ipsec: fixed chaining ops after add footer and icv

In case there is no free space in first buffer for ICV and footer, additional buffer will be added, but esp_encrypt will stay in single buffer mode. The issue happens for the following payload sizes: - TCP packets with payload 1992 - ICMP packets with payload 2004 This fix moves the single/chained buffer ops selection to after esp_add_footer_and_icv call. Type: fix Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Signed-off-by: PiotrX Kleski <piotrx.kleski@intel.com> Change-Id: Ic5ceba418f738933f96edb3e489ca2d149033b79
2020-05-05 14:14:22 +02:00
parent cbe053e14f
commit fdca4dd1a1
2 changed files with 12 additions and 8 deletions
--- a/test/test_ipsec_esp.py
+++ b/test/test_ipsec_esp.py
@ -585,6 +585,7 @@ class RunTestIpsecEspAll(ConfigIpsecESP,
        LARGE_PKT_SZ = [
            1970,  # results in 2 chained buffers entering decrypt node
                   # but leaving as simple buffer due to ICV removal (tra4)
+            2004,  # footer+ICV will be added to 2nd buffer (tun4)
            4010,  # ICV ends up splitted accross 2 buffers in esp_decrypt
                   # for transport4; transport6 takes normal path
            4020,  # same as above but tra4 and tra6 are switched