Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux/Documentation/netlink/specs/psp.yaml

283 lines
6.9 KiB
YAML
Raw Blame History

# SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause)
---
name: psp
doc:
PSP Security Protocol Generic Netlink family.
definitions:
-
type: enum
name: version
entries: [hdr0-aes-gcm-128, hdr0-aes-gcm-256,
hdr0-aes-gmac-128, hdr0-aes-gmac-256]
attribute-sets:
-
name: dev
attributes:
-
name: id
doc: PSP device ID.
type: u32
checks:
min: 1
-
name: ifindex
doc: ifindex of the main netdevice linked to the PSP device.
type: u32
-
name: psp-versions-cap
doc: Bitmask of PSP versions supported by the device.
type: u32
enum: version
enum-as-flags: true
-
name: psp-versions-ena
doc: Bitmask of currently enabled (accepted on Rx) PSP versions.
type: u32
enum: version
enum-as-flags: true
-
name: assoc
attributes:
-
name: dev-id
doc: PSP device ID.
type: u32
checks:
min: 1
-
name: version
doc: |
PSP versions (AEAD and protocol version) used by this association,
dictates the size of the key.
type: u32
enum: version
-
name: rx-key
type: nest
nested-attributes: keys
-
name: tx-key
type: nest
nested-attributes: keys
-
name: sock-fd
doc: Sockets which should be bound to the association immediately.
type: u32
-
name: keys
attributes:
-
name: key
type: binary
-
name: spi
doc: Security Parameters Index (SPI) of the association.
type: u32
-
name: stats
attributes:
-
name: dev-id
doc: PSP device ID.
type: u32
checks:
min: 1
-
name: key-rotations
type: uint
doc: |
Number of key rotations during the lifetime of the device.
Kernel statistic.
-
name: stale-events
type: uint
doc: |
Number of times a socket's Rx got shut down due to using
a key which went stale (fully rotated out).
Kernel statistic.
-
name: rx-packets
type: uint
doc: |
Number of successfully processed and authenticated PSP packets.
Device statistic (from the PSP spec).
-
name: rx-bytes
type: uint
doc: |
Number of successfully authenticated PSP bytes received, counting from
the first byte after the IV through the last byte of payload.
The fixed initial portion of the PSP header (16 bytes)
and the PSP trailer/ICV (16 bytes) are not included in this count.
Device statistic (from the PSP spec).
-
name: rx-auth-fail
type: uint
doc: |
Number of received PSP packets with unsuccessful authentication.
Device statistic (from the PSP spec).
-
name: rx-error
type: uint
doc: |
Number of received PSP packets with length/framing errors.
Device statistic (from the PSP spec).
-
name: rx-bad
type: uint
doc: |
Number of received PSP packets with miscellaneous errors
(invalid master key indicated by SPI, unsupported version, etc.)
Device statistic (from the PSP spec).
-
name: tx-packets
type: uint
doc: |
Number of successfully processed PSP packets for transmission.
Device statistic (from the PSP spec).
-
name: tx-bytes
type: uint
doc: |
Number of successfully processed PSP bytes for transmit, counting from
the first byte after the IV through the last byte of payload.
The fixed initial portion of the PSP header (16 bytes)
and the PSP trailer/ICV (16 bytes) are not included in this count.
Device statistic (from the PSP spec).
-
name: tx-error
type: uint
doc: |
Number of PSP packets for transmission with errors.
Device statistic (from the PSP spec).
operations:
list:
-
name: dev-get
doc: Get / dump information about PSP capable devices on the system.
attribute-set: dev
do:
request:
attributes:
- id
reply: &dev-all
attributes:
- id
- ifindex
- psp-versions-cap
- psp-versions-ena
pre: psp-device-get-locked
post: psp-device-unlock
dump:
reply: *dev-all
-
name: dev-add-ntf
doc: Notification about device appearing.
notify: dev-get
mcgrp: mgmt
-
name: dev-del-ntf
doc: Notification about device disappearing.
notify: dev-get
mcgrp: mgmt
-
name: dev-set
doc: Set the configuration of a PSP device.
attribute-set: dev
do:
request:
attributes:
- id
- psp-versions-ena
reply:
attributes: []
pre: psp-device-get-locked
post: psp-device-unlock
-
name: dev-change-ntf
doc: Notification about device configuration being changed.
notify: dev-get
mcgrp: mgmt
-
name: key-rotate
doc: Rotate the device key.
attribute-set: dev
do:
request:
attributes:
- id
reply:
attributes:
- id
pre: psp-device-get-locked
post: psp-device-unlock
-
name: key-rotate-ntf
doc: Notification about device key getting rotated.
notify: key-rotate
mcgrp: use
-
name: rx-assoc
doc: Allocate a new Rx key + SPI pair, associate it with a socket.
attribute-set: assoc
do:
request:
attributes:
- dev-id
- version
- sock-fd
reply:
attributes:
- dev-id
- rx-key
pre: psp-assoc-device-get-locked
post: psp-device-unlock
-
name: tx-assoc
doc: Add a PSP Tx association.
attribute-set: assoc
do:
request:
attributes:
- dev-id
- version
- tx-key
- sock-fd
reply:
attributes: []
pre: psp-assoc-device-get-locked
post: psp-device-unlock
-
name: get-stats
doc: Get device statistics.
attribute-set: stats
do:
request:
attributes:
- dev-id
reply: &stats-all
attributes:
- dev-id
- key-rotations
- stale-events
pre: psp-device-get-locked
post: psp-device-unlock
dump:
reply: *stats-all
mcast-groups:
list:
-
name: mgmt
-
name: use
...
Reference in New Issue View Git Blame Copy Permalink