Blame - src/vnet/ipsec/ipsec_api.c - fdio/vpp

blob: b954a6eae9f609b70cbc1ecf4c70eb06f903d5c7 [file] [log] [blame]

Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	1	/*
				2	*------------------------------------------------------------------
				3	* ipsec_api.c - ipsec api
				4	*
				5	* Copyright (c) 2016 Cisco and/or its affiliates.
				6	* Licensed under the Apache License, Version 2.0 (the "License");
				7	* you may not use this file except in compliance with the License.
				8	* You may obtain a copy of the License at:
				9	*
				10	* http://www.apache.org/licenses/LICENSE-2.0
				11	*
				12	* Unless required by applicable law or agreed to in writing, software
				13	* distributed under the License is distributed on an "AS IS" BASIS,
				14	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				15	* See the License for the specific language governing permissions and
				16	* limitations under the License.
				17	*------------------------------------------------------------------
				18	*/
				19
				20	#include <vnet/vnet.h>
				21	#include <vlibmemory/api.h>
				22
				23	#include <vnet/interface.h>
				24	#include <vnet/api_errno.h>
				25	#include <vnet/ip/ip.h>
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	26	#include <vnet/ip/ip_types_api.h>
Prashant Maheshwari	dbf68c9	2019-11-14 12:42:59 +0530	[diff] [blame]	27	#include <vnet/ipsec/ipsec_types_api.h>
Neale Ranns	dd4ccf2	2020-06-30 07:47:14 +0000	[diff] [blame]	28	#include <vnet/tunnel/tunnel_types_api.h>
Pierre Pfister	4c422f9	2018-12-10 11:19:08 +0100	[diff] [blame]	29	#include <vnet/fib/fib.h>
Neale Ranns	12989b5	2019-09-26 16:20:19 +0000	[diff] [blame]	30	#include <vnet/ipip/ipip.h>
Neale Ranns	041add7	2020-01-02 04:06:10 +0000	[diff] [blame]	31	#include <vnet/tunnel/tunnel_types_api.h>
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	32
				33	#include <vnet/vnet_msg_enum.h>
				34
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	35	#include <vnet/ipsec/ipsec.h>
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	36	#include <vnet/ipsec/ipsec_tun.h>
Neale Ranns	dd4ccf2	2020-06-30 07:47:14 +0000	[diff] [blame]	37	#include <vnet/ipsec/ipsec_itf.h>
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	38
				39	#define vl_typedefs /* define message structures */
				40	#include <vnet/vnet_all_api_h.h>
				41	#undef vl_typedefs
				42
				43	#define vl_endianfun /* define message structures */
				44	#include <vnet/vnet_all_api_h.h>
				45	#undef vl_endianfun
				46
				47	/* instantiate all the print functions we know about */
				48	#define vl_print(handle, ...) vlib_cli_output (handle, __VA_ARGS__)
				49	#define vl_printfun
				50	#include <vnet/vnet_all_api_h.h>
				51	#undef vl_printfun
				52
				53	#include <vlibapi/api_helper_macros.h>
				54
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	55	#define foreach_vpe_api_msg \
				56	_ (IPSEC_SPD_ADD_DEL, ipsec_spd_add_del) \
				57	_ (IPSEC_INTERFACE_ADD_DEL_SPD, ipsec_interface_add_del_spd) \
				58	_ (IPSEC_SPD_ENTRY_ADD_DEL, ipsec_spd_entry_add_del) \
				59	_ (IPSEC_SAD_ENTRY_ADD_DEL, ipsec_sad_entry_add_del) \
				60	_ (IPSEC_SAD_ENTRY_ADD_DEL_V2, ipsec_sad_entry_add_del_v2) \
				61	_ (IPSEC_SAD_ENTRY_ADD_DEL_V3, ipsec_sad_entry_add_del_v3) \
				62	_ (IPSEC_SA_DUMP, ipsec_sa_dump) \
				63	_ (IPSEC_SA_V2_DUMP, ipsec_sa_v2_dump) \
				64	_ (IPSEC_SA_V3_DUMP, ipsec_sa_v3_dump) \
				65	_ (IPSEC_SPDS_DUMP, ipsec_spds_dump) \
				66	_ (IPSEC_SPD_DUMP, ipsec_spd_dump) \
				67	_ (IPSEC_SPD_INTERFACE_DUMP, ipsec_spd_interface_dump) \
				68	_ (IPSEC_ITF_CREATE, ipsec_itf_create) \
				69	_ (IPSEC_ITF_DELETE, ipsec_itf_delete) \
				70	_ (IPSEC_ITF_DUMP, ipsec_itf_dump) \
				71	_ (IPSEC_SELECT_BACKEND, ipsec_select_backend) \
				72	_ (IPSEC_BACKEND_DUMP, ipsec_backend_dump) \
				73	_ (IPSEC_TUNNEL_PROTECT_UPDATE, ipsec_tunnel_protect_update) \
				74	_ (IPSEC_TUNNEL_PROTECT_DEL, ipsec_tunnel_protect_del) \
				75	_ (IPSEC_TUNNEL_PROTECT_DUMP, ipsec_tunnel_protect_dump) \
				76	_ (IPSEC_SET_ASYNC_MODE, ipsec_set_async_mode)
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	77
Klement Sekera	b4d3053	2018-11-08 13:00:02 +0100	[diff] [blame]	78	static void
				79	vl_api_ipsec_spd_add_del_t_handler (vl_api_ipsec_spd_add_del_t * mp)
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	80	{
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	81	vlib_main_t *vm __attribute__ ((unused)) = vlib_get_main ();
				82	vl_api_ipsec_spd_add_del_reply_t *rmp;
				83	int rv;
				84
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	85	rv = ipsec_add_del_spd (vm, ntohl (mp->spd_id), mp->is_add);
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	86
				87	REPLY_MACRO (VL_API_IPSEC_SPD_ADD_DEL_REPLY);
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	88	}
				89
				90	static void vl_api_ipsec_interface_add_del_spd_t_handler
				91	(vl_api_ipsec_interface_add_del_spd_t * mp)
				92	{
				93	vlib_main_t *vm __attribute__ ((unused)) = vlib_get_main ();
				94	vl_api_ipsec_interface_add_del_spd_reply_t *rmp;
				95	int rv;
				96	u32 sw_if_index __attribute__ ((unused));
				97	u32 spd_id __attribute__ ((unused));
				98
				99	sw_if_index = ntohl (mp->sw_if_index);
				100	spd_id = ntohl (mp->spd_id);
				101
				102	VALIDATE_SW_IF_INDEX (mp);
				103
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	104	rv = ipsec_set_interface_spd (vm, sw_if_index, spd_id, mp->is_add);
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	105
				106	BAD_SW_IF_INDEX_LABEL;
				107
				108	REPLY_MACRO (VL_API_IPSEC_INTERFACE_ADD_DEL_SPD_REPLY);
				109	}
				110
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	111	static void vl_api_ipsec_tunnel_protect_update_t_handler
				112	(vl_api_ipsec_tunnel_protect_update_t * mp)
				113	{
				114	vlib_main_t *vm __attribute__ ((unused)) = vlib_get_main ();
				115	vl_api_ipsec_tunnel_protect_update_reply_t *rmp;
				116	u32 sw_if_index, ii, *sa_ins = NULL;
Neale Ranns	2828721	2019-12-16 00:53:11 +0000	[diff] [blame]	117	ip_address_t nh;
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	118	int rv;
				119
				120	sw_if_index = ntohl (mp->tunnel.sw_if_index);
				121
				122	VALIDATE_SW_IF_INDEX (&(mp->tunnel));
				123
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	124	for (ii = 0; ii < mp->tunnel.n_sa_in; ii++)
				125	vec_add1 (sa_ins, ntohl (mp->tunnel.sa_in[ii]));
				126
Neale Ranns	2828721	2019-12-16 00:53:11 +0000	[diff] [blame]	127	ip_address_decode2 (&mp->tunnel.nh, &nh);
				128
				129	rv = ipsec_tun_protect_update (sw_if_index, &nh,
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	130	ntohl (mp->tunnel.sa_out), sa_ins);
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	131
				132	BAD_SW_IF_INDEX_LABEL;
				133
				134	REPLY_MACRO (VL_API_IPSEC_TUNNEL_PROTECT_UPDATE_REPLY);
				135	}
				136
				137	static void vl_api_ipsec_tunnel_protect_del_t_handler
				138	(vl_api_ipsec_tunnel_protect_del_t * mp)
				139	{
				140	vlib_main_t *vm __attribute__ ((unused)) = vlib_get_main ();
				141	vl_api_ipsec_tunnel_protect_del_reply_t *rmp;
Neale Ranns	2828721	2019-12-16 00:53:11 +0000	[diff] [blame]	142	ip_address_t nh;
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	143	u32 sw_if_index;
Neale Ranns	2828721	2019-12-16 00:53:11 +0000	[diff] [blame]	144	int rv;
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	145
				146	sw_if_index = ntohl (mp->sw_if_index);
				147
				148	VALIDATE_SW_IF_INDEX (mp);
				149
Neale Ranns	2828721	2019-12-16 00:53:11 +0000	[diff] [blame]	150	ip_address_decode2 (&mp->nh, &nh);
				151	rv = ipsec_tun_protect_del (sw_if_index, &nh);
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	152
				153	BAD_SW_IF_INDEX_LABEL;
				154
				155	REPLY_MACRO (VL_API_IPSEC_TUNNEL_PROTECT_DEL_REPLY);
				156	}
				157
Neale Ranns	12989b5	2019-09-26 16:20:19 +0000	[diff] [blame]	158	typedef struct ipsec_dump_walk_ctx_t_
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	159	{
				160	vl_api_registration_t *reg;
				161	u32 context;
Neale Ranns	12989b5	2019-09-26 16:20:19 +0000	[diff] [blame]	162	} ipsec_dump_walk_ctx_t;
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	163
				164	static walk_rc_t
				165	send_ipsec_tunnel_protect_details (index_t itpi, void *arg)
				166	{
Neale Ranns	12989b5	2019-09-26 16:20:19 +0000	[diff] [blame]	167	ipsec_dump_walk_ctx_t *ctx = arg;
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	168	vl_api_ipsec_tunnel_protect_details_t *mp;
				169	ipsec_tun_protect_t *itp;
Matthew Smith	5cee0bc	2020-03-31 09:52:17 -0500	[diff] [blame]	170	u32 ii = 0;
				171	ipsec_sa_t *sa;
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	172
				173	itp = ipsec_tun_protect_get (itpi);
				174
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	175	mp = vl_msg_api_alloc (sizeof (mp) + (sizeof (u32) itp->itp_n_sa_in));
				176	clib_memset (mp, 0, sizeof (*mp));
				177	mp->_vl_msg_id = ntohs (VL_API_IPSEC_TUNNEL_PROTECT_DETAILS);
				178	mp->context = ctx->context;
				179
				180	mp->tun.sw_if_index = htonl (itp->itp_sw_if_index);
Neale Ranns	2828721	2019-12-16 00:53:11 +0000	[diff] [blame]	181	ip_address_encode2 (itp->itp_key, &mp->tun.nh);
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	182
Matthew Smith	5cee0bc	2020-03-31 09:52:17 -0500	[diff] [blame]	183	sa = ipsec_sa_get (itp->itp_out_sa);
				184	mp->tun.sa_out = htonl (sa->id);
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	185	mp->tun.n_sa_in = itp->itp_n_sa_in;
				186	/* INDENT-OFF */
Matthew Smith	5cee0bc	2020-03-31 09:52:17 -0500	[diff] [blame]	187	FOR_EACH_IPSEC_PROTECT_INPUT_SA(itp, sa,
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	188	({
Matthew Smith	5cee0bc	2020-03-31 09:52:17 -0500	[diff] [blame]	189	mp->tun.sa_in[ii++] = htonl (sa->id);
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	190	}));
				191	/* INDENT-ON */
				192
				193	vl_api_send_msg (ctx->reg, (u8 *) mp);
				194
				195	return (WALK_CONTINUE);
				196	}
				197
				198	static void
				199	vl_api_ipsec_tunnel_protect_dump_t_handler (vl_api_ipsec_tunnel_protect_dump_t
				200	* mp)
				201	{
				202	vl_api_registration_t *reg;
				203	u32 sw_if_index;
				204
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	205	reg = vl_api_client_index_to_registration (mp->client_index);
				206	if (!reg)
				207	return;
				208
Neale Ranns	12989b5	2019-09-26 16:20:19 +0000	[diff] [blame]	209	ipsec_dump_walk_ctx_t ctx = {
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	210	.reg = reg,
				211	.context = mp->context,
				212	};
				213
				214	sw_if_index = ntohl (mp->sw_if_index);
				215
				216	if (~0 == sw_if_index)
				217	{
				218	ipsec_tun_protect_walk (send_ipsec_tunnel_protect_details, &ctx);
				219	}
				220	else
				221	{
Neale Ranns	2828721	2019-12-16 00:53:11 +0000	[diff] [blame]	222	ipsec_tun_protect_walk_itf (sw_if_index,
				223	send_ipsec_tunnel_protect_details, &ctx);
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	224	}
Neale Ranns	c87b66c	2019-02-07 07:26:12 -0800	[diff] [blame]	225	}
				226
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	227	static int
				228	ipsec_spd_action_decode (vl_api_ipsec_spd_action_t in,
				229	ipsec_policy_action_t * out)
				230	{
				231	in = clib_net_to_host_u32 (in);
				232
				233	switch (in)
				234	{
				235	#define _(v,f,s) case IPSEC_API_SPD_ACTION_##f: \
				236	*out = IPSEC_POLICY_ACTION_##f; \
				237	return (0);
				238	foreach_ipsec_policy_action
				239	#undef _
				240	}
				241	return (VNET_API_ERROR_UNIMPLEMENTED);
				242	}
				243
				244	static void vl_api_ipsec_spd_entry_add_del_t_handler
				245	(vl_api_ipsec_spd_entry_add_del_t * mp)
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	246	{
				247	vlib_main_t *vm __attribute__ ((unused)) = vlib_get_main ();
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	248	vl_api_ipsec_spd_entry_add_del_reply_t *rmp;
				249	ip46_type_t itype;
Neale Ranns	a09c1ff	2019-02-04 01:10:30 -0800	[diff] [blame]	250	u32 stat_index;
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	251	int rv;
				252
Neale Ranns	8c2dd1b	2019-02-19 08:27:34 -0800	[diff] [blame]	253	stat_index = ~0;
				254
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	255	ipsec_policy_t p;
				256
Dave Barach	b7b9299	2018-10-17 10:38:51 -0400	[diff] [blame]	257	clib_memset (&p, 0, sizeof (p));
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	258
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	259	p.id = ntohl (mp->entry.spd_id);
				260	p.priority = ntohl (mp->entry.priority);
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	261
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	262	itype = ip_address_decode (&mp->entry.remote_address_start, &p.raddr.start);
				263	ip_address_decode (&mp->entry.remote_address_stop, &p.raddr.stop);
				264	ip_address_decode (&mp->entry.local_address_start, &p.laddr.start);
				265	ip_address_decode (&mp->entry.local_address_stop, &p.laddr.stop);
				266
				267	p.is_ipv6 = (itype == IP46_TYPE_IP6);
				268
				269	p.protocol = mp->entry.protocol;
Neale Ranns	a4d2431	2019-07-10 13:46:21 +0000	[diff] [blame]	270	p.rport.start = ntohs (mp->entry.remote_port_start);
				271	p.rport.stop = ntohs (mp->entry.remote_port_stop);
				272	p.lport.start = ntohs (mp->entry.local_port_start);
				273	p.lport.stop = ntohs (mp->entry.local_port_stop);
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	274
				275	rv = ipsec_spd_action_decode (mp->entry.policy, &p.policy);
				276
				277	if (rv)
				278	goto out;
				279
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	280	/* policy action resolve unsupported */
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	281	if (p.policy == IPSEC_POLICY_ACTION_RESOLVE)
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	282	{
				283	clib_warning ("unsupported action: 'resolve'");
				284	rv = VNET_API_ERROR_UNIMPLEMENTED;
				285	goto out;
				286	}
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	287	p.sa_id = ntohl (mp->entry.sa_id);
Neale Ranns	9f231d4	2019-03-19 10:06:00 +0000	[diff] [blame]	288	rv =
				289	ipsec_policy_mk_type (mp->entry.is_outbound, p.is_ipv6, p.policy,
				290	&p.type);
				291	if (rv)
				292	goto out;
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	293
Neale Ranns	a09c1ff	2019-02-04 01:10:30 -0800	[diff] [blame]	294	rv = ipsec_add_del_policy (vm, &p, mp->is_add, &stat_index);
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	295	if (rv)
				296	goto out;
				297
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	298	out:
Neale Ranns	a09c1ff	2019-02-04 01:10:30 -0800	[diff] [blame]	299	/* INDENT-OFF */
				300	REPLY_MACRO2 (VL_API_IPSEC_SPD_ENTRY_ADD_DEL_REPLY,
				301	({
				302	rmp->stat_index = ntohl(stat_index);
				303	}));
				304	/* INDENT-ON */
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	305	}
				306
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	307	static void vl_api_ipsec_sad_entry_add_del_t_handler
				308	(vl_api_ipsec_sad_entry_add_del_t * mp)
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	309	{
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	310	vl_api_ipsec_sad_entry_add_del_reply_t *rmp;
Neale Ranns	8d7c502	2019-02-06 01:41:05 -0800	[diff] [blame]	311	ipsec_key_t crypto_key, integ_key;
				312	ipsec_crypto_alg_t crypto_alg;
				313	ipsec_integ_alg_t integ_alg;
				314	ipsec_protocol_t proto;
				315	ipsec_sa_flags_t flags;
Dave Barach	a5160d7	2019-03-13 15:29:15 -0400	[diff] [blame]	316	u32 id, spi, sa_index = ~0;
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	317	tunnel_t tun = {
				318	.t_flags = TUNNEL_FLAG_NONE,
				319	.t_encap_decap_flags = TUNNEL_ENCAP_DECAP_FLAG_NONE,
				320	.t_dscp = 0,
				321	.t_mode = TUNNEL_MODE_P2P,
				322	.t_table_id = 0,
				323	.t_hop_limit = 255,
				324	};
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	325	int rv;
Neale Ranns	8d7c502	2019-02-06 01:41:05 -0800	[diff] [blame]	326
Neale Ranns	8d7c502	2019-02-06 01:41:05 -0800	[diff] [blame]	327	id = ntohl (mp->entry.sad_id);
				328	spi = ntohl (mp->entry.spi);
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	329
Neale Ranns	8d7c502	2019-02-06 01:41:05 -0800	[diff] [blame]	330	rv = ipsec_proto_decode (mp->entry.protocol, &proto);
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	331
				332	if (rv)
				333	goto out;
				334
Neale Ranns	8d7c502	2019-02-06 01:41:05 -0800	[diff] [blame]	335	rv = ipsec_crypto_algo_decode (mp->entry.crypto_algorithm, &crypto_alg);
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	336
				337	if (rv)
				338	goto out;
				339
Neale Ranns	8d7c502	2019-02-06 01:41:05 -0800	[diff] [blame]	340	rv = ipsec_integ_algo_decode (mp->entry.integrity_algorithm, &integ_alg);
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	341
				342	if (rv)
				343	goto out;
				344
Neale Ranns	8d7c502	2019-02-06 01:41:05 -0800	[diff] [blame]	345	ipsec_key_decode (&mp->entry.crypto_key, &crypto_key);
				346	ipsec_key_decode (&mp->entry.integrity_key, &integ_key);
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	347
Neale Ranns	8d7c502	2019-02-06 01:41:05 -0800	[diff] [blame]	348	flags = ipsec_sa_flags_decode (mp->entry.flags);
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	349
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	350	ip_address_decode2 (&mp->entry.tunnel_src, &tun.t_src);
				351	ip_address_decode2 (&mp->entry.tunnel_dst, &tun.t_dst);
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	352
Neale Ranns	8d7c502	2019-02-06 01:41:05 -0800	[diff] [blame]	353	if (mp->is_add)
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	354	rv = ipsec_sa_add_and_lock (
				355	id, spi, proto, crypto_alg, &crypto_key, integ_alg, &integ_key, flags,
				356	mp->entry.salt, htons (mp->entry.udp_src_port),
				357	htons (mp->entry.udp_dst_port), &tun, &sa_index);
Neale Ranns	8d7c502	2019-02-06 01:41:05 -0800	[diff] [blame]	358	else
Neale Ranns	495d7ff	2019-07-12 09:15:26 +0000	[diff] [blame]	359	rv = ipsec_sa_unlock_id (id);
Neale Ranns	8d7c502	2019-02-06 01:41:05 -0800	[diff] [blame]	360
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	361	out:
Neale Ranns	eba31ec	2019-02-17 18:04:27 +0000	[diff] [blame]	362	/* INDENT-OFF */
				363	REPLY_MACRO2 (VL_API_IPSEC_SAD_ENTRY_ADD_DEL_REPLY,
				364	{
				365	rmp->stat_index = htonl (sa_index);
				366	});
				367	/* INDENT-ON */
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	368	}
				369
Neale Ranns	041add7	2020-01-02 04:06:10 +0000	[diff] [blame]	370	static void vl_api_ipsec_sad_entry_add_del_v2_t_handler
				371	(vl_api_ipsec_sad_entry_add_del_v2_t * mp)
				372	{
				373	vlib_main_t *vm __attribute__ ((unused)) = vlib_get_main ();
				374	vl_api_ipsec_sad_entry_add_del_v2_reply_t *rmp;
Neale Ranns	041add7	2020-01-02 04:06:10 +0000	[diff] [blame]	375	ipsec_key_t crypto_key, integ_key;
				376	ipsec_crypto_alg_t crypto_alg;
				377	ipsec_integ_alg_t integ_alg;
				378	ipsec_protocol_t proto;
				379	ipsec_sa_flags_t flags;
				380	u32 id, spi, sa_index = ~0;
				381	int rv;
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	382	tunnel_t tun = {
				383	.t_flags = TUNNEL_FLAG_NONE,
				384	.t_encap_decap_flags = TUNNEL_ENCAP_DECAP_FLAG_NONE,
				385	.t_dscp = 0,
				386	.t_mode = TUNNEL_MODE_P2P,
				387	.t_table_id = htonl (mp->entry.tx_table_id),
				388	.t_hop_limit = 255,
				389	};
				390
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	391	id = ntohl (mp->entry.sad_id);
				392	spi = ntohl (mp->entry.spi);
				393
				394	rv = ipsec_proto_decode (mp->entry.protocol, &proto);
				395
				396	if (rv)
				397	goto out;
				398
				399	rv = ipsec_crypto_algo_decode (mp->entry.crypto_algorithm, &crypto_alg);
				400
				401	if (rv)
				402	goto out;
				403
				404	rv = ipsec_integ_algo_decode (mp->entry.integrity_algorithm, &integ_alg);
				405
				406	if (rv)
				407	goto out;
				408
				409	rv = tunnel_encap_decap_flags_decode (mp->entry.tunnel_flags,
				410	&tun.t_encap_decap_flags);
				411
				412	if (rv)
				413	goto out;
				414
				415	ipsec_key_decode (&mp->entry.crypto_key, &crypto_key);
				416	ipsec_key_decode (&mp->entry.integrity_key, &integ_key);
				417
				418	flags = ipsec_sa_flags_decode (mp->entry.flags);
				419	tun.t_dscp = ip_dscp_decode (mp->entry.dscp);
				420
				421	ip_address_decode2 (&mp->entry.tunnel_src, &tun.t_src);
				422	ip_address_decode2 (&mp->entry.tunnel_dst, &tun.t_dst);
				423
				424	if (mp->is_add)
				425	rv = ipsec_sa_add_and_lock (
				426	id, spi, proto, crypto_alg, &crypto_key, integ_alg, &integ_key, flags,
				427	mp->entry.salt, htons (mp->entry.udp_src_port),
				428	htons (mp->entry.udp_dst_port), &tun, &sa_index);
				429	else
				430	rv = ipsec_sa_unlock_id (id);
				431
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	432	out:
				433	/* INDENT-OFF */
				434	REPLY_MACRO2 (VL_API_IPSEC_SAD_ENTRY_ADD_DEL_V2_REPLY,
				435	{
				436	rmp->stat_index = htonl (sa_index);
				437	});
				438	/* INDENT-ON */
				439	}
				440
				441	static void
				442	vl_api_ipsec_sad_entry_add_del_v3_t_handler (
				443	vl_api_ipsec_sad_entry_add_del_v3_t *mp)
				444	{
				445	vl_api_ipsec_sad_entry_add_del_v3_reply_t *rmp;
				446	ipsec_key_t crypto_key, integ_key;
				447	ipsec_crypto_alg_t crypto_alg;
				448	ipsec_integ_alg_t integ_alg;
				449	ipsec_protocol_t proto;
				450	ipsec_sa_flags_t flags;
				451	u32 id, spi, sa_index = ~0;
				452	tunnel_t tun;
				453	int rv;
Neale Ranns	c7eaa71	2021-02-04 11:09:33 +0000	[diff] [blame]	454
Neale Ranns	c7eaa71	2021-02-04 11:09:33 +0000	[diff] [blame]	455	id = ntohl (mp->entry.sad_id);
				456	spi = ntohl (mp->entry.spi);
				457
				458	rv = ipsec_proto_decode (mp->entry.protocol, &proto);
				459
				460	if (rv)
				461	goto out;
				462
				463	rv = ipsec_crypto_algo_decode (mp->entry.crypto_algorithm, &crypto_alg);
				464
				465	if (rv)
				466	goto out;
				467
				468	rv = ipsec_integ_algo_decode (mp->entry.integrity_algorithm, &integ_alg);
				469
				470	if (rv)
				471	goto out;
				472
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	473	flags = ipsec_sa_flags_decode (mp->entry.flags);
Neale Ranns	c7eaa71	2021-02-04 11:09:33 +0000	[diff] [blame]	474
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	475	if (flags & IPSEC_SA_FLAG_IS_TUNNEL)
				476	{
				477	rv = tunnel_decode (&mp->entry.tunnel, &tun);
				478
				479	if (rv)
				480	goto out;
				481	}
Neale Ranns	c7eaa71	2021-02-04 11:09:33 +0000	[diff] [blame]	482
				483	ipsec_key_decode (&mp->entry.crypto_key, &crypto_key);
				484	ipsec_key_decode (&mp->entry.integrity_key, &integ_key);
				485
Neale Ranns	c7eaa71	2021-02-04 11:09:33 +0000	[diff] [blame]	486	if (mp->is_add)
				487	rv = ipsec_sa_add_and_lock (
				488	id, spi, proto, crypto_alg, &crypto_key, integ_alg, &integ_key, flags,
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	489	mp->entry.salt, htons (mp->entry.udp_src_port),
				490	htons (mp->entry.udp_dst_port), &tun, &sa_index);
Neale Ranns	c7eaa71	2021-02-04 11:09:33 +0000	[diff] [blame]	491	else
				492	rv = ipsec_sa_unlock_id (id);
				493
Neale Ranns	c7eaa71	2021-02-04 11:09:33 +0000	[diff] [blame]	494	out:
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	495	REPLY_MACRO2 (VL_API_IPSEC_SAD_ENTRY_ADD_DEL_V3_REPLY,
				496	{ rmp->stat_index = htonl (sa_index); });
Neale Ranns	c7eaa71	2021-02-04 11:09:33 +0000	[diff] [blame]	497	}
				498
				499	static void
Matus Fabian	a9a0b2c	2018-10-02 01:13:25 -0700	[diff] [blame]	500	send_ipsec_spds_details (ipsec_spd_t * spd, vl_api_registration_t * reg,
				501	u32 context)
				502	{
				503	vl_api_ipsec_spds_details_t *mp;
Neale Ranns	a09c1ff	2019-02-04 01:10:30 -0800	[diff] [blame]	504	u32 n_policies = 0;
Matus Fabian	a9a0b2c	2018-10-02 01:13:25 -0700	[diff] [blame]	505
				506	mp = vl_msg_api_alloc (sizeof (*mp));
Dave Barach	b7b9299	2018-10-17 10:38:51 -0400	[diff] [blame]	507	clib_memset (mp, 0, sizeof (*mp));
Matus Fabian	a9a0b2c	2018-10-02 01:13:25 -0700	[diff] [blame]	508	mp->_vl_msg_id = ntohs (VL_API_IPSEC_SPDS_DETAILS);
				509	mp->context = context;
				510
				511	mp->spd_id = htonl (spd->id);
Neale Ranns	a09c1ff	2019-02-04 01:10:30 -0800	[diff] [blame]	512	#define _(s, n) n_policies += vec_len (spd->policies[IPSEC_SPD_POLICY_##s]);
				513	foreach_ipsec_spd_policy_type
				514	#undef _
				515	mp->npolicies = htonl (n_policies);
Matus Fabian	a9a0b2c	2018-10-02 01:13:25 -0700	[diff] [blame]	516
				517	vl_api_send_msg (reg, (u8 *) mp);
				518	}
				519
				520	static void
				521	vl_api_ipsec_spds_dump_t_handler (vl_api_ipsec_spds_dump_t * mp)
				522	{
				523	vl_api_registration_t *reg;
				524	ipsec_main_t *im = &ipsec_main;
				525	ipsec_spd_t *spd;
Damjan Marion	9789898	2021-04-19 18:15:31 +0200	[diff] [blame]	526
Matus Fabian	a9a0b2c	2018-10-02 01:13:25 -0700	[diff] [blame]	527	reg = vl_api_client_index_to_registration (mp->client_index);
				528	if (!reg)
				529	return;
				530
Damjan Marion	b2c31b6	2020-12-13 21:47:40 +0100	[diff] [blame]	531	pool_foreach (spd, im->spds) {
Matus Fabian	a9a0b2c	2018-10-02 01:13:25 -0700	[diff] [blame]	532	send_ipsec_spds_details (spd, reg, mp->context);
Damjan Marion	b2c31b6	2020-12-13 21:47:40 +0100	[diff] [blame]	533	}
Matus Fabian	a9a0b2c	2018-10-02 01:13:25 -0700	[diff] [blame]	534	}
				535
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	536	vl_api_ipsec_spd_action_t
				537	ipsec_spd_action_encode (ipsec_policy_action_t in)
				538	{
				539	vl_api_ipsec_spd_action_t out = IPSEC_API_SPD_ACTION_BYPASS;
				540
				541	switch (in)
				542	{
				543	#define _(v,f,s) case IPSEC_POLICY_ACTION_##f: \
				544	out = IPSEC_API_SPD_ACTION_##f; \
				545	break;
				546	foreach_ipsec_policy_action
				547	#undef _
				548	}
				549	return (clib_host_to_net_u32 (out));
				550	}
				551
Matus Fabian	a9a0b2c	2018-10-02 01:13:25 -0700	[diff] [blame]	552	static void
Florin Coras	6c4dae2	2018-01-09 06:39:23 -0800	[diff] [blame]	553	send_ipsec_spd_details (ipsec_policy_t * p, vl_api_registration_t * reg,
				554	u32 context)
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	555	{
				556	vl_api_ipsec_spd_details_t *mp;
				557
				558	mp = vl_msg_api_alloc (sizeof (*mp));
Dave Barach	b7b9299	2018-10-17 10:38:51 -0400	[diff] [blame]	559	clib_memset (mp, 0, sizeof (*mp));
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	560	mp->_vl_msg_id = ntohs (VL_API_IPSEC_SPD_DETAILS);
				561	mp->context = context;
				562
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	563	mp->entry.spd_id = htonl (p->id);
				564	mp->entry.priority = htonl (p->priority);
Neale Ranns	9f231d4	2019-03-19 10:06:00 +0000	[diff] [blame]	565	mp->entry.is_outbound = ((p->type == IPSEC_SPD_POLICY_IP6_OUTBOUND) \|\|
				566	(p->type == IPSEC_SPD_POLICY_IP4_OUTBOUND));
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	567
				568	ip_address_encode (&p->laddr.start, IP46_TYPE_ANY,
				569	&mp->entry.local_address_start);
				570	ip_address_encode (&p->laddr.stop, IP46_TYPE_ANY,
				571	&mp->entry.local_address_stop);
				572	ip_address_encode (&p->raddr.start, IP46_TYPE_ANY,
				573	&mp->entry.remote_address_start);
				574	ip_address_encode (&p->raddr.stop, IP46_TYPE_ANY,
				575	&mp->entry.remote_address_stop);
Neale Ranns	a4d2431	2019-07-10 13:46:21 +0000	[diff] [blame]	576	mp->entry.local_port_start = htons (p->lport.start);
				577	mp->entry.local_port_stop = htons (p->lport.stop);
				578	mp->entry.remote_port_start = htons (p->rport.start);
				579	mp->entry.remote_port_stop = htons (p->rport.stop);
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	580	mp->entry.protocol = p->protocol;
				581	mp->entry.policy = ipsec_spd_action_encode (p->policy);
				582	mp->entry.sa_id = htonl (p->sa_id);
				583
Florin Coras	6c4dae2	2018-01-09 06:39:23 -0800	[diff] [blame]	584	vl_api_send_msg (reg, (u8 *) mp);
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	585	}
				586
				587	static void
				588	vl_api_ipsec_spd_dump_t_handler (vl_api_ipsec_spd_dump_t * mp)
				589	{
Florin Coras	6c4dae2	2018-01-09 06:39:23 -0800	[diff] [blame]	590	vl_api_registration_t *reg;
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	591	ipsec_main_t *im = &ipsec_main;
Neale Ranns	9f231d4	2019-03-19 10:06:00 +0000	[diff] [blame]	592	ipsec_spd_policy_type_t ptype;
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	593	ipsec_policy_t *policy;
				594	ipsec_spd_t *spd;
				595	uword *p;
Neale Ranns	a09c1ff	2019-02-04 01:10:30 -0800	[diff] [blame]	596	u32 spd_index, *ii;
Damjan Marion	9789898	2021-04-19 18:15:31 +0200	[diff] [blame]	597
Florin Coras	6c4dae2	2018-01-09 06:39:23 -0800	[diff] [blame]	598	reg = vl_api_client_index_to_registration (mp->client_index);
				599	if (!reg)
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	600	return;
				601
				602	p = hash_get (im->spd_index_by_spd_id, ntohl (mp->spd_id));
				603	if (!p)
				604	return;
				605
				606	spd_index = p[0];
				607	spd = pool_elt_at_index (im->spds, spd_index);
				608
Neale Ranns	a09c1ff	2019-02-04 01:10:30 -0800	[diff] [blame]	609	FOR_EACH_IPSEC_SPD_POLICY_TYPE(ptype) {
				610	vec_foreach(ii, spd->policies[ptype])
				611	{
				612	policy = pool_elt_at_index(im->policies, *ii);
				613
				614	if (mp->sa_id == ~(0) \|\| ntohl (mp->sa_id) == policy->sa_id)
				615	send_ipsec_spd_details (policy, reg, mp->context);
				616	}
				617	}
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	618	}
				619
				620	static void
Filip Varga	871bca9	2018-11-02 13:51:44 +0100	[diff] [blame]	621	send_ipsec_spd_interface_details (vl_api_registration_t * reg, u32 spd_index,
				622	u32 sw_if_index, u32 context)
				623	{
				624	vl_api_ipsec_spd_interface_details_t *mp;
				625
				626	mp = vl_msg_api_alloc (sizeof (*mp));
				627	clib_memset (mp, 0, sizeof (*mp));
				628	mp->_vl_msg_id = ntohs (VL_API_IPSEC_SPD_INTERFACE_DETAILS);
				629	mp->context = context;
				630
				631	mp->spd_index = htonl (spd_index);
				632	mp->sw_if_index = htonl (sw_if_index);
				633
				634	vl_api_send_msg (reg, (u8 *) mp);
				635	}
				636
				637	static void
				638	vl_api_ipsec_spd_interface_dump_t_handler (vl_api_ipsec_spd_interface_dump_t *
				639	mp)
				640	{
				641	ipsec_main_t *im = &ipsec_main;
				642	vl_api_registration_t *reg;
				643	u32 k, v, spd_index;
				644
Filip Varga	871bca9	2018-11-02 13:51:44 +0100	[diff] [blame]	645	reg = vl_api_client_index_to_registration (mp->client_index);
				646	if (!reg)
				647	return;
				648
				649	if (mp->spd_index_valid)
				650	{
				651	spd_index = ntohl (mp->spd_index);
				652	/* INDENT-OFF */
				653	hash_foreach(k, v, im->spd_index_by_sw_if_index, ({
				654	if (v == spd_index)
				655	send_ipsec_spd_interface_details(reg, v, k, mp->context);
				656	}));
				657	/* INDENT-ON */
				658	}
				659	else
				660	{
Filip Varga	871bca9	2018-11-02 13:51:44 +0100	[diff] [blame]	661	hash_foreach(k, v, im->spd_index_by_sw_if_index, ({
				662	send_ipsec_spd_interface_details(reg, v, k, mp->context);
				663	}));
Filip Varga	871bca9	2018-11-02 13:51:44 +0100	[diff] [blame]	664	}
Filip Varga	871bca9	2018-11-02 13:51:44 +0100	[diff] [blame]	665	}
				666
Neale Ranns	dd4ccf2	2020-06-30 07:47:14 +0000	[diff] [blame]	667	static void
				668	vl_api_ipsec_itf_create_t_handler (vl_api_ipsec_itf_create_t * mp)
				669	{
				670	vl_api_ipsec_itf_create_reply_t *rmp;
				671	tunnel_mode_t mode;
				672	u32 sw_if_index = ~0;
				673	int rv;
				674
				675	rv = tunnel_mode_decode (mp->itf.mode, &mode);
				676
				677	if (!rv)
				678	rv = ipsec_itf_create (ntohl (mp->itf.user_instance), mode, &sw_if_index);
				679
				680	/* INDENT-OFF */
				681	REPLY_MACRO2 (VL_API_IPSEC_ITF_CREATE_REPLY,
				682	({
				683	rmp->sw_if_index = htonl (sw_if_index);
				684	}));
				685	/* INDENT-ON */
				686	}
				687
				688	static void
				689	vl_api_ipsec_itf_delete_t_handler (vl_api_ipsec_itf_delete_t * mp)
				690	{
				691	vl_api_ipsec_itf_delete_reply_t *rmp;
				692	int rv;
				693
				694	rv = ipsec_itf_delete (ntohl (mp->sw_if_index));
				695
				696	REPLY_MACRO (VL_API_IPSEC_ITF_DELETE_REPLY);
				697	}
				698
				699	static void
				700	vl_api_ipsec_itf_dump_t_handler (vl_api_ipsec_itf_dump_t * mp)
				701	{
				702	}
				703
Neale Ranns	12989b5	2019-09-26 16:20:19 +0000	[diff] [blame]	704	typedef struct ipsec_sa_dump_match_ctx_t_
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	705	{
Neale Ranns	12989b5	2019-09-26 16:20:19 +0000	[diff] [blame]	706	index_t sai;
				707	u32 sw_if_index;
				708	} ipsec_sa_dump_match_ctx_t;
				709
				710	static walk_rc_t
				711	ipsec_sa_dump_match_sa (index_t itpi, void *arg)
				712	{
				713	ipsec_sa_dump_match_ctx_t *ctx = arg;
				714	ipsec_tun_protect_t *itp;
				715	index_t sai;
				716
				717	itp = ipsec_tun_protect_get (itpi);
				718
				719	if (itp->itp_out_sa == ctx->sai)
				720	{
				721	ctx->sw_if_index = itp->itp_sw_if_index;
				722	return (WALK_STOP);
				723	}
Damjan Marion	9789898	2021-04-19 18:15:31 +0200	[diff] [blame]	724
Neale Ranns	12989b5	2019-09-26 16:20:19 +0000	[diff] [blame]	725	FOR_EACH_IPSEC_PROTECT_INPUT_SAI (itp, sai,
				726	({
				727	if (sai == ctx->sai)
				728	{
				729	ctx->sw_if_index = itp->itp_sw_if_index;
				730	return (WALK_STOP);
				731	}
				732	}));
Neale Ranns	12989b5	2019-09-26 16:20:19 +0000	[diff] [blame]	733
				734	return (WALK_CONTINUE);
				735	}
				736
				737	static walk_rc_t
				738	send_ipsec_sa_details (ipsec_sa_t * sa, void *arg)
				739	{
				740	ipsec_dump_walk_ctx_t *ctx = arg;
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	741	vl_api_ipsec_sa_details_t *mp;
				742
				743	mp = vl_msg_api_alloc (sizeof (*mp));
Dave Barach	b7b9299	2018-10-17 10:38:51 -0400	[diff] [blame]	744	clib_memset (mp, 0, sizeof (*mp));
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	745	mp->_vl_msg_id = ntohs (VL_API_IPSEC_SA_DETAILS);
Neale Ranns	12989b5	2019-09-26 16:20:19 +0000	[diff] [blame]	746	mp->context = ctx->context;
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	747
Neale Ranns	8d7c502	2019-02-06 01:41:05 -0800	[diff] [blame]	748	mp->entry.sad_id = htonl (sa->id);
				749	mp->entry.spi = htonl (sa->spi);
				750	mp->entry.protocol = ipsec_proto_encode (sa->protocol);
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	751	mp->entry.tx_table_id = htonl (sa->tunnel.t_table_id);
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	752
Neale Ranns	8d7c502	2019-02-06 01:41:05 -0800	[diff] [blame]	753	mp->entry.crypto_algorithm = ipsec_crypto_algo_encode (sa->crypto_alg);
				754	ipsec_key_encode (&sa->crypto_key, &mp->entry.crypto_key);
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	755
Neale Ranns	8d7c502	2019-02-06 01:41:05 -0800	[diff] [blame]	756	mp->entry.integrity_algorithm = ipsec_integ_algo_encode (sa->integ_alg);
				757	ipsec_key_encode (&sa->integ_key, &mp->entry.integrity_key);
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	758
Neale Ranns	8d7c502	2019-02-06 01:41:05 -0800	[diff] [blame]	759	mp->entry.flags = ipsec_sad_flags_encode (sa);
Neale Ranns	12989b5	2019-09-26 16:20:19 +0000	[diff] [blame]	760	mp->entry.salt = clib_host_to_net_u32 (sa->salt);
				761
				762	if (ipsec_sa_is_set_IS_PROTECT (sa))
				763	{
				764	ipsec_sa_dump_match_ctx_t ctx = {
Neale Ranns	c5fe57d	2021-02-25 16:01:28 +0000	[diff] [blame]	765	.sai = sa - ipsec_sa_pool,
				766	.sw_if_index = ~0,
Neale Ranns	12989b5	2019-09-26 16:20:19 +0000	[diff] [blame]	767	};
				768	ipsec_tun_protect_walk (ipsec_sa_dump_match_sa, &ctx);
				769
				770	mp->sw_if_index = htonl (ctx.sw_if_index);
				771	}
				772	else
				773	mp->sw_if_index = ~0;
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	774
Damjan Marion	d709cbc	2019-03-26 13:16:42 +0100	[diff] [blame]	775	if (ipsec_sa_is_set_IS_TUNNEL (sa))
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	776	{
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	777	ip_address_encode2 (&sa->tunnel.t_src, &mp->entry.tunnel_src);
				778	ip_address_encode2 (&sa->tunnel.t_dst, &mp->entry.tunnel_dst);
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	779	}
Neale Ranns	abc5660	2020-04-01 09:45:23 +0000	[diff] [blame]	780	if (ipsec_sa_is_set_UDP_ENCAP (sa))
				781	{
				782	mp->entry.udp_src_port = sa->udp_hdr.src_port;
				783	mp->entry.udp_dst_port = sa->udp_hdr.dst_port;
				784	}
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	785
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	786	mp->seq_outbound = clib_host_to_net_u64 (((u64) sa->seq));
				787	mp->last_seq_inbound = clib_host_to_net_u64 (((u64) sa->last_seq));
Damjan Marion	1e3aa5e	2019-03-28 10:58:59 +0100	[diff] [blame]	788	if (ipsec_sa_is_set_USE_ESN (sa))
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	789	{
				790	mp->seq_outbound \|= (u64) (clib_host_to_net_u32 (sa->seq_hi));
				791	mp->last_seq_inbound \|= (u64) (clib_host_to_net_u32 (sa->last_seq_hi));
				792	}
Damjan Marion	d709cbc	2019-03-26 13:16:42 +0100	[diff] [blame]	793	if (ipsec_sa_is_set_USE_ANTI_REPLAY (sa))
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	794	mp->replay_window = clib_host_to_net_u64 (sa->replay_window);
Pierre Pfister	4c422f9	2018-12-10 11:19:08 +0100	[diff] [blame]	795
Matthew Smith	48d32b4	2020-04-02 07:45:49 -0500	[diff] [blame]	796	mp->stat_index = clib_host_to_net_u32 (sa->stat_index);
				797
Neale Ranns	12989b5	2019-09-26 16:20:19 +0000	[diff] [blame]	798	vl_api_send_msg (ctx->reg, (u8 *) mp);
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	799
Neale Ranns	12989b5	2019-09-26 16:20:19 +0000	[diff] [blame]	800	return (WALK_CONTINUE);
				801	}
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	802
				803	static void
				804	vl_api_ipsec_sa_dump_t_handler (vl_api_ipsec_sa_dump_t * mp)
				805	{
Florin Coras	6c4dae2	2018-01-09 06:39:23 -0800	[diff] [blame]	806	vl_api_registration_t *reg;
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	807
Florin Coras	6c4dae2	2018-01-09 06:39:23 -0800	[diff] [blame]	808	reg = vl_api_client_index_to_registration (mp->client_index);
Neale Ranns	12989b5	2019-09-26 16:20:19 +0000	[diff] [blame]	809	if (!reg)
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	810	return;
				811
Neale Ranns	12989b5	2019-09-26 16:20:19 +0000	[diff] [blame]	812	ipsec_dump_walk_ctx_t ctx = {
				813	.reg = reg,
				814	.context = mp->context,
				815	};
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	816
Neale Ranns	12989b5	2019-09-26 16:20:19 +0000	[diff] [blame]	817	ipsec_sa_walk (send_ipsec_sa_details, &ctx);
Matthew Smith	2802953	2017-09-26 13:33:44 -0500	[diff] [blame]	818	}
				819
Neale Ranns	041add7	2020-01-02 04:06:10 +0000	[diff] [blame]	820	static walk_rc_t
				821	send_ipsec_sa_v2_details (ipsec_sa_t * sa, void *arg)
				822	{
				823	ipsec_dump_walk_ctx_t *ctx = arg;
				824	vl_api_ipsec_sa_v2_details_t *mp;
Neale Ranns	041add7	2020-01-02 04:06:10 +0000	[diff] [blame]	825
				826	mp = vl_msg_api_alloc (sizeof (*mp));
				827	clib_memset (mp, 0, sizeof (*mp));
				828	mp->_vl_msg_id = ntohs (VL_API_IPSEC_SA_V2_DETAILS);
				829	mp->context = ctx->context;
				830
				831	mp->entry.sad_id = htonl (sa->id);
				832	mp->entry.spi = htonl (sa->spi);
				833	mp->entry.protocol = ipsec_proto_encode (sa->protocol);
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	834	mp->entry.tx_table_id = htonl (sa->tunnel.t_table_id);
Neale Ranns	041add7	2020-01-02 04:06:10 +0000	[diff] [blame]	835
				836	mp->entry.crypto_algorithm = ipsec_crypto_algo_encode (sa->crypto_alg);
				837	ipsec_key_encode (&sa->crypto_key, &mp->entry.crypto_key);
				838
				839	mp->entry.integrity_algorithm = ipsec_integ_algo_encode (sa->integ_alg);
				840	ipsec_key_encode (&sa->integ_key, &mp->entry.integrity_key);
				841
				842	mp->entry.flags = ipsec_sad_flags_encode (sa);
				843	mp->entry.salt = clib_host_to_net_u32 (sa->salt);
				844
				845	if (ipsec_sa_is_set_IS_PROTECT (sa))
				846	{
				847	ipsec_sa_dump_match_ctx_t ctx = {
Neale Ranns	c5fe57d	2021-02-25 16:01:28 +0000	[diff] [blame]	848	.sai = sa - ipsec_sa_pool,
				849	.sw_if_index = ~0,
Neale Ranns	041add7	2020-01-02 04:06:10 +0000	[diff] [blame]	850	};
				851	ipsec_tun_protect_walk (ipsec_sa_dump_match_sa, &ctx);
				852
				853	mp->sw_if_index = htonl (ctx.sw_if_index);
				854	}
				855	else
				856	mp->sw_if_index = ~0;
				857
				858	if (ipsec_sa_is_set_IS_TUNNEL (sa))
				859	{
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	860	ip_address_encode2 (&sa->tunnel.t_src, &mp->entry.tunnel_src);
				861	ip_address_encode2 (&sa->tunnel.t_dst, &mp->entry.tunnel_dst);
Neale Ranns	041add7	2020-01-02 04:06:10 +0000	[diff] [blame]	862	}
				863	if (ipsec_sa_is_set_UDP_ENCAP (sa))
				864	{
				865	mp->entry.udp_src_port = sa->udp_hdr.src_port;
				866	mp->entry.udp_dst_port = sa->udp_hdr.dst_port;
				867	}
				868
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	869	mp->entry.tunnel_flags =
				870	tunnel_encap_decap_flags_encode (sa->tunnel.t_encap_decap_flags);
				871	mp->entry.dscp = ip_dscp_encode (sa->tunnel.t_dscp);
Neale Ranns	041add7	2020-01-02 04:06:10 +0000	[diff] [blame]	872
				873	mp->seq_outbound = clib_host_to_net_u64 (((u64) sa->seq));
				874	mp->last_seq_inbound = clib_host_to_net_u64 (((u64) sa->last_seq));
				875	if (ipsec_sa_is_set_USE_ESN (sa))
				876	{
				877	mp->seq_outbound \|= (u64) (clib_host_to_net_u32 (sa->seq_hi));
				878	mp->last_seq_inbound \|= (u64) (clib_host_to_net_u32 (sa->last_seq_hi));
				879	}
				880	if (ipsec_sa_is_set_USE_ANTI_REPLAY (sa))
				881	mp->replay_window = clib_host_to_net_u64 (sa->replay_window);
				882
				883	mp->stat_index = clib_host_to_net_u32 (sa->stat_index);
				884
				885	vl_api_send_msg (ctx->reg, (u8 *) mp);
				886
				887	return (WALK_CONTINUE);
				888	}
				889
				890	static void
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	891	vl_api_ipsec_sa_v2_dump_t_handler (vl_api_ipsec_sa_v2_dump_t *mp)
Neale Ranns	041add7	2020-01-02 04:06:10 +0000	[diff] [blame]	892	{
				893	vl_api_registration_t *reg;
				894
Neale Ranns	041add7	2020-01-02 04:06:10 +0000	[diff] [blame]	895	reg = vl_api_client_index_to_registration (mp->client_index);
				896	if (!reg)
				897	return;
				898
				899	ipsec_dump_walk_ctx_t ctx = {
				900	.reg = reg,
				901	.context = mp->context,
				902	};
				903
				904	ipsec_sa_walk (send_ipsec_sa_v2_details, &ctx);
Neale Ranns	041add7	2020-01-02 04:06:10 +0000	[diff] [blame]	905	}
				906
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	907	static walk_rc_t
				908	send_ipsec_sa_v3_details (ipsec_sa_t sa, void arg)
				909	{
				910	ipsec_dump_walk_ctx_t *ctx = arg;
				911	vl_api_ipsec_sa_v3_details_t *mp;
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	912
				913	mp = vl_msg_api_alloc (sizeof (*mp));
				914	clib_memset (mp, 0, sizeof (*mp));
				915	mp->_vl_msg_id = ntohs (VL_API_IPSEC_SA_V3_DETAILS);
				916	mp->context = ctx->context;
				917
				918	mp->entry.sad_id = htonl (sa->id);
				919	mp->entry.spi = htonl (sa->spi);
				920	mp->entry.protocol = ipsec_proto_encode (sa->protocol);
				921
				922	mp->entry.crypto_algorithm = ipsec_crypto_algo_encode (sa->crypto_alg);
				923	ipsec_key_encode (&sa->crypto_key, &mp->entry.crypto_key);
				924
				925	mp->entry.integrity_algorithm = ipsec_integ_algo_encode (sa->integ_alg);
				926	ipsec_key_encode (&sa->integ_key, &mp->entry.integrity_key);
				927
				928	mp->entry.flags = ipsec_sad_flags_encode (sa);
				929	mp->entry.salt = clib_host_to_net_u32 (sa->salt);
				930
				931	if (ipsec_sa_is_set_IS_PROTECT (sa))
				932	{
				933	ipsec_sa_dump_match_ctx_t ctx = {
Neale Ranns	c5fe57d	2021-02-25 16:01:28 +0000	[diff] [blame]	934	.sai = sa - ipsec_sa_pool,
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	935	.sw_if_index = ~0,
				936	};
				937	ipsec_tun_protect_walk (ipsec_sa_dump_match_sa, &ctx);
				938
				939	mp->sw_if_index = htonl (ctx.sw_if_index);
				940	}
				941	else
				942	mp->sw_if_index = ~0;
				943
				944	if (ipsec_sa_is_set_IS_TUNNEL (sa))
				945	tunnel_encode (&sa->tunnel, &mp->entry.tunnel);
				946
				947	if (ipsec_sa_is_set_UDP_ENCAP (sa))
				948	{
				949	mp->entry.udp_src_port = sa->udp_hdr.src_port;
				950	mp->entry.udp_dst_port = sa->udp_hdr.dst_port;
				951	}
				952
				953	mp->seq_outbound = clib_host_to_net_u64 (((u64) sa->seq));
				954	mp->last_seq_inbound = clib_host_to_net_u64 (((u64) sa->last_seq));
				955	if (ipsec_sa_is_set_USE_ESN (sa))
				956	{
				957	mp->seq_outbound \|= (u64) (clib_host_to_net_u32 (sa->seq_hi));
				958	mp->last_seq_inbound \|= (u64) (clib_host_to_net_u32 (sa->last_seq_hi));
				959	}
				960	if (ipsec_sa_is_set_USE_ANTI_REPLAY (sa))
				961	mp->replay_window = clib_host_to_net_u64 (sa->replay_window);
				962
				963	mp->stat_index = clib_host_to_net_u32 (sa->stat_index);
				964
				965	vl_api_send_msg (ctx->reg, (u8 *) mp);
				966
				967	return (WALK_CONTINUE);
				968	}
				969
				970	static void
				971	vl_api_ipsec_sa_v3_dump_t_handler (vl_api_ipsec_sa_v3_dump_t *mp)
				972	{
				973	vl_api_registration_t *reg;
				974
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	975	reg = vl_api_client_index_to_registration (mp->client_index);
				976	if (!reg)
				977	return;
				978
				979	ipsec_dump_walk_ctx_t ctx = {
				980	.reg = reg,
				981	.context = mp->context,
				982	};
				983
				984	ipsec_sa_walk (send_ipsec_sa_v3_details, &ctx);
Neale Ranns	9ec846c	2021-02-09 14:04:02 +0000	[diff] [blame]	985	}
				986
Matthew Smith	75d8560	2017-10-05 19:03:05 -0500	[diff] [blame]	987	static void
Klement Sekera	b4d3053	2018-11-08 13:00:02 +0100	[diff] [blame]	988	vl_api_ipsec_backend_dump_t_handler (vl_api_ipsec_backend_dump_t * mp)
				989	{
				990	vl_api_registration_t *rp;
				991	ipsec_main_t *im = &ipsec_main;
				992	u32 context = mp->context;
				993
				994	rp = vl_api_client_index_to_registration (mp->client_index);
				995
				996	if (rp == 0)
				997	{
				998	clib_warning ("Client %d AWOL", mp->client_index);
				999	return;
				1000	}
				1001
				1002	ipsec_ah_backend_t *ab;
				1003	ipsec_esp_backend_t *eb;
				1004	/* INDENT-OFF */
Damjan Marion	b2c31b6	2020-12-13 21:47:40 +0100	[diff] [blame]	1005	pool_foreach (ab, im->ah_backends) {
Klement Sekera	b4d3053	2018-11-08 13:00:02 +0100	[diff] [blame]	1006	vl_api_ipsec_backend_details_t mp = vl_msg_api_alloc (sizeof (mp));
				1007	clib_memset (mp, 0, sizeof (*mp));
				1008	mp->_vl_msg_id = ntohs (VL_API_IPSEC_BACKEND_DETAILS);
				1009	mp->context = context;
				1010	snprintf ((char )mp->name, sizeof (mp->name), "%.s", vec_len (ab->name),
				1011	ab->name);
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	1012	mp->protocol = ntohl (IPSEC_API_PROTO_AH);
Klement Sekera	b4d3053	2018-11-08 13:00:02 +0100	[diff] [blame]	1013	mp->index = ab - im->ah_backends;
				1014	mp->active = mp->index == im->ah_current_backend ? 1 : 0;
				1015	vl_api_send_msg (rp, (u8 *)mp);
Damjan Marion	b2c31b6	2020-12-13 21:47:40 +0100	[diff] [blame]	1016	}
				1017	pool_foreach (eb, im->esp_backends) {
Klement Sekera	b4d3053	2018-11-08 13:00:02 +0100	[diff] [blame]	1018	vl_api_ipsec_backend_details_t mp = vl_msg_api_alloc (sizeof (mp));
				1019	clib_memset (mp, 0, sizeof (*mp));
				1020	mp->_vl_msg_id = ntohs (VL_API_IPSEC_BACKEND_DETAILS);
				1021	mp->context = context;
				1022	snprintf ((char )mp->name, sizeof (mp->name), "%.s", vec_len (eb->name),
				1023	eb->name);
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	1024	mp->protocol = ntohl (IPSEC_API_PROTO_ESP);
Klement Sekera	b4d3053	2018-11-08 13:00:02 +0100	[diff] [blame]	1025	mp->index = eb - im->esp_backends;
				1026	mp->active = mp->index == im->esp_current_backend ? 1 : 0;
				1027	vl_api_send_msg (rp, (u8 *)mp);
Damjan Marion	b2c31b6	2020-12-13 21:47:40 +0100	[diff] [blame]	1028	}
Klement Sekera	b4d3053	2018-11-08 13:00:02 +0100	[diff] [blame]	1029	/* INDENT-ON */
				1030	}
				1031
				1032	static void
				1033	vl_api_ipsec_select_backend_t_handler (vl_api_ipsec_select_backend_t * mp)
				1034	{
				1035	ipsec_main_t *im = &ipsec_main;
				1036	vl_api_ipsec_select_backend_reply_t *rmp;
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	1037	ipsec_protocol_t protocol;
Klement Sekera	b4d3053	2018-11-08 13:00:02 +0100	[diff] [blame]	1038	int rv = 0;
Neale Ranns	c5fe57d	2021-02-25 16:01:28 +0000	[diff] [blame]	1039	if (pool_elts (ipsec_sa_pool) > 0)
Klement Sekera	b4d3053	2018-11-08 13:00:02 +0100	[diff] [blame]	1040	{
				1041	rv = VNET_API_ERROR_INSTANCE_IN_USE;
				1042	goto done;
				1043	}
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	1044
				1045	rv = ipsec_proto_decode (mp->protocol, &protocol);
				1046
				1047	if (rv)
				1048	goto done;
				1049
Neale Ranns	17dcec0	2019-01-09 21:22:20 -0800	[diff] [blame]	1050	switch (protocol)
Klement Sekera	b4d3053	2018-11-08 13:00:02 +0100	[diff] [blame]	1051	{
				1052	case IPSEC_PROTOCOL_ESP:
Neale Ranns	e8915fc	2019-04-23 20:57:55 -0400	[diff] [blame]	1053	rv = ipsec_select_esp_backend (im, mp->index);
Klement Sekera	b4d3053	2018-11-08 13:00:02 +0100	[diff] [blame]	1054	break;
				1055	case IPSEC_PROTOCOL_AH:
Neale Ranns	e8915fc	2019-04-23 20:57:55 -0400	[diff] [blame]	1056	rv = ipsec_select_ah_backend (im, mp->index);
Klement Sekera	b4d3053	2018-11-08 13:00:02 +0100	[diff] [blame]	1057	break;
				1058	default:
Neale Ranns	e8915fc	2019-04-23 20:57:55 -0400	[diff] [blame]	1059	rv = VNET_API_ERROR_INVALID_PROTOCOL;
Klement Sekera	b4d3053	2018-11-08 13:00:02 +0100	[diff] [blame]	1060	break;
				1061	}
Klement Sekera	b4d3053	2018-11-08 13:00:02 +0100	[diff] [blame]	1062	done:
				1063	REPLY_MACRO (VL_API_IPSEC_SELECT_BACKEND_REPLY);
				1064	}
				1065
Yulong Pei	2e84d66	2020-08-14 18:21:08 +0800	[diff] [blame]	1066	static void
				1067	vl_api_ipsec_set_async_mode_t_handler (vl_api_ipsec_set_async_mode_t * mp)
				1068	{
				1069	vl_api_ipsec_set_async_mode_reply_t *rmp;
				1070	int rv = 0;
				1071
Yulong Pei	2e84d66	2020-08-14 18:21:08 +0800	[diff] [blame]	1072	ipsec_set_async_mode (mp->async_enable);
				1073
				1074	REPLY_MACRO (VL_API_IPSEC_SET_ASYNC_MODE_REPLY);
				1075	}
				1076
Neale Ranns	7c44d78	2019-02-25 10:28:29 +0000	[diff] [blame]	1077	/*
				1078	* ipsec_api_hookup
				1079	* Add vpe's API message handlers to the table.
				1080	* vlib has already mapped shared memory and
				1081	* added the client registration handlers.
				1082	* See .../vlib-api/vlibmemory/memclnt_vlib.c:memclnt_process()
				1083	*/
				1084	#define vl_msg_name_crc_list
				1085	#include <vnet/vnet_all_api_h.h>
				1086	#undef vl_msg_name_crc_list
				1087
				1088	static void
				1089	setup_message_id_table (api_main_t * am)
				1090	{
				1091	#define _(id,n,crc) vl_msg_api_add_msg_name_crc (am, #n "_" #crc, id);
				1092	foreach_vl_msg_name_crc_ipsec;
				1093	#undef _
				1094	}
				1095
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	1096	static clib_error_t *
				1097	ipsec_api_hookup (vlib_main_t * vm)
				1098	{
Dave Barach	39d6911	2019-11-27 11:42:13 -0500	[diff] [blame]	1099	api_main_t *am = vlibapi_get_main ();
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	1100
				1101	#define _(N,n) \
				1102	vl_msg_api_set_handlers(VL_API_##N, #n, \
				1103	vl_api_##n##_t_handler, \
				1104	vl_noop_handler, \
				1105	vl_api_##n##_t_endian, \
				1106	vl_api_##n##_t_print, \
				1107	sizeof(vl_api_##n##_t), 1);
				1108	foreach_vpe_api_msg;
				1109	#undef _
				1110
				1111	/*
Pavel Kotucek	9c7ef03	2016-12-21 07:46:45 +0100	[diff] [blame]	1112	* Set up the (msg_name, crc, message-id) table
				1113	*/
				1114	setup_message_id_table (am);
				1115
				1116	return 0;
				1117	}
				1118
				1119	VLIB_API_INIT_FUNCTION (ipsec_api_hookup);
				1120
				1121	/*
				1122	* fd.io coding-style-patch-verification: ON
				1123	*
				1124	* Local Variables:
				1125	* eval: (c-set-style "gnu")
				1126	* End:
				1127	*/