DPDK  23.07.0
Data Fields
rte_security_capability Struct Reference

#include <rte_security.h>

Data Fields

enum rte_security_session_action_type action
 
enum rte_security_session_protocol protocol
 
const struct rte_cryptodev_capabilitiescrypto_capabilities
 
uint32_t ol_flags
 
enum rte_security_ipsec_sa_protocol proto
 
enum rte_security_ipsec_sa_mode mode
 
enum rte_security_ipsec_sa_direction direction
 
struct rte_security_ipsec_sa_options options
 
uint32_t replay_win_sz_max
 
struct {
   enum rte_security_ipsec_sa_protocol   proto
 
   enum rte_security_ipsec_sa_mode   mode
 
   enum rte_security_ipsec_sa_direction   direction
 
   struct rte_security_ipsec_sa_options   options
 
   uint32_t   replay_win_sz_max
 
ipsec
 
uint16_t mtu
 
enum rte_security_macsec_alg alg
 
uint16_t max_nb_sc
 
uint16_t max_nb_sa
 
uint16_t max_nb_sess
 
uint32_t replay_win_sz
 
uint16_t relative_sectag_insert: 1
 
uint16_t fixed_sectag_insert: 1
 
uint16_t icv_include_da_sa: 1
 
uint16_t ctrl_port_enable: 1
 
uint16_t preserve_sectag: 1
 
uint16_t preserve_icv: 1
 
uint16_t validate_frames: 1
 
uint16_t re_key: 1
 
uint16_t anti_replay: 1
 
uint16_t reserved: 7
 
struct {
   uint16_t   mtu
 
   enum rte_security_macsec_alg   alg
 
   uint16_t   max_nb_sc
 
   uint16_t   max_nb_sa
 
   uint16_t   max_nb_sess
 
   uint32_t   replay_win_sz
 
   uint16_t   relative_sectag_insert: 1
 
   uint16_t   fixed_sectag_insert: 1
 
   uint16_t   icv_include_da_sa: 1
 
   uint16_t   ctrl_port_enable: 1
 
   uint16_t   preserve_sectag: 1
 
   uint16_t   preserve_icv: 1
 
   uint16_t   validate_frames: 1
 
   uint16_t   re_key: 1
 
   uint16_t   anti_replay: 1
 
   uint16_t   reserved: 7
 
macsec
 
enum rte_security_pdcp_domain domain
 
uint32_t capa_flags
 
struct {
   enum rte_security_pdcp_domain   domain
 
   uint32_t   capa_flags
 
pdcp
 
enum rte_security_docsis_direction direction
 
struct {
   enum rte_security_docsis_direction   direction
 
docsis
 

Detailed Description

Security capability definition

Examples:
examples/ipsec-secgw/ipsec.c.

Definition at line 1124 of file rte_security.h.

Field Documentation

◆ action

enum rte_security_session_action_type action

Security action type

Definition at line 1125 of file rte_security.h.

◆ protocol

enum rte_security_session_protocol protocol

Security protocol

Definition at line 1127 of file rte_security.h.

◆ proto

enum rte_security_ipsec_sa_protocol proto

IPsec SA protocol

Definition at line 1132 of file rte_security.h.

◆ mode

enum rte_security_ipsec_sa_mode mode

IPsec SA mode

Definition at line 1134 of file rte_security.h.

◆ direction [1/2]

enum rte_security_ipsec_sa_direction direction

IPsec SA direction

Definition at line 1136 of file rte_security.h.

◆ options

struct rte_security_ipsec_sa_options options

IPsec SA supported options

Definition at line 1138 of file rte_security.h.

◆ replay_win_sz_max

uint32_t replay_win_sz_max

IPsec Anti Replay Window Size. A '0' value indicates that Anti Replay is not supported.

Definition at line 1140 of file rte_security.h.

◆ ipsec

struct { ... } ipsec

IPsec capability

Examples:
examples/ipsec-secgw/ipsec.c.

◆ mtu

uint16_t mtu

MTU supported for inline TX

Definition at line 1148 of file rte_security.h.

◆ alg

enum rte_security_macsec_alg alg

MACsec algorithm to be used

Definition at line 1150 of file rte_security.h.

◆ max_nb_sc

uint16_t max_nb_sc

Maximum number of secure channels supported

Definition at line 1152 of file rte_security.h.

◆ max_nb_sa

uint16_t max_nb_sa

Maximum number of SAs supported

Definition at line 1154 of file rte_security.h.

◆ max_nb_sess

uint16_t max_nb_sess

Maximum number of SAs supported

Definition at line 1156 of file rte_security.h.

◆ replay_win_sz

uint32_t replay_win_sz

MACsec anti replay window size

Definition at line 1158 of file rte_security.h.

◆ relative_sectag_insert

uint16_t relative_sectag_insert

Support Sectag insertion at relative offset

Definition at line 1160 of file rte_security.h.

◆ fixed_sectag_insert

uint16_t fixed_sectag_insert

Support Sectag insertion at fixed offset

Definition at line 1162 of file rte_security.h.

◆ icv_include_da_sa

uint16_t icv_include_da_sa

ICV includes source and destination MAC addresses

Definition at line 1164 of file rte_security.h.

◆ ctrl_port_enable

uint16_t ctrl_port_enable

Control port traffic is supported

Definition at line 1166 of file rte_security.h.

◆ preserve_sectag

uint16_t preserve_sectag

Do not strip SecTAG after processing

Definition at line 1168 of file rte_security.h.

◆ preserve_icv

uint16_t preserve_icv

Do not strip ICV from the packet after processing

Definition at line 1170 of file rte_security.h.

◆ validate_frames

uint16_t validate_frames

Support frame validation as per RTE_SECURITY_MACSEC_VALIDATE_*

Definition at line 1172 of file rte_security.h.

◆ re_key

uint16_t re_key

support re-keying on SA expiry

Definition at line 1174 of file rte_security.h.

◆ anti_replay

uint16_t anti_replay

support anti replay

Definition at line 1176 of file rte_security.h.

◆ reserved

uint16_t reserved

Reserved bitfields for future capabilities

Definition at line 1178 of file rte_security.h.

◆ macsec

struct { ... } macsec

MACsec capability

◆ domain

enum rte_security_pdcp_domain domain

PDCP mode of operation: Control or data

Definition at line 1182 of file rte_security.h.

◆ capa_flags

uint32_t capa_flags

Capability flags, see RTE_SECURITY_PDCP_*

Definition at line 1184 of file rte_security.h.

◆ pdcp

struct { ... } pdcp

PDCP capability

◆ direction [2/2]

enum rte_security_docsis_direction direction

DOCSIS direction

Definition at line 1189 of file rte_security.h.

◆ docsis

struct { ... } docsis

DOCSIS capability

◆ crypto_capabilities

const struct rte_cryptodev_capabilities* crypto_capabilities

Corresponding crypto capabilities for security capability

Examples:
examples/ipsec-secgw/ipsec.c.

Definition at line 1195 of file rte_security.h.

◆ ol_flags

uint32_t ol_flags

Device offload flags

Examples:
examples/ipsec-secgw/ipsec.c.

Definition at line 1198 of file rte_security.h.

The documentation for this struct was generated from the following file:
Generated by   doxygen 1.8.13