From af9e8f67a7918a35dbde51152888b9a1151de31d Mon Sep 17 00:00:00 2001 From: dipankar-ba Date: Fri, 4 Dec 2020 18:15:43 -0800 Subject: [PATCH 1/4] Provided read-only XPN and changed style of cipher-suite capability. Signed-off-by: dipankar-ba --- inc/saimacsec.h | 39 ++++++++++++--------------------------- 1 file changed, 12 insertions(+), 27 deletions(-) diff --git a/inc/saimacsec.h b/inc/saimacsec.h index 378d59e92..7981a9643 100644 --- a/inc/saimacsec.h +++ b/inc/saimacsec.h @@ -118,36 +118,12 @@ typedef enum _sai_macsec_attr_t SAI_MACSEC_ATTR_SCI_IN_INGRESS_MACSEC_ACL, /** - * @brief Indicates if 32-bit Packer Number (PN) is supported. + * @brief List of supported cipher-suites * - * @type bool - * @flags READ_ONLY - */ - SAI_MACSEC_ATTR_PN_32BIT_SUPPORTED, - - /** - * @brief Indicates if 64-bit Extended Packer Number (PN) is supported. - * - * @type bool - * @flags READ_ONLY - */ - SAI_MACSEC_ATTR_XPN_64BIT_SUPPORTED, - - /** - * @brief Indicates if GCM-AES128 cipher-suite is supported. - * - * @type bool + * @type sai_s32_list_t sai_macsec_cipher_suite_t * @flags READ_ONLY */ - SAI_MACSEC_ATTR_GCM_AES128_SUPPORTED, - - /** - * @brief Indicates if GCM-AES256 cipher-suite is supported. - * - * @type bool - * @flags READ_ONLY - */ - SAI_MACSEC_ATTR_GCM_AES256_SUPPORTED, + SAI_MACSEC_ATTR_SUPPORTED_CIPHER_SUITE_LIST, /** * @brief List of supported SecTAG offset values for both ingress parsing @@ -758,6 +734,15 @@ typedef enum _sai_macsec_sa_attr_t * @default 0 * @validonly SAI_MACSEC_SA_ATTR_MACSEC_DIRECTION == SAI_MACSEC_DIRECTION_EGRESS */ + SAI_MACSEC_SA_ATTR_INITIAL_EGRESS_XPN, + + /** + * @brief MACsec packet number (PN/XPN). For ingress, largest received + * packet number. For egress, 1 less than the next packet number. + * + * @type sai_uint64_t + * @flags READ_ONLY + */ SAI_MACSEC_SA_ATTR_XPN, /** From 38cee494a7907dda6cd523cb7a14e00bddabe28f Mon Sep 17 00:00:00 2001 From: dipankar-ba Date: Mon, 7 Dec 2020 15:46:58 -0800 Subject: [PATCH 2/4] Separate read-only XPN attribute Signed-off-by: dipankar-ba --- inc/saimacsec.h | 40 ++++++++++++++++++++++++++++++++-------- 1 file changed, 32 insertions(+), 8 deletions(-) diff --git a/inc/saimacsec.h b/inc/saimacsec.h index 7981a9643..cf85faa07 100644 --- a/inc/saimacsec.h +++ b/inc/saimacsec.h @@ -118,12 +118,36 @@ typedef enum _sai_macsec_attr_t SAI_MACSEC_ATTR_SCI_IN_INGRESS_MACSEC_ACL, /** - * @brief List of supported cipher-suites + * @brief Indicates if 32-bit Packer Number (PN) is supported. * - * @type sai_s32_list_t sai_macsec_cipher_suite_t + * @type bool + * @flags READ_ONLY + */ + SAI_MACSEC_ATTR_PN_32BIT_SUPPORTED, + + /** + * @brief Indicates if 64-bit Extended Packer Number (PN) is supported. + * + * @type bool + * @flags READ_ONLY + */ + SAI_MACSEC_ATTR_XPN_64BIT_SUPPORTED, + + /** + * @brief Indicates if GCM-AES128 cipher-suite is supported. + * + * @type bool + * @flags READ_ONLY + */ + SAI_MACSEC_ATTR_GCM_AES128_SUPPORTED, + + /** + * @brief Indicates if GCM-AES256 cipher-suite is supported. + * + * @type bool * @flags READ_ONLY */ - SAI_MACSEC_ATTR_SUPPORTED_CIPHER_SUITE_LIST, + SAI_MACSEC_ATTR_GCM_AES256_SUPPORTED, /** * @brief List of supported SecTAG offset values for both ingress parsing @@ -737,16 +761,16 @@ typedef enum _sai_macsec_sa_attr_t SAI_MACSEC_SA_ATTR_INITIAL_EGRESS_XPN, /** - * @brief MACsec packet number (PN/XPN). For ingress, largest received - * packet number. For egress, 1 less than the next packet number. + * @brief MACsec current packet number (PN/XPN). For ingress, largest + * received packet number. For egress, 1 less than the next packet number. * * @type sai_uint64_t * @flags READ_ONLY */ - SAI_MACSEC_SA_ATTR_XPN, + SAI_MACSEC_SA_ATTR_CURRENT_XPN, /** - * @brief Minimum value of ingress MACsec packet number (PN/XPN). + * @brief Configured minimum acceptable ingress MACsec packet number (PN/XPN). * Updated by value from MACsec peer by Key Agreement protocol. * * @type sai_uint64_t @@ -754,7 +778,7 @@ typedef enum _sai_macsec_sa_attr_t * @default 1 * @validonly SAI_MACSEC_SA_ATTR_MACSEC_DIRECTION == SAI_MACSEC_DIRECTION_INGRESS */ - SAI_MACSEC_SA_ATTR_MINIMUM_XPN, + SAI_MACSEC_SA_ATTR_MINIMUM_INGRESS_XPN, /** * @brief SSCI value for this Secure Association From 48f73cfb220f927f5b2cde67b8b696a7dbc63191 Mon Sep 17 00:00:00 2001 From: dipankar-ba Date: Wed, 9 Dec 2020 11:16:26 -0800 Subject: [PATCH 3/4] Changed attribute name to SAI_MACSEC_SA_ATTR_CONFIGURED_EGRESS_XPN Signed-off-by: dipankar-ba --- inc/saimacsec.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/inc/saimacsec.h b/inc/saimacsec.h index cf85faa07..16423aca3 100644 --- a/inc/saimacsec.h +++ b/inc/saimacsec.h @@ -751,14 +751,14 @@ typedef enum _sai_macsec_sa_attr_t SAI_MACSEC_SA_ATTR_AUTH_KEY, /** - * @brief MACsec egress packet number (PN/XPN). At most 1 less than the next PN/XPN. + * @brief Configured value of next MACsec egress packet number (PN/XPN). * * @type sai_uint64_t * @flags CREATE_AND_SET * @default 0 * @validonly SAI_MACSEC_SA_ATTR_MACSEC_DIRECTION == SAI_MACSEC_DIRECTION_EGRESS */ - SAI_MACSEC_SA_ATTR_INITIAL_EGRESS_XPN, + SAI_MACSEC_SA_ATTR_CONFIGURED_EGRESS_XPN, /** * @brief MACsec current packet number (PN/XPN). For ingress, largest From e7afa8dfadb5c99986bba161ade61a8019a7eb3f Mon Sep 17 00:00:00 2001 From: dipankar-ba Date: Thu, 10 Dec 2020 09:47:08 -0800 Subject: [PATCH 4/4] Added XPN attr enum aliases Signed-off-by: dipankar-ba --- inc/saimacsec.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/inc/saimacsec.h b/inc/saimacsec.h index 16423aca3..cc6c6f2f7 100644 --- a/inc/saimacsec.h +++ b/inc/saimacsec.h @@ -769,6 +769,9 @@ typedef enum _sai_macsec_sa_attr_t */ SAI_MACSEC_SA_ATTR_CURRENT_XPN, + /** @ignore - for backward compatibility */ + SAI_MACSEC_SA_ATTR_XPN = SAI_MACSEC_SA_ATTR_CURRENT_XPN, + /** * @brief Configured minimum acceptable ingress MACsec packet number (PN/XPN). * Updated by value from MACsec peer by Key Agreement protocol. @@ -780,6 +783,9 @@ typedef enum _sai_macsec_sa_attr_t */ SAI_MACSEC_SA_ATTR_MINIMUM_INGRESS_XPN, + /** @ignore - for backward compatibility */ + SAI_MACSEC_SA_ATTR_MINIMUM_XPN = SAI_MACSEC_SA_ATTR_MINIMUM_INGRESS_XPN, + /** * @brief SSCI value for this Secure Association *