table of contents
rte_ipsec.h(3) | DPDK | rte_ipsec.h(3) |
NAME¶
rte_ipsec.h
SYNOPSIS¶
#include <rte_ipsec_sa.h>
#include <rte_mbuf.h>
#include <rte_ipsec_group.h>
Data Structures¶
struct rte_ipsec_sa_pkt_func
struct rte_ipsec_session
Functions¶
int rte_ipsec_session_prepare (struct
rte_ipsec_session *ss)
static uint16_t rte_ipsec_pkt_crypto_prepare (const struct
rte_ipsec_session *ss, struct rte_mbuf *mb[], struct
rte_crypto_op *cop[], uint16_t num)
static uint16_t rte_ipsec_pkt_process (const struct
rte_ipsec_session *ss, struct rte_mbuf *mb[], uint16_t num)
int rte_ipsec_telemetry_sa_add (const struct rte_ipsec_sa *sa)
void rte_ipsec_telemetry_sa_del (const struct rte_ipsec_sa *sa)
Detailed Description¶
RTE IPsec support.
librte_ipsec provides a framework for data-path IPsec protocol processing (ESP/AH).
Definition in file rte_ipsec.h.
Function Documentation¶
int rte_ipsec_session_prepare (struct rte_ipsec_session * ss)¶
Checks that inside given rte_ipsec_session crypto/security fields are filled correctly and setups function pointers based on these values. Expects that all fields except IPsec processing function pointers (pkt_func) will be filled correctly by caller.
Parameters:
Returns:
- Zero if operation completed successfully.
- -EINVAL if the parameters are invalid.
static uint16_t rte_ipsec_pkt_crypto_prepare (const struct rte_ipsec_session * ss, struct rte_mbuf * mb[], struct rte_crypto_op * cop[], uint16_t num) [inline], [static]¶
For input mbufs and given IPsec session prepare crypto ops that can be enqueued into the cryptodev associated with given session. expects that for each input packet:
- •
- l2_len, l3_len are setup correctly Note that erroneous mbufs are not freed by the function, but are placed beyond last valid mbuf in the mb array. It is a user responsibility to handle them further.
Parameters:
mb The address of an array of num pointers to rte_mbuf structures which contain the input packets.
cop The address of an array of num pointers to the output rte_crypto_op structures.
num The maximum number of packets to process.
Returns:
Definition at line 118 of file rte_ipsec.h.
static uint16_t rte_ipsec_pkt_process (const struct rte_ipsec_session * ss, struct rte_mbuf * mb[], uint16_t num) [inline], [static]¶
Finalise processing of packets after crypto-dev finished with them or process packets that are subjects to inline IPsec offload. Expects that for each input packet:
- •
- l2_len, l3_len are setup correctly Output mbufs will be: inbound - decrypted & authenticated, ESP(AH) related headers removed, l2_len and l3_len fields are updated. outbound - appropriate mbuf fields (ol_flags, tx_offloads, etc.) properly setup, if necessary - IP headers updated, ESP(AH) fields added, Note that erroneous mbufs are not freed by the function, but are placed beyond last valid mbuf in the mb array. It is a user responsibility to handle them further.
Parameters:
mb The address of an array of num pointers to rte_mbuf structures which contain the input packets.
num The maximum number of packets to process.
Returns:
Definition at line 155 of file rte_ipsec.h.
int rte_ipsec_telemetry_sa_add (const struct rte_ipsec_sa * sa)¶
Enable per SA telemetry for a specific SA. Note that this function is not thread safe
Parameters:
Returns:
void rte_ipsec_telemetry_sa_del (const struct rte_ipsec_sa * sa)¶
Disable per SA telemetry for a specific SA. Note that this function is not thread safe
Parameters:
Author¶
Generated automatically by Doxygen for DPDK from the source code.
Thu May 23 2024 | Version 23.11.0 |