DPDK  24.11.0-rc3
Data Structures | Macros | Enumerations | Functions
rte_ipsec_sad.h File Reference
#include <stdint.h>
#include <rte_ip6.h>

Go to the source code of this file.

Data Structures

struct  rte_ipsec_sad_conf
 

Macros

#define RTE_IPSEC_SAD_NAMESIZE   64
 
#define RTE_IPSEC_SAD_FLAG_IPV6   0x1
 
#define RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY   0x2
 

Enumerations

enum  
 

Functions

int rte_ipsec_sad_add (struct rte_ipsec_sad *sad, const union rte_ipsec_sad_key *key, int key_type, void *sa)
 
int rte_ipsec_sad_del (struct rte_ipsec_sad *sad, const union rte_ipsec_sad_key *key, int key_type)
 
struct rte_ipsec_sad * rte_ipsec_sad_find_existing (const char *name)
 
void rte_ipsec_sad_destroy (struct rte_ipsec_sad *sad)
 
int rte_ipsec_sad_lookup (const struct rte_ipsec_sad *sad, const union rte_ipsec_sad_key *keys[], void *sa[], uint32_t n)
 

Detailed Description

RTE IPsec security association database (SAD) support. Contains helper functions to lookup and maintain SAD

Definition in file rte_ipsec_sad.h.

Macro Definition Documentation

◆ RTE_IPSEC_SAD_NAMESIZE

#define RTE_IPSEC_SAD_NAMESIZE   64

Max number of characters in SAD name.

Examples:
examples/ipsec-secgw/sad.c.

Definition at line 52 of file rte_ipsec_sad.h.

◆ RTE_IPSEC_SAD_FLAG_IPV6

#define RTE_IPSEC_SAD_FLAG_IPV6   0x1

Flag to create SAD with ipv6 dip and sip addresses

Examples:
examples/ipsec-secgw/sad.c.

Definition at line 54 of file rte_ipsec_sad.h.

◆ RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY

#define RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY   0x2

Flag to support reader writer concurrency

Definition at line 56 of file rte_ipsec_sad.h.

Enumeration Type Documentation

◆ anonymous enum

anonymous enum

Type of key

Definition at line 27 of file rte_ipsec_sad.h.

Function Documentation

◆ rte_ipsec_sad_add()

int rte_ipsec_sad_add ( struct rte_ipsec_sad *  sad,
const union rte_ipsec_sad_key *  key,
int  key_type,
void *  sa 
)

Add a rule into the SAD. Could be safely called with concurrent lookups if RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY flag was configured on creation time. While with this flag multi-reader - one-writer model Is MT safe, multi-writer model is not and required extra synchronisation.

Parameters
sadSAD object handle
keypointer to the key
key_typekey type (spi only/spi+dip/spi+dip+sip)
saPointer associated with the key to save in a SAD Must be 4 bytes aligned.
Returns
0 on success, negative value otherwise
Examples:
examples/ipsec-secgw/sad.c.

◆ rte_ipsec_sad_del()

int rte_ipsec_sad_del ( struct rte_ipsec_sad *  sad,
const union rte_ipsec_sad_key *  key,
int  key_type 
)

Delete a rule from the SAD. Could be safely called with concurrent lookups if RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY flag was configured on creation time. While with this flag multi-reader - one-writer model Is MT safe, multi-writer model is not and required extra synchronisation.

Parameters
sadSAD object handle
keypointer to the key
key_typekey type (spi only/spi+dip/spi+dip+sip)
Returns
0 on success, negative value otherwise

◆ rte_ipsec_sad_find_existing()

struct rte_ipsec_sad* rte_ipsec_sad_find_existing ( const char *  name)

Find an existing SAD object and return a pointer to it.

Parameters
nameName of the SAD object as passed to rte_ipsec_sad_create()
Returns
Pointer to sad object or NULL if object not found with rte_errno set appropriately. Possible rte_errno values include:
  • ENOENT - required entry not available to return.

◆ rte_ipsec_sad_destroy()

void rte_ipsec_sad_destroy ( struct rte_ipsec_sad *  sad)

Destroy SAD object.

Parameters
sadpointer to the SAD object

◆ rte_ipsec_sad_lookup()

int rte_ipsec_sad_lookup ( const struct rte_ipsec_sad *  sad,
const union rte_ipsec_sad_key *  keys[],
void *  sa[],
uint32_t  n 
)

Lookup multiple keys in the SAD.

Parameters
sadSAD object handle
keysArray of keys to be looked up in the SAD
saPointer associated with the keys. If the lookup for the given key failed, then corresponding sa will be NULL
nNumber of elements in keys array to lookup.
Returns
-EINVAL for incorrect arguments, otherwise number of successful lookups.
Examples:
examples/ipsec-secgw/sad.c.