| 1 | /* SPDX-License-Identifier: GPL-2.0+ WITH Linux-syscall-note */ |
|---|---|
| 2 | /* |
| 3 | * include/uapi/linux/if_macsec.h - MACsec device |
| 4 | * |
| 5 | * Copyright (c) 2015 Sabrina Dubroca <sd@queasysnail.net> |
| 6 | * |
| 7 | * This program is free software; you can redistribute it and/or modify |
| 8 | * it under the terms of the GNU General Public License as published by |
| 9 | * the Free Software Foundation; either version 2 of the License, or |
| 10 | * (at your option) any later version. |
| 11 | */ |
| 12 | |
| 13 | #ifndef _UAPI_MACSEC_H |
| 14 | #define _UAPI_MACSEC_H |
| 15 | |
| 16 | #include <linux/types.h> |
| 17 | |
| 18 | #define MACSEC_GENL_NAME "macsec" |
| 19 | #define MACSEC_GENL_VERSION 1 |
| 20 | |
| 21 | #define MACSEC_MAX_KEY_LEN 128 |
| 22 | |
| 23 | #define MACSEC_KEYID_LEN 16 |
| 24 | |
| 25 | #define MACSEC_SALT_LEN 12 |
| 26 | |
| 27 | /* cipher IDs as per IEEE802.1AE-2018 (Table 14-1) */ |
| 28 | #define MACSEC_CIPHER_ID_GCM_AES_128 0x0080C20001000001ULL |
| 29 | #define MACSEC_CIPHER_ID_GCM_AES_256 0x0080C20001000002ULL |
| 30 | #define MACSEC_CIPHER_ID_GCM_AES_XPN_128 0x0080C20001000003ULL |
| 31 | #define MACSEC_CIPHER_ID_GCM_AES_XPN_256 0x0080C20001000004ULL |
| 32 | |
| 33 | /* deprecated cipher ID for GCM-AES-128 */ |
| 34 | #define MACSEC_DEFAULT_CIPHER_ID 0x0080020001000001ULL |
| 35 | #define MACSEC_DEFAULT_CIPHER_ALT MACSEC_CIPHER_ID_GCM_AES_128 |
| 36 | |
| 37 | #define MACSEC_MIN_ICV_LEN 8 |
| 38 | #define MACSEC_MAX_ICV_LEN 32 |
| 39 | /* upper limit for ICV length as recommended by IEEE802.1AE-2006 */ |
| 40 | #define MACSEC_STD_ICV_LEN 16 |
| 41 | |
| 42 | enum macsec_attrs { |
| 43 | MACSEC_ATTR_UNSPEC, |
| 44 | MACSEC_ATTR_IFINDEX, /* u32, ifindex of the MACsec netdevice */ |
| 45 | MACSEC_ATTR_RXSC_CONFIG, /* config, nested macsec_rxsc_attrs */ |
| 46 | MACSEC_ATTR_SA_CONFIG, /* config, nested macsec_sa_attrs */ |
| 47 | MACSEC_ATTR_SECY, /* dump, nested macsec_secy_attrs */ |
| 48 | MACSEC_ATTR_TXSA_LIST, /* dump, nested, macsec_sa_attrs for each TXSA */ |
| 49 | MACSEC_ATTR_RXSC_LIST, /* dump, nested, macsec_rxsc_attrs for each RXSC */ |
| 50 | MACSEC_ATTR_TXSC_STATS, /* dump, nested, macsec_txsc_stats_attr */ |
| 51 | MACSEC_ATTR_SECY_STATS, /* dump, nested, macsec_secy_stats_attr */ |
| 52 | MACSEC_ATTR_OFFLOAD, /* config, nested, macsec_offload_attrs */ |
| 53 | __MACSEC_ATTR_END, |
| 54 | NUM_MACSEC_ATTR = __MACSEC_ATTR_END, |
| 55 | MACSEC_ATTR_MAX = __MACSEC_ATTR_END - 1, |
| 56 | }; |
| 57 | |
| 58 | enum macsec_secy_attrs { |
| 59 | MACSEC_SECY_ATTR_UNSPEC, |
| 60 | MACSEC_SECY_ATTR_SCI, |
| 61 | MACSEC_SECY_ATTR_ENCODING_SA, |
| 62 | MACSEC_SECY_ATTR_WINDOW, |
| 63 | MACSEC_SECY_ATTR_CIPHER_SUITE, |
| 64 | MACSEC_SECY_ATTR_ICV_LEN, |
| 65 | MACSEC_SECY_ATTR_PROTECT, |
| 66 | MACSEC_SECY_ATTR_REPLAY, |
| 67 | MACSEC_SECY_ATTR_OPER, |
| 68 | MACSEC_SECY_ATTR_VALIDATE, |
| 69 | MACSEC_SECY_ATTR_ENCRYPT, |
| 70 | MACSEC_SECY_ATTR_INC_SCI, |
| 71 | MACSEC_SECY_ATTR_ES, |
| 72 | MACSEC_SECY_ATTR_SCB, |
| 73 | MACSEC_SECY_ATTR_PAD, |
| 74 | __MACSEC_SECY_ATTR_END, |
| 75 | NUM_MACSEC_SECY_ATTR = __MACSEC_SECY_ATTR_END, |
| 76 | MACSEC_SECY_ATTR_MAX = __MACSEC_SECY_ATTR_END - 1, |
| 77 | }; |
| 78 | |
| 79 | enum macsec_rxsc_attrs { |
| 80 | MACSEC_RXSC_ATTR_UNSPEC, |
| 81 | MACSEC_RXSC_ATTR_SCI, /* config/dump, u64 */ |
| 82 | MACSEC_RXSC_ATTR_ACTIVE, /* config/dump, u8 0..1 */ |
| 83 | MACSEC_RXSC_ATTR_SA_LIST, /* dump, nested */ |
| 84 | MACSEC_RXSC_ATTR_STATS, /* dump, nested, macsec_rxsc_stats_attr */ |
| 85 | MACSEC_RXSC_ATTR_PAD, |
| 86 | __MACSEC_RXSC_ATTR_END, |
| 87 | NUM_MACSEC_RXSC_ATTR = __MACSEC_RXSC_ATTR_END, |
| 88 | MACSEC_RXSC_ATTR_MAX = __MACSEC_RXSC_ATTR_END - 1, |
| 89 | }; |
| 90 | |
| 91 | enum macsec_sa_attrs { |
| 92 | MACSEC_SA_ATTR_UNSPEC, |
| 93 | MACSEC_SA_ATTR_AN, /* config/dump, u8 0..3 */ |
| 94 | MACSEC_SA_ATTR_ACTIVE, /* config/dump, u8 0..1 */ |
| 95 | MACSEC_SA_ATTR_PN, /* config/dump, u32/u64 (u64 if XPN) */ |
| 96 | MACSEC_SA_ATTR_KEY, /* config, data */ |
| 97 | MACSEC_SA_ATTR_KEYID, /* config/dump, 128-bit */ |
| 98 | MACSEC_SA_ATTR_STATS, /* dump, nested, macsec_sa_stats_attr */ |
| 99 | MACSEC_SA_ATTR_PAD, |
| 100 | MACSEC_SA_ATTR_SSCI, /* config/dump, u32 - XPN only */ |
| 101 | MACSEC_SA_ATTR_SALT, /* config, 96-bit - XPN only */ |
| 102 | __MACSEC_SA_ATTR_END, |
| 103 | NUM_MACSEC_SA_ATTR = __MACSEC_SA_ATTR_END, |
| 104 | MACSEC_SA_ATTR_MAX = __MACSEC_SA_ATTR_END - 1, |
| 105 | }; |
| 106 | |
| 107 | enum macsec_offload_attrs { |
| 108 | MACSEC_OFFLOAD_ATTR_UNSPEC, |
| 109 | MACSEC_OFFLOAD_ATTR_TYPE, /* config/dump, u8 0..2 */ |
| 110 | MACSEC_OFFLOAD_ATTR_PAD, |
| 111 | __MACSEC_OFFLOAD_ATTR_END, |
| 112 | NUM_MACSEC_OFFLOAD_ATTR = __MACSEC_OFFLOAD_ATTR_END, |
| 113 | MACSEC_OFFLOAD_ATTR_MAX = __MACSEC_OFFLOAD_ATTR_END - 1, |
| 114 | }; |
| 115 | |
| 116 | enum macsec_nl_commands { |
| 117 | MACSEC_CMD_GET_TXSC, |
| 118 | MACSEC_CMD_ADD_RXSC, |
| 119 | MACSEC_CMD_DEL_RXSC, |
| 120 | MACSEC_CMD_UPD_RXSC, |
| 121 | MACSEC_CMD_ADD_TXSA, |
| 122 | MACSEC_CMD_DEL_TXSA, |
| 123 | MACSEC_CMD_UPD_TXSA, |
| 124 | MACSEC_CMD_ADD_RXSA, |
| 125 | MACSEC_CMD_DEL_RXSA, |
| 126 | MACSEC_CMD_UPD_RXSA, |
| 127 | MACSEC_CMD_UPD_OFFLOAD, |
| 128 | }; |
| 129 | |
| 130 | /* u64 per-RXSC stats */ |
| 131 | enum macsec_rxsc_stats_attr { |
| 132 | MACSEC_RXSC_STATS_ATTR_UNSPEC, |
| 133 | MACSEC_RXSC_STATS_ATTR_IN_OCTETS_VALIDATED, |
| 134 | MACSEC_RXSC_STATS_ATTR_IN_OCTETS_DECRYPTED, |
| 135 | MACSEC_RXSC_STATS_ATTR_IN_PKTS_UNCHECKED, |
| 136 | MACSEC_RXSC_STATS_ATTR_IN_PKTS_DELAYED, |
| 137 | MACSEC_RXSC_STATS_ATTR_IN_PKTS_OK, |
| 138 | MACSEC_RXSC_STATS_ATTR_IN_PKTS_INVALID, |
| 139 | MACSEC_RXSC_STATS_ATTR_IN_PKTS_LATE, |
| 140 | MACSEC_RXSC_STATS_ATTR_IN_PKTS_NOT_VALID, |
| 141 | MACSEC_RXSC_STATS_ATTR_IN_PKTS_NOT_USING_SA, |
| 142 | MACSEC_RXSC_STATS_ATTR_IN_PKTS_UNUSED_SA, |
| 143 | MACSEC_RXSC_STATS_ATTR_PAD, |
| 144 | __MACSEC_RXSC_STATS_ATTR_END, |
| 145 | NUM_MACSEC_RXSC_STATS_ATTR = __MACSEC_RXSC_STATS_ATTR_END, |
| 146 | MACSEC_RXSC_STATS_ATTR_MAX = __MACSEC_RXSC_STATS_ATTR_END - 1, |
| 147 | }; |
| 148 | |
| 149 | /* u32 per-{RX,TX}SA stats */ |
| 150 | enum macsec_sa_stats_attr { |
| 151 | MACSEC_SA_STATS_ATTR_UNSPEC, |
| 152 | MACSEC_SA_STATS_ATTR_IN_PKTS_OK, |
| 153 | MACSEC_SA_STATS_ATTR_IN_PKTS_INVALID, |
| 154 | MACSEC_SA_STATS_ATTR_IN_PKTS_NOT_VALID, |
| 155 | MACSEC_SA_STATS_ATTR_IN_PKTS_NOT_USING_SA, |
| 156 | MACSEC_SA_STATS_ATTR_IN_PKTS_UNUSED_SA, |
| 157 | MACSEC_SA_STATS_ATTR_OUT_PKTS_PROTECTED, |
| 158 | MACSEC_SA_STATS_ATTR_OUT_PKTS_ENCRYPTED, |
| 159 | __MACSEC_SA_STATS_ATTR_END, |
| 160 | NUM_MACSEC_SA_STATS_ATTR = __MACSEC_SA_STATS_ATTR_END, |
| 161 | MACSEC_SA_STATS_ATTR_MAX = __MACSEC_SA_STATS_ATTR_END - 1, |
| 162 | }; |
| 163 | |
| 164 | /* u64 per-TXSC stats */ |
| 165 | enum macsec_txsc_stats_attr { |
| 166 | MACSEC_TXSC_STATS_ATTR_UNSPEC, |
| 167 | MACSEC_TXSC_STATS_ATTR_OUT_PKTS_PROTECTED, |
| 168 | MACSEC_TXSC_STATS_ATTR_OUT_PKTS_ENCRYPTED, |
| 169 | MACSEC_TXSC_STATS_ATTR_OUT_OCTETS_PROTECTED, |
| 170 | MACSEC_TXSC_STATS_ATTR_OUT_OCTETS_ENCRYPTED, |
| 171 | MACSEC_TXSC_STATS_ATTR_PAD, |
| 172 | __MACSEC_TXSC_STATS_ATTR_END, |
| 173 | NUM_MACSEC_TXSC_STATS_ATTR = __MACSEC_TXSC_STATS_ATTR_END, |
| 174 | MACSEC_TXSC_STATS_ATTR_MAX = __MACSEC_TXSC_STATS_ATTR_END - 1, |
| 175 | }; |
| 176 | |
| 177 | /* u64 per-SecY stats */ |
| 178 | enum macsec_secy_stats_attr { |
| 179 | MACSEC_SECY_STATS_ATTR_UNSPEC, |
| 180 | MACSEC_SECY_STATS_ATTR_OUT_PKTS_UNTAGGED, |
| 181 | MACSEC_SECY_STATS_ATTR_IN_PKTS_UNTAGGED, |
| 182 | MACSEC_SECY_STATS_ATTR_OUT_PKTS_TOO_LONG, |
| 183 | MACSEC_SECY_STATS_ATTR_IN_PKTS_NO_TAG, |
| 184 | MACSEC_SECY_STATS_ATTR_IN_PKTS_BAD_TAG, |
| 185 | MACSEC_SECY_STATS_ATTR_IN_PKTS_UNKNOWN_SCI, |
| 186 | MACSEC_SECY_STATS_ATTR_IN_PKTS_NO_SCI, |
| 187 | MACSEC_SECY_STATS_ATTR_IN_PKTS_OVERRUN, |
| 188 | MACSEC_SECY_STATS_ATTR_PAD, |
| 189 | __MACSEC_SECY_STATS_ATTR_END, |
| 190 | NUM_MACSEC_SECY_STATS_ATTR = __MACSEC_SECY_STATS_ATTR_END, |
| 191 | MACSEC_SECY_STATS_ATTR_MAX = __MACSEC_SECY_STATS_ATTR_END - 1, |
| 192 | }; |
| 193 | |
| 194 | #endif /* _UAPI_MACSEC_H */ |
| 195 |
Generated while processing Linux/net/core/dev.c
Generated on 2025-Oct-12 from project Linux revision 6.17.0 (67029a49db6c)
Powered by 
Code Browser 2.1
Generator usage only permitted with license.