Hi Sergio, > -----Original Message----- > From: Gonzalez Monroy, Sergio > Sent: Friday, September 23, 2016 12:45 AM > To: dev at dpdk.org; De Lara Guarch, Pablo > Subject: [PATCH v2 1/7] examples/ipsec-secgw: change CBC IV generation > > NIST SP800-38A recommends two methods to generate unpredictable IVs > (Initilisation Vector) for CBC mode: > 1) Apply the forward function to a nonce (ie. counter) > 2) Use a FIPS-approved random number generator > > This patch implements the first recommended method by using the forward > function to generate the IV. > > Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy at intel.com>
[...] > +static inline void * > +get_cop(struct rte_mbuf *m) > +{ > + struct ipsec_mbuf_metadata *priv = get_priv(m); > + > + return &priv->cop; > +} This function is not used in anywhere. Should it be called somewhere to get the crypto op? > + > +static inline void * > +get_sym_cop(struct rte_crypto_op *cop) > +{ > + return (cop + 1); Why is this cop + 1? Am I missing something obvious? Maybe it is worth a comment here (I noticed this was already in the previous code, but I don't understand it :)) > +} > + > int > inbound_sa_check(struct sa_ctx *sa_ctx, struct rte_mbuf *m, uint32_t > sa_idx); > > -- > 2.5.5 Thanks, Pablo