From patchwork Thu Aug 21 12:30:35 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Robbie King X-Patchwork-Id: 35757 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-yk0-f199.google.com (mail-yk0-f199.google.com [209.85.160.199]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id A1CDE2055D for ; Thu, 21 Aug 2014 12:31:24 +0000 (UTC) Received: by mail-yk0-f199.google.com with SMTP id 79sf29786663ykr.10 for ; Thu, 21 Aug 2014 05:31:24 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:date:message-id:in-reply-to :references:subject:precedence:list-id:list-unsubscribe:list-archive :list-post:list-help:list-subscribe:mime-version:errors-to:sender :x-original-sender:x-original-authentication-results:mailing-list :content-type:content-transfer-encoding; bh=VrsUG96ozIZg8FyxN/JJYJc0WYpDsW7PMwA2XwJteR8=; b=VPUzO713noa4ud1wcqCOMYlFs0aACmyg8B4E0JfwF8g0KTqeASllDQqlC/HX6HgOfy uTFb7glCCGRqaL4JLDQR5XnnpWgbUrz+8qefXzRS+h2tkauULxiQUC2+FJLvoVbLFKW8 bswhsn6DXABP2jLB48oz+SlamFbtgjnyPhJPtDd2i+KfHwOUTiVd3TW0p80NoBjusKr8 w0OnSIU2ShvSlw1vFhjWN8kH57YuSugCPEpBmSMDmj01fpJtiWi62XPjof9HDbKeygxb yKKbtIQqgsBiIh26TikzOawpCNKcT5+BKubDnoSn6Q+2DcKPfwIy0Vy3OZLaZnhGLAb0 LE9w== X-Gm-Message-State: ALoCoQlPkJZ9ZPAAqlaJMFWpQV2G4plJSvTYq1RFeHNOPtkyGAwq5R15t7zKMap7zKPPYrvIFrU7 X-Received: by 10.236.7.14 with SMTP id 14mr15422803yho.34.1408624284498; Thu, 21 Aug 2014 05:31:24 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.140.98.99 with SMTP id n90ls715087qge.66.gmail; Thu, 21 Aug 2014 05:31:24 -0700 (PDT) X-Received: by 10.52.61.136 with SMTP id p8mr788319vdr.15.1408624284404; Thu, 21 Aug 2014 05:31:24 -0700 (PDT) Received: from mail-vc0-x236.google.com (mail-vc0-x236.google.com [2607:f8b0:400c:c03::236]) by mx.google.com with ESMTPS id u7si12254410vdc.40.2014.08.21.05.31.24 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 21 Aug 2014 05:31:24 -0700 (PDT) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 2607:f8b0:400c:c03::236 as permitted sender) client-ip=2607:f8b0:400c:c03::236; Received: by mail-vc0-f182.google.com with SMTP id hy4so10488857vcb.41 for ; Thu, 21 Aug 2014 05:31:24 -0700 (PDT) X-Received: by 10.220.81.132 with SMTP id x4mr13716714vck.0.1408624284301; Thu, 21 Aug 2014 05:31:24 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.221.45.67 with SMTP id uj3csp131506vcb; Thu, 21 Aug 2014 05:31:23 -0700 (PDT) X-Received: by 10.224.62.8 with SMTP id v8mr85900412qah.9.1408624283772; Thu, 21 Aug 2014 05:31:23 -0700 (PDT) Received: from ip-10-141-164-156.ec2.internal (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTPS id d35si24583215qga.86.2014.08.21.05.31.22 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Thu, 21 Aug 2014 05:31:23 -0700 (PDT) Received-SPF: none (google.com: lng-odp-bounces@lists.linaro.org does not designate permitted sender hosts) client-ip=54.225.227.206; Received: from localhost ([127.0.0.1] helo=ip-10-141-164-156.ec2.internal) by ip-10-141-164-156.ec2.internal with esmtp (Exim 4.76) (envelope-from ) id 1XKRWU-0004bm-AD; Thu, 21 Aug 2014 12:31:22 +0000 Received: from rcdn-iport-8.cisco.com ([173.37.86.79]) by ip-10-141-164-156.ec2.internal with esmtp (Exim 4.76) (envelope-from ) id 1XKRVu-0004YY-KT for lng-odp@lists.linaro.org; Thu, 21 Aug 2014 12:30:46 +0000 X-IronPort-AV: E=Sophos;i="5.01,909,1400025600"; d="scan'208";a="349232795" Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by rcdn-iport-8.cisco.com with ESMTP; 21 Aug 2014 12:30:42 +0000 Received: from cpp-rtpbld-55.cisco.com (cpp-rtpbld-55.cisco.com [172.18.5.199]) by rcdn-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id s7LCUffO014371 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 21 Aug 2014 12:30:41 GMT Received: from cpp-rtpbld-55.cisco.com (localhost.localdomain [127.0.0.1]) by cpp-rtpbld-55.cisco.com (8.13.8/8.13.8) with ESMTP id s7LCUfPF012528; Thu, 21 Aug 2014 08:30:41 -0400 Received: (from robking@localhost) by cpp-rtpbld-55.cisco.com (8.13.8/8.13.8/Submit) id s7LCUfaf012527; Thu, 21 Aug 2014 08:30:41 -0400 From: Robbie King To: lng-odp@lists.linaro.org Date: Thu, 21 Aug 2014 08:30:35 -0400 Message-Id: <1408624238-12430-11-git-send-email-robking@cisco.com> X-Mailer: git-send-email 1.9.2 In-Reply-To: <1408624238-12430-1-git-send-email-robking@cisco.com> References: <1408624238-12430-1-git-send-email-robking@cisco.com> X-Topics: patch Subject: [lng-odp] [PATCH 10/13] IPsec example SP DB X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: , List-Help: , List-Subscribe: , MIME-Version: 1.0 Errors-To: lng-odp-bounces@lists.linaro.org Sender: lng-odp-bounces@lists.linaro.org X-Original-Sender: robking@cisco.com X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 2607:f8b0:400c:c03::236 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org; dkim=fail header.i=@cisco.com Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 Signed-off-by: Robbie King --- example/ipsec/odp_ipsec_sp_db.c | 124 +++++++++++++++++++++++++++++++++++++++ example/ipsec/odp_ipsec_sp_db.h | 71 ++++++++++++++++++++++ 2 files changed, 195 insertions(+), 0 deletions(-) create mode 100644 example/ipsec/odp_ipsec_sp_db.c create mode 100644 example/ipsec/odp_ipsec_sp_db.h diff --git a/example/ipsec/odp_ipsec_sp_db.c b/example/ipsec/odp_ipsec_sp_db.c new file mode 100644 index 0000000..a3de183 --- /dev/null +++ b/example/ipsec/odp_ipsec_sp_db.c @@ -0,0 +1,124 @@ +/* Copyright (c) 2014, Linaro Limited + * All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include +#include + +#include +#include +#include + +#include + +/** Global pointer to sp db */ +sp_db_t *sp_db; + +void init_sp_db(void) +{ + sp_db = odp_shm_reserve("shm_sp_db", + sizeof(sp_db_t), + ODP_CACHE_LINE_SIZE); + if (sp_db == NULL) { + ODP_ERR("Error: shared mem alloc failed.\n"); + exit(EXIT_FAILURE); + } + memset(sp_db, 0, sizeof(*sp_db)); +} + +int create_sp_db_entry(char *input) +{ + int pos; + char *local, *str, *save; + sp_db_entry_t *entry = &sp_db->array[sp_db->index]; + + /* Verify we have a good entry */ + if (MAX_DB <= sp_db->index) + return -1; + + /* Make a local copy */ + local = malloc(strlen(input) + 1); + if (local == NULL) + return -1; + strcpy(local, input); + + /* count the number of tokens separated by ',' */ + for (str = local, save = NULL, pos = 0;; str = NULL, pos++) { + char *token = strtok_r(str, ":", &save); + + /* Check for no more tokens */ + if (token == NULL) + break; + + /* Parse based on postion */ + switch (pos) { + case 0: + parse_ipv4_string(token, + &entry->src_subnet.addr, + &entry->src_subnet.mask); + break; + case 1: + parse_ipv4_string(token, + &entry->dst_subnet.addr, + &entry->dst_subnet.mask); + break; + case 2: + if (0 == strcmp(token, "in")) + entry->input = TRUE; + else + entry->input = FALSE; + break; + case 3: + if (0 == strcmp(token, "esp")) { + entry->esp = TRUE; + } else if (0 == strcmp(token, "ah")) { + entry->ah = TRUE; + } else if (0 == strcmp(token, "both")) { + entry->esp = TRUE; + entry->ah = TRUE; + } + break; + default: + return -1; + } + } + + /* Verify all positions filled */ + if (4 != pos) + return -1; + + /* Add route to the list */ + sp_db->index++; + entry->next = sp_db->list; + sp_db->list = entry; + + return 0; +} + +void dump_sp_db_entry(sp_db_entry_t *entry) +{ + char src_subnet_str[32]; + char dst_subnet_str[32]; + + printf(" %s %s %s %s:%s\n", + ipv4_subnet_str(src_subnet_str, &entry->src_subnet), + ipv4_subnet_str(dst_subnet_str, &entry->dst_subnet), + entry->input ? "in" : "out", + entry->esp ? "esp" : "none", + entry->ah ? "ah" : "none"); +} + +void dump_sp_db(void) +{ + sp_db_entry_t *entry; + + printf("\n" + "Security policy table\n" + "---------------------\n"); + + for (entry = sp_db->list; NULL != entry; entry = entry->next) + dump_sp_db_entry(entry); +} + diff --git a/example/ipsec/odp_ipsec_sp_db.h b/example/ipsec/odp_ipsec_sp_db.h new file mode 100644 index 0000000..a8a3199 --- /dev/null +++ b/example/ipsec/odp_ipsec_sp_db.h @@ -0,0 +1,71 @@ +/* Copyright (c) 2014, Linaro Limited + * All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef ODP_IPSEC_SP_DB_H_ +#define ODP_IPSEC_SP_DB_H_ + +#ifdef __cplusplus +extern "C" { +#endif + +#include + +/** + * Security Policy (SP) data base entry + */ +typedef struct sp_db_entry_s { + struct sp_db_entry_s *next; /**< Next entry on list */ + ip_addr_range_t src_subnet; /**< Source IPv4 subnet/range */ + ip_addr_range_t dst_subnet; /**< Destination IPv4 subnet/range */ + bool input; /**< Direction when applied */ + bool esp; /**< Enable cipher (ESP) */ + bool ah; /**< Enable authentication (AH) */ +} sp_db_entry_t; + +/** + * Security Policy (SP) data base global structure + */ +typedef struct sp_db_s { + uint32_t index; /**< Index of next available entry */ + sp_db_entry_t *list; /**< List of active entries */ + sp_db_entry_t array[MAX_DB]; /**< Entry storage */ +} sp_db_t; + +/** Global pointer to sp db */ +extern sp_db_t *sp_db; + +/** Initialize SP database global control structure */ +void init_sp_db(void); + +/** + * Create an SP DB entry + * + * String is of the format "SrcSubNet:DstSubNet:(in|out):(ah|esp|both)" + * + * @param input Pointer to string describing SP + * + * @return 0 if successful else -1 + */ +int create_sp_db_entry(char *input); + +/** + * Display one SP DB entry + * + * @param entry Pointer to entry to display + */ +void dump_sp_db_entry(sp_db_entry_t *entry); + +/** + * Display the SP DB + */ +void dump_sp_db(void); + +#ifdef __cplusplus +} +#endif + +#endif +