Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/include/net/macsec.h 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) /* SPDX-License-Identifier: GPL-2.0+ */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3)  * MACsec netdev header, used for h/w accelerated implementations.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5)  * Copyright (c) 2015 Sabrina Dubroca <sd@queasysnail.net>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7) #ifndef _NET_MACSEC_H_
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8) #define _NET_MACSEC_H_
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10) #include <linux/u64_stats_sync.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11) #include <uapi/linux/if_link.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12) #include <uapi/linux/if_macsec.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14) #define MACSEC_DEFAULT_PN_LEN 4
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15) #define MACSEC_XPN_PN_LEN 8
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17) #define MACSEC_SALT_LEN 12
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18) #define MACSEC_NUM_AN 4 /* 2 bits for the association number */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20) typedef u64 __bitwise sci_t;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21) typedef u32 __bitwise ssci_t;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23) typedef union salt {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24) 	struct {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25) 		u32 ssci;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26) 		u64 pn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27) 	} __packed;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28) 	u8 bytes[MACSEC_SALT_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) } __packed salt_t;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31) typedef union pn {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32) 	struct {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33) #if defined(__LITTLE_ENDIAN_BITFIELD)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34) 		u32 lower;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35) 		u32 upper;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36) #elif defined(__BIG_ENDIAN_BITFIELD)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37) 		u32 upper;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38) 		u32 lower;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39) #else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40) #error	"Please fix <asm/byteorder.h>"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42) 	};
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43) 	u64 full64;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44) } pn_t;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47)  * struct macsec_key - SA key
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48)  * @id: user-provided key identifier
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49)  * @tfm: crypto struct, key storage
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50)  * @salt: salt used to generate IV in XPN cipher suites
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52) struct macsec_key {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53) 	u8 id[MACSEC_KEYID_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54) 	struct crypto_aead *tfm;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55) 	salt_t salt;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58) struct macsec_rx_sc_stats {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59) 	__u64 InOctetsValidated;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60) 	__u64 InOctetsDecrypted;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61) 	__u64 InPktsUnchecked;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62) 	__u64 InPktsDelayed;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63) 	__u64 InPktsOK;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64) 	__u64 InPktsInvalid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65) 	__u64 InPktsLate;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66) 	__u64 InPktsNotValid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67) 	__u64 InPktsNotUsingSA;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68) 	__u64 InPktsUnusedSA;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) struct macsec_rx_sa_stats {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) 	__u32 InPktsOK;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) 	__u32 InPktsInvalid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) 	__u32 InPktsNotValid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) 	__u32 InPktsNotUsingSA;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76) 	__u32 InPktsUnusedSA;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79) struct macsec_tx_sa_stats {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80) 	__u32 OutPktsProtected;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81) 	__u32 OutPktsEncrypted;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84) struct macsec_tx_sc_stats {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85) 	__u64 OutPktsProtected;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86) 	__u64 OutPktsEncrypted;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87) 	__u64 OutOctetsProtected;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88) 	__u64 OutOctetsEncrypted;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91) struct macsec_dev_stats {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92) 	__u64 OutPktsUntagged;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93) 	__u64 InPktsUntagged;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94) 	__u64 OutPktsTooLong;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95) 	__u64 InPktsNoTag;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96) 	__u64 InPktsBadTag;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97) 	__u64 InPktsUnknownSCI;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98) 	__u64 InPktsNoSCI;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99) 	__u64 InPktsOverrun;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103)  * struct macsec_rx_sa - receive secure association
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104)  * @active:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105)  * @next_pn: packet number expected for the next packet
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106)  * @lock: protects next_pn manipulations
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107)  * @key: key structure
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108)  * @ssci: short secure channel identifier
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109)  * @stats: per-SA stats
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) struct macsec_rx_sa {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) 	struct macsec_key key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) 	ssci_t ssci;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) 	spinlock_t lock;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) 	union {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) 		pn_t next_pn_halves;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) 		u64 next_pn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) 	};
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) 	refcount_t refcnt;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) 	bool active;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) 	struct macsec_rx_sa_stats __percpu *stats;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) 	struct macsec_rx_sc *sc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) 	struct rcu_head rcu;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) struct pcpu_rx_sc_stats {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) 	struct macsec_rx_sc_stats stats;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) 	struct u64_stats_sync syncp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) struct pcpu_tx_sc_stats {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) 	struct macsec_tx_sc_stats stats;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) 	struct u64_stats_sync syncp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137)  * struct macsec_rx_sc - receive secure channel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138)  * @sci: secure channel identifier for this SC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139)  * @active: channel is active
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140)  * @sa: array of secure associations
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141)  * @stats: per-SC stats
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) struct macsec_rx_sc {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) 	struct macsec_rx_sc __rcu *next;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) 	sci_t sci;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) 	bool active;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) 	struct macsec_rx_sa __rcu *sa[MACSEC_NUM_AN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) 	struct pcpu_rx_sc_stats __percpu *stats;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) 	refcount_t refcnt;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) 	struct rcu_head rcu_head;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154)  * struct macsec_tx_sa - transmit secure association
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155)  * @active:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156)  * @next_pn: packet number to use for the next packet
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157)  * @lock: protects next_pn manipulations
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158)  * @key: key structure
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159)  * @ssci: short secure channel identifier
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160)  * @stats: per-SA stats
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) struct macsec_tx_sa {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) 	struct macsec_key key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) 	ssci_t ssci;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) 	spinlock_t lock;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) 	union {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) 		pn_t next_pn_halves;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) 		u64 next_pn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) 	};
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) 	refcount_t refcnt;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) 	bool active;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) 	struct macsec_tx_sa_stats __percpu *stats;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) 	struct rcu_head rcu;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177)  * struct macsec_tx_sc - transmit secure channel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178)  * @active:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179)  * @encoding_sa: association number of the SA currently in use
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180)  * @encrypt: encrypt packets on transmit, or authenticate only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181)  * @send_sci: always include the SCI in the SecTAG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182)  * @end_station:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183)  * @scb: single copy broadcast flag
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184)  * @sa: array of secure associations
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185)  * @stats: stats for this TXSC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) struct macsec_tx_sc {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) 	bool active;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) 	u8 encoding_sa;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) 	bool encrypt;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) 	bool send_sci;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) 	bool end_station;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) 	bool scb;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) 	struct macsec_tx_sa __rcu *sa[MACSEC_NUM_AN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) 	struct pcpu_tx_sc_stats __percpu *stats;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199)  * struct macsec_secy - MACsec Security Entity
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200)  * @netdev: netdevice for this SecY
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201)  * @n_rx_sc: number of receive secure channels configured on this SecY
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202)  * @sci: secure channel identifier used for tx
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203)  * @key_len: length of keys used by the cipher suite
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204)  * @icv_len: length of ICV used by the cipher suite
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205)  * @validate_frames: validation mode
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206)  * @xpn: enable XPN for this SecY
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207)  * @operational: MAC_Operational flag
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208)  * @protect_frames: enable protection for this SecY
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209)  * @replay_protect: enable packet number checks on receive
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210)  * @replay_window: size of the replay window
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211)  * @tx_sc: transmit secure channel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212)  * @rx_sc: linked list of receive secure channels
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) struct macsec_secy {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) 	struct net_device *netdev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) 	unsigned int n_rx_sc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) 	sci_t sci;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218) 	u16 key_len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) 	u16 icv_len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220) 	enum macsec_validation_type validate_frames;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) 	bool xpn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222) 	bool operational;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) 	bool protect_frames;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) 	bool replay_protect;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) 	u32 replay_window;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) 	struct macsec_tx_sc tx_sc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) 	struct macsec_rx_sc __rcu *rx_sc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231)  * struct macsec_context - MACsec context for hardware offloading
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) struct macsec_context {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234) 	union {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) 		struct net_device *netdev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) 		struct phy_device *phydev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237) 	};
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) 	enum macsec_offload offload;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240) 	struct macsec_secy *secy;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) 	struct macsec_rx_sc *rx_sc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242) 	struct {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243) 		unsigned char assoc_num;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244) 		u8 key[MACSEC_MAX_KEY_LEN];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245) 		union {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246) 			struct macsec_rx_sa *rx_sa;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247) 			struct macsec_tx_sa *tx_sa;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248) 		};
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249) 	} sa;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250) 	union {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) 		struct macsec_tx_sc_stats *tx_sc_stats;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252) 		struct macsec_tx_sa_stats *tx_sa_stats;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253) 		struct macsec_rx_sc_stats *rx_sc_stats;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 254) 		struct macsec_rx_sa_stats *rx_sa_stats;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 255) 		struct macsec_dev_stats  *dev_stats;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 256) 	} stats;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 257) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 258) 	u8 prepare:1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 259) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 260) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 261) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 262)  * struct macsec_ops - MACsec offloading operations
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 263)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 264) struct macsec_ops {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 265) 	/* Device wide */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 266) 	int (*mdo_dev_open)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 267) 	int (*mdo_dev_stop)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 268) 	/* SecY */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 269) 	int (*mdo_add_secy)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 270) 	int (*mdo_upd_secy)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 271) 	int (*mdo_del_secy)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 272) 	/* Security channels */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 273) 	int (*mdo_add_rxsc)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 274) 	int (*mdo_upd_rxsc)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 275) 	int (*mdo_del_rxsc)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 276) 	/* Security associations */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 277) 	int (*mdo_add_rxsa)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 278) 	int (*mdo_upd_rxsa)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 279) 	int (*mdo_del_rxsa)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 280) 	int (*mdo_add_txsa)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 281) 	int (*mdo_upd_txsa)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 282) 	int (*mdo_del_txsa)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 283) 	/* Statistics */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 284) 	int (*mdo_get_dev_stats)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 285) 	int (*mdo_get_tx_sc_stats)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 286) 	int (*mdo_get_tx_sa_stats)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 287) 	int (*mdo_get_rx_sc_stats)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 288) 	int (*mdo_get_rx_sa_stats)(struct macsec_context *ctx);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 289) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 290) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 291) void macsec_pn_wrapped(struct macsec_secy *secy, struct macsec_tx_sa *tx_sa);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 292) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 293) #endif /* _NET_MACSEC_H_ */
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.