From fdca4dd1a1a817e65bf44e435261d893fc0c51d6 Mon Sep 17 00:00:00 2001
From: PiotrX Kleski <piotrx.kleski@intel.com>
Date: Tue, 5 May 2020 14:14:22 +0200
Subject: ipsec: fixed chaining ops after add footer and icv

In case there is no free space in first buffer for ICV and footer,
additional buffer will be added, but esp_encrypt will stay in single
buffer mode.
The issue happens for the following payload sizes:
 - TCP packets with payload 1992
 - ICMP packets with payload 2004

This fix moves the single/chained buffer ops selection to after
esp_add_footer_and_icv call.

Type: fix

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: PiotrX Kleski <piotrx.kleski@intel.com>
Change-Id: Ic5ceba418f738933f96edb3e489ca2d149033b79
---
 test/test_ipsec_esp.py | 1 +
 1 file changed, 1 insertion(+)

(limited to 'test/test_ipsec_esp.py')

diff --git a/test/test_ipsec_esp.py b/test/test_ipsec_esp.py
index 036fbf36e55..7448df1d09a 100644
--- a/test/test_ipsec_esp.py
+++ b/test/test_ipsec_esp.py
@@ -585,6 +585,7 @@ class RunTestIpsecEspAll(ConfigIpsecESP,
         LARGE_PKT_SZ = [
             1970,  # results in 2 chained buffers entering decrypt node
                    # but leaving as simple buffer due to ICV removal (tra4)
+            2004,  # footer+ICV will be added to 2nd buffer (tun4)
             4010,  # ICV ends up splitted accross 2 buffers in esp_decrypt
                    # for transport4; transport6 takes normal path
             4020,  # same as above but tra4 and tra6 are switched
-- 
cgit 1.2.3-korg