DPDK
24.11.0
|
Go to the source code of this file.
Data Structures | |
struct | rte_ipsec_sad_conf |
Macros | |
#define | RTE_IPSEC_SAD_NAMESIZE 64 |
#define | RTE_IPSEC_SAD_FLAG_IPV6 0x1 |
#define | RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY 0x2 |
Enumerations | |
enum | |
Functions | |
int | rte_ipsec_sad_add (struct rte_ipsec_sad *sad, const union rte_ipsec_sad_key *key, int key_type, void *sa) |
int | rte_ipsec_sad_del (struct rte_ipsec_sad *sad, const union rte_ipsec_sad_key *key, int key_type) |
struct rte_ipsec_sad * | rte_ipsec_sad_find_existing (const char *name) |
void | rte_ipsec_sad_destroy (struct rte_ipsec_sad *sad) |
int | rte_ipsec_sad_lookup (const struct rte_ipsec_sad *sad, const union rte_ipsec_sad_key *keys[], void *sa[], uint32_t n) |
RTE IPsec security association database (SAD) support. Contains helper functions to lookup and maintain SAD
Definition in file rte_ipsec_sad.h.
#define RTE_IPSEC_SAD_NAMESIZE 64 |
Max number of characters in SAD name.
Definition at line 52 of file rte_ipsec_sad.h.
#define RTE_IPSEC_SAD_FLAG_IPV6 0x1 |
Flag to create SAD with ipv6 dip and sip addresses
Definition at line 54 of file rte_ipsec_sad.h.
#define RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY 0x2 |
Flag to support reader writer concurrency
Definition at line 56 of file rte_ipsec_sad.h.
anonymous enum |
Type of key
Definition at line 27 of file rte_ipsec_sad.h.
int rte_ipsec_sad_add | ( | struct rte_ipsec_sad * | sad, |
const union rte_ipsec_sad_key * | key, | ||
int | key_type, | ||
void * | sa | ||
) |
Add a rule into the SAD. Could be safely called with concurrent lookups if RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY flag was configured on creation time. While with this flag multi-reader - one-writer model Is MT safe, multi-writer model is not and required extra synchronisation.
sad | SAD object handle |
key | pointer to the key |
key_type | key type (spi only/spi+dip/spi+dip+sip) |
sa | Pointer associated with the key to save in a SAD Must be 4 bytes aligned. |
int rte_ipsec_sad_del | ( | struct rte_ipsec_sad * | sad, |
const union rte_ipsec_sad_key * | key, | ||
int | key_type | ||
) |
Delete a rule from the SAD. Could be safely called with concurrent lookups if RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY flag was configured on creation time. While with this flag multi-reader - one-writer model Is MT safe, multi-writer model is not and required extra synchronisation.
sad | SAD object handle |
key | pointer to the key |
key_type | key type (spi only/spi+dip/spi+dip+sip) |
struct rte_ipsec_sad* rte_ipsec_sad_find_existing | ( | const char * | name | ) |
Find an existing SAD object and return a pointer to it.
name | Name of the SAD object as passed to rte_ipsec_sad_create() |
void rte_ipsec_sad_destroy | ( | struct rte_ipsec_sad * | sad | ) |
Destroy SAD object.
sad | pointer to the SAD object |
int rte_ipsec_sad_lookup | ( | const struct rte_ipsec_sad * | sad, |
const union rte_ipsec_sad_key * | keys[], | ||
void * | sa[], | ||
uint32_t | n | ||
) |
Lookup multiple keys in the SAD.
sad | SAD object handle |
keys | Array of keys to be looked up in the SAD |
sa | Pointer associated with the keys. If the lookup for the given key failed, then corresponding sa will be NULL |
n | Number of elements in keys array to lookup. |