@@ -604,8 +604,8 @@ typedef enum odp_ipsec_ip_version_t {
* IPSEC Security Association (SA) parameters
*/
typedef struct odp_ipsec_sa_param_t {
- /** IPSEC SA direction: inbound or outbound */
- odp_ipsec_dir_t dir;
+ /** SPI value */
+ uint32_t spi;
/** IPSEC protocol: ESP or AH */
odp_ipsec_protocol_t proto;
@@ -616,51 +616,12 @@ typedef struct odp_ipsec_sa_param_t {
/** Parameters for crypto and authentication algorithms */
odp_ipsec_crypto_param_t crypto;
- /** Parameters for tunnel mode */
- odp_ipsec_tunnel_param_t tunnel;
-
- /** Fragmentation mode */
- odp_ipsec_frag_mode_t frag_mode;
-
- /** Various SA option flags */
- odp_ipsec_sa_opt_t opt;
-
/** SA lifetime parameters */
odp_ipsec_lifetime_t lifetime;
- /** SA lookup mode */
- odp_ipsec_lookup_mode_t lookup_mode;
-
- /** Minimum anti-replay window size. Use 0 to disable anti-replay
- * service. */
- uint32_t antireplay_ws;
-
/** Initial sequence number */
uint64_t seq;
- /** SPI value */
- uint32_t spi;
-
- /** Additional inbound SA lookup parameters. Values are considered
- * only in ODP_IPSEC_LOOKUP_DSTADDR_SPI lookup mode. */
- struct {
- /** Select IP version
- */
- odp_ipsec_ip_version_t ip_version;
-
- /** IP destination address (NETWORK ENDIAN) */
- void *dst_addr;
-
- } lookup_param;
-
- /** MTU for outbound IP fragmentation offload
- *
- * This is the maximum length of IP packets that outbound IPSEC
- * operations may produce. The value may be updated later with
- * odp_ipsec_mtu_update().
- */
- uint32_t mtu;
-
/** Select pipelined destination for resulting events
*
* Asynchronous and inline modes generate events. Select where
@@ -677,16 +638,67 @@ typedef struct odp_ipsec_sa_param_t {
*/
odp_queue_t dest_queue;
- /** Classifier destination CoS for resulting packets
- *
- * Successfully decapsulated packets are sent to classification
- * through this CoS. Other resulting events are sent to 'dest_queue'.
- * This field is considered only when 'pipeline' is
- * ODP_IPSEC_PIPELINE_CLS. The CoS must not be shared between any pktio
- * interface default CoS. The maximum number of different CoS supported
- * is defined by IPSEC capability max_cls_cos.
- */
- odp_cos_t dest_cos;
+ /** IPSEC SA direction: inbound or outbound */
+ odp_ipsec_dir_t dir;
+
+ /** IPSEC SA direction dependent parameters */
+ union {
+ /** Inbound specific parameters */
+ struct {
+ /** SA lookup mode */
+ odp_ipsec_lookup_mode_t lookup_mode;
+
+ /** Additional inbound SA lookup parameters. Values are
+ * considered only in ODP_IPSEC_LOOKUP_DSTADDR_SPI
+ * lookup mode. */
+ struct {
+ /** Select IP version
+ */
+ odp_ipsec_ip_version_t ip_version;
+
+ /** IP destination address (NETWORK ENDIAN) */
+ void *dst_addr;
+
+ } lookup_param;
+
+ /** Minimum anti-replay window size. Use 0 to disable
+ * anti-replay service. */
+ uint32_t antireplay_ws;
+
+ /** Classifier destination CoS for resulting packets
+ *
+ * Successfully decapsulated packets are sent to
+ * classification through this CoS. Other resulting
+ * events are sent to 'dest_queue'.
+ * This field is considered only when 'pipeline' is
+ * ODP_IPSEC_PIPELINE_CLS. The CoS must not be shared
+ * between any pktio interface default CoS. The maximum
+ * number of different CoS supported is defined by
+ * IPSEC capability max_cls_cos.
+ */
+ odp_cos_t dest_cos;
+ };
+
+ /** Outbound specific parameters */
+ struct {
+ /** Parameters for tunnel mode */
+ odp_ipsec_tunnel_param_t tunnel;
+
+ /** MTU for outbound IP fragmentation offload
+ *
+ * This is the maximum length of IP packets that
+ * outbound IPSEC operations may produce. The value may
+ * be updated later with odp_ipsec_mtu_update().
+ */
+ uint32_t mtu;
+
+ /** Fragmentation mode */
+ odp_ipsec_frag_mode_t frag_mode;
+ };
+ };
+
+ /** Various SA option flags */
+ odp_ipsec_sa_opt_t opt;
/** User defined SA context pointer
*
Signed-off-by: Bogdan Pricope <bogdan.pricope@linaro.org> --- include/odp/api/spec/ipsec.h | 114 ++++++++++++++++++++++++------------------- 1 file changed, 63 insertions(+), 51 deletions(-) -- 1.9.1