ipsec: VPP-1308 fix sorting of SPD entries

Change-Id: I761aced55b7cef51a9b47048283b2cb9430bcde2
Signed-off-by: Klement Sekera <ksekera@cisco.com>

2 files changed, 11 insertions, 10 deletions

diff --git a/src/vnet/ipsec/ipsec.c b/src/vnet/ipsec/ipsec.c
index 928cafd5e25..73b51012880 100644
--- a/src/vnet/ipsec/ipsec.c
+++ b/src/vnet/ipsec/ipsec.c
@@ -135,20 +135,15 @@ ipsec_add_del_spd (vlib_main_t * vm, u32 spd_id, int is_add)
 static int
 ipsec_spd_entry_sort (void *a1, void *a2)
 {
-  ipsec_main_t *im = &ipsec_main;
   u32 *id1 = a1;
   u32 *id2 = a2;
-  ipsec_spd_t *spd;
+  ipsec_spd_t *spd = ipsec_main.spd_to_sort;
   ipsec_policy_t *p1, *p2;
 
-  /* *INDENT-OFF* */
-  pool_foreach (spd, im->spds, ({
-    p1 = pool_elt_at_index(spd->policies, *id1);
-    p2 = pool_elt_at_index(spd->policies, *id2);
-    if (p1 && p2)
-      return p2->priority - p1->priority;
-  }));
-  /* *INDENT-ON* */
+  p1 = pool_elt_at_index (spd->policies, *id1);
+  p2 = pool_elt_at_index (spd->policies, *id2);
+  if (p1 && p2)
+    return p2->priority - p1->priority;
 
   return 0;
 }
@@ -191,6 +186,8 @@ ipsec_add_del_policy (vlib_main_t * vm, ipsec_policy_t * policy, int is_add)
       clib_memcpy (vp, policy, sizeof (*vp));
       policy_index = vp - spd->policies;
 
+      ipsec_main.spd_to_sort = spd;
+
       if (policy->is_outbound)
 	{
 	  if (policy->is_ipv6)
@@ -256,6 +253,7 @@ ipsec_add_del_policy (vlib_main_t * vm, ipsec_policy_t * policy, int is_add)
 	    }
 	}
 
+      ipsec_main.spd_to_sort = NULL;
     }
   else
     {
diff --git a/src/vnet/ipsec/ipsec.h b/src/vnet/ipsec/ipsec.h
index 5b548322d28..404756a418f 100644
--- a/src/vnet/ipsec/ipsec.h
+++ b/src/vnet/ipsec/ipsec.h
@@ -299,6 +299,9 @@ typedef struct
 
   /* callbacks */
   ipsec_main_callbacks_t cb;
+
+  /* helper for sort function */
+  ipsec_spd_t *spd_to_sort;
 } ipsec_main_t;
 
 extern ipsec_main_t ipsec_main;