tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
1# SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause)
2---
3name: psp
4
5doc:
6 PSP Security Protocol Generic Netlink family.
7
8definitions:
9 -
10 type: enum
11 name: version
12 entries: [hdr0-aes-gcm-128, hdr0-aes-gcm-256,
13 hdr0-aes-gmac-128, hdr0-aes-gmac-256]
14
15attribute-sets:
16 -
17 name: dev
18 attributes:
19 -
20 name: id
21 doc: PSP device ID.
22 type: u32
23 checks:
24 min: 1
25 -
26 name: ifindex
27 doc: ifindex of the main netdevice linked to the PSP device.
28 type: u32
29 -
30 name: psp-versions-cap
31 doc: Bitmask of PSP versions supported by the device.
32 type: u32
33 enum: version
34 enum-as-flags: true
35 -
36 name: psp-versions-ena
37 doc: Bitmask of currently enabled (accepted on Rx) PSP versions.
38 type: u32
39 enum: version
40 enum-as-flags: true
41 -
42 name: assoc
43 attributes:
44 -
45 name: dev-id
46 doc: PSP device ID.
47 type: u32
48 checks:
49 min: 1
50 -
51 name: version
52 doc: |
53 PSP versions (AEAD and protocol version) used by this association,
54 dictates the size of the key.
55 type: u32
56 enum: version
57 -
58 name: rx-key
59 type: nest
60 nested-attributes: keys
61 -
62 name: tx-key
63 type: nest
64 nested-attributes: keys
65 -
66 name: sock-fd
67 doc: Sockets which should be bound to the association immediately.
68 type: u32
69 -
70 name: keys
71 attributes:
72 -
73 name: key
74 type: binary
75 -
76 name: spi
77 doc: Security Parameters Index (SPI) of the association.
78 type: u32
79 -
80 name: stats
81 attributes:
82 -
83 name: dev-id
84 doc: PSP device ID.
85 type: u32
86 checks:
87 min: 1
88 -
89 name: key-rotations
90 type: uint
91 doc: |
92 Number of key rotations during the lifetime of the device.
93 Kernel statistic.
94 -
95 name: stale-events
96 type: uint
97 doc: |
98 Number of times a socket's Rx got shut down due to using
99 a key which went stale (fully rotated out).
100 Kernel statistic.
101 -
102 name: rx-packets
103 type: uint
104 doc: |
105 Number of successfully processed and authenticated PSP packets.
106 Device statistic (from the PSP spec).
107 -
108 name: rx-bytes
109 type: uint
110 doc: |
111 Number of successfully authenticated PSP bytes received, counting from
112 the first byte after the IV through the last byte of payload.
113 The fixed initial portion of the PSP header (16 bytes)
114 and the PSP trailer/ICV (16 bytes) are not included in this count.
115 Device statistic (from the PSP spec).
116 -
117 name: rx-auth-fail
118 type: uint
119 doc: |
120 Number of received PSP packets with unsuccessful authentication.
121 Device statistic (from the PSP spec).
122 -
123 name: rx-error
124 type: uint
125 doc: |
126 Number of received PSP packets with length/framing errors.
127 Device statistic (from the PSP spec).
128 -
129 name: rx-bad
130 type: uint
131 doc: |
132 Number of received PSP packets with miscellaneous errors
133 (invalid master key indicated by SPI, unsupported version, etc.)
134 Device statistic (from the PSP spec).
135 -
136 name: tx-packets
137 type: uint
138 doc: |
139 Number of successfully processed PSP packets for transmission.
140 Device statistic (from the PSP spec).
141 -
142 name: tx-bytes
143 type: uint
144 doc: |
145 Number of successfully processed PSP bytes for transmit, counting from
146 the first byte after the IV through the last byte of payload.
147 The fixed initial portion of the PSP header (16 bytes)
148 and the PSP trailer/ICV (16 bytes) are not included in this count.
149 Device statistic (from the PSP spec).
150 -
151 name: tx-error
152 type: uint
153 doc: |
154 Number of PSP packets for transmission with errors.
155 Device statistic (from the PSP spec).
156
157operations:
158 list:
159 -
160 name: dev-get
161 doc: Get / dump information about PSP capable devices on the system.
162 attribute-set: dev
163 do:
164 request:
165 attributes:
166 - id
167 reply: &dev-all
168 attributes:
169 - id
170 - ifindex
171 - psp-versions-cap
172 - psp-versions-ena
173 pre: psp-device-get-locked
174 post: psp-device-unlock
175 dump:
176 reply: *dev-all
177 -
178 name: dev-add-ntf
179 doc: Notification about device appearing.
180 notify: dev-get
181 mcgrp: mgmt
182 -
183 name: dev-del-ntf
184 doc: Notification about device disappearing.
185 notify: dev-get
186 mcgrp: mgmt
187 -
188 name: dev-set
189 doc: Set the configuration of a PSP device.
190 attribute-set: dev
191 do:
192 request:
193 attributes:
194 - id
195 - psp-versions-ena
196 reply:
197 attributes: []
198 pre: psp-device-get-locked
199 post: psp-device-unlock
200 -
201 name: dev-change-ntf
202 doc: Notification about device configuration being changed.
203 notify: dev-get
204 mcgrp: mgmt
205
206 -
207 name: key-rotate
208 doc: Rotate the device key.
209 attribute-set: dev
210 do:
211 request:
212 attributes:
213 - id
214 reply:
215 attributes:
216 - id
217 pre: psp-device-get-locked
218 post: psp-device-unlock
219 -
220 name: key-rotate-ntf
221 doc: Notification about device key getting rotated.
222 notify: key-rotate
223 mcgrp: use
224
225 -
226 name: rx-assoc
227 doc: Allocate a new Rx key + SPI pair, associate it with a socket.
228 attribute-set: assoc
229 do:
230 request:
231 attributes:
232 - dev-id
233 - version
234 - sock-fd
235 reply:
236 attributes:
237 - dev-id
238 - rx-key
239 pre: psp-assoc-device-get-locked
240 post: psp-device-unlock
241 -
242 name: tx-assoc
243 doc: Add a PSP Tx association.
244 attribute-set: assoc
245 do:
246 request:
247 attributes:
248 - dev-id
249 - version
250 - tx-key
251 - sock-fd
252 reply:
253 attributes: []
254 pre: psp-assoc-device-get-locked
255 post: psp-device-unlock
256
257 -
258 name: get-stats
259 doc: Get device statistics.
260 attribute-set: stats
261 do:
262 request:
263 attributes:
264 - dev-id
265 reply: &stats-all
266 attributes:
267 - dev-id
268 - key-rotations
269 - stale-events
270 pre: psp-device-get-locked
271 post: psp-device-unlock
272 dump:
273 reply: *stats-all
274
275mcast-groups:
276 list:
277 -
278 name: mgmt
279 -
280 name: use
281
282...