/* * Copyright (c) 2018-2019 Cisco and/or its affiliates. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this * You may obtain a copy of the License at: * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include #include #include #define vl_typedefs /* define message structures */ #include #undef vl_typedefs /* declare message handlers for each api */ #define vl_endianfun /* define message structures */ #include #undef vl_endianfun /* instantiate all the print functions we know about */ #define vl_print(handle, ...) #define vl_printfun #include #undef vl_printfun u8 * format_api_error (u8 * s, va_list * args) { i32 error = va_arg (*args, u32); uword *p; p = hash_get (vcm->error_string_by_error_number, -error); if (p) s = format (s, "%s (%d)", p[0], error); else s = format (s, "%d", error); return s; } static void vl_api_session_enable_disable_reply_t_handler (vl_api_session_enable_disable_reply_t * mp) { if (mp->retval) { clib_warning ("VCL<%d>: session_enable_disable failed: %U", getpid (), format_api_error, ntohl (mp->retval)); } else vcm->app_state = STATE_APP_ENABLED; } static int vcl_segment_attach (u64 segment_handle, char *name, ssvm_segment_type_t type, int fd) { fifo_segment_create_args_t _a, *a = &_a; int rv; memset (a, 0, sizeof (*a)); a->segment_name = (char *) name; a->segment_type = type; if (type == SSVM_SEGMENT_MEMFD) a->memfd_fd = fd; if ((rv = fifo_segment_attach (&vcm->segment_main, a))) { clib_warning ("svm_fifo_segment_attach ('%s') failed", name); return rv; } vcl_segment_table_add (segment_handle, a->new_segment_indices[0]); vec_reset_length (a->new_segment_indices); return 0; } static void vcl_segment_detach (u64 segment_handle) { fifo_segment_main_t *sm = &vcm->segment_main; fifo_segment_t *segment; u32 segment_index; segment_index = vcl_segment_table_lookup (segment_handle); if (segment_index == (u32) ~ 0) return; segment = fifo_segment_get_segment (sm, segment_index); fifo_segment_delete (sm, segment); vcl_segment_table_del (segment_handle); VDBG (0, "detached segment %u handle %u", segment_index, segment_handle); } static u64 vcl_vpp_worker_segment_handle (u32 wrk_index) { return (VCL_INVALID_SEGMENT_HANDLE - wrk_index - 1); } static void vl_api_app_attach_reply_t_handler (vl_api_app_attach_reply_t * mp) { vcl_worker_t *wrk = vcl_worker_get (0); svm_msg_q_t *ctrl_mq; u64 segment_handle; int *fds = 0, i; u32 n_fds = 0; if (mp->retval) { VERR ("attach failed: %U", format_api_error, ntohl (mp->retval)); goto failed; } wrk->app_event_queue = uword_to_pointer (mp->app_mq, svm_msg_q_t *); ctrl_mq = uword_to_pointer (mp->vpp_ctrl_mq, svm_msg_q_t *); vec_validate (wrk->vpp_event_queues, mp->vpp_ctrl_mq_thread); wrk->vpp_event_queues[mp->vpp_ctrl_mq_thread] = ctrl_mq; vcm->ctrl_mq = wrk->ctrl_mq = ctrl_mq; segment_handle = clib_net_to_host_u64 (mp->segment_handle); if (segment_handle == VCL_INVALID_SEGMENT_HANDLE) { VERR ("invalid segment handle"); goto failed; } if (mp->n_fds) { vec_validate (fds, mp->n_fds); if (vl_socket_client_recv_fd_msg (fds, mp->n_fds, 5)) goto failed; if (mp->fd_flags & SESSION_FD_F_VPP_MQ_SEGMENT) if (vcl_segment_attach (vcl_vpp_worker_segment_handle (0), "vpp-mq-seg", SSVM_SEGMENT_MEMFD, fds[n_fds++])) goto failed; if (mp->fd_flags & SESSION_FD_F_MEMFD_SEGMENT) if (vcl_segment_attach (segment_handle, (char *) mp->segment_name, SSVM_SEGMENT_MEMFD, fds[n_fds++])) goto failed; if (mp->fd_flags & SESSION_FD_F_MQ_EVENTFD) { svm_msg_q_set_consumer_eventfd (wrk->app_event_queue, fds[n_fds]); vcl_mq_epoll_add_evfd (wrk, wrk->app_event_queue); n_fds++; } vec_free (fds); } else { if (vcl_segment_attach (segment_handle, (char *) mp->segment_name, SSVM_SEGMENT_SHM, -1)) goto failed; } vcm->app_index = clib_net_to_host_u32 (mp->app_index); vcm->app_state = STATE_APP_ATTACHED; return; failed: vcm->app_state = STATE_APP_FAILED; for (i = clib_max (n_fds - 1, 0); i < vec_len (fds); i++) close (fds[i]); vec_free (fds); } static void vl_api_app_worker_add_del_reply_t_handler (vl_api_app_worker_add_del_reply_t * mp) { int n_fds = 0, *fds = 0, i; u64 segment_handle; vcl_worker_t *wrk; u32 wrk_index; if (mp->retval) { clib_warning ("VCL<%d>: add/del worker failed: %U", getpid (), format_api_error, ntohl (mp->retval)); goto failed; } if (!mp->is_add) return; wrk_index = mp->context; wrk = vcl_worker_get_if_valid (wrk_index); if (!wrk) return; wrk->vpp_wrk_index = clib_net_to_host_u32 (mp->wrk_index); wrk->app_event_queue = uword_to_pointer (mp->app_event_queue_address, svm_msg_q_t *); wrk->ctrl_mq = vcm->ctrl_mq; segment_handle = clib_net_to_host_u64 (mp->segment_handle); if (segment_handle == VCL_INVALID_SEGMENT_HANDLE) { clib_warning ("invalid segment handle"); goto failed; } if (mp->n_fds) { vec_validate (fds, mp->n_fds); if (vl_socket_client_recv_fd_msg (fds, mp->n_fds, 5)) goto failed; if (mp->fd_flags & SESSION_FD_F_VPP_MQ_SEGMENT) if (vcl_segment_attach (vcl_vpp_worker_segment_handle (wrk_index), "vpp-worker-seg", SSVM_SEGMENT_MEMFD, fds[n_fds++])) goto failed; if (mp->fd_flags & SESSION_FD_F_MEMFD_SEGMENT) if (vcl_segment_attach (segment_handle, (char *) mp->segment_name, SSVM_SEGMENT_MEMFD, fds[n_fds++])) goto failed; if (mp->fd_flags & SESSION_FD_F_MQ_EVENTFD) { svm_msg_q_set_consumer_eventfd (wrk->app_event_queue, fds[n_fds]); vcl_mq_epoll_add_evfd (wrk, wrk->app_event_queue); n_fds++; } 
from vpp_tunnel_interface import VppTunnelInterface


class VppIpsecTunInterface(VppTunnelInterface):
    """
    VPP IPsec Tunnel interface
    """

    def __init__(self, test, parent_if, local_spi,
                 remote_spi, crypto_alg, local_crypto_key, remote_crypto_key,
                 integ_alg, local_integ_key, remote_integ_key, salt=0,
                 udp_encap=False,
                 is_ip6=False,
                 dst=None):
        super(VppIpsecTunInterface, self).__init__(test, parent_if)
        self.local_spi = local_spi
        self.remote_spi = remote_spi
        self.crypto_alg = crypto_alg
        self.local_crypto_key = local_crypto_key
        self.remote_crypto_key = remote_crypto_key
        self.integ_alg = integ_alg
        self.local_integ_key = local_integ_key
        self.remote_integ_key = remote_integ_key
        self.salt = salt
        if is_ip6:
            self.local_ip = self.parent_if.local_ip6
            self.remote_ip = self.parent_if.remote_ip6
        else:
            self.local_ip = self.parent_if.local_ip4
            self.remote_ip = self.parent_if.remote_ip4
        if dst:
            self.remote_ip = dst
        self.udp_encap = udp_encap

    def add_vpp_config(self):
        r = self