DPDK patches and discussions
 help / color / mirror / Atom feed
From: "De Lara Guarch, Pablo" <pablo.de.lara.guarch@intel.com>
To: "Gonzalez Monroy, Sergio" <sergio.gonzalez.monroy@intel.com>,
	"dev@dpdk.org" <dev@dpdk.org>
Subject: Re: [dpdk-dev] [PATCH v2] example/ipsec-secgw: ipsec security gateway
Date: Fri, 11 Mar 2016 02:12:05 +0000	[thread overview]
Message-ID: <E115CCD9D858EF4F90C690B0DCB4D8973C8C87BF@IRSMSX108.ger.corp.intel.com> (raw)
In-Reply-To: <1457660333-95971-1-git-send-email-sergio.gonzalez.monroy@intel.com>

Hi,

> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Sergio Gonzalez
> Monroy
> Sent: Friday, March 11, 2016 1:39 AM
> To: dev@dpdk.org
> Subject: [dpdk-dev] [PATCH v2] example/ipsec-secgw: ipsec security gateway
> 
> Sample app implementing an IPsec Security Geteway.
> The main goal of this app is to show the use of cryptodev framework
> in a "real world" application.
> 
> Currently only supported static IPv4 ESP IPsec tunnels for the following
> algorithms:
> - Cipher: AES-CBC, NULL
> - Authentication: HMAC-SHA1, NULL
> 
> Not supported:
> - SA auto negotiation (No IKE implementation)
> - chained mbufs
> 
> Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
> ---
> 
> v2:
>  - Update to use new cryptodev API
>  - NULL PMD support
>    * dependency on "null_crypto_pmd: PMD to support null crypto
> operations"
>    http://dpdk.org/dev/patchwork/patch/11428/
>  - Added --single-sa option to bypass SP/ACL
>  - Removed option for QAT/AESNI and instead expects vdev to be created
>    through EAL with command line options.
>    * dependency on "cryptodev: add capabilities discovery mechanism"
>    http://dpdk.org/dev/patchwork/patch/11434/
>  - fixed inbound traffic bug
>  - fixed bug with single core bi-directional traffic (inbound and outbound)
> 
>  MAINTAINERS                              |    4 +
>  doc/guides/rel_notes/release_16_04.rst   |    3 +
>  doc/guides/sample_app_ug/index.rst       |    1 +
>  doc/guides/sample_app_ug/ipsec_secgw.rst |  524 ++++++++++++
>  examples/Makefile                        |    2 +
>  examples/ipsec-secgw/Makefile            |   58 ++
>  examples/ipsec-secgw/esp.c               |  250 ++++++
>  examples/ipsec-secgw/esp.h               |   66 ++
>  examples/ipsec-secgw/ipip.h              |  103 +++
>  examples/ipsec-secgw/ipsec-secgw.c       | 1360
> ++++++++++++++++++++++++++++++
>  examples/ipsec-secgw/ipsec.c             |  203 +++++
>  examples/ipsec-secgw/ipsec.h             |  192 +++++
>  examples/ipsec-secgw/rt.c                |  144 ++++
>  examples/ipsec-secgw/sa.c                |  438 ++++++++++
>  examples/ipsec-secgw/sp.c                |  364 ++++++++
>  15 files changed, 3712 insertions(+)
>  create mode 100644 doc/guides/sample_app_ug/ipsec_secgw.rst
>  create mode 100644 examples/ipsec-secgw/Makefile
>  create mode 100644 examples/ipsec-secgw/esp.c
>  create mode 100644 examples/ipsec-secgw/esp.h
>  create mode 100644 examples/ipsec-secgw/ipip.h
>  create mode 100644 examples/ipsec-secgw/ipsec-secgw.c
>  create mode 100644 examples/ipsec-secgw/ipsec.c
>  create mode 100644 examples/ipsec-secgw/ipsec.h
>  create mode 100644 examples/ipsec-secgw/rt.c
>  create mode 100644 examples/ipsec-secgw/sa.c
>  create mode 100644 examples/ipsec-secgw/sp.c
> 


> diff --git a/doc/guides/sample_app_ug/ipsec_secgw.rst
> b/doc/guides/sample_app_ug/ipsec_secgw.rst
> new file mode 100644
> index 0000000..bc41ea8
> --- /dev/null
> +++ b/doc/guides/sample_app_ug/ipsec_secgw.rst
> @@ -0,0 +1,524 @@
> +..  BSD LICENSE
> +    Copyright(c) 2010-2016 Intel Corporation. All rights reserved.
> +    All rights reserved.

Copyright dates should be 2016, not from 2010.

> +
> +    Redistribution and use in source and binary forms, with or without
> +    modification, are permitted provided that the following conditions
> +    are met:
> +
> +    * Redistributions of source code must retain the above copyright
> +    notice, this list of conditions and the following disclaimer.
> +    * Redistributions in binary form must reproduce the above copyright
> +    notice, this list of conditions and the following disclaimer in
> +    the documentation and/or other materials provided with the
> +    distribution.

[...]

> +static inline void
> +process_pkts(struct lcore_conf *qconf, struct rte_mbuf **pkts,
> +		uint8_t nb_pkts, uint8_t portid)
> +{
> +	struct ipsec_traffic traffic = { 0 };

Clang complains here.

> +
> +	prepare_traffic(pkts, &traffic, nb_pkts);
> +
> +	if (single_sa) {
> +		if (UNPROTECTED_PORT(portid))
> +			process_pkts_inbound_nosp(&qconf->inbound,
> &traffic);
> +		else
> +			process_pkts_outbound_nosp(&qconf->outbound,
> &traffic);
> +	} else {
> +		if (UNPROTECTED_PORT(portid))
> +			process_pkts_inbound(&qconf->inbound, &traffic);
> +		else
> +			process_pkts_outbound(&qconf->outbound,
> &traffic);
> +	}
> +
> +	route_pkts(qconf->rt_ctx, traffic.ipv4.pkts, traffic.ipv4.num);
> +}
> +

  reply	other threads:[~2016-03-11  2:12 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-01-29 20:29 [dpdk-dev] [PATCH] " Sergio Gonzalez Monroy
2016-01-31 14:39 ` Jerin Jacob
2016-02-01 11:09   ` Sergio Gonzalez Monroy
2016-02-01 11:26     ` Jerin Jacob
2016-02-01 14:09       ` Thomas Monjalon
2016-03-09 23:54       ` Sergio Gonzalez Monroy
2016-03-10  3:41         ` Jerin Jacob
2016-02-24 13:32 ` Thomas Monjalon
2016-02-24 14:49   ` Sergio Gonzalez Monroy
2016-03-11  1:38 ` [dpdk-dev] [PATCH v2] " Sergio Gonzalez Monroy
2016-03-11  2:12   ` De Lara Guarch, Pablo [this message]
2016-03-11  2:12   ` [dpdk-dev] [PATCH v3] " Sergio Gonzalez Monroy
2016-03-11 10:01     ` De Lara Guarch, Pablo
2016-03-11 10:07       ` Thomas Monjalon
2016-03-11 10:02     ` Thomas Monjalon

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=E115CCD9D858EF4F90C690B0DCB4D8973C8C87BF@IRSMSX108.ger.corp.intel.com \
    --to=pablo.de.lara.guarch@intel.com \
    --cc=dev@dpdk.org \
    --cc=sergio.gonzalez.monroy@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).