From patchwork Wed Jul 22 08:26:03 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexandru Badicioiu X-Patchwork-Id: 51335 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-la0-f69.google.com (mail-la0-f69.google.com [209.85.215.69]) by patches.linaro.org (Postfix) with ESMTPS id B2040228EF for ; Wed, 22 Jul 2015 08:26:50 +0000 (UTC) Received: by laah7 with SMTP id h7sf29142397laa.2 for ; Wed, 22 Jul 2015 01:26:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:delivered-to:from:to:date :message-id:mime-version:subject:precedence:list-id:list-unsubscribe :list-archive:list-post:list-help:list-subscribe:content-type :content-transfer-encoding:errors-to:sender:x-original-sender :x-original-authentication-results:mailing-list; bh=NEyMlLHkNJZ+e/JzYT9562OHSemuT/slplFVZuEZoTI=; b=m3q19lMp03gXRk2N1G8Bsi55LrjHaG9Cpd376H/Dgst91svs99w8RVD+sBfYPrOZSG tCEXFQ1z+XjQwl+zL1kNDV9Nci3Jh/bwb43TskKK0dvRr12321wjbycT9nw1cFXkW3Nt eQXlowd4I5a0hSgNHIdyi+Dt1fTIhprAGV+FCldgUCsv/uU0Uxzsh3NP7rKgVLGq0OvL zYHJo1JcUje7E1/Dp2Qlk1TCf+zFsCgbm/sbjNT3FJN6BLQBRlbTuLrarfKmAejRB9KF Si7eVKwtcWGuXtpLguYHaHqQX71hGaNWtqhOXN8BU2JlN+h7uX1P1yzms0bvDJp/V3On szlg== X-Gm-Message-State: ALoCoQnRWngX3xo72S3ze3yd4aZnN2cgJ5XToKf1Yc1wgoxYfpmyMPTzCG+JkInRtsBKmfm0/pwV X-Received: by 10.112.171.41 with SMTP id ar9mr655331lbc.24.1437553609670; Wed, 22 Jul 2015 01:26:49 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.152.36.34 with SMTP id n2ls46382laj.15.gmail; Wed, 22 Jul 2015 01:26:49 -0700 (PDT) X-Received: by 10.152.239.131 with SMTP id vs3mr1223991lac.102.1437553609437; Wed, 22 Jul 2015 01:26:49 -0700 (PDT) Received: from mail-lb0-f170.google.com (mail-lb0-f170.google.com. [209.85.217.170]) by mx.google.com with ESMTPS id a2si579143lah.138.2015.07.22.01.26.49 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 22 Jul 2015 01:26:49 -0700 (PDT) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.217.170 as permitted sender) client-ip=209.85.217.170; Received: by lblf12 with SMTP id f12so131661038lbl.2 for ; Wed, 22 Jul 2015 01:26:49 -0700 (PDT) X-Received: by 10.112.131.98 with SMTP id ol2mr1244701lbb.56.1437553609296; Wed, 22 Jul 2015 01:26:49 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.112.7.198 with SMTP id l6csp1944276lba; Wed, 22 Jul 2015 01:26:48 -0700 (PDT) X-Received: by 10.140.150.142 with SMTP id 136mr1807007qhw.17.1437553607759; Wed, 22 Jul 2015 01:26:47 -0700 (PDT) Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id 10si787096qgd.58.2015.07.22.01.26.46; Wed, 22 Jul 2015 01:26:47 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Received: by lists.linaro.org (Postfix, from userid 109) id 0FF6061B6A; Wed, 22 Jul 2015 08:26:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252.ec2.internal X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_PASS, URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from ip-10-142-244-252.ec2.internal (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 2AB3B61B58; Wed, 22 Jul 2015 08:26:39 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 78C9661B5D; Wed, 22 Jul 2015 08:26:27 +0000 (UTC) Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2on0064.outbound.protection.outlook.com [65.55.169.64]) by lists.linaro.org (Postfix) with ESMTPS id 3C35961B56 for ; Wed, 22 Jul 2015 08:26:25 +0000 (UTC) Received: from BN3PR0301CA0072.namprd03.prod.outlook.com (10.160.152.168) by CY1PR0301MB0730.namprd03.prod.outlook.com (10.160.159.148) with Microsoft SMTP Server (TLS) id 15.1.219.17; Wed, 22 Jul 2015 08:26:24 +0000 Received: from BY2FFO11OLC013.protection.gbl (2a01:111:f400:7c0c::114) by BN3PR0301CA0072.outlook.office365.com (2a01:111:e400:401e::40) with Microsoft SMTP Server (TLS) id 15.1.225.19 via Frontend Transport; Wed, 22 Jul 2015 08:26:23 +0000 Received-SPF: SoftFail (protection.outlook.com: domain of transitioning linaro.org discourages use of 192.88.168.50 as permitted sender) Received: from tx30smr01.am.freescale.net (192.88.168.50) by BY2FFO11OLC013.mail.protection.outlook.com (10.1.15.25) with Microsoft SMTP Server (TLS) id 15.1.213.8 via Frontend Transport; Wed, 22 Jul 2015 08:26:22 +0000 Received: from fsr-fed1364-15.ea.freescale.net (fsr-fed1364-15.ea.freescale.net [10.171.81.144]) by tx30smr01.am.freescale.net (8.14.3/8.14.0) with ESMTP id t6M8QK9L013507; Wed, 22 Jul 2015 01:26:21 -0700 From: To: Date: Wed, 22 Jul 2015 11:26:03 +0300 Message-ID: <1437553563-6709-1-git-send-email-alexandru.badicioiu@linaro.org> X-Mailer: git-send-email 1.7.3.4 X-EOPAttributedMessage: 0 X-Matching-Connectors: 130820271830789887; (91ab9b29-cfa4-454e-5278-08d120cd25b8); () X-Microsoft-Exchange-Diagnostics: 1; BY2FFO11OLC013; 1:TgBEyvU3BkPIeOG9Kts1HKxCDJJSplj6TLKwVFaMjj7xewzgO3+cE3bHItvSNhX3Yfsi6aUKPdzdiFvAZNTUplsoLLc+ESgnk6QMY7OwSdkcZhbnWzF+zyzlK7qzOwydxT9k9HecWJNOCi0/0kUDLoriDau0XHxydfJ7bhCw5ev1+FNXsesoD7yfvPohzjlKy0lhOKtb9keQSbASeCKrcG7ilBMhJr+lBu5HnxuNLkPp42WJ2DzBp29+kmn5c7rXdPTbs0f4m2UoubLfqpl9P0VW5Gb3gCwr8LgQNXrS61d2btgVReBZ06KWmTU9qLoMK5cvjysxfWSFlskaXdWxCn47pv3/WTrHTxg01ytyMj5KVVRGwvVFyXvtsc9u1+Nc4wzUu/0NtTXk2ye5QLbWGAhtgCNyTfVrStMaMuSbU4OItcSPJ2aod5Piokvoh3FS4MXsKhaacLRzPH86R0eRng== X-Forefront-Antispam-Report: CIP:192.88.168.50; CTRY:US; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10009020)(6009001)(2980300002)(199003)(189002)(92566002)(105596002)(106466001)(86152002)(6806004)(86362001)(104016003)(87936001)(19580405001)(5001960100002)(19580395003)(2351001)(62966003)(36756003)(33646002)(46102003)(189998001)(48376002)(50466002)(50986999)(229853001)(47776003)(5003940100001)(5001920100001)(50226001)(77156002)(77096005); DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR0301MB0730; H:tx30smr01.am.freescale.net; FPR:; SPF:SoftFail; MLV:sfv; A:1; MX:1; LANG:en; MIME-Version: 1.0 X-Microsoft-Exchange-Diagnostics: 1; CY1PR0301MB0730; 2:qSt5DfZc78TW3OcxyCW0s5AsIMUOwuaQZ7ILUwV1l8SPTlVdAPIS/RwOigTyz3/o; 3:hbRUq7c5UcK/doPpKY76M1BGSXEP4zc8x3VI8B65r0m5rzI9FJML9dUKwlusei5+/Y1M02uJ2VpEF7GR9W3vOoost0k+AHg77xh+o8mlsZa8QOgjfjTj9rt6FCMGzBiC1VNtd+6ARL6Hn+6Km9l05obgplGUAI9pYaqR3XDHeZYqcikcSh4u9H8pVBzZAems7CrOPeZPY0dGlYC9Xon3wlcgXz3JmrC/UrbWn2IKlXI=; 25:TIFSCoeOJmUOITs3xO6YG8cClIJa/ImF9f6rBfFt/B4187+QPt/NYEvE5gkB6FxWe+DoVW23RkNvJsmd3DlJdaynSfSOOnWbeIeGOk8CsTKGzSS/RIr+d9+VLzM8Icn3Bs/hB3q0m7QQWbWnz6aAKd4l7b1bM7IKv8yyIUtn08WF3ndUYWOqld72p+JT+tHRRd1efR6C/J5u2Gfx7TYa2oSTwwLePKbcqekoqVXyyNhJJx4K1Lzfs9wWOHNeKyNUwQhKgMafhJG6RYaWno9vAA==; 4:pS3LQ8xoC/nYVE5mSrf7GQpTzQ8x1ivtwGna45egZ2AoxKlhUE+gqdTarhOW2DLw5O0Phe2xByKvM/ODNRYxt9D0we9O6j+lZi34CYsMBUJsPl3G418xWpzT8tDs9CdiiExGrVI+FSeLUGlGMp3wTl3/tFmrBlaMEx65siZO1YN+yz/Yyv/j/EiEcBdAD1XZShzjWNwCRDXhR2mk0GsZQ2HPn+O9XhT/PjxEVkFtNIymirCdCPdrc5KdD69nnU+kA7uQhSsD9LYDwwkVtSCMSm2NSWZAqudXbotz4etGfXA= X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CY1PR0301MB0730; X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(5005006)(3002001); SRVR:CY1PR0301MB0730; BCL:0; PCL:0; RULEID:(400006); SRVR:CY1PR0301MB0730; X-Forefront-PRVS: 0645BEB7AA X-Microsoft-Exchange-Diagnostics: 1; CY1PR0301MB0730; 23:qQLCQvfYFyRqMPyI4onIiImvPX85kLeZHMgiGhZeqE8n89TXn1/SQ2Wu42nv9ViRjMgeqV50PlDvMMtFsu0MoHjAIFRc/hybDr5TEfuLEhBdzXC1FrETTmPo02mp4/Q10byfqXvwzFVmgPBmMvWp1xmr73DvB3zKckLbjp8565VW0WxjWzmgOjjjoBtTQnfnWlCbGFW0KSsZp/tTFX9FrUicIkzU8pv2Es3FO4YR/zsGaHStEG2FOEd9P8ARVETUikXpDipW4E9V1/avWvzIxJluMQPaYUYlEXKGjQBT7fraiXF6YjE+khFTMkko08BFSIc5/P7sRAtRHq1cyRcAf178l7oUSZ8WHSOK1h6QjS53hUmIsoo4DaLxEhq5OqeKhKQNVBPdCXiwFzitNs5UyW7naLAvbFQFstY0Szvbr0Ky6twjBNdGkSp+VyITDIOsP/7/kkhVyTOmuPQo9fANEupdR27KDjDbnmY9Uf5uAEei3r/O3VqnBZ1QBMRSwS9onx3mDoCBtr3KwAOZej+x6QjgmKwE8ErDSFKc6g7Cmtel3szMymzFDPj50J/1LVlThjOnZ83i6ejr2pFcRLJFCRwdE5ptTikM585773KUGpjqPR7yslJp1CvAlgEm5cAX/yWJwMjYVrroaI1qtrxxbRsG+PCEZGBfoJVvIurQBqNsgwxT/UKH6kwN8H8XtP1KzaJIvRBjZOxThqOvi9oQLsEo4yKt0jLfaSYCb7T1ipbLTn7Tus3nPPTVa0M9ske4ZBdKfiyUHz8eGOlLFF4zlfA/a9860YX/5pkA0IrFeI3NFm8RZ+jAbE0Q0C6HBi9fdYqU8xhH63yAc+n90pjiS0OcFNeO5aFs6V4Ihx25tLg= X-Microsoft-Exchange-Diagnostics: 1; CY1PR0301MB0730; 5:7bYqfRMg5o2SGQ6EVJdwPaykw/u3LCGao0Wd1HFYosQk4PQezhThzsTnSjtbyPFmbp9ktY5hBtGksEPwfN5tZbIUMmQ4Bk+xknw2XcbpgvYZWW8eUErVbShNVacT71MymMDUNs7xFWlWdekUCTw2XbgCZ3OaSOnxmZ036mW7Urw=; 24:cvKoCGMeU9c54RfVQjoqOmJUJJYMVZjuTtq1N0kI266zTjaWSmro0SgOTMDNiLPsjONU9bq00dlDfBs2h+C0gr2OlbCQhZovxzwUBXiAHYg= X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Jul 2015 08:26:22.8917 (UTC) X-MS-Exchange-CrossTenant-Id: 5afe0b00-7697-4969-b663-5eab37d5f47e X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=5afe0b00-7697-4969-b663-5eab37d5f47e; Ip=[192.88.168.50]; Helo=[tx30smr01.am.freescale.net] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR0301MB0730 X-Topics: crypto patch Subject: [lng-odp] [API-NEXT PATCH] api: crypto: add crypto IPSec extension X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: , List-Help: , List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: alexandru.badicioiu@linaro.org X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.217.170 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 From: Alexandru Badicioiu This patch adds IPSec protocol processing capabilities to crypto sesssions. Implementations which have these capabilities in hardware crypto engines can use the extension to offload the application from IPSec protocol processing. Signed-off-by: Alexandru Badicioiu --- include/odp/api/crypto_ipsec.h | 110 ++++++++++++++++++++ platform/linux-generic/include/odp/crypto.h | 2 + .../include/odp/plat/crypto_ipsec_types.h | 53 ++++++++++ 3 files changed, 165 insertions(+), 0 deletions(-) create mode 100644 include/odp/api/crypto_ipsec.h create mode 100644 platform/linux-generic/include/odp/plat/crypto_ipsec_types.h diff --git a/include/odp/api/crypto_ipsec.h b/include/odp/api/crypto_ipsec.h new file mode 100644 index 0000000..e59fea4 --- /dev/null +++ b/include/odp/api/crypto_ipsec.h @@ -0,0 +1,110 @@ +/* Copyright (c) 2014, Linaro Limited + * All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/** + * @file + * + * ODP crypto IPSec extension + */ + +#ifndef ODP_API_CRYPTO_IPSEC_H_ +#define ODP_API_CRYPTO_IPSEC_H_ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * @enum odp_ipsec_outhdr_type + * IPSec tunnel outer header type + * + * @enum odp_ipsec_ar_ws + * IPSec Anti-replay window size + * + */ + +typedef struct odp_ipsec_params { + uint32_t spi; /** SPI value */ + uint32_t seq; /** Initial SEQ number */ + enum odp_ipsec_ar_ws ar_ws; /** Anti-replay window size - + inbound session with authentication */ + odp_bool_t esn; /** Use extended sequence numbers */ + odp_bool_t auto_iv; /** Auto IV generation for each operation. */ + uint16_t out_hdr_size; /** outer header size - tunnel mode */ + uint8_t *out_hdr; /** outer header - tunnel mode */ + enum odp_ipsec_outhdr_type out_hdr_type; /* outer header type - + tunnel mode */ + odp_bool_t ip_csum; /** update/verify ip header checksum */ + odp_bool_t ip_dttl; /** decrement ttl - tunnel mode encap & decap */ + odp_bool_t remove_outer_hdr; /** remove outer header - tunnel mode decap */ + odp_bool_t copy_dscp; /** DiffServ Copy - Copy the IPv4 TOS or + IPv6 Traffic Class byte from the inner/outer + IP header to the outer/inner IP header - + tunnel mode encap & decap */ + odp_bool_t copy_df; /** Copy DF bit - copy the DF bit from + the inner IP header to the + outer IP header - tunnel mode encap */ + odp_bool_t nat_t; /** NAT-T encapsulation enabled - tunnel mode */ + odp_bool_t udp_csum; /** Update/verify UDP csum when NAT-T enabled */ + +} odp_ipsec_params_t; + +/** + * @enum odp_ipsec_mode:ODP_IPSEC_MODE_TUNNEL + * IPSec tunnel mode + * + * @enum odp_ipsec_mode:ODP_IPSEC_MODE_TRANSPORT + * IPSec transport mode + * + * @enum odp_ipsec_proto + * IPSec protocol + */ + +/** + * Configure crypto session for IPsec processing + * + * Configures a crypto session for IPSec protocol processing. + * Packets submitted to an IPSec enabled session will have + * relevant IPSec headers/trailers and tunnel headers + * added/removed by the crypto implementation. + * For example, the input packet for an IPSec ESP transport + * enabled session should be the clear text packet with + * no ESP headers/trailers prepared in advance for crypto operation. + * The output packet will have ESP header, IV, trailer and the ESP ICV + * added by crypto implementation. + * Depending on the particular capabilities of an implementation and + * the parameters enabled by application, the application may be + * partially or completely offloaded from IPSec protocol processing. + * For example, if an implementation does not support checksum + * update for IP header after adding ESP header the application + * should update after crypto IPSec operation. + * + * If an implementation does not support a particular set of + * arguments it should return error. + * + * @param session Session handle + * @param ipsec_mode IPSec protocol mode + * @param ipsec_proto IPSec protocol + * @param ipsec_params IPSec parameters. Parameters which are not + * relevant for selected protocol & mode are ignored - + * e.g. outer_hdr/size set for ESP transport mode. + * @retval 0 on success + * @retval <0 on failure + */ +int odp_crypto_session_config_ipsec(odp_crypto_session_t session, + enum odp_ipsec_mode ipsec_mode, + enum odp_ipsec_proto ipsec_proto, + odp_ipsec_params_t ipsec_params); + +/** + * @} + */ + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/platform/linux-generic/include/odp/crypto.h b/platform/linux-generic/include/odp/crypto.h index 7684c1e..718ab7d 100644 --- a/platform/linux-generic/include/odp/crypto.h +++ b/platform/linux-generic/include/odp/crypto.h @@ -20,6 +20,7 @@ extern "C" { #include #include #include +#include #include #include #include @@ -33,6 +34,7 @@ extern "C" { */ #include +#include #ifdef __cplusplus } diff --git a/platform/linux-generic/include/odp/plat/crypto_ipsec_types.h b/platform/linux-generic/include/odp/plat/crypto_ipsec_types.h new file mode 100644 index 0000000..74521da --- /dev/null +++ b/platform/linux-generic/include/odp/plat/crypto_ipsec_types.h @@ -0,0 +1,53 @@ +/* Copyright (c) 2015, Linaro Limited + * All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/** + * @file + * + * ODP crypto + */ + +#ifndef ODP_CRYPTO_IPSEC_TYPES_H_ +#define ODP_CRYPTO_IPSEC_TYPES_H_ + +#ifdef __cplusplus +extern "C" { +#endif + +/** @addtogroup odp_crypto + * @{ + */ + +enum odp_ipsec_mode { + ODP_IPSEC_MODE_TUNNEL, /**< IPSec tunnel mode */ + ODP_IPSEC_MODE_TRANSPORT, /**< IPSec transport mode */ +}; + +enum odp_ipsec_proto { + ODP_IPSEC_ESP, /**< ESP protocol */ +}; + +enum odp_ipsec_outhdr_type { + ODP_IPSEC_OUTHDR_IPV4, /**< Outer header is IPv4 */ + ODP_IPSEC_OUTHDR_IPV6, /**< Outer header is IPv6 */ +}; + +enum odp_ipsec_ar_ws { + ODP_IPSEC_AR_WS_NONE, /**< Anti-replay is not enabled */ + ODP_IPSEC_AR_WS_32, /**< Anti-replay window size 32 */ + ODP_IPSEC_AR_WS_64, /**< Anti-replay window size 64 */ + ODP_IPSEC_AR_WS_128, /**< Anti-replay window size 128 */ +}; + +/** + * @} + */ + +#ifdef __cplusplus +} +#endif + +#endif