From patchwork Wed Feb 21 18:00:08 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 129131 Delivered-To: patch@linaro.org Received: by 10.46.124.24 with SMTP id x24csp906198ljc; Wed, 21 Feb 2018 10:12:29 -0800 (PST) X-Google-Smtp-Source: AH8x2247VLuJR04DuQnJ8yvWQemnMLXg57VYABDjWJtYax6SKZ5yzvlVmNldh2wHUq+ioLmSFa13 X-Received: by 10.237.53.195 with SMTP id d3mr6209912qte.276.1519236749234; Wed, 21 Feb 2018 10:12:29 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519236749; cv=none; d=google.com; s=arc-20160816; b=yjwxtcSkhjcqACAIcu8LOk0aeTHmeOMjFOuH9WjdPVcBbeTX+ZxEnBXSuPIhr5m+JU JyfRhv+9rXyA8ej6PideAehSfICHpNEgqXM5kXMG/ObPOR9l+tYepTC4ixFf3Ig+9s9s sIdWtFZv1Zr3RsTQTRcYsOMGTslVU3SvcjnOd+SCx7UuaTdPELQOaGC04KLF/PA16eZ0 IToE7WFDbGmDy0NJgtV1UCn+b4NoeVjL4id1FetOhgjJ0M1xqPHWDk+R9gtHH2vBVSEp GBytL5UXQY46Cpsh5dhkAyQE0djG0N695EVw8C63ReQQOEn4fUh1mIFwruNwZQ4yte77 vQPA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=H4g/Izpn3Mc0Psm/E3S2/QLZKE1GWeXx/KUDAIoBAkg=; b=Y5hcwHkIqgZE4FDczNCQqGVL0QRRahDvzSSq+KvQ8yuBJRYmcwqc2bQFaggytimEvp VNKiNvUiCqFhFDyhuNk3QRjazGyayg8dHeHXPtp08rYBfHxkg7B8j7LeBdP/3Zyf2h6l rYisIxSVwdlBWoMsHSI7MPpKdDTsWG3pUtaP9ExyNuLC62gcc3fdNRUXJCGcJBp+CLpi UrkdpSCES8xjccLtuJdR5Dm60cuItWS2+6WwkJzlEcQvTQUrjiSAbY3V88JiapwPalKX X0u/GhgHSS1z8isW0BpJ/lfNvroHID2Qq/kOd9vOmd34BBt+1Nrtya7ZVga74PUVygnf 8w+A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id r64si476675qkf.331.2018.02.21.10.12.28; Wed, 21 Feb 2018 10:12:29 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id E1DB361790; Wed, 21 Feb 2018 18:12:28 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 9D3FF617D2; Wed, 21 Feb 2018 18:04:14 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 0950861800; Wed, 21 Feb 2018 18:04:07 +0000 (UTC) Received: from forward101o.mail.yandex.net (forward101o.mail.yandex.net [37.140.190.181]) by lists.linaro.org (Postfix) with ESMTPS id 42ABA616F9 for ; Wed, 21 Feb 2018 18:02:34 +0000 (UTC) Received: from mxback6j.mail.yandex.net (mxback6j.mail.yandex.net [IPv6:2a02:6b8:0:1619::10f]) by forward101o.mail.yandex.net (Yandex) with ESMTP id 791B213408B3 for ; Wed, 21 Feb 2018 21:02:11 +0300 (MSK) Received: from smtp2p.mail.yandex.net (smtp2p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:7]) by mxback6j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id aWRfGh3eUJ-2BLuwnJk; Wed, 21 Feb 2018 21:02:11 +0300 Received: by smtp2p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id pTqHAnOINC-259GA0g7; Wed, 21 Feb 2018 21:02:05 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 21 Feb 2018 21:00:08 +0300 Message-Id: <1519236011-14987-13-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1519236011-14987-1-git-send-email-odpbot@yandex.ru> References: <1519236011-14987-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 494 Subject: [lng-odp] [PATCH API-NEXT v2 12/15] linux-gen: ipsec: take output ip_param into account X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Allow per-packet override of IP parameters. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 494 (lumag:ipsec-tfc-imp) ** https://github.com/Linaro/odp/pull/494 ** Patch: https://github.com/Linaro/odp/pull/494.patch ** Base sha: ea2afab619ae74108a03798bc358fdfcd29fdd88 ** Merge commit sha: 0b6ae2680a00027c3958ebcafbbcf92642a68f5e **/ .../linux-generic/include/odp_ipsec_internal.h | 9 ++--- platform/linux-generic/odp_ipsec.c | 38 ++++++++++++++-------- platform/linux-generic/odp_ipsec_sad.c | 20 ++++++++---- 3 files changed, 40 insertions(+), 27 deletions(-) diff --git a/platform/linux-generic/include/odp_ipsec_internal.h b/platform/linux-generic/include/odp_ipsec_internal.h index a449462ab..dfde4d574 100644 --- a/platform/linux-generic/include/odp_ipsec_internal.h +++ b/platform/linux-generic/include/odp_ipsec_internal.h @@ -161,22 +161,17 @@ struct ipsec_sa_s { union { struct { + odp_ipsec_ipv4_param_t param; odp_u32be_t src_ip; odp_u32be_t dst_ip; /* 32-bit from which low 16 are used */ odp_atomic_u32_t hdr_id; - - uint8_t ttl; - uint8_t dscp; - uint8_t df; } tun_ipv4; struct { + odp_ipsec_ipv6_param_t param; uint8_t src_ip[_ODP_IPV6ADDR_LEN]; uint8_t dst_ip[_ODP_IPV6ADDR_LEN]; - uint8_t hlimit; - uint8_t dscp; - uint32_t flabel; } tun_ipv6; }; } out; diff --git a/platform/linux-generic/odp_ipsec.c b/platform/linux-generic/odp_ipsec.c index 855b504e5..37226cede 100644 --- a/platform/linux-generic/odp_ipsec.c +++ b/platform/linux-generic/odp_ipsec.c @@ -900,7 +900,8 @@ static int ipsec_out_tunnel_parse_ipv6(ipsec_state_t *state, static int ipsec_out_tunnel_ipv4(odp_packet_t *pkt, ipsec_state_t *state, - ipsec_sa_t *ipsec_sa) + ipsec_sa_t *ipsec_sa, + const odp_ipsec_ipv4_param_t *ipv4_param) { _odp_ipv4hdr_t out_ip; uint16_t flags; @@ -911,7 +912,7 @@ static int ipsec_out_tunnel_ipv4(odp_packet_t *pkt, else out_ip.tos = (state->out_tunnel.ip_tos & ~_ODP_IP_TOS_DSCP_MASK) | - (ipsec_sa->out.tun_ipv4.dscp << + (ipv4_param->dscp << _ODP_IP_TOS_DSCP_SHIFT); state->ip_tot_len = odp_packet_len(*pkt) - state->ip_offset; state->ip_tot_len += _ODP_IPV4HDR_LEN; @@ -923,13 +924,15 @@ static int ipsec_out_tunnel_ipv4(odp_packet_t *pkt, if (ipsec_sa->copy_df) flags = state->out_tunnel.ip_df; else - flags = ((uint16_t)ipsec_sa->out.tun_ipv4.df) << 14; + flags = ((uint16_t)ipv4_param->df) << 14; out_ip.frag_offset = _odp_cpu_to_be_16(flags); - out_ip.ttl = ipsec_sa->out.tun_ipv4.ttl; + out_ip.ttl = ipv4_param->ttl; /* Will be filled later by packet checksum update */ out_ip.chksum = 0; - out_ip.src_addr = ipsec_sa->out.tun_ipv4.src_ip; - out_ip.dst_addr = ipsec_sa->out.tun_ipv4.dst_ip; + memcpy(&out_ip.src_addr, ipv4_param->src_addr, + _ODP_IPV4ADDR_LEN); + memcpy(&out_ip.dst_addr, ipv4_param->dst_addr, + _ODP_IPV4ADDR_LEN); if (odp_packet_extend_head(pkt, _ODP_IPV4HDR_LEN, NULL, NULL) < 0) @@ -959,7 +962,8 @@ static int ipsec_out_tunnel_ipv4(odp_packet_t *pkt, static int ipsec_out_tunnel_ipv6(odp_packet_t *pkt, ipsec_state_t *state, - ipsec_sa_t *ipsec_sa) + ipsec_sa_t *ipsec_sa, + const odp_ipsec_ipv6_param_t *ipv6_param) { _odp_ipv6hdr_t out_ip; uint32_t ver; @@ -970,23 +974,23 @@ static int ipsec_out_tunnel_ipv6(odp_packet_t *pkt, else ver |= ((state->out_tunnel.ip_tos & ~_ODP_IP_TOS_DSCP_MASK) | - (ipsec_sa->out.tun_ipv6.dscp << + (ipv6_param->dscp << _ODP_IP_TOS_DSCP_SHIFT)) << _ODP_IPV6HDR_TC_SHIFT; if (ipsec_sa->copy_flabel) ver |= state->out_tunnel.ip_flabel; else - ver |= ipsec_sa->out.tun_ipv6.flabel; + ver |= ipv6_param->flabel; out_ip.ver_tc_flow = odp_cpu_to_be_32(ver); state->ip_tot_len = odp_packet_len(*pkt) - state->ip_offset; out_ip.payload_len = _odp_cpu_to_be_16(state->ip_tot_len); state->ip_tot_len += _ODP_IPV6HDR_LEN; - out_ip.hop_limit = ipsec_sa->out.tun_ipv6.hlimit; - memcpy(&out_ip.src_addr, ipsec_sa->out.tun_ipv6.src_ip, + out_ip.hop_limit = ipv6_param->hlimit; + memcpy(&out_ip.src_addr, ipv6_param->src_addr, _ODP_IPV6ADDR_LEN); - memcpy(&out_ip.dst_addr, ipsec_sa->out.tun_ipv6.dst_ip, + memcpy(&out_ip.dst_addr, ipv6_param->dst_addr, _ODP_IPV6ADDR_LEN); if (odp_packet_extend_head(pkt, _ODP_IPV6HDR_LEN, @@ -1365,9 +1369,15 @@ static ipsec_sa_t *ipsec_out_single(odp_packet_t pkt, } if (ipsec_sa->tun_ipv4) - rc = ipsec_out_tunnel_ipv4(&pkt, &state, ipsec_sa); + rc = ipsec_out_tunnel_ipv4(&pkt, &state, ipsec_sa, + opt->flag.ip_param ? + &opt->ipv4 : + &ipsec_sa->out.tun_ipv4.param); else - rc = ipsec_out_tunnel_ipv6(&pkt, &state, ipsec_sa); + rc = ipsec_out_tunnel_ipv6(&pkt, &state, ipsec_sa, + opt->flag.ip_param ? + &opt->ipv6 : + &ipsec_sa->out.tun_ipv6.param); } if (rc < 0) { status->error.alg = 1; diff --git a/platform/linux-generic/odp_ipsec_sad.c b/platform/linux-generic/odp_ipsec_sad.c index 3ac8c49c3..05865eb3a 100644 --- a/platform/linux-generic/odp_ipsec_sad.c +++ b/platform/linux-generic/odp_ipsec_sad.c @@ -326,11 +326,15 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) param->outbound.tunnel.ipv4.dst_addr, sizeof(ipsec_sa->out.tun_ipv4.dst_ip)); odp_atomic_init_u32(&ipsec_sa->out.tun_ipv4.hdr_id, 0); - ipsec_sa->out.tun_ipv4.ttl = + ipsec_sa->out.tun_ipv4.param.src_addr = + &ipsec_sa->out.tun_ipv4.src_ip; + ipsec_sa->out.tun_ipv4.param.dst_addr = + &ipsec_sa->out.tun_ipv4.dst_ip; + ipsec_sa->out.tun_ipv4.param.ttl = param->outbound.tunnel.ipv4.ttl; - ipsec_sa->out.tun_ipv4.dscp = + ipsec_sa->out.tun_ipv4.param.dscp = param->outbound.tunnel.ipv4.dscp; - ipsec_sa->out.tun_ipv4.df = + ipsec_sa->out.tun_ipv4.param.df = param->outbound.tunnel.ipv4.df; } else { ipsec_sa->tun_ipv4 = 0; @@ -340,11 +344,15 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) memcpy(&ipsec_sa->out.tun_ipv6.dst_ip, param->outbound.tunnel.ipv6.dst_addr, sizeof(ipsec_sa->out.tun_ipv6.dst_ip)); - ipsec_sa->out.tun_ipv6.hlimit = + ipsec_sa->out.tun_ipv4.param.src_addr = + &ipsec_sa->out.tun_ipv6.src_ip; + ipsec_sa->out.tun_ipv4.param.dst_addr = + &ipsec_sa->out.tun_ipv6.dst_ip; + ipsec_sa->out.tun_ipv6.param.hlimit = param->outbound.tunnel.ipv6.hlimit; - ipsec_sa->out.tun_ipv6.dscp = + ipsec_sa->out.tun_ipv6.param.dscp = param->outbound.tunnel.ipv6.dscp; - ipsec_sa->out.tun_ipv6.flabel = + ipsec_sa->out.tun_ipv6.param.flabel = param->outbound.tunnel.ipv6.flabel; } }