#include <stdint.h>
#include <rte_compat.h>
Go to the source code of this file.
|
| __rte_experimental int | rte_ipsec_sad_add (struct rte_ipsec_sad *sad, const union rte_ipsec_sad_key *key, int key_type, void *sa) |
| |
| __rte_experimental int | rte_ipsec_sad_del (struct rte_ipsec_sad *sad, const union rte_ipsec_sad_key *key, int key_type) |
| |
| __rte_experimental struct rte_ipsec_sad * | rte_ipsec_sad_find_existing (const char *name) |
| |
| __rte_experimental void | rte_ipsec_sad_destroy (struct rte_ipsec_sad *sad) |
| |
| __rte_experimental int | rte_ipsec_sad_lookup (const struct rte_ipsec_sad *sad, const union rte_ipsec_sad_key *keys[], void *sa[], uint32_t n) |
| |
EXPERIMENTAL: this API may change without prior notice
RTE IPsec security association database (SAD) support. Contains helper functions to lookup and maintain SAD
Definition in file rte_ipsec_sad.h.
◆ RTE_IPSEC_SAD_FLAG_IPV6
| #define RTE_IPSEC_SAD_FLAG_IPV6 0x1 |
Flag to create SAD with ipv6 dip and sip addresses
Definition at line 53 of file rte_ipsec_sad.h.
◆ RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY
| #define RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY 0x2 |
Flag to support reader writer concurrency
Definition at line 55 of file rte_ipsec_sad.h.
◆ anonymous enum
◆ rte_ipsec_sad_add()
| __rte_experimental int rte_ipsec_sad_add |
( |
struct rte_ipsec_sad * |
sad, |
|
|
const union rte_ipsec_sad_key * |
key, |
|
|
int |
key_type, |
|
|
void * |
sa |
|
) |
| |
Add a rule into the SAD. Could be safely called with concurrent lookups if RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY flag was configured on creation time. While with this flag multi-reader - one-writer model Is MT safe, multi-writer model is not and required extra synchronisation.
- Parameters
-
| sad | SAD object handle |
| key | pointer to the key |
| key_type | key type (spi only/spi+dip/spi+dip+sip) |
| sa | Pointer associated with the key to save in a SAD Must be 4 bytes aligned. |
- Returns
- 0 on success, negative value otherwise
◆ rte_ipsec_sad_del()
| __rte_experimental int rte_ipsec_sad_del |
( |
struct rte_ipsec_sad * |
sad, |
|
|
const union rte_ipsec_sad_key * |
key, |
|
|
int |
key_type |
|
) |
| |
Delete a rule from the SAD. Could be safely called with concurrent lookups if RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY flag was configured on creation time. While with this flag multi-reader - one-writer model Is MT safe, multi-writer model is not and required extra synchronisation.
- Parameters
-
| sad | SAD object handle |
| key | pointer to the key |
| key_type | key type (spi only/spi+dip/spi+dip+sip) |
- Returns
- 0 on success, negative value otherwise
◆ rte_ipsec_sad_find_existing()
| __rte_experimental struct rte_ipsec_sad* rte_ipsec_sad_find_existing |
( |
const char * |
name | ) |
|
Find an existing SAD object and return a pointer to it.
- Parameters
-
| name | Name of the SAD object as passed to rte_ipsec_sad_create() |
- Returns
- Pointer to sad object or NULL if object not found with rte_errno set appropriately. Possible rte_errno values include:
- ENOENT - required entry not available to return.
◆ rte_ipsec_sad_destroy()
| __rte_experimental void rte_ipsec_sad_destroy |
( |
struct rte_ipsec_sad * |
sad | ) |
|
Destroy SAD object.
- Parameters
-
| sad | pointer to the SAD object |
- Returns
- None
◆ rte_ipsec_sad_lookup()
| __rte_experimental int rte_ipsec_sad_lookup |
( |
const struct rte_ipsec_sad * |
sad, |
|
|
const union rte_ipsec_sad_key * |
keys[], |
|
|
void * |
sa[], |
|
|
uint32_t |
n |
|
) |
| |
Lookup multiple keys in the SAD.
- Parameters
-
| sad | SAD object handle |
| keys | Array of keys to be looked up in the SAD |
| sa | Pointer assocoated with the keys. If the lookup for the given key failed, then corresponding sa will be NULL |
| n | Number of elements in keys array to lookup. |
- Returns
- -EINVAL for incorrect arguments, otherwise number of successful lookups.
