rte_ipsec_sa.h - Man Page
Synopsis
#include <rte_common.h>
#include <rte_cryptodev.h>
#include <rte_security.h>
Data Structures
struct rte_ipsec_sa_prm
Macros
#define RTE_IPSEC_SAFLAG_SQN_ATOM (1ULL << 0)
Enumerations
enum
Functions
uint64_t rte_ipsec_sa_type (const struct rte_ipsec_sa *sa)
int rte_ipsec_sa_size (const struct rte_ipsec_sa_prm *prm)
int rte_ipsec_sa_init (struct rte_ipsec_sa *sa, const struct rte_ipsec_sa_prm *prm, uint32_t size)
void rte_ipsec_sa_fini (struct rte_ipsec_sa *sa)
Detailed Description
Defines API to manage IPsec Security Association (SA) objects.
Definition in file rte_ipsec_sa.h.
Macro Definition Documentation
#define RTE_IPSEC_SAFLAG_SQN_ATOM (1ULL << 0)
Indicates that SA will(/will not) need an 'atomic' access to sequence number and replay window. 'atomic' here means: functions:
- rte_ipsec_pkt_crypto_prepare
- rte_ipsec_pkt_process can be safely used in MT environment, as long as the user can guarantee that they obey multiple readers/single writer model for SQN+replay_window operations. To be more specific: for outbound SA there are no restrictions. for inbound SA the caller has to guarantee that at any given moment only one thread is executing rte_ipsec_pkt_process() for given SA. Note that it is caller responsibility to maintain correct order of packets to be processed. In other words - it is a caller responsibility to serialize process() invocations.
Definition at line 70 of file rte_ipsec_sa.h.
Enumeration Type Documentation
anonymous enum
SA type is an 64-bit value that contain the following information:
- IP version (IPv4/IPv6)
- IPsec proto (ESP/AH)
- inbound/outbound
- mode (TRANSPORT/TUNNEL)
- for TUNNEL outer IP version (IPv4/IPv6)
- are SA SQN operations 'atomic'
- ESN enabled/disabled
- NAT-T UDP encapsulated (TUNNEL mode only) ...
Definition at line 85 of file rte_ipsec_sa.h.
Function Documentation
uint64_t rte_ipsec_sa_type (const struct rte_ipsec_sa * sa)
get type of given SA
- Returns
SA type value.
int rte_ipsec_sa_size (const struct rte_ipsec_sa_prm * prm)
Calculate required SA size based on provided input parameters.
- Parameters
prm Parameters that will be used to initialise SA object.
- Returns
- Actual size required for SA with given parameters.
- -EINVAL if the parameters are invalid.
int rte_ipsec_sa_init (struct rte_ipsec_sa * sa, const struct rte_ipsec_sa_prm * prm, uint32_t size)
initialise SA based on provided input parameters.
- Parameters
sa SA object to initialise.
prm Parameters used to initialise given SA object.
size size of the provided buffer for SA.- Returns
- Actual size of SA object if operation completed successfully.
- -EINVAL if the parameters are invalid.
- -ENOSPC if the size of the provided buffer is not big enough.
void rte_ipsec_sa_fini (struct rte_ipsec_sa * sa)
cleanup SA
- Parameters
sa Pointer to SA object to de-initialize.
Author
Generated automatically by Doxygen for DPDK from the source code.
Referenced By
The man pages rte_ipsec_sa_fini(3), RTE_IPSEC_SAFLAG_SQN_ATOM(3), rte_ipsec_sa_init(3), rte_ipsec_sa_size(3) and rte_ipsec_sa_type(3) are aliases of rte_ipsec_sa.h(3).