summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 37e9920)
raw | patch | inline | side by side (parent: 37e9920)
author | Tinku Mannan <tmannan@ti.com> | |
Sat, 20 Jul 2013 12:16:53 +0000 (08:16 -0400) | ||
committer | Tinku Mannan <tmannan@ti.com> | |
Sat, 20 Jul 2013 12:16:53 +0000 (08:16 -0400) |
diff --git a/ti/runtime/netapi/applications/ipsec_offload/ipsecmgr/src/netapi_ipsecmgr.c b/ti/runtime/netapi/applications/ipsec_offload/ipsecmgr/src/netapi_ipsecmgr.c
index dd0d2022da5140e9b78948aa52ff74a54bbb86dc..c6995d53da2bd44fb8e4ae5a20858bd3d4319e10 100755 (executable)
#include <stdlib.h>
#include <signal.h>
#include <stdarg.h>
+
+
+
+#include <arpa/inet.h>
+#include <sys/socket.h>
+#include <ifaddrs.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+#include <sys/types.h>
+#include <netinet/in.h>
+#include <string.h>
+
/**********************************************************************
************************** Local Definitions *************************
**********************************************************************/
-#define DTS_LOG_FILE_QUEUE "/proc/device-tree/soc/pktdma@2004000/channels/netrx0/complete-queue"
-#define DTS_LOG_FILE_FLOW "/proc/device-tree/soc/pktdma@2004000/channels/netrx0/flow"
-
+char* DTS_LOG_FILE_QUEUE_ETHx[] = {
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx0/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx1/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx2/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx3/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx4/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx5/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx6/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx7/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx8/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx9/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx10/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx11/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx12/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx13/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx14/complete-queue",
+ "/proc/device-tree/soc/pktdma@2004000/channels/netrx15/complete-queue"
+};
+char* DTS_LOG_FILE_FLOW_ETHx[] = {
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx0/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx1/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx2/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx3/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx4/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx5/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx6/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx7/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx8/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx9/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx10/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx11/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx12/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx13/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx14/flow",
+"/proc/device-tree/soc/pktdma@2004000/channels/netrx15/flow",
+};
/**********************************************************************
************************** Global Variables **************************
//paSysStats_t netcp_stats;
ipsecMgrMcb_t globalDB;
+ipsecMgrIfConfigEntry_T ipConfigList[16];
/* Lock file for the daemon */
#define LOCK_FILE "/var/lock/ipsecmgr_daemon"
};
+
+
static int QUIT = 0;
/* stub functions */
if (QUIT == 1)
break;
}
- printf("snoop_run_thread: calling shutdowns\n");
+ printf("snoop_run_thread: calling shutdown\n");
ipsecmgr_snoop_shutdown ();
cleanup_sa_sp();
netapi_shutdown(netapi_handle);
*/
static void sig_term_handler(int signum)
{
-
QUIT = 1;
- /* Cleanup and exit */
- //ipsecmgr_snoop_shutdown ();
- //netapi_shutdown(netapi_handle);
- //exit (0);
}
/**
/* Log file name */
if (i+1 >= argc || argv[i+1] == NULL)
return -1;
-
-#if 0
- /* Close the default log file if we opened it already */
- if (netapiIPSecMgrMcb.logFd)
- fclose (netapiIPSecMgrMcb.logFd);
-
- /* Open the log file specified at command line */
- if ((netapiIPSecMgrMcb.logFd = fopen(argv[i+1], "a")) == NULL)
- {
- printf ("Error opening log file %s\n", argv[i+1]);
- return -1;
- }
-#endif
i++;
}
-
else
{
- /* Invalid options */
+ /* Invalid options */
return -1;
}
}
-
/* Success */
return 0;
}
-int get_kernel_config()
+int get_kernel_config(int index)
{
uint32_t temp=0;
- char name[] = "offload_chan";
FILE *pDts = NULL;
- pDts = fopen(DTS_LOG_FILE_QUEUE, "rb");
+ pDts = fopen(DTS_LOG_FILE_QUEUE_ETHx[index], "rb");
if(pDts)
{
fread((void*)&temp, sizeof(uint32_t), 1, pDts);
- globalDB.qNum= (int)swap32(temp);
+ globalDB.qNum[index]= (int)swap32(temp);
fclose(pDts);
}
else
{
ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
- "main: error opening device tree file: %s\n",DTS_LOG_FILE_QUEUE);
+ "main: error opening device tree file: %s\n",DTS_LOG_FILE_QUEUE_ETHx[index]);
return -1;
}
pDts = NULL;
- pDts = fopen(DTS_LOG_FILE_FLOW, "rb");
+ pDts = fopen(DTS_LOG_FILE_FLOW_ETHx[index], "rb");
if(pDts)
{
fread((void*)&temp, sizeof(uint32_t), 1, pDts);
- globalDB.flowId = (int)swap32(temp);
+ globalDB.flowId[index] = (int)swap32(temp);
fclose(pDts);
}
else
{
- printf("main: error opening %s\n",DTS_LOG_FILE_FLOW);
+ ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
+ "main: error opening device tree file: %s\n",DTS_LOG_FILE_FLOW_ETHx[index]);
return -1;
}
-
+ ipsecmgr_syslog_msg (SYSLOG_LEVEL_INFO,
+ "get_kernel_config(%d): flow: 0x%x, qNum: 0x%x\n",
+ index, globalDB.flowId[index], globalDB.qNum[index]);
return 0;
}
-int create_pktio_channel()
+int create_pktio_channel(int index)
{
int error = 0;
- char name[] = "offload_chan";
+ char name[19];
PKTIO_HANDLE_T *pktio_channel;
PKTIO_CFG_T pktio_cfg;
- pktio_cfg.qnum = globalDB.qNum;
- pktio_cfg.flags1 = PKTIO_RX;
- pktio_cfg.flags2 = PKTIO_GLOBAL | PKTIO_PKT;
- pktio_cfg.max_n = 8;
-
- globalDB.pktio_channel = netapi_pktioCreate(netapi_handle,
- &name[0],
- (PKTIO_CB)recv_cb,
- &pktio_cfg,
- &error);
- if (!globalDB.pktio_channel)
- {
- ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
- "create_pktio_channel: failed\n");
- return -1;
- }
+ memset(&pktio_cfg,0,sizeof(PKTIO_CFG_T));
+ sprintf(&name[0],"%s%d","offload_", index);
+ pktio_cfg.qnum = globalDB.qNum[index];
+ pktio_cfg.flags1 = PKTIO_RX;
+ pktio_cfg.flags2 = PKTIO_GLOBAL | PKTIO_PKT;
+ pktio_cfg.max_n = 8;
+
+ globalDB.pktio_channel[index] = netapi_pktioCreate(netapi_handle,
+ &name[0],
+ (PKTIO_CB)recv_cb,
+ &pktio_cfg,
+ &error);
+ if (!globalDB.pktio_channel[index])
+ {
+ ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
+ "create_pktio_channel: failed\n");
+ return -1;
+ }
+ else
+ {
+ ipsecmgr_syslog_msg (SYSLOG_LEVEL_INFO,
+ "created pktio channel for queue :0x%x\n", globalDB.qNum[index]);
+ }
return 0;
}
/**
int32_t main (int argc, char* argv[])
{
int32_t retVal;
+ int i, iface;
+ char* pTok = NULL;
+ int ip_entry_count = 0;
+ struct ifaddrs *ifaddr, *ifa;
+ int family, s;
+ char host[NI_MAXHOST];
+ char sa_data[14];
ipsecmgr_syslog_init();
memset(&globalDB, 0, sizeof(globalDB));
-
+ memset(&ipConfigList, 0, sizeof(ipConfigList));
/* create netapi */
netapi_handle = netapi_init(NETAPI_SYS_MASTER, &our_netapi_default_cfg);
if(netapi_handle == NULL)
{
ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR, "ERROR: netapi_init failed\n");
- printf("main: netapi_init failed\n");
return -1;
}
else
netapi_netcpCfgExceptions(netapi_handle, NETCP_CFG_ALL_EXCEPTIONS, NETCP_CFG_ACTION_DISCARD, (NETCP_CFG_ROUTE_HANDLE_T) NULL);
- printf("main: netapi_init passed\n");
+ ipsecmgr_syslog_msg (SYSLOG_LEVEL_INFO, "ERROR: netapi_init failed\n");
- if (get_kernel_config())
- {
- ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
- "ERROR: main: get_kernel_config() failed\n");
- return -1;
- }
- if (create_pktio_channel())
+ for (i = 0; i < 16; i++)
{
- ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
- "ERROR: main: create_pktio_channel() failed\n");
- return -1;
+ if (get_kernel_config(i))
+ {
+ ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
+ "ERROR: main: get_kernel_config() failed\n");
+ continue;
+ }
+ else
+ {
+ /* create pktio channel */
+ if(create_pktio_channel(i))
+ {
+ ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
+ "ERROR: main: pktio channel creation failed\n");
+ }
+ }
}
-
-#if 1
/* Read and parse command line options */
if (parse_cmd_line_args (argc, argv) < 0)
{
printf ("Usage format: netfpproxy.out [-f <log_file>]\n");
return -1;
}
-#endif
printf("main: calling daemonize\n");
+
/* Create the proxy daemon. */
- daemonize (LOCK_FILE);
+ //daemonize (LOCK_FILE);
+
+ if (getifaddrs(&ifaddr) == -1)
+ {
+ ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
+ "main: getifaddrs failure\n");
+ return -1;
+ }
+
+ for (ifa = ifaddr; ifa != NULL; ifa = ifa->ifa_next)
+ {
+ if (ifa->ifa_addr == NULL)
+ continue;
+
+ family = ifa->ifa_addr->sa_family;
+
+ if (family == AF_INET)
+ {
+ s = getnameinfo(ifa->ifa_addr,sizeof(struct sockaddr_in),
+ host,
+ NI_MAXHOST,
+ NULL,
+ 0,
+ NI_NUMERICHOST);
+ if (s != 0)
+ {
+ ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
+ "getnameinfo() failed: %s\n", gai_strerror(s));
+ continue;
+ }
+ for (i=0;i<4;i++)
+ {
+ ipConfigList[ip_entry_count].ip[i] = ifa->ifa_addr->sa_data[i+2];
+ }
+ memcpy(&ipConfigList[ip_entry_count].name[0],
+ ifa->ifa_name,
+ strlen(ifa->ifa_name));
+ pTok = strtok(ifa->ifa_name, ":.");
+ /* now we have the interface name, is this eth0 or eth1 */
+ if (pTok)
+ {
+ if(strstr(pTok,"eth"))
+ {
+ sscanf(pTok,"eth%d", &iface);
+ ipConfigList[ip_entry_count].iface = iface;
+ }
+ else
+ {
+ ipConfigList[ip_entry_count].iface = -1;
+ }
+ ip_entry_count++;
+ }
+ }
+ }
+
+ if (ifaddr)
+ freeifaddrs(ifaddr);
/* Initialize and start the IPSec Mgr Snoop functionality */
if ((retVal = init_ipsecmgr ()) < 0)
return -1;
}
else
- printf("main: ipsecmgr daemon shutdonw complete\n");
+ ipsecmgr_syslog_msg (SYSLOG_LEVEL_INFO,
+ "main: ipsecmgr daemon shutdonw complete\n");
}
diff --git a/ti/runtime/netapi/applications/ipsec_offload/ipsecmgr/src/netapilib_interface.c b/ti/runtime/netapi/applications/ipsec_offload/ipsecmgr/src/netapilib_interface.c
index 7ade54d30d36512b94e6c8a0ecdc322e91116da4..c2ffbcedd181191eb66eb54623cc93fe1e0062a3 100755 (executable)
extern ipsecMgrMcb_t globalDB;
extern NETAPI_T netapi_handle;
+extern ipsecMgrIfConfigEntry_T ipConfigList[];
+
+int compareIPAddr(unsigned char* ip1, unsigned char* ip2, int ip_type)
+{
+ int found = 1;
+ int i;
+ for (i = 0; i<4; i++)
+ {
+ if (ip1[i] != ip2[i])
+ {
+ found = 0;
+ break;
+ }
+
+ }
+ return found;
+}
/**************************************************************************
* FUNCTION PURPOSE: Internal function to find a free slot to store APPID
* in list
ipsecmgr_fp_handle_t *sa_handle
)
{
+ int i;
uint8_t auth_key[36];
uint8_t encr_key[36];
int error, index,slot;
NETCP_CFG_ROUTE_T route;
NETCP_CFG_FLOW_T flow;
NETCP_CFG_SA_HANDLE_T pSaHandle;
-
-
+ char* pTok = NULL;
+ int iface;
ipsecmgr_syslog_msg (SYSLOG_LEVEL_INFO,
"netapilib_ifAddSA:, DEBUG: Translating SA\n");
memset((void *)&route, 0, sizeof (NETCP_CFG_ROUTE_T));
memset((void *)&flow, 0, sizeof (NETCP_CFG_FLOW_T));
- flow.dma_engine= 1;
- flow.flowid = globalDB.flowId;
- route.p_flow = &flow;
- route.p_dest_q = globalDB.pktio_channel;
/* Initialize the SA Config structure. */
return -1;
}
saInfo.dir = NWAL_SA_DIR_INBOUND;
+ /* need to check which interface this SA will be attached to */
+ for (i=0;i<16;i++)
+ {
+ /* get interface for destination ip address */
+ if (compareIPAddr(&ipConfigList[i].ip[0],
+ &saInfo.dst.ipv4[0],
+ saInfo.ipType))
+ {
+ printf("netapiplib_ifAddSA: match found, interface: %s\n",
+ ipConfigList[i].name);
+
+ pTok = strtok(ipConfigList[i].name, ":.");
+ /* now we have the interface name, is this eth0 or eth1 */
+ if (pTok)
+ printf("netapiplib_ifAddSA: match found,after strtok interface: %s\n",
+ pTok);
+ /* now we have eth0 or eth1, now find the i/f number */
+ sscanf(pTok,"eth%d", &iface);
+
+ globalDB.rx_sa[slot].iface = iface;
+ flow.dma_engine= 1;
+ flow.flowid = globalDB.flowId[iface];
+ route.p_flow = &flow;
+ route.p_dest_q = globalDB.pktio_channel[iface];
+ break;
+
+ }
+ }
+
}
else if (sa_info->dir == DIR_OUTBOUND)
{
if (error == NETAPI_ERR_OK)
{
*sa_handle = globalDB.tx_sa[slot].saAppId;
- printf("netapilib_ifAddSA: using slot: %d\n", slot);
#if 0
netapi_secGetChanHandles(netapi_handle,
saAppIdOut,
if (slot == -1)
{
ipsecmgr_syslog_msg (SYSLOG_LEVEL_ERROR,
- "netapilib_ifAddSA:, Too many OUTBOUND SAs already offloaded\n");
+ "netapilib_ifAddSA:, SA app_id not found\n");
return -1;
}
-
+
+
flow.dma_engine= 1;
- flow.flowid = globalDB.flowId;
+ flow.flowid = globalDB.flowId[globalDB.rx_sa[slot].iface];
route.p_flow = &flow;
- route.p_dest_q = globalDB.pktio_channel;
+ route.p_dest_q = globalDB.pktio_channel[globalDB.rx_sa[slot].iface];
+
/* Get the IP protocol version. */
if (af == IPSECMGR_AF_IPV4)
hw_ctx->flow_id = info.rxSaPaFlowId;
ipsecmgr_syslog_msg (SYSLOG_LEVEL_INFO,
- "netapilib_ifGetSACtx: rxPaSaFlowId: 0x%x, rxSaPaFlowId: 0x%x\n",
+ "netapilib_ifGetSACtx: rxPaSaflowId: 0x%x, rxSaPaflowId: 0x%x\n",
info.rxPaSaFlowId,
info.rxSaPaFlowId);
ipsecmgr_syslog_msg (SYSLOG_LEVEL_INFO,
diff --git a/ti/runtime/netapi/applications/ipsec_offload/ipsecmgr/src/netapilib_interface.h b/ti/runtime/netapi/applications/ipsec_offload/ipsecmgr/src/netapilib_interface.h
index 4d24790724fad219753ae8d631f9418fb17ab05a..46aaf173ea8b4216139309b5ba457259f5d8d784 100755 (executable)
#define __FPLIB_INTERFACE_H__
#include "ti/runtime/netapi/netapi.h"
+#include <netdb.h>
/* Container for applicaion ID's for offloaded SA's */
int in_use;
uint32_t saAppId;
uint32_t spAppId;
+ int iface;
} ipsecMgrAppId_T;
typedef struct {
- int flowId;
- PKTIO_HANDLE_T* pktio_channel;
- int qNum;
+ int flowId[16];
+ int qNum[16];
+ PKTIO_HANDLE_T* pktio_channel[16];
+
/* list to store offloaded RX SA appIds and RX Policies */
ipsecMgrAppId_T rx_sa[64];
/* list to store offloaded TX SA appIds */
} ipsecMgrMcb_t;
+/* Container for applicaion ID's for offloaded SA's */
+typedef struct {
+ char name[NI_MAXHOST];
+ char ip[4];
+ int iface;
+} ipsecMgrIfConfigEntry_T;