From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 7FFFFA055A for ; Thu, 27 Feb 2020 10:34:14 +0100 (CET) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 792F01F1C; Thu, 27 Feb 2020 10:34:14 +0100 (CET) Received: from mail-wr1-f65.google.com (mail-wr1-f65.google.com [209.85.221.65]) by dpdk.org (Postfix) with ESMTP id 4D86E1BFC7 for ; Thu, 27 Feb 2020 10:34:11 +0100 (CET) Received: by mail-wr1-f65.google.com with SMTP id u6so2450123wrt.0 for ; Thu, 27 Feb 2020 01:34:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=QupwTOdD/Fvwmlw/gqOv+hYT23LwQ0q/u228Ak4Oo9A=; b=vbJrlKgI293JkLhmRXSKHb9pUFV0lG/qfVm950s/2HNYKCJrLhlbDinsF12wUTL0g6 1RJeiKfVFoZ0lducXdY5qiCpOAn30oRe979ZYWs5nJ97nFRs6Q2nSOq4dNMEgNCGfbN4 BUM7putnfQqFo3W7Sr3UqKktsSMBGk/gy+jWCasuN4nkorZ+9ztyI36SEyusREvRCE+Q Nix4QZeZIxvTg4pA0KavSgEzOpaXkG1DULNDWvb+2H6vagVIx0FXpxUDkr1JAN0lIcRW SIEKK2/CYjatrneIl2pcBA/Kx/eXvKKOEf0nta6yzMggkZr6IohmFoIyacJz9k1o0Xsc Jekg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=QupwTOdD/Fvwmlw/gqOv+hYT23LwQ0q/u228Ak4Oo9A=; b=noVLREDU/Ly7JP93gKm+NvM8EqqyojUeCRxHj++kC7nXhYkxB7Vgd0A+RANKFUp1bc iPlUasAGo3E/8NwuWMT4RLiKv0cSvDE6UnUIIBazwM9uAjnkkYvuFa78f+Qndd9KFu6Y PqOKfevaBV4vjsqk1HGJCbv1CyG72AXBf1Tqfz5ys1ywKoqVR+tRO9zj2mNA4HnZAgbr Is4nFA47Osf8D1+K66p17o/DP2h5UNi10rXtjbzCiBXj+TWPSCZRmAI7qxF3nTCvZjW+ /9O+G/m6m1OBdQ6ITH75dzRwl24FsWPtUh6TV+4bQuKhV5I7ZEfX0LsLCoQMzzj63X/S 36pA== X-Gm-Message-State: APjAAAUVkLTg6K/vxfrz+st2lM/THBz42Nd6GQWQsqhv4F0oDpg8yMJg LR89j8INioAs0Y3LKO88eMQ= X-Google-Smtp-Source: APXvYqxNTqrVXRzRbQWp5qlPh5Brz252OT7WlBKr7htiztMxh2izzKYv62ev1nffy/k27vr1kbwCwQ== X-Received: by 2002:adf:b19e:: with SMTP id q30mr3741783wra.163.1582796050957; Thu, 27 Feb 2020 01:34:10 -0800 (PST) Received: from localhost ([88.98.246.218]) by smtp.gmail.com with ESMTPSA id u62sm7061361wmu.17.2020.02.27.01.34.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Feb 2020 01:34:10 -0800 (PST) From: luca.boccassi@gmail.com To: Ankur Dwivedi Cc: Anoob Joseph , Akhil Goyal , dpdk stable Date: Thu, 27 Feb 2020 09:33:22 +0000 Message-Id: <20200227093402.17690-2-luca.boccassi@gmail.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200227093402.17690-1-luca.boccassi@gmail.com> References: <20200217174546.25334-54-luca.boccassi@gmail.com> <20200227093402.17690-1-luca.boccassi@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-stable] patch 'examples/ipsec-secgw: extend inline session to non AES-GCM' has been queued to stable release 19.11.1 X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Sender: "stable" Hi, FYI, your patch has been queued to stable release 19.11.1 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 02/29/20. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Thanks. Luca Boccassi --- >From 42b568622cf6345e311aee821d755963e786a704 Mon Sep 17 00:00:00 2001 From: Ankur Dwivedi Date: Fri, 14 Feb 2020 12:08:18 +0530 Subject: [PATCH] examples/ipsec-secgw: extend inline session to non AES-GCM [ upstream commit b685f931e1ce33d287e3891d4f19ab07f8d2aa79 ] This patch extends creation of inline session to all the algorithms. Previously the inline session was enabled only for AES-GCM cipher. Fixes: 3a690d5a65e2 ("examples/ipsec-secgw: fix first packet with inline crypto") Signed-off-by: Ankur Dwivedi Acked-by: Anoob Joseph Acked-by: Akhil Goyal --- examples/ipsec-secgw/sa.c | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c index c75a5a15f5..04827d7e11 100644 --- a/examples/ipsec-secgw/sa.c +++ b/examples/ipsec-secgw/sa.c @@ -993,7 +993,6 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[], } if (sa->aead_algo == RTE_CRYPTO_AEAD_AES_GCM) { - struct rte_ipsec_session *ips; iv_length = 12; sa_ctx->xf[idx].a.type = RTE_CRYPTO_SYM_XFORM_AEAD; @@ -1014,18 +1013,6 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[], sa->xforms = &sa_ctx->xf[idx].a; - ips = ipsec_get_primary_session(sa); - if (ips->type == - RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL || - ips->type == - RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO) { - rc = create_inline_session(skt_ctx, sa, ips); - if (rc != 0) { - RTE_LOG(ERR, IPSEC_ESP, - "create_inline_session() failed\n"); - return -EINVAL; - } - } print_one_sa_rule(sa, inbound); } else { switch (sa->cipher_algo) { @@ -1094,6 +1081,18 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[], print_one_sa_rule(sa, inbound); } + + if (ips->type == + RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL || + ips->type == + RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO) { + rc = create_inline_session(skt_ctx, sa, ips); + if (rc != 0) { + RTE_LOG(ERR, IPSEC_ESP, + "create_inline_session() failed\n"); + return -EINVAL; + } + } } return 0; -- 2.20.1 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2020-02-27 09:31:55.915137861 +0000 +++ 0002-examples-ipsec-secgw-extend-inline-session-to-non-AE.patch 2020-02-27 09:31:55.631945112 +0000 @@ -1,26 +1,27 @@ -From b685f931e1ce33d287e3891d4f19ab07f8d2aa79 Mon Sep 17 00:00:00 2001 +From 42b568622cf6345e311aee821d755963e786a704 Mon Sep 17 00:00:00 2001 From: Ankur Dwivedi Date: Fri, 14 Feb 2020 12:08:18 +0530 Subject: [PATCH] examples/ipsec-secgw: extend inline session to non AES-GCM +[ upstream commit b685f931e1ce33d287e3891d4f19ab07f8d2aa79 ] + This patch extends creation of inline session to all the algorithms. Previously the inline session was enabled only for AES-GCM cipher. Fixes: 3a690d5a65e2 ("examples/ipsec-secgw: fix first packet with inline crypto") -Cc: stable@dpdk.org Signed-off-by: Ankur Dwivedi Acked-by: Anoob Joseph Acked-by: Akhil Goyal --- - examples/ipsec-secgw/sa.c | 26 ++++++++++++-------------- - 1 file changed, 12 insertions(+), 14 deletions(-) + examples/ipsec-secgw/sa.c | 25 ++++++++++++------------- + 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c -index e75b687c46..4822d6bdaa 100644 +index c75a5a15f5..04827d7e11 100644 --- a/examples/ipsec-secgw/sa.c +++ b/examples/ipsec-secgw/sa.c -@@ -1057,7 +1057,6 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[], +@@ -993,7 +993,6 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[], } if (sa->aead_algo == RTE_CRYPTO_AEAD_AES_GCM) { @@ -28,11 +29,10 @@ iv_length = 12; sa_ctx->xf[idx].a.type = RTE_CRYPTO_SYM_XFORM_AEAD; -@@ -1077,19 +1076,6 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[], - sa->digest_len; +@@ -1014,18 +1013,6 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[], sa->xforms = &sa_ctx->xf[idx].a; -- + - ips = ipsec_get_primary_session(sa); - if (ips->type == - RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL || @@ -45,13 +45,14 @@ - return -EINVAL; - } - } + print_one_sa_rule(sa, inbound); } else { switch (sa->cipher_algo) { - case RTE_CRYPTO_CIPHER_NULL: -@@ -1156,6 +1142,18 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[], - sa->xforms = &sa_ctx->xf[idx].a; - } +@@ -1094,6 +1081,18 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[], + print_one_sa_rule(sa, inbound); + } ++ + if (ips->type == + RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL || + ips->type == @@ -63,10 +64,9 @@ + return -EINVAL; + } + } -+ - print_one_sa_rule(sa, inbound); } + return 0; -- 2.20.1