#define __IPSEC_SPD_SA_H__
#include <vlib/vlib.h>
+#include <vnet/crypto/crypto.h>
#include <vnet/ip/ip.h>
#include <vnet/fib/fib_node.h>
vnet_crypto_key_index_t crypto_key_index;
vnet_crypto_key_index_t integ_key_index;
- vnet_crypto_op_id_t crypto_enc_op_id:16;
- vnet_crypto_op_id_t crypto_dec_op_id:16;
- vnet_crypto_op_id_t integ_op_id:16;
+
+ /* Union data shared by sync and async ops, updated when mode is
+ * changed. */
+ union
+ {
+ struct
+ {
+ vnet_crypto_op_id_t crypto_enc_op_id:16;
+ vnet_crypto_op_id_t crypto_dec_op_id:16;
+ vnet_crypto_op_id_t integ_op_id:16;
+ };
+
+ struct
+ {
+ vnet_crypto_async_op_id_t crypto_async_enc_op_id:16;
+ vnet_crypto_async_op_id_t crypto_async_dec_op_id:16;
+ vnet_crypto_key_index_t linked_key_index;
+ };
+
+ u64 crypto_op_data;
+ };
/* data accessed by dataplane code should be above this comment */
CLIB_CACHE_LINE_ALIGN_MARK (cacheline1);
/* Salt used in GCM modes - stored in network byte order */
u32 salt;
u64 gcm_iv_counter;
+
+ union
+ {
+ struct
+ {
+ vnet_crypto_op_id_t crypto_enc_op_id:16;
+ vnet_crypto_op_id_t crypto_dec_op_id:16;
+ vnet_crypto_op_id_t integ_op_id:16;
+ };
+ u64 data;
+ } sync_op_data;
+
+ union
+ {
+ struct
+ {
+ vnet_crypto_async_op_id_t crypto_async_enc_op_id:16;
+ vnet_crypto_async_op_id_t crypto_async_dec_op_id:16;
+ vnet_crypto_key_index_t linked_key_index;
+ };
+ u64 data;
+ } async_op_data;
} ipsec_sa_t;
STATIC_ASSERT_OFFSET_OF (ipsec_sa_t, cacheline1, CLIB_CACHE_LINE_BYTES);
u32 salt,
const ip46_address_t * tunnel_src_addr,
const ip46_address_t * tunnel_dst_addr,
- u32 * sa_index);
+ u32 * sa_index, u16 src_port, u16 dst_port);
extern index_t ipsec_sa_find_and_lock (u32 id);
extern int ipsec_sa_unlock_id (u32 id);
extern void ipsec_sa_unlock (index_t sai);
va_list * args);
extern uword unformat_ipsec_key (unformat_input_t * input, va_list * args);
+#define IPSEC_UDP_PORT_NONE ((u16)~0)
+
/*
* Anti Replay definitions
*/
Code Review / vpp.git / blobdiff