1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
/*
* config.c: crypto engines configuration
*
* Copyright (c) 2025 Cisco and/or its affiliates.
* SPDX-License-Identifier: Apache-2.0
* https://spdx.org/licenses/Apache-2.0.html
*/
#include <vlib/vlib.h>
#include <vnet/crypto/crypto.h>
static clib_error_t *
config_one_crypto (vlib_main_t *vm, char *name, unformat_input_t *input)
{
vnet_crypto_main_t *cm = &crypto_main;
vnet_crypto_config_t *pc;
clib_error_t *error = 0;
uword *p;
int is_enable = 0;
int is_disable = 0;
if (cm->config_index_by_name == 0)
cm->config_index_by_name = hash_create_string (0, sizeof (uword));
p = hash_get_mem (cm->config_index_by_name, name);
if (p)
{
error = clib_error_return (0, "crypto '%s' already configured", name);
goto done;
}
while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (input, "enable"))
is_enable = 1;
else if (unformat (input, "disable"))
is_disable = 1;
else
{
error = clib_error_return (0, "unknown input '%U'",
format_unformat_error, input);
goto done;
}
}
if (is_enable && is_disable)
{
error = clib_error_return (0,
"please specify either enable or disable"
" for crypto '%s'",
name);
goto done;
}
vec_add2 (cm->configs, pc, 1);
pc->is_enabled = is_enable;
pc->is_disabled = is_disable;
pc->name = vec_dup (name);
hash_set_mem (cm->config_index_by_name, pc->name, pc - cm->configs);
done:
return error;
}
static clib_error_t *
crypto_engines_config (vlib_main_t *vm, unformat_input_t *input)
{
vnet_crypto_main_t *cm = &crypto_main;
clib_error_t *error = 0;
while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
{
unformat_input_t sub_input;
u8 *s = 0;
if (unformat (input, "default %U", unformat_vlib_cli_sub_input,
&sub_input))
{
cm->default_disabled = unformat (&sub_input, "disable") ? 1 : 0;
unformat_free (&sub_input);
}
else if (unformat (input, "%s %U", &s, unformat_vlib_cli_sub_input,
&sub_input))
{
error = config_one_crypto (vm, (char *) s, &sub_input);
vec_free (s);
unformat_free (&sub_input);
if (error)
goto done;
}
else
{
error = clib_error_return (0, "unknown input '%U'",
format_unformat_error, input);
{
vec_free (s);
goto done;
}
}
}
done:
return error;
}
VLIB_EARLY_CONFIG_FUNCTION (crypto_engines_config, "crypto-engines");
|
