table of contents
rte_security_capability(3) | DPDK | rte_security_capability(3) |
NAME¶
rte_security_capability
SYNOPSIS¶
#include <rte_security.h>
Data Fields¶
enum rte_security_session_action_type action
enum rte_security_session_protocol protocol
const struct rte_cryptodev_capabilities * crypto_capabilities
uint32_t ol_flags
enum rte_security_ipsec_sa_protocol proto
enum rte_security_ipsec_sa_mode mode
enum rte_security_ipsec_sa_direction direction
struct rte_security_ipsec_sa_options options
uint32_t replay_win_sz_max
struct {
enum rte_security_ipsec_sa_protocol proto
enum rte_security_ipsec_sa_mode mode
enum rte_security_ipsec_sa_direction direction
struct rte_security_ipsec_sa_options options
uint32_t replay_win_sz_max
} ipsec
uint16_t mtu
enum rte_security_macsec_alg alg
uint16_t max_nb_sc
uint16_t max_nb_sa
uint16_t max_nb_sess
uint32_t replay_win_sz
uint16_t relative_sectag_insert: 1
uint16_t fixed_sectag_insert: 1
uint16_t icv_include_da_sa: 1
uint16_t ctrl_port_enable: 1
uint16_t preserve_sectag: 1
uint16_t preserve_icv: 1
uint16_t validate_frames: 1
uint16_t re_key: 1
uint16_t anti_replay: 1
uint16_t reserved: 7
struct {
uint16_t mtu
enum rte_security_macsec_alg alg
uint16_t max_nb_sc
uint16_t max_nb_sa
uint16_t max_nb_sess
uint32_t replay_win_sz
uint16_t relative_sectag_insert: 1
uint16_t fixed_sectag_insert: 1
uint16_t icv_include_da_sa: 1
uint16_t ctrl_port_enable: 1
uint16_t preserve_sectag: 1
uint16_t preserve_icv: 1
uint16_t validate_frames: 1
uint16_t re_key: 1
uint16_t anti_replay: 1
uint16_t reserved: 7
} macsec
enum rte_security_pdcp_domain domain
uint32_t capa_flags
struct {
enum rte_security_pdcp_domain domain
uint32_t capa_flags
} pdcp
enum rte_security_docsis_direction direction
struct {
enum rte_security_docsis_direction direction
} docsis
enum rte_security_tls_version ver
enum rte_security_tls_sess_type type
uint32_t ar_win_size
struct {
enum rte_security_tls_version ver
enum rte_security_tls_sess_type type
uint32_t ar_win_size
} tls_record
Detailed Description¶
Security capability definition
Definition at line 1247 of file rte_security.h.
Field Documentation¶
enum rte_security_session_action_type action¶
Security action type
Definition at line 1179 of file rte_security.h.
enum rte_security_session_protocol protocol¶
Security protocol
Definition at line 1179 of file rte_security.h.
enum rte_security_ipsec_sa_protocol proto¶
IPsec SA protocol
Definition at line 1331 of file rte_security.h.
enum rte_security_ipsec_sa_mode mode¶
IPsec SA mode
Definition at line 1331 of file rte_security.h.
enum rte_security_ipsec_sa_direction direction¶
IPsec SA direction
Definition at line 1331 of file rte_security.h.
struct rte_security_ipsec_sa_options options¶
IPsec SA supported options
Definition at line 1331 of file rte_security.h.
uint32_t replay_win_sz_max¶
IPsec Anti Replay Window Size. A '0' value indicates that Anti Replay is not supported.
Definition at line 1262 of file rte_security.h.
struct { ... } ipsec¶
IPsec capability
uint16_t mtu¶
MTU supported for inline TX
Definition at line 1270 of file rte_security.h.
enum rte_security_macsec_alg alg¶
MACsec algorithm to be used
Definition at line 1270 of file rte_security.h.
uint16_t max_nb_sc¶
Maximum number of secure channels supported
Definition at line 1274 of file rte_security.h.
uint16_t max_nb_sa¶
Maximum number of SAs supported
Definition at line 1276 of file rte_security.h.
uint16_t max_nb_sess¶
Maximum number of SAs supported
Definition at line 1278 of file rte_security.h.
uint32_t replay_win_sz¶
MACsec anti replay window size
Definition at line 1280 of file rte_security.h.
uint16_t relative_sectag_insert¶
Support Sectag insertion at relative offset
Definition at line 1282 of file rte_security.h.
uint16_t fixed_sectag_insert¶
Support Sectag insertion at fixed offset
Definition at line 1284 of file rte_security.h.
uint16_t icv_include_da_sa¶
ICV includes source and destination MAC addresses
Definition at line 1286 of file rte_security.h.
uint16_t ctrl_port_enable¶
Control port traffic is supported
Definition at line 1288 of file rte_security.h.
uint16_t preserve_sectag¶
Do not strip SecTAG after processing
Definition at line 1290 of file rte_security.h.
uint16_t preserve_icv¶
Do not strip ICV from the packet after processing
Definition at line 1292 of file rte_security.h.
uint16_t validate_frames¶
Support frame validation as per RTE_SECURITY_MACSEC_VALIDATE_*
Definition at line 1294 of file rte_security.h.
uint16_t re_key¶
support re-keying on SA expiry
Definition at line 1296 of file rte_security.h.
uint16_t anti_replay¶
support anti replay
Definition at line 1298 of file rte_security.h.
uint16_t reserved¶
Reserved bitfields for future capabilities
Definition at line 1300 of file rte_security.h.
struct { ... } macsec¶
MACsec capability
enum rte_security_pdcp_domain domain¶
PDCP mode of operation: Control or data
Definition at line 1300 of file rte_security.h.
uint32_t capa_flags¶
Capability flags, see RTE_SECURITY_PDCP_*
Definition at line 1306 of file rte_security.h.
struct { ... } pdcp¶
PDCP capability
enum rte_security_docsis_direction direction¶
DOCSIS direction
Definition at line 1306 of file rte_security.h.
struct { ... } docsis¶
DOCSIS capability
enum rte_security_tls_version ver¶
TLS record version.
Definition at line 1306 of file rte_security.h.
enum rte_security_tls_sess_type type¶
TLS record session type.
Definition at line 1306 of file rte_security.h.
uint32_t ar_win_size¶
Maximum anti replay window size supported for DTLS 1.2 record read operation. Value of 0 means anti replay check is not supported.
Definition at line 1320 of file rte_security.h.
struct { ... } tls_record¶
TLS record capability
const struct rte_cryptodev_capabilities* crypto_capabilities¶
Corresponding crypto capabilities for security capability
Definition at line 1328 of file rte_security.h.
uint32_t ol_flags¶
Device offload flags
Definition at line 1331 of file rte_security.h.
Author¶
Generated automatically by Doxygen for DPDK from the source code.
Fri Dec 15 2023 | Version 23.11.0 |