security: support DOCSIS protocol

[dpdk.git] / lib / librte_security / rte_security.h

diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h
index ef47118..16839e5 100644 (file)
--- a/lib/librte_security/rte_security.h
+++ b/lib/librte_security/rte_security.h
@@ -293,6 +293,28 @@ struct rte_security_pdcp_xform {
        uint32_t hfn_ovrd;
 };
 
+/** DOCSIS direction */
+enum rte_security_docsis_direction {
+       RTE_SECURITY_DOCSIS_UPLINK,
+       /**< Uplink
+        * - Decryption, followed by CRC Verification
+        */
+       RTE_SECURITY_DOCSIS_DOWNLINK,
+       /**< Downlink
+        * - CRC Generation, followed by Encryption
+        */
+};
+
+/**
+ * DOCSIS security session configuration.
+ *
+ * This structure contains data required to create a DOCSIS security session.
+ */
+struct rte_security_docsis_xform {
+       enum rte_security_docsis_direction direction;
+       /**< DOCSIS direction */
+};
+
 /**
  * Security session action type.
  */
@@ -325,6 +347,8 @@ enum rte_security_session_protocol {
        /**< MACSec Protocol */
        RTE_SECURITY_PROTOCOL_PDCP,
        /**< PDCP Protocol */
+       RTE_SECURITY_PROTOCOL_DOCSIS,
+       /**< DOCSIS Protocol */
 };
 
 /**
@@ -340,6 +364,7 @@ struct rte_security_session_conf {
                struct rte_security_ipsec_xform ipsec;
                struct rte_security_macsec_xform macsec;
                struct rte_security_pdcp_xform pdcp;
+               struct rte_security_docsis_xform docsis;
        };
        /**< Configuration parameters for security session */
        struct rte_crypto_sym_xform *crypto_xform;
@@ -378,7 +403,7 @@ rte_security_session_create(struct rte_security_ctx *instance,
  * @param   conf       update configuration parameters
  * @return
  *  - On success returns 0
- *  - On failure return errno
+ *  - On failure returns a negative errno value.
  */
 __rte_experimental
 int
@@ -403,12 +428,14 @@ rte_security_session_get_size(struct rte_security_ctx *instance);
  * return it to its original mempool.
  *
  * @param   instance   security instance
- * @param   sess       security session to freed
+ * @param   sess       security session to be freed
  *
  * @return
  *  - 0 if successful.
- *  - -EINVAL if session is NULL.
+ *  - -EINVAL if session or context instance is NULL.
  *  - -EBUSY if not all device private data has been freed.
+ *  - -ENOTSUP if destroying private data is not supported.
+ *  - other negative values in case of freeing private data errors.
  */
 int
 rte_security_session_destroy(struct rte_security_ctx *instance,
@@ -521,6 +548,10 @@ struct rte_security_pdcp_stats {
        uint64_t reserved;
 };
 
+struct rte_security_docsis_stats {
+       uint64_t reserved;
+};
+
 struct rte_security_stats {
        enum rte_security_session_protocol protocol;
        /**< Security protocol to be configured */
@@ -530,6 +561,7 @@ struct rte_security_stats {
                struct rte_security_macsec_stats macsec;
                struct rte_security_ipsec_stats ipsec;
                struct rte_security_pdcp_stats pdcp;
+               struct rte_security_docsis_stats docsis;
        };
 };
 
@@ -589,6 +621,11 @@ struct rte_security_capability {
                        /**< Capability flags, see RTE_SECURITY_PDCP_* */
                } pdcp;
                /**< PDCP capability */
+               struct {
+                       enum rte_security_docsis_direction direction;
+                       /**< DOCSIS direction */
+               } docsis;
+               /**< DOCSIS capability */
        };
 
        const struct rte_cryptodev_capabilities *crypto_capabilities;
@@ -647,6 +684,9 @@ struct rte_security_capability_idx {
                        enum rte_security_pdcp_domain domain;
                        uint32_t capa_flags;
                } pdcp;
+               struct {
+                       enum rte_security_docsis_direction direction;
+               } docsis;
        };
 };