#include <signal.h>
#include <fcntl.h>
#include <rte_ethdev.h>
#include <doca_argp.h>
#include <doca_flow_tune_server.h>
#include <doca_log.h>
#include <doca_pe.h>
#include <doca_dev.h>
#include <dpdk_utils.h>
#include <pack.h>
#include "config.h"
#include "flow_common.h"
#include "flow_decrypt.h"
#include "flow_encrypt.h"
#include "ipsec_ctx.h"
#include "policy.h"
Go to the source code of this file.
|
| | DOCA_LOG_REGISTER (IPSEC_SECURITY_GW) |
| |
| static void | signal_handler (int signum) |
| |
| static bool | query_pipe_info (struct security_gateway_pipe_info *pipe) |
| |
| static void | query_bad_syndrome (struct decrypt_rule *decrypt_rule) |
| |
| static void | query_encrypt_pipes (struct ipsec_security_gw_config *app_cfg) |
| |
| static void | query_decrypt_pipes (struct ipsec_security_gw_config *app_cfg) |
| |
| static void | process_syndrome_packets (void *args) |
| |
| static bool | is_fwd_syndrome_rss (struct ipsec_security_gw_config *app_cfg) |
| |
| static void | handle_packets_received (uint16_t port_id, uint16_t nb_packets, struct rte_mbuf **packets, struct ipsec_security_gw_core_ctx *ctx, uint16_t *nb_processed_packets, struct rte_mbuf **processed_packets, struct rte_mbuf **unprocessed_packets) |
| |
| static void | process_queue_packets (void *args) |
| |
| static doca_error_t | ipsec_security_gw_process_bad_packets (struct ipsec_security_gw_config *config, struct ipsec_security_gw_ports_map *ports[]) |
| |
| static doca_error_t | ipsec_security_gw_process_packets (struct ipsec_security_gw_config *config, struct ipsec_security_gw_ports_map *ports[]) |
| |
| static doca_error_t | unpack_policy_buffer (uint8_t *buf, uint32_t nb_bytes, struct ipsec_security_gw_ipsec_policy *policy) |
| |
| static doca_error_t | fill_buffer_from_socket (int fd, size_t bytes_to_read, uint8_t *buf) |
| |
| static doca_error_t | read_message_length (struct ipsec_security_gw_config *app_cfg, uint32_t *length) |
| |
| static doca_error_t | read_message_from_socket (struct ipsec_security_gw_config *app_cfg, struct ipsec_security_gw_ipsec_policy *policy) |
| |
| static void | sw_handling_sn_inc (struct ipsec_security_gw_config *app_cfg, struct encrypt_rule *encrypt_rules, int encrypt_array_size) |
| |
| static void | sw_handling_antireplay (struct ipsec_security_gw_config *app_cfg, struct decrypt_rule *decrypt_rules, int decrypt_array_size) |
| |
| static doca_error_t | ipsec_security_gw_wait_for_traffic (struct ipsec_security_gw_config *app_cfg, struct ipsec_security_gw_ports_map *ports[]) |
| |
| static doca_error_t | create_policy_socket (struct ipsec_security_gw_config *app_cfg) |
| |
| static void | rule_inserter_worker (void *args) |
| |
| static bool | is_insertion_rate (struct ipsec_security_gw_config *app_cfg) |
| |
| static doca_error_t | run_multithread_insertion (struct ipsec_security_gw_config *app_cfg, struct ipsec_security_gw_ports_map *ports[], int nb_queues) |
| |
| int | main (int argc, char **argv) |
| |
◆ DEFAULT_NB_CORES
| #define DEFAULT_NB_CORES 4 /* Default number of running cores */ |
◆ MAC_ADDRESS_SIZE
| #define MAC_ADDRESS_SIZE 6 /* Size of mac address */ |
◆ MIN_ENTRIES_PER_CORE
| #define MIN_ENTRIES_PER_CORE 1024 /* Minimum number of entries per core */ |
◆ NB_TX_BURST_TRIES
| #define NB_TX_BURST_TRIES 5 /* Number of tries for sending batch of packets */ |
◆ PACKET_BURST
| #define PACKET_BURST 32 /* The number of packets in the rx queue */ |
◆ create_policy_socket()
◆ DOCA_LOG_REGISTER()
| DOCA_LOG_REGISTER |
( |
IPSEC_SECURITY_GW |
| ) |
|
◆ fill_buffer_from_socket()
| static doca_error_t fill_buffer_from_socket |
( |
int |
fd, |
|
|
size_t |
bytes_to_read, |
|
|
uint8_t * |
buf |
|
) |
| |
|
static |
◆ handle_packets_received()
| static void handle_packets_received |
( |
uint16_t |
port_id, |
|
|
uint16_t |
nb_packets, |
|
|
struct rte_mbuf ** |
packets, |
|
|
struct ipsec_security_gw_core_ctx * |
ctx, |
|
|
uint16_t * |
nb_processed_packets, |
|
|
struct rte_mbuf ** |
processed_packets, |
|
|
struct rte_mbuf ** |
unprocessed_packets |
|
) |
| |
|
static |
◆ ipsec_security_gw_process_bad_packets()
◆ ipsec_security_gw_process_packets()
◆ ipsec_security_gw_wait_for_traffic()
◆ is_fwd_syndrome_rss()
◆ is_insertion_rate()
◆ main()
| int main |
( |
int |
argc, |
|
|
char ** |
argv |
|
) |
| |
◆ process_queue_packets()
| static void process_queue_packets |
( |
void * |
args | ) |
|
|
static |
◆ process_syndrome_packets()
| static void process_syndrome_packets |
( |
void * |
args | ) |
|
|
static |
◆ query_bad_syndrome()
| static void query_bad_syndrome |
( |
struct decrypt_rule * |
decrypt_rule | ) |
|
|
static |
◆ query_decrypt_pipes()
◆ query_encrypt_pipes()
◆ query_pipe_info()
◆ read_message_from_socket()
◆ read_message_length()
◆ rule_inserter_worker()
| static void rule_inserter_worker |
( |
void * |
args | ) |
|
|
static |
◆ run_multithread_insertion()
◆ signal_handler()
| static void signal_handler |
( |
int |
signum | ) |
|
|
static |
◆ sw_handling_antireplay()
◆ sw_handling_sn_inc()
◆ unpack_policy_buffer()
◆ force_quit
◆ syndrome_list
Initial value:= {"Authentication failed",
"Trailer length exceeded ESP payload",
"Replay protection failed",
"IPsec offload context reached its hard lifetime threshold"}
Definition at line 66 of file ipsec_security_gw.c.
