psp: provide encapsulation helper for drivers

author Raed Salem <raeds@nvidia.com>

Wed, 17 Sep 2025 00:09:40 +0000 (17:09 -0700)

committer Paolo Abeni <pabeni@redhat.com>

Thu, 18 Sep 2025 10:32:07 +0000 (12:32 +0200)
author Raed Salem <raeds@nvidia.com>
Wed, 17 Sep 2025 00:09:40 +0000 (17:09 -0700)
committer Paolo Abeni <pabeni@redhat.com>
Thu, 18 Sep 2025 10:32:07 +0000 (12:32 +0200)
diff --git a/include/net/psp/functions.h b/include/net/psp/functions.h

index 183a3c9216b7e72ef45289dea934cd0172cd691a..0a539e1b39f4beda06b524e3c303c6b604c2629d 100644 (file)
--- a/include/net/psp/functions.h
+++ b/include/net/psp/functions.h
@@ -17,6 +17,8 @@ struct psp_dev *
  psp_dev_create(struct net_device *netdev, struct psp_dev_ops *psd_ops,
                struct psp_dev_caps *psd_caps, void *priv_ptr);
  void psp_dev_unregister(struct psp_dev *psd);
+bool psp_dev_encapsulate(struct net *net, struct sk_buff *skb, __be32 spi,
+                        u8 ver, __be16 sport);
  
  /* Kernel-facing API */
  void psp_assoc_put(struct psp_assoc *pas);
diff --git a/include/net/psp/types.h b/include/net/psp/types.h

index ec218747ced07e199c04bb12b2b7e1f674c224d4..d9688e66cf0954a0005d32b5cbeadfb74e9da63e 100644 (file)
--- a/include/net/psp/types.h
+++ b/include/net/psp/types.h
@@ -20,6 +20,8 @@ struct psphdr {
         __be64  vc[]; /* optional */
  };
  
+#define PSP_ENCAP_HLEN (sizeof(struct udphdr) + sizeof(struct psphdr))
+
  #define PSP_SPI_KEY_ID         GENMASK(30, 0)
  #define PSP_SPI_KEY_PHASE      BIT(31)
  
diff --git a/net/psp/psp_main.c b/net/psp/psp_main.c

index 98ad8c85b58e65bd0d22c93418f9d379275404d3..e026880fa1a281f930f519ffa2bafbd72657ac35 100644 (file)
--- a/net/psp/psp_main.c
+++ b/net/psp/psp_main.c
@@ -1,10 +1,12 @@
  // SPDX-License-Identifier: GPL-2.0-only
  
+#include <linux/bitfield.h>
  #include <linux/list.h>
  #include <linux/netdevice.h>
  #include <linux/xarray.h>
  #include <net/net_namespace.h>
  #include <net/psp.h>
+#include <net/udp.h>
  
  #include "psp.h"
  #include "psp-nl-gen.h"
@@ -158,6 +160,69 @@ unsigned int psp_key_size(u32 version)
  }
  EXPORT_SYMBOL(psp_key_size);
  
+static void psp_write_headers(struct net *net, struct sk_buff *skb, __be32 spi,
+                             u8 ver, unsigned int udp_len, __be16 sport)
+{
+       struct udphdr *uh = udp_hdr(skb);
+       struct psphdr *psph = (struct psphdr *)(uh + 1);
+
+       uh->dest = htons(PSP_DEFAULT_UDP_PORT);
+       uh->source = udp_flow_src_port(net, skb, 0, 0, false);
+       uh->check = 0;
+       uh->len = htons(udp_len);
+
+       psph->nexthdr = IPPROTO_TCP;
+       psph->hdrlen = PSP_HDRLEN_NOOPT;
+       psph->crypt_offset = 0;
+       psph->verfl = FIELD_PREP(PSPHDR_VERFL_VERSION, ver) |
+                     FIELD_PREP(PSPHDR_VERFL_ONE, 1);
+       psph->spi = spi;
+       memset(&psph->iv, 0, sizeof(psph->iv));
+}
+
+/* Encapsulate a TCP packet with PSP by adding the UDP+PSP headers and filling
+ * them in.
+ */
+bool psp_dev_encapsulate(struct net *net, struct sk_buff *skb, __be32 spi,
+                        u8 ver, __be16 sport)
+{
+       u32 network_len = skb_network_header_len(skb);
+       u32 ethr_len = skb_mac_header_len(skb);
+       u32 bufflen = ethr_len + network_len;
+
+       if (skb_cow_head(skb, PSP_ENCAP_HLEN))
+               return false;
+
+       skb_push(skb, PSP_ENCAP_HLEN);
+       skb->mac_header         -= PSP_ENCAP_HLEN;
+       skb->network_header     -= PSP_ENCAP_HLEN;
+       skb->transport_header   -= PSP_ENCAP_HLEN;
+       memmove(skb->data, skb->data + PSP_ENCAP_HLEN, bufflen);
+
+       if (skb->protocol == htons(ETH_P_IP)) {
+               ip_hdr(skb)->protocol = IPPROTO_UDP;
+               be16_add_cpu(&ip_hdr(skb)->tot_len, PSP_ENCAP_HLEN);
+               ip_hdr(skb)->check = 0;
+               ip_hdr(skb)->check =
+                       ip_fast_csum((u8 *)ip_hdr(skb), ip_hdr(skb)->ihl);
+       } else if (skb->protocol == htons(ETH_P_IPV6)) {
+               ipv6_hdr(skb)->nexthdr = IPPROTO_UDP;
+               be16_add_cpu(&ipv6_hdr(skb)->payload_len, PSP_ENCAP_HLEN);
+       } else {
+               return false;
+       }
+
+       skb_set_inner_ipproto(skb, IPPROTO_TCP);
+       skb_set_inner_transport_header(skb, skb_transport_offset(skb) +
+                                                   PSP_ENCAP_HLEN);
+       skb->encapsulation = 1;
+       psp_write_headers(net, skb, spi, ver,
+                         skb->len - skb_transport_offset(skb), sport);
+
+       return true;
+}
+EXPORT_SYMBOL(psp_dev_encapsulate);
+
  static int __init psp_init(void)
  {
         mutex_init(&psp_devs_lock);
author	Raed Salem <raeds@nvidia.com>
	Wed, 17 Sep 2025 00:09:40 +0000 (17:09 -0700)
committer	Paolo Abeni <pabeni@redhat.com>
	Thu, 18 Sep 2025 10:32:07 +0000 (12:32 +0200)
include/net/psp/functions.h		patch \| blob \| blame \| history
include/net/psp/types.h		patch \| blob \| blame \| history
net/psp/psp_main.c		patch \| blob \| blame \| history