bus/pci: use SPDX tags in 6WIND copyrighted files

[dpdk.git] / lib / librte_ether / rte_flow.h

diff --git a/lib/librte_ether/rte_flow.h b/lib/librte_ether/rte_flow.h
index bd8274d..07ec217 100644 (file)
--- a/lib/librte_ether/rte_flow.h
+++ b/lib/librte_ether/rte_flow.h
@@ -344,6 +344,13 @@ enum rte_flow_item_type {
         * See struct rte_flow_item_esp.
         */
        RTE_FLOW_ITEM_TYPE_ESP,
+
+       /**
+        * Matches a GENEVE header.
+        *
+        * See struct rte_flow_item_geneve.
+        */
+       RTE_FLOW_ITEM_TYPE_GENEVE,
 };
 
 /**
@@ -812,6 +819,29 @@ static const struct rte_flow_item_esp rte_flow_item_esp_mask = {
 };
 #endif
 
+/**
+ * RTE_FLOW_ITEM_TYPE_GENEVE.
+ *
+ * Matches a GENEVE header.
+ */
+struct rte_flow_item_geneve {
+       /**
+        * Version (2b), length of the options fields (6b), OAM packet (1b),
+        * critical options present (1b), reserved 0 (6b).
+        */
+       rte_be16_t ver_opt_len_o_c_rsvd0;
+       rte_be16_t protocol; /**< Protocol type. */
+       uint8_t vni[3]; /**< Virtual Network Identifier. */
+       uint8_t rsvd1; /**< Reserved, normally 0x00. */
+};
+
+/** Default mask for RTE_FLOW_ITEM_TYPE_GENEVE. */
+#ifndef __cplusplus
+static const struct rte_flow_item_geneve rte_flow_item_geneve_mask = {
+       .vni = "\xff\xff\xff",
+};
+#endif
+
 /**
  * Matching pattern item definition.
  *
@@ -1001,6 +1031,14 @@ enum rte_flow_action_type {
         * See file rte_mtr.h for MTR object configuration.
         */
        RTE_FLOW_ACTION_TYPE_METER,
+
+       /**
+        * Redirects packets to security engine of current device for security
+        * processing as specified by security session.
+        *
+        * See struct rte_flow_action_security.
+        */
+       RTE_FLOW_ACTION_TYPE_SECURITY
 };
 
 /**
@@ -1107,6 +1145,37 @@ struct rte_flow_action_meter {
        uint32_t mtr_id; /**< MTR object ID created with rte_mtr_create(). */
 };
 
+/**
+ * RTE_FLOW_ACTION_TYPE_SECURITY
+ *
+ * Perform the security action on flows matched by the pattern items
+ * according to the configuration of the security session.
+ *
+ * This action modifies the payload of matched flows. For INLINE_CRYPTO, the
+ * security protocol headers and IV are fully provided by the application as
+ * specified in the flow pattern. The payload of matching packets is
+ * encrypted on egress, and decrypted and authenticated on ingress.
+ * For INLINE_PROTOCOL, the security protocol is fully offloaded to HW,
+ * providing full encapsulation and decapsulation of packets in security
+ * protocols. The flow pattern specifies both the outer security header fields
+ * and the inner packet fields. The security session specified in the action
+ * must match the pattern parameters.
+ *
+ * The security session specified in the action must be created on the same
+ * port as the flow action that is being specified.
+ *
+ * The ingress/egress flow attribute should match that specified in the
+ * security session if the security session supports the definition of the
+ * direction.
+ *
+ * Multiple flows can be configured to use the same security session.
+ *
+ * Non-terminating by default.
+ */
+struct rte_flow_action_security {
+       void *security_session; /**< Pointer to security session structure. */
+};
+
 /**
  * Definition of a single action.
  *
@@ -1198,6 +1267,8 @@ struct rte_flow_error {
  *
  *   -ENOSYS: underlying device does not support this functionality.
  *
+ *   -EIO: underlying device is removed.
+ *
  *   -EINVAL: unknown or invalid rule specification.
  *
  *   -ENOTSUP: valid but unsupported rule specification (e.g. partial