#include <stdint.h>
#include <rte_compat.h>
Go to the source code of this file.
RTE IPsec security association database (SAD) support. Contains helper functions to lookup and maintain SAD
Definition in file rte_ipsec_sad.h.
◆ RTE_IPSEC_SAD_NAMESIZE
| #define RTE_IPSEC_SAD_NAMESIZE 64 |
◆ RTE_IPSEC_SAD_FLAG_IPV6
| #define RTE_IPSEC_SAD_FLAG_IPV6 0x1 |
◆ RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY
| #define RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY 0x2 |
Flag to support reader writer concurrency
Definition at line 56 of file rte_ipsec_sad.h.
◆ anonymous enum
◆ rte_ipsec_sad_add()
| int rte_ipsec_sad_add |
( |
struct rte_ipsec_sad * |
sad, |
|
|
const union rte_ipsec_sad_key * |
key, |
|
|
int |
key_type, |
|
|
void * |
sa |
|
) |
| |
Add a rule into the SAD. Could be safely called with concurrent lookups if RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY flag was configured on creation time. While with this flag multi-reader - one-writer model Is MT safe, multi-writer model is not and required extra synchronisation.
- Parameters
-
| sad | SAD object handle |
| key | pointer to the key |
| key_type | key type (spi only/spi+dip/spi+dip+sip) |
| sa | Pointer associated with the key to save in a SAD Must be 4 bytes aligned. |
- Returns
- 0 on success, negative value otherwise
- Examples:
- examples/ipsec-secgw/sad.c.
◆ rte_ipsec_sad_del()
| int rte_ipsec_sad_del |
( |
struct rte_ipsec_sad * |
sad, |
|
|
const union rte_ipsec_sad_key * |
key, |
|
|
int |
key_type |
|
) |
| |
Delete a rule from the SAD. Could be safely called with concurrent lookups if RTE_IPSEC_SAD_FLAG_RW_CONCURRENCY flag was configured on creation time. While with this flag multi-reader - one-writer model Is MT safe, multi-writer model is not and required extra synchronisation.
- Parameters
-
| sad | SAD object handle |
| key | pointer to the key |
| key_type | key type (spi only/spi+dip/spi+dip+sip) |
- Returns
- 0 on success, negative value otherwise
◆ rte_ipsec_sad_find_existing()
| struct rte_ipsec_sad* rte_ipsec_sad_find_existing |
( |
const char * |
name | ) |
|
Find an existing SAD object and return a pointer to it.
- Parameters
-
| name | Name of the SAD object as passed to rte_ipsec_sad_create() |
- Returns
- Pointer to sad object or NULL if object not found with rte_errno set appropriately. Possible rte_errno values include:
- ENOENT - required entry not available to return.
◆ rte_ipsec_sad_destroy()
| void rte_ipsec_sad_destroy |
( |
struct rte_ipsec_sad * |
sad | ) |
|
Destroy SAD object.
- Parameters
-
| sad | pointer to the SAD object |
◆ rte_ipsec_sad_lookup()
| int rte_ipsec_sad_lookup |
( |
const struct rte_ipsec_sad * |
sad, |
|
|
const union rte_ipsec_sad_key * |
keys[], |
|
|
void * |
sa[], |
|
|
uint32_t |
n |
|
) |
| |
Lookup multiple keys in the SAD.
- Parameters
-
| sad | SAD object handle |
| keys | Array of keys to be looked up in the SAD |
| sa | Pointer associated with the keys. If the lookup for the given key failed, then corresponding sa will be NULL |
| n | Number of elements in keys array to lookup. |
- Returns
- -EINVAL for incorrect arguments, otherwise number of successful lookups.
- Examples:
- examples/ipsec-secgw/sad.c.
