[lng-odp] [PATCH API-NEXT v4 5/7] api: ipsec: inbound TFC padding and dummy packets

Wed, 31 Jan 2018 06:19:52 -0800 

From: Petri Savolainen <petri.savolai...@linaro.org>

Specify how application can recognize TFC padding and dummy
packets at input. Packet metadata for L3/L4 protocol type
indicate if the original packet was an IP or a TFC dummy packet.
When packet length is larger than protocol fields indicate,
some TFC padding remain in the packet.

Signed-off-by: Petri Savolainen <petri.savolai...@linaro.org>
---
/** Email created from pull request 403 (psavol:next-ipsec-tfc)
 ** https://github.com/Linaro/odp/pull/403
 ** Patch: https://github.com/Linaro/odp/pull/403.patch
 ** Base sha: 5718327018debbb02aacb464493504c95fbe57a3
 ** Merge commit sha: 5fe995377a907528cc4b1ce80386e5238f99e8de
 **/
 include/odp/api/spec/ipsec.h | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/include/odp/api/spec/ipsec.h b/include/odp/api/spec/ipsec.h
index 08533d80d..721f96856 100644
--- a/include/odp/api/spec/ipsec.h
+++ b/include/odp/api/spec/ipsec.h
@@ -1226,12 +1226,23 @@ typedef struct odp_ipsec_status_t {
  * e.g. RFC 4302 and 4303). Resulting packets are well formed, reconstructed
  * original IP packets, with IPSEC headers removed and valid header field 
values
  * restored. The amount and content of packet data before the IP header is
- * undefined.
+ * undefined. Some amount of TFC padding may follow the IP packet payload,
+ * in which case packet length is larger than protocol headers indicate.
+ * TFC dummy packets have l3_type set to ODP_PROTO_L3_TYPE_NONE in tunnel mode
+ * or l4_type set to ODP_PROTO_L4_TYPE_NO_NEXT in transport mode. Dummy
+ * packets contain implementation specific amount of (dummy) data. Furthermore,
+ * inline IPSEC processing may drop dummy packets.
  *
  * Each successfully transformed packet has a valid value for these metadata
  * regardless of the inner packet parse configuration
  * (odp_ipsec_inbound_config_t):
- * - L3 offset: Offset to the first byte of the (outmost) IP header
+ * - l3_offset: Offset to the first byte of the original IP packet. The value
+ *              is implementation specific for tunnel mode TFC dummy packets.
+ * - l3_type:   Specifies if the original packet is IPv4 or IPv6. For tunnel
+ *              mode TFC dummy packets set to ODP_PROTO_L3_TYPE_NONE.
+ * - l4_type:   Always set to ODP_PROTO_L4_TYPE_NO_NEXT for transport mode 
dummy
+ *              packets. Otherwise, depends on parse configuration. Default
+ *              value is ODP_PROTO_L4_TYPE_NONE.
  * - pktio:     For inline IPSEC processed packets, original packet input
  *              interface
  *

Reply via email to