From: "De Lara Guarch, Pablo" <pablo.de.lara.guarch@intel.com>
To: "Gonzalez Monroy, Sergio" <sergio.gonzalez.monroy@intel.com>,
"dev@dpdk.org" <dev@dpdk.org>
Subject: Re: [dpdk-dev] [PATCH v2] example/ipsec-secgw: ipsec security gateway
Date: Fri, 11 Mar 2016 02:12:05 +0000 [thread overview]
Message-ID: <E115CCD9D858EF4F90C690B0DCB4D8973C8C87BF@IRSMSX108.ger.corp.intel.com> (raw)
In-Reply-To: <1457660333-95971-1-git-send-email-sergio.gonzalez.monroy@intel.com>
Hi,
> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Sergio Gonzalez
> Monroy
> Sent: Friday, March 11, 2016 1:39 AM
> To: dev@dpdk.org
> Subject: [dpdk-dev] [PATCH v2] example/ipsec-secgw: ipsec security gateway
>
> Sample app implementing an IPsec Security Geteway.
> The main goal of this app is to show the use of cryptodev framework
> in a "real world" application.
>
> Currently only supported static IPv4 ESP IPsec tunnels for the following
> algorithms:
> - Cipher: AES-CBC, NULL
> - Authentication: HMAC-SHA1, NULL
>
> Not supported:
> - SA auto negotiation (No IKE implementation)
> - chained mbufs
>
> Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
> ---
>
> v2:
> - Update to use new cryptodev API
> - NULL PMD support
> * dependency on "null_crypto_pmd: PMD to support null crypto
> operations"
> http://dpdk.org/dev/patchwork/patch/11428/
> - Added --single-sa option to bypass SP/ACL
> - Removed option for QAT/AESNI and instead expects vdev to be created
> through EAL with command line options.
> * dependency on "cryptodev: add capabilities discovery mechanism"
> http://dpdk.org/dev/patchwork/patch/11434/
> - fixed inbound traffic bug
> - fixed bug with single core bi-directional traffic (inbound and outbound)
>
> MAINTAINERS | 4 +
> doc/guides/rel_notes/release_16_04.rst | 3 +
> doc/guides/sample_app_ug/index.rst | 1 +
> doc/guides/sample_app_ug/ipsec_secgw.rst | 524 ++++++++++++
> examples/Makefile | 2 +
> examples/ipsec-secgw/Makefile | 58 ++
> examples/ipsec-secgw/esp.c | 250 ++++++
> examples/ipsec-secgw/esp.h | 66 ++
> examples/ipsec-secgw/ipip.h | 103 +++
> examples/ipsec-secgw/ipsec-secgw.c | 1360
> ++++++++++++++++++++++++++++++
> examples/ipsec-secgw/ipsec.c | 203 +++++
> examples/ipsec-secgw/ipsec.h | 192 +++++
> examples/ipsec-secgw/rt.c | 144 ++++
> examples/ipsec-secgw/sa.c | 438 ++++++++++
> examples/ipsec-secgw/sp.c | 364 ++++++++
> 15 files changed, 3712 insertions(+)
> create mode 100644 doc/guides/sample_app_ug/ipsec_secgw.rst
> create mode 100644 examples/ipsec-secgw/Makefile
> create mode 100644 examples/ipsec-secgw/esp.c
> create mode 100644 examples/ipsec-secgw/esp.h
> create mode 100644 examples/ipsec-secgw/ipip.h
> create mode 100644 examples/ipsec-secgw/ipsec-secgw.c
> create mode 100644 examples/ipsec-secgw/ipsec.c
> create mode 100644 examples/ipsec-secgw/ipsec.h
> create mode 100644 examples/ipsec-secgw/rt.c
> create mode 100644 examples/ipsec-secgw/sa.c
> create mode 100644 examples/ipsec-secgw/sp.c
>
> diff --git a/doc/guides/sample_app_ug/ipsec_secgw.rst
> b/doc/guides/sample_app_ug/ipsec_secgw.rst
> new file mode 100644
> index 0000000..bc41ea8
> --- /dev/null
> +++ b/doc/guides/sample_app_ug/ipsec_secgw.rst
> @@ -0,0 +1,524 @@
> +.. BSD LICENSE
> + Copyright(c) 2010-2016 Intel Corporation. All rights reserved.
> + All rights reserved.
Copyright dates should be 2016, not from 2010.
> +
> + Redistribution and use in source and binary forms, with or without
> + modification, are permitted provided that the following conditions
> + are met:
> +
> + * Redistributions of source code must retain the above copyright
> + notice, this list of conditions and the following disclaimer.
> + * Redistributions in binary form must reproduce the above copyright
> + notice, this list of conditions and the following disclaimer in
> + the documentation and/or other materials provided with the
> + distribution.
[...]
> +static inline void
> +process_pkts(struct lcore_conf *qconf, struct rte_mbuf **pkts,
> + uint8_t nb_pkts, uint8_t portid)
> +{
> + struct ipsec_traffic traffic = { 0 };
Clang complains here.
> +
> + prepare_traffic(pkts, &traffic, nb_pkts);
> +
> + if (single_sa) {
> + if (UNPROTECTED_PORT(portid))
> + process_pkts_inbound_nosp(&qconf->inbound,
> &traffic);
> + else
> + process_pkts_outbound_nosp(&qconf->outbound,
> &traffic);
> + } else {
> + if (UNPROTECTED_PORT(portid))
> + process_pkts_inbound(&qconf->inbound, &traffic);
> + else
> + process_pkts_outbound(&qconf->outbound,
> &traffic);
> + }
> +
> + route_pkts(qconf->rt_ctx, traffic.ipv4.pkts, traffic.ipv4.num);
> +}
> +
next prev parent reply other threads:[~2016-03-11 2:12 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-29 20:29 [dpdk-dev] [PATCH] " Sergio Gonzalez Monroy
2016-01-31 14:39 ` Jerin Jacob
2016-02-01 11:09 ` Sergio Gonzalez Monroy
2016-02-01 11:26 ` Jerin Jacob
2016-02-01 14:09 ` Thomas Monjalon
2016-03-09 23:54 ` Sergio Gonzalez Monroy
2016-03-10 3:41 ` Jerin Jacob
2016-02-24 13:32 ` Thomas Monjalon
2016-02-24 14:49 ` Sergio Gonzalez Monroy
2016-03-11 1:38 ` [dpdk-dev] [PATCH v2] " Sergio Gonzalez Monroy
2016-03-11 2:12 ` De Lara Guarch, Pablo [this message]
2016-03-11 2:12 ` [dpdk-dev] [PATCH v3] " Sergio Gonzalez Monroy
2016-03-11 10:01 ` De Lara Guarch, Pablo
2016-03-11 10:07 ` Thomas Monjalon
2016-03-11 10:02 ` Thomas Monjalon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=E115CCD9D858EF4F90C690B0DCB4D8973C8C87BF@IRSMSX108.ger.corp.intel.com \
--to=pablo.de.lara.guarch@intel.com \
--cc=dev@dpdk.org \
--cc=sergio.gonzalez.monroy@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).