Provided by: dpdk-doc_24.11.2-2_all bug

NAME
       rte_ipsec_sa.h


SYNOPSIS
       #include <rte_common.h>
       #include <rte_cryptodev.h>
       #include <rte_security.h>

   Data Structures
       struct rte_ipsec_sa_prm

   Macros
       #define RTE_IPSEC_SAFLAG_SQN_ATOM   (1ULL << 0)

   Enumerations
       enum

   Functions
       uint64_t rte_ipsec_sa_type (const struct rte_ipsec_sa *sa)
       int rte_ipsec_sa_size (const struct rte_ipsec_sa_prm *prm)
       int rte_ipsec_sa_init (struct rte_ipsec_sa *sa, const struct rte_ipsec_sa_prm *prm, uint32_t size)
       void rte_ipsec_sa_fini (struct rte_ipsec_sa *sa)


Detailed Description
       Defines API to manage IPsec Security Association (SA) objects.

       Definition in file rte_ipsec_sa.h.


Macro Definition Documentation
   #define RTE_IPSEC_SAFLAG_SQN_ATOM   (1ULL << 0)
       Indicates that SA will(/will not) need an 'atomic' access to sequence number and replay window. 'atomic'
       here means: functions:

       • rte_ipsec_pkt_crypto_prepare

       • rte_ipsec_pkt_process can be safely used in MT environment, as long as the user can guarantee that they
         obey  multiple  readers/single  writer model for SQN+replay_window operations. To be more specific: for
         outbound SA there are no restrictions. for inbound SA the caller has to guarantee  that  at  any  given
         moment  only  one  thread  is  executing  rte_ipsec_pkt_process()  for given SA. Note that it is caller
         responsibility to maintain correct order of packets to be processed. In other words - it  is  a  caller
         responsibility to serialize process() invocations.

       Definition at line 70 of file rte_ipsec_sa.h.


Enumeration Type Documentation
   anonymous enum
       SA type is an 64-bit value that contain the following information:

       • IP version (IPv4/IPv6)

       • IPsec proto (ESP/AH)

       • inbound/outbound

       • mode (TRANSPORT/TUNNEL)

       • for TUNNEL outer IP version (IPv4/IPv6)

       • are SA SQN operations 'atomic'

       • ESN enabled/disabled

       • NAT-T UDP encapsulated (TUNNEL mode only) ...

       Definition at line 85 of file rte_ipsec_sa.h.


Function Documentation
   uint64_t rte_ipsec_sa_type (const struct rte_ipsec_sa * sa)
       get type of given SA

       Returns
           SA type value.

   int rte_ipsec_sa_size (const struct rte_ipsec_sa_prm * prm)
       Calculate required SA size based on provided input parameters.

       Parameters
           prm Parameters that will be used to initialise SA object.

       Returns

           • Actual size required for SA with given parameters.

           • -EINVAL if the parameters are invalid.

   int rte_ipsec_sa_init (struct rte_ipsec_sa * sa, const struct rte_ipsec_sa_prm * prm, uint32_t size)
       initialise SA based on provided input parameters.

       Parameters
           sa SA object to initialise.
           prm Parameters used to initialise given SA object.
           size size of the provided buffer for SA.

       Returns

           • Actual size of SA object if operation completed successfully.

           • -EINVAL if the parameters are invalid.

           • -ENOSPC if the size of the provided buffer is not big enough.

   void rte_ipsec_sa_fini (struct rte_ipsec_sa * sa)
       cleanup SA

       Parameters
           sa Pointer to SA object to de-initialize.


Author
       Generated automatically by Doxygen for DPDK from the source code.

DPDK                                             Version 24.11.2                               rte_ipsec_sa.h(3)