ipsec: add/delete ipsec fast path policy

This patch introduces functions to add and delete fast path policies. Type: feature Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com> Change-Id: I3f1f1323148080c9dac531fbe9fa33bad4efe814
author: Piotr Bronowski <piotrx.bronowski@intel.com> 2022-05-10 13:18:22 +0000
committer: Piotr Bronowski <piotrx.bronowski@intel.com> 2022-06-29 09:05:51 +0000
commit: 0464310fd3d4234e5b0aaf730360a1db2b5f7384 (patch)
tree: 312e4a3df3bc57408cc10c52e565d8c46a2e77c8 /src/vnet/ipsec/ipsec_spd.h
parent: fc20c8e50f2784ad62b97bdb0094605d2b86f596 (diff)
1 files changed, 21 insertions, 1 deletions
diff --git a/src/vnet/ipsec/ipsec_spd.h b/src/vnet/ipsec/ipsec_spd.h
index 757a1b72d51..887ae99c101 100644
--- a/src/vnet/ipsec/ipsec_spd.h
+++ b/src/vnet/ipsec/ipsec_spd.h
@@ -15,6 +15,8 @@
 #ifndef __IPSEC_SPD_H__
 #define __IPSEC_SPD_H__
 
+#include <vppinfra/bihash_40_8.h>
+#include <vppinfra/bihash_16_8.h>
 #include <vlib/vlib.h>
 
 #define foreach_ipsec_spd_policy_type                 \
@@ -41,7 +43,23 @@ typedef enum ipsec_spd_policy_t_
 extern u8 *format_ipsec_policy_type (u8 * s, va_list * args);
 
 /**
- * @brief A Secruity Policy Database
+ * @brief A fast path Security Policy Database
+ */
+typedef struct
+{
+  /** vectors for each of the policy types */
+  u32 *fp_policies[IPSEC_SPD_POLICY_N_TYPES];
+  u32 *fp_mask_types[IPSEC_SPD_POLICY_N_TYPES];
+
+  clib_bihash_40_8_t fp_ip6_lookup_hash; /* spd fp ip6 lookup hash table. */
+  clib_bihash_16_8_t fp_ip4_lookup_hash; /* spd fp ip4 lookup hash table. */
+
+  u8 fp_ip6_lookup_hash_initialized;
+
+} ipsec_spd_fp_t;
+
+/**
+ * @brief A Security Policy Database
  */
 typedef struct
 {
@@ -49,6 +67,8 @@ typedef struct
   u32 id;
   /** vectors for each of the policy types */
   u32 *policies[IPSEC_SPD_POLICY_N_TYPES];
+  /* TODO remove fp_spd. Use directly ipsec_spd_t for fast path */
+  ipsec_spd_fp_t fp_spd;
 } ipsec_spd_t;
 
 /**
author	Piotr Bronowski <piotrx.bronowski@intel.com>	2022-05-10 13:18:22 +0000
committer	Piotr Bronowski <piotrx.bronowski@intel.com>	2022-06-29 09:05:51 +0000
commit	0464310fd3d4234e5b0aaf730360a1db2b5f7384 (patch)
tree	312e4a3df3bc57408cc10c52e565d8c46a2e77c8 /src/vnet/ipsec/ipsec_spd.h
parent	fc20c8e50f2784ad62b97bdb0094605d2b86f596 (diff)