LuKePicci/bcmspu-testing.txt

## bcmspu-testing.txt
root@OpenWrt:/tmp# insmod bcmspu.ko && dmesg
[  301.979565] Creating CPU ring for queue number 2 with 256 packets descriptor=0xbef459f4, size_of_entry 16
[  301.979638] Done initializing Ring 2 Base=0xe0843000 End=0xe0844000 calculated entries= 256 RDD Base=c3f000K descriptor=0xbef459f4

root@OpenWrt:~# lsmod | grep bcmspu
bcmspu                 19529  2
bdmf                 1231462 11 bcmspu,dhd,wfd,bcm_enet,pktrunner,bcmxtmrtdrv,bcm_spdsvc,rdpa_cmd,rdpa_mw,rdpa,rdpa_gpl
rdpa_gpl               15152 11 bcmspu,dhd,wfd,bcm_enet,pktrunner,bcm_ingqos,bcmxtmrtdrv,bcm_spdsvc,rdpa_cmd,rdpa_mw,rdpa

root@OpenWrt:/tmp# ls /dev/spu*
/dev/spu0

root@OpenWrt:/tmp# spuctl start

root@OpenWrt:/tmp# cat /proc/crypto | grep -A 11 -B 2 bcmspu
name         : authenc(hmac(sha256),cbc(des))
driver       : authenc-hmac-sha256-cbc-des-spu
module       : bcmspu
priority     : 3000
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 8
ivsize       : 8
maxauthsize  : 32
geniv        : <built-in>

name         : authenc(hmac(sha256),cbc(des3_ede))
driver       : authenc-hmac-sha256-cbc-3des-spu
module       : bcmspu
priority     : 3000
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 8
ivsize       : 8
maxauthsize  : 32
geniv        : <built-in>

name         : authenc(hmac(sha256),cbc(aes))
driver       : authenc-hmac-sha256-cbc-aes-spu
module       : bcmspu
priority     : 3000
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 16
ivsize       : 16
maxauthsize  : 32
geniv        : <built-in>

name         : authenc(hmac(md5),cbc(des))
driver       : authenc-hmac-md5-cbc-des-spu
module       : bcmspu
priority     : 3000
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 8
ivsize       : 8
maxauthsize  : 16
geniv        : <built-in>

name         : authenc(hmac(md5),cbc(des3_ede))
driver       : authenc-hmac-md5-cbc-3des-spu
module       : bcmspu
priority     : 3000
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 8
ivsize       : 8
maxauthsize  : 16
geniv        : <built-in>

name         : authenc(hmac(md5),cbc(aes))
driver       : authenc-hmac-md5-cbc-aes-spu
module       : bcmspu
priority     : 3000
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 16
ivsize       : 16
maxauthsize  : 16
geniv        : <built-in>

name         : authenc(hmac(sha1),cbc(des))
driver       : authenc-hmac-sha1-cbc-des-spu
module       : bcmspu
priority     : 3000
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 8
ivsize       : 8
maxauthsize  : 20
geniv        : <built-in>

name         : authenc(hmac(sha1),cbc(des3_ede))
driver       : authenc-hmac-sha1-cbc-3des-spu
module       : bcmspu
priority     : 3000
refcnt       : 1
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 8
ivsize       : 8
maxauthsize  : 20
geniv        : <built-in>

name         : authenc(hmac(sha1),cbc(aes))
driver       : authenc-hmac-sha1-cbc-aes-spu
module       : bcmspu
priority     : 3000
refcnt       : 3
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 16
ivsize       : 16
maxauthsize  : 20
geniv        : <built-in>

root@OpenWrt:~# ipsec statusall
Status of IKE charon daemon (strongSwan 5.6.3, Linux 4.1.38, armv7l):
  uptime: 32 minutes, since May 23 02:26:31 2020
  malloc: sbrk 753664, mmap 0, used 312176, free 441488
  worker threads: 10 of 16 idle, 6/0/0/0 working, job queue: 0/0/0/0, scheduled: 2
  loaded plugins: charon test-vectors pkcs11 aes des blowfish rc2 sha2 sha1 md4 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl gcrypt fips-prf gmp gmpdh curve25519 agent xcbc cmac hmac ctr ccm gcm curl attr kernel-netlink resolve socket-default socket-dynamic connmark forecast farp stroke vici smp updown eap-identity eap-md5 eap-mschapv2 eap-radius eap-tls xauth-generic xauth-eap dhcp whitelist led duplicheck addrblock unity
Listening IP addresses:
  192.168.43.254
...
Connections:
roadwarriorPUBKEY:  %any...%any  IKEv2
...
roadwarriorPUBKEY:   remote: uses public key authentication
roadwarriorPUBKEY:   child:  0.0.0.0/0 ::/0 === dynamic TUNNEL
roadwarriorEAPTLS:  %any...%any  IKEv2
...
roadwarriorEAPTLS:   remote: uses EAP_TLS authentication with EAP identity '%any'
roadwarriorEAPTLS:   child:  0.0.0.0/0 ::/0 === dynamic TUNNEL
Security Associations (1 up, 0 connecting):
...
roadwarriorEAPTLS[4]: IKEv2 SPIs: d903e4c411b5be67_i b7e8ca32f4ff6d94_r*, public key reauthentication in 2 hours
roadwarriorEAPTLS[4]: IKE proposal: AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_3072
roadwarriorEAPTLS{1}:  INSTALLED, TUNNEL, reqid 1, ESP in UDP SPIs: cd60e89d_i 8bd7bc53_o
roadwarriorEAPTLS{1}:  AES_CBC_256/HMAC_SHA1_96, 271600951 bytes_i (254572 pkts, 37s ago), 156956715 bytes_o (177812 pkts, 37s ago), rekeying in 16 minutes
roadwarriorEAPTLS{1}:   0.0.0.0/0 ::/0 === 192.168.43.181/32

root@OpenWrt:~# spuctl showstats
Encryption stats
     Ingress 177811
     Fallback 0
     Egress 175526
     Error 0
     Dropped 2285
Decryption stats
     Ingress 256429
     Fallback 0
     Egress 254571
     Error 0
     Dropped 1858
	root@OpenWrt:/tmp# insmod bcmspu.ko && dmesg
	[ 301.979565] Creating CPU ring for queue number 2 with 256 packets descriptor=0xbef459f4, size_of_entry 16
	[ 301.979638] Done initializing Ring 2 Base=0xe0843000 End=0xe0844000 calculated entries= 256 RDD Base=c3f000K descriptor=0xbef459f4

	root@OpenWrt:~# lsmod \| grep bcmspu
	bcmspu 19529 2
	bdmf 1231462 11 bcmspu,dhd,wfd,bcm_enet,pktrunner,bcmxtmrtdrv,bcm_spdsvc,rdpa_cmd,rdpa_mw,rdpa,rdpa_gpl
	rdpa_gpl 15152 11 bcmspu,dhd,wfd,bcm_enet,pktrunner,bcm_ingqos,bcmxtmrtdrv,bcm_spdsvc,rdpa_cmd,rdpa_mw,rdpa

	root@OpenWrt:/tmp# ls /dev/spu*
	/dev/spu0

	root@OpenWrt:/tmp# spuctl start

	root@OpenWrt:/tmp# cat /proc/crypto \| grep -A 11 -B 2 bcmspu
	name : authenc(hmac(sha256),cbc(des))
	driver : authenc-hmac-sha256-cbc-des-spu
	module : bcmspu
	priority : 3000
	refcnt : 1
	selftest : passed
	internal : no
	type : aead
	async : yes
	blocksize : 8
	ivsize : 8
	maxauthsize : 32
	geniv : <built-in>

	name : authenc(hmac(sha256),cbc(des3_ede))
	driver : authenc-hmac-sha256-cbc-3des-spu
	module : bcmspu
	priority : 3000
	refcnt : 1
	selftest : passed
	internal : no
	type : aead
	async : yes
	blocksize : 8
	ivsize : 8
	maxauthsize : 32
	geniv : <built-in>

	name : authenc(hmac(sha256),cbc(aes))
	driver : authenc-hmac-sha256-cbc-aes-spu
	module : bcmspu
	priority : 3000
	refcnt : 1
	selftest : passed
	internal : no
	type : aead
	async : yes
	blocksize : 16
	ivsize : 16
	maxauthsize : 32
	geniv : <built-in>

	name : authenc(hmac(md5),cbc(des))
	driver : authenc-hmac-md5-cbc-des-spu
	module : bcmspu
	priority : 3000
	refcnt : 1
	selftest : passed
	internal : no
	type : aead
	async : yes
	blocksize : 8
	ivsize : 8
	maxauthsize : 16
	geniv : <built-in>

	name : authenc(hmac(md5),cbc(des3_ede))
	driver : authenc-hmac-md5-cbc-3des-spu
	module : bcmspu
	priority : 3000
	refcnt : 1
	selftest : passed
	internal : no
	type : aead
	async : yes
	blocksize : 8
	ivsize : 8
	maxauthsize : 16
	geniv : <built-in>

	name : authenc(hmac(md5),cbc(aes))
	driver : authenc-hmac-md5-cbc-aes-spu
	module : bcmspu
	priority : 3000
	refcnt : 1
	selftest : passed
	internal : no
	type : aead
	async : yes
	blocksize : 16
	ivsize : 16
	maxauthsize : 16
	geniv : <built-in>

	name : authenc(hmac(sha1),cbc(des))
	driver : authenc-hmac-sha1-cbc-des-spu
	module : bcmspu
	priority : 3000
	refcnt : 1
	selftest : passed
	internal : no
	type : aead
	async : yes
	blocksize : 8
	ivsize : 8
	maxauthsize : 20
	geniv : <built-in>

	name : authenc(hmac(sha1),cbc(des3_ede))
	driver : authenc-hmac-sha1-cbc-3des-spu
	module : bcmspu
	priority : 3000
	refcnt : 1
	selftest : passed
	internal : no
	type : aead
	async : yes
	blocksize : 8
	ivsize : 8
	maxauthsize : 20
	geniv : <built-in>

	name : authenc(hmac(sha1),cbc(aes))
	driver : authenc-hmac-sha1-cbc-aes-spu
	module : bcmspu
	priority : 3000
	refcnt : 3
	selftest : passed
	internal : no
	type : aead
	async : yes
	blocksize : 16
	ivsize : 16
	maxauthsize : 20
	geniv : <built-in>

	root@OpenWrt:~# ipsec statusall
	Status of IKE charon daemon (strongSwan 5.6.3, Linux 4.1.38, armv7l):
	uptime: 32 minutes, since May 23 02:26:31 2020
	malloc: sbrk 753664, mmap 0, used 312176, free 441488
	worker threads: 10 of 16 idle, 6/0/0/0 working, job queue: 0/0/0/0, scheduled: 2
	loaded plugins: charon test-vectors pkcs11 aes des blowfish rc2 sha2 sha1 md4 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl gcrypt fips-prf gmp gmpdh curve25519 agent xcbc cmac hmac ctr ccm gcm curl attr kernel-netlink resolve socket-default socket-dynamic connmark forecast farp stroke vici smp updown eap-identity eap-md5 eap-mschapv2 eap-radius eap-tls xauth-generic xauth-eap dhcp whitelist led duplicheck addrblock unity
	Listening IP addresses:
	192.168.43.254
	...
	Connections:
	roadwarriorPUBKEY: %any...%any IKEv2
	...
	roadwarriorPUBKEY: remote: uses public key authentication
	roadwarriorPUBKEY: child: 0.0.0.0/0 ::/0 === dynamic TUNNEL
	roadwarriorEAPTLS: %any...%any IKEv2
	...
	roadwarriorEAPTLS: remote: uses EAP_TLS authentication with EAP identity '%any'
	roadwarriorEAPTLS: child: 0.0.0.0/0 ::/0 === dynamic TUNNEL
	Security Associations (1 up, 0 connecting):
	...
	roadwarriorEAPTLS[4]: IKEv2 SPIs: d903e4c411b5be67_i b7e8ca32f4ff6d94_r*, public key reauthentication in 2 hours
	roadwarriorEAPTLS[4]: IKE proposal: AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_3072
	roadwarriorEAPTLS{1}: INSTALLED, TUNNEL, reqid 1, ESP in UDP SPIs: cd60e89d_i 8bd7bc53_o
	roadwarriorEAPTLS{1}: AES_CBC_256/HMAC_SHA1_96, 271600951 bytes_i (254572 pkts, 37s ago), 156956715 bytes_o (177812 pkts, 37s ago), rekeying in 16 minutes
	roadwarriorEAPTLS{1}: 0.0.0.0/0 ::/0 === 192.168.43.181/32

	root@OpenWrt:~# spuctl showstats
	Encryption stats
	Ingress 177811
	Fallback 0
	Egress 175526
	Error 0
	Dropped 2285
	Decryption stats
	Ingress 256429
	Fallback 0
	Egress 254571
	Error 0
	Dropped 1858