A combined pull request incorporating necessary API changes (#22), linux-generic implementation (with several limitiation currently) and testsuite, covering the most important part of the implementation.
----------------github------------------------ /** Email created from pull request 28 (lumag:ipsec) ** https://github.com/Linaro/odp/pull/28 ** Patch: https://github.com/Linaro/odp/pull/28.patch ** Base sha: 552817483e9d4b6a84d49960920f1de50029f111 ** Merge commit sha: 15a81dff7cab4d13e55cc9bd07121015832672d4 **/ ----------------/github------------------------ ----------------checkpatch.pl------------------------ total: 0 errors, 0 warnings, 0 checks, 543 lines checked to_send-p-000.patch has no obvious style problems and is ready for submission. WARNING: line over 80 characters #180: FILE: platform/linux-generic/include/odp_ipsec_internal.h:236: +int _odp_ipsec_sa_update_stats(ipsec_sa_t *ipsec_sa, uint32_t len, odp_ipsec_op_status_t *status); WARNING: line over 80 characters #368: FILE: platform/linux-generic/odp_ipsec_sad.c:86: + if (odp_atomic_load_u32(&ipsec_sa->state) != IPSEC_SA_STATE_FREE) { WARNING: line over 80 characters #369: FILE: platform/linux-generic/odp_ipsec_sad.c:87: + ODP_ERR("Not destroyed ipsec_sa: %u\n", ipsec_sa->ipsec_sa_idx); WARNING: line over 80 characters #415: FILE: platform/linux-generic/odp_ipsec_sad.c:133: + /* This can be called from lookup path, so we really need this check */ ERROR: space prohibited after that '&' (ctx:WxW) #416: FILE: platform/linux-generic/odp_ipsec_sad.c:134: + if (state & IPSEC_SA_STATE_DISABLE) ^ ERROR: space prohibited after that '-' (ctx:WxW) #435: FILE: platform/linux-generic/odp_ipsec_sad.c:153: + state - 1); ^ WARNING: line over 80 characters #513: FILE: platform/linux-generic/odp_ipsec_sad.c:231: + memcpy(&ipsec_sa->lookup_dst_ip, param->lookup_param.dst_addr, sizeof(ipsec_sa->lookup_dst_ip)); WARNING: line over 80 characters #515: FILE: platform/linux-generic/odp_ipsec_sad.c:233: + if (ODP_IPSEC_MODE_TUNNEL == ipsec_sa->mode && ODP_IPSEC_DIR_OUTBOUND == param->dir) { WARNING: line over 80 characters #521: FILE: platform/linux-generic/odp_ipsec_sad.c:239: + memcpy(&ipsec_sa->tun_src_ip, param->tunnel.ipv4.src_addr, sizeof(ipsec_sa->tun_src_ip)); WARNING: line over 80 characters #522: FILE: platform/linux-generic/odp_ipsec_sad.c:240: + memcpy(&ipsec_sa->tun_dst_ip, param->tunnel.ipv4.dst_addr, sizeof(ipsec_sa->tun_dst_ip)); WARNING: line over 80 characters #537: FILE: platform/linux-generic/odp_ipsec_sad.c:255: + /* FIXME: is it possible to use ASYNC crypto to implement ASYNC and inline IPsec? */ WARNING: line over 80 characters #604: FILE: platform/linux-generic/odp_ipsec_sad.c:322: + if (odp_crypto_session_create(&crypto_param, &ipsec_sa->session, &ses_create_rc)) ERROR: space prohibited after that '&' (ctx:WxW) #627: FILE: platform/linux-generic/odp_ipsec_sad.c:345: + if (state & IPSEC_SA_STATE_DISABLE) ^ WARNING: line over 80 characters #663: FILE: platform/linux-generic/odp_ipsec_sad.c:381: + ODP_ERR("Distroying not disabled ipsec_sa: %u\n", ipsec_sa->ipsec_sa_idx); WARNING: line over 80 characters #668: FILE: platform/linux-generic/odp_ipsec_sad.c:386: + ODP_ERR("Error destroying crypto session for ipsec_sa: %u\n", ipsec_sa->ipsec_sa_idx); WARNING: line over 80 characters #714: FILE: platform/linux-generic/odp_ipsec_sad.c:432: + !memcmp(lookup->dst_addr, &ipsec_sa->lookup_dst_ip, sizeof(ipsec_sa->lookup_dst_ip))) { WARNING: line over 80 characters #730: FILE: platform/linux-generic/odp_ipsec_sad.c:448: +int _odp_ipsec_sa_update_stats(ipsec_sa_t *ipsec_sa, uint32_t len, odp_ipsec_op_status_t *status) WARNING: line over 80 characters #736: FILE: platform/linux-generic/odp_ipsec_sad.c:454: + if (ipsec_sa->soft_limit_bytes > 0 && bytes > ipsec_sa->soft_limit_bytes) WARNING: line over 80 characters #739: FILE: platform/linux-generic/odp_ipsec_sad.c:457: + if (ipsec_sa->soft_limit_packets > 0 && packets > ipsec_sa->soft_limit_packets) WARNING: line over 80 characters #742: FILE: platform/linux-generic/odp_ipsec_sad.c:460: + if (ipsec_sa->hard_limit_bytes > 0 && bytes > ipsec_sa->hard_limit_bytes) { WARNING: line over 80 characters #746: FILE: platform/linux-generic/odp_ipsec_sad.c:464: + if (ipsec_sa->hard_limit_packets > 0 && packets > ipsec_sa->hard_limit_packets) { total: 3 errors, 18 warnings, 0 checks, 668 lines checked to_send-p-001.patch has style problems, please review. If any of these errors are false positives, please report them to the maintainer, see CHECKPATCH in MAINTAINERS. WARNING: line over 80 characters #365: FILE: platform/linux-generic/odp_ipsec.c:269: + if (ctx->crypto.cipher_status.alg_err != ODP_CRYPTO_ALG_ERR_NONE || WARNING: line over 80 characters #369: FILE: platform/linux-generic/odp_ipsec.c:273: + if (ctx->crypto.auth_status.alg_err != ODP_CRYPTO_ALG_ERR_NONE || CHECK: Blank lines aren't necessary before a close brace '}' #412: FILE: platform/linux-generic/odp_ipsec.c:316: + +} WARNING: line over 80 characters #483: FILE: platform/linux-generic/odp_ipsec.c:387: + if (odp_packet_copy_to_mem(pkt, ctx->ipsec_offset, sizeof(esp), &esp) < 0) { WARNING: line over 80 characters #488: FILE: platform/linux-generic/odp_ipsec.c:392: + if (ipsec_in_check_sa(ctx, ODP_IPSEC_ESP, odp_be_to_cpu_32(esp.spi), &ip->dst_addr) < 0) WARNING: line over 80 characters #491: FILE: platform/linux-generic/odp_ipsec.c:395: + if (odp_packet_copy_to_mem(pkt, ctx->ipsec_offset + _ODP_ESPHDR_LEN, ctx->ipsec_sa->esp_iv_len, ctx->iv) < 0) { WARNING: line over 80 characters #500: FILE: platform/linux-generic/odp_ipsec.c:404: + param.cipher_range.length = odp_be_to_cpu_16(ip->tot_len) - ip_hdr_len - ctx->hdr_len - ctx->ipsec_sa->icv_len; WARNING: line over 80 characters #504: FILE: platform/linux-generic/odp_ipsec.c:408: + param.auth_range.length = odp_be_to_cpu_16(ip->tot_len) - ip_hdr_len - ctx->ipsec_sa->icv_len; WARNING: line over 80 characters #505: FILE: platform/linux-generic/odp_ipsec.c:409: + param.hash_result_offset = ip_offset + odp_be_to_cpu_16(ip->tot_len) - ctx->ipsec_sa->icv_len; WARNING: line over 80 characters #511: FILE: platform/linux-generic/odp_ipsec.c:415: + if (odp_packet_copy_to_mem(pkt, ctx->ipsec_offset, sizeof(ah), &ah) < 0) { WARNING: line over 80 characters #516: FILE: platform/linux-generic/odp_ipsec.c:420: + if (ipsec_in_check_sa(ctx, ODP_IPSEC_AH, odp_be_to_cpu_32(ah.spi), &ip->dst_addr) < 0) WARNING: line over 80 characters #527: FILE: platform/linux-generic/odp_ipsec.c:431: + /* If authenticating, zero the mutable fields build the request */ WARNING: line over 80 characters #543: FILE: platform/linux-generic/odp_ipsec.c:447: + if (_odp_ipsec_sa_update_stats(ctx->ipsec_sa, stats_length, &ctx->status) < 0) WARNING: line over 80 characters #582: FILE: platform/linux-generic/odp_ipsec.c:486: + uint32_t esptrl_offset = ip_offset + odp_be_to_cpu_16(ip->tot_len) - ctx->trl_len; WARNING: line over 80 characters #584: FILE: platform/linux-generic/odp_ipsec.c:488: + if (odp_packet_copy_to_mem(pkt, esptrl_offset, sizeof(esptrl), &esptrl) < 0) { WARNING: line over 80 characters #594: FILE: platform/linux-generic/odp_ipsec.c:498: + if (_odp_packet_cmp_data(pkt, esptrl_offset - esptrl.pad_len, ipsec_padding, esptrl.pad_len) != 0) { WARNING: line over 80 characters #607: FILE: platform/linux-generic/odp_ipsec.c:511: + if (odp_packet_copy_to_mem(pkt, ctx->ipsec_offset, sizeof(ah), &ah) < 0) { WARNING: line over 80 characters #624: FILE: platform/linux-generic/odp_ipsec.c:528: + /* We have a tunneled IPv4 packet, strip outer and IPsec headers */ WARNING: line over 80 characters #625: FILE: platform/linux-generic/odp_ipsec.c:529: + odp_packet_move_data(pkt, ip_hdr_len + ctx->hdr_len, 0, ip_offset); WARNING: line over 80 characters #626: FILE: platform/linux-generic/odp_ipsec.c:530: + if (odp_packet_trunc_head(&pkt, ip_hdr_len + ctx->hdr_len, NULL, NULL) < 0) { WARNING: line over 80 characters #641: FILE: platform/linux-generic/odp_ipsec.c:545: + odp_packet_move_data(pkt, ctx->hdr_len, 0, ip_offset + ip_hdr_len); WARNING: line over 80 characters #716: FILE: platform/linux-generic/odp_ipsec.c:620: + (ctx->ipsec_sa->tun_dscp << _ODP_IP_TOS_DSCP_SHIFT); WARNING: line over 80 characters #717: FILE: platform/linux-generic/odp_ipsec.c:621: + out_ip.tot_len = odp_cpu_to_be_16(odp_be_to_cpu_16(ip->tot_len) + _ODP_IPV4HDR_LEN); WARNING: line over 80 characters #719: FILE: platform/linux-generic/odp_ipsec.c:623: + out_ip.id = odp_atomic_fetch_add_u32(&ctx->ipsec_sa->tun_hdr_id, 1) & 0xffff; WARNING: line over 80 characters #731: FILE: platform/linux-generic/odp_ipsec.c:635: + if (odp_packet_extend_head(&pkt, _ODP_IPV4HDR_LEN, NULL, NULL) < 0) { WARNING: line over 80 characters #739: FILE: platform/linux-generic/odp_ipsec.c:643: + odp_packet_copy_from_mem(pkt, ip_offset, _ODP_IPV4HDR_LEN, &out_ip); WARNING: line over 80 characters #755: FILE: platform/linux-generic/odp_ipsec.c:659: + uint16_t ip_data_len = odp_be_to_cpu_16(ip->tot_len) - ip_hdr_len; WARNING: line over 80 characters #766: FILE: platform/linux-generic/odp_ipsec.c:670: + ctx->trl_len = encrypt_len - ip_data_len + ctx->ipsec_sa->icv_len; WARNING: line over 80 characters #770: FILE: platform/linux-generic/odp_ipsec.c:674: + uint32_t len = odp_random_data(ctx->iv, ctx->ipsec_sa->esp_iv_len, ODP_RANDOM_CRYPTO); WARNING: Missing a blank line after declarations #771: FILE: platform/linux-generic/odp_ipsec.c:675: + uint32_t len = odp_random_data(ctx->iv, ctx->ipsec_sa->esp_iv_len, ODP_RANDOM_CRYPTO); + if (len != ctx->ipsec_sa->esp_iv_len) { WARNING: line over 80 characters #787: FILE: platform/linux-generic/odp_ipsec.c:691: + uint32_t esptrl_offset = ip_offset + ip_hdr_len + ctx->hdr_len + encrypt_len - _ODP_ESPTRL_LEN; WARNING: line over 80 characters #791: FILE: platform/linux-generic/odp_ipsec.c:695: + esp.seq_no = odp_cpu_to_be_32(odp_atomic_fetch_add_u32(&ctx->ipsec_sa->seq, 1) + 1); WARNING: line over 80 characters #798: FILE: platform/linux-generic/odp_ipsec.c:702: + odp_packet_copy_from_mem(pkt, ctx->ipsec_offset, _ODP_ESPHDR_LEN, &esp); WARNING: line over 80 characters #800: FILE: platform/linux-generic/odp_ipsec.c:704: + odp_packet_copy_from_mem(pkt, ctx->ipsec_offset + _ODP_ESPHDR_LEN, ctx->ipsec_sa->esp_iv_len, ctx->iv); WARNING: line over 80 characters #801: FILE: platform/linux-generic/odp_ipsec.c:705: + odp_packet_copy_from_mem(pkt, esptrl_offset - esptrl.pad_len, esptrl.pad_len, ipsec_padding); WARNING: line over 80 characters #802: FILE: platform/linux-generic/odp_ipsec.c:706: + odp_packet_copy_from_mem(pkt, esptrl_offset, _ODP_ESPTRL_LEN, &esptrl); WARNING: line over 80 characters #805: FILE: platform/linux-generic/odp_ipsec.c:709: + param.cipher_range.length = odp_be_to_cpu_16(ip->tot_len) - ip_hdr_len - ctx->hdr_len - ctx->ipsec_sa->icv_len; WARNING: line over 80 characters #808: FILE: platform/linux-generic/odp_ipsec.c:712: + param.auth_range.length = odp_be_to_cpu_16(ip->tot_len) - ip_hdr_len - ctx->ipsec_sa->icv_len; WARNING: line over 80 characters #809: FILE: platform/linux-generic/odp_ipsec.c:713: + param.hash_result_offset = ip_offset + odp_be_to_cpu_16(ip->tot_len) - ctx->ipsec_sa->icv_len; WARNING: line over 80 characters #834: FILE: platform/linux-generic/odp_ipsec.c:738: + ah.seq_no = odp_cpu_to_be_32(odp_atomic_fetch_add_u32(&ctx->ipsec_sa->seq, 1) + 1); WARNING: line over 80 characters #838: FILE: platform/linux-generic/odp_ipsec.c:742: + odp_packet_copy_from_mem(pkt, ctx->ipsec_offset, _ODP_AHHDR_LEN, &ah); WARNING: line over 80 characters #839: FILE: platform/linux-generic/odp_ipsec.c:743: + _odp_packet_set_data(pkt, ctx->ipsec_offset + _ODP_AHHDR_LEN, 0, ctx->ipsec_sa->icv_len); WARNING: line over 80 characters #856: FILE: platform/linux-generic/odp_ipsec.c:760: + if (_odp_ipsec_sa_update_stats(ctx->ipsec_sa, stats_length, &ctx->status) < 0) CHECK: if this code is redundant consider removing it #901: FILE: platform/linux-generic/odp_ipsec.c:805: +#if 0 CHECK: if this code is redundant consider removing it #924: FILE: platform/linux-generic/odp_ipsec.c:826: +#if 0 WARNING: line over 80 characters #945: FILE: platform/linux-generic/odp_ipsec.c:846: + ipsec_finish(&ctx, &output->res[out_pkt], &output->pkt[out_pkt]); CHECK: if this code is redundant consider removing it #982: FILE: platform/linux-generic/odp_ipsec.c:879: +#if 0 WARNING: line over 80 characters #996: FILE: platform/linux-generic/odp_ipsec.c:893: + ipsec_finish(&ctx, &output->res[out_pkt], &output->pkt[out_pkt]); CHECK: if this code is redundant consider removing it #1025: FILE: platform/linux-generic/odp_ipsec.c:920: +#if 0 CHECK: if this code is redundant consider removing it #1086: FILE: platform/linux-generic/odp_ipsec.c:980: +#if 0 WARNING: line over 80 characters #1104: FILE: platform/linux-generic/odp_ipsec.c:998: + if (odp_unlikely(_odp_ipsec_result_send(ctx->ipsec_sa->queue, ctx) < 0)) { WARNING: line over 80 characters #1115: FILE: platform/linux-generic/odp_ipsec.c:1009: + const odp_ipsec_inline_op_param_t *inline_param) WARNING: line over 80 characters #1134: FILE: platform/linux-generic/odp_ipsec.c:1028: + if (odp_packet_trunc_head(&pkt, offset - hdr_len, NULL, NULL) < 0) { WARNING: line over 80 characters #1140: FILE: platform/linux-generic/odp_ipsec.c:1034: + if (odp_packet_extend_head(&pkt, hdr_len - offset, NULL, NULL) < 0) { CHECK: Blank lines aren't necessary before a close brace '}' #1145: FILE: platform/linux-generic/odp_ipsec.c:1039: + + } WARNING: line over 80 characters #1149: FILE: platform/linux-generic/odp_ipsec.c:1043: + if (odp_packet_copy_from_mem(pkt, 0, hdr_len, inline_param->outer_hdr.ptr) < 0) { WARNING: line over 80 characters #1167: FILE: platform/linux-generic/odp_ipsec.c:1060: + if (odp_unlikely(_odp_ipsec_result_send(ctx->ipsec_sa->queue, ctx) < 0)) CHECK: if this code is redundant consider removing it #1204: FILE: platform/linux-generic/odp_ipsec.c:1094: +#if 0 WARNING: line over 80 characters #1224: FILE: platform/linux-generic/odp_ipsec.c:1113: + if (!_odp_ipsec_out_inline_send(ctx, &inline_param[in_pkt - 1])) { WARNING: line over 80 characters #1226: FILE: platform/linux-generic/odp_ipsec.c:1115: + if (odp_unlikely(_odp_ipsec_result_send(ctx->ipsec_sa->queue, ctx) < 0)) { total: 0 errors, 52 warnings, 8 checks, 1217 lines checked to_send-p-002.patch has style problems, please review. If any of these errors are false positives, please report them to the maintainer, see CHECKPATCH in MAINTAINERS. CHECK: Avoid CamelCase: <pName> #507: FILE: test/common_plat/validation/api/ipsec/ipsec.c:471: + for (i = 0; suite[i].pName; i++) { CHECK: Avoid CamelCase: <IPv4ADDR> #1552: FILE: test/common_plat/validation/api/ipsec/ipsec_test_out.c:49: +#define IPv4ADDR(a, b, c, d) odp_cpu_to_be_32((a << 24) | \ CHECK: Alignment should match open parenthesis #1911: FILE: test/common_plat/validation/api/ipsec/test_vectors.h:18: +KEY(key_a5_128, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, + 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5); CHECK: Alignment should match open parenthesis #1913: FILE: test/common_plat/validation/api/ipsec/test_vectors.h:20: +KEY(key_5a_128, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, + 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a); CHECK: Alignment should match open parenthesis #1915: FILE: test/common_plat/validation/api/ipsec/test_vectors.h:22: +KEY(key_a5_256, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, + 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, CHECK: Alignment should match open parenthesis #1919: FILE: test/common_plat/validation/api/ipsec/test_vectors.h:26: +KEY(key_5a_256, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, + 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, CHECK: Alignment should match open parenthesis #1924: FILE: test/common_plat/validation/api/ipsec/test_vectors.h:31: +KEY(key_rfc3602, 0x90, 0xd3, 0x82, 0xb4, 0x10, 0xee, 0xba, 0x7a, + 0xd9, 0x38, 0xc4, 0x6c, 0xec, 0x1a, 0x82, 0xbf); CHECK: Alignment should match open parenthesis #1926: FILE: test/common_plat/validation/api/ipsec/test_vectors.h:33: +KEY(key_rfc3602_2, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef); total: 0 errors, 0 warnings, 8 checks, 2527 lines checked to_send-p-003.patch has style problems, please review. If any of these errors are false positives, please report them to the maintainer, see CHECKPATCH in MAINTAINERS. ----------------/checkpatch.pl------------------------
