2 * esp_encrypt.c : IPSec ESP encrypt node
4 * Copyright (c) 2015 Cisco and/or its affiliates.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
18 #include <vnet/vnet.h>
19 #include <vnet/api_errno.h>
20 #include <vnet/ip/ip.h>
22 #include <vnet/crypto/crypto.h>
24 #include <vnet/ipsec/ipsec.h>
25 #include <vnet/ipsec/ipsec_tun.h>
26 #include <vnet/ipsec/esp.h>
28 #define foreach_esp_encrypt_next \
29 _(DROP4, "ip4-drop") \
30 _(DROP6, "ip6-drop") \
31 _(HANDOFF4, "handoff4") \
32 _(HANDOFF6, "handoff6") \
33 _(INTERFACE_OUTPUT, "interface-output")
35 #define _(v, s) ESP_ENCRYPT_NEXT_##v,
38 foreach_esp_encrypt_next
43 #define foreach_esp_encrypt_error \
44 _(RX_PKTS, "ESP pkts received") \
45 _(POST_RX_PKTS, "ESP-post pkts received") \
46 _(SEQ_CYCLED, "sequence number cycled (packet dropped)") \
47 _(CRYPTO_ENGINE_ERROR, "crypto engine error (packet dropped)") \
48 _(CRYPTO_QUEUE_FULL, "crypto queue full (packet dropped)") \
49 _(NO_BUFFERS, "no buffers (packet dropped)") \
53 #define _(sym,str) ESP_ENCRYPT_ERROR_##sym,
54 foreach_esp_encrypt_error
57 } esp_encrypt_error_t;
59 static char *esp_encrypt_error_strings[] = {
60 #define _(sym,string) string,
61 foreach_esp_encrypt_error
72 ipsec_crypto_alg_t crypto_alg;
73 ipsec_integ_alg_t integ_alg;
74 } esp_encrypt_trace_t;
79 } esp_encrypt_post_trace_t;
81 /* packet trace format function */
83 format_esp_encrypt_trace (u8 * s, va_list * args)
85 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
86 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
87 esp_encrypt_trace_t *t = va_arg (*args, esp_encrypt_trace_t *);
91 "esp: sa-index %d spi %u (0x%08x) seq %u sa-seq-hi %u crypto %U integrity %U%s",
92 t->sa_index, t->spi, t->spi, t->seq, t->sa_seq_hi,
93 format_ipsec_crypto_alg,
94 t->crypto_alg, format_ipsec_integ_alg, t->integ_alg,
95 t->udp_encap ? " udp-encap-enabled" : "");
100 format_esp_post_encrypt_trace (u8 * s, va_list * args)
102 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
103 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
104 esp_encrypt_post_trace_t *t = va_arg (*args, esp_encrypt_post_trace_t *);
106 s = format (s, "esp-post: next node index %u", t->next_index);
110 /* pad packet in input buffer */
111 static_always_inline u8 *
112 esp_add_footer_and_icv (vlib_main_t * vm, vlib_buffer_t ** last,
113 u8 esp_align, u8 icv_sz,
114 u16 * next, vlib_node_runtime_t * node,
115 u16 buffer_data_size, uword total_len)
117 static const u8 pad_data[ESP_MAX_BLOCK_SIZE] = {
118 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
119 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x00,
122 u16 min_length = total_len + sizeof (esp_footer_t);
123 u16 new_length = round_pow2 (min_length, esp_align);
124 u8 pad_bytes = new_length - min_length;
125 esp_footer_t *f = (esp_footer_t *) (vlib_buffer_get_current (last[0]) +
126 last[0]->current_length + pad_bytes);
127 u16 tail_sz = sizeof (esp_footer_t) + pad_bytes + icv_sz;
129 if (last[0]->current_length + tail_sz > buffer_data_size)
132 if (vlib_buffer_alloc (vm, &tmp_bi, 1) != 1)
135 vlib_buffer_t *tmp = vlib_get_buffer (vm, tmp_bi);
136 last[0]->next_buffer = tmp_bi;
137 last[0]->flags |= VLIB_BUFFER_NEXT_PRESENT;
138 f = (esp_footer_t *) (vlib_buffer_get_current (tmp) + pad_bytes);
139 tmp->current_length += tail_sz;
143 last[0]->current_length += tail_sz;
145 f->pad_length = pad_bytes;
148 ASSERT (pad_bytes <= ESP_MAX_BLOCK_SIZE);
149 pad_bytes = clib_min (ESP_MAX_BLOCK_SIZE, pad_bytes);
150 clib_memcpy_fast ((u8 *) f - pad_bytes, pad_data, pad_bytes);
153 return &f->next_header;
156 static_always_inline void
157 esp_update_ip4_hdr (ip4_header_t * ip4, u16 len, int is_transport, int is_udp)
162 len = clib_net_to_host_u16 (len);
163 old_len = ip4->length;
167 u8 prot = is_udp ? IP_PROTOCOL_UDP : IP_PROTOCOL_IPSEC_ESP;
169 sum = ip_csum_update (ip4->checksum, ip4->protocol,
170 prot, ip4_header_t, protocol);
171 ip4->protocol = prot;
173 sum = ip_csum_update (sum, old_len, len, ip4_header_t, length);
176 sum = ip_csum_update (ip4->checksum, old_len, len, ip4_header_t, length);
179 ip4->checksum = ip_csum_fold (sum);
182 static_always_inline void
183 esp_fill_udp_hdr (ipsec_sa_t * sa, udp_header_t * udp, u16 len)
185 clib_memcpy_fast (udp, &sa->udp_hdr, sizeof (udp_header_t));
186 udp->length = clib_net_to_host_u16 (len);
189 static_always_inline u8
190 ext_hdr_is_pre_esp (u8 nexthdr)
192 #ifdef CLIB_HAVE_VEC128
193 static const u8x16 ext_hdr_types = {
194 IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS,
195 IP_PROTOCOL_IPV6_ROUTE,
196 IP_PROTOCOL_IPV6_FRAGMENTATION,
199 return !u8x16_is_all_zero (ext_hdr_types == u8x16_splat (nexthdr));
201 return ((nexthdr ^ IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS) |
202 (nexthdr ^ IP_PROTOCOL_IPV6_ROUTE) |
203 (nexthdr ^ IP_PROTOCOL_IPV6_FRAGMENTATION) != 0);
207 static_always_inline u8
208 esp_get_ip6_hdr_len (ip6_header_t * ip6, ip6_ext_header_t ** ext_hdr)
210 /* this code assumes that HbH, route and frag headers will be before
211 others, if that is not the case, they will end up encrypted */
212 u8 len = sizeof (ip6_header_t);
215 /* if next packet doesn't have ext header */
216 if (ext_hdr_is_pre_esp (ip6->protocol) == 0)
222 p = (void *) (ip6 + 1);
223 len += ip6_ext_header_len (p);
225 while (ext_hdr_is_pre_esp (p->next_hdr))
227 len += ip6_ext_header_len (p);
228 p = ip6_ext_next_header (p);
235 static_always_inline void
236 esp_process_chained_ops (vlib_main_t * vm, vlib_node_runtime_t * node,
237 vnet_crypto_op_t * ops, vlib_buffer_t * b[],
238 u16 * nexts, vnet_crypto_op_chunk_t * chunks,
241 u32 n_fail, n_ops = vec_len (ops);
242 vnet_crypto_op_t *op = ops;
247 n_fail = n_ops - vnet_crypto_process_chained_ops (vm, op, chunks, n_ops);
251 ASSERT (op - ops < n_ops);
253 if (op->status != VNET_CRYPTO_OP_STATUS_COMPLETED)
255 u32 bi = op->user_data;
256 b[bi]->error = node->errors[ESP_ENCRYPT_ERROR_CRYPTO_ENGINE_ERROR];
257 nexts[bi] = drop_next;
264 static_always_inline void
265 esp_process_ops (vlib_main_t * vm, vlib_node_runtime_t * node,
266 vnet_crypto_op_t * ops, vlib_buffer_t * b[], u16 * nexts,
269 u32 n_fail, n_ops = vec_len (ops);
270 vnet_crypto_op_t *op = ops;
275 n_fail = n_ops - vnet_crypto_process_ops (vm, op, n_ops);
279 ASSERT (op - ops < n_ops);
281 if (op->status != VNET_CRYPTO_OP_STATUS_COMPLETED)
283 u32 bi = op->user_data;
284 b[bi]->error = node->errors[ESP_ENCRYPT_ERROR_CRYPTO_ENGINE_ERROR];
285 nexts[bi] = drop_next;
296 } __clib_packed esp_gcm_nonce_t;
298 STATIC_ASSERT_SIZEOF (esp_gcm_nonce_t, 12);
300 static_always_inline u32
301 esp_encrypt_chain_crypto (vlib_main_t * vm, ipsec_per_thread_data_t * ptd,
302 ipsec_sa_t * sa0, vlib_buffer_t * b,
303 vlib_buffer_t * lb, u8 icv_sz, u8 * start,
304 u32 start_len, u16 * n_ch)
306 vnet_crypto_op_chunk_t *ch;
307 vlib_buffer_t *cb = b;
310 vec_add2 (ptd->chunks, ch, 1);
311 total_len = ch->len = start_len;
312 ch->src = ch->dst = start;
313 cb = vlib_get_buffer (vm, cb->next_buffer);
317 vec_add2 (ptd->chunks, ch, 1);
320 total_len += ch->len = cb->current_length - icv_sz;
322 total_len += ch->len = cb->current_length;
323 ch->src = ch->dst = vlib_buffer_get_current (cb);
325 if (!(cb->flags & VLIB_BUFFER_NEXT_PRESENT))
328 cb = vlib_get_buffer (vm, cb->next_buffer);
337 static_always_inline u32
338 esp_encrypt_chain_integ (vlib_main_t * vm, ipsec_per_thread_data_t * ptd,
339 ipsec_sa_t * sa0, vlib_buffer_t * b,
340 vlib_buffer_t * lb, u8 icv_sz, u8 * start,
341 u32 start_len, u8 * digest, u16 * n_ch)
343 vnet_crypto_op_chunk_t *ch;
344 vlib_buffer_t *cb = b;
347 vec_add2 (ptd->chunks, ch, 1);
348 total_len = ch->len = start_len;
350 cb = vlib_get_buffer (vm, cb->next_buffer);
354 vec_add2 (ptd->chunks, ch, 1);
358 total_len += ch->len = cb->current_length - icv_sz;
359 if (ipsec_sa_is_set_USE_ESN (sa0))
361 u32 seq_hi = clib_net_to_host_u32 (sa0->seq_hi);
362 clib_memcpy_fast (digest, &seq_hi, sizeof (seq_hi));
363 ch->len += sizeof (seq_hi);
364 total_len += sizeof (seq_hi);
368 total_len += ch->len = cb->current_length;
369 ch->src = vlib_buffer_get_current (cb);
371 if (!(cb->flags & VLIB_BUFFER_NEXT_PRESENT))
374 cb = vlib_get_buffer (vm, cb->next_buffer);
384 esp_prepare_sync_op (vlib_main_t * vm, ipsec_per_thread_data_t * ptd,
385 vnet_crypto_op_t ** crypto_ops,
386 vnet_crypto_op_t ** integ_ops, ipsec_sa_t * sa0,
387 u8 * payload, u16 payload_len, u8 iv_sz, u8 icv_sz,
388 vlib_buffer_t ** bufs, vlib_buffer_t ** b,
389 vlib_buffer_t * lb, u32 hdr_len, esp_header_t * esp,
390 esp_gcm_nonce_t * nonce)
392 if (sa0->crypto_enc_op_id)
394 vnet_crypto_op_t *op;
395 vec_add2_aligned (crypto_ops[0], op, 1, CLIB_CACHE_LINE_BYTES);
396 vnet_crypto_op_init (op, sa0->crypto_enc_op_id);
398 op->src = op->dst = payload;
399 op->key_index = sa0->crypto_key_index;
400 op->len = payload_len - icv_sz;
401 op->user_data = b - bufs;
403 if (ipsec_sa_is_set_IS_AEAD (sa0))
406 * construct the AAD in a scratch space in front
409 op->aad = payload - hdr_len - sizeof (esp_aead_t);
410 op->aad_len = esp_aad_fill (op->aad, esp, sa0);
412 op->tag = payload + op->len;
415 u64 *iv = (u64 *) (payload - iv_sz);
416 nonce->salt = sa0->salt;
417 nonce->iv = *iv = clib_host_to_net_u64 (sa0->gcm_iv_counter++);
418 op->iv = (u8 *) nonce;
422 op->iv = payload - iv_sz;
423 op->flags = VNET_CRYPTO_OP_FLAG_INIT_IV;
429 op->flags |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS;
430 op->chunk_index = vec_len (ptd->chunks);
431 op->tag = vlib_buffer_get_tail (lb) - icv_sz;
432 esp_encrypt_chain_crypto (vm, ptd, sa0, b[0], lb, icv_sz, payload,
433 payload_len, &op->n_chunks);
437 if (sa0->integ_op_id)
439 vnet_crypto_op_t *op;
440 vec_add2_aligned (integ_ops[0], op, 1, CLIB_CACHE_LINE_BYTES);
441 vnet_crypto_op_init (op, sa0->integ_op_id);
442 op->src = payload - iv_sz - sizeof (esp_header_t);
443 op->digest = payload + payload_len - icv_sz;
444 op->key_index = sa0->integ_key_index;
445 op->digest_len = icv_sz;
446 op->len = payload_len - icv_sz + iv_sz + sizeof (esp_header_t);
447 op->user_data = b - bufs;
452 op->flags |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS;
453 op->chunk_index = vec_len (ptd->chunks);
454 op->digest = vlib_buffer_get_tail (lb) - icv_sz;
456 esp_encrypt_chain_integ (vm, ptd, sa0, b[0], lb, icv_sz,
457 payload - iv_sz - sizeof (esp_header_t),
458 payload_len + iv_sz +
459 sizeof (esp_header_t), op->digest,
462 else if (ipsec_sa_is_set_USE_ESN (sa0))
464 u32 seq_hi = clib_net_to_host_u32 (sa0->seq_hi);
465 clib_memcpy_fast (op->digest, &seq_hi, sizeof (seq_hi));
466 op->len += sizeof (seq_hi);
471 static_always_inline int
472 esp_prepare_async_frame (vlib_main_t * vm, ipsec_per_thread_data_t * ptd,
473 vnet_crypto_async_frame_t ** async_frame,
474 ipsec_sa_t * sa, vlib_buffer_t * b,
475 esp_header_t * esp, u8 * payload, u32 payload_len,
476 u8 iv_sz, u8 icv_sz, u32 bi, u16 next, u32 hdr_len,
477 u16 async_next, vlib_buffer_t * lb)
479 esp_post_data_t *post = esp_post_data (b);
480 u8 *tag, *iv, *aad = 0;
483 i16 crypto_start_offset, integ_start_offset = 0;
484 u16 crypto_total_len, integ_total_len;
486 post->next_index = next;
489 crypto_start_offset = payload - b->data;
490 crypto_total_len = integ_total_len = payload_len - icv_sz;
491 tag = payload + crypto_total_len;
494 if (ipsec_sa_is_set_IS_AEAD (sa))
496 esp_gcm_nonce_t *nonce;
497 u64 *pkt_iv = (u64 *) (payload - iv_sz);
499 aad = payload - hdr_len - sizeof (esp_aead_t);
500 esp_aad_fill (aad, esp, sa);
501 nonce = (esp_gcm_nonce_t *) (aad - sizeof (*nonce));
502 nonce->salt = sa->salt;
503 nonce->iv = *pkt_iv = clib_host_to_net_u64 (sa->gcm_iv_counter++);
505 key_index = sa->crypto_key_index;
510 flag |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS;
511 tag = vlib_buffer_get_tail (lb) - icv_sz;
512 crypto_total_len = esp_encrypt_chain_crypto (vm, ptd, sa, b, lb,
519 /* cipher then hash */
520 iv = payload - iv_sz;
521 integ_start_offset = crypto_start_offset - iv_sz - sizeof (esp_header_t);
522 integ_total_len += iv_sz + sizeof (esp_header_t);
523 flag |= VNET_CRYPTO_OP_FLAG_INIT_IV;
524 key_index = sa->linked_key_index;
528 flag |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS;
529 crypto_total_len = esp_encrypt_chain_crypto (vm, ptd, sa, b, lb,
532 tag = vlib_buffer_get_tail (lb) - icv_sz;
533 integ_total_len = esp_encrypt_chain_integ (vm, ptd, sa, b, lb, icv_sz,
535 sizeof (esp_header_t),
536 payload_len + iv_sz +
537 sizeof (esp_header_t),
540 else if (ipsec_sa_is_set_USE_ESN (sa) && !ipsec_sa_is_set_IS_AEAD (sa))
542 u32 seq_hi = clib_net_to_host_u32 (sa->seq_hi);
543 clib_memcpy_fast (tag, &seq_hi, sizeof (seq_hi));
544 integ_total_len += sizeof (seq_hi);
548 return vnet_crypto_async_add_to_frame (vm, async_frame, key_index,
550 integ_total_len - crypto_total_len,
552 integ_start_offset, bi, async_next,
557 esp_encrypt_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
558 vlib_frame_t * frame, int is_ip6, int is_tun,
561 ipsec_main_t *im = &ipsec_main;
562 ipsec_per_thread_data_t *ptd = vec_elt_at_index (im->ptd, vm->thread_index);
563 u32 *from = vlib_frame_vector_args (frame);
564 u32 n_left = frame->n_vectors;
565 vlib_buffer_t *bufs[VLIB_FRAME_SIZE], **b = bufs;
566 u16 nexts[VLIB_FRAME_SIZE], *next = nexts;
567 esp_gcm_nonce_t nonces[VLIB_FRAME_SIZE], *nonce = nonces;
568 u32 thread_index = vm->thread_index;
569 u16 buffer_data_size = vlib_buffer_get_default_data_size (vm);
570 u32 current_sa_index = ~0, current_sa_packets = 0;
571 u32 current_sa_bytes = 0, spi = 0;
572 u8 esp_align = 4, iv_sz = 0, icv_sz = 0;
575 vnet_crypto_op_t **crypto_ops = &ptd->crypto_ops;
576 vnet_crypto_op_t **integ_ops = &ptd->integ_ops;
577 vnet_crypto_async_frame_t *async_frame = 0;
578 int is_async = im->async_mode;
579 vnet_crypto_async_op_id_t last_async_op = ~0;
580 u16 drop_next = (is_ip6 ? ESP_ENCRYPT_NEXT_DROP6 : ESP_ENCRYPT_NEXT_DROP4);
581 u16 n_async_drop = 0;
583 vlib_get_buffers (vm, from, b, n_left);
586 vec_reset_length (ptd->crypto_ops);
587 vec_reset_length (ptd->integ_ops);
588 vec_reset_length (ptd->chained_crypto_ops);
589 vec_reset_length (ptd->chained_integ_ops);
591 vec_reset_length (ptd->chunks);
598 u8 *payload, *next_hdr_ptr;
599 u16 payload_len, payload_len_total, n_bufs;
605 vlib_prefetch_buffer_header (b[2], LOAD);
606 p = vlib_buffer_get_current (b[1]);
607 CLIB_PREFETCH (p, CLIB_CACHE_LINE_BYTES, LOAD);
608 p -= CLIB_CACHE_LINE_BYTES;
609 CLIB_PREFETCH (p, CLIB_CACHE_LINE_BYTES, LOAD);
610 /* speculate that the trailer goes in the first buffer */
611 CLIB_PREFETCH (vlib_buffer_get_tail (b[1]),
612 CLIB_CACHE_LINE_BYTES, LOAD);
617 /* we are on a ipsec tunnel's feature arc */
618 vnet_buffer (b[0])->ipsec.sad_index =
619 sa_index0 = ipsec_tun_protect_get_sa_out
620 (vnet_buffer (b[0])->ip.adj_index[VLIB_TX]);
623 sa_index0 = vnet_buffer (b[0])->ipsec.sad_index;
625 if (sa_index0 != current_sa_index)
627 if (current_sa_packets)
628 vlib_increment_combined_counter (&ipsec_sa_counters, thread_index,
632 current_sa_packets = current_sa_bytes = 0;
634 sa0 = pool_elt_at_index (im->sad, sa_index0);
636 /* fetch the second cacheline ASAP */
637 CLIB_PREFETCH (sa0->cacheline1, CLIB_CACHE_LINE_BYTES, LOAD);
639 current_sa_index = sa_index0;
640 spi = clib_net_to_host_u32 (sa0->spi);
641 esp_align = sa0->esp_block_align;
642 icv_sz = sa0->integ_icv_size;
643 iv_sz = sa0->crypto_iv_size;
645 /* submit frame when op_id is different then the old one */
646 if (is_async && sa0->crypto_async_enc_op_id != last_async_op)
648 if (async_frame && async_frame->n_elts)
650 if (vnet_crypto_async_submit_open_frame (vm, async_frame))
651 esp_async_recycle_failed_submit (async_frame, b, from,
652 nexts, &n_async_drop,
654 ESP_ENCRYPT_ERROR_CRYPTO_ENGINE_ERROR);
657 vnet_crypto_async_get_frame (vm, sa0->crypto_async_enc_op_id);
658 last_async_op = sa0->crypto_async_enc_op_id;
662 if (PREDICT_FALSE (~0 == sa0->encrypt_thread_index))
664 /* this is the first packet to use this SA, claim the SA
665 * for this thread. this could happen simultaneously on
667 clib_atomic_cmp_and_swap (&sa0->encrypt_thread_index, ~0,
668 ipsec_sa_assign_thread (thread_index));
671 if (PREDICT_TRUE (thread_index != sa0->encrypt_thread_index))
673 esp_set_next_index (is_async, from, nexts, from[b - bufs],
675 (is_ip6 ? ESP_ENCRYPT_NEXT_HANDOFF6 :
676 ESP_ENCRYPT_NEXT_HANDOFF4), next);
681 n_bufs = vlib_buffer_chain_linearize (vm, b[0]);
684 b[0]->error = node->errors[ESP_ENCRYPT_ERROR_NO_BUFFERS];
685 esp_set_next_index (is_async, from, nexts, from[b - bufs],
686 &n_async_drop, drop_next, next);
692 /* find last buffer in the chain */
693 while (lb->flags & VLIB_BUFFER_NEXT_PRESENT)
694 lb = vlib_get_buffer (vm, lb->next_buffer);
697 if (PREDICT_FALSE (esp_seq_advance (sa0)))
699 b[0]->error = node->errors[ESP_ENCRYPT_ERROR_SEQ_CYCLED];
700 esp_set_next_index (is_async, from, nexts, from[b - bufs],
701 &n_async_drop, drop_next, next);
708 if (ipsec_sa_is_set_IS_TUNNEL (sa0))
710 payload = vlib_buffer_get_current (b[0]);
711 next_hdr_ptr = esp_add_footer_and_icv (vm, &lb, esp_align, icv_sz,
714 vlib_buffer_length_in_chain
718 b[0]->error = node->errors[ESP_ENCRYPT_ERROR_NO_BUFFERS];
719 esp_set_next_index (is_async, from, nexts, from[b - bufs],
720 &n_async_drop, drop_next, next);
723 b[0]->flags &= ~VLIB_BUFFER_TOTAL_LENGTH_VALID;
724 payload_len = b[0]->current_length;
725 payload_len_total = vlib_buffer_length_in_chain (vm, b[0]);
728 hdr_len += sizeof (*esp);
729 esp = (esp_header_t *) (payload - hdr_len);
731 /* optional UDP header */
732 if (ipsec_sa_is_set_UDP_ENCAP (sa0))
734 hdr_len += sizeof (udp_header_t);
735 esp_fill_udp_hdr (sa0, (udp_header_t *) (payload - hdr_len),
736 payload_len_total + hdr_len);
740 if (ipsec_sa_is_set_IS_TUNNEL_V6 (sa0))
743 u16 len = sizeof (ip6_header_t);
745 ip6 = (ip6_header_t *) (payload - hdr_len);
746 clib_memcpy_fast (ip6, &sa0->ip6_hdr, len);
747 *next_hdr_ptr = (is_ip6 ?
748 IP_PROTOCOL_IPV6 : IP_PROTOCOL_IP_IN_IP);
749 len = payload_len_total + hdr_len - len;
750 ip6->payload_length = clib_net_to_host_u16 (len);
755 u16 len = sizeof (ip4_header_t);
757 ip4 = (ip4_header_t *) (payload - hdr_len);
758 clib_memcpy_fast (ip4, &sa0->ip4_hdr, len);
759 *next_hdr_ptr = (is_ip6 ?
760 IP_PROTOCOL_IPV6 : IP_PROTOCOL_IP_IN_IP);
761 len = payload_len_total + hdr_len;
762 esp_update_ip4_hdr (ip4, len, /* is_transport */ 0, 0);
768 next[0] = dpo->dpoi_next_node;
769 vnet_buffer (b[0])->ip.adj_index[VLIB_TX] = dpo->dpoi_index;
772 next[0] = ESP_ENCRYPT_NEXT_INTERFACE_OUTPUT;
774 else /* transport mode */
776 u8 *l2_hdr, l2_len, *ip_hdr, ip_len;
777 ip6_ext_header_t *ext_hdr;
778 udp_header_t *udp = 0;
780 u8 *old_ip_hdr = vlib_buffer_get_current (b[0]);
783 esp_get_ip6_hdr_len ((ip6_header_t *) old_ip_hdr, &ext_hdr) :
784 ip4_header_bytes ((ip4_header_t *) old_ip_hdr);
786 vlib_buffer_advance (b[0], ip_len);
787 payload = vlib_buffer_get_current (b[0]);
788 next_hdr_ptr = esp_add_footer_and_icv (vm, &lb, esp_align, icv_sz,
791 vlib_buffer_length_in_chain
795 esp_set_next_index (is_async, from, nexts, from[b - bufs],
796 &n_async_drop, drop_next, next);
800 b[0]->flags &= ~VLIB_BUFFER_TOTAL_LENGTH_VALID;
801 payload_len = b[0]->current_length;
802 payload_len_total = vlib_buffer_length_in_chain (vm, b[0]);
805 hdr_len += sizeof (*esp);
806 esp = (esp_header_t *) (payload - hdr_len);
808 /* optional UDP header */
809 if (ipsec_sa_is_set_UDP_ENCAP (sa0))
811 hdr_len += sizeof (udp_header_t);
812 udp = (udp_header_t *) (payload - hdr_len);
817 ip_hdr = payload - hdr_len;
822 l2_len = vnet_buffer (b[0])->ip.save_rewrite_length;
824 l2_hdr = payload - hdr_len;
826 /* copy l2 and ip header */
827 clib_memcpy_le32 (l2_hdr, old_ip_hdr - l2_len, l2_len);
834 ip6_header_t *ip6 = (ip6_header_t *) (old_ip_hdr);
835 if (PREDICT_TRUE (NULL == ext_hdr))
837 *next_hdr_ptr = ip6->protocol;
838 ip6->protocol = IP_PROTOCOL_IPSEC_ESP;
842 *next_hdr_ptr = ext_hdr->next_hdr;
843 ext_hdr->next_hdr = IP_PROTOCOL_IPSEC_ESP;
845 ip6->payload_length =
846 clib_host_to_net_u16 (payload_len_total + hdr_len - l2_len -
847 sizeof (ip6_header_t));
852 ip4_header_t *ip4 = (ip4_header_t *) (old_ip_hdr);
853 *next_hdr_ptr = ip4->protocol;
854 len = payload_len_total + hdr_len - l2_len;
857 esp_update_ip4_hdr (ip4, len, /* is_transport */ 1, 1);
858 udp_len = len - ip_len;
861 esp_update_ip4_hdr (ip4, len, /* is_transport */ 1, 0);
864 clib_memcpy_le64 (ip_hdr, old_ip_hdr, ip_len);
868 esp_fill_udp_hdr (sa0, udp, udp_len);
871 next[0] = ESP_ENCRYPT_NEXT_INTERFACE_OUTPUT;
876 crypto_ops = &ptd->chained_crypto_ops;
877 integ_ops = &ptd->chained_integ_ops;
881 crypto_ops = &ptd->crypto_ops;
882 integ_ops = &ptd->integ_ops;
886 esp->seq = clib_net_to_host_u32 (sa0->seq);
890 if (PREDICT_FALSE (sa0->crypto_async_enc_op_id == 0))
892 esp_set_next_index (is_async, from, nexts, from[b - bufs],
893 &n_async_drop, drop_next, next);
897 if (esp_prepare_async_frame (vm, ptd, &async_frame, sa0, b[0], esp,
898 payload, payload_len, iv_sz,
899 icv_sz, from[b - bufs], next[0],
900 hdr_len, async_next, lb))
902 /* The fail only caused by submission, free the whole frame. */
903 if (async_frame->n_elts)
904 esp_async_recycle_failed_submit (async_frame, b, from, nexts,
905 &n_async_drop, drop_next,
906 ESP_ENCRYPT_ERROR_CRYPTO_ENGINE_ERROR);
907 b[0]->error = ESP_ENCRYPT_ERROR_CRYPTO_ENGINE_ERROR;
908 esp_set_next_index (1, from, nexts, from[b - bufs],
909 &n_async_drop, drop_next, next);
915 esp_prepare_sync_op (vm, ptd, crypto_ops, integ_ops, sa0, payload,
916 payload_len, iv_sz, icv_sz, bufs, b, lb,
917 hdr_len, esp, nonce++);
920 vlib_buffer_advance (b[0], 0LL - hdr_len);
922 current_sa_packets += 1;
923 current_sa_bytes += payload_len_total;
926 if (PREDICT_FALSE (b[0]->flags & VLIB_BUFFER_IS_TRACED))
928 esp_encrypt_trace_t *tr = vlib_add_trace (vm, node, b[0],
930 tr->sa_index = sa_index0;
933 tr->sa_seq_hi = sa0->seq_hi;
934 tr->udp_encap = ipsec_sa_is_set_UDP_ENCAP (sa0);
935 tr->crypto_alg = sa0->crypto_alg;
936 tr->integ_alg = sa0->integ_alg;
944 vlib_increment_combined_counter (&ipsec_sa_counters, thread_index,
945 current_sa_index, current_sa_packets,
949 esp_process_ops (vm, node, ptd->crypto_ops, bufs, nexts, drop_next);
950 esp_process_chained_ops (vm, node, ptd->chained_crypto_ops, bufs, nexts,
951 ptd->chunks, drop_next);
953 esp_process_ops (vm, node, ptd->integ_ops, bufs, nexts, drop_next);
954 esp_process_chained_ops (vm, node, ptd->chained_integ_ops, bufs, nexts,
955 ptd->chunks, drop_next);
959 if (async_frame && async_frame->n_elts)
961 if (vnet_crypto_async_submit_open_frame (vm, async_frame) < 0)
962 esp_async_recycle_failed_submit (async_frame, b, from, nexts,
963 &n_async_drop, drop_next,
964 ESP_ENCRYPT_ERROR_CRYPTO_ENGINE_ERROR);
966 vlib_node_increment_counter (vm, node->node_index,
967 ESP_ENCRYPT_ERROR_RX_PKTS,
970 vlib_buffer_enqueue_to_next (vm, node, from, nexts, n_async_drop);
972 return frame->n_vectors;
975 vlib_node_increment_counter (vm, node->node_index,
976 ESP_ENCRYPT_ERROR_RX_PKTS, frame->n_vectors);
978 vlib_buffer_enqueue_to_next (vm, node, from, nexts, frame->n_vectors);
979 return frame->n_vectors;
983 esp_encrypt_post_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
984 vlib_frame_t * frame)
986 vlib_buffer_t *bufs[VLIB_FRAME_SIZE], **b = bufs;
987 u16 nexts[VLIB_FRAME_SIZE], *next = nexts;
988 u32 *from = vlib_frame_vector_args (frame);
989 u32 n_left = frame->n_vectors;
991 vlib_get_buffers (vm, from, b, n_left);
995 vlib_prefetch_buffer_header (b[0], LOAD);
996 vlib_prefetch_buffer_header (b[1], LOAD);
997 vlib_prefetch_buffer_header (b[2], LOAD);
998 vlib_prefetch_buffer_header (b[3], LOAD);
1003 vlib_prefetch_buffer_header (b[4], LOAD);
1004 vlib_prefetch_buffer_header (b[5], LOAD);
1005 vlib_prefetch_buffer_header (b[6], LOAD);
1006 vlib_prefetch_buffer_header (b[7], LOAD);
1008 next[0] = (esp_post_data (b[0]))->next_index;
1009 next[1] = (esp_post_data (b[1]))->next_index;
1010 next[2] = (esp_post_data (b[2]))->next_index;
1011 next[3] = (esp_post_data (b[3]))->next_index;
1013 if (PREDICT_FALSE (node->flags & VLIB_NODE_FLAG_TRACE))
1015 if (b[0]->flags & VLIB_BUFFER_IS_TRACED)
1017 esp_encrypt_post_trace_t *tr = vlib_add_trace (vm, node, b[0],
1019 tr->next_index = next[0];
1021 if (b[1]->flags & VLIB_BUFFER_IS_TRACED)
1023 esp_encrypt_post_trace_t *tr = vlib_add_trace (vm, node, b[1],
1025 tr->next_index = next[1];
1027 if (b[2]->flags & VLIB_BUFFER_IS_TRACED)
1029 esp_encrypt_post_trace_t *tr = vlib_add_trace (vm, node, b[2],
1031 tr->next_index = next[2];
1033 if (b[3]->flags & VLIB_BUFFER_IS_TRACED)
1035 esp_encrypt_post_trace_t *tr = vlib_add_trace (vm, node, b[3],
1037 tr->next_index = next[3];
1048 next[0] = (esp_post_data (b[0]))->next_index;
1049 if (PREDICT_FALSE (b[0]->flags & VLIB_BUFFER_IS_TRACED))
1051 esp_encrypt_post_trace_t *tr = vlib_add_trace (vm, node, b[0],
1053 tr->next_index = next[0];
1061 vlib_node_increment_counter (vm, node->node_index,
1062 ESP_ENCRYPT_ERROR_POST_RX_PKTS,
1064 vlib_buffer_enqueue_to_next (vm, node, from, nexts, frame->n_vectors);
1065 return frame->n_vectors;
1068 VLIB_NODE_FN (esp4_encrypt_node) (vlib_main_t * vm,
1069 vlib_node_runtime_t * node,
1070 vlib_frame_t * from_frame)
1072 return esp_encrypt_inline (vm, node, from_frame, 0 /* is_ip6 */ , 0,
1073 esp_encrypt_async_next.esp4_post_next);
1077 VLIB_REGISTER_NODE (esp4_encrypt_node) = {
1078 .name = "esp4-encrypt",
1079 .vector_size = sizeof (u32),
1080 .format_trace = format_esp_encrypt_trace,
1081 .type = VLIB_NODE_TYPE_INTERNAL,
1083 .n_errors = ARRAY_LEN(esp_encrypt_error_strings),
1084 .error_strings = esp_encrypt_error_strings,
1086 .n_next_nodes = ESP_ENCRYPT_N_NEXT,
1088 [ESP_ENCRYPT_NEXT_DROP4] = "ip4-drop",
1089 [ESP_ENCRYPT_NEXT_DROP6] = "ip6-drop",
1090 [ESP_ENCRYPT_NEXT_HANDOFF4] = "esp4-encrypt-handoff",
1091 [ESP_ENCRYPT_NEXT_HANDOFF6] = "esp6-encrypt-handoff",
1092 [ESP_ENCRYPT_NEXT_INTERFACE_OUTPUT] = "interface-output"
1097 VLIB_NODE_FN (esp4_encrypt_post_node) (vlib_main_t * vm,
1098 vlib_node_runtime_t * node,
1099 vlib_frame_t * from_frame)
1101 return esp_encrypt_post_inline (vm, node, from_frame);
1105 VLIB_REGISTER_NODE (esp4_encrypt_post_node) = {
1106 .name = "esp4-encrypt-post",
1107 .vector_size = sizeof (u32),
1108 .format_trace = format_esp_post_encrypt_trace,
1109 .type = VLIB_NODE_TYPE_INTERNAL,
1110 .sibling_of = "esp4-encrypt",
1112 .n_errors = ARRAY_LEN(esp_encrypt_error_strings),
1113 .error_strings = esp_encrypt_error_strings,
1117 VLIB_NODE_FN (esp6_encrypt_node) (vlib_main_t * vm,
1118 vlib_node_runtime_t * node,
1119 vlib_frame_t * from_frame)
1121 return esp_encrypt_inline (vm, node, from_frame, 1 /* is_ip6 */ , 0,
1122 esp_encrypt_async_next.esp6_post_next);
1126 VLIB_REGISTER_NODE (esp6_encrypt_node) = {
1127 .name = "esp6-encrypt",
1128 .vector_size = sizeof (u32),
1129 .format_trace = format_esp_encrypt_trace,
1130 .type = VLIB_NODE_TYPE_INTERNAL,
1131 .sibling_of = "esp4-encrypt",
1133 .n_errors = ARRAY_LEN(esp_encrypt_error_strings),
1134 .error_strings = esp_encrypt_error_strings,
1138 VLIB_NODE_FN (esp6_encrypt_post_node) (vlib_main_t * vm,
1139 vlib_node_runtime_t * node,
1140 vlib_frame_t * from_frame)
1142 return esp_encrypt_post_inline (vm, node, from_frame);
1146 VLIB_REGISTER_NODE (esp6_encrypt_post_node) = {
1147 .name = "esp6-encrypt-post",
1148 .vector_size = sizeof (u32),
1149 .format_trace = format_esp_post_encrypt_trace,
1150 .type = VLIB_NODE_TYPE_INTERNAL,
1151 .sibling_of = "esp4-encrypt",
1153 .n_errors = ARRAY_LEN(esp_encrypt_error_strings),
1154 .error_strings = esp_encrypt_error_strings,
1158 VLIB_NODE_FN (esp4_encrypt_tun_node) (vlib_main_t * vm,
1159 vlib_node_runtime_t * node,
1160 vlib_frame_t * from_frame)
1162 return esp_encrypt_inline (vm, node, from_frame, 0 /* is_ip6 */ , 1,
1163 esp_encrypt_async_next.esp4_tun_post_next);
1167 VLIB_REGISTER_NODE (esp4_encrypt_tun_node) = {
1168 .name = "esp4-encrypt-tun",
1169 .vector_size = sizeof (u32),
1170 .format_trace = format_esp_encrypt_trace,
1171 .type = VLIB_NODE_TYPE_INTERNAL,
1173 .n_errors = ARRAY_LEN(esp_encrypt_error_strings),
1174 .error_strings = esp_encrypt_error_strings,
1176 .n_next_nodes = ESP_ENCRYPT_N_NEXT,
1178 [ESP_ENCRYPT_NEXT_DROP4] = "ip4-drop",
1179 [ESP_ENCRYPT_NEXT_DROP6] = "ip6-drop",
1180 [ESP_ENCRYPT_NEXT_HANDOFF4] = "esp4-encrypt-tun-handoff",
1181 [ESP_ENCRYPT_NEXT_HANDOFF6] = "error-drop",
1182 [ESP_ENCRYPT_NEXT_INTERFACE_OUTPUT] = "adj-midchain-tx",
1186 VLIB_NODE_FN (esp4_encrypt_tun_post_node) (vlib_main_t * vm,
1187 vlib_node_runtime_t * node,
1188 vlib_frame_t * from_frame)
1190 return esp_encrypt_post_inline (vm, node, from_frame);
1194 VLIB_REGISTER_NODE (esp4_encrypt_tun_post_node) = {
1195 .name = "esp4-encrypt-tun-post",
1196 .vector_size = sizeof (u32),
1197 .format_trace = format_esp_post_encrypt_trace,
1198 .type = VLIB_NODE_TYPE_INTERNAL,
1199 .sibling_of = "esp4-encrypt-tun",
1201 .n_errors = ARRAY_LEN(esp_encrypt_error_strings),
1202 .error_strings = esp_encrypt_error_strings,
1206 VLIB_NODE_FN (esp6_encrypt_tun_node) (vlib_main_t * vm,
1207 vlib_node_runtime_t * node,
1208 vlib_frame_t * from_frame)
1210 return esp_encrypt_inline (vm, node, from_frame, 1 /* is_ip6 */ , 1,
1211 esp_encrypt_async_next.esp6_tun_post_next);
1215 VLIB_REGISTER_NODE (esp6_encrypt_tun_node) = {
1216 .name = "esp6-encrypt-tun",
1217 .vector_size = sizeof (u32),
1218 .format_trace = format_esp_encrypt_trace,
1219 .type = VLIB_NODE_TYPE_INTERNAL,
1221 .n_errors = ARRAY_LEN(esp_encrypt_error_strings),
1222 .error_strings = esp_encrypt_error_strings,
1224 .n_next_nodes = ESP_ENCRYPT_N_NEXT,
1226 [ESP_ENCRYPT_NEXT_DROP4] = "ip4-drop",
1227 [ESP_ENCRYPT_NEXT_DROP6] = "ip6-drop",
1228 [ESP_ENCRYPT_NEXT_HANDOFF4] = "error-drop",
1229 [ESP_ENCRYPT_NEXT_HANDOFF6] = "esp6-encrypt-tun-handoff",
1230 [ESP_ENCRYPT_NEXT_INTERFACE_OUTPUT] = "adj-midchain-tx",
1236 VLIB_NODE_FN (esp6_encrypt_tun_post_node) (vlib_main_t * vm,
1237 vlib_node_runtime_t * node,
1238 vlib_frame_t * from_frame)
1240 return esp_encrypt_post_inline (vm, node, from_frame);
1244 VLIB_REGISTER_NODE (esp6_encrypt_tun_post_node) = {
1245 .name = "esp6-encrypt-tun-post",
1246 .vector_size = sizeof (u32),
1247 .format_trace = format_esp_post_encrypt_trace,
1248 .type = VLIB_NODE_TYPE_INTERNAL,
1249 .sibling_of = "esp6-encrypt-tun",
1251 .n_errors = ARRAY_LEN(esp_encrypt_error_strings),
1252 .error_strings = esp_encrypt_error_strings,
1259 } esp_no_crypto_trace_t;
1262 format_esp_no_crypto_trace (u8 * s, va_list * args)
1264 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
1265 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
1266 esp_no_crypto_trace_t *t = va_arg (*args, esp_no_crypto_trace_t *);
1268 s = format (s, "esp-no-crypto: sa-index %u", t->sa_index);
1275 ESP_NO_CRYPTO_NEXT_DROP,
1276 ESP_NO_CRYPTO_N_NEXT,
1281 ESP_NO_CRYPTO_ERROR_RX_PKTS,
1284 static char *esp_no_crypto_error_strings[] = {
1285 "Outbound ESP packets received",
1289 esp_no_crypto_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
1290 vlib_frame_t * frame)
1292 vlib_buffer_t *bufs[VLIB_FRAME_SIZE], **b = bufs;
1293 u32 *from = vlib_frame_vector_args (frame);
1294 u32 n_left = frame->n_vectors;
1296 vlib_get_buffers (vm, from, b, n_left);
1302 /* packets are always going to be dropped, but get the sa_index */
1303 sa_index0 = ipsec_tun_protect_get_sa_out
1304 (vnet_buffer (b[0])->ip.adj_index[VLIB_TX]);
1306 if (PREDICT_FALSE (b[0]->flags & VLIB_BUFFER_IS_TRACED))
1308 esp_no_crypto_trace_t *tr = vlib_add_trace (vm, node, b[0],
1310 tr->sa_index = sa_index0;
1317 vlib_node_increment_counter (vm, node->node_index,
1318 ESP_NO_CRYPTO_ERROR_RX_PKTS, frame->n_vectors);
1320 vlib_buffer_enqueue_to_single_next (vm, node, from,
1321 ESP_NO_CRYPTO_NEXT_DROP,
1324 return frame->n_vectors;
1327 VLIB_NODE_FN (esp4_no_crypto_tun_node) (vlib_main_t * vm,
1328 vlib_node_runtime_t * node,
1329 vlib_frame_t * from_frame)
1331 return esp_no_crypto_inline (vm, node, from_frame);
1335 VLIB_REGISTER_NODE (esp4_no_crypto_tun_node) =
1337 .name = "esp4-no-crypto",
1338 .vector_size = sizeof (u32),
1339 .format_trace = format_esp_no_crypto_trace,
1340 .n_errors = ARRAY_LEN(esp_no_crypto_error_strings),
1341 .error_strings = esp_no_crypto_error_strings,
1342 .n_next_nodes = ESP_NO_CRYPTO_N_NEXT,
1344 [ESP_NO_CRYPTO_NEXT_DROP] = "ip4-drop",
1348 VLIB_NODE_FN (esp6_no_crypto_tun_node) (vlib_main_t * vm,
1349 vlib_node_runtime_t * node,
1350 vlib_frame_t * from_frame)
1352 return esp_no_crypto_inline (vm, node, from_frame);
1356 VLIB_REGISTER_NODE (esp6_no_crypto_tun_node) =
1358 .name = "esp6-no-crypto",
1359 .vector_size = sizeof (u32),
1360 .format_trace = format_esp_no_crypto_trace,
1361 .n_errors = ARRAY_LEN(esp_no_crypto_error_strings),
1362 .error_strings = esp_no_crypto_error_strings,
1363 .n_next_nodes = ESP_NO_CRYPTO_N_NEXT,
1365 [ESP_NO_CRYPTO_NEXT_DROP] = "ip6-drop",
1371 * fd.io coding-style-patch-verification: ON
1374 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob