From nobody Fri Jul 12 11:25:03 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WL8QS5qRRz5QBvH; Fri, 12 Jul 2024 11:25:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WL8QS2TBMz4j7g; Fri, 12 Jul 2024 11:25:04 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1720783504; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=/HfLj85O6QTSjNec2sncCwKbXgZk0KItsx1nh9oEd3s=; b=LzLw/Nq/jKj7z4ZOONyO3D/A1/LTkf6OlJYWyEYqPU+GmXE8Gt6HkfV6BH7jKnNsVF3+/g QwatUuoubYG1r01jI3w17v/DpghlmmKCc7DKTbrT+lljnKdLTnZRdQ6cdpX4TUEQ0ig817 3D5ewyJ04XpXG5xxuVBeaj2K7dj9btVc4TSsqpJTbu+hOS24L+/TIHTlNUNGAxlWgZfyTW ZYMT8+cF0tTjuTVyJkTa9pX5DjECtnKRdHYyBKwFNAWBNKM3MOp7jJ3qWE36C+vtw85k0N 1ycdf4yRCqHxPozBuKnCHDQeGGqYC98+s2pEWqH57dOQQFcBK9OU6pSQK2Gajg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1720783504; a=rsa-sha256; cv=none; b=gNi5gtE5jPutEiXAlV9p1ENnyhlRFuTves52k6msEuFcBQ2N+wdGChdeh2oERCDvbFlEgM iJNFdAiJXow90WOKTUAvD5HSHvEoGkvT1GVQ+etKnzu21Pw4hq+wX1Fdf25uZz10GdotGp LIDUv6hnI0LWguy1YNUSkmpcUsayzUU+JUOuECLHUr0MjcCp6D2jgjqo9PFJAR1aVE2Fb5 1wUy3pvmoyw42GbkaYi3nPAjXdRamnZ2YjujeEIArRMMoS+cLvplBaC2uS/I+M0BXX/3sB SKNIByj9ugPqCqU2FNen4OiIvO2I1vV8ULPIGQK88G8lExftRuF5hAsxe8c0cQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1720783504; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=/HfLj85O6QTSjNec2sncCwKbXgZk0KItsx1nh9oEd3s=; b=gE6nWSNW/1zW1fQFIsTlHH/DJWIWer4KU2k9pEqVM6u/LipcUYZ6I/xjAZ6wCzOBUUzmAX SbM8C34rjKrJ7quEtu2307kT3BH7xie9c8ZkMzx2/DukjW2+JzHpkiyETeePnn1jqFU7LE U1zrok2SQfRpPhKEFP/qYhjRzQUXrL0xaTkX91WlvbdVpy/M+zOnLbkROuafK2SiBs1gN2 lF6drGMrkuo0AZPhn97qXAdm6pJqZQiD1s7bqe12uUH6Xfo00xoRRIuP9WMHquHt5W0ASl 7FXW831nAbd5FA+NiOKbGhifVf0Af8mH6uDtZtu9CsxTS79VRiWj/WWjgJ81iw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WL8QS0dfRzhVg; Fri, 12 Jul 2024 11:25:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 46CBP3n7092934; Fri, 12 Jul 2024 11:25:03 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 46CBP3i2092931; Fri, 12 Jul 2024 11:25:03 GMT (envelope-from git) Date: Fri, 12 Jul 2024 11:25:03 GMT Message-Id: <202407121125.46CBP3i2092931@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Konstantin Belousov Subject: git: 83418c878b75 - main - setkey(8): add -hwif extension to specify offload interface for SA and SPD List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 83418c878b75fafd5f9bfc44baf049487ce99a86 Auto-Submitted: auto-generated The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=83418c878b75fafd5f9bfc44baf049487ce99a86 commit 83418c878b75fafd5f9bfc44baf049487ce99a86 Author: Konstantin Belousov AuthorDate: 2023-09-18 02:04:45 +0000 Commit: Konstantin Belousov CommitDate: 2024-07-12 03:29:32 +0000 setkey(8): add -hwif extension to specify offload interface for SA and SPD Sponsored by: NVIDIA networking --- sbin/setkey/parse.y | 49 +++++++++++++++++++++++++++++++++++++++++++++++-- sbin/setkey/token.l | 1 + 2 files changed, 48 insertions(+), 2 deletions(-) diff --git a/sbin/setkey/parse.y b/sbin/setkey/parse.y index 27a0109db333..a7bcd2d8dafc 100644 --- a/sbin/setkey/parse.y +++ b/sbin/setkey/parse.y @@ -70,6 +70,7 @@ struct addrinfo *p_natt_oai, *p_natt_oar; int p_natt_sport, p_natt_dport; int p_natt_fraglen; bool esn; +vchar_t p_hwif; static int p_aiflags = 0, p_aifamily = PF_UNSPEC; @@ -117,7 +118,7 @@ extern void yyerror(const char *); %token SPDADD SPDDELETE SPDDUMP SPDFLUSH %token F_POLICY PL_REQUESTS %token F_AIFLAGS F_NATT F_NATT_MTU -%token F_ESN +%token F_ESN F_HWIF %token TAGGED %type prefix protocol_spec upper_spec @@ -547,12 +548,16 @@ extension esn = true; p_ext |= SADB_X_SAFLAGS_ESN; } + | F_HWIF STRING + { + p_hwif = $2; + } ; /* definition about command for SPD management */ /* spdadd */ spdadd_command - : SPDADD ipaddropts STRING prefix portstr STRING prefix portstr upper_spec upper_misc_spec policy_spec EOT + : SPDADD ipaddropts STRING prefix portstr STRING prefix portstr upper_spec upper_misc_spec policy_spec spd_hwif EOT { int status; struct addrinfo *src, *dst; @@ -656,6 +661,14 @@ ipaddropts | ipaddropts ipaddropt ; +spd_hwif + : + | F_HWIF STRING + { + p_hwif = $2; + } + ; + ipaddropt : F_AIFLAGS { @@ -839,6 +852,7 @@ setkeymsg_spdaddr(unsigned type, unsigned upper, vchar_t *policy, char buf[BUFSIZ]; int l, l0; struct sadb_address m_addr; + struct sadb_x_if_hw_offl m_if_hw; struct addrinfo *s, *d; int n; int plen; @@ -857,6 +871,20 @@ setkeymsg_spdaddr(unsigned type, unsigned upper, vchar_t *policy, memcpy(buf + l, policy->buf, policy->len); l += policy->len; + if (p_hwif.len != 0) { + l0 = sizeof(struct sadb_x_if_hw_offl); + m_if_hw.sadb_x_if_hw_offl_len = PFKEY_UNIT64(l0); + m_if_hw.sadb_x_if_hw_offl_exttype = SADB_X_EXT_IF_HW_OFFL; + m_if_hw.sadb_x_if_hw_offl_flags = 0; + memset(&m_if_hw.sadb_x_if_hw_offl_if[0], 0, + sizeof(m_if_hw.sadb_x_if_hw_offl_if)); + strlcpy(&m_if_hw.sadb_x_if_hw_offl_if[0], p_hwif.buf, + sizeof(m_if_hw.sadb_x_if_hw_offl_if)); + + memcpy(buf + l, &m_if_hw, l0); + l += l0; + } + l0 = l; n = 0; @@ -1048,6 +1076,7 @@ setkeymsg_add(unsigned type, unsigned satype, struct addrinfo *srcs, struct sadb_x_nat_t_type m_natt_type; struct sadb_x_nat_t_port m_natt_port; struct sadb_x_nat_t_frag m_natt_frag; + struct sadb_x_if_hw_offl m_if_hw; int n; int plen; struct sockaddr *sa; @@ -1264,6 +1293,20 @@ setkeymsg_add(unsigned type, unsigned satype, struct addrinfo *srcs, } } + if (p_hwif.len != 0) { + len = sizeof(struct sadb_x_if_hw_offl); + m_if_hw.sadb_x_if_hw_offl_len = PFKEY_UNIT64(len); + m_if_hw.sadb_x_if_hw_offl_exttype = SADB_X_EXT_IF_HW_OFFL; + m_if_hw.sadb_x_if_hw_offl_flags = 0; + memset(&m_if_hw.sadb_x_if_hw_offl_if[0], 0, + sizeof(m_if_hw.sadb_x_if_hw_offl_if)); + strlcpy(&m_if_hw.sadb_x_if_hw_offl_if[0], p_hwif.buf, + sizeof(m_if_hw.sadb_x_if_hw_offl_if)); + + memcpy(buf + l, &m_if_hw, len); + l += len; + } + if (n == 0) return -1; else @@ -1365,6 +1408,8 @@ parse_init(void) p_natt_fraglen = -1; esn = false; + p_hwif.len = 0; + p_hwif.buf = NULL; } void diff --git a/sbin/setkey/token.l b/sbin/setkey/token.l index b96eaf93924c..65756f0fd12c 100644 --- a/sbin/setkey/token.l +++ b/sbin/setkey/token.l @@ -188,6 +188,7 @@ nocyclic-seq { return(NOCYCLICSEQ); } {hyphen}natt { return(F_NATT); } {hyphen}natt_mtu { return(F_NATT_MTU); } {hyphen}esn { return(F_ESN); } +{hyphen}hwif { return(F_HWIF); } /* ... */ any { return(ANY); }