#include <rte_crypto_sym.h>
#include <rte_security.h>
+/* Macros for anti replay and ESN */
+#define OTX2_IPSEC_MAX_REPLAY_WIN_SZ 1024
+
+struct otx2_ipsec_fp_res_hdr {
+ uint32_t spi;
+ uint32_t seq_no_lo;
+ uint32_t seq_no_hi;
+ uint32_t rsvd;
+};
+
enum {
OTX2_IPSEC_FP_SA_DIRECTION_INBOUND = 0,
OTX2_IPSEC_FP_SA_DIRECTION_OUTBOUND = 1,
uint8_t hmac_key[48];
};
+struct otx2_ipsec_replay {
+ rte_spinlock_t lock;
+ uint32_t winb;
+ uint32_t wint;
+ uint64_t base; /**< base of the anti-replay window */
+ uint64_t window[17]; /**< anti-replay window */
+};
+
struct otx2_ipsec_fp_in_sa {
/* w0 */
struct otx2_ipsec_fp_sa_ctl ctl;
uint32_t unused;
/* w2 */
- uint32_t esn_low;
uint32_t esn_hi;
+ uint32_t esn_low;
/* w3-w6 */
uint8_t cipher_key[32];
void *userdata;
uint64_t udata64;
};
+ union {
+ struct otx2_ipsec_replay *replay;
+ uint64_t replay64;
+ };
+ uint32_t replay_win_sz;
- uint64_t reserved1;
- uint64_t reserved2;
+ uint32_t reserved1;
};
static inline int
ctl->esn_en = 1;
ctl->spi = rte_cpu_to_be_32(ipsec->spi);
- ctl->valid = 1;
return 0;
}