Page Menu
Home
FreeBSD
Search
Configure Global Search
Log In
Files
F102832722
D44314.id140462.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Flag For Later
Award Token
Size
3 KB
Referenced Files
None
Subscribers
None
D44314.id140462.diff
View Options
diff --git a/sys/net/if.h b/sys/net/if.h
--- a/sys/net/if.h
+++ b/sys/net/if.h
@@ -255,7 +255,8 @@
#define IFCAP_B_TXTLS_RTLMT 31 /* can do TLS with rate limiting */
#define IFCAP_B_RXTLS4 32 /* can to TLS receive for TCP */
#define IFCAP_B_RXTLS6 33 /* can to TLS receive for TCP6 */
-#define __IFCAP_B_SIZE 34
+#define IFCAP_B_IPSEC_OFFLOAD 34 /* inline IPSEC offload */
+#define __IFCAP_B_SIZE 35
#define IFCAP_B_MAX (__IFCAP_B_MAX - 1)
#define IFCAP_B_SIZE (__IFCAP_B_SIZE)
@@ -298,6 +299,7 @@
/* IFCAP2_* are integers, not bits. */
#define IFCAP2_RXTLS4 (IFCAP_B_RXTLS4 - 32)
#define IFCAP2_RXTLS6 (IFCAP_B_RXTLS6 - 32)
+#define IFCAP2_IPSEC_OFFLOAD (IFCAP_B_IPSEC_OFFLOAD - 32)
#define IFCAP2_BIT(x) (1UL << (x))
diff --git a/sys/net/if.c b/sys/net/if.c
--- a/sys/net/if.c
+++ b/sys/net/if.c
@@ -2392,6 +2392,7 @@
const struct ifcap_nv_bit_name ifcap2_nv_bit_names[] = {
CAP2NV(RXTLS4),
CAP2NV(RXTLS6),
+ CAP2NV(IPSEC_OFFLOAD),
{0, NULL}
};
#undef CAPNV
@@ -5149,6 +5150,12 @@
return (ifp->if_l2com);
}
+void
+if_setipsec_accel_methods(if_t ifp, const struct if_ipsec_accel_methods *m)
+{
+ ifp->if_ipsec_accel_m = m;
+}
+
#ifdef DDB
static void
if_show_ifnet(struct ifnet *ifp)
diff --git a/sys/net/if_private.h b/sys/net/if_private.h
--- a/sys/net/if_private.h
+++ b/sys/net/if_private.h
@@ -138,6 +138,8 @@
int (*if_requestencap) /* make link header from request */
(struct ifnet *, struct if_encap_req *);
+ const struct if_ipsec_accel_methods *if_ipsec_accel_m;
+
/* Statistics. */
counter_u64_t if_counters[IFCOUNTERS];
diff --git a/sys/net/if_strings.h b/sys/net/if_strings.h
--- a/sys/net/if_strings.h
+++ b/sys/net/if_strings.h
@@ -60,9 +60,11 @@
#define IFCAP_TXTLS_RTLMT_NAME "TXTLS_RTLMT"
#define IFCAP_RXTLS4_NAME "RXTLS4"
#define IFCAP_RXTLS6_NAME "RXTLS6"
+#define IFCAP_IPSEC_OFFLOAD_NAME "IPSEC"
#define IFCAP2_RXTLS4_NAME IFCAP_RXTLS4_NAME
#define IFCAP2_RXTLS6_NAME IFCAP_RXTLS6_NAME
+#define IFCAP2_IPSEC_OFFLOAD_NAME IFCAP_IPSEC_OFFLOAD_NAME
static const char *ifcap_bit_names[] = {
IFCAP_RXCSUM_NAME,
@@ -99,6 +101,7 @@
IFCAP_TXTLS_RTLMT_NAME,
IFCAP_RXTLS4_NAME,
IFCAP_RXTLS6_NAME,
+ IFCAP_IPSEC_OFFLOAD_NAME,
};
#ifdef IFCAP_B_SIZE
diff --git a/sys/net/if_var.h b/sys/net/if_var.h
--- a/sys/net/if_var.h
+++ b/sys/net/if_var.h
@@ -131,6 +131,23 @@
typedef int (*if_transmit_fn_t)(if_t, struct mbuf *);
typedef uint64_t (*if_get_counter_t)(if_t, ift_counter);
typedef void (*if_reassign_fn_t)(if_t, struct vnet *, char *);
+typedef int (*if_spdadd_fn_t)(if_t, void *sp, void *inp, void **priv);
+typedef int (*if_spddel_fn_t)(if_t, void *sp, void *priv);
+typedef int (*if_sa_newkey_fn_t)(if_t ifp, void *sav, u_int drv_spi,
+ void **privp);
+typedef int (*if_sa_deinstall_fn_t)(if_t ifp, u_int drv_spi, void *priv);
+struct seclifetime;
+#define IF_SA_CNT_UPD 0x80000000
+enum IF_SA_CNT_WHICH {
+ IF_SA_CNT_IFP_HW_VAL = 1,
+ IF_SA_CNT_TOTAL_SW_VAL,
+ IF_SA_CNT_TOTAL_HW_VAL,
+ IF_SA_CNT_IFP_HW_UPD = IF_SA_CNT_IFP_HW_VAL | IF_SA_CNT_UPD,
+ IF_SA_CNT_TOTAL_SW_UPD = IF_SA_CNT_TOTAL_SW_VAL | IF_SA_CNT_UPD,
+ IF_SA_CNT_TOTAL_HW_UPD = IF_SA_CNT_TOTAL_HW_VAL | IF_SA_CNT_UPD,
+};
+typedef int (*if_sa_cnt_fn_t)(if_t ifp, void *sa,
+ uint32_t drv_spi, void *priv, struct seclifetime *lt);
struct ifnet_hw_tsomax {
u_int tsomaxbytes; /* TSO total burst length limit in bytes */
@@ -700,6 +717,19 @@
void if_setreassignfn(if_t ifp, if_reassign_fn_t);
void if_setratelimitqueryfn(if_t ifp, if_ratelimit_query_t);
+/*
+ * NB: The interface is not yet stable, drivers implementing IPSEC
+ * offload need to be prepared to adapt to changes.
+ */
+struct if_ipsec_accel_methods {
+ if_spdadd_fn_t if_spdadd;
+ if_spddel_fn_t if_spddel;
+ if_sa_newkey_fn_t if_sa_newkey;
+ if_sa_deinstall_fn_t if_sa_deinstall;
+ if_sa_cnt_fn_t if_sa_cnt;
+};
+void if_setipsec_accel_methods(if_t ifp, const struct if_ipsec_accel_methods *);
+
/* TSO */
void if_hw_tsomax_common(if_t ifp, struct ifnet_hw_tsomax *);
int if_hw_tsomax_update(if_t ifp, struct ifnet_hw_tsomax *);
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Mon, Nov 18, 6:27 PM (8 h, 45 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
14702458
Default Alt Text
D44314.id140462.diff (3 KB)
Attached To
Mode
D44314: sys/net: Add IPSEC_ACCEL interface cap and methods structure
Attached
Detach File
Event Timeline
Log In to Comment