Scroll to navigation

rte_security_macsec_xform(3) DPDK rte_security_macsec_xform(3)

NAME

rte_security_macsec_xform

SYNOPSIS

#include <rte_security.h>

Data Fields


enum rte_security_macsec_direction dir
enum rte_security_macsec_alg alg
uint8_t cipher_off
uint64_t sci
uint16_t sc_id
uint16_t mtu
uint8_t sectag_off
uint16_t protect_frames: 1
uint16_t sectag_insert_mode: 1
uint16_t icv_include_da_sa: 1
uint16_t ctrl_port_enable: 1
uint16_t sectag_version: 1
uint16_t end_station: 1
uint16_t send_sci: 1
uint16_t scb: 1
uint16_t encrypt: 1
uint16_t reserved: 7
uint32_t replay_win_sz
uint16_t validate_frames: 2
uint16_t preserve_sectag: 1
uint16_t preserve_icv: 1
uint16_t replay_protect: 1

Detailed Description

MACsec security session configuration

Definition at line 429 of file rte_security.h.

Field Documentation

enum rte_security_macsec_direction dir

Direction of flow/secure channel

Definition at line 402 of file rte_security.h.

enum rte_security_macsec_alg alg

MACsec algorithm to be used

Definition at line 402 of file rte_security.h.

uint8_t cipher_off

Cipher offset from start of Ethernet header

Definition at line 435 of file rte_security.h.

uint64_t sci

SCI to be used for RX flow identification or to set SCI in packet for TX when send_sci is set

Definition at line 440 of file rte_security.h.

uint16_t sc_id

Receive/transmit secure channel ID created by rte_security_macsec_sc_create

Definition at line 442 of file rte_security.h.

uint16_t mtu

MTU for transmit frame (valid for inline processing)

Definition at line 446 of file rte_security.h.

uint8_t sectag_off

Offset to insert sectag from start of ethernet header or from a matching VLAN tag

Definition at line 451 of file rte_security.h.

uint16_t protect_frames

Enable MACsec protection of frames

Definition at line 453 of file rte_security.h.

uint16_t sectag_insert_mode

Sectag insertion mode If 1, Sectag is inserted at fixed sectag_off set above. If 0, Sectag is inserted at relative sectag_off from a matching VLAN tag set.

Definition at line 460 of file rte_security.h.

uint16_t icv_include_da_sa

ICV includes source and destination MAC addresses

Definition at line 462 of file rte_security.h.

uint16_t ctrl_port_enable

Control port is enabled

Definition at line 464 of file rte_security.h.

uint16_t sectag_version

Version of MACsec header. Should be 0

Definition at line 466 of file rte_security.h.

uint16_t end_station

Enable end station. SCI is not valid

Definition at line 468 of file rte_security.h.

uint16_t send_sci

Send SCI along with sectag

Definition at line 470 of file rte_security.h.

uint16_t scb

enable secure channel support EPON - single copy broadcast

Definition at line 472 of file rte_security.h.

uint16_t encrypt

Enable packet encryption and set RTE_MACSEC_TCI_C and RTE_MACSEC_TCI_E in sectag

Definition at line 477 of file rte_security.h.

uint16_t reserved

Reserved bitfields for future

Definition at line 479 of file rte_security.h.

uint32_t replay_win_sz

Replay Window size to be supported

Definition at line 483 of file rte_security.h.

uint16_t validate_frames

Set bits as per RTE_SECURITY_MACSEC_VALIDATE_*

Definition at line 485 of file rte_security.h.

uint16_t preserve_sectag

Do not strip SecTAG after processing

Definition at line 491 of file rte_security.h.

uint16_t preserve_icv

Do not strip ICV from the packet after processing

Definition at line 493 of file rte_security.h.

uint16_t replay_protect

Enable anti-replay protection

Definition at line 495 of file rte_security.h.

Author

Generated automatically by Doxygen for DPDK from the source code.

Fri Dec 15 2023 Version 23.11.0