[qca-nss-drv] Add support for Metadata TX in IPsec
IPsec metadata to be used for TX packets originating at host
Change-Id: Ia1a28315a71e23ba75128ff5033d4f5da380b4f7
Signed-off-by: Samarjeet Banerjee <banerjee@codeaurora.org>
diff --git a/exports/nss_dynamic_interface.h b/exports/nss_dynamic_interface.h
index 54cf56c..05104ac 100644
--- a/exports/nss_dynamic_interface.h
+++ b/exports/nss_dynamic_interface.h
@@ -81,9 +81,9 @@
NSS_DYNAMIC_INTERFACE_TYPE_PPTP_OUTER,
NSS_DYNAMIC_INTERFACE_TYPE_PPTP_HOST_INNER,
NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_INNER,
- NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_INNER_BOUNCE,
+ NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_MDATA_INNER,
NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_OUTER,
- NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_OUTER_BOUNCE,
+ NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_MDATA_OUTER,
NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_REDIRECT,
NSS_DYNAMIC_INTERFACE_TYPE_PVXLAN_HOST_INNER,
NSS_DYNAMIC_INTERFACE_TYPE_PVXLAN_OUTER,
diff --git a/exports/nss_ipsec_cmn.h b/exports/nss_ipsec_cmn.h
index 524d757..a12af5b 100644
--- a/exports/nss_ipsec_cmn.h
+++ b/exports/nss_ipsec_cmn.h
@@ -50,6 +50,10 @@
#define NSS_IPSEC_CMN_FEATURE_INLINE_ACCEL 0x1 /**< Interface enabled for inline exception. */
+#define NSS_IPSEC_CMN_MDATA_VERSION 0x01 /**< Metadata version. */
+#define NSS_IPSEC_CMN_MDATA_MAGIC 0x8893 /**< Metadata magic. */
+#define NSS_IPSEC_CMN_MDATA_ORIGIN_HOST 0x01 /**< Metadata originates at the host. */
+
/**
* nss_ipsec_cmn_msg_type
* IPsec message types.
@@ -95,9 +99,9 @@
enum nss_ipsec_cmn_ctx_type {
NSS_IPSEC_CMN_CTX_TYPE_NONE = 0, /**< Invalid direction. */
NSS_IPSEC_CMN_CTX_TYPE_INNER, /**< Encapsulation. */
- NSS_IPSEC_CMN_CTX_TYPE_INNER_BOUNCE, /**< Inner bounce */
+ NSS_IPSEC_CMN_CTX_TYPE_MDATA_INNER, /**< Metadata for encapsulation. */
NSS_IPSEC_CMN_CTX_TYPE_OUTER, /**< Decapsulation. */
- NSS_IPSEC_CMN_CTX_TYPE_OUTER_BOUNCE, /**< Outer bounce. */
+ NSS_IPSEC_CMN_CTX_TYPE_MDATA_OUTER, /**< Metadata for decapsulation. */
NSS_IPSEC_CMN_CTX_TYPE_REDIR, /**< Redirect. */
NSS_IPSEC_CMN_CTX_TYPE_MAX
};
@@ -282,6 +286,47 @@
};
/**
+ * nss_ipsec_cmn_mdata_cmn
+ * IPsec common metadata information.
+ */
+struct nss_ipsec_cmn_mdata_cmn {
+ uint8_t version; /**< Metadata version. */
+ uint8_t origin; /**< Metadata origin (host or NSS). */
+ uint16_t magic; /**< Metadata magic. */
+};
+
+/**
+ * nss_ipsec_cmn_mdata_encap
+ * IPsec encapsulation metadata information.
+ */
+struct nss_ipsec_cmn_mdata_encap {
+ struct nss_ipsec_cmn_sa_tuple sa; /**< SA tuple. */
+ uint32_t seq_num; /**< Sequence number for encapsulation (zero disables it). */
+ uint32_t flags; /**< Encapsulation metadata flags. */
+};
+
+/**
+ * nss_ipsec_cmn_mdata_decap
+ * IPsec decapsulation metadata information.
+ */
+struct nss_ipsec_cmn_mdata_decap {
+ struct nss_ipsec_cmn_sa_tuple sa; /**< SA tuple. */
+};
+
+/**
+ * nss_ipsec_cmn_mdata
+ * IPsec metadata for host originated packets.
+ */
+struct nss_ipsec_cmn_mdata {
+ struct nss_ipsec_cmn_mdata_cmn cm; /**< Common metadata. */
+
+ union {
+ struct nss_ipsec_cmn_mdata_encap encap; /**< Encapsulation metadata. */
+ struct nss_ipsec_cmn_mdata_decap decap; /**< Decapsulation metadata. */
+ } data; /**< Metadata payload. */
+};
+
+/**
* nss_ipsec_cmn_msg
* Message structure for NSS IPsec messages.
*/
@@ -302,6 +347,27 @@
};
/**
+ * nss_ipsec_cmn_mdata_init
+ * Initialize the metadata common fields.
+ *
+ * @datatypes
+ * nss_ipsec_cmn_mdata
+ *
+ * @param[in] mdata Metadata pointer.
+ *
+ * @return
+ * Pointer to metadata payload.
+ */
+static inline void *nss_ipsec_cmn_mdata_init(struct nss_ipsec_cmn_mdata *mdata)
+{
+ mdata->cm.magic = NSS_IPSEC_CMN_MDATA_MAGIC;
+ mdata->cm.version = NSS_IPSEC_CMN_MDATA_VERSION;
+ mdata->cm.origin = NSS_IPSEC_CMN_MDATA_ORIGIN_HOST;
+
+ return &mdata->data;
+}
+
+/**
* Callback function for receiving message notifications.
*
* @datatypes
diff --git a/nss_hal/nss_hal.c b/nss_hal/nss_hal.c
index 2dbadd7..c1edd6a 100644
--- a/nss_hal/nss_hal.c
+++ b/nss_hal/nss_hal.c
@@ -391,8 +391,8 @@
#if defined(NSS_HAL_IPQ807x_SUPPORT) || defined(NSS_HAL_IPQ60XX_SUPPORT)
nss_top->dynamic_interface_table[NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_INNER] = nss_dev->id;
nss_top->dynamic_interface_table[NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_OUTER] = nss_dev->id;
- nss_top->dynamic_interface_table[NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_INNER_BOUNCE] = nss_dev->id;
- nss_top->dynamic_interface_table[NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_OUTER_BOUNCE] = nss_dev->id;
+ nss_top->dynamic_interface_table[NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_MDATA_INNER] = nss_dev->id;
+ nss_top->dynamic_interface_table[NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_MDATA_OUTER] = nss_dev->id;
nss_top->dynamic_interface_table[NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_REDIRECT] = nss_dev->id;
nss_ipsec_cmn_register_handler();
#else
diff --git a/nss_ipsec_cmn.c b/nss_ipsec_cmn.c
index 0f07f81..a59fe54 100644
--- a/nss_ipsec_cmn.c
+++ b/nss_ipsec_cmn.c
@@ -99,10 +99,18 @@
len += scnprintf(buf + len, size - len, "\nInner if_num:%03u", if_num);
break;
+ case NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_MDATA_INNER:
+ len += scnprintf(buf + len, size - len, "\nMetadata inner if_num:%03u", if_num);
+ break;
+
case NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_OUTER:
len += scnprintf(buf + len, size - len, "\nOuter if_num:%03u", if_num);
break;
+ case NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_MDATA_OUTER:
+ len += scnprintf(buf + len, size - len, "\nMetadata outer if_num:%03u", if_num);
+ break;
+
default:
len += scnprintf(buf + len, size - len, "\nUnknown(%d) if_num:%03u", type, if_num);
break;
@@ -137,8 +145,8 @@
switch (type) {
case NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_INNER:
case NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_OUTER:
- case NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_INNER_BOUNCE:
- case NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_OUTER_BOUNCE:
+ case NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_MDATA_INNER:
+ case NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_MDATA_OUTER:
case NSS_DYNAMIC_INTERFACE_TYPE_IPSEC_CMN_REDIRECT:
return true;