From patchwork Mon Feb 26 15:00:07 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 129682 Delivered-To: patch@linaro.org Received: by 10.46.66.2 with SMTP id p2csp305326lja; Mon, 26 Feb 2018 07:10:09 -0800 (PST) X-Google-Smtp-Source: AG47ELv67ufKewXZ2g9VG5oRdEgOv0ymyRchm/V9nWig5Dr794R++hY7xe8VE88bRErzGQsw57j+ X-Received: by 2002:a25:b7c9:: with SMTP id u9-v6mr7065847ybj.294.1519657809260; Mon, 26 Feb 2018 07:10:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519657809; cv=none; d=google.com; s=arc-20160816; b=mFWHsULlV+kJOwcahvE80tOXTg04Jjsyw9GUw8EHQGHt2lmZjWU5K98tUe3oenWa91 PxJxWLvjqgQRoysEdRwkLz89IrYt3EgYDyhkc/ZI/1IZQkbC8/J48JUSS+V3Lx4R9Dle mMQk6AT+SV5F90wWIOCCXFglKi/wVnZ5evkKJdNiz/48Tky3vpuuw3a6ZrvIHwdKj4m0 np8KNXqecO6V4GgxykdSBA3mLNGv31M+u+VhCt+/s/gunUERfc0l/YyX6kuAgRL7ntsy FBw8cX30MrXNVyG1czB/+6S4Y31aGekCqvEuY3qGU94X62tzz+vRI5lCFU1ErsnyCr4J bNSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=+SqU79b5J7hzVeAZ8gJI/Vn9KDHY21gagM7NaEYjPPo=; b=N0VztEMDu5dHyKTl+ZRASGq3JdZkjpxj8k8Ligck+dI+BNJst2hc1Aw2f20bjeva4l 7wRWgyHNLJXQwQoCWFZrYu8mMBmbYE1uU9nO8wwi0/iXtHuV3QOtRV9HwjhBzmLerlBA Lf0P3stgXHhpfgiOcRBqIUcOUssiCnX8R5ekqcNcJLNTNGH3ry9SeeiITNLvSisK2149 GXE5v75LRC+g6Z0Hwjww4s0p5/fyGAGrignSQ2VrQg+vOf/VKrEmjvFfOsDNRMmg5Fti bvsb4l3tiiN1+kWeo5ZCjHzqJ2IwZxAT0kcee4N/+Yt2yMaB50mO08oOR51covKVc6HH ++nA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id p75si787986ywg.290.2018.02.26.07.10.08; Mon, 26 Feb 2018 07:10:09 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id D48FE6176D; Mon, 26 Feb 2018 15:10:08 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id F2356617EB; Mon, 26 Feb 2018 15:01:41 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 2E0D1617AA; Mon, 26 Feb 2018 15:01:24 +0000 (UTC) Received: from forward105j.mail.yandex.net (forward105j.mail.yandex.net [5.45.198.248]) by lists.linaro.org (Postfix) with ESMTPS id B5262617B4 for ; Mon, 26 Feb 2018 15:00:19 +0000 (UTC) Received: from mxback10o.mail.yandex.net (mxback10o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::24]) by forward105j.mail.yandex.net (Yandex) with ESMTP id 322AF1829B9 for ; Mon, 26 Feb 2018 18:00:18 +0300 (MSK) Received: from smtp1o.mail.yandex.net (smtp1o.mail.yandex.net [2a02:6b8:0:1a2d::25]) by mxback10o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id yQ2BEH4kxP-0IRuGPmK; Mon, 26 Feb 2018 18:00:18 +0300 Received: by smtp1o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id kHvqsGsU0k-0HTSlwpR; Mon, 26 Feb 2018 18:00:17 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Mon, 26 Feb 2018 18:00:07 +0300 Message-Id: <1519657209-30140-10-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1519657209-30140-1-git-send-email-odpbot@yandex.ru> References: <1519657209-30140-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 502 Subject: [lng-odp] [PATCH API-NEXT v1 9/11] linux-gen: ipsec: take output ip_param into account X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Allow per-packet override of IP parameters. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 502 (lumag:ipsec-imp-upd) ** https://github.com/Linaro/odp/pull/502 ** Patch: https://github.com/Linaro/odp/pull/502.patch ** Base sha: c91eae61d19350dd19aacf18c1148c9491398c14 ** Merge commit sha: 8c909084626ccef140542645cd34549ce7f4bcde **/ .../linux-generic/include/odp_ipsec_internal.h | 9 ++--- platform/linux-generic/odp_ipsec.c | 38 ++++++++++++++-------- platform/linux-generic/odp_ipsec_sad.c | 20 ++++++++---- 3 files changed, 40 insertions(+), 27 deletions(-) diff --git a/platform/linux-generic/include/odp_ipsec_internal.h b/platform/linux-generic/include/odp_ipsec_internal.h index a449462ab..dfde4d574 100644 --- a/platform/linux-generic/include/odp_ipsec_internal.h +++ b/platform/linux-generic/include/odp_ipsec_internal.h @@ -161,22 +161,17 @@ struct ipsec_sa_s { union { struct { + odp_ipsec_ipv4_param_t param; odp_u32be_t src_ip; odp_u32be_t dst_ip; /* 32-bit from which low 16 are used */ odp_atomic_u32_t hdr_id; - - uint8_t ttl; - uint8_t dscp; - uint8_t df; } tun_ipv4; struct { + odp_ipsec_ipv6_param_t param; uint8_t src_ip[_ODP_IPV6ADDR_LEN]; uint8_t dst_ip[_ODP_IPV6ADDR_LEN]; - uint8_t hlimit; - uint8_t dscp; - uint32_t flabel; } tun_ipv6; }; } out; diff --git a/platform/linux-generic/odp_ipsec.c b/platform/linux-generic/odp_ipsec.c index 55beb382e..09a4382cd 100644 --- a/platform/linux-generic/odp_ipsec.c +++ b/platform/linux-generic/odp_ipsec.c @@ -888,7 +888,8 @@ static int ipsec_out_tunnel_parse_ipv6(ipsec_state_t *state, static int ipsec_out_tunnel_ipv4(odp_packet_t *pkt, ipsec_state_t *state, - ipsec_sa_t *ipsec_sa) + ipsec_sa_t *ipsec_sa, + const odp_ipsec_ipv4_param_t *ipv4_param) { _odp_ipv4hdr_t out_ip; uint16_t flags; @@ -899,7 +900,7 @@ static int ipsec_out_tunnel_ipv4(odp_packet_t *pkt, else out_ip.tos = (state->out_tunnel.ip_tos & ~_ODP_IP_TOS_DSCP_MASK) | - (ipsec_sa->out.tun_ipv4.dscp << + (ipv4_param->dscp << _ODP_IP_TOS_DSCP_SHIFT); state->ip_tot_len = odp_packet_len(*pkt) - state->ip_offset; state->ip_tot_len += _ODP_IPV4HDR_LEN; @@ -911,13 +912,15 @@ static int ipsec_out_tunnel_ipv4(odp_packet_t *pkt, if (ipsec_sa->copy_df) flags = state->out_tunnel.ip_df; else - flags = ((uint16_t)ipsec_sa->out.tun_ipv4.df) << 14; + flags = ((uint16_t)ipv4_param->df) << 14; out_ip.frag_offset = _odp_cpu_to_be_16(flags); - out_ip.ttl = ipsec_sa->out.tun_ipv4.ttl; + out_ip.ttl = ipv4_param->ttl; /* Will be filled later by packet checksum update */ out_ip.chksum = 0; - out_ip.src_addr = ipsec_sa->out.tun_ipv4.src_ip; - out_ip.dst_addr = ipsec_sa->out.tun_ipv4.dst_ip; + memcpy(&out_ip.src_addr, ipv4_param->src_addr, + _ODP_IPV4ADDR_LEN); + memcpy(&out_ip.dst_addr, ipv4_param->dst_addr, + _ODP_IPV4ADDR_LEN); if (odp_packet_extend_head(pkt, _ODP_IPV4HDR_LEN, NULL, NULL) < 0) @@ -947,7 +950,8 @@ static int ipsec_out_tunnel_ipv4(odp_packet_t *pkt, static int ipsec_out_tunnel_ipv6(odp_packet_t *pkt, ipsec_state_t *state, - ipsec_sa_t *ipsec_sa) + ipsec_sa_t *ipsec_sa, + const odp_ipsec_ipv6_param_t *ipv6_param) { _odp_ipv6hdr_t out_ip; uint32_t ver; @@ -958,23 +962,23 @@ static int ipsec_out_tunnel_ipv6(odp_packet_t *pkt, else ver |= ((state->out_tunnel.ip_tos & ~_ODP_IP_TOS_DSCP_MASK) | - (ipsec_sa->out.tun_ipv6.dscp << + (ipv6_param->dscp << _ODP_IP_TOS_DSCP_SHIFT)) << _ODP_IPV6HDR_TC_SHIFT; if (ipsec_sa->copy_flabel) ver |= state->out_tunnel.ip_flabel; else - ver |= ipsec_sa->out.tun_ipv6.flabel; + ver |= ipv6_param->flabel; out_ip.ver_tc_flow = odp_cpu_to_be_32(ver); state->ip_tot_len = odp_packet_len(*pkt) - state->ip_offset; out_ip.payload_len = _odp_cpu_to_be_16(state->ip_tot_len); state->ip_tot_len += _ODP_IPV6HDR_LEN; - out_ip.hop_limit = ipsec_sa->out.tun_ipv6.hlimit; - memcpy(&out_ip.src_addr, ipsec_sa->out.tun_ipv6.src_ip, + out_ip.hop_limit = ipv6_param->hlimit; + memcpy(&out_ip.src_addr, ipv6_param->src_addr, _ODP_IPV6ADDR_LEN); - memcpy(&out_ip.dst_addr, ipsec_sa->out.tun_ipv6.dst_ip, + memcpy(&out_ip.dst_addr, ipv6_param->dst_addr, _ODP_IPV6ADDR_LEN); if (odp_packet_extend_head(pkt, _ODP_IPV6HDR_LEN, @@ -1353,9 +1357,15 @@ static ipsec_sa_t *ipsec_out_single(odp_packet_t pkt, } if (ipsec_sa->tun_ipv4) - rc = ipsec_out_tunnel_ipv4(&pkt, &state, ipsec_sa); + rc = ipsec_out_tunnel_ipv4(&pkt, &state, ipsec_sa, + opt->flag.ip_param ? + &opt->ipv4 : + &ipsec_sa->out.tun_ipv4.param); else - rc = ipsec_out_tunnel_ipv6(&pkt, &state, ipsec_sa); + rc = ipsec_out_tunnel_ipv6(&pkt, &state, ipsec_sa, + opt->flag.ip_param ? + &opt->ipv6 : + &ipsec_sa->out.tun_ipv6.param); } if (rc < 0) { status->error.alg = 1; diff --git a/platform/linux-generic/odp_ipsec_sad.c b/platform/linux-generic/odp_ipsec_sad.c index 3ac8c49c3..05865eb3a 100644 --- a/platform/linux-generic/odp_ipsec_sad.c +++ b/platform/linux-generic/odp_ipsec_sad.c @@ -326,11 +326,15 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) param->outbound.tunnel.ipv4.dst_addr, sizeof(ipsec_sa->out.tun_ipv4.dst_ip)); odp_atomic_init_u32(&ipsec_sa->out.tun_ipv4.hdr_id, 0); - ipsec_sa->out.tun_ipv4.ttl = + ipsec_sa->out.tun_ipv4.param.src_addr = + &ipsec_sa->out.tun_ipv4.src_ip; + ipsec_sa->out.tun_ipv4.param.dst_addr = + &ipsec_sa->out.tun_ipv4.dst_ip; + ipsec_sa->out.tun_ipv4.param.ttl = param->outbound.tunnel.ipv4.ttl; - ipsec_sa->out.tun_ipv4.dscp = + ipsec_sa->out.tun_ipv4.param.dscp = param->outbound.tunnel.ipv4.dscp; - ipsec_sa->out.tun_ipv4.df = + ipsec_sa->out.tun_ipv4.param.df = param->outbound.tunnel.ipv4.df; } else { ipsec_sa->tun_ipv4 = 0; @@ -340,11 +344,15 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) memcpy(&ipsec_sa->out.tun_ipv6.dst_ip, param->outbound.tunnel.ipv6.dst_addr, sizeof(ipsec_sa->out.tun_ipv6.dst_ip)); - ipsec_sa->out.tun_ipv6.hlimit = + ipsec_sa->out.tun_ipv4.param.src_addr = + &ipsec_sa->out.tun_ipv6.src_ip; + ipsec_sa->out.tun_ipv4.param.dst_addr = + &ipsec_sa->out.tun_ipv6.dst_ip; + ipsec_sa->out.tun_ipv6.param.hlimit = param->outbound.tunnel.ipv6.hlimit; - ipsec_sa->out.tun_ipv6.dscp = + ipsec_sa->out.tun_ipv6.param.dscp = param->outbound.tunnel.ipv6.dscp; - ipsec_sa->out.tun_ipv6.flabel = + ipsec_sa->out.tun_ipv6.param.flabel = param->outbound.tunnel.ipv6.flabel; } }