DPDK  21.05.0-rc3
Data Fields
rte_flow_action_security Struct Reference

#include <rte_flow.h>

Data Fields

void * security_session

Detailed Description


Perform the security action on flows matched by the pattern items according to the configuration of the security session.

This action modifies the payload of matched flows. For INLINE_CRYPTO, the security protocol headers and IV are fully provided by the application as specified in the flow pattern. The payload of matching packets is encrypted on egress, and decrypted and authenticated on ingress. For INLINE_PROTOCOL, the security protocol is fully offloaded to HW, providing full encapsulation and decapsulation of packets in security protocols. The flow pattern specifies both the outer security header fields and the inner packet fields. The security session specified in the action must match the pattern parameters.

The security session specified in the action must be created on the same port as the flow action that is being specified.

The ingress/egress flow attribute should match that specified in the security session if the security session supports the definition of the direction.

Multiple flows can be configured to use the same security session.

The NULL value is allowed for security session. If security session is NULL, then SPI field in ESP flow item and IP addresses in flow items 'IPv4' and 'IPv6' will be allowed to be a range. The rule thus created can enable security processing on multiple flows.

Definition at line 2682 of file rte_flow.h.

Field Documentation

◆ security_session

void* security_session

Pointer to security session structure.

Definition at line 2683 of file rte_flow.h.

The documentation for this struct was generated from the following file: