[v2,1/2] security: add anti replay window size
Checks
Commit Message
At present the ipsec xfrom is missing the important step
to configure the anti replay window size.
The newly added field will also help in to enable or disable
the anti replay checking, if available in offload by means
of non-zero or zero value.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
lib/librte_security/Makefile | 2 +-
lib/librte_security/meson.build | 2 +-
lib/librte_security/rte_security.h | 4 ++++
3 files changed, 6 insertions(+), 2 deletions(-)
@@ -7,7 +7,7 @@ include $(RTE_SDK)/mk/rte.vars.mk
LIB = librte_security.a
# library version
-LIBABIVER := 2
+LIBABIVER := 3
# build flags
CFLAGS += -O3
@@ -1,7 +1,7 @@
# SPDX-License-Identifier: BSD-3-Clause
# Copyright(c) 2017-2019 Intel Corporation
-version = 2
+version = 3
sources = files('rte_security.c')
headers = files('rte_security.h', 'rte_security_driver.h')
deps += ['mempool', 'cryptodev']
@@ -212,6 +212,10 @@ struct rte_security_ipsec_xform {
/**< Tunnel parameters, NULL for transport mode */
uint64_t esn_soft_limit;
/**< ESN for which the overflow event need to be raised */
+ uint32_t replay_win_sz;
+ /**< Anti replay window size to enable sequence replay attack handling.
+ * replay checking is disabled if the window size is 0.
+ */
};
/**