Imported Upstream version 16.07-rc3

Change-Id: I321148bfa234858ba1986d109470b7aa280cd429
Signed-off-by: Ricardo Salveti <ricardo.salveti@linaro.org>

3 files changed, 37 insertions, 15 deletions

diff --git a/examples/distributor/main.c b/examples/distributor/main.c
index 24857f2d..537cee1f 100644
--- a/examples/distributor/main.c
+++ b/examples/distributor/main.c
@@ -221,14 +221,22 @@ lcore_rx(struct lcore_params *p)
 		struct rte_mbuf *bufs[BURST_SIZE*2];
 		const uint16_t nb_rx = rte_eth_rx_burst(port, 0, bufs,
 				BURST_SIZE);
+		if (unlikely(nb_rx == 0)) {
+			if (++port == nb_ports)
+				port = 0;
+			continue;
+		}
 		app_stats.rx.rx_pkts += nb_rx;
 
 		rte_distributor_process(d, bufs, nb_rx);
 		const uint16_t nb_ret = rte_distributor_returned_pkts(d,
 				bufs, BURST_SIZE*2);
 		app_stats.rx.returned_pkts += nb_ret;
-		if (unlikely(nb_ret == 0))
+		if (unlikely(nb_ret == 0)) {
+			if (++port == nb_ports)
+				port = 0;
 			continue;
+		}
 
 		uint16_t sent = rte_ring_enqueue_burst(r, (void *)bufs, nb_ret);
 		app_stats.rx.enqueued_pkts += sent;
diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
index f78743d0..1ca144b8 100644
--- a/examples/ipsec-secgw/ipsec-secgw.c
+++ b/examples/ipsec-secgw/ipsec-secgw.c
@@ -384,7 +384,8 @@ send_single_packet(struct rte_mbuf *m, uint8_t port)
 }
 
 static inline void
-inbound_sp_sa(struct sp_ctx *sp, struct sa_ctx *sa, struct traffic_type *ip)
+inbound_sp_sa(struct sp_ctx *sp, struct sa_ctx *sa, struct traffic_type *ip,
+		uint16_t lim)
 {
 	struct rte_mbuf *m;
 	uint32_t i, j, res, sa_idx;
@@ -399,15 +400,15 @@ inbound_sp_sa(struct sp_ctx *sp, struct sa_ctx *sa, struct traffic_type *ip)
 	for (i = 0; i < ip->num; i++) {
 		m = ip->pkts[i];
 		res = ip->res[i];
-		if (res & DISCARD) {
-			rte_pktmbuf_free(m);
-			continue;
-		}
 		if (res & BYPASS) {
 			ip->pkts[j++] = m;
 			continue;
 		}
-		/* Check return SA SPI matches pkt SPI */
+		if (res & DISCARD || i < lim) {
+			rte_pktmbuf_free(m);
+			continue;
+		}
+		/* Only check SPI match for processed IPSec packets */
 		sa_idx = ip->res[i] & PROTECT_MASK;
 		if (sa_idx == 0 || !inbound_sa_check(sa, m, sa_idx)) {
 			rte_pktmbuf_free(m);
@@ -423,11 +424,14 @@ process_pkts_inbound(struct ipsec_ctx *ipsec_ctx,
 		struct ipsec_traffic *traffic)
 {
 	struct rte_mbuf *m;
-	uint16_t idx, nb_pkts_in, i;
+	uint16_t idx, nb_pkts_in, i, n_ip4, n_ip6;
 
 	nb_pkts_in = ipsec_inbound(ipsec_ctx, traffic->ipsec.pkts,
 			traffic->ipsec.num, MAX_PKT_BURST);
 
+	n_ip4 = traffic->ip4.num;
+	n_ip6 = traffic->ip6.num;
+
 	/* SP/ACL Inbound check ipsec and ip4 */
 	for (i = 0; i < nb_pkts_in; i++) {
 		m = traffic->ipsec.pkts[i];
@@ -447,9 +451,11 @@ process_pkts_inbound(struct ipsec_ctx *ipsec_ctx,
 			rte_pktmbuf_free(m);
 	}
 
-	inbound_sp_sa(ipsec_ctx->sp4_ctx, ipsec_ctx->sa_ctx, &traffic->ip4);
+	inbound_sp_sa(ipsec_ctx->sp4_ctx, ipsec_ctx->sa_ctx, &traffic->ip4,
+			n_ip4);
 
-	inbound_sp_sa(ipsec_ctx->sp6_ctx, ipsec_ctx->sa_ctx, &traffic->ip6);
+	inbound_sp_sa(ipsec_ctx->sp6_ctx, ipsec_ctx->sa_ctx, &traffic->ip6,
+			n_ip6);
 }
 
 static inline void
diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
index a1ce7127..dd39cc16 100644
--- a/examples/l2fwd-crypto/main.c
+++ b/examples/l2fwd-crypto/main.c
@@ -45,6 +45,8 @@
 #include <ctype.h>
 #include <errno.h>
 #include <getopt.h>
+#include <fcntl.h>
+#include <unistd.h>
 
 #include <rte_atomic.h>
 #include <rte_branch_prediction.h>
@@ -588,10 +590,18 @@ l2fwd_simple_forward(struct rte_mbuf *m, unsigned portid)
 static void
 generate_random_key(uint8_t *key, unsigned length)
 {
-	unsigned i;
+	int fd;
+	int ret;
+
+	fd = open("/dev/urandom", O_RDONLY);
+	if (fd < 0)
+		rte_exit(EXIT_FAILURE, "Failed to generate random key\n");
 
-	for (i = 0; i < length; i++)
-		key[i] = rand() % 0xff;
+	ret = read(fd, key, length);
+	close(fd);
+
+	if (ret != (signed)length)
+		rte_exit(EXIT_FAILURE, "Failed to generate random key\n");
 }
 
 static struct rte_cryptodev_sym_session *
@@ -1195,8 +1205,6 @@ l2fwd_crypto_parse_timer_period(struct l2fwd_crypto_options *options,
 static void
 l2fwd_crypto_default_options(struct l2fwd_crypto_options *options)
 {
-	srand(time(NULL));
-
 	options->portmask = 0xffffffff;
 	options->nb_ports_per_lcore = 1;
 	options->refresh_period = 10000;