Support for multiple interfaces
authorTinku Mannan <tmannan@ti.com>
Sat, 20 Jul 2013 12:16:53 +0000 (08:16 -0400)
committerTinku Mannan <tmannan@ti.com>
Sat, 20 Jul 2013 12:16:53 +0000 (08:16 -0400)
ti/runtime/netapi/applications/ipsec_offload/ipsecmgr/src/netapi_ipsecmgr.c
ti/runtime/netapi/applications/ipsec_offload/ipsecmgr/src/netapilib_interface.c
ti/runtime/netapi/applications/ipsec_offload/ipsecmgr/src/netapilib_interface.h

index dd0d2022da5140e9b78948aa52ff74a54bbb86dc..c6995d53da2bd44fb8e4ae5a20858bd3d4319e10 100755 (executable)
 #include <stdlib.h>
 #include <signal.h>
 #include <stdarg.h>
+
+
+
+#include <arpa/inet.h>
+#include <sys/socket.h>
+#include <ifaddrs.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+#include <sys/types.h>
+#include <netinet/in.h> 
+#include <string.h> 
+
 /**********************************************************************
  ************************** Local Definitions *************************
  **********************************************************************/
-#define DTS_LOG_FILE_QUEUE "/proc/device-tree/soc/pktdma@2004000/channels/netrx0/complete-queue"
-#define DTS_LOG_FILE_FLOW  "/proc/device-tree/soc/pktdma@2004000/channels/netrx0/flow"
-
+char*  DTS_LOG_FILE_QUEUE_ETHx[] = {
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx0/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx1/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx2/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx3/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx4/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx5/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx6/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx7/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx8/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx9/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx10/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx11/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx12/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx13/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx14/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx15/complete-queue"
+};
+char*  DTS_LOG_FILE_FLOW_ETHx[] = {
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx0/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx1/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx2/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx3/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx4/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx5/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx6/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx7/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx8/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx9/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx10/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx11/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx12/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx13/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx14/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx15/flow",
+};
 
 /**********************************************************************
  ************************** Global Variables **************************
@@ -62,6 +109,7 @@ NETAPI_T netapi_handle;
 
 //paSysStats_t netcp_stats;
 ipsecMgrMcb_t globalDB;
+ipsecMgrIfConfigEntry_T ipConfigList[16];
 
 /* Lock file for the daemon */
 #define LOCK_FILE   "/var/lock/ipsecmgr_daemon"
@@ -83,6 +131,8 @@ static NETAPI_CFG_T our_netapi_default_cfg=
 };
 
 
+
+
 static int QUIT = 0;
 
 /* stub functions */
@@ -166,7 +216,7 @@ static void* snoop_run_thread (void* arg)
         if (QUIT == 1)
             break;
     }
-    printf("snoop_run_thread: calling shutdowns\n");
+    printf("snoop_run_thread: calling shutdown\n");
     ipsecmgr_snoop_shutdown ();
     cleanup_sa_sp();
     netapi_shutdown(netapi_handle);
@@ -184,12 +234,7 @@ static void* snoop_run_thread (void* arg)
  */
 static void sig_term_handler(int signum)
 {
-
     QUIT = 1;
-    /* Cleanup and exit */        
-    //ipsecmgr_snoop_shutdown ();
-    //netapi_shutdown(netapi_handle);
-    //exit (0);
 }
 
 /**
@@ -621,96 +666,90 @@ int32_t parse_cmd_line_args(int argc, char** argv)
             /* Log file name */                
             if (i+1 >= argc || argv[i+1] == NULL)
                 return -1;
-
-#if 0
-            /* Close the default log file if we opened it already */
-            if (netapiIPSecMgrMcb.logFd)
-                fclose (netapiIPSecMgrMcb.logFd);                    
-
-            /* Open the log file specified at command line */
-            if ((netapiIPSecMgrMcb.logFd  = fopen(argv[i+1], "a")) == NULL)
-            {
-                printf ("Error opening log file %s\n", argv[i+1]);
-                return -1;
-            }
-#endif
             i++;
         }
-
         else
         {
-            /* Invalid options */                
+            /* Invalid options */
             return -1;
         }
     }
-
     /* Success */
     return 0;
 }
 
-int get_kernel_config()
+int get_kernel_config(int index)
 {
     uint32_t temp=0;
-    char name[] = "offload_chan";
     FILE *pDts = NULL;
 
-    pDts = fopen(DTS_LOG_FILE_QUEUE, "rb");
+    pDts = fopen(DTS_LOG_FILE_QUEUE_ETHx[index], "rb");
 
     if(pDts)
     {
         fread((void*)&temp, sizeof(uint32_t), 1, pDts);
-        globalDB.qNum= (int)swap32(temp);
+        globalDB.qNum[index]= (int)swap32(temp);
         fclose(pDts);
     }
     else
     {
         ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
-            "main: error opening device tree file: %s\n",DTS_LOG_FILE_QUEUE);
+            "main: error opening device tree file: %s\n",DTS_LOG_FILE_QUEUE_ETHx[index]);
         return -1;
     }
 
     pDts = NULL;
-    pDts = fopen(DTS_LOG_FILE_FLOW, "rb");
+    pDts = fopen(DTS_LOG_FILE_FLOW_ETHx[index], "rb");
 
     if(pDts)
     {
         fread((void*)&temp, sizeof(uint32_t), 1, pDts);
-        globalDB.flowId = (int)swap32(temp);
+        globalDB.flowId[index] = (int)swap32(temp);
         fclose(pDts);
     }
     else
     {
-        printf("main: error opening %s\n",DTS_LOG_FILE_FLOW);
+        ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
+            "main: error opening device tree file: %s\n",DTS_LOG_FILE_FLOW_ETHx[index]);
         return -1;
     }
-    
+    ipsecmgr_syslog_msg (SYSLOG_LEVEL_INFO,
+            "get_kernel_config(%d): flow: 0x%x, qNum: 0x%x\n", 
+                    index, globalDB.flowId[index], globalDB.qNum[index]);
     return 0;
 }
 
-int create_pktio_channel()
+int create_pktio_channel(int index)
 {
     int error = 0;
-    char name[] = "offload_chan";
+    char name[19];
     PKTIO_HANDLE_T *pktio_channel;
     PKTIO_CFG_T pktio_cfg;
 
-    pktio_cfg.qnum = globalDB.qNum;
-    pktio_cfg.flags1 = PKTIO_RX;
-    pktio_cfg.flags2 = PKTIO_GLOBAL | PKTIO_PKT;
-    pktio_cfg.max_n = 8;
-
-    globalDB.pktio_channel = netapi_pktioCreate(netapi_handle,
-                                               &name[0],
-                                               (PKTIO_CB)recv_cb,
-                                               &pktio_cfg,
-                                               &error);
-    if (!globalDB.pktio_channel)
-    {
-        ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
-            "create_pktio_channel: failed\n");
-        return -1;
-    }
+        memset(&pktio_cfg,0,sizeof(PKTIO_CFG_T));
 
+        sprintf(&name[0],"%s%d","offload_", index);
+        pktio_cfg.qnum = globalDB.qNum[index];
+        pktio_cfg.flags1 = PKTIO_RX;
+        pktio_cfg.flags2 = PKTIO_GLOBAL | PKTIO_PKT;
+        pktio_cfg.max_n = 8;
+
+        globalDB.pktio_channel[index] = netapi_pktioCreate(netapi_handle,
+                                                   &name[0],
+                                                   (PKTIO_CB)recv_cb,
+                                                   &pktio_cfg,
+                                                   &error);
+        if (!globalDB.pktio_channel[index])
+        {
+            ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
+                "create_pktio_channel: failed\n");
+            return -1;
+        }
+        else
+        {
+            ipsecmgr_syslog_msg (SYSLOG_LEVEL_INFO,
+            "created pktio channel for queue :0x%x\n", globalDB.qNum[index]);
+        }
     return 0;
 }
 /**
@@ -731,49 +770,115 @@ int create_pktio_channel()
 int32_t main (int argc, char* argv[])
 {
     int32_t             retVal;
+    int i, iface;
+    char* pTok = NULL;
+    int ip_entry_count = 0;
+    struct ifaddrs *ifaddr, *ifa;
+           int family, s;
+           char host[NI_MAXHOST];
+           char sa_data[14];
     ipsecmgr_syslog_init();
 
     memset(&globalDB, 0, sizeof(globalDB));
-
+    memset(&ipConfigList, 0, sizeof(ipConfigList));
     /* create netapi */
     netapi_handle = netapi_init(NETAPI_SYS_MASTER, &our_netapi_default_cfg);
 
     if(netapi_handle == NULL)
     {
         ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR, "ERROR: netapi_init failed\n");
-        printf("main: netapi_init failed\n");
         return -1;
     }
     else
         netapi_netcpCfgExceptions(netapi_handle, NETCP_CFG_ALL_EXCEPTIONS, NETCP_CFG_ACTION_DISCARD, (NETCP_CFG_ROUTE_HANDLE_T) NULL);
 
-        printf("main: netapi_init passed\n");
+    ipsecmgr_syslog_msg (SYSLOG_LEVEL_INFO, "ERROR: netapi_init failed\n");
 
-    if (get_kernel_config())
-    {
-        ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
-                            "ERROR: main: get_kernel_config() failed\n");
-        return -1;
-    }
 
-        if (create_pktio_channel())
+    for (i = 0; i < 16; i++)
     {
-        ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
-                            "ERROR: main: create_pktio_channel() failed\n");
-        return -1;
+        if (get_kernel_config(i))
+        {
+            ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
+                                "ERROR: main: get_kernel_config() failed\n");
+            continue;
+        }
+        else
+        {
+            /* create pktio channel */
+            if(create_pktio_channel(i))
+            {
+                ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
+                                "ERROR: main: pktio channel creation failed\n");
+            }
+        }
     }
-
-#if 1
     /* Read and parse command line options */
     if (parse_cmd_line_args (argc, argv) < 0)
     {
         printf ("Usage format: netfpproxy.out [-f <log_file>]\n");
         return -1;
     }
-#endif
     printf("main: calling daemonize\n");
+
     /* Create the proxy daemon. */
-    daemonize (LOCK_FILE);
+    //daemonize (LOCK_FILE);
+
+    if (getifaddrs(&ifaddr) == -1)
+    {
+        ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
+                                "main: getifaddrs failure\n");
+        return -1;
+    }
+
+    for (ifa = ifaddr; ifa != NULL; ifa = ifa->ifa_next)
+    {
+        if (ifa->ifa_addr == NULL)
+            continue;
+
+        family = ifa->ifa_addr->sa_family;
+
+        if (family == AF_INET)
+        {
+            s = getnameinfo(ifa->ifa_addr,sizeof(struct sockaddr_in),
+                            host,
+                            NI_MAXHOST,
+                            NULL,
+                            0,
+                            NI_NUMERICHOST); 
+            if (s != 0)
+            {
+                ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
+                    "getnameinfo() failed: %s\n", gai_strerror(s));
+                    continue;
+            }
+            for (i=0;i<4;i++)
+            {
+                ipConfigList[ip_entry_count].ip[i] = ifa->ifa_addr->sa_data[i+2];
+            }
+            memcpy(&ipConfigList[ip_entry_count].name[0],
+                    ifa->ifa_name,
+                    strlen(ifa->ifa_name));
+            pTok = strtok(ifa->ifa_name, ":.");
+            /* now we have the interface name, is this eth0 or eth1 */
+            if (pTok)
+            {
+                if(strstr(pTok,"eth"))
+                {
+                    sscanf(pTok,"eth%d", &iface);
+                    ipConfigList[ip_entry_count].iface = iface;
+                }
+                else
+                {
+                    ipConfigList[ip_entry_count].iface = -1;
+                }
+                ip_entry_count++;
+            }
+        }
+    }
+
+    if (ifaddr)
+        freeifaddrs(ifaddr);
 
     /* Initialize and start the IPSec Mgr Snoop functionality */
     if ((retVal = init_ipsecmgr ()) < 0)
@@ -784,6 +889,7 @@ int32_t main (int argc, char* argv[])
         return -1;
     }
     else
-        printf("main: ipsecmgr daemon shutdonw complete\n");
+        ipsecmgr_syslog_msg (SYSLOG_LEVEL_INFO,
+                             "main: ipsecmgr daemon shutdonw complete\n");
 
 }
index 7ade54d30d36512b94e6c8a0ecdc322e91116da4..c2ffbcedd181191eb66eb54623cc93fe1e0062a3 100755 (executable)
 
 extern ipsecMgrMcb_t globalDB;
 extern NETAPI_T netapi_handle;
+extern ipsecMgrIfConfigEntry_T ipConfigList[];
 
 
+
+int compareIPAddr(unsigned char* ip1, unsigned char* ip2, int ip_type)
+{
+    int found = 1;
+    int i;
+    for (i = 0; i<4; i++)
+    {
+        if (ip1[i] != ip2[i])
+        {
+        found = 0;
+        break;
+        }
+    
+    }
+    return found;
+}
 /**************************************************************************
  * FUNCTION PURPOSE:  Internal function to find a free slot to store APPID
  *                    in list
@@ -107,6 +124,7 @@ int netapilib_ifAddSA
     ipsecmgr_fp_handle_t        *sa_handle
 )
 {
+    int i;
     uint8_t                 auth_key[36];
     uint8_t                 encr_key[36];
     int error, index,slot;
@@ -117,8 +135,8 @@ int netapilib_ifAddSA
     NETCP_CFG_ROUTE_T  route;
     NETCP_CFG_FLOW_T flow;
     NETCP_CFG_SA_HANDLE_T pSaHandle;
-
-
+    char* pTok = NULL;
+    int iface;
     ipsecmgr_syslog_msg (SYSLOG_LEVEL_INFO, 
                 "netapilib_ifAddSA:, DEBUG: Translating SA\n");
 
@@ -127,10 +145,6 @@ int netapilib_ifAddSA
     memset((void *)&route, 0, sizeof (NETCP_CFG_ROUTE_T));
     memset((void *)&flow, 0, sizeof (NETCP_CFG_FLOW_T));
 
-    flow.dma_engine= 1;
-    flow.flowid = globalDB.flowId;
-    route.p_flow = &flow;
-    route.p_dest_q = globalDB.pktio_channel;
 
 
     /* Initialize the SA Config structure. */
@@ -176,6 +190,35 @@ int netapilib_ifAddSA
             return -1;
         }
         saInfo.dir = NWAL_SA_DIR_INBOUND;
+        /* need to check which interface this SA will be attached to */
+        for (i=0;i<16;i++)
+        {
+            /* get interface for destination ip address */
+            if (compareIPAddr(&ipConfigList[i].ip[0], 
+                              &saInfo.dst.ipv4[0],
+                              saInfo.ipType))
+            {
+                printf("netapiplib_ifAddSA: match found, interface: %s\n",
+                    ipConfigList[i].name);
+                
+                pTok = strtok(ipConfigList[i].name, ":.");
+                /* now we have the interface name, is this eth0 or eth1 */
+                if (pTok)
+                printf("netapiplib_ifAddSA: match found,after strtok interface: %s\n",
+                    pTok);
+                /* now we have eth0 or eth1, now find the i/f number */
+                sscanf(pTok,"eth%d", &iface);
+                
+                globalDB.rx_sa[slot].iface = iface;
+                flow.dma_engine= 1;
+                flow.flowid = globalDB.flowId[iface];
+                route.p_flow = &flow;
+                route.p_dest_q = globalDB.pktio_channel[iface];
+                break;
+                
+            }
+        }
+        
     }
     else if (sa_info->dir == DIR_OUTBOUND)
     {
@@ -310,7 +353,6 @@ int netapilib_ifAddSA
         if (error == NETAPI_ERR_OK)
         {
             *sa_handle = globalDB.tx_sa[slot].saAppId;
-            printf("netapilib_ifAddSA: using slot: %d\n", slot);
 #if 0
              netapi_secGetChanHandles(netapi_handle,
                           saAppIdOut,
@@ -437,15 +479,17 @@ int32_t netapilib_ifAddSP
     if (slot == -1)
     {
         ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR, 
-            "netapilib_ifAddSA:, Too many OUTBOUND SAs already offloaded\n");
+            "netapilib_ifAddSA:, SA app_id not found\n");
         return -1;
     }
 
-    
+
+
     flow.dma_engine= 1;
-    flow.flowid = globalDB.flowId;
+    flow.flowid = globalDB.flowId[globalDB.rx_sa[slot].iface];
     route.p_flow = &flow;
-    route.p_dest_q = globalDB.pktio_channel;
+    route.p_dest_q = globalDB.pktio_channel[globalDB.rx_sa[slot].iface];
+
 
     /* Get the IP protocol version. */
     if (af == IPSECMGR_AF_IPV4)
@@ -584,7 +628,7 @@ int netapilib_ifGetSACtx
     hw_ctx->flow_id = info.rxSaPaFlowId;
 
     ipsecmgr_syslog_msg (SYSLOG_LEVEL_INFO,
-            "netapilib_ifGetSACtx: rxPaSaFlowId: 0x%x, rxSaPaFlowId: 0x%x\n", 
+            "netapilib_ifGetSACtx: rxPaSaflowId: 0x%x, rxSaPaflowId: 0x%x\n",
             info.rxPaSaFlowId,
             info.rxSaPaFlowId);
     ipsecmgr_syslog_msg (SYSLOG_LEVEL_INFO,
index 4d24790724fad219753ae8d631f9418fb17ab05a..46aaf173ea8b4216139309b5ba457259f5d8d784 100755 (executable)
@@ -36,6 +36,7 @@
 #define __FPLIB_INTERFACE_H__
 
 #include "ti/runtime/netapi/netapi.h"
+#include <netdb.h>
 
 
 /* Container for applicaion ID's for offloaded SA's */
@@ -43,12 +44,14 @@ typedef struct {
     int         in_use;
     uint32_t    saAppId;
     uint32_t    spAppId;
+    int         iface;
 } ipsecMgrAppId_T;
 
 typedef struct {
-    int                 flowId;
-    PKTIO_HANDLE_T*     pktio_channel;
-    int                 qNum;
+    int                 flowId[16];
+    int                 qNum[16];
+    PKTIO_HANDLE_T*     pktio_channel[16];
+
     /* list to store offloaded RX SA appIds and RX Policies */
     ipsecMgrAppId_T rx_sa[64];
     /* list to store offloaded TX SA appIds */
@@ -56,6 +59,12 @@ typedef struct {
 } ipsecMgrMcb_t;
 
 
+/* Container for applicaion ID's for offloaded SA's */
+typedef struct {
+    char    name[NI_MAXHOST];
+    char    ip[4];
+    int     iface;
+} ipsecMgrIfConfigEntry_T;