X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=examples%2Fipsec-secgw%2Fipsec.h;h=7031e28c4686a19683532444a188d8110d085fa8;hb=c47463272f572a4d78109763399b5e3817b848a9;hp=4f2fd61840e59b00654959f044654e0730b05600;hpb=2cf67788ae895b4e3c05059e1feb06f6d3d8865e;p=dpdk.git diff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h index 4f2fd61840..7031e28c46 100644 --- a/examples/ipsec-secgw/ipsec.h +++ b/examples/ipsec-secgw/ipsec.h @@ -13,11 +13,11 @@ #include #include -#define RTE_LOGTYPE_IPSEC RTE_LOGTYPE_USER1 +#include "ipsec-secgw.h" + #define RTE_LOGTYPE_IPSEC_ESP RTE_LOGTYPE_USER2 #define RTE_LOGTYPE_IPSEC_IPIP RTE_LOGTYPE_USER3 -#define MAX_PKT_BURST 32 #define MAX_INFLIGHT 128 #define MAX_QP_PER_LCORE 256 @@ -28,13 +28,6 @@ #define IV_OFFSET (sizeof(struct rte_crypto_op) + \ sizeof(struct rte_crypto_sym_op)) -#define uint32_t_to_char(ip, a, b, c, d) do {\ - *a = (uint8_t)(ip >> 24 & 0xff);\ - *b = (uint8_t)(ip >> 16 & 0xff);\ - *c = (uint8_t)(ip >> 8 & 0xff);\ - *d = (uint8_t)(ip & 0xff);\ - } while (0) - #define DEFAULT_MAX_CATEGORIES 1 #define INVALID_SPI (0) @@ -72,7 +65,7 @@ struct ip_addr { } ip; }; -#define MAX_KEY_SIZE 32 +#define MAX_KEY_SIZE 36 /* * application wide SA parameters @@ -87,6 +80,12 @@ struct app_sa_prm { extern struct app_sa_prm app_sa_prm; +struct flow_info { + struct rte_flow *rx_def_flow; +}; + +extern struct flow_info flow_info_tbl[RTE_MAX_ETHPORTS]; + enum { IPSEC_SESSION_PRIMARY = 0, IPSEC_SESSION_FALLBACK = 1, @@ -138,6 +137,8 @@ struct ipsec_sa { }; enum rte_security_ipsec_sa_direction direction; uint16_t portid; + uint8_t fdir_qid; + uint8_t fdir_flag; #define MAX_RTE_FLOW_PATTERN (4) #define MAX_RTE_FLOW_ACTIONS (3) @@ -153,6 +154,24 @@ struct ipsec_sa { struct rte_security_session_conf sess_conf; } __rte_cache_aligned; +struct ipsec_xf { + struct rte_crypto_sym_xform a; + struct rte_crypto_sym_xform b; +}; + +struct ipsec_sad { + struct rte_ipsec_sad *sad_v4; + struct rte_ipsec_sad *sad_v6; +}; + +struct sa_ctx { + void *satbl; /* pointer to array of rte_ipsec_sa objects*/ + struct ipsec_sad sad; + struct ipsec_xf *xf; + uint32_t nb_sa; + struct ipsec_sa sa[]; +}; + struct ipsec_mbuf_metadata { struct ipsec_sa *sa; struct rte_crypto_op cop; @@ -231,21 +250,22 @@ struct cnt_blk { uint32_t salt; uint64_t iv; uint32_t cnt; -} __attribute__((packed)); - -struct traffic_type { - const uint8_t *data[MAX_PKT_BURST * 2]; - struct rte_mbuf *pkts[MAX_PKT_BURST * 2]; - void *saptr[MAX_PKT_BURST * 2]; - uint32_t res[MAX_PKT_BURST * 2]; - uint32_t num; -}; +} __rte_packed; -struct ipsec_traffic { - struct traffic_type ipsec; - struct traffic_type ip4; - struct traffic_type ip6; -}; +/* Socket ctx */ +extern struct socket_ctx socket_ctx[NB_SOCKETS]; + +void +ipsec_poll_mode_worker(void); + +int +ipsec_launch_one_lcore(void *args); + +extern struct ipsec_sa *sa_out; +extern uint32_t nb_sa_out; + +extern struct ipsec_sa *sa_in; +extern uint32_t nb_sa_in; uint16_t ipsec_inbound(struct ipsec_ctx *ctx, struct rte_mbuf *pkts[], @@ -383,5 +403,13 @@ create_lookaside_session(struct ipsec_ctx *ipsec_ctx, struct ipsec_sa *sa, int create_inline_session(struct socket_ctx *skt_ctx, struct ipsec_sa *sa, struct rte_ipsec_session *ips); +int +check_flow_params(uint16_t fdir_portid, uint8_t fdir_qid); + +int +create_ipsec_esp_flow(struct ipsec_sa *sa); + +uint32_t +get_nb_crypto_sessions(void); #endif /* __IPSEC_H__ */