DPDK
24.11.0-rc3
|
#include <rte_security.h>
Security capability definition
Definition at line 1247 of file rte_security.h.
enum rte_security_session_action_type action |
Security action type
Definition at line 1248 of file rte_security.h.
enum rte_security_session_protocol protocol |
Security protocol
Definition at line 1250 of file rte_security.h.
enum rte_security_ipsec_sa_protocol proto |
IPsec SA protocol
Definition at line 1254 of file rte_security.h.
enum rte_security_ipsec_sa_mode mode |
IPsec SA mode
Definition at line 1256 of file rte_security.h.
enum rte_security_ipsec_sa_direction direction |
IPsec SA direction
Definition at line 1258 of file rte_security.h.
struct rte_security_ipsec_sa_options options |
IPsec SA supported options
Definition at line 1260 of file rte_security.h.
uint32_t replay_win_sz_max |
IPsec Anti Replay Window Size. A '0' value indicates that Anti Replay is not supported.
Definition at line 1262 of file rte_security.h.
struct { ... } ipsec |
IPsec capability
uint16_t mtu |
MTU supported for inline TX
Definition at line 1270 of file rte_security.h.
enum rte_security_macsec_alg alg |
MACsec algorithm to be used
Definition at line 1272 of file rte_security.h.
uint16_t max_nb_sc |
Maximum number of secure channels supported
Definition at line 1274 of file rte_security.h.
uint16_t max_nb_sa |
Maximum number of SAs supported
Definition at line 1276 of file rte_security.h.
uint16_t max_nb_sess |
Maximum number of SAs supported
Definition at line 1278 of file rte_security.h.
uint32_t replay_win_sz |
MACsec anti replay window size
Definition at line 1280 of file rte_security.h.
uint16_t relative_sectag_insert |
Support Sectag insertion at relative offset
Definition at line 1282 of file rte_security.h.
uint16_t fixed_sectag_insert |
Support Sectag insertion at fixed offset
Definition at line 1284 of file rte_security.h.
uint16_t icv_include_da_sa |
ICV includes source and destination MAC addresses
Definition at line 1286 of file rte_security.h.
uint16_t ctrl_port_enable |
Control port traffic is supported
Definition at line 1288 of file rte_security.h.
uint16_t preserve_sectag |
Do not strip SecTAG after processing
Definition at line 1290 of file rte_security.h.
uint16_t preserve_icv |
Do not strip ICV from the packet after processing
Definition at line 1292 of file rte_security.h.
uint16_t validate_frames |
Support frame validation as per RTE_SECURITY_MACSEC_VALIDATE_*
Definition at line 1294 of file rte_security.h.
uint16_t re_key |
support re-keying on SA expiry
Definition at line 1296 of file rte_security.h.
uint16_t anti_replay |
support anti replay
Definition at line 1298 of file rte_security.h.
uint16_t reserved |
Reserved bitfields for future capabilities
Definition at line 1300 of file rte_security.h.
struct { ... } macsec |
MACsec capability
enum rte_security_pdcp_domain domain |
PDCP mode of operation: Control or data
Definition at line 1304 of file rte_security.h.
uint32_t capa_flags |
Capability flags, see RTE_SECURITY_PDCP_*
Definition at line 1306 of file rte_security.h.
struct { ... } pdcp |
PDCP capability
enum rte_security_docsis_direction direction |
DOCSIS direction
Definition at line 1311 of file rte_security.h.
struct { ... } docsis |
DOCSIS capability
enum rte_security_tls_version ver |
TLS record version.
Definition at line 1316 of file rte_security.h.
enum rte_security_tls_sess_type type |
TLS record session type.
Definition at line 1318 of file rte_security.h.
uint32_t ar_win_size |
Maximum anti replay window size supported for DTLS 1.2 record read operation. Value of 0 means anti replay check is not supported.
Definition at line 1320 of file rte_security.h.
struct { ... } tls_record |
TLS record capability
const struct rte_cryptodev_capabilities* crypto_capabilities |
Corresponding crypto capabilities for security capability
Definition at line 1328 of file rte_security.h.
uint32_t ol_flags |
Device offload flags
Definition at line 1331 of file rte_security.h.