# SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) --- name: psp doc: PSP Security Protocol Generic Netlink family. definitions: - type: enum name: version entries: [hdr0-aes-gcm-128, hdr0-aes-gcm-256, hdr0-aes-gmac-128, hdr0-aes-gmac-256] attribute-sets: - name: dev attributes: - name: id doc: PSP device ID. type: u32 checks: min: 1 - name: ifindex doc: ifindex of the main netdevice linked to the PSP device. type: u32 - name: psp-versions-cap doc: Bitmask of PSP versions supported by the device. type: u32 enum: version enum-as-flags: true - name: psp-versions-ena doc: Bitmask of currently enabled (accepted on Rx) PSP versions. type: u32 enum: version enum-as-flags: true - name: assoc attributes: - name: dev-id doc: PSP device ID. type: u32 checks: min: 1 - name: version doc: | PSP versions (AEAD and protocol version) used by this association, dictates the size of the key. type: u32 enum: version - name: rx-key type: nest nested-attributes: keys - name: tx-key type: nest nested-attributes: keys - name: sock-fd doc: Sockets which should be bound to the association immediately. type: u32 - name: keys attributes: - name: key type: binary - name: spi doc: Security Parameters Index (SPI) of the association. type: u32 operations: list: - name: dev-get doc: Get / dump information about PSP capable devices on the system. attribute-set: dev do: request: attributes: - id reply: &dev-all attributes: - id - ifindex - psp-versions-cap - psp-versions-ena pre: psp-device-get-locked post: psp-device-unlock dump: reply: *dev-all - name: dev-add-ntf doc: Notification about device appearing. notify: dev-get mcgrp: mgmt - name: dev-del-ntf doc: Notification about device disappearing. notify: dev-get mcgrp: mgmt - name: dev-set doc: Set the configuration of a PSP device. attribute-set: dev do: request: attributes: - id - psp-versions-ena reply: attributes: [] pre: psp-device-get-locked post: psp-device-unlock - name: dev-change-ntf doc: Notification about device configuration being changed. notify: dev-get mcgrp: mgmt - name: key-rotate doc: Rotate the device key. attribute-set: dev do: request: attributes: - id reply: attributes: - id pre: psp-device-get-locked post: psp-device-unlock - name: key-rotate-ntf doc: Notification about device key getting rotated. notify: key-rotate mcgrp: use - name: rx-assoc doc: Allocate a new Rx key + SPI pair, associate it with a socket. attribute-set: assoc do: request: attributes: - dev-id - version - sock-fd reply: attributes: - dev-id - rx-key pre: psp-assoc-device-get-locked post: psp-device-unlock - name: tx-assoc doc: Add a PSP Tx association. attribute-set: assoc do: request: attributes: - dev-id - version - tx-key - sock-fd reply: attributes: [] pre: psp-assoc-device-get-locked post: psp-device-unlock mcast-groups: list: - name: mgmt - name: use ...