aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--vnet/Makefile.am13
-rw-r--r--vnet/vnet/ipsec-gre/ipsec_gre.api79
-rw-r--r--vnet/vnet/ipsec-gre/ipsec_gre_api.c190
-rw-r--r--vnet/vnet/vnet_all_api_h.h1
-rw-r--r--vpp-api/java/Makefile.am4
-rw-r--r--vpp/vpp-api/api.c94
-rw-r--r--vpp/vpp-api/vpe.api59
7 files changed, 283 insertions, 157 deletions
diff --git a/vnet/Makefile.am b/vnet/Makefile.am
index 15b01e36a46..eaf31e25c11 100644
--- a/vnet/Makefile.am
+++ b/vnet/Makefile.am
@@ -45,7 +45,9 @@ BUILT_SOURCES = \
vnet/bfd/bfd.api.h \
vnet/bfd/bfd.api.json \
vnet/ipsec/ipsec.api.h \
- vnet/ipsec/ipsec.api.json
+ vnet/ipsec/ipsec.api.json \
+ vnet/ipsec-gre/ipsec_gre.api.h \
+ vnet/ipsec-gre/ipsec_gre.api.json
libvnet_la_SOURCES =
libvnetplugin_la_SOURCES =
@@ -548,11 +550,13 @@ nobase_include_HEADERS += \
libvnet_la_SOURCES += \
vnet/ipsec-gre/ipsec_gre.c \
vnet/ipsec-gre/node.c \
- vnet/ipsec-gre/interface.c
+ vnet/ipsec-gre/interface.c \
+ vnet/ipsec-gre/ipsec_gre_api.c
nobase_include_HEADERS += \
vnet/ipsec-gre/ipsec_gre.h \
- vnet/ipsec-gre/error.def
+ vnet/ipsec-gre/error.def \
+ vnet/ipsec-gre/ipsec_gre.api.h
########################################
# LISP control plane: lisp-cp
@@ -983,7 +987,8 @@ api_DATA = \
vnet/vxlan/vxlan.api.json \
vnet/vxlan-gpe/vxlan_gpe.api.json \
vnet/bfd/bfd.api.json \
- vnet/ipsec/ipsec.api.json
+ vnet/ipsec/ipsec.api.json \
+ vnet/ipsec-gre/ipsec_gre.api.json
# The actual %.api.h rule is in .../build-data/packages/suffix-rules.mk
# and requires a symbolic link at the top of the vnet source tree
diff --git a/vnet/vnet/ipsec-gre/ipsec_gre.api b/vnet/vnet/ipsec-gre/ipsec_gre.api
new file mode 100644
index 00000000000..793bca0afcd
--- /dev/null
+++ b/vnet/vnet/ipsec-gre/ipsec_gre.api
@@ -0,0 +1,79 @@
+/*
+ * Copyright (c) 2015-2016 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/** \brief Add / del ipsec gre tunnel request
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param local_sa_id - local SA id
+ @param remote_sa_id - remote SA id
+ @param is_add - 1 if adding the tunnel, 0 if deleting
+ @param src_address - tunnel source address
+ @param dst_address - tunnel destination address
+*/
+define ipsec_gre_add_del_tunnel {
+ u32 client_index;
+ u32 context;
+ u32 local_sa_id;
+ u32 remote_sa_id;
+ u8 is_add;
+ u8 src_address[4];
+ u8 dst_address[4];
+};
+
+/** \brief Reply for add / del ipsec gre tunnel request
+ @param context - returned sender context, to match reply w/ request
+ @param retval - return code
+ @param sw_if_index - software index of the new ipsec gre tunnel
+*/
+define ipsec_gre_add_del_tunnel_reply {
+ u32 context;
+ i32 retval;
+ u32 sw_if_index;
+};
+
+/** \brief Dump ipsec gre tunnel table
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param tunnel_index - gre tunnel identifier or -1 in case of all tunnels
+*/
+define ipsec_gre_tunnel_dump {
+ u32 client_index;
+ u32 context;
+ u32 sw_if_index;
+};
+
+/** \brief ipsec gre tunnel operational state response
+ @param context - returned sender context, to match reply w/ request
+ @param sw_if_index - software index of the ipsec gre tunnel
+ @param local_sa_id - local SA id
+ @param remote_sa_id - remote SA id
+ @param src_address - tunnel source address
+ @param dst_address - tunnel destination address
+*/
+define ipsec_gre_tunnel_details {
+ u32 context;
+ u32 sw_if_index;
+ u32 local_sa_id;
+ u32 remote_sa_id;
+ u8 src_address[4];
+ u8 dst_address[4];
+};
+
+/*
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
+ \ No newline at end of file
diff --git a/vnet/vnet/ipsec-gre/ipsec_gre_api.c b/vnet/vnet/ipsec-gre/ipsec_gre_api.c
new file mode 100644
index 00000000000..a7ea1490bae
--- /dev/null
+++ b/vnet/vnet/ipsec-gre/ipsec_gre_api.c
@@ -0,0 +1,190 @@
+/*
+ *------------------------------------------------------------------
+ * ipsec_gre_api.c - ipsec_gre api
+ *
+ * Copyright (c) 2016 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *------------------------------------------------------------------
+ */
+
+#include <vnet/vnet.h>
+#include <vlibmemory/api.h>
+
+#include <vnet/interface.h>
+#include <vnet/api_errno.h>
+#include <vnet/ipsec-gre/ipsec_gre.h>
+
+#include <vnet/vnet_msg_enum.h>
+
+#define vl_typedefs /* define message structures */
+#include <vnet/vnet_all_api_h.h>
+#undef vl_typedefs
+
+#define vl_endianfun /* define message structures */
+#include <vnet/vnet_all_api_h.h>
+#undef vl_endianfun
+
+/* instantiate all the print functions we know about */
+#define vl_print(handle, ...) vlib_cli_output (handle, __VA_ARGS__)
+#define vl_printfun
+#include <vnet/vnet_all_api_h.h>
+#undef vl_printfun
+
+#include <vlibapi/api_helper_macros.h>
+
+#define foreach_vpe_api_msg \
+_(IPSEC_GRE_ADD_DEL_TUNNEL, ipsec_gre_add_del_tunnel) \
+_(IPSEC_GRE_TUNNEL_DUMP, ipsec_gre_tunnel_dump)
+
+static void
+vl_api_ipsec_gre_add_del_tunnel_t_handler (vl_api_ipsec_gre_add_del_tunnel_t *
+ mp)
+{
+ vl_api_ipsec_gre_add_del_tunnel_reply_t *rmp;
+ int rv = 0;
+ vnet_ipsec_gre_add_del_tunnel_args_t _a, *a = &_a;
+ u32 sw_if_index = ~0;
+
+ /* Check src & dst are different */
+ if (memcmp (mp->src_address, mp->dst_address, 4) == 0)
+ {
+ rv = VNET_API_ERROR_SAME_SRC_DST;
+ goto out;
+ }
+
+ memset (a, 0, sizeof (*a));
+
+ /* ip addresses sent in network byte order */
+ clib_memcpy (&(a->src), mp->src_address, 4);
+ clib_memcpy (&(a->dst), mp->dst_address, 4);
+ a->is_add = mp->is_add;
+ a->lsa = ntohl (mp->local_sa_id);
+ a->rsa = ntohl (mp->remote_sa_id);
+
+ rv = vnet_ipsec_gre_add_del_tunnel (a, &sw_if_index);
+
+out:
+ /* *INDENT-OFF* */
+ REPLY_MACRO2(VL_API_GRE_ADD_DEL_TUNNEL_REPLY,
+ ({
+ rmp->sw_if_index = ntohl (sw_if_index);
+ }));
+ /* *INDENT-ON* */
+}
+
+static void send_ipsec_gre_tunnel_details
+ (ipsec_gre_tunnel_t * t, unix_shared_memory_queue_t * q, u32 context)
+{
+ vl_api_ipsec_gre_tunnel_details_t *rmp;
+
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ memset (rmp, 0, sizeof (*rmp));
+ rmp->_vl_msg_id = ntohs (VL_API_IPSEC_GRE_TUNNEL_DETAILS);
+ clib_memcpy (rmp->src_address, &(t->tunnel_src), 4);
+ clib_memcpy (rmp->dst_address, &(t->tunnel_dst), 4);
+ rmp->sw_if_index = htonl (t->sw_if_index);
+ rmp->local_sa_id = htonl (t->local_sa_id);
+ rmp->remote_sa_id = htonl (t->remote_sa_id);
+ rmp->context = context;
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void vl_api_ipsec_gre_tunnel_dump_t_handler
+ (vl_api_ipsec_gre_tunnel_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+ ipsec_gre_main_t *igm = &ipsec_gre_main;
+ ipsec_gre_tunnel_t *t;
+ u32 sw_if_index;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ {
+ return;
+ }
+
+ sw_if_index = ntohl (mp->sw_if_index);
+
+ if (~0 == sw_if_index)
+ {
+ /* *INDENT-OFF* */
+ pool_foreach (t, igm->tunnels,
+ ({
+ send_ipsec_gre_tunnel_details(t, q, mp->context);
+ }));
+ /* *INDENT-ON* */
+ }
+ else
+ {
+ if ((sw_if_index >= vec_len (igm->tunnel_index_by_sw_if_index)) ||
+ (~0 == igm->tunnel_index_by_sw_if_index[sw_if_index]))
+ {
+ return;
+ }
+ t = &igm->tunnels[igm->tunnel_index_by_sw_if_index[sw_if_index]];
+ send_ipsec_gre_tunnel_details (t, q, mp->context);
+ }
+}
+
+/*
+ * ipsec_gre_api_hookup
+ * Add vpe's API message handlers to the table.
+ * vlib has alread mapped shared memory and
+ * added the client registration handlers.
+ * See .../vlib-api/vlibmemory/memclnt_vlib.c:memclnt_process()
+ */
+#define vl_msg_name_crc_list
+#include <vnet/vnet_all_api_h.h>
+#undef vl_msg_name_crc_list
+
+static void
+setup_message_id_table (api_main_t * am)
+{
+#define _(id,n,crc) vl_msg_api_add_msg_name_crc (am, #n "_" #crc, id);
+ foreach_vl_msg_name_crc_ipsec_gre;
+#undef _
+}
+
+static clib_error_t *
+ipsec_gre_api_hookup (vlib_main_t * vm)
+{
+ api_main_t *am = &api_main;
+
+#define _(N,n) \
+ vl_msg_api_set_handlers(VL_API_##N, #n, \
+ vl_api_##n##_t_handler, \
+ vl_noop_handler, \
+ vl_api_##n##_t_endian, \
+ vl_api_##n##_t_print, \
+ sizeof(vl_api_##n##_t), 1);
+ foreach_vpe_api_msg;
+#undef _
+
+ /*
+ * Set up the (msg_name, crc, message-id) table
+ */
+ setup_message_id_table (am);
+
+ return 0;
+}
+
+VLIB_API_INIT_FUNCTION (ipsec_gre_api_hookup);
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/vnet/vnet/vnet_all_api_h.h b/vnet/vnet/vnet_all_api_h.h
index 2210222da76..da962a3b189 100644
--- a/vnet/vnet/vnet_all_api_h.h
+++ b/vnet/vnet/vnet_all_api_h.h
@@ -44,6 +44,7 @@
#include <vnet/vxlan-gpe/vxlan_gpe.api.h>
#include <vnet/bfd/bfd.api.h>
#include <vnet/ipsec/ipsec.api.h>
+#include <vnet/ipsec-gre/ipsec_gre.api.h>
/*
* fd.io coding-style-patch-verification: ON
diff --git a/vpp-api/java/Makefile.am b/vpp-api/java/Makefile.am
index db6a0082dd9..ed2da7c4062 100644
--- a/vpp-api/java/Makefile.am
+++ b/vpp-api/java/Makefile.am
@@ -97,7 +97,8 @@ jvpp-core/io_fd_vpp_jvpp_core_JVppCoreImpl.h: \
$(prefix)/../vnet/vnet/vxlan_gpe.api.json \
$(prefix)/../vnet/vnet/tap.api.json \
$(prefix)/../vnet/vnet/bfd.api.json \
- $(prefix)/../vnet/vnet/ipsec.api.json
+ $(prefix)/../vnet/vnet/ipsec.api.json \
+ $(prefix)/../vnet/vnet/ipsec_gre.api.json
cp -rf @srcdir@/jvpp-core/* -t jvpp-core/
mkdir -p jvpp-core/target
cd jvpp-core \
@@ -119,6 +120,7 @@ jvpp-core/io_fd_vpp_jvpp_core_JVppCoreImpl.h: \
$(prefix)/../vnet/vnet/vxlan_gpe.api.json \
$(prefix)/../vnet/vnet/bfd.api.json \
$(prefix)/../vnet/vnet/ipsec.api.json \
+ $(prefix)/../vnet/vnet/ipsec_gre.api.json \
&& cp -rf types dto future callfacade callback notification *.java -t $(packagedir_jvpp_core) \
&& rm -rf types dto future callfacade callback notification *.java
diff --git a/vpp/vpp-api/api.c b/vpp/vpp-api/api.c
index ec2618184c3..4ac0afd3026 100644
--- a/vpp/vpp-api/api.c
+++ b/vpp/vpp-api/api.c
@@ -82,7 +82,6 @@
#include <vnet/ip/ip_source_and_port_range_check.h>
#include <vnet/policer/policer.h>
#include <vnet/flow/flow_report.h>
-#include <vnet/ipsec-gre/ipsec_gre.h>
#include <vnet/flow/flow_report_classify.h>
#include <vnet/ip/punt.h>
#include <vnet/feature/feature.h>
@@ -250,8 +249,6 @@ _(IP_SOURCE_AND_PORT_RANGE_CHECK_ADD_DEL, \
ip_source_and_port_range_check_add_del) \
_(IP_SOURCE_AND_PORT_RANGE_CHECK_INTERFACE_ADD_DEL, \
ip_source_and_port_range_check_interface_add_del) \
-_(IPSEC_GRE_ADD_DEL_TUNNEL, ipsec_gre_add_del_tunnel) \
-_(IPSEC_GRE_TUNNEL_DUMP, ipsec_gre_tunnel_dump) \
_(DELETE_SUBIF, delete_subif) \
_(L2_INTERFACE_PBB_TAG_REWRITE, l2_interface_pbb_tag_rewrite) \
_(PUNT, punt) \
@@ -5735,97 +5732,6 @@ reply:
}
static void
-vl_api_ipsec_gre_add_del_tunnel_t_handler (vl_api_ipsec_gre_add_del_tunnel_t *
- mp)
-{
- vl_api_ipsec_gre_add_del_tunnel_reply_t *rmp;
- int rv = 0;
- vnet_ipsec_gre_add_del_tunnel_args_t _a, *a = &_a;
- u32 sw_if_index = ~0;
-
- /* Check src & dst are different */
- if (memcmp (mp->src_address, mp->dst_address, 4) == 0)
- {
- rv = VNET_API_ERROR_SAME_SRC_DST;
- goto out;
- }
-
- memset (a, 0, sizeof (*a));
-
- /* ip addresses sent in network byte order */
- clib_memcpy (&(a->src), mp->src_address, 4);
- clib_memcpy (&(a->dst), mp->dst_address, 4);
- a->is_add = mp->is_add;
- a->lsa = ntohl (mp->local_sa_id);
- a->rsa = ntohl (mp->remote_sa_id);
-
- rv = vnet_ipsec_gre_add_del_tunnel (a, &sw_if_index);
-
-out:
- /* *INDENT-OFF* */
- REPLY_MACRO2(VL_API_GRE_ADD_DEL_TUNNEL_REPLY,
- ({
- rmp->sw_if_index = ntohl (sw_if_index);
- }));
- /* *INDENT-ON* */
-}
-
-static void send_ipsec_gre_tunnel_details
- (ipsec_gre_tunnel_t * t, unix_shared_memory_queue_t * q, u32 context)
-{
- vl_api_ipsec_gre_tunnel_details_t *rmp;
-
- rmp = vl_msg_api_alloc (sizeof (*rmp));
- memset (rmp, 0, sizeof (*rmp));
- rmp->_vl_msg_id = ntohs (VL_API_IPSEC_GRE_TUNNEL_DETAILS);
- clib_memcpy (rmp->src_address, &(t->tunnel_src), 4);
- clib_memcpy (rmp->dst_address, &(t->tunnel_dst), 4);
- rmp->sw_if_index = htonl (t->sw_if_index);
- rmp->local_sa_id = htonl (t->local_sa_id);
- rmp->remote_sa_id = htonl (t->remote_sa_id);
- rmp->context = context;
-
- vl_msg_api_send_shmem (q, (u8 *) & rmp);
-}
-
-static void vl_api_ipsec_gre_tunnel_dump_t_handler
- (vl_api_ipsec_gre_tunnel_dump_t * mp)
-{
- unix_shared_memory_queue_t *q;
- ipsec_gre_main_t *igm = &ipsec_gre_main;
- ipsec_gre_tunnel_t *t;
- u32 sw_if_index;
-
- q = vl_api_client_index_to_input_queue (mp->client_index);
- if (q == 0)
- {
- return;
- }
-
- sw_if_index = ntohl (mp->sw_if_index);
-
- if (~0 == sw_if_index)
- {
- /* *INDENT-OFF* */
- pool_foreach (t, igm->tunnels,
- ({
- send_ipsec_gre_tunnel_details(t, q, mp->context);
- }));
- /* *INDENT-ON* */
- }
- else
- {
- if ((sw_if_index >= vec_len (igm->tunnel_index_by_sw_if_index)) ||
- (~0 == igm->tunnel_index_by_sw_if_index[sw_if_index]))
- {
- return;
- }
- t = &igm->tunnels[igm->tunnel_index_by_sw_if_index[sw_if_index]];
- send_ipsec_gre_tunnel_details (t, q, mp->context);
- }
-}
-
-static void
vl_api_delete_subif_t_handler (vl_api_delete_subif_t * mp)
{
vl_api_delete_subif_reply_t *rmp;
diff --git a/vpp/vpp-api/vpe.api b/vpp/vpp-api/vpe.api
index 0d7de596141..52254cd3b3e 100644
--- a/vpp/vpp-api/vpe.api
+++ b/vpp/vpp-api/vpe.api
@@ -34,6 +34,7 @@
* L2TP APIs: see .../vnet/vnet/l2tp/{l2tp.api, l2tp_api.c}
* BFD APIs: see .../vnet/vnet/bfd/{bfd.api, bfd_api.c}
* IPSEC APIs: see .../vnet/vnet/ipsec/{ipsec.api, ipsec_api.c}
+ * IPSEC-GRE APIs: see .../vnet/vnet/ipsec-gre/{ipsec_gre.api, ipsec_gre_api.c}
*/
/** \brief Create a new subinterface with the given vlan id
@@ -3519,64 +3520,6 @@ define ip_source_and_port_range_check_interface_add_del_reply
i32 retval;
};
-/** \brief Add / del ipsec gre tunnel request
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param local_sa_id - local SA id
- @param remote_sa_id - remote SA id
- @param is_add - 1 if adding the tunnel, 0 if deleting
- @param src_address - tunnel source address
- @param dst_address - tunnel destination address
-*/
-define ipsec_gre_add_del_tunnel {
- u32 client_index;
- u32 context;
- u32 local_sa_id;
- u32 remote_sa_id;
- u8 is_add;
- u8 src_address[4];
- u8 dst_address[4];
-};
-
-/** \brief Reply for add / del ipsec gre tunnel request
- @param context - returned sender context, to match reply w/ request
- @param retval - return code
- @param sw_if_index - software index of the new ipsec gre tunnel
-*/
-define ipsec_gre_add_del_tunnel_reply {
- u32 context;
- i32 retval;
- u32 sw_if_index;
-};
-
-/** \brief Dump ipsec gre tunnel table
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param tunnel_index - gre tunnel identifier or -1 in case of all tunnels
-*/
-define ipsec_gre_tunnel_dump {
- u32 client_index;
- u32 context;
- u32 sw_if_index;
-};
-
-/** \brief mpls gre tunnel operational state response
- @param context - returned sender context, to match reply w/ request
- @param sw_if_index - software index of the ipsec gre tunnel
- @param local_sa_id - local SA id
- @param remote_sa_id - remote SA id
- @param src_address - tunnel source address
- @param dst_address - tunnel destination address
-*/
-define ipsec_gre_tunnel_details {
- u32 context;
- u32 sw_if_index;
- u32 local_sa_id;
- u32 remote_sa_id;
- u8 src_address[4];
- u8 dst_address[4];
-};
-
/** \brief Delete sub interface request
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request