27#include <odp/helper/odph_api.h>
30#include <sys/socket.h>
34#include <sys/socket.h>
35#include <netpacket/packet.h>
36#include <net/ethernet.h>
39#include <odp_ipsec_misc.h>
40#include <odp_ipsec_sa_db.h>
41#include <odp_ipsec_sp_db.h>
42#include <odp_ipsec_fwd_db.h>
43#include <odp_ipsec_cache.h>
46#include <odp_ipsec_stream.h>
48static void init_stream_db(
void) {}
49static void deinit_stream_db(
void) {}
50static void resolve_stream_db(
void) {}
51static int create_stream_db_inputs(
void)
56static odp_bool_t verify_stream_db_outputs(
void)
61static int create_stream_db_entry(
char *input
ODP_UNUSED)
68#define MAX_WORKERS (ODP_THREAD_COUNT_MAX - 1)
70#define MAX_POLL_QUEUES 256
76 unsigned int cpu_count;
79 crypto_api_mode_e mode;
100 int num_polled_queues;
107static void parse_args(
int argc,
char *argv[], appl_args_t *appl_args);
108static void print_info(
char *progname, appl_args_t *appl_args);
109static void usage(
char *progname);
114#define SHM_PKT_POOL_BUF_COUNT 1024
115#define SHM_PKT_POOL_BUF_SIZE 4096
116#define SHM_PKT_POOL_SIZE (SHM_PKT_POOL_BUF_COUNT * SHM_PKT_POOL_BUF_SIZE)
122 PKT_STATE_INPUT_VERIFY,
123 PKT_STATE_IPSEC_IN_CLASSIFY,
124 PKT_STATE_IPSEC_IN_FINISH,
125 PKT_STATE_ROUTE_LOOKUP,
126 PKT_STATE_IPSEC_OUT_CLASSIFY,
127 PKT_STATE_IPSEC_OUT_SEQ,
128 PKT_STATE_IPSEC_OUT_FINISH,
147 uint16_t ip_frag_offset;
151 uint16_t tun_hdr_offset;
164 uint16_t *tun_hdr_id;
177#define SHM_CTX_POOL_BUF_SIZE (sizeof(pkt_ctx_t))
178#define SHM_CTX_POOL_BUF_COUNT (SHM_PKT_POOL_BUF_COUNT)
179#define SHM_CTX_POOL_SIZE (SHM_CTX_POOL_BUF_COUNT * SHM_CTX_POOL_BUF_SIZE)
181static global_data_t *global;
221 memset(ctx, 0,
sizeof(*ctx));
222 ctx->buffer = ctx_buf;
234void free_pkt_ctx(pkt_ctx_t *ctx)
246static queue_create_func_t queue_create;
247static schedule_func_t schedule_fn;
253odp_queue_t polled_odp_queue_create(
const char *name,
267 printf(
"%s: change %s to PLAIN\n", __func__, name);
274 global->poll_queues[global->num_polled_queues++] = my_queue;
275 printf(
"%s: adding %"PRIu64
"\n", __func__,
296 while (idx < global->num_polled_queues) {
316void ipsec_init_pre(
void)
332 global->completionq = queue_create(
"completion", &qparam);
334 ODPH_ERR(
"Error: completion queue creation failed\n");
343 global->seqnumq = queue_create(
"seqnum", &qparam);
345 ODPH_ERR(
"Error: sequence number queue creation failed\n");
364void ipsec_init_post(crypto_api_mode_e api_mode)
366 sp_db_entry_t *entry;
369 for (entry = sp_db->list; NULL != entry; entry = entry->next) {
370 sa_db_entry_t *cipher_sa = NULL;
371 sa_db_entry_t *auth_sa = NULL;
372 tun_db_entry_t *tun = NULL;
375 cipher_sa = find_sa_db_entry(&entry->src_subnet,
378 tun = find_tun_db_entry(cipher_sa->src_ip,
382 auth_sa = find_sa_db_entry(&entry->src_subnet,
385 tun = find_tun_db_entry(auth_sa->src_ip,
389 if (cipher_sa || auth_sa) {
390 if (create_ipsec_cache_entry(cipher_sa,
395 global->completionq)) {
396 ODPH_ERR(
"Error: IPSec cache entry failed.\n"
401 printf(
" WARNING: SA not found for SP\n");
402 dump_sp_db_entry(entry);
409int check_stream_db_out(
const char *intf)
411 stream_db_entry_t *stream = NULL;
414 for (stream = stream_db->list; NULL != stream; stream = stream->next) {
415 if (!strcmp(stream->output.intf, intf))
423int check_stream_db_out(
const char *intf
ODP_UNUSED)
438void initialize_intf(
char *intf)
444 uint8_t src_mac[ODPH_ETHADDR_LEN];
445 char src_mac_str[MAX_STRING];
451 if (getenv(
"ODP_IPSEC_USE_POLL_QUEUES") ||
452 check_stream_db_out(intf))
462 ODPH_ERR(
"Error: pktio create failed for %s\n", intf);
470 ODPH_ERR(
"Error: pktin config failed for %s\n", intf);
475 ODPH_ERR(
"Error: pktout config failed for %s\n", intf);
480 ODPH_ERR(
"Error: failed to get input queue for %s\n", intf);
485 ODPH_ERR(
"Error: failed to get pktout queue for %s\n", intf);
491 ODPH_ERR(
"Error: unable to start %s\n", intf);
498 ODPH_ERR(
"Error: failed during MAC address get for %s\n", intf);
502 printf(
"Created pktio:%02" PRIu64
", queue mode (ATOMIC queues)\n"
503 " default pktio%02" PRIu64
"-INPUT queue:%" PRIu64
"\n"
504 " source mac address %s\n",
507 mac_addr_str(src_mac_str, src_mac));
510 resolve_fwd_db(intf, pktio, pktout, src_mac);
546pkt_disposition_e do_route_fwd_db(
odp_packet_t pkt, pkt_ctx_t *ctx)
549 fwd_db_entry_t *entry;
557 memcpy(ð->dst, entry->dst_mac, ODPH_ETHADDR_LEN);
558 memcpy(ð->src, entry->src_mac, ODPH_ETHADDR_LEN);
559 ctx->pktout = entry->pktout;
581pkt_disposition_e do_ipsec_in_classify(
odp_packet_t *pkt,
588 odph_ahhdr_t *ah = NULL;
589 odph_esphdr_t *esp = NULL;
590 ipsec_cache_entry_t *entry;
598 hdr_len = locate_ipsec_headers(ip, &ah, &esp);
609 hdr_len += entry->esp.iv_len;
612 memset(¶ms, 0,
sizeof(params));
613 params.
session = entry->state.session;
616 ctx->ipsec.ip_tos = ip->tos;
618 ctx->ipsec.ip_ttl = ip->ttl;
619 ctx->ipsec.ah_offset = ah ? ((uint8_t *)ah) - buf : 0;
620 ctx->ipsec.esp_offset = esp ? ((uint8_t *)esp) - buf : 0;
621 ctx->ipsec.hdr_len = hdr_len;
622 ctx->ipsec.trl_len = 0;
623 ctx->ipsec.src_ip = entry->src_ip;
624 ctx->ipsec.dst_ip = entry->dst_ip;
645 if (entry->sa_flags & BIT_MODE_CIPHER) {
649 if (entry->sa_flags & BIT_MODE_AUTH) {
656 ctx->state = PKT_STATE_IPSEC_IN_FINISH;
659 ODPH_ERR(
"Error: odp_crypto_op_enq() failed\n");
666 ODPH_ERR(
"Error: odp_crypto_op() failed\n");
687 int hdr_len = ctx->ipsec.hdr_len;
698 if (ctx->ipsec.ah_offset) {
702 ah = (odph_ahhdr_t *)(ctx->ipsec.ah_offset + buf);
703 ip->proto = ah->next_header;
711 if (ctx->ipsec.esp_offset) {
713 odph_esptrl_t *esp_t = (odph_esptrl_t *)(eop) - 1;
715 ip->proto = esp_t->next_header;
716 trl_len += esp_t->pad_len +
sizeof(*esp_t);
720 if (ip->proto == ODPH_IPV4) {
726 eth->type = ODPH_ETHTYPE_IPV4;
730 if ((ip->src_addr != ctx->ipsec.src_ip ||
731 ip->dst_addr != ctx->ipsec.dst_ip))
738 ipv4_adjust_len(ip, -(hdr_len + trl_len));
739 ip->ttl = ctx->ipsec.ip_ttl;
740 ip->tos = ctx->ipsec.ip_tos;
743 odph_ipv4_csum_update(pkt);
746 memmove(ipv4_data_p(ip),
747 ipv4_data_p(ip) + hdr_len,
755static int generate_iv(uint8_t *buf, uint32_t size)
785pkt_disposition_e do_ipsec_out_classify(
odp_packet_t pkt,
791 uint16_t ip_data_len = ipv4_data_len(ip);
792 uint8_t *ip_data = ipv4_data_p(ip);
793 ipsec_cache_entry_t *entry;
797 odph_ahhdr_t *ah = NULL;
798 odph_esphdr_t *esp = NULL;
811 ctx->ipsec.ip_tos = ip->tos;
813 ctx->ipsec.ip_ttl = ip->ttl;
816 memset(¶ms, 0,
sizeof(params));
817 params.
session = entry->state.session;
819 if (entry->mode == IPSEC_SA_MODE_TUNNEL) {
820 hdr_len +=
sizeof(odph_ipv4hdr_t);
821 ip_data = (uint8_t *)ip;
822 ip_data_len +=
sizeof(odph_ipv4hdr_t);
826 ah = (odph_ahhdr_t *)(ip_data + hdr_len);
827 hdr_len +=
sizeof(odph_ahhdr_t);
828 hdr_len += entry->ah.icv_len;
830 if (entry->esp.alg) {
831 esp = (odph_esphdr_t *)(ip_data + hdr_len);
832 hdr_len +=
sizeof(odph_esphdr_t);
833 hdr_len += entry->esp.iv_len;
835 memmove(ip_data + hdr_len, ip_data, ip_data_len);
839 if (entry->mode == IPSEC_SA_MODE_TUNNEL) {
847 uint32_t encrypt_len;
848 odph_esptrl_t *esp_t;
850 encrypt_len = ESP_ENCODE_LEN(ip_data_len +
852 entry->esp.block_len);
853 trl_len = encrypt_len - ip_data_len;
856 if (generate_iv(esp->iv, entry->esp.iv_len))
860 esp_t = (odph_esptrl_t *)(ip_data + encrypt_len) - 1;
861 esp_t->pad_len = trl_len -
sizeof(*esp_t);
862 if (entry->mode == IPSEC_SA_MODE_TUNNEL)
863 esp_t->next_header = ODPH_IPV4;
865 esp_t->next_header = ip->proto;
866 ip->proto = ODPH_IPPROTO_ESP;
874 memset(ah, 0,
sizeof(*ah) + entry->ah.icv_len);
876 ah->ah_len = 1 + (entry->ah.icv_len / 4);
877 if (entry->mode == IPSEC_SA_MODE_TUNNEL && !esp)
878 ah->next_header = ODPH_IPV4;
880 ah->next_header = ip->proto;
881 ip->proto = ODPH_IPPROTO_AH;
895 ipv4_adjust_len(ip, hdr_len + trl_len);
900 ctx->ipsec.hdr_len = hdr_len;
901 ctx->ipsec.trl_len = trl_len;
902 ctx->ipsec.ah_offset = ah ? ((uint8_t *)ah) - buf : 0;
903 ctx->ipsec.esp_offset = esp ? ((uint8_t *)esp) - buf : 0;
904 ctx->ipsec.tun_hdr_offset = (entry->mode == IPSEC_SA_MODE_TUNNEL) ?
905 ((uint8_t *)ip - buf) : 0;
906 ctx->ipsec.ah_seq = &entry->state.ah_seq;
907 ctx->ipsec.esp_seq = &entry->state.esp_seq;
908 ctx->ipsec.tun_hdr_id = &entry->state.tun_hdr_id;
909 memcpy(&ctx->ipsec.params, ¶ms,
sizeof(params));
933 ipsec_cache_entry_t *entry;
942 if (ctx->ipsec.ah_offset) {
945 ah = (odph_ahhdr_t *)(ctx->ipsec.ah_offset + buf);
948 if (ctx->ipsec.esp_offset) {
951 esp = (odph_esphdr_t *)(ctx->ipsec.esp_offset + buf);
954 if (ctx->ipsec.tun_hdr_offset) {
955 odph_ipv4hdr_t *ip_tun;
957 ip_tun = (odph_ipv4hdr_t *)(ctx->ipsec.tun_hdr_offset + buf);
964 &ctx->ipsec.params, 1) != 1) {
965 ODPH_ERR(
"Error: odp_crypto_op_enq() failed\n");
971 if (
odp_crypto_op(pkt, &out_pkt, &ctx->ipsec.params, 1) != 1) {
972 ODPH_ERR(
"Error: odp_crypto_op() failed\n");
1000 ip->ttl = ctx->ipsec.ip_ttl;
1001 ip->tos = ctx->ipsec.ip_tos;
1004 odph_ipv4_csum_update(pkt);
1007 return PKT_CONTINUE;
1031 unsigned long pkt_cnt = 0;
1035 printf(
"Pktio thread [%02i] starts\n", thr);
1041 pkt_disposition_e rc;
1047 ev = schedule_fn(&dispatchq);
1055 if (global->seqnumq == dispatchq ||
1056 global->completionq == dispatchq) {
1057 ctx = get_pkt_ctx_from_pkt(pkt);
1059 ctx = alloc_pkt_ctx(pkt);
1064 ctx->state = PKT_STATE_INPUT_VERIFY;
1067 ODPH_ERR(
"Error: Bad event type\n");
1086 switch (ctx->state) {
1087 case PKT_STATE_INPUT_VERIFY:
1089 rc = do_input_verify(pkt, ctx);
1090 ctx->state = PKT_STATE_IPSEC_IN_CLASSIFY;
1093 case PKT_STATE_IPSEC_IN_CLASSIFY:
1095 ctx->state = PKT_STATE_ROUTE_LOOKUP;
1096 rc = do_ipsec_in_classify(&pkt,
1101 case PKT_STATE_IPSEC_IN_FINISH:
1103 rc = do_ipsec_in_finish(pkt, ctx);
1104 ctx->state = PKT_STATE_ROUTE_LOOKUP;
1107 case PKT_STATE_ROUTE_LOOKUP:
1109 rc = do_route_fwd_db(pkt, ctx);
1110 ctx->state = PKT_STATE_IPSEC_OUT_CLASSIFY;
1113 case PKT_STATE_IPSEC_OUT_CLASSIFY:
1115 rc = do_ipsec_out_classify(pkt,
1119 ctx->state = PKT_STATE_TRANSMIT;
1121 ctx->state = PKT_STATE_IPSEC_OUT_SEQ;
1127 case PKT_STATE_IPSEC_OUT_SEQ:
1129 ctx->state = PKT_STATE_IPSEC_OUT_FINISH;
1130 rc = do_ipsec_out_seq(&pkt, ctx);
1133 case PKT_STATE_IPSEC_OUT_FINISH:
1135 rc = do_ipsec_out_finish(pkt, ctx);
1136 ctx->state = PKT_STATE_TRANSMIT;
1139 case PKT_STATE_TRANSMIT:
1152 }
while (PKT_CONTINUE == rc);
1155 if ((PKT_DROP == rc) || (PKT_DONE == rc))
1164 if (PKT_DONE == rc) {
1166 printf(
" [%02i] pkt_cnt:%lu\n", thr, pkt_cnt);
1179main(
int argc,
char *argv[])
1181 odph_helper_options_t helper_options;
1182 odph_thread_t thread_tbl[MAX_WORKERS];
1183 odph_thread_common_param_t thr_common;
1184 odph_thread_param_t thr_param;
1198 schedule_fn = odp_schedule_cb;
1201 if (getenv(
"ODP_IPSEC_USE_POLL_QUEUES")) {
1202 queue_create = polled_odp_queue_create;
1203 schedule_fn = polled_odp_schedule_cb;
1207 argc = odph_parse_options(argc, argv);
1208 if (odph_options(&helper_options)) {
1209 ODPH_ERR(
"Error: reading ODP helper options failed.\n");
1215 signal(SIGINT, sig_handler);
1218 init_param.
mem_model = helper_options.mem_model;
1222 ODPH_ERR(
"Error: ODP global init failed.\n");
1228 ODPH_ERR(
"Error: ODP local init failed.\n");
1233 ODPH_ERR(
"Error: Crypto capability request failed.\n");
1237 if ((NULL == getenv(
"ODP_IPSEC_USE_POLL_QUEUES")) &&
1239 ODPH_ERR(
"Error: scheduled type compl queue not supported.\n");
1241 }
else if ((NULL != getenv(
"ODP_IPSEC_USE_POLL_QUEUES")) &&
1243 ODPH_ERR(
"Error: Plain type compl queue not supported.\n");
1249 ODP_CACHE_LINE_SIZE, 0);
1252 ODPH_ERR(
"Error: shared mem reserve failed.\n");
1258 if (NULL == global) {
1259 ODPH_ERR(
"Error: shared mem alloc failed.\n");
1262 memset(global, 0,
sizeof(global_data_t));
1265 global->crypto_capa = crypto_capa;
1276 parse_args(argc, argv, &global->appl);
1279 print_info(NO_PATH(argv[0]), &global->appl);
1281 num_workers = MAX_WORKERS;
1282 if (global->appl.cpu_count && global->appl.cpu_count < MAX_WORKERS)
1283 num_workers = global->appl.cpu_count;
1289 printf(
"num worker threads: %i\n", num_workers);
1291 printf(
"cpu mask: %s\n", cpumaskstr);
1299 params.
pkt.
len = SHM_PKT_POOL_BUF_SIZE;
1300 params.
pkt.
num = SHM_PKT_POOL_BUF_COUNT;
1306 ODPH_ERR(
"Error: packet pool create failed.\n");
1311 params.
buf.
size = SHM_CTX_POOL_BUF_SIZE;
1313 params.
buf.
num = SHM_CTX_POOL_BUF_COUNT;
1319 ODPH_ERR(
"Error: context pool create failed.\n");
1324 printf(
"Using %s mode for crypto API\n\n",
1325 (CRYPTO_API_SYNC == global->appl.mode) ?
"SYNC" :
"ASYNC");
1326 ipsec_init_post(global->appl.mode);
1329 for (i = 0; i < global->appl.if_count; i++)
1330 initialize_intf(global->appl.if_names[i]);
1333 resolve_stream_db();
1334 stream_count = create_stream_db_inputs();
1335 if (stream_count < 0) {
1336 ODPH_ERR(
"Error: creating input packets failed\n");
1343 odph_thread_common_param_init(&thr_common);
1344 thr_common.instance = instance;
1345 thr_common.cpumask = &cpumask;
1346 thr_common.share_param = 1;
1348 odph_thread_param_init(&thr_param);
1349 thr_param.start = pktio_thread;
1350 thr_param.arg = NULL;
1353 memset(thread_tbl, 0,
sizeof(thread_tbl));
1354 odph_thread_create(thread_tbl, &thr_common, &thr_param, num_workers);
1362 done = verify_stream_db_outputs();
1365 printf(
"All received\n");
1368 odph_thread_join(thread_tbl, num_workers);
1371 for (i = 0; i < global->appl.if_count; i++) {
1378 ODPH_ERR(
"Error: failed to close pktio %s\n",
1379 global->appl.if_names[i]);
1384 free(global->appl.if_names);
1385 free(global->appl.if_str);
1387 if (destroy_ipsec_cache())
1388 ODPH_ERR(
"Error: crypto session destroy failed\n");
1391 ODPH_ERR(
"Error: queue destroy failed\n");
1393 ODPH_ERR(
"Error: queue destroy failed\n");
1396 ODPH_ERR(
"Error: pool destroy failed\n");
1398 ODPH_ERR(
"Error: pool destroy failed\n");
1402 ODPH_ERR(
"Error: shm free shm_ipsec_cache failed\n");
1405 ODPH_ERR(
"Error: shm free shm_fwd_db failed\n");
1408 ODPH_ERR(
"Error: shm free shm_sa_db failed\n");
1411 ODPH_ERR(
"Error: shm free shm_tun_db failed\n");
1414 ODPH_ERR(
"Error: shm free shm_sp_db failed\n");
1419 ODPH_ERR(
"Error: shm free global data failed\n");
1424 ODPH_ERR(
"Error: term local failed\n");
1429 ODPH_ERR(
"Error: term global failed\n");
1445static void parse_args(
int argc,
char *argv[], appl_args_t *appl_args)
1453 static const struct option longopts[] = {
1454 {
"count", required_argument, NULL,
'c'},
1455 {
"interface", required_argument, NULL,
'i'},
1456 {
"mode", required_argument, NULL,
'm'},
1457 {
"route", required_argument, NULL,
'r'},
1458 {
"policy", required_argument, NULL,
'p'},
1459 {
"ah", required_argument, NULL,
'a'},
1460 {
"esp", required_argument, NULL,
'e'},
1461 {
"tunnel", required_argument, NULL,
't'},
1462 {
"stream", required_argument, NULL,
's'},
1463 {
"help", no_argument, NULL,
'h'},
1467 static const char *shortopts =
"+c:i:m:r:p:a:e:t:s:h";
1469 printf(
"\nParsing command line options\n");
1471 appl_args->cpu_count = 1;
1472 appl_args->mode = 0;
1475 opt = getopt_long(argc, argv, shortopts, longopts, NULL);
1482 appl_args->cpu_count = atoi(optarg);
1486 len = strlen(optarg);
1493 appl_args->if_str = malloc(len);
1494 if (appl_args->if_str == NULL) {
1500 strcpy(appl_args->if_str, optarg);
1501 for (token = strtok(appl_args->if_str,
","), i = 0;
1503 token = strtok(NULL,
","), i++)
1506 appl_args->if_count = i;
1508 if (0 == appl_args->if_count) {
1514 appl_args->if_names =
1515 calloc(appl_args->if_count,
sizeof(
char *));
1518 strcpy(appl_args->if_str, optarg);
1519 for (token = strtok(appl_args->if_str,
","), i = 0;
1520 token != NULL; token = strtok(NULL,
","), i++) {
1521 appl_args->if_names[i] = token;
1526 appl_args->mode = atoi(optarg);
1530 rc = create_fwd_db_entry(optarg, appl_args->if_names,
1531 appl_args->if_count);
1535 rc = create_sp_db_entry(optarg, TRUE);
1539 rc = create_sa_db_entry(optarg, FALSE);
1543 rc = create_sa_db_entry(optarg, TRUE);
1547 rc = create_tun_db_entry(optarg);
1551 rc = create_stream_db_entry(optarg);
1565 printf(
"ERROR: failed parsing -%c option\n", opt);
1570 if (0 == appl_args->if_count) {
1581static void print_info(
char *progname, appl_args_t *appl_args)
1587 printf(
"Running ODP appl: \"%s\"\n"
1588 "-----------------\n"
1591 progname, appl_args->if_count);
1592 for (i = 0; i < appl_args->if_count; ++i)
1593 printf(
" %s", appl_args->if_names[i]);
1608static void usage(
char *progname)
1611 "Usage: %s OPTIONS\n"
1612 " E.g. %s -i eth1,eth2,eth3 -m 0\n"
1614 "OpenDataPlane example application.\n"
1616 "Mandatory OPTIONS:\n"
1617 " -i, --interface Eth interfaces (comma-separated, no spaces)\n"
1618 " -m, --mode 0: SYNC\n"
1620 " Default: 0: SYNC api mode\n"
1622 "Routing / IPSec OPTIONS:\n"
1623 " -r, --route SubNet,Intf,NextHopMAC\n"
1624 " -p, --policy SrcSubNet,DstSubNet,(in|out),(ah|esp|both)\n"
1625 " -e, --esp SrcIP,DstIP,(3des|null),SPI,Key192\n"
1626 " -a, --ah SrcIP,DstIP,(sha256|sha1|md5|null),SPI,Key(256|160|128)\n"
1628 " Where: NextHopMAC is raw hex/colon notation, i.e. 03:BA;44:9A:CE:02\n"
1629 " IP is decimal/dot notation, i.e. 192.168.1.1\n"
1630 " SubNet is decimal/dot/slash notation, i.e 192.168.0.0/16\n"
1631 " SPI is raw hex, 32 bits\n"
1632 " KeyXXX is raw hex, XXX bits long\n"
1635 " -r 192.168.222.0/24,p8p1,08:00:27:F5:8B:DB\n"
1636 " -p 192.168.111.0/24,192.168.222.0/24,out,esp\n"
1637 " -e 192.168.111.2,192.168.222.2,3des,201,656c8523255ccc23a66c1917aa0cf30991fce83532a4b224\n"
1638 " -a 192.168.111.2,192.168.222.2,md5,201,a731649644c5dee92cbd9c2e7e188ee6\n"
1640 "Optional OPTIONS\n"
1641 " -c, --count <number> CPU count, 0=all available, default=1\n"
1642 " -s, --stream SrcIP,DstIP,InIntf,OutIntf,Count,Length\n"
1643 " -h, --help Display help and exit.\n"
1644 " environment variables: ODP_IPSEC_USE_POLL_QUEUES\n"
1645 " to enable use of poll queues instead of scheduled (default)\n"
1646 " ODP_IPSEC_STREAM_VERIFY_MDEQ\n"
1647 " to enable use of multiple dequeue for queue draining during\n"
1648 " stream verification instead of single dequeue (default)\n"
1649 "\n", NO_PATH(progname), NO_PATH(progname)
1673 printf(
"ERROR: cipher algorithm not supported\n");
1679 printf(
"ERROR: odp_crypto_cipher_capability() failed\n");
1685 for (
int n = 0; n < num; n++) {
1688 if (capa->
key_len == sa->key.length &&
1689 capa->
iv_len == sa->iv_len) {
1691 *sa_flags |= BIT_MODE_CIPHER;
1695 printf(
"ERROR: cipher key length or IV length not supported\n");
1727 printf(
"ERROR: auth algorithm not supported\n");
1733 printf(
"ERROR: odp_crypto_auth_capability() failed\n");
1739 for (
int n = 0; n < num; n++) {
1743 capa->
key_len == sa->key.length &&
1746 *sa_flags |= BIT_MODE_AUTH;
1750 printf(
"ERROR: auth ICV length or key length not supported\n");
1754odp_bool_t sa_config_supported(
const sa_db_entry_t *sa,
int *sa_flags);
1756odp_bool_t sa_config_supported(
const sa_db_entry_t *sa,
int *sa_flags)
1758 return sa->alg.cipher ? cipher_supported(sa->alg.u.cipher, sa, sa_flags)
1759 : auth_supported(sa->alg.u.auth, sa, sa_flags);
void odp_atomic_init_u32(odp_atomic_u32_t *atom, uint32_t val)
Initialize atomic uint32 variable.
uint32_t odp_atomic_load_u32(odp_atomic_u32_t *atom)
Load value of atomic uint32 variable.
void odp_atomic_store_u32(odp_atomic_u32_t *atom, uint32_t val)
Store value to atomic uint32 variable.
void odp_barrier_init(odp_barrier_t *barr, int count)
Initialize barrier with thread count.
void odp_barrier_wait(odp_barrier_t *barr)
Synchronize thread execution on barrier.
odp_buffer_t odp_buffer_alloc(odp_pool_t pool)
Buffer alloc.
void odp_buffer_free(odp_buffer_t buf)
Buffer free.
void * odp_buffer_addr(odp_buffer_t buf)
Buffer start address.
#define ODP_BUFFER_INVALID
Invalid buffer.
#define odp_unlikely(x)
Branch unlikely taken.
odp_u16be_t odp_cpu_to_be_16(uint16_t cpu16)
Convert cpu native uint16_t to 16bit big endian.
#define ODP_UNUSED
Intentionally unused variables of functions.
uint16_t odp_be_to_cpu_16(odp_u16be_t be16)
Convert 16bit big endian to cpu native uint16_t.
odp_u32be_t odp_cpu_to_be_32(uint32_t cpu32)
Convert cpu native uint32_t to 32bit big endian.
uint32_t odp_be_to_cpu_32(odp_u32be_t be32)
Convert 32bit big endian to cpu native uint32_t.
int odp_cpumask_default_worker(odp_cpumask_t *mask, int num)
Default CPU mask for worker threads.
int odp_cpumask_first(const odp_cpumask_t *mask)
Find first set CPU in mask.
int32_t odp_cpumask_to_str(const odp_cpumask_t *mask, char *str, int32_t size)
Format a string from CPU mask.
#define ODP_CPUMASK_STR_SIZE
The maximum number of characters needed to record any CPU mask as a string (output of odp_cpumask_to_...
int odp_crypto_cipher_capability(odp_cipher_alg_t cipher, odp_crypto_cipher_capability_t capa[], int num)
Query supported cipher algorithm capabilities.
odp_cipher_alg_t
Crypto API cipher algorithm.
int odp_crypto_capability(odp_crypto_capability_t *capa)
Query crypto capabilities.
int odp_crypto_result(odp_crypto_packet_result_t *result, odp_packet_t packet)
Get crypto operation results from a crypto processed packet.
int odp_crypto_op(const odp_packet_t pkt_in[], odp_packet_t pkt_out[], const odp_crypto_packet_op_param_t param[], int num_pkt)
Crypto packet operation.
odp_auth_alg_t
Crypto API authentication algorithm.
int odp_crypto_op_enq(const odp_packet_t pkt_in[], const odp_packet_t pkt_out[], const odp_crypto_packet_op_param_t param[], int num_pkt)
Crypto packet operation.
int odp_crypto_auth_capability(odp_auth_alg_t auth, odp_crypto_auth_capability_t capa[], int num)
Query supported authentication algorithm capabilities.
@ ODP_CIPHER_ALG_3DES_CBC
Triple DES with cipher block chaining.
@ ODP_CIPHER_ALG_NULL
No cipher algorithm specified.
@ ODP_AUTH_ALG_NULL
No authentication algorithm specified.
@ ODP_AUTH_ALG_MD5_HMAC
HMAC-MD5.
@ ODP_AUTH_ALG_SHA1_HMAC
HMAC-SHA-1.
@ ODP_AUTH_ALG_SHA256_HMAC
HMAC-SHA-256.
_odp_abi_event_t * odp_event_t
ODP event.
odp_event_subtype_t
Event subtype.
odp_event_type_t odp_event_types(odp_event_t event, odp_event_subtype_t *subtype)
Event type and subtype of an event.
#define ODP_EVENT_INVALID
Invalid event.
void odp_init_param_init(odp_init_t *param)
Initialize the odp_init_t to default values for all fields.
int odp_init_local(odp_instance_t instance, odp_thread_type_t thr_type)
Thread local ODP initialization.
int odp_init_global(odp_instance_t *instance, const odp_init_t *params, const odp_platform_init_t *platform_params)
Global ODP initialization.
int odp_term_local(void)
Thread local ODP termination.
int odp_term_global(odp_instance_t instance)
Global ODP termination.
uint64_t odp_instance_t
ODP instance ID.
int odp_pktio_mac_addr(odp_pktio_t pktio, void *mac_addr, int size)
Get the default MAC address of a packet IO interface.
void odp_pktin_queue_param_init(odp_pktin_queue_param_t *param)
Initialize packet input queue parameters.
void odp_pktio_param_init(odp_pktio_param_t *param)
Initialize pktio params.
int odp_pktio_close(odp_pktio_t pktio)
Close a packet IO interface.
odp_pktio_t odp_pktio_lookup(const char *name)
Return a packet IO handle for an already open device.
int odp_pktout_queue(odp_pktio_t pktio, odp_pktout_queue_t queues[], int num)
Direct packet output queues.
int odp_pktin_event_queue(odp_pktio_t pktio, odp_queue_t queues[], int num)
Event queues for packet input.
odp_pktio_t odp_pktio_open(const char *name, odp_pool_t pool, const odp_pktio_param_t *param)
Open a packet IO interface.
int odp_pktio_start(odp_pktio_t pktio)
Start packet receive and transmit.
#define ODP_PKTIO_INVALID
Invalid packet IO handle.
int odp_pktio_stop(odp_pktio_t pktio)
Stop packet receive and transmit.
int odp_pktout_send(odp_pktout_queue_t queue, const odp_packet_t packets[], int num)
Send packets directly to an interface output queue.
uint64_t odp_pktio_to_u64(odp_pktio_t pktio)
Get printable value for an odp_pktio_t.
int odp_pktin_queue_config(odp_pktio_t pktio, const odp_pktin_queue_param_t *param)
Configure packet input queues.
int odp_pktout_queue_config(odp_pktio_t pktio, const odp_pktout_queue_param_t *param)
Configure packet output queues.
@ ODP_PKTIN_MODE_QUEUE
Packet input through plain event queues.
@ ODP_PKTIN_MODE_SCHED
Packet input through scheduler and scheduled event queues.
int odp_packet_has_ipv4(odp_packet_t pkt)
Check for IPv4.
void * odp_packet_data(odp_packet_t pkt)
Packet data pointer.
int odp_packet_has_eth(odp_packet_t pkt)
Check for Ethernet header.
int odp_packet_has_error(odp_packet_t pkt)
Check for all parse errors in packet.
void * odp_packet_l3_ptr(odp_packet_t pkt, uint32_t *len)
Layer 3 start pointer.
odp_packet_t odp_packet_from_event(odp_event_t ev)
Get packet handle from event.
void odp_packet_free(odp_packet_t pkt)
Free packet.
void * odp_packet_push_tail(odp_packet_t pkt, uint32_t len)
Push out packet tail.
void * odp_packet_l2_ptr(odp_packet_t pkt, uint32_t *len)
Layer 2 start pointer.
void odp_packet_user_ptr_set(odp_packet_t pkt, const void *user_ptr)
Set user context pointer.
void * odp_packet_user_ptr(odp_packet_t pkt)
User context pointer.
void * odp_packet_pull_tail(odp_packet_t pkt, uint32_t len)
Pull in packet tail.
void * odp_packet_pull_head(odp_packet_t pkt, uint32_t len)
Pull in packet head.
odp_pool_t odp_pool_create(const char *name, const odp_pool_param_t *param)
Create a pool.
void odp_pool_param_init(odp_pool_param_t *param)
Initialize pool params.
int odp_pool_destroy(odp_pool_t pool)
Destroy a pool previously created by odp_pool_create()
#define ODP_POOL_INVALID
Invalid pool.
@ ODP_POOL_BUFFER
Buffer pool.
@ ODP_POOL_PACKET
Packet pool.
_odp_abi_queue_t * odp_queue_t
ODP queue.
void odp_queue_param_init(odp_queue_param_t *param)
Initialize queue params.
#define ODP_QUEUE_INVALID
Invalid queue.
odp_event_t odp_queue_deq(odp_queue_t queue)
Dequeue an event from a queue.
odp_queue_type_t
Queue type.
int odp_queue_enq(odp_queue_t queue, odp_event_t ev)
Enqueue an event to a queue.
odp_queue_t odp_queue_create(const char *name, const odp_queue_param_t *param)
Queue create.
int odp_queue_destroy(odp_queue_t queue)
Destroy ODP queue.
uint64_t odp_queue_to_u64(odp_queue_t hdl)
Get printable value for an odp_queue_t.
@ ODP_QUEUE_TYPE_SCHED
Scheduled queue.
@ ODP_QUEUE_TYPE_PLAIN
Plain queue.
int32_t odp_random_data(uint8_t *buf, uint32_t len, odp_random_kind_t kind)
Generate random byte data.
@ ODP_RANDOM_CRYPTO
Cryptographic quality random.
#define ODP_SCHED_SYNC_ATOMIC
Atomic queue synchronization.
#define ODP_SCHED_NO_WAIT
Do not wait.
int odp_schedule_max_prio(void)
Maximum scheduling priority level.
int odp_schedule_config(const odp_schedule_config_t *config)
Global schedule configuration.
odp_event_t odp_schedule(odp_queue_t *from, uint64_t wait)
Schedule an event.
#define ODP_SCHED_GROUP_ALL
Group of all threads.
odp_shm_t odp_shm_lookup(const char *name)
Lookup for a block of shared memory.
int odp_shm_free(odp_shm_t shm)
Free a contiguous block of shared memory.
void * odp_shm_addr(odp_shm_t shm)
Shared memory block address.
#define ODP_SHM_INVALID
Invalid shared memory block.
odp_shm_t odp_shm_reserve(const char *name, uint64_t size, uint64_t align, uint32_t flags)
Reserve a contiguous block of shared memory.
bool odp_bool_t
Boolean type.
void odp_sys_info_print(void)
Print system info.
int odp_thread_id(void)
Get thread identifier.
@ ODP_THREAD_WORKER
Worker thread.
@ ODP_THREAD_CONTROL
Control thread.
Authentication algorithm capabilities.
odp_bool_t bit_mode
Auth algorithm supports bit mode.
uint32_t digest_len
Digest length in bytes.
uint32_t key_len
Key length in bytes.
uint32_t iv_len
IV length in bytes.
odp_bool_t queue_type_sched
Scheduled crypto completion queue support.
odp_bool_t queue_type_plain
Plain crypto completion queue support.
Cipher algorithm capabilities.
odp_bool_t bit_mode
Cipher supports bit mode.
uint32_t key_len
Key length in bytes.
uint32_t iv_len
IV length in bytes.
Crypto packet API per packet operation parameters.
uint32_t hash_result_offset
Offset from start of packet for hash result.
const uint8_t * cipher_iv_ptr
IV pointer for cipher.
odp_packet_data_range_t cipher_range
Data range to be ciphered.
odp_crypto_session_t session
Session handle from creation.
odp_packet_data_range_t auth_range
Data range to be authenticated.
Global initialization parameters.
odp_mem_model_t mem_model
Application memory model.
uint32_t offset
Offset from beginning of packet.
uint32_t length
Length of data to operate on.
Packet input queue parameters.
odp_queue_param_t queue_param
Queue parameters.
odp_pktin_mode_t in_mode
Packet input mode.
uint32_t num
Number of buffers in the pool.
struct odp_pool_param_t::@139 pkt
Parameters for packet pools.
uint32_t align
Minimum buffer alignment in bytes.
uint32_t size
Minimum buffer size in bytes.
odp_pool_type_t type
Pool type.
uint32_t len
Minimum length of 'num' packets.
struct odp_pool_param_t::@138 buf
Parameters for buffer pools.
uint32_t seg_len
Minimum number of packet data bytes that can be stored in the first segment of a newly allocated pack...
odp_schedule_param_t sched
Scheduler parameters.
odp_queue_type_t type
Queue type.
odp_schedule_group_t group
Thread group.
odp_schedule_prio_t prio
Priority level.
odp_schedule_sync_t sync
Synchronization method.
Authentication algorithms in a bit field structure.
uint32_t null
ODP_AUTH_ALG_NULL.
uint32_t sha1_hmac
ODP_AUTH_ALG_SHA1_HMAC.
uint32_t md5_hmac
ODP_AUTH_ALG_MD5_HMAC.
uint32_t sha256_hmac
ODP_AUTH_ALG_SHA256_HMAC.
struct odp_crypto_auth_algos_t::@25 bit
Authentication algorithms.
Cipher algorithms in a bit field structure.
struct odp_crypto_cipher_algos_t::@24 bit
Cipher algorithms.
uint32_t trides_cbc
ODP_CIPHER_ALG_3DES_CBC.
uint32_t null
ODP_CIPHER_ALG_NULL.