &ol_flags, flags, &sess_conf);
> +	if (ret)
> +		return ret;
> +
> +	if (td[0].ipsec_xform.direction =3D=3D
> RTE_SECURITY_IPSEC_SA_DIR_INGRESS)
> +		create_default_flow(port_id);

[Anoob] If rte_flow creation fails, then the test should be skipped. I see =
that  create_default_flow() is not returning error in case flow_validate() =
or flow_create() fails. IMO, it should be fixed.

> +
> +	for (i =3D 0; i < nb_pkts; i++) {
> +		tx_pkt =3D init_packet(mbufpool, td[i].input_text.data,
> +					td[i].input_text.len);
> +		if (tx_pkt =3D=3D NULL) {
> +			ret =3D TEST_FAILED;
> +			goto out;
> +		}
> +
> +		if
> (test_ipsec_pkt_update(rte_pktmbuf_mtod_offset(tx_pkt,
> +					uint8_t *, RTE_ETHER_HDR_LEN),
> flags)) {
> +			ret =3D TEST_FAILED;
> +			goto out;
> +		}
> +
> +		if (td[i].ipsec_xform.direction =3D=3D
> +				RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
> +			if (flags->antireplay) {
> +				sess_conf.ipsec.esn.value =3D
> +						td[i].ipsec_xform.esn.value;
> +				ret =3D rte_security_session_update(ctx, ses,
> +						&sess_conf);
> +				if (ret) {

[Anoob] ret should be set as TEST_SKIPPED.
=20
> +					printf("Could not update ESN in
> session\n");
> +					rte_pktmbuf_free(tx_pkt);
> +					goto out;
> +				}
> +			}
> +			if (ol_flags &
> RTE_SECURITY_TX_OLOAD_NEED_MDATA)
> +				rte_security_set_pkt_metadata(ctx, ses,
> +						tx_pkt, NULL);
> +			tx_pkt->ol_flags |=3D
> RTE_MBUF_F_TX_SEC_OFFLOAD;
> +		}
> +		/* Send packet to ethdev for inline IPsec processing. */
> +		nb_sent =3D rte_eth_tx_burst(port_id, 0, &tx_pkt, 1);
> +		if (nb_sent !=3D 1) {
> +			printf("\nUnable to TX packets");
> +			rte_pktmbuf_free(tx_pkt);
> +			ret =3D TEST_FAILED;
> +			goto out;
> +		}
> +
> +		rte_pause();
> +
> +		/* Receive back packet on loopback interface. */
> +		do {
> +			rte_delay_ms(1);
> +			nb_rx =3D rte_eth_rx_burst(port_id, 0, &rx_pkt, 1);
> +		} while (nb_rx =3D=3D 0);
> +
> +		rte_pktmbuf_adj(rx_pkt, RTE_ETHER_HDR_LEN);
> +
> +		if (res_d !=3D NULL)
> +			res_d_tmp =3D &res_d[i];
> +
> +		ret =3D test_ipsec_post_process(rx_pkt, &td[i],
> +					      res_d_tmp, silent, flags);
> +		if (ret !=3D TEST_SUCCESS) {
> +			rte_pktmbuf_free(rx_pkt);
> +			goto out;
> +		}
> +
> +		ret =3D test_ipsec_stats_verify(ctx, ses, flags,
> +					td->ipsec_xform.direction);
> +		if (ret !=3D TEST_SUCCESS) {
> +			rte_pktmbuf_free(rx_pkt);
> +			goto out;
> +		}
> +
> +		rte_pktmbuf_free(rx_pkt);
> +		rx_pkt =3D NULL;
> +		tx_pkt =3D NULL;
> +		res_d_tmp =3D NULL;=20

[Anoob] Why do we need to set res_d_tmp to NULL?

> +	}
> +
> +out:
> +	if (td->ipsec_xform.direction =3D=3D
> RTE_SECURITY_IPSEC_SA_DIR_INGRESS)
> +		destroy_default_flow(port_id);
> +
> +	/* Destroy session so that other cases can create the session again */
> +	rte_security_session_destroy(ctx, ses);
> +	ses =3D NULL;
> +
> +	return ret;
> +}
>=20

<snip>