[PATCH v2 1/1] examples/ipsec-secgw: resolve segfault for IPsec packets

[Rakesh Kudurumalla]

launching ipsec-segw application in event vector mode
after traffic has started results in segfault because
we are receiving few IPSEC packet and application is trying
to decrypt IPSEC packets using lookaside protocol.
This contradicts inline event mode.This patch fixes the same
by freeing IPSEC packets and processing only plain packets.

Fixes: 1d5078c6cf19 ("examples/ipsec-secgw: support event vector in lookaside mode")

Signed-off-by: Rakesh Kudurumalla <rkudurumalla at marvell.com>
---
V2: Add fixes tag
 examples/ipsec-secgw/ipsec_worker.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/examples/ipsec-secgw/ipsec_worker.c b/examples/ipsec-secgw/ipsec_worker.c
index e0690fc8d9..04609964cd 100644
--- a/examples/ipsec-secgw/ipsec_worker.c
+++ b/examples/ipsec-secgw/ipsec_worker.c
@@ -700,6 +700,9 @@ ipsec_ev_inbound_route_pkts(struct rte_event_vector *vec,
 	struct rte_ipsec_session *sess;
 	struct rte_mbuf *pkt;
 	struct ipsec_sa *sa;
+	uint8_t mask = (1UL << RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO) |
+		       (1UL << RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL);
+
 
 	j = ipsec_ev_route_ip_pkts(vec, rt, t);
 
@@ -707,7 +710,7 @@ ipsec_ev_inbound_route_pkts(struct rte_event_vector *vec,
 	for (i = 0; i < t->ipsec.num; i++) {
 		pkt = t->ipsec.pkts[i];
 		sa = ipsec_mask_saptr(t->ipsec.saptr[i]);
-		if (unlikely(sa == NULL)) {
+		if (unlikely(sa == NULL) || ((1UL << sa->sessions[0].type) & mask)) {
 			free_pkts(&pkt, 1);
 			continue;
 		}
-- 
2.25.1