From patchwork Wed Feb 21 17:00:05 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 129114 Delivered-To: patch@linaro.org Received: by 10.46.124.24 with SMTP id x24csp848389ljc; Wed, 21 Feb 2018 09:11:10 -0800 (PST) X-Google-Smtp-Source: AG47ELt1P+fU6XhFemsuCsrVpGgEuuirXZA+hmQ1njWW6xlccEEBP5YmNNU2nNLyV3zhAF15jbQB X-Received: by 10.55.214.138 with SMTP id p10mr6088509qkl.188.1519233070564; Wed, 21 Feb 2018 09:11:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519233070; cv=none; d=google.com; s=arc-20160816; b=nj+xeCJFLTJ6H5GVyZ7i5XYrc18c1KVPxpAss4K9UEmRMdwc7s6v9bqotd7WTdZ7re jLE7kmNEk47qQxBZ82JjvWAGk3/YUnB2MNL74qwJahG5yrVXEa3DB3oY6zAINtGbhAHf ttKAOZF2F0NoBdSZ8wuya7OCZOG7v+E7YmrnCGxZQxAIIbd4RBdeki2Q+oOo1FQwAqFt FUVt2k0VEd6526cUswPP9rJoVnFHkXv3Ife36pBsNGaZE7u+kZ4Od84frsW5E8bDBU/M KS/R4bj5f+UEFnq7CjpiM1L0jIzxpgBfrj90VL5MxL6Kwl2P3Dz+nhgGe6aWxZTafy3H NZ8g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=ZKMUJFCvyQN4zWFd0VLtFcAspGKGL70qHxrCVcH4cJY=; b=afjn8czqGhVESlRwWm8e99pTCiP1Y+uK6ebDTJwfF0nRuckI/WH8N9DAUiHIVEvPX3 b2EUh/SCdkEXF33cPgs64FTKKyiJo7WM/96dlmlN2AmCaT/HIzlCptG8oYEfJFKiTUS2 NLl9ZEKmrhnjiz1a9NeiOCqnffiA04ZOjp8EL8KRaxG9ZobS118dMFjtstPKhzcGMGGw HkqLgrSv4xOJF3CqEH4lds6g+tYi4cWALj15GHaqE6rylgkFxNChe7MAibo0WAEbLLEA jgLXg8ssY3dIfLjG6Xgg6H11lpmUQIvUow0xFkIbbZ16QnF0N8q4R12OJ/ApEehHMH3o fwWw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id q63si2569339qki.5.2018.02.21.09.11.10; Wed, 21 Feb 2018 09:11:10 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 421BF60920; Wed, 21 Feb 2018 17:11:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 7A561617C5; Wed, 21 Feb 2018 17:01:25 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id DBB85617B4; Wed, 21 Feb 2018 17:01:13 +0000 (UTC) Received: from forward100p.mail.yandex.net (forward100p.mail.yandex.net [77.88.28.100]) by lists.linaro.org (Postfix) with ESMTPS id 8C1FD617B2 for ; Wed, 21 Feb 2018 17:00:20 +0000 (UTC) Received: from mxback8g.mail.yandex.net (mxback8g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:169]) by forward100p.mail.yandex.net (Yandex) with ESMTP id 21DE05104386 for ; Wed, 21 Feb 2018 20:00:19 +0300 (MSK) Received: from smtp4j.mail.yandex.net (smtp4j.mail.yandex.net [2a02:6b8:0:1619::15:6]) by mxback8g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id BbWCoSlaWE-0JmuI1Zr; Wed, 21 Feb 2018 20:00:19 +0300 Received: by smtp4j.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id yTStk9eEsG-0IuGvp1t; Wed, 21 Feb 2018 20:00:18 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 21 Feb 2018 20:00:05 +0300 Message-Id: <1519232408-28445-13-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1519232408-28445-1-git-send-email-odpbot@yandex.ru> References: <1519232408-28445-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 494 Subject: [lng-odp] [PATCH API-NEXT v1 12/15] linux-gen: ipsec: take output ip_param into account X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Allow per-packet override of IP parameters. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 494 (lumag:ipsec-tfc-imp) ** https://github.com/Linaro/odp/pull/494 ** Patch: https://github.com/Linaro/odp/pull/494.patch ** Base sha: ea2afab619ae74108a03798bc358fdfcd29fdd88 ** Merge commit sha: 7bc900650676584bfb99c8a92c3d8812b458f172 **/ .../linux-generic/include/odp_ipsec_internal.h | 9 ++---- platform/linux-generic/odp_ipsec.c | 36 +++++++++++++--------- platform/linux-generic/odp_ipsec_sad.c | 20 ++++++++---- 3 files changed, 38 insertions(+), 27 deletions(-) diff --git a/platform/linux-generic/include/odp_ipsec_internal.h b/platform/linux-generic/include/odp_ipsec_internal.h index a449462ab..dfde4d574 100644 --- a/platform/linux-generic/include/odp_ipsec_internal.h +++ b/platform/linux-generic/include/odp_ipsec_internal.h @@ -161,22 +161,17 @@ struct ipsec_sa_s { union { struct { + odp_ipsec_ipv4_param_t param; odp_u32be_t src_ip; odp_u32be_t dst_ip; /* 32-bit from which low 16 are used */ odp_atomic_u32_t hdr_id; - - uint8_t ttl; - uint8_t dscp; - uint8_t df; } tun_ipv4; struct { + odp_ipsec_ipv6_param_t param; uint8_t src_ip[_ODP_IPV6ADDR_LEN]; uint8_t dst_ip[_ODP_IPV6ADDR_LEN]; - uint8_t hlimit; - uint8_t dscp; - uint32_t flabel; } tun_ipv6; }; } out; diff --git a/platform/linux-generic/odp_ipsec.c b/platform/linux-generic/odp_ipsec.c index 855b504e5..63c3bb49e 100644 --- a/platform/linux-generic/odp_ipsec.c +++ b/platform/linux-generic/odp_ipsec.c @@ -900,7 +900,8 @@ static int ipsec_out_tunnel_parse_ipv6(ipsec_state_t *state, static int ipsec_out_tunnel_ipv4(odp_packet_t *pkt, ipsec_state_t *state, - ipsec_sa_t *ipsec_sa) + ipsec_sa_t *ipsec_sa, + const odp_ipsec_ipv4_param_t *ipv4_param) { _odp_ipv4hdr_t out_ip; uint16_t flags; @@ -911,7 +912,7 @@ static int ipsec_out_tunnel_ipv4(odp_packet_t *pkt, else out_ip.tos = (state->out_tunnel.ip_tos & ~_ODP_IP_TOS_DSCP_MASK) | - (ipsec_sa->out.tun_ipv4.dscp << + (ipv4_param->dscp << _ODP_IP_TOS_DSCP_SHIFT); state->ip_tot_len = odp_packet_len(*pkt) - state->ip_offset; state->ip_tot_len += _ODP_IPV4HDR_LEN; @@ -923,13 +924,15 @@ static int ipsec_out_tunnel_ipv4(odp_packet_t *pkt, if (ipsec_sa->copy_df) flags = state->out_tunnel.ip_df; else - flags = ((uint16_t)ipsec_sa->out.tun_ipv4.df) << 14; + flags = ((uint16_t)ipv4_param->df) << 14; out_ip.frag_offset = _odp_cpu_to_be_16(flags); - out_ip.ttl = ipsec_sa->out.tun_ipv4.ttl; + out_ip.ttl = ipv4_param->ttl; /* Will be filled later by packet checksum update */ out_ip.chksum = 0; - out_ip.src_addr = ipsec_sa->out.tun_ipv4.src_ip; - out_ip.dst_addr = ipsec_sa->out.tun_ipv4.dst_ip; + memcpy(&out_ip.src_addr, ipv4_param->src_addr, + _ODP_IPV4ADDR_LEN); + memcpy(&out_ip.dst_addr, ipv4_param->dst_addr, + _ODP_IPV4ADDR_LEN); if (odp_packet_extend_head(pkt, _ODP_IPV4HDR_LEN, NULL, NULL) < 0) @@ -959,7 +962,8 @@ static int ipsec_out_tunnel_ipv4(odp_packet_t *pkt, static int ipsec_out_tunnel_ipv6(odp_packet_t *pkt, ipsec_state_t *state, - ipsec_sa_t *ipsec_sa) + ipsec_sa_t *ipsec_sa, + const odp_ipsec_ipv6_param_t *ipv6_param) { _odp_ipv6hdr_t out_ip; uint32_t ver; @@ -970,23 +974,23 @@ static int ipsec_out_tunnel_ipv6(odp_packet_t *pkt, else ver |= ((state->out_tunnel.ip_tos & ~_ODP_IP_TOS_DSCP_MASK) | - (ipsec_sa->out.tun_ipv6.dscp << + (ipv6_param->dscp << _ODP_IP_TOS_DSCP_SHIFT)) << _ODP_IPV6HDR_TC_SHIFT; if (ipsec_sa->copy_flabel) ver |= state->out_tunnel.ip_flabel; else - ver |= ipsec_sa->out.tun_ipv6.flabel; + ver |= ipv6_param->flabel; out_ip.ver_tc_flow = odp_cpu_to_be_32(ver); state->ip_tot_len = odp_packet_len(*pkt) - state->ip_offset; out_ip.payload_len = _odp_cpu_to_be_16(state->ip_tot_len); state->ip_tot_len += _ODP_IPV6HDR_LEN; - out_ip.hop_limit = ipsec_sa->out.tun_ipv6.hlimit; - memcpy(&out_ip.src_addr, ipsec_sa->out.tun_ipv6.src_ip, + out_ip.hop_limit = ipv6_param->hlimit; + memcpy(&out_ip.src_addr, ipv6_param->src_addr, _ODP_IPV6ADDR_LEN); - memcpy(&out_ip.dst_addr, ipsec_sa->out.tun_ipv6.dst_ip, + memcpy(&out_ip.dst_addr, ipv6_param->dst_addr, _ODP_IPV6ADDR_LEN); if (odp_packet_extend_head(pkt, _ODP_IPV6HDR_LEN, @@ -1365,9 +1369,13 @@ static ipsec_sa_t *ipsec_out_single(odp_packet_t pkt, } if (ipsec_sa->tun_ipv4) - rc = ipsec_out_tunnel_ipv4(&pkt, &state, ipsec_sa); + rc = ipsec_out_tunnel_ipv4(&pkt, &state, ipsec_sa, + opt->flag.ip_param ? &opt->ipv4 : + &ipsec_sa->out.tun_ipv4.param); else - rc = ipsec_out_tunnel_ipv6(&pkt, &state, ipsec_sa); + rc = ipsec_out_tunnel_ipv6(&pkt, &state, ipsec_sa, + opt->flag.ip_param ? &opt->ipv6 : + &ipsec_sa->out.tun_ipv6.param); } if (rc < 0) { status->error.alg = 1; diff --git a/platform/linux-generic/odp_ipsec_sad.c b/platform/linux-generic/odp_ipsec_sad.c index 3ac8c49c3..05865eb3a 100644 --- a/platform/linux-generic/odp_ipsec_sad.c +++ b/platform/linux-generic/odp_ipsec_sad.c @@ -326,11 +326,15 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) param->outbound.tunnel.ipv4.dst_addr, sizeof(ipsec_sa->out.tun_ipv4.dst_ip)); odp_atomic_init_u32(&ipsec_sa->out.tun_ipv4.hdr_id, 0); - ipsec_sa->out.tun_ipv4.ttl = + ipsec_sa->out.tun_ipv4.param.src_addr = + &ipsec_sa->out.tun_ipv4.src_ip; + ipsec_sa->out.tun_ipv4.param.dst_addr = + &ipsec_sa->out.tun_ipv4.dst_ip; + ipsec_sa->out.tun_ipv4.param.ttl = param->outbound.tunnel.ipv4.ttl; - ipsec_sa->out.tun_ipv4.dscp = + ipsec_sa->out.tun_ipv4.param.dscp = param->outbound.tunnel.ipv4.dscp; - ipsec_sa->out.tun_ipv4.df = + ipsec_sa->out.tun_ipv4.param.df = param->outbound.tunnel.ipv4.df; } else { ipsec_sa->tun_ipv4 = 0; @@ -340,11 +344,15 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) memcpy(&ipsec_sa->out.tun_ipv6.dst_ip, param->outbound.tunnel.ipv6.dst_addr, sizeof(ipsec_sa->out.tun_ipv6.dst_ip)); - ipsec_sa->out.tun_ipv6.hlimit = + ipsec_sa->out.tun_ipv4.param.src_addr = + &ipsec_sa->out.tun_ipv6.src_ip; + ipsec_sa->out.tun_ipv4.param.dst_addr = + &ipsec_sa->out.tun_ipv6.dst_ip; + ipsec_sa->out.tun_ipv6.param.hlimit = param->outbound.tunnel.ipv6.hlimit; - ipsec_sa->out.tun_ipv6.dscp = + ipsec_sa->out.tun_ipv6.param.dscp = param->outbound.tunnel.ipv6.dscp; - ipsec_sa->out.tun_ipv6.flabel = + ipsec_sa->out.tun_ipv6.param.flabel = param->outbound.tunnel.ipv6.flabel; } }