diff options
| author |   Neale Ranns <neale@graphiant.com> | 2021-02-09 14:04:02 +0000 |
|---|---|---|
| committer |   Matthew Smith <mgsmith@netgate.com> | 2021-02-10 13:39:37 +0000 |
| commit | 9ec846c2684b69f47505d73ea9f873b793a11558 (patch) | |
| tree | 78b1f3ced7dcee5d925f5c715b7e2ba99d5cdd95 /src/vnet/ipsec/ipsec_sa.h | |
| parent | 98d82ca04ba438cd2ba3c03de6e1e82e4786cd83 (diff) | |
ipsec: Use the new tunnel API types to add flow label and TTL copy
support
Type: feature
attmpet 2. this includes changes in ah_encrypt that don't use
uninitialised memory when doing tunnel mode fixups.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ie3cb776f5c415c93b8a5ee22f22586fd0181110d
Diffstat (limited to 'src/vnet/ipsec/ipsec_sa.h')
| -rw-r--r-- | src/vnet/ipsec/ipsec_sa.h | 31 |
1 files changed, 8 insertions, 23 deletions
diff --git a/src/vnet/ipsec/ipsec_sa.h b/src/vnet/ipsec/ipsec_sa.h index 7a52e831c77..84abd6ef4b4 100644 --- a/src/vnet/ipsec/ipsec_sa.h +++ b/src/vnet/ipsec/ipsec_sa.h @@ -174,8 +174,7 @@ typedef struct ipsec_protocol_t protocol; tunnel_encap_decap_flags_t tunnel_flags; - ip_dscp_t dscp; - u8 __pad2[1]; + u8 __pad[2]; /* data accessed by dataplane code should be above this comment */ CLIB_CACHE_LINE_ALIGN_MARK (cacheline2); @@ -203,8 +202,7 @@ typedef struct u64 data; } async_op_data; - ip46_address_t tunnel_src_addr; - ip46_address_t tunnel_dst_addr; + tunnel_t tunnel; fib_node_t node; @@ -214,10 +212,6 @@ typedef struct vnet_crypto_alg_t integ_calg; vnet_crypto_alg_t crypto_calg; - fib_node_index_t fib_entry_index; - u32 sibling; - u32 tx_fib_index; - /* else u8 packed */ ipsec_crypto_alg_t crypto_alg; ipsec_integ_alg_t integ_alg; @@ -258,21 +252,12 @@ extern vlib_combined_counter_main_t ipsec_sa_counters; extern void ipsec_mk_key (ipsec_key_t * key, const u8 * data, u8 len); -extern int ipsec_sa_add_and_lock (u32 id, - u32 spi, - ipsec_protocol_t proto, - ipsec_crypto_alg_t crypto_alg, - const ipsec_key_t * ck, - ipsec_integ_alg_t integ_alg, - const ipsec_key_t * ik, - ipsec_sa_flags_t flags, - u32 tx_table_id, - u32 salt, - const ip46_address_t * tunnel_src_addr, - const ip46_address_t * tunnel_dst_addr, - tunnel_encap_decap_flags_t tunnel_flags, - ip_dscp_t dscp, - u32 * sa_index, u16 src_port, u16 dst_port); +extern int +ipsec_sa_add_and_lock (u32 id, u32 spi, ipsec_protocol_t proto, + ipsec_crypto_alg_t crypto_alg, const ipsec_key_t *ck, + ipsec_integ_alg_t integ_alg, const ipsec_key_t *ik, + ipsec_sa_flags_t flags, u32 salt, u16 src_port, + u16 dst_port, const tunnel_t *tun, u32 *sa_out_index); extern index_t ipsec_sa_find_and_lock (u32 id); extern int ipsec_sa_unlock_id (u32 id); extern void ipsec_sa_unlock (index_t sai); |