Signed-off-by: Robbie King <[email protected]>
---
example/ipsec/odp_ipsec_sp_db.c | 124 +++++++++++++++++++++++++++++++++++++++
example/ipsec/odp_ipsec_sp_db.h | 71 ++++++++++++++++++++++
2 files changed, 195 insertions(+), 0 deletions(-)
create mode 100644 example/ipsec/odp_ipsec_sp_db.c
create mode 100644 example/ipsec/odp_ipsec_sp_db.h
diff --git a/example/ipsec/odp_ipsec_sp_db.c b/example/ipsec/odp_ipsec_sp_db.c
new file mode 100644
index 0000000..a3de183
--- /dev/null
+++ b/example/ipsec/odp_ipsec_sp_db.c
@@ -0,0 +1,124 @@
+/* Copyright (c) 2014, Linaro Limited
+ * All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <odp.h>
+#include <odp_align.h>
+#include <odp_crypto.h>
+
+#include <odp_ipsec_sp_db.h>
+
+/** Global pointer to sp db */
+sp_db_t *sp_db;
+
+void init_sp_db(void)
+{
+ sp_db = odp_shm_reserve("shm_sp_db",
+ sizeof(sp_db_t),
+ ODP_CACHE_LINE_SIZE);
+ if (sp_db == NULL) {
+ ODP_ERR("Error: shared mem alloc failed.\n");
+ exit(EXIT_FAILURE);
+ }
+ memset(sp_db, 0, sizeof(*sp_db));
+}
+
+int create_sp_db_entry(char *input)
+{
+ int pos;
+ char *local, *str, *save;
+ sp_db_entry_t *entry = &sp_db->array[sp_db->index];
+
+ /* Verify we have a good entry */
+ if (MAX_DB <= sp_db->index)
+ return -1;
+
+ /* Make a local copy */
+ local = malloc(strlen(input) + 1);
+ if (local == NULL)
+ return -1;
+ strcpy(local, input);
+
+ /* count the number of tokens separated by ',' */
+ for (str = local, save = NULL, pos = 0;; str = NULL, pos++) {
+ char *token = strtok_r(str, ":", &save);
+
+ /* Check for no more tokens */
+ if (token == NULL)
+ break;
+
+ /* Parse based on postion */
+ switch (pos) {
+ case 0:
+ parse_ipv4_string(token,
+ &entry->src_subnet.addr,
+ &entry->src_subnet.mask);
+ break;
+ case 1:
+ parse_ipv4_string(token,
+ &entry->dst_subnet.addr,
+ &entry->dst_subnet.mask);
+ break;
+ case 2:
+ if (0 == strcmp(token, "in"))
+ entry->input = TRUE;
+ else
+ entry->input = FALSE;
+ break;
+ case 3:
+ if (0 == strcmp(token, "esp")) {
+ entry->esp = TRUE;
+ } else if (0 == strcmp(token, "ah")) {
+ entry->ah = TRUE;
+ } else if (0 == strcmp(token, "both")) {
+ entry->esp = TRUE;
+ entry->ah = TRUE;
+ }
+ break;
+ default:
+ return -1;
+ }
+ }
+
+ /* Verify all positions filled */
+ if (4 != pos)
+ return -1;
+
+ /* Add route to the list */
+ sp_db->index++;
+ entry->next = sp_db->list;
+ sp_db->list = entry;
+
+ return 0;
+}
+
+void dump_sp_db_entry(sp_db_entry_t *entry)
+{
+ char src_subnet_str[32];
+ char dst_subnet_str[32];
+
+ printf(" %s %s %s %s:%s\n",
+ ipv4_subnet_str(src_subnet_str, &entry->src_subnet),
+ ipv4_subnet_str(dst_subnet_str, &entry->dst_subnet),
+ entry->input ? "in" : "out",
+ entry->esp ? "esp" : "none",
+ entry->ah ? "ah" : "none");
+}
+
+void dump_sp_db(void)
+{
+ sp_db_entry_t *entry;
+
+ printf("\n"
+ "Security policy table\n"
+ "---------------------\n");
+
+ for (entry = sp_db->list; NULL != entry; entry = entry->next)
+ dump_sp_db_entry(entry);
+}
+
diff --git a/example/ipsec/odp_ipsec_sp_db.h b/example/ipsec/odp_ipsec_sp_db.h
new file mode 100644
index 0000000..a8a3199
--- /dev/null
+++ b/example/ipsec/odp_ipsec_sp_db.h
@@ -0,0 +1,71 @@
+/* Copyright (c) 2014, Linaro Limited
+ * All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef ODP_IPSEC_SP_DB_H_
+#define ODP_IPSEC_SP_DB_H_
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <odp_ipsec_misc.h>
+
+/**
+ * Security Policy (SP) data base entry
+ */
+typedef struct sp_db_entry_s {
+ struct sp_db_entry_s *next; /**< Next entry on list */
+ ip_addr_range_t src_subnet; /**< Source IPv4 subnet/range */
+ ip_addr_range_t dst_subnet; /**< Destination IPv4 subnet/range */
+ bool input; /**< Direction when applied */
+ bool esp; /**< Enable cipher (ESP) */
+ bool ah; /**< Enable authentication (AH) */
+} sp_db_entry_t;
+
+/**
+ * Security Policy (SP) data base global structure
+ */
+typedef struct sp_db_s {
+ uint32_t index; /**< Index of next available entry */
+ sp_db_entry_t *list; /**< List of active entries */
+ sp_db_entry_t array[MAX_DB]; /**< Entry storage */
+} sp_db_t;
+
+/** Global pointer to sp db */
+extern sp_db_t *sp_db;
+
+/** Initialize SP database global control structure */
+void init_sp_db(void);
+
+/**
+ * Create an SP DB entry
+ *
+ * String is of the format "SrcSubNet:DstSubNet:(in|out):(ah|esp|both)"
+ *
+ * @param input Pointer to string describing SP
+ *
+ * @return 0 if successful else -1
+ */
+int create_sp_db_entry(char *input);
+
+/**
+ * Display one SP DB entry
+ *
+ * @param entry Pointer to entry to display
+ */
+void dump_sp_db_entry(sp_db_entry_t *entry);
+
+/**
+ * Display the SP DB
+ */
+void dump_sp_db(void);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
--
1.7.7.6
_______________________________________________
lng-odp mailing list
[email protected]
http://lists.linaro.org/mailman/listinfo/lng-odp
