From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by dpdk.org (Postfix) with ESMTP id F059C1B478 for ; Wed, 9 Jan 2019 12:44:19 +0100 (CET) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 09 Jan 2019 03:44:19 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,457,1539673200"; d="scan'208";a="125680093" Received: from sivswdev08.ir.intel.com (HELO localhost.localdomain) ([10.237.217.47]) by orsmga001.jf.intel.com with ESMTP; 09 Jan 2019 03:44:16 -0800 From: Konstantin Ananyev To: dev@dpdk.org Cc: akhil.goyal@nxp.com, pablo.de.lara.guarch@intel.com, Konstantin Ananyev Date: Wed, 9 Jan 2019 11:44:02 +0000 Message-Id: <1547034250-21252-3-git-send-email-konstantin.ananyev@intel.com> X-Mailer: git-send-email 1.7.0.7 In-Reply-To: <1546547138-24965-2-git-send-email-konstantin.ananyev@intel.com> References: <1546547138-24965-2-git-send-email-konstantin.ananyev@intel.com> Subject: [dpdk-dev] [PATCH v7 02/10] examples/ipsec-secgw: allow to specify neighbour mac address X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jan 2019 11:44:20 -0000 In some cases it is useful to allow user to specify destination ether address for outgoing packets. This patch adds such ability by introducing new 'neigh' config file option. Signed-off-by: Konstantin Ananyev Acked-by: Radu Nicolau --- doc/guides/sample_app_ug/ipsec_secgw.rst | 42 ++++++++++- examples/ipsec-secgw/ipsec-secgw.c | 21 ++++-- examples/ipsec-secgw/ipsec.h | 3 + examples/ipsec-secgw/parser.c | 91 ++++++++++++++++++++++++ examples/ipsec-secgw/parser.h | 8 +-- 5 files changed, 154 insertions(+), 11 deletions(-) diff --git a/doc/guides/sample_app_ug/ipsec_secgw.rst b/doc/guides/sample_app_ug/ipsec_secgw.rst index 244bde2de..61638e733 100644 --- a/doc/guides/sample_app_ug/ipsec_secgw.rst +++ b/doc/guides/sample_app_ug/ipsec_secgw.rst @@ -217,7 +217,7 @@ Configurations -------------- The following sections provide the syntax of configurations to initialize -your SP, SA and Routing tables. +your SP, SA, Routing and Neighbour tables. Configurations shall be specified in the configuration file to be passed to the application. The file is then parsed by the application. The successful parsing will result in the appropriate rules being applied to the tables @@ -238,8 +238,8 @@ General rule syntax The parse treats one line in the configuration file as one configuration item (unless the line concatenation symbol exists). Every configuration -item shall follow the syntax of either SP, SA, or Routing rules specified -below. +item shall follow the syntax of either SP, SA, Routing or Neighbour +rules specified below. The configuration parser supports the following special symbols: @@ -631,3 +631,39 @@ Example SP rules: rt ipv4 dst 172.16.1.5/32 port 0 rt ipv6 dst 1111:1111:1111:1111:1111:1111:1111:5555/116 port 0 + +Neighbour rule syntax +^^^^^^^^^^^^^^^^^^^^^ + +The Neighbour rule syntax is shown as follows: + +.. code-block:: console + + neigh + + +where each options means: + +```` + + * The output port id + + * Optional: No + + * Syntax: *port X* + +```` + + * The destination ethernet address to use for that port + + * Optional: No + + * Syntax: + + * XX:XX:XX:XX:XX:XX + +Example Neighbour rules: + +.. code-block:: console + + neigh port 0 DE:AD:BE:EF:01:02 diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c index 4ccff38d2..e79d17d51 100644 --- a/examples/ipsec-secgw/ipsec-secgw.c +++ b/examples/ipsec-secgw/ipsec-secgw.c @@ -104,9 +104,9 @@ static uint16_t nb_txd = IPSEC_SECGW_TX_DESC_DEFAULT; #define ETHADDR(a, b, c, d, e, f) (__BYTES_TO_UINT64(a, b, c, d, e, f, 0, 0)) #define ETHADDR_TO_UINT64(addr) __BYTES_TO_UINT64( \ - addr.addr_bytes[0], addr.addr_bytes[1], \ - addr.addr_bytes[2], addr.addr_bytes[3], \ - addr.addr_bytes[4], addr.addr_bytes[5], \ + (addr)->addr_bytes[0], (addr)->addr_bytes[1], \ + (addr)->addr_bytes[2], (addr)->addr_bytes[3], \ + (addr)->addr_bytes[4], (addr)->addr_bytes[5], \ 0, 0) /* port/source ethernet addr and destination ethernet addr */ @@ -1242,6 +1242,19 @@ print_ethaddr(const char *name, const struct ether_addr *eth_addr) printf("%s%s", name, buf); } +/* + * Update destination ethaddr for the port. + */ +int +add_dst_ethaddr(uint16_t port, const struct ether_addr *addr) +{ + if (port > RTE_DIM(ethaddr_tbl)) + return -EINVAL; + + ethaddr_tbl[port].dst = ETHADDR_TO_UINT64(addr); + return 0; +} + /* Check the link status of all ports in up to 9s, and print them finally */ static void check_all_ports_link_status(uint32_t port_mask) @@ -1622,7 +1635,7 @@ port_init(uint16_t portid, uint64_t req_rx_offloads, uint64_t req_tx_offloads) printf("Configuring device port %u:\n", portid); rte_eth_macaddr_get(portid, ðaddr); - ethaddr_tbl[portid].src = ETHADDR_TO_UINT64(ethaddr); + ethaddr_tbl[portid].src = ETHADDR_TO_UINT64(ðaddr); print_ethaddr("Address: ", ðaddr); printf("\n"); diff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h index 9b1586f52..580f7876b 100644 --- a/examples/ipsec-secgw/ipsec.h +++ b/examples/ipsec-secgw/ipsec.h @@ -245,4 +245,7 @@ int sa_check_offloads(uint16_t port_id, uint64_t *rx_offloads, uint64_t *tx_offloads); +int +add_dst_ethaddr(uint16_t port, const struct ether_addr *addr); + #endif /* __IPSEC_H__ */ diff --git a/examples/ipsec-secgw/parser.c b/examples/ipsec-secgw/parser.c index 91282ca94..b0a8ee23b 100644 --- a/examples/ipsec-secgw/parser.c +++ b/examples/ipsec-secgw/parser.c @@ -306,6 +306,46 @@ parse_range(const char *token, uint16_t *low, uint16_t *high) return 0; } +/* + * helper function for parse_mac, parse one section of the ether addr. + */ +static const char * +parse_uint8x16(const char *s, uint8_t *v, uint8_t ls) +{ + char *end; + unsigned long t; + + errno = 0; + t = strtoul(s, &end, 16); + if (errno != 0 || end[0] != ls || t > UINT8_MAX) + return NULL; + v[0] = t; + return end + 1; +} + +static int +parse_mac(const char *str, struct ether_addr *addr) +{ + uint32_t i; + + static const uint8_t stop_sym[RTE_DIM(addr->addr_bytes)] = { + [0] = ':', + [1] = ':', + [2] = ':', + [3] = ':', + [4] = ':', + [5] = 0, + }; + + for (i = 0; i != RTE_DIM(addr->addr_bytes); i++) { + str = parse_uint8x16(str, addr->addr_bytes + i, stop_sym[i]); + if (str == NULL) + return -EINVAL; + } + + return 0; +} + /** sp add parse */ struct cfg_sp_add_cfg_item { cmdline_fixed_string_t sp_keyword; @@ -444,11 +484,61 @@ cmdline_parse_inst_t cfg_rt_add_rule = { }, }; +/* neigh add parse */ +struct cfg_neigh_add_item { + cmdline_fixed_string_t neigh; + cmdline_fixed_string_t pstr; + uint16_t port; + cmdline_fixed_string_t mac; +}; + +static void +cfg_parse_neigh(void *parsed_result, __rte_unused struct cmdline *cl, + void *data) +{ + int32_t rc; + struct cfg_neigh_add_item *res; + struct parse_status *st; + struct ether_addr mac; + + st = data; + res = parsed_result; + rc = parse_mac(res->mac, &mac); + APP_CHECK(rc == 0, st, "invalid ether addr:%s", res->mac); + rc = add_dst_ethaddr(res->port, &mac); + APP_CHECK(rc == 0, st, "invalid port numer:%hu", res->port); + if (st->status < 0) + return; +} + +cmdline_parse_token_string_t cfg_add_neigh_start = + TOKEN_STRING_INITIALIZER(struct cfg_neigh_add_item, neigh, "neigh"); +cmdline_parse_token_string_t cfg_add_neigh_pstr = + TOKEN_STRING_INITIALIZER(struct cfg_neigh_add_item, pstr, "port"); +cmdline_parse_token_num_t cfg_add_neigh_port = + TOKEN_NUM_INITIALIZER(struct cfg_neigh_add_item, port, UINT16); +cmdline_parse_token_string_t cfg_add_neigh_mac = + TOKEN_STRING_INITIALIZER(struct cfg_neigh_add_item, mac, NULL); + +cmdline_parse_inst_t cfg_neigh_add_rule = { + .f = cfg_parse_neigh, + .data = NULL, + .help_str = "", + .tokens = { + (void *)&cfg_add_neigh_start, + (void *)&cfg_add_neigh_pstr, + (void *)&cfg_add_neigh_port, + (void *)&cfg_add_neigh_mac, + NULL, + }, +}; + /** set of cfg items */ cmdline_parse_ctx_t ipsec_ctx[] = { (cmdline_parse_inst_t *)&cfg_sp_add_rule, (cmdline_parse_inst_t *)&cfg_sa_add_rule, (cmdline_parse_inst_t *)&cfg_rt_add_rule, + (cmdline_parse_inst_t *)&cfg_neigh_add_rule, NULL, }; @@ -474,6 +564,7 @@ parse_cfg_file(const char *cfg_filename) cfg_sp_add_rule.data = &status; cfg_sa_add_rule.data = &status; cfg_rt_add_rule.data = &status; + cfg_neigh_add_rule.data = &status; do { char oneline[1024]; diff --git a/examples/ipsec-secgw/parser.h b/examples/ipsec-secgw/parser.h index be02537c5..6b8a10076 100644 --- a/examples/ipsec-secgw/parser.h +++ b/examples/ipsec-secgw/parser.h @@ -14,14 +14,14 @@ struct parse_status { char parse_msg[256]; }; -#define APP_CHECK(exp, status, fmt, ...) \ +#define APP_CHECK(exp, st, fmt, ...) \ do { \ if (!(exp)) { \ - sprintf(status->parse_msg, fmt "\n", \ + sprintf((st)->parse_msg, fmt "\n", \ ## __VA_ARGS__); \ - status->status = -1; \ + (st)->status = -1; \ } else \ - status->status = 0; \ + (st)->status = 0; \ } while (0) #define APP_CHECK_PRESENCE(val, str, status) \ -- 2.17.1