blob: f004028a748cb9bcc269edb7b7098947e2e96db8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
/* Copyright (c) 2017-2018, Linaro Limited
* All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef ODP_IPSEC_SA_DB_H_
#define ODP_IPSEC_SA_DB_H_
#ifdef __cplusplus
extern "C" {
#endif
#include <odp_ipsec_offload_misc.h>
/**
* Security Association (SA) data base entry
*/
typedef struct sa_db_entry_s {
struct sa_db_entry_s *next; /**< Next entry on list */
uint32_t src_ip; /**< Source IPv4 address */
uint32_t dst_ip; /**< Desitnation IPv4 address */
uint32_t spi; /**< Security Parameter Index */
ipsec_alg_t alg; /**< Cipher/auth algorithm */
ipsec_key_t key; /**< Cipher/auth key */
odp_ipsec_mode_t mode; /**< SA mode - transport/tun */
} sa_db_entry_t;
/**
* Security Association (SA) data base global structure
*/
typedef struct sa_db_s {
uint32_t index; /**< Index of next available entry */
sa_db_entry_t *list; /**< List of active entries */
sa_db_entry_t array[MAX_DB]; /**< Entry storage */
} sa_db_t;
/** Initialize SA database global control structure */
void init_sa_db(void);
/**
* Create an SA DB entry
*
* String is of the format "SrcIP:DstIP:Alg:SPI:Key"
*
* @param input Pointer to string describing SA
* @param cipher TRUE if cipher else FALSE for auth
* @param entries number of entries
*
* @return 0 if successful else -1
*/
int create_sa_db_entry(char *input, odp_bool_t cipher, int entries);
/**
* Display the SA DB
*/
void dump_sa_db(void);
/**
* Find a matching SA DB entry
*
* @param src Pointer to source subnet/range
* @param dst Pointer to destination subnet/range
* @param cipher TRUE if cipher else FALSE for auth
*
* @return pointer to SA DB entry else NULL
*/
sa_db_entry_t *find_sa_db_entry(ip_addr_range_t *src,
ip_addr_range_t *dst,
odp_bool_t cipher);
/**
* Tunnel entry
*/
typedef struct tun_db_entry_s {
struct tun_db_entry_s *next;
uint32_t src_ip; /**< Inner Source IPv4 address */
uint32_t dst_ip; /**< Inner Destination IPv4 address */
uint32_t tun_src_ip; /**< Tunnel Source IPv4 address */
uint32_t tun_dst_ip; /**< Tunnel Source IPv4 address */
} tun_db_entry_t;
/**
* Tunnel database
*/
typedef struct tun_db_s {
uint32_t index; /**< Index of next available entry */
tun_db_entry_t *list; /**< List of active entries */
tun_db_entry_t array[MAX_DB]; /**< Entry storage */
} tun_db_t;
/** Initialize tun database global control structure */
void init_tun_db(void);
/**
* Create an tunnel DB entry
*
* String is of the format "SrcIP:DstIP:TunSrcIp:TunDstIp"
*
* @param input Pointer to string describing tun
* @param entries number of entries
*
* @return 0 if successful else -1
*/
int create_tun_db_entry(char *input, int entries);
/**
* Display the tun DB
*/
void dump_tun_db(void);
/**
* Find a matching tun DB entry
*
* @param ip_src Inner source IP address
* @param ip_dst Inner destination IP address
*
* @return pointer to tun DB entry else NULL
*/
tun_db_entry_t *find_tun_db_entry(uint32_t ip_src,
uint32_t ip_dst);
#ifdef __cplusplus
}
#endif
#endif
|