Merge "[qca-nss-drv] Fix copyright header to carry previous years"
diff --git a/exports/nss_api_if.h b/exports/nss_api_if.h
index 139a7ed..3d6e50b 100644
--- a/exports/nss_api_if.h
+++ b/exports/nss_api_if.h
@@ -108,6 +108,7 @@
#define NSS_LAG0_INTERFACE_NUM (NSS_SPECIAL_IF_START + 10) /* Special IF number for LAG0 */
#define NSS_LAG1_INTERFACE_NUM (NSS_SPECIAL_IF_START + 11) /* Special IF number for LAG1 */
#define NSS_C2C_TX_INTERFACE (NSS_SPECIAL_IF_START + 12) /* Virtual Interface Number for IPSec Tunnel */
+#define NSS_IPSEC_RULE_INTERFACE (NSS_SPECIAL_IF_START + 18) /* Virtual Interface Number for IPSec rule */
#define NSS_COREFREQ_INTERFACE (NSS_SPECIAL_IF_START + 19) /* Virtual Interface Number for Corefreq */
#define NSS_DYNAMIC_INTERFACE (NSS_SPECIAL_IF_START + 20) /* Special Interface Number for Dynamic Interfaces */
#define NSS_GRE_REDIR_INTERFACE (NSS_SPECIAL_IF_START + 21) /* Interface Number for GRE REDIR base interface */
diff --git a/exports/nss_ipsec.h b/exports/nss_ipsec.h
index 87d4a52..c162df0 100644
--- a/exports/nss_ipsec.h
+++ b/exports/nss_ipsec.h
@@ -260,4 +260,12 @@
extern void nss_ipsec_msg_init(struct nss_ipsec_msg *nim, uint16_t if_num, uint32_t type, uint32_t len,
nss_ipsec_msg_callback_t *cb, void *app_data);
+/*
+ * @brief get the NSS interface number to be used for IPsec requests
+ *
+ * @param ctx[IN] HLOS driver's context
+ *
+ * @return interface number
+ */
+extern int32_t nss_ipsec_get_interface(struct nss_ctx_instance *ctx);
#endif /* __NSS_IPSEC_H */
diff --git a/exports/nss_ipv6.h b/exports/nss_ipv6.h
index 83c0e5a..116098c 100644
--- a/exports/nss_ipv6.h
+++ b/exports/nss_ipv6.h
@@ -55,6 +55,8 @@
/**< Rule has for a VLAN marking configured */
#define NSS_IPV6_RULE_CREATE_FLAG_ICMP_NO_CME_FLUSH 0x20
/**< Rule for not flushing CME on ICMP pkt */
+#define NSS_IPV6_RULE_UPDATE_FLAG_CHANGE_MTU 0x40
+ /**< Rule updation for MTU change */
/**
* IPv6 rule creation validity flags.
@@ -103,6 +105,9 @@
NSS_EXCEPTION_EVENT_IPV6_DSCP_MARKING_MISMATCH, /**< NSS Exception event: IPv6 DSCP marking mismatch */
NSS_EXCEPTION_EVENT_IPV6_VLAN_MARKING_MISMATCH, /**< NSS Exception event: IPv6 VLAN marking mismatch */
NSS_EXCEPTION_EVENT_IPV6_INTERFACE_MISMATCH, /**< NSS Exception event: IPv6 source interface mismatch */
+ NSS_EXCEPTION_EVENT_IPV6_GRE_NO_ICME, /**< NSS Exception event: GRE protocol no IPv6 conn match entry */
+ NSS_EXCEPTION_EVENT_IPV6_GRE_NEEDS_FRAGMENTATION, /**< NSS Exception event: GRE protocol needs fragmentation */
+ NSS_EXCEPTION_EVENT_IPV6_GRE_SMALL_HOP_LIMIT, /**< NSS Exception event: GRE protocol small hop limit reached */
NSS_EXCEPTION_EVENT_IPV6_DESTROY, /**< NSS Exception event: Destroy */
NSS_EXCEPTION_EVENT_IPV6_MAX /**< IPv6 exception events max type number */
};
diff --git a/nss_ipsec.c b/nss_ipsec.c
index 263c7c6..ba67f41 100644
--- a/nss_ipsec.c
+++ b/nss_ipsec.c
@@ -352,6 +352,27 @@
EXPORT_SYMBOL(nss_ipsec_data_unregister);
/*
+ * nss_ipsec_get_interface_num()
+ * Get the NSS interface number on which ipsec user shall register
+ */
+int32_t nss_ipsec_get_interface(struct nss_ctx_instance *nss_ctx)
+{
+ /*
+ * Check on which core is ipsec enabled
+ */
+ switch(nss_ctx->id) {
+ case 0:
+ return NSS_IPSEC_RULE_INTERFACE;
+
+ case 1:
+ return NSS_C2C_TX_INTERFACE;
+ }
+
+ return -1;
+}
+EXPORT_SYMBOL(nss_ipsec_get_interface);
+
+/*
* nss_ipsec_get_ctx()
* get NSS context instance for IPsec handle
*/
diff --git a/nss_ipsecmgr.c b/nss_ipsecmgr.c
index d0a867a..78a0e89 100644
--- a/nss_ipsecmgr.c
+++ b/nss_ipsecmgr.c
@@ -629,25 +629,6 @@
}
/*
- * nss_ipsecmgr_buf_drop()
- * invalid buffer received;drop it and account it
- */
-static void nss_ipsecmgr_buf_drop(struct net_device *dev, struct sk_buff *skb, __attribute((unused)) struct napi_struct *napi)
-{
- struct iphdr *ip;
-
- BUG_ON(skb == NULL);
-
- ip = (struct iphdr *)skb->data;
- if ((ip->version != IPVERSION) || (ip->ihl != 5)) {
- nss_ipsecmgr_error("dropping packets(IP version:%x, Header len:%x)\n", ip->version, ip->ihl);
- }
-
- /* XXX: increment stats */
-
- dev_kfree_skb_any(skb);
-}
-/*
**********************
* Netdev ops
**********************
@@ -896,6 +877,7 @@
struct net_device *dev;
struct nss_ipsecmgr_priv *priv;
int status;
+ int32_t if_number;
dev = alloc_netdev(sizeof(struct nss_ipsecmgr_priv), NSS_IPSECMGR_TUN_NAME, nss_ipsecmgr_tunnel_setup);
if (!dev) {
@@ -916,11 +898,13 @@
goto fail;
}
- /* if IPsec encap delivers a packet as exeception, then there is something wrong */
- nss_ipsec_data_register(NSS_IPSEC_ENCAP_IF_NUMBER, nss_ipsecmgr_buf_drop, dev);
+ if_number = nss_ipsec_get_interface(priv->nss_ctx);
+ if (if_number < 0) {
+ nss_ipsecmgr_error("Invalid nss interface :%d\n", if_number);
+ return NULL;
+ }
- nss_ipsec_data_register(NSS_C2C_TX_INTERFACE, nss_ipsecmgr_buf_receive, dev);
- nss_ipsec_data_register(NSS_IPSEC_DECAP_IF_NUMBER, nss_ipsecmgr_buf_receive, dev);
+ nss_ipsec_data_register(if_number, nss_ipsecmgr_buf_receive, dev);
nss_ipsec_notify_register(NSS_IPSEC_ENCAP_IF_NUMBER, nss_ipsecmgr_op_receive, dev);
nss_ipsec_notify_register(NSS_IPSEC_DECAP_IF_NUMBER, nss_ipsecmgr_op_receive, dev);