From patchwork Thu Mar 1 21:00:51 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 130422 Delivered-To: patch@linaro.org Received: by 10.80.172.228 with SMTP id x91csp3284257edc; Thu, 1 Mar 2018 13:08:05 -0800 (PST) X-Google-Smtp-Source: AG47ELsThLaP6zwrnAhaIAVj7uJlmj2CPnQ/1/zYlOnwpi5U4i2MKPh2qGoMvjPAeWWeR7STC/Mh X-Received: by 2002:a25:8b05:: with SMTP id i5-v6mr2257916ybl.427.1519938485510; Thu, 01 Mar 2018 13:08:05 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519938485; cv=none; d=google.com; s=arc-20160816; b=V1xiN51SI5wWyw4hX4gbu+b/+55rbwEEgYMvnBUHN6w+iEKDNzMfI0b1Rb6zRzt4PZ MESDCxoG3vTJav5G0tyDdiRtRDCY3OyfqvWKo9dyrDr4obYfNbqzSeHgmjXDGDgnS2PN eeJxO/tTh66Wz1oJGYNuD4Nl9poB6bmij9CfvS3j2w3ig81S2ej5w2aKkppk65+xC+k6 5Y147XHfwz3nrDJZEilj6b9VmOlFNeM3DvT9/HdhO6PUcO++whndqUfr6mZHwghpULpU a1IZs0ad/GDMcpiZCypNxYxQq23s8xOP+ACD/QAKU5jcKt7W8LxsC4ZFQVrpQIO6giOZ t0lg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=V8nYq4h6eFrcvlSn/kSs2fWfLYDgeqY9Bs5taQjd3ug=; b=nNSa/xzaekOfOxsQ7NCU1tU0U7FkfyZohRRFD+qPFdTVkG5XYYXN7RAZwXCNZJRLm4 cSZLcuanJFMHPjLrwx31nLcAcRgtNS2i2CMbqrEyqeJZszliJf/A4+fcm7dc/PHO0kWv 3JzVLYxsFKBsspbmqpNua3SXmL4M6q2Yeg44GJkTkPrdAZo7z3aSJNlrcRHDZAMcGZ4P oACBH11JLwwjKkpcsVSSUfW9MNCmTrdNO3UQcNikcwtiEiVZ4ObChYGTtk6DhzF9djnX KZGPeCcSKTkbnoxHe6TOA6rZAqA7nRk0GIvOg5292TYch3k+QPqpsyMScb2PCZw1C3u4 aCRA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id x8si5443088qtk.33.2018.03.01.13.08.05; Thu, 01 Mar 2018 13:08:05 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 1EFDD62791; Thu, 1 Mar 2018 21:08:05 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id A3955627AA; Thu, 1 Mar 2018 21:01:54 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 85DE56277B; Thu, 1 Mar 2018 21:01:25 +0000 (UTC) Received: from forward106o.mail.yandex.net (forward106o.mail.yandex.net [37.140.190.187]) by lists.linaro.org (Postfix) with ESMTPS id 876076278C for ; Thu, 1 Mar 2018 21:01:08 +0000 (UTC) Received: from mxback20j.mail.yandex.net (mxback20j.mail.yandex.net [IPv6:2a02:6b8:0:1619::114]) by forward106o.mail.yandex.net (Yandex) with ESMTP id 6D436780DA5 for ; Fri, 2 Mar 2018 00:01:06 +0300 (MSK) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [2a02:6b8:0:1a2d::27]) by mxback20j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id 8LlYKgcPi0-16eShenI; Fri, 02 Mar 2018 00:01:06 +0300 Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id BpjAadXdWb-152qDsKT; Fri, 02 Mar 2018 00:01:05 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Fri, 2 Mar 2018 00:00:51 +0300 Message-Id: <1519938053-24031-12-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1519938053-24031-1-git-send-email-odpbot@yandex.ru> References: <1519938053-24031-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 505 Subject: [lng-odp] [PATCH v2 11/13] linux-gen: ipsec: take output ip_param into account X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Allow per-packet override of IP parameters. Signed-off-by: Dmitry Eremin-Solenikov Reviewed-by: Bill Fischofer Signed-off-by: Maxim Uvarov --- /** Email created from pull request 505 (muvarov:devel/master_merge_api-next) ** https://github.com/Linaro/odp/pull/505 ** Patch: https://github.com/Linaro/odp/pull/505.patch ** Base sha: 284f52d72ec19df3774c7409780f1f9eea33b8e6 ** Merge commit sha: 5da68bf06572d3d0651c37cbba03aa91995ec465 **/ .../linux-generic/include/odp_ipsec_internal.h | 9 ++--- platform/linux-generic/odp_ipsec.c | 38 ++++++++++++++-------- platform/linux-generic/odp_ipsec_sad.c | 20 ++++++++---- 3 files changed, 40 insertions(+), 27 deletions(-) diff --git a/platform/linux-generic/include/odp_ipsec_internal.h b/platform/linux-generic/include/odp_ipsec_internal.h index a449462ab..dfde4d574 100644 --- a/platform/linux-generic/include/odp_ipsec_internal.h +++ b/platform/linux-generic/include/odp_ipsec_internal.h @@ -161,22 +161,17 @@ struct ipsec_sa_s { union { struct { + odp_ipsec_ipv4_param_t param; odp_u32be_t src_ip; odp_u32be_t dst_ip; /* 32-bit from which low 16 are used */ odp_atomic_u32_t hdr_id; - - uint8_t ttl; - uint8_t dscp; - uint8_t df; } tun_ipv4; struct { + odp_ipsec_ipv6_param_t param; uint8_t src_ip[_ODP_IPV6ADDR_LEN]; uint8_t dst_ip[_ODP_IPV6ADDR_LEN]; - uint8_t hlimit; - uint8_t dscp; - uint32_t flabel; } tun_ipv6; }; } out; diff --git a/platform/linux-generic/odp_ipsec.c b/platform/linux-generic/odp_ipsec.c index 80362672d..9d13e60ca 100644 --- a/platform/linux-generic/odp_ipsec.c +++ b/platform/linux-generic/odp_ipsec.c @@ -888,7 +888,8 @@ static int ipsec_out_tunnel_parse_ipv6(ipsec_state_t *state, static int ipsec_out_tunnel_ipv4(odp_packet_t *pkt, ipsec_state_t *state, - ipsec_sa_t *ipsec_sa) + ipsec_sa_t *ipsec_sa, + const odp_ipsec_ipv4_param_t *ipv4_param) { _odp_ipv4hdr_t out_ip; uint16_t flags; @@ -899,7 +900,7 @@ static int ipsec_out_tunnel_ipv4(odp_packet_t *pkt, else out_ip.tos = (state->out_tunnel.ip_tos & ~_ODP_IP_TOS_DSCP_MASK) | - (ipsec_sa->out.tun_ipv4.dscp << + (ipv4_param->dscp << _ODP_IP_TOS_DSCP_SHIFT); state->ip_tot_len = odp_packet_len(*pkt) - state->ip_offset; state->ip_tot_len += _ODP_IPV4HDR_LEN; @@ -911,13 +912,15 @@ static int ipsec_out_tunnel_ipv4(odp_packet_t *pkt, if (ipsec_sa->copy_df) flags = state->out_tunnel.ip_df; else - flags = ((uint16_t)ipsec_sa->out.tun_ipv4.df) << 14; + flags = ((uint16_t)ipv4_param->df) << 14; out_ip.frag_offset = _odp_cpu_to_be_16(flags); - out_ip.ttl = ipsec_sa->out.tun_ipv4.ttl; + out_ip.ttl = ipv4_param->ttl; /* Will be filled later by packet checksum update */ out_ip.chksum = 0; - out_ip.src_addr = ipsec_sa->out.tun_ipv4.src_ip; - out_ip.dst_addr = ipsec_sa->out.tun_ipv4.dst_ip; + memcpy(&out_ip.src_addr, ipv4_param->src_addr, + _ODP_IPV4ADDR_LEN); + memcpy(&out_ip.dst_addr, ipv4_param->dst_addr, + _ODP_IPV4ADDR_LEN); if (odp_packet_extend_head(pkt, _ODP_IPV4HDR_LEN, NULL, NULL) < 0) @@ -947,7 +950,8 @@ static int ipsec_out_tunnel_ipv4(odp_packet_t *pkt, static int ipsec_out_tunnel_ipv6(odp_packet_t *pkt, ipsec_state_t *state, - ipsec_sa_t *ipsec_sa) + ipsec_sa_t *ipsec_sa, + const odp_ipsec_ipv6_param_t *ipv6_param) { _odp_ipv6hdr_t out_ip; uint32_t ver; @@ -958,23 +962,23 @@ static int ipsec_out_tunnel_ipv6(odp_packet_t *pkt, else ver |= ((state->out_tunnel.ip_tos & ~_ODP_IP_TOS_DSCP_MASK) | - (ipsec_sa->out.tun_ipv6.dscp << + (ipv6_param->dscp << _ODP_IP_TOS_DSCP_SHIFT)) << _ODP_IPV6HDR_TC_SHIFT; if (ipsec_sa->copy_flabel) ver |= state->out_tunnel.ip_flabel; else - ver |= ipsec_sa->out.tun_ipv6.flabel; + ver |= ipv6_param->flabel; out_ip.ver_tc_flow = odp_cpu_to_be_32(ver); state->ip_tot_len = odp_packet_len(*pkt) - state->ip_offset; out_ip.payload_len = _odp_cpu_to_be_16(state->ip_tot_len); state->ip_tot_len += _ODP_IPV6HDR_LEN; - out_ip.hop_limit = ipsec_sa->out.tun_ipv6.hlimit; - memcpy(&out_ip.src_addr, ipsec_sa->out.tun_ipv6.src_ip, + out_ip.hop_limit = ipv6_param->hlimit; + memcpy(&out_ip.src_addr, ipv6_param->src_addr, _ODP_IPV6ADDR_LEN); - memcpy(&out_ip.dst_addr, ipsec_sa->out.tun_ipv6.dst_ip, + memcpy(&out_ip.dst_addr, ipv6_param->dst_addr, _ODP_IPV6ADDR_LEN); if (odp_packet_extend_head(pkt, _ODP_IPV6HDR_LEN, @@ -1352,9 +1356,15 @@ static ipsec_sa_t *ipsec_out_single(odp_packet_t pkt, } if (ipsec_sa->tun_ipv4) - rc = ipsec_out_tunnel_ipv4(&pkt, &state, ipsec_sa); + rc = ipsec_out_tunnel_ipv4(&pkt, &state, ipsec_sa, + opt->flag.ip_param ? + &opt->ipv4 : + &ipsec_sa->out.tun_ipv4.param); else - rc = ipsec_out_tunnel_ipv6(&pkt, &state, ipsec_sa); + rc = ipsec_out_tunnel_ipv6(&pkt, &state, ipsec_sa, + opt->flag.ip_param ? + &opt->ipv6 : + &ipsec_sa->out.tun_ipv6.param); } if (rc < 0) { status->error.alg = 1; diff --git a/platform/linux-generic/odp_ipsec_sad.c b/platform/linux-generic/odp_ipsec_sad.c index 3ac8c49c3..05865eb3a 100644 --- a/platform/linux-generic/odp_ipsec_sad.c +++ b/platform/linux-generic/odp_ipsec_sad.c @@ -326,11 +326,15 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) param->outbound.tunnel.ipv4.dst_addr, sizeof(ipsec_sa->out.tun_ipv4.dst_ip)); odp_atomic_init_u32(&ipsec_sa->out.tun_ipv4.hdr_id, 0); - ipsec_sa->out.tun_ipv4.ttl = + ipsec_sa->out.tun_ipv4.param.src_addr = + &ipsec_sa->out.tun_ipv4.src_ip; + ipsec_sa->out.tun_ipv4.param.dst_addr = + &ipsec_sa->out.tun_ipv4.dst_ip; + ipsec_sa->out.tun_ipv4.param.ttl = param->outbound.tunnel.ipv4.ttl; - ipsec_sa->out.tun_ipv4.dscp = + ipsec_sa->out.tun_ipv4.param.dscp = param->outbound.tunnel.ipv4.dscp; - ipsec_sa->out.tun_ipv4.df = + ipsec_sa->out.tun_ipv4.param.df = param->outbound.tunnel.ipv4.df; } else { ipsec_sa->tun_ipv4 = 0; @@ -340,11 +344,15 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) memcpy(&ipsec_sa->out.tun_ipv6.dst_ip, param->outbound.tunnel.ipv6.dst_addr, sizeof(ipsec_sa->out.tun_ipv6.dst_ip)); - ipsec_sa->out.tun_ipv6.hlimit = + ipsec_sa->out.tun_ipv4.param.src_addr = + &ipsec_sa->out.tun_ipv6.src_ip; + ipsec_sa->out.tun_ipv4.param.dst_addr = + &ipsec_sa->out.tun_ipv6.dst_ip; + ipsec_sa->out.tun_ipv6.param.hlimit = param->outbound.tunnel.ipv6.hlimit; - ipsec_sa->out.tun_ipv6.dscp = + ipsec_sa->out.tun_ipv6.param.dscp = param->outbound.tunnel.ipv6.dscp; - ipsec_sa->out.tun_ipv6.flabel = + ipsec_sa->out.tun_ipv6.param.flabel = param->outbound.tunnel.ipv6.flabel; } }