From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id E6B9FA0613 for ; Mon, 23 Sep 2019 13:45:27 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 540E41BEAD; Mon, 23 Sep 2019 13:45:26 +0200 (CEST) Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by dpdk.org (Postfix) with ESMTP id 8F2641BEA8 for ; Mon, 23 Sep 2019 13:45:24 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 23 Sep 2019 04:45:23 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,539,1559545200"; d="scan'208";a="203109163" Received: from msmoczyx-mobl.ger.corp.intel.com ([10.103.104.109]) by fmsmga001.fm.intel.com with ESMTP; 23 Sep 2019 04:45:22 -0700 From: Marcin Smoczynski To: anoobj@marvell.com, akhil.goyal@nxp.com, konstantin.ananyev@intel.com Cc: dev@dpdk.org, Marcin Smoczynski Date: Mon, 23 Sep 2019 13:44:11 +0200 Message-Id: <20190923114415.17932-1-marcinx.smoczynski@intel.com> X-Mailer: git-send-email 2.21.0.windows.1 In-Reply-To: <20190904141642.14820-1-marcinx.smoczynski@intel.com> References: <20190904141642.14820-1-marcinx.smoczynski@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-dev] [PATCH v3 0/3] add fallback session X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Add fallback session feature allowing to process packets that inline processor is unable to handle (e.g. fragmented traffic). Processing takes place in a secondary session defined for SA in a configuration file. This feature is limited to ingress IPsec traffic only. IPsec anti-replay window and ESN are supported in conjunction with fallback session when following conditions are met: * primary session is 'inline-crypto-offload, * fallback sessions is 'lookaside-none'. v2 to v3 changes: - doc and commit log update - explicitly state feature limitations v1 to v2 changes: - disable fallback offload for outbound SAs - add test scripts Marcin Smoczynski (3): examples/ipsec-secgw: ipsec_sa structure cleanup examples/ipsec-secgw: add fallback session feature examples/ipsec-secgw: add offload fallback tests doc/guides/sample_app_ug/ipsec_secgw.rst | 20 ++- examples/ipsec-secgw/esp.c | 35 ++-- examples/ipsec-secgw/ipsec-secgw.c | 16 +- examples/ipsec-secgw/ipsec.c | 99 ++++++----- examples/ipsec-secgw/ipsec.h | 61 +++++-- examples/ipsec-secgw/ipsec_process.c | 113 +++++++----- examples/ipsec-secgw/sa.c | 164 +++++++++++++----- .../test/trs_aesgcm_common_defs.sh | 4 +- .../trs_aesgcm_inline_crypto_fallback_defs.sh | 5 + .../test/tun_aesgcm_common_defs.sh | 6 +- .../tun_aesgcm_inline_crypto_fallback_defs.sh | 5 + 11 files changed, 361 insertions(+), 167 deletions(-) create mode 100644 examples/ipsec-secgw/test/trs_aesgcm_inline_crypto_fallback_defs.sh create mode 100644 examples/ipsec-secgw/test/tun_aesgcm_inline_crypto_fallback_defs.sh -- 2.17.1