Commit fc724515 authored by Raed Salem's avatar Raed Salem Committed by Paolo Abeni
Browse files

psp: provide encapsulation helper for drivers 



Create a new function psp_encapsulate(), which takes a TCP packet and
PSP encapsulates it according to the "Transport Mode Packet Format"
section of the PSP Architecture Specification.

psp_encapsulate() does not push a PSP trailer onto the skb. Both IPv6
and IPv4 are supported. Virtualization cookie is not included.

Reviewed-by: default avatarWillem de Bruijn <willemb@google.com>
Signed-off-by: default avatarRaed Salem <raeds@nvidia.com>
Signed-off-by: default avatarRahul Rameshbabu <rrameshbabu@nvidia.com>
Signed-off-by: default avatarCosmin Ratiu <cratiu@nvidia.com>
Co-developed-by: default avatarDaniel Zahka <daniel.zahka@gmail.com>
Signed-off-by: default avatarDaniel Zahka <daniel.zahka@gmail.com>
Reviewed-by: default avatarEric Dumazet <edumazet@google.com>
Link: https://patch.msgid.link/20250917000954.859376-14-daniel.zahka@gmail.com


Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
parent af2196f4

include/net/psp/functions.h

+2 −0
Original line number Diff line number Diff line
@@ -17,6 +17,8 @@ struct psp_dev * 
psp_dev_create(struct net_device *netdev, struct psp_dev_ops *psd_ops,

	       struct psp_dev_caps *psd_caps, void *priv_ptr);

void psp_dev_unregister(struct psp_dev *psd);

bool psp_dev_encapsulate(struct net *net, struct sk_buff *skb, __be32 spi,

			 u8 ver, __be16 sport);



/* Kernel-facing API */

void psp_assoc_put(struct psp_assoc *pas);

include/net/psp/types.h

+2 −0
Original line number Diff line number Diff line
@@ -20,6 +20,8 @@ struct psphdr { 
	__be64	vc[]; /* optional */

};



#define PSP_ENCAP_HLEN (sizeof(struct udphdr) + sizeof(struct psphdr))



#define PSP_SPI_KEY_ID		GENMASK(30, 0)

#define PSP_SPI_KEY_PHASE	BIT(31)

net/psp/psp_main.c

+65 −0
Original line number Diff line number Diff line 
// SPDX-License-Identifier: GPL-2.0-only



#include <linux/bitfield.h>

#include <linux/list.h>

#include <linux/netdevice.h>

#include <linux/xarray.h>

#include <net/net_namespace.h>

#include <net/psp.h>

#include <net/udp.h>



#include "psp.h"

#include "psp-nl-gen.h"
@@ -158,6 +160,69 @@ unsigned int psp_key_size(u32 version) 
}

EXPORT_SYMBOL(psp_key_size);



static void psp_write_headers(struct net *net, struct sk_buff *skb, __be32 spi,

			      u8 ver, unsigned int udp_len, __be16 sport)

{

	struct udphdr *uh = udp_hdr(skb);

	struct psphdr *psph = (struct psphdr *)(uh + 1);



	uh->dest = htons(PSP_DEFAULT_UDP_PORT);

	uh->source = udp_flow_src_port(net, skb, 0, 0, false);

	uh->check = 0;

	uh->len = htons(udp_len);



	psph->nexthdr = IPPROTO_TCP;

	psph->hdrlen = PSP_HDRLEN_NOOPT;

	psph->crypt_offset = 0;

	psph->verfl = FIELD_PREP(PSPHDR_VERFL_VERSION, ver) |

		      FIELD_PREP(PSPHDR_VERFL_ONE, 1);

	psph->spi = spi;

	memset(&psph->iv, 0, sizeof(psph->iv));

}



/* Encapsulate a TCP packet with PSP by adding the UDP+PSP headers and filling

 * them in.

 */

bool psp_dev_encapsulate(struct net *net, struct sk_buff *skb, __be32 spi,

			 u8 ver, __be16 sport)

{

	u32 network_len = skb_network_header_len(skb);

	u32 ethr_len = skb_mac_header_len(skb);

	u32 bufflen = ethr_len + network_len;



	if (skb_cow_head(skb, PSP_ENCAP_HLEN))

		return false;



	skb_push(skb, PSP_ENCAP_HLEN);

	skb->mac_header		-= PSP_ENCAP_HLEN;

	skb->network_header	-= PSP_ENCAP_HLEN;

	skb->transport_header	-= PSP_ENCAP_HLEN;

	memmove(skb->data, skb->data + PSP_ENCAP_HLEN, bufflen);



	if (skb->protocol == htons(ETH_P_IP)) {

		ip_hdr(skb)->protocol = IPPROTO_UDP;

		be16_add_cpu(&ip_hdr(skb)->tot_len, PSP_ENCAP_HLEN);

		ip_hdr(skb)->check = 0;

		ip_hdr(skb)->check =

			ip_fast_csum((u8 *)ip_hdr(skb), ip_hdr(skb)->ihl);

	} else if (skb->protocol == htons(ETH_P_IPV6)) {

		ipv6_hdr(skb)->nexthdr = IPPROTO_UDP;

		be16_add_cpu(&ipv6_hdr(skb)->payload_len, PSP_ENCAP_HLEN);

	} else {

		return false;

	}



	skb_set_inner_ipproto(skb, IPPROTO_TCP);

	skb_set_inner_transport_header(skb, skb_transport_offset(skb) +

						    PSP_ENCAP_HLEN);

	skb->encapsulation = 1;

	psp_write_headers(net, skb, spi, ver,

			  skb->len - skb_transport_offset(skb), sport);



	return true;

}

EXPORT_SYMBOL(psp_dev_encapsulate);



static int __init psp_init(void)

{

	mutex_init(&psp_devs_lock);