rte_ipsec_sa.h(3) | DPDK | rte_ipsec_sa.h(3) |
NAME¶
rte_ipsec_sa.h
SYNOPSIS¶
#include <rte_common.h>
#include <rte_cryptodev.h>
#include <rte_security.h>
Data Structures¶
struct rte_ipsec_sa_prm
Macros¶
#define RTE_IPSEC_SAFLAG_SQN_ATOM (1ULL << 0)
Enumerations¶
enum
Functions¶
uint64_t rte_ipsec_sa_type (const struct rte_ipsec_sa *sa)
int rte_ipsec_sa_size (const struct rte_ipsec_sa_prm *prm)
int rte_ipsec_sa_init (struct rte_ipsec_sa *sa, const struct
rte_ipsec_sa_prm *prm, uint32_t size)
void rte_ipsec_sa_fini (struct rte_ipsec_sa *sa)
Detailed Description¶
Defines API to manage IPsec Security Association (SA) objects.
Definition in file rte_ipsec_sa.h.
Macro Definition Documentation¶
#define RTE_IPSEC_SAFLAG_SQN_ATOM (1ULL << 0)¶
Indicates that SA will(/will not) need an 'atomic' access to sequence number and replay window. 'atomic' here means: functions:
- rte_ipsec_pkt_crypto_prepare
- rte_ipsec_pkt_process can be safely used in MT environment, as long as the user can guarantee that they obey multiple readers/single writer model for SQN+replay_window operations. To be more specific: for outbound SA there are no restrictions. for inbound SA the caller has to guarantee that at any given moment only one thread is executing rte_ipsec_pkt_process() for given SA. Note that it is caller responsibility to maintain correct order of packets to be processed. In other words - it is a caller responsibility to serialize process() invocations.
Definition at line 70 of file rte_ipsec_sa.h.
Enumeration Type Documentation¶
anonymous enum¶
SA type is an 64-bit value that contain the following information:
- IP version (IPv4/IPv6)
- IPsec proto (ESP/AH)
- inbound/outbound
- mode (TRANSPORT/TUNNEL)
- for TUNNEL outer IP version (IPv4/IPv6)
- are SA SQN operations 'atomic'
- ESN enabled/disabled
- NAT-T UDP encapsulated (TUNNEL mode only) ...
Definition at line 85 of file rte_ipsec_sa.h.
Function Documentation¶
uint64_t rte_ipsec_sa_type (const struct rte_ipsec_sa * sa)¶
get type of given SA
Returns
int rte_ipsec_sa_size (const struct rte_ipsec_sa_prm * prm)¶
Calculate required SA size based on provided input parameters.
Parameters
Returns
- Actual size required for SA with given parameters.
- -EINVAL if the parameters are invalid.
int rte_ipsec_sa_init (struct rte_ipsec_sa * sa, const struct rte_ipsec_sa_prm * prm, uint32_t size)¶
initialise SA based on provided input parameters.
Parameters
prm Parameters used to initialise given SA object.
size size of the provided buffer for SA.
Returns
- Actual size of SA object if operation completed successfully.
- -EINVAL if the parameters are invalid.
- -ENOSPC if the size of the provided buffer is not big enough.
void rte_ipsec_sa_fini (struct rte_ipsec_sa * sa)¶
cleanup SA
Parameters
Author¶
Generated automatically by Doxygen for DPDK from the source code.
Fri Dec 15 2023 | Version 23.11.0 |