[10/13] IPsec example SP DB

Message ID	1408624238-12430-11-git-send-email-robking@cisco.com
State	New
Headers	show Return-Path: <patchwork-forward+bncBD577NO5HMIJZTOXT4CRUBAGIK5RE@linaro.org> Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 2607:f8b0:400c:c03::236 as permitted sender) client-ip=2607:f8b0:400c:c03::236; Received-SPF: none (google.com: lng-odp-bounces@lists.linaro.org does not designate permitted sender hosts) client-ip=54.225.227.206; From: Robbie King <robking@cisco.com> To: lng-odp@lists.linaro.org Date: Thu, 21 Aug 2014 08:30:35 -0400 Message-Id: <1408624238-12430-11-git-send-email-robking@cisco.com> In-Reply-To: <1408624238-12430-1-git-send-email-robking@cisco.com> References: <1408624238-12430-1-git-send-email-robking@cisco.com> Subject: [lng-odp] [PATCH 10/13] IPsec example SP DB Precedence: list MIME-Version: 1.0 Errors-To: lng-odp-bounces@lists.linaro.org Sender: lng-odp-bounces@lists.linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit

Message ID

1408624238-12430-11-git-send-email-robking@cisco.com

State

New

Headers

Received-SPF: pass (google.com: domain of
	patch+caf_=patchwork-forward=linaro.org@linaro.org designates
	2607:f8b0:400c:c03::236 as permitted sender)
	client-ip=2607:f8b0:400c:c03::236; 
Received-SPF: none (google.com: lng-odp-bounces@lists.linaro.org does not
	designate permitted sender hosts) client-ip=54.225.227.206; 
From: Robbie King <robking@cisco.com>
To: lng-odp@lists.linaro.org
Date: Thu, 21 Aug 2014 08:30:35 -0400
Message-Id: <1408624238-12430-11-git-send-email-robking@cisco.com>
In-Reply-To: <1408624238-12430-1-git-send-email-robking@cisco.com>
References: <1408624238-12430-1-git-send-email-robking@cisco.com>
Subject: [lng-odp] [PATCH 10/13] IPsec example SP DB
Precedence: list
MIME-Version: 1.0
Errors-To: lng-odp-bounces@lists.linaro.org
Sender: lng-odp-bounces@lists.linaro.org
Mailing-list: list patchwork-forward@linaro.org;
	contact patchwork-forward+owners@linaro.org
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

Commit Message

Robbie King Aug. 21, 2014, 12:30 p.m. UTC

Signed-off-by: Robbie King <robking@cisco.com>
---
 example/ipsec/odp_ipsec_sp_db.c |  124 +++++++++++++++++++++++++++++++++++++++
 example/ipsec/odp_ipsec_sp_db.h |   71 ++++++++++++++++++++++
 2 files changed, 195 insertions(+), 0 deletions(-)
 create mode 100644 example/ipsec/odp_ipsec_sp_db.c
 create mode 100644 example/ipsec/odp_ipsec_sp_db.h

diff --git a/example/ipsec/odp_ipsec_sp_db.c b/example/ipsec/odp_ipsec_sp_db.c
new file mode 100644
index 0000000..a3de183
--- /dev/null
+++ b/example/ipsec/odp_ipsec_sp_db.c
@@ -0,0 +1,124 @@ 
+/* Copyright (c) 2014, Linaro Limited
+ * All rights reserved.
+ *
+ * SPDX-License-Identifier:     BSD-3-Clause
+ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <odp.h>
+#include <odp_align.h>
+#include <odp_crypto.h>
+
+#include <odp_ipsec_sp_db.h>
+
+/** Global pointer to sp db */
+sp_db_t *sp_db;
+
+void init_sp_db(void)
+{
+	sp_db = odp_shm_reserve("shm_sp_db",
+				sizeof(sp_db_t),
+				ODP_CACHE_LINE_SIZE);
+	if (sp_db == NULL) {
+		ODP_ERR("Error: shared mem alloc failed.\n");
+		exit(EXIT_FAILURE);
+	}
+	memset(sp_db, 0, sizeof(*sp_db));
+}
+
+int create_sp_db_entry(char *input)
+{
+	int pos;
+	char *local, *str, *save;
+	sp_db_entry_t *entry = &sp_db->array[sp_db->index];
+
+	/* Verify we have a good entry */
+	if (MAX_DB <= sp_db->index)
+		return -1;
+
+	/* Make a local copy */
+	local = malloc(strlen(input) + 1);
+	if (local == NULL)
+		return -1;
+	strcpy(local, input);
+
+	/* count the number of tokens separated by ',' */
+	for (str = local, save = NULL, pos = 0;; str = NULL, pos++) {
+		char *token = strtok_r(str, ":", &save);
+
+		/* Check for no more tokens */
+		if (token == NULL)
+			break;
+
+		/* Parse based on postion */
+		switch (pos) {
+		case 0:
+			parse_ipv4_string(token,
+					  &entry->src_subnet.addr,
+					  &entry->src_subnet.mask);
+			break;
+		case 1:
+			parse_ipv4_string(token,
+					  &entry->dst_subnet.addr,
+					  &entry->dst_subnet.mask);
+			break;
+		case 2:
+			if (0 == strcmp(token, "in"))
+				entry->input = TRUE;
+			else
+				entry->input = FALSE;
+			break;
+		case 3:
+			if (0 == strcmp(token, "esp")) {
+				entry->esp = TRUE;
+			} else if (0 == strcmp(token, "ah")) {
+				entry->ah = TRUE;
+			} else if (0 == strcmp(token, "both")) {
+				entry->esp = TRUE;
+				entry->ah = TRUE;
+			}
+			break;
+		default:
+			return -1;
+		}
+	}
+
+	/* Verify all positions filled */
+	if (4 != pos)
+		return -1;
+
+	/* Add route to the list */
+	sp_db->index++;
+	entry->next = sp_db->list;
+	sp_db->list = entry;
+
+	return 0;
+}
+
+void dump_sp_db_entry(sp_db_entry_t *entry)
+{
+	char src_subnet_str[32];
+	char dst_subnet_str[32];
+
+	printf(" %s %s %s %s:%s\n",
+	       ipv4_subnet_str(src_subnet_str, &entry->src_subnet),
+	       ipv4_subnet_str(dst_subnet_str, &entry->dst_subnet),
+	       entry->input ? "in" : "out",
+	       entry->esp ? "esp" : "none",
+	       entry->ah ? "ah" : "none");
+}
+
+void dump_sp_db(void)
+{
+	sp_db_entry_t *entry;
+
+	printf("\n"
+	       "Security policy table\n"
+	       "---------------------\n");
+
+	for (entry = sp_db->list; NULL != entry; entry = entry->next)
+		dump_sp_db_entry(entry);
+}
+
diff --git a/example/ipsec/odp_ipsec_sp_db.h b/example/ipsec/odp_ipsec_sp_db.h
new file mode 100644
index 0000000..a8a3199
--- /dev/null
+++ b/example/ipsec/odp_ipsec_sp_db.h
@@ -0,0 +1,71 @@ 
+/* Copyright (c) 2014, Linaro Limited
+ * All rights reserved.
+ *
+ * SPDX-License-Identifier:     BSD-3-Clause
+ */
+
+#ifndef ODP_IPSEC_SP_DB_H_
+#define ODP_IPSEC_SP_DB_H_
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <odp_ipsec_misc.h>
+
+/**
+ * Security Policy (SP) data base entry
+ */
+typedef struct sp_db_entry_s {
+	struct sp_db_entry_s *next;        /**< Next entry on list */
+	ip_addr_range_t       src_subnet;  /**< Source IPv4 subnet/range */
+	ip_addr_range_t       dst_subnet;  /**< Destination IPv4 subnet/range */
+	bool                  input;       /**< Direction when applied */
+	bool                  esp;         /**< Enable cipher (ESP) */
+	bool                  ah;          /**< Enable authentication (AH) */
+} sp_db_entry_t;
+
+/**
+ * Security Policy (SP) data base global structure
+ */
+typedef struct sp_db_s {
+	uint32_t         index;          /**< Index of next available entry */
+	sp_db_entry_t   *list;		 /**< List of active entries */
+	sp_db_entry_t    array[MAX_DB];	 /**< Entry storage */
+} sp_db_t;
+
+/** Global pointer to sp db */
+extern sp_db_t *sp_db;
+
+/** Initialize SP database global control structure */
+void init_sp_db(void);
+
+/**
+ * Create an SP DB entry
+ *
+ * String is of the format "SrcSubNet:DstSubNet:(in|out):(ah|esp|both)"
+ *
+ * @param input  Pointer to string describing SP
+ *
+ * @return 0 if successful else -1
+ */
+int create_sp_db_entry(char *input);
+
+/**
+ * Display one SP DB entry
+ *
+ * @param entry  Pointer to entry to display
+ */
+void dump_sp_db_entry(sp_db_entry_t *entry);
+
+/**
+ * Display the SP DB
+ */
+void dump_sp_db(void);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+

[10/13] IPsec example SP DB

Commit Message

Patch