June 27, 2007
Programming with MPC8572E
Pattern Matching Engine
AN305
Sam Siu
System and Application Engineer
TM
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
Agenda
►Programming with MPC8572E Pattern Matching Engine (PME)
•
•
•
•
•
•
MPC8572 Pattern Matching Engine Hardware Overview
MPC8572 Pattern Matching Engine Software Development Kit
MPC8572 Pattern Matching Engine Compiler
MPC8572 Pattern Matching Engine Linker Loader
MPC8572 Pattern Matcher Manager
MPC8572 Pattern Matching Engine Sample Applications
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
1
MPC8572E
First Dual-Core PowerQUICC® III
Incorporates C-Port and Seaway Networks Technology
►Dual e500 cores based on Power
Architecture™ technology
Power Architecture™
• 36-bit addressing
• 1MB Shared L2 Cache w/ECC
Power Architecture™
e500 core
►Dual Memory Controller
32KB
D-Cache
• Dual DDR2/3 SDRAM up to 667 MHz
• 32/64 bit data bus w/ECC
• Support for up to 32GB memory
32KB
I-Cache
►High Speed Interconnect
DDR2/3
SDRAM
Controller
OpenPIC
Perf Mon
Duart
2x I2C
Timers
32KB
D-Cache
Pattern
Matching
Engine
Queue
Queue
• One x8/x4/x2/x1 PCIe
Or Two x4/x2/x1 PCIe
Or One x4/x2/x1 PCIe AND 1x2 and 1x1
PCIe
Or One x4/x2/x1 PCIe AND x4/x1 sRapidIO
e500 core
1MB L2 Cache
Coherency Module
Deflate
32KB
I-Cache
DDR2/3
SDRAM
Controller
SEC 3.0
Fast
Ethernet
Console
►Dual Table Lookup Unit (TLU)
Gigabit
Gigabit
Ethernet
Gigabit
Ethernet
Gigabit
Ethernet
Ethernet
• Up to 7M lookups/sec
►Pattern Matching (Regex) & Deflate
►90nm SOI Process, 1023-Pin package
►Availability
• Alpha Samples (up to 1.5GHz)
• Production (up to 1.5GHz)
MPC8572E
SGMII
SGMII
SGMII
SGMII
PC
I -E
xp
TLU
TLU
xp
I-E
PC
• ARC4, 3DES, AES, AES-GCM,
SHA-384/512, RSA/ECC, RNG and XOR
• Single pass SSL
Local
Bus
XOR
►Security Engine (SEC 3.0)
A
DM
• 4x 10/100/1000 Ethernet Controllers w/
Classification/Policing, 8 Rx/Tx Queues,
Checksum Offload, QoS, Lossless Flow
Control, IEEE 1588, 4 SGMII
• 1x 10/100 FEC w/ MII (muxed)
DM
A
►Ethernet
PCI-Exp \
sRIO
Q2’07
Q2’08
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
2
MPC8572E: Life of a Packet
Processor reads back lookup results &
performs TCP stream recovery and
Application protocol handling
PME informs processor of scan result
8
Processor performs outgoing TCP
processing and instructs Ethernet port
to transmit.
9
Data retrieved from memory and tx
Deflate
Coherency Module
7
4
Local
Bus
SEC 3.0
Fast
Ethernet
Console
MPC8572E
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
6
8
3
TLU
TLU
2
32KB
I-Cache
DDR2/3
SDRAM
Controller
Gigabit
Gigabit
Ethernet
Gigabit
Ethernet
Gigabit
Ethernet
Ethernet
SGMII
SGMII
SGMII
SGMII
1
xp
I-E
PC
7
Pattern
Matcher
5
Processor instructs Deflate Engine to
decompress and PME to scan relevant
portion of recovered stream content
PME reads data from memory and
scans for patterns
OpenPIC
Perf Mon
Duart
2x I2C
Timers
32KB
D-Cache
A
DM
6
DDR2/3
SDRAM
Controller
32KB
I-Cache
PC
I-E
xp
4
32KB
D-Cache
e500 core
1MB L2 Cache
Queue
Processor writes selector to the TLU to
lookup flow table
e500 core
Queue
3
5
.
An interrupt is raised. Processor
extracts 5-tuple selector from the
packet header
DM
A
2
Packet arrives from “onside network”
and is placed into memory.
XOR
1
PCI-Exp \
sRIO
9
TM
3
Pattern Matching Engine (PME) Specification
►Regex support plus significant
extensions:
•
•
•
Pattern Matching Engine components
Patterns can be split into 256 sets
each of which can contain 16 subsets
16K patterns of up to 128B length
2.4 Gbps raw performance
Access to Pattern Descriptors and State
►Combined hash/NFA technology
•
•
•
No “explosion” in number of patterns
due to wildcards
Low system memory utilization
Fast pattern database compiles and
incremental updates
On-Chip
System
Interface
►Matching across “work units”
finds patterns in streamed data
►The Pattern Matching Engine
utilizes a pipeline of processing
blocks to provide a complete
pattern matching solution.
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
DMA
Engine
Deflate
Engine
Key
Element
Scanning
Engine
(KES)
History
Memory
Hash
Tables
Data
Examination
Engine
(DXE)
Stateful
Rule
Engine
(SRE)
Results
The Pattern Matching Engine
dramatically offload the CPU cores
TM
4
Agenda
►Programming with MPC8572 Pattern Matching Engine (PME)
•
•
•
•
•
•
MPC8572 Pattern Matching Engine Hardware Overview
MPC8572 Pattern Matching Engine Software Development Kit
MPC8572 Pattern Matching Engine Compiler
MPC8572 Pattern Matching Engine Linker Loader
MPC8572 Pattern Matcher Manager
MPC8572 Pattern Matching Engine Sample Applications
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
5
Pattern Matching Engine Software Components
►The Pattern Matching
Engine software provides
the ability to use the Pattern
Matching Engine hardware
assists to recognize various
complex patterns in a stream
of data or packets.
►It consists of:
Scan Data
Regex &
Rules
Pattern Management
Regex
Compiler Lib
PM Data Scan
Applications
•
•
•
•
Driver
PM Driver
PM Control Interface
Regex compiler and
Stateful-Rule compiler
• Linker Loader
• Pattern Matcher (PM)
Manager application
• Sample applications
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
PM Manager
Application
Stateful Rule
Compiler Lib
Linker-loader
Lib
Pattern Matcher
Control Interface
(Linux)
Shadow
Pattern DB
PM Driver
Lib
PM Drivers
(Linux)
Kernel Module
PM Hardware
Legends
Sample code
Freescale Lib
Freescale Driver
TM
6
Summary: Software Modules
Module
Packaging
OS
Platform Supported
Regex Compiler
Executable
Linux®
Power Architecture™ technology,
x86
Windows®
X86
Library
Linux
Power Architecture™ technology
Executable
Linux
Power Architecture™ technology,
x86
Windows
X86
Library
Linux
Power Architecture™ technology
Linker Loader
Library
Linux
Power Architecture™ technology
PM Manager
Library and Source Code
Linux
Power Architecture™ technology
PM Driver
Kernel Loadable modules and
source code
Linux
Power Architecture™ technology
Stateful Rule
Compiler
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
7
Agenda
►Programming with MPC8572 Pattern Matching Engine (PME)
•
•
•
•
•
•
MPC8572 Pattern Matching Engine Hardware Overview
MPC8572 Pattern Matching Engine Software Development Kit
MPC8572 Pattern Matching Engine Compiler
MPC8572 Pattern Matching Engine Linker Loader
MPC8572 Pattern Matcher Manager
MPC8572 Pattern Matching Engine Sample Applications
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
8
Pattern Matching: KES and DXE
►Key Element Scanning Engine
(KES) scans for possible matches and
filters work to be performed by Data
Examination Engine (DXE).
►KES Computes a hash for different
fingerprint lengths and looks up onchip hash tables.
►A “hit” on one of these hashes results in a second level filters
(“confidence” hash) being performed.
►Data eXamination Engine (DXE) performs complete match for each
“possible” match found by KES.
►DXE stores pattern definitions in DRAM.
►DXE implements a significant subset of the REGEX pattern definition
syntax plus many constructs which cannot be expressed in REGEX.
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
9
Pattern Matching Engine Regex Compiler
►The regex compiler accepts a regex string with options or
a file containing regexes and converts these regexes into
Pattern Matching Engine hardware-specific format
►The regex compiler is available as a a ‘C’ library with API
and a standalone executable program
►Compiles a regex into a HW specific format
►‘C’ API:
int pmrec_compile
(char
char
… );
Signature Manager
Signature
Manager
Regex &
Rules
1
Regex
Compiler
Stateful Rule
Compiler
*input_file_name_p,
*output_file_name_p,
• Input File:
File consisting of one or more lines in the form <name> /<expression>/ [options]
• Example: pname1 /catch.(a|b)one/tag=0x00000010
►Sample command-line interface provided
• pmm> add regex file source <filename> [binary <filename>]
• pmm> add regex name <name> exp /<regex>/[options]
OR
• > pmreg -i sample.regex -o sample.bin
Where sample.regex contains:
login /login/set=1 subset=0xffff tag=0x01
logout /^logout/m tag=0x02
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
10
PME Regex Compiler Consideration 1: Fingerprint
►In the Pattern Matching Engine, every pattern has an associated
fingerprint. A fingerprint for a pattern is a set of contiguous symbols
of type “Equivalent Byte” of length 1, 2, or K (from 2 to 16).
►Examples of supported regexes are:
/a/
/aa*/
/a(b|c)/
/a[bB]/
/^(b|c)/
# ^ is the fingerprint in this case
/^a*/
# ^ is the fingerprint in this case
/a+/
# one or more “a”, therefore fingerprint can be “a”
/\$[0-9]+\.??[0-9]{1,2}/
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
11
PME Regex Compiler Consideration 2: Matching Position
►The Pattern Matching Engine starts pattern searches in the input data
relative to the position of the pattern fingerprints in the input data
►This is different than typical software-based non-deterministic finite
automaton (NFA) regex engines that scan input data starting at the first
byte of the input data and advancing the search position one byte at a
time
►The Pattern Matching Engine matches all possible occurrences of the
same pattern, including ones that overlap with the previously reported
matches in the input data
►In the following example, how many match will PME find?
• regex: /AxA/ Input data is “AxAxA”
• regex:/aloha/, /hacker/, Input data is “alohacker”
A x A x A
A L O H A C K E R
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
12
PME Regex Scan Results
►The match report contains information such as the tag of the regex that matched
and where in the data the match was found
►The type of report, simple or verbose, is configurable on a per scan stream basis
Offset
Bit
Description
0
0
Set to 0.
0
1–3
For the default mode the values are:
000 - Complete match within a search window
0
4–7
Set to 0x1.
1
0–7
Number of bytes matched by the pattern (max value of 128).
2
0–47
The number of bytes scanned initially prior to the current work unit.
8
0-31
The position of rightmost byte of the match relative to the work unit scanned
12
0-31
A 32 bit tag assigned to the regex that matched
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
13
Pattern Matching: Stateful Rule Engine (SRE)
►Stateful rules are user-defined
logic reacts to pattern matches
detected by the DXE
►Stateful rules are FSM that
operate on a per session basis
►A session is a logical grouping of one or more flows. e.g. a pair of flows
representing both directions of communication in a connection
►Can be used to further qualify the pattern match - for example:
• All patterns making up the signature are found, or
• Matched only within a certain portion of the data (e.g. URL), or
• Matched only within a certain portion of the data within the data unit.
►Advance uses of Stateful Rule:
• Protocol state tracking (e.g. track the “normal” transitions of SMTP)
• Support “greedy” wildcards (e.g. AB.*PQ i.e. two patterns tied together by a stateful rule)
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
14
PME Stateful Rule Compiler
► Compiles a stateful rule into a HW specific format
► The stateful rule syntax is a language specification used to write stateful
rules. The syntax closely correlates to the structure interpreted by the
SRE hardware.
Signature Manager
► e.g. ‘C’ API
int pmsrc_compile
(char
char
… );
*input_file_name_p,
*output_file_name_p,
Signature
Manager
Regex &
Rules
1
Input file contains stateful rules in text format
Output file is the stateful rule object file, binary content
Regex
Compiler
Stateful Rule
Compiler
► Sample command-line interface provided
• pmm> add rule file source sample.sr
OR
• > pmsrc -i sample.sr -o sample.bin
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
15
PME Stateful Rule Syntax
► The rule writer breaks down the desired scenario into various states and
then uses events to trigger actions within each state
► Five actions can store values in a persistent variable, compare values,
report values, or transition into a new state. They are:
• Change state
• Assign variables
• Report
• If loop
• While loop
► The rule definition is as follows
STATEFUL_RULE: <rule name>
RESET_STATE:
EVENT “pattern#1 name”
<Set of Actions>
STATE <STATE NAME>:
EVENT “pattern#2 name”
<Set of Actions>
EVENT “pattern#3 name”
<More actions>
EVENT “pattern#4 name”
exit
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
16
PME Stateful Rule Syntax: Variables
►Variables
• Global Variables (shared by all rules within all sessions)
GV[x] where x =1 to 15. Size is 1 byte.
GV[x:y] where x =1 to 14, y =2 to 15. Size is (y – x + 1) B, max 8B.
• Session Variables (scope within a given session ID and a rule ID)
SRV[x] where x =1 to 15. Size is 1 byte.
SRV[x:y] where x =1 to 14, y =2 to 15. Size is (y – x + 1) B, max 8B.
• Temporary Variables (scope within the invocation of a reaction)
TV[x] where x =1 to 15. Size is 1 byte.
TV[x:y] where x =1 to 14, y =2 to 15. Size is (y – x + 1) B, max 8B.
►Flags
• Session Flags
SF[x] where x = 1 to 16, 1 bit in size
• Temporary Flags
TF[x] where x = 1 to 16, 1 bit in size
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
17
Stateful Rules Example
►Tracking FTP session and state of activity.
• SRE tracks FTP flows activity. i.e. between 10.10.1.1 and 10.10.1.100
STATEFUL_RULE: FTPexample
RESET_STATE:
EVENT “ftpOpen”
next_state ftpSess
10.10.1.1:21 <-ftp open <- 10.10.1.100:16734
EVENT “ftpRoot”
10.10.1.1:21 -> logon prompt -> 10.10.1.100:16734
{ report 0x01 } # report
10.10.1.1:21 <- anonymous <- 10.10.1.100:16734
root ftp attempt
STATE ftpSess:
10.10.1.1:21 -> password? -> 10.10.1.100:16734
EVENT “ftpGet”
10.10.1.1:21 <- abcde <- 10.10.1.100:16734
SRV[5] = SRV[5] + 1
10.10.1.1:21 -> banner -> 10.10.1.100:16734
EVENT “ftpBye”
10.10.1.1:21 <- get file1 <- 10.10.1.100:16734
if ( SRV[5] != 0 ) {
{ report 0x02 }
10.10.1.1:21 -> file 1 -> 10.10.1.100:16734
}
10.10.1.1:21 <- get file2 <- 10.10.1.100:16734
next_state RESET_STATE
10.10.1.1:21 -> file2 -> 10.10.1.100:16734
10.10.1.1:21 <- bye <- 10.10.1.100:16734
10.10.1.1:21 -> logoff -> 10.10.1.100:16734
REGEX entries
ftpOpen /230\: Guest login ok/ tag=0x0001
ftpRoot /331\: root login ok/ tag=0x0002
ftpGet/PORT\=21 226 Transfer complete/ tag=0x0003
ftpBye /Cmd\: (QUIT|BYE)/ tag=0x0004
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
18
Agenda
►Programming with MPC8572 Pattern Matching Engine (PME)
•
•
•
•
•
•
MPC8572 Pattern Matching Engine Hardware Overview
MPC8572 Pattern Matching Engine Software Development Kit
MPC8572 Pattern Matching Engine Compiler
MPC8572 Pattern Matching Engine Linker Loader
MPC8572 Pattern Matcher Manager
MPC8572 Pattern Matching Engine Sample Applications
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
19
Pattern Matching Engine Linker-Loader
► The linker-loader (LL) allows a user of the Pattern
Matching Engine module to configure the hardware, and
query the state of the Pattern Matching Engine hardware
► The LL is implemented as a user space library of
functions performing different actions on the PM
hardware. These functions are accessible through a
well-defined API
► Note that the linker-loader library indirectly sends PM
control messages through functions provided by the PM
Manager application.
► The callback functions provide you the flexibility to
implement the communication pipe between the LL and
the PM control interface that is most appropriate for the
pattern management system
► The LL library maintains a shadow database of the
hardware tables that contains the PM hardware
database, plus additional information such as all
currently configured expressions and stateful rules
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
PM Regex compiler
Pattern Matcher
Manager
Application
PM SR compiler
PM Linker-Loader
PM Control Interface
Shadow
Database
PM Driver
PM Hardware
C Library
TM
20
Linker-Loader: Setup Pattern Matching Engine
►The generic steps involved in configuring the Pattern Matching Engine
hardware are as follows:
• initialize the PMLL module with a call to the pmll_module_init() function
• call the pmll_db_create() function to create a PMLL shadow DB and register
the PMLA functions with the new shadow DB
• use the pmll_connection_handle_set() function to associate a PMLA channel
with the created PMLL shadow DB
• use the PMLL expression functions to add expressions to the shadow DB
• use the PMLL rule functions to add rules to the shadow DB
• call the pmll_commit() function to get PMLL to link the expression and rule
records and to load the configuration on the PM hardware
►All the PMLL functions run to completion
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
21
Agenda
►Programming with MPC8572 Pattern Matching Engine (PME)
•
•
•
•
•
•
MPC8572 Pattern Matching Engine Hardware Overview
MPC8572 Pattern Matching Engine Software Development Kit
MPC8572 Pattern Matching Engine Compiler
MPC8572 Pattern Matching Engine Linker Loader
MPC8572 Pattern Matcher Manager
MPC8572 Pattern Matching Engine Sample Applications
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
22
Distributed Pattern Management Software
Pattern Management
PM Distributed
Manager
Regex &
Rules
PMM UI module
(compile)
Communication
Medium
PMM DB module
(Link)
Regex
Compiler
Lib
Stateful Rule
Compiler Lib
Linker-Loader
Lib
Communication
Medium
User Data Scan
Application
PMM local module
(Load)
PM Drivers
Shadow
Pattern DB
Local/Remote
Host 2
PM Host
Pattern Matcher
Control Interface Lib
Legends
Customer Code
Freescale Library
PM Drivers
Freescale
Linux code
PM Hardware
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
Local/Remote
Host 1
TM
23
Distributed Pattern Management Software
►The sample Pattern Matcher Manager (PMM) is a Freescale application
implemented as a Linux® user-space process
►The PMM application provides a simple command-based interface to
compile, link, and load expressions and stateful rules
• Adding Regexes and Rules in source or binary format
> add regex name e1 exp /matchme/tag=0x01
> add regex file source myexpressions.src
> add regex file binary regexes.bin
> add rule file source /tmp/rules.src binary /tmp/rules.bin
• Committing the PM database to the hardware
> commit
• Deleting Regexes and Rules
> delete regex all
> delete regex name e1
• Showing Regexes and Rules
> show regex all
• Monitoring PM hardware
> show stats ll
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
24
PM Statistics Manager
►The Pattern Matching Engine hardware offers a variety of statistics counters for
debugging and analyzing pattern scanning and deflate functions
►The statistics counters are read reset
►There are three categories of statistics
• Pattern matching (KES, DXE and SRE)
• Deflate
• Channel/DMA
read stats hw
1st Filtering
2nd Filtering
Exact Match
The PM H/W Statistics:
PM Input Bytes (KES) :
PM Output Report Bytes (SRE) :
PM Trigger 1B Hits (KES) :
PM Trigger 2B Hits (KES) :
PM Trigger Variable Hits (KES) :
PM Trigger Special Hits (KES) :
PM Confidence Stage Hits (KES) :
PM Matches (DXE) :
PM SR Execution by DXE (SRE) :
PM SR Execution by SUI (SRE) :
PM SUI With Matches (DXE) :
PM SUI With Reports (SRE) :
PM Input SUIs (KES) :
PM Matches with DRCC (DXE) :
Deflate Input Bytes (DFL) :
Deflate Output Bytes (DFL) :
Deflate Work Units (DFL) :
Current
2046307723
19289490
3589872
3564246
380142229
138789
9845845
776645
0
0
69322
1372634
1372634
9845845
0
0
0
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
Previous
2045023888
19278351
3587538
3562294
379899749
138713
9840005
776216
0
0
69283
1371779
1371779
9840005
0
0
0
Delta
1283835
11139
2334
1952
242480
76
5840
429
0
0
39
855
855
5840
0
0
0
TM
25
PMM source code
►/mnt/cdrom/pm_software/user/pmm.c
/** The main entry point for the PMM module. retval value 0 upon success; -1 otherwise. */
int
main(int argn, char *args[])
{uint32_t
status = 0;
handle_t
cliHandle = HANDLE_NULL;
_pmm_app_params_t appParams;
// Parse the PMM module arguments.
if(0 != _pmm_parse_arguments(argn, args, &appParams)) {
/* Nothing else to do here since the above function call took care
* of all the user notification */
return(-1);
}
// Initialize the PMM module.
if(0 != _pmm_module_init(&appParams, &cliHandle)) {
fprintf(stdout, "Failed to initialize the PMM module.\n");
return(-1);
}
// Run the PMM module.
status = _pmm_module_run(cliHandle);
// Shut down the PMM module.
_pmm_module_shutdown(cliHandle);
fprintf(stdout, "Terminating the PMM application.\n\n");
return status;
} // main
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
26
Agenda
►Programming with MPC8572 Pattern Matching Engine (PME)
•
•
•
•
•
•
MPC8572 Pattern Matching Engine Hardware Overview
MPC8572 Pattern Matching Engine Software Development Kit
MPC8572 Pattern Matching Engine Compiler
MPC8572 Pattern Matching Engine Linker Loader
MPC8572 Pattern Matcher Manager
MPC8572 Pattern Matching Engine Sample Applications
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
27
Summary: Sample Software
Module
Packaging
OS
Platform Supported
PM Manager (PMM)
Executable and source code
Linux®
Power Architecture™ technology
Pattern Scanner
pm_scan_demo
Executable and source code
Linux
Power Architecture™ technology
PM L7 Filter
Executable and source code
Linux
Power Architecture™ technology
Snort PM plugins
Executable and source code
Linux
Power Architecture™ technology
Deflate CLI tool
Executable and source code
Linux
Power Architecture™ technology
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
28
Conclusion
►MPC8572E – PowerQUICC® III SoC optimized for current and
emerging Network Security processing requirements at Gbps speed
• Dual e500 core based on Power Architecture™ technology to provide
processing cycles and flexibility
• accelerate packet header and content processing
►Successive Network Security Devices can be developed with
consistent architecture by adding additional software invoking
Pattern Matching Engine
• Intrusion Detection and Prevention System
• Anti-Virus and Anti-Spam
• Peer to Peer Management
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
TM
29
TM
Freescale™ and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are
the property of their respective owners. © Freescale Semiconductor, Inc. 2007-2008.
