diff options
Diffstat (limited to 'vnet/vnet/ipsec/ipsec_if.c')
-rw-r--r-- | vnet/vnet/ipsec/ipsec_if.c | 188 |
1 files changed, 102 insertions, 86 deletions
diff --git a/vnet/vnet/ipsec/ipsec_if.c b/vnet/vnet/ipsec/ipsec_if.c index 7a85fb16..475b7bda 100644 --- a/vnet/vnet/ipsec/ipsec_if.c +++ b/vnet/vnet/ipsec/ipsec_if.c @@ -23,62 +23,62 @@ void vl_api_rpc_call_main_thread (void *fp, u8 * data, u32 data_length); -static u8 * format_ipsec_name (u8 * s, va_list * args) +static u8 * +format_ipsec_name (u8 * s, va_list * args) { u32 dev_instance = va_arg (*args, u32); return format (s, "ipsec%d", dev_instance); } -static uword dummy_interface_tx (vlib_main_t * vm, - vlib_node_runtime_t * node, - vlib_frame_t * frame) +static uword +dummy_interface_tx (vlib_main_t * vm, + vlib_node_runtime_t * node, vlib_frame_t * frame) { clib_warning ("you shouldn't be here, leaking buffers..."); return frame->n_vectors; } -VNET_DEVICE_CLASS (ipsec_device_class,static) = { - .name = "IPSec", - .format_device_name = format_ipsec_name, - .format_tx_trace = format_ipsec_if_output_trace, - .tx_function = dummy_interface_tx, -}; +VNET_DEVICE_CLASS (ipsec_device_class, static) = +{ +.name = "IPSec",.format_device_name = format_ipsec_name,.format_tx_trace = + format_ipsec_if_output_trace,.tx_function = dummy_interface_tx,}; -VNET_HW_INTERFACE_CLASS (ipsec_hw_class) = { - .name = "IPSec", -}; +VNET_HW_INTERFACE_CLASS (ipsec_hw_class) = +{ +.name = "IPSec",}; static int ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm, - ipsec_add_del_tunnel_args_t * args); + ipsec_add_del_tunnel_args_t * args); static int -ipsec_add_del_tunnel_if_rpc_callback (ipsec_add_del_tunnel_args_t *a) +ipsec_add_del_tunnel_if_rpc_callback (ipsec_add_del_tunnel_args_t * a) { - vnet_main_t * vnm = vnet_get_main(); - ASSERT(os_get_cpu_number() == 0); + vnet_main_t *vnm = vnet_get_main (); + ASSERT (os_get_cpu_number () == 0); - return ipsec_add_del_tunnel_if_internal(vnm, a); + return ipsec_add_del_tunnel_if_internal (vnm, a); } int ipsec_add_del_tunnel_if (ipsec_add_del_tunnel_args_t * args) { vl_api_rpc_call_main_thread (ipsec_add_del_tunnel_if_rpc_callback, - (u8 *) args, sizeof(*args)); + (u8 *) args, sizeof (*args)); return 0; } int -ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm, ipsec_add_del_tunnel_args_t * args) +ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm, + ipsec_add_del_tunnel_args_t * args) { - ipsec_tunnel_if_t * t; - ipsec_main_t * im = &ipsec_main; - vnet_hw_interface_t * hi; + ipsec_tunnel_if_t *t; + ipsec_main_t *im = &ipsec_main; + vnet_hw_interface_t *hi; u32 hw_if_index = ~0; uword *p; - ipsec_sa_t * sa; + ipsec_sa_t *sa; u64 key = (u64) args->remote_ip.as_u32 << 32 | (u64) args->remote_spi; p = hash_get (im->ipsec_if_pool_index_by_key, key); @@ -87,7 +87,7 @@ ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm, ipsec_add_del_tunnel_args_t { /* check if same src/dst pair exists */ if (p) - return VNET_API_ERROR_INVALID_VALUE; + return VNET_API_ERROR_INVALID_VALUE; pool_get_aligned (im->tunnel_interfaces, t, CLIB_CACHE_LINE_BYTES); memset (t, 0, sizeof (*t)); @@ -102,17 +102,19 @@ ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm, ipsec_add_del_tunnel_args_t sa->use_esn = args->esn; sa->use_anti_replay = args->anti_replay; sa->integ_alg = args->integ_alg; - if (args->remote_integ_key_len <= sizeof(args->remote_integ_key)) - { - sa->integ_key_len = args->remote_integ_key_len; - clib_memcpy(sa->integ_key, args->remote_integ_key, args->remote_integ_key_len); - } + if (args->remote_integ_key_len <= sizeof (args->remote_integ_key)) + { + sa->integ_key_len = args->remote_integ_key_len; + clib_memcpy (sa->integ_key, args->remote_integ_key, + args->remote_integ_key_len); + } sa->crypto_alg = args->crypto_alg; - if (args->remote_crypto_key_len <= sizeof(args->remote_crypto_key)) - { - sa->crypto_key_len = args->remote_crypto_key_len; - clib_memcpy(sa->crypto_key, args->remote_crypto_key, args->remote_crypto_key_len); - } + if (args->remote_crypto_key_len <= sizeof (args->remote_crypto_key)) + { + sa->crypto_key_len = args->remote_crypto_key_len; + clib_memcpy (sa->crypto_key, args->remote_crypto_key, + args->remote_crypto_key_len); + } pool_get (im->sad, sa); memset (sa, 0, sizeof (*sa)); @@ -125,41 +127,47 @@ ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm, ipsec_add_del_tunnel_args_t sa->use_esn = args->esn; sa->use_anti_replay = args->anti_replay; sa->integ_alg = args->integ_alg; - if (args->local_integ_key_len <= sizeof(args->local_integ_key)) - { - sa->integ_key_len = args->local_integ_key_len; - clib_memcpy(sa->integ_key, args->local_integ_key, args->local_integ_key_len); - } + if (args->local_integ_key_len <= sizeof (args->local_integ_key)) + { + sa->integ_key_len = args->local_integ_key_len; + clib_memcpy (sa->integ_key, args->local_integ_key, + args->local_integ_key_len); + } sa->crypto_alg = args->crypto_alg; - if (args->local_crypto_key_len <= sizeof(args->local_crypto_key)) - { - sa->crypto_key_len = args->local_crypto_key_len; - clib_memcpy(sa->crypto_key, args->local_crypto_key, args->local_crypto_key_len); - } + if (args->local_crypto_key_len <= sizeof (args->local_crypto_key)) + { + sa->crypto_key_len = args->local_crypto_key_len; + clib_memcpy (sa->crypto_key, args->local_crypto_key, + args->local_crypto_key_len); + } - hash_set (im->ipsec_if_pool_index_by_key, key, t - im->tunnel_interfaces); + hash_set (im->ipsec_if_pool_index_by_key, key, + t - im->tunnel_interfaces); if (vec_len (im->free_tunnel_if_indices) > 0) - { - hw_if_index = - im->free_tunnel_if_indices[vec_len(im->free_tunnel_if_indices)-1]; - _vec_len (im->free_tunnel_if_indices) -= 1; - } + { + hw_if_index = + im->free_tunnel_if_indices[vec_len (im->free_tunnel_if_indices) - + 1]; + _vec_len (im->free_tunnel_if_indices) -= 1; + } else - { - hw_if_index = vnet_register_interface(vnm, ipsec_device_class.index, - t - im->tunnel_interfaces, - ipsec_hw_class.index, - t - im->tunnel_interfaces); - - hi = vnet_get_hw_interface (vnm, hw_if_index); - hi->output_node_index = ipsec_if_output_node.index; - } + { + hw_if_index = + vnet_register_interface (vnm, ipsec_device_class.index, + t - im->tunnel_interfaces, + ipsec_hw_class.index, + t - im->tunnel_interfaces); + + hi = vnet_get_hw_interface (vnm, hw_if_index); + hi->output_node_index = ipsec_if_output_node.index; + } t->hw_if_index = hw_if_index; /*1st interface, register protocol */ - if (pool_elts(im->tunnel_interfaces) == 1) - ip4_register_protocol(IP_PROTOCOL_IPSEC_ESP, ipsec_if_input_node.index); + if (pool_elts (im->tunnel_interfaces) == 1) + ip4_register_protocol (IP_PROTOCOL_IPSEC_ESP, + ipsec_if_input_node.index); return hw_if_index; } @@ -167,17 +175,17 @@ ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm, ipsec_add_del_tunnel_args_t { /* check if exists */ if (!p) - return VNET_API_ERROR_INVALID_VALUE; + return VNET_API_ERROR_INVALID_VALUE; - t = pool_elt_at_index(im->tunnel_interfaces, p[0]); + t = pool_elt_at_index (im->tunnel_interfaces, p[0]); hi = vnet_get_hw_interface (vnm, t->hw_if_index); - vnet_sw_interface_set_flags (vnm, hi->sw_if_index, 0); /* admin down */ + vnet_sw_interface_set_flags (vnm, hi->sw_if_index, 0); /* admin down */ vec_add1 (im->free_tunnel_if_indices, t->hw_if_index); /* delete input and output SA */ - sa = pool_elt_at_index(im->sad, t->input_sa_index); + sa = pool_elt_at_index (im->sad, t->input_sa_index); pool_put (im->sad, sa); - sa = pool_elt_at_index(im->sad, t->output_sa_index); + sa = pool_elt_at_index (im->sad, t->output_sa_index); pool_put (im->sad, sa); hash_unset (im->ipsec_if_pool_index_by_key, key); @@ -187,44 +195,44 @@ ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm, ipsec_add_del_tunnel_args_t } int -ipsec_set_interface_key(vnet_main_t * vnm, u32 hw_if_index, - ipsec_if_set_key_type_t type, u8 alg, u8 * key) +ipsec_set_interface_key (vnet_main_t * vnm, u32 hw_if_index, + ipsec_if_set_key_type_t type, u8 alg, u8 * key) { - ipsec_main_t * im = &ipsec_main; - vnet_hw_interface_t * hi; - ipsec_tunnel_if_t * t; - ipsec_sa_t * sa; + ipsec_main_t *im = &ipsec_main; + vnet_hw_interface_t *hi; + ipsec_tunnel_if_t *t; + ipsec_sa_t *sa; hi = vnet_get_hw_interface (vnm, hw_if_index); t = pool_elt_at_index (im->tunnel_interfaces, hi->dev_instance); if (type == IPSEC_IF_SET_KEY_TYPE_LOCAL_CRYPTO) { - sa = pool_elt_at_index(im->sad, t->output_sa_index); + sa = pool_elt_at_index (im->sad, t->output_sa_index); sa->crypto_alg = alg; - sa->crypto_key_len = vec_len(key); - clib_memcpy(sa->crypto_key, key, vec_len(key)); + sa->crypto_key_len = vec_len (key); + clib_memcpy (sa->crypto_key, key, vec_len (key)); } else if (type == IPSEC_IF_SET_KEY_TYPE_LOCAL_INTEG) { - sa = pool_elt_at_index(im->sad, t->output_sa_index); + sa = pool_elt_at_index (im->sad, t->output_sa_index); sa->integ_alg = alg; - sa->integ_key_len = vec_len(key); - clib_memcpy(sa->integ_key, key, vec_len(key)); + sa->integ_key_len = vec_len (key); + clib_memcpy (sa->integ_key, key, vec_len (key)); } else if (type == IPSEC_IF_SET_KEY_TYPE_REMOTE_CRYPTO) { - sa = pool_elt_at_index(im->sad, t->input_sa_index); + sa = pool_elt_at_index (im->sad, t->input_sa_index); sa->crypto_alg = alg; - sa->crypto_key_len = vec_len(key); - clib_memcpy(sa->crypto_key, key, vec_len(key)); + sa->crypto_key_len = vec_len (key); + clib_memcpy (sa->crypto_key, key, vec_len (key)); } else if (type == IPSEC_IF_SET_KEY_TYPE_REMOTE_INTEG) { - sa = pool_elt_at_index(im->sad, t->input_sa_index); + sa = pool_elt_at_index (im->sad, t->input_sa_index); sa->integ_alg = alg; - sa->integ_key_len = vec_len(key); - clib_memcpy(sa->integ_key, key, vec_len(key)); + sa->integ_key_len = vec_len (key); + clib_memcpy (sa->integ_key, key, vec_len (key)); } else return VNET_API_ERROR_INVALID_VALUE; @@ -236,7 +244,7 @@ ipsec_set_interface_key(vnet_main_t * vnm, u32 hw_if_index, clib_error_t * ipsec_tunnel_if_init (vlib_main_t * vm) { - ipsec_main_t * im = &ipsec_main; + ipsec_main_t *im = &ipsec_main; im->ipsec_if_pool_index_by_key = hash_create (0, sizeof (uword)); @@ -245,3 +253,11 @@ ipsec_tunnel_if_init (vlib_main_t * vm) VLIB_INIT_FUNCTION (ipsec_tunnel_if_init); + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ |