[strongSwan-dev] [RFC] starter: add hardware offload option
David George
david.george at netronome.com
Thu Aug 17 10:08:53 CEST 2017
Hello All
Attached is a patch which adds control of the SA hardware offload to the
starter configuration file. I often use the starter configuration files for
static configs. I wonder if this is something that upstream would be
interested in adding?
Regards,
David George
---
This patch adds support for configuring the hardware offload of SAs using
the starter config file.
diff --git a/src/libcharon/plugins/stroke/stroke_config.c
b/src/libcharon/plugins/stroke/stroke_config.c
index ac01292..489f609 100644
--- a/src/libcharon/plugins/stroke/stroke_config.c
+++ b/src/libcharon/plugins/stroke/stroke_config.c
@@ -1090,6 +1090,7 @@ static child_cfg_t
*build_child_cfg(private_stroke_config_t *this,
(msg->add_conn.ipcomp ? OPT_IPCOMP : 0) |
(msg->add_conn.me.hostaccess ? OPT_HOSTACCESS : 0) |
(msg->add_conn.install_policy ? 0 : OPT_NO_POLICIES) |
+ (msg->add_conn.hw_offload ? OPT_HW_OFFLOAD : 0) |
(msg->add_conn.sha256_96 ? OPT_SHA256_96 : 0),
.tfc = msg->add_conn.tfc,
.inactivity = msg->add_conn.inactivity,
diff --git a/src/starter/args.c b/src/starter/args.c
index 477a520..c20f663 100644
--- a/src/starter/args.c
+++ b/src/starter/args.c
@@ -175,6 +175,7 @@ static const token_info_t token_info[] =
{ ARG_STR, offsetof(starter_conn_t, me_peerid), NULL
},
{ ARG_UINT, offsetof(starter_conn_t, reqid), NULL
},
{ ARG_UINT, offsetof(starter_conn_t, replay_window), NULL
},
+ { ARG_ENUM, offsetof(starter_conn_t, hw_offload), LST_bool
},
{ ARG_MISC, 0, NULL /* KW_MARK */
},
{ ARG_MISC, 0, NULL /* KW_MARK_IN */
},
{ ARG_MISC, 0, NULL /* KW_MARK_OUT */
},
diff --git a/src/starter/confread.h b/src/starter/confread.h
index 8ee730d..87e1e60 100644
--- a/src/starter/confread.h
+++ b/src/starter/confread.h
@@ -170,6 +170,8 @@ struct starter_conn {
char *me_mediated_by;
char *me_peerid;
+ bool hw_offload;
+
starter_conn_t *next;
};
diff --git a/src/starter/keywords.h b/src/starter/keywords.h
index 0cb46a7..28ee0b6 100644
--- a/src/starter/keywords.h
+++ b/src/starter/keywords.h
@@ -74,6 +74,7 @@ enum kw_token_t {
KW_ME_PEERID,
KW_REQID,
KW_REPLAY_WINDOW,
+ KW_HW_OFFLOAD,
KW_MARK,
KW_MARK_IN,
KW_MARK_OUT,
diff --git a/src/starter/keywords.txt b/src/starter/keywords.txt
index 3f92dc8..2d77273 100644
--- a/src/starter/keywords.txt
+++ b/src/starter/keywords.txt
@@ -135,6 +135,7 @@ rightgroups, KW_RIGHTGROUPS
rightgroups2, KW_RIGHTGROUPS2
also, KW_ALSO
auto, KW_AUTO
+hw_offload, KW_HW_OFFLOAD
# deprecated/removed keywords
interfaces, KW_SETUP_DEPRECATED
dumpdir, KW_SETUP_DEPRECATED
diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c
index 90af937..6b0bd00 100644
--- a/src/starter/starterstroke.c
+++ b/src/starter/starterstroke.c
@@ -227,6 +227,7 @@ int starter_stroke_add_conn(starter_config_t *cfg,
starter_conn_t *conn)
push_string(&msg, add_conn.ikeme.peerid, conn->me_peerid);
msg->add_conn.reqid = conn->reqid;
msg->add_conn.replay_window = conn->replay_window;
+ msg->add_conn.hw_offload = conn->hw_offload;
msg->add_conn.mark_in.value = conn->mark_in.value;
msg->add_conn.mark_in.mask = conn->mark_in.mask;
msg->add_conn.mark_out.value = conn->mark_out.value;
diff --git a/src/stroke/stroke_msg.h b/src/stroke/stroke_msg.h
index 60ea002..7bdf3e3 100644
--- a/src/stroke/stroke_msg.h
+++ b/src/stroke/stroke_msg.h
@@ -302,6 +302,7 @@ struct stroke_msg_t {
} mark_in, mark_out;
stroke_end_t me, other;
uint32_t replay_window;
+ bool hw_offload;
bool sha256_96;
} add_conn;
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20170817/90aff58f/attachment.html>
-------------- next part --------------
diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c
index ac01292..489f609 100644
--- a/src/libcharon/plugins/stroke/stroke_config.c
+++ b/src/libcharon/plugins/stroke/stroke_config.c
@@ -1090,6 +1090,7 @@ static child_cfg_t *build_child_cfg(private_stroke_config_t *this,
(msg->add_conn.ipcomp ? OPT_IPCOMP : 0) |
(msg->add_conn.me.hostaccess ? OPT_HOSTACCESS : 0) |
(msg->add_conn.install_policy ? 0 : OPT_NO_POLICIES) |
+ (msg->add_conn.hw_offload ? OPT_HW_OFFLOAD : 0) |
(msg->add_conn.sha256_96 ? OPT_SHA256_96 : 0),
.tfc = msg->add_conn.tfc,
.inactivity = msg->add_conn.inactivity,
diff --git a/src/starter/args.c b/src/starter/args.c
index 477a520..c20f663 100644
--- a/src/starter/args.c
+++ b/src/starter/args.c
@@ -175,6 +175,7 @@ static const token_info_t token_info[] =
{ ARG_STR, offsetof(starter_conn_t, me_peerid), NULL },
{ ARG_UINT, offsetof(starter_conn_t, reqid), NULL },
{ ARG_UINT, offsetof(starter_conn_t, replay_window), NULL },
+ { ARG_ENUM, offsetof(starter_conn_t, hw_offload), LST_bool },
{ ARG_MISC, 0, NULL /* KW_MARK */ },
{ ARG_MISC, 0, NULL /* KW_MARK_IN */ },
{ ARG_MISC, 0, NULL /* KW_MARK_OUT */ },
diff --git a/src/starter/confread.h b/src/starter/confread.h
index 8ee730d..87e1e60 100644
--- a/src/starter/confread.h
+++ b/src/starter/confread.h
@@ -170,6 +170,8 @@ struct starter_conn {
char *me_mediated_by;
char *me_peerid;
+ bool hw_offload;
+
starter_conn_t *next;
};
diff --git a/src/starter/keywords.h b/src/starter/keywords.h
index 0cb46a7..28ee0b6 100644
--- a/src/starter/keywords.h
+++ b/src/starter/keywords.h
@@ -74,6 +74,7 @@ enum kw_token_t {
KW_ME_PEERID,
KW_REQID,
KW_REPLAY_WINDOW,
+ KW_HW_OFFLOAD,
KW_MARK,
KW_MARK_IN,
KW_MARK_OUT,
diff --git a/src/starter/keywords.txt b/src/starter/keywords.txt
index 3f92dc8..2d77273 100644
--- a/src/starter/keywords.txt
+++ b/src/starter/keywords.txt
@@ -135,6 +135,7 @@ rightgroups, KW_RIGHTGROUPS
rightgroups2, KW_RIGHTGROUPS2
also, KW_ALSO
auto, KW_AUTO
+hw_offload, KW_HW_OFFLOAD
# deprecated/removed keywords
interfaces, KW_SETUP_DEPRECATED
dumpdir, KW_SETUP_DEPRECATED
diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c
index 90af937..6b0bd00 100644
--- a/src/starter/starterstroke.c
+++ b/src/starter/starterstroke.c
@@ -227,6 +227,7 @@ int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn)
push_string(&msg, add_conn.ikeme.peerid, conn->me_peerid);
msg->add_conn.reqid = conn->reqid;
msg->add_conn.replay_window = conn->replay_window;
+ msg->add_conn.hw_offload = conn->hw_offload;
msg->add_conn.mark_in.value = conn->mark_in.value;
msg->add_conn.mark_in.mask = conn->mark_in.mask;
msg->add_conn.mark_out.value = conn->mark_out.value;
diff --git a/src/stroke/stroke_msg.h b/src/stroke/stroke_msg.h
index 60ea002..7bdf3e3 100644
--- a/src/stroke/stroke_msg.h
+++ b/src/stroke/stroke_msg.h
@@ -302,6 +302,7 @@ struct stroke_msg_t {
} mark_in, mark_out;
stroke_end_t me, other;
uint32_t replay_window;
+ bool hw_offload;
bool sha256_96;
} add_conn;
More information about the Dev
mailing list