[thirdparty/systemd.git] / src / network / netdev / macsec.h

/* SPDX-License-Identifier: LGPL-2.1+ */
#pragma once

#include <netinet/in.h>
#include <linux/if_macsec.h>

#include "in-addr-util.h"
#include "netdev.h"
#include "networkd-util.h"
#include "sparse-endian.h"

/* See the definition of MACSEC_NUM_AN in kernel's drivers/net/macsec.c */
#define MACSEC_MAX_ASSOCIATION_NUMBER 4

typedef struct MACsec MACsec;

typedef union MACsecSCI {
        uint64_t as_uint64;

        struct {
                struct ether_addr mac;
                be16_t port;
        } _packed_;
} MACsecSCI;

assert_cc(sizeof(MACsecSCI) == sizeof(uint64_t));

typedef struct SecurityAssociation {
        uint8_t association_number;
        uint32_t packet_number;
        uint8_t key_id[MACSEC_KEYID_LEN];
        uint8_t *key;
        uint32_t key_len;
        char *key_file;
        int activate;
        int use_for_encoding;
} SecurityAssociation;

typedef struct TransmitAssociation {
        MACsec *macsec;
        NetworkConfigSection *section;

        SecurityAssociation sa;
} TransmitAssociation;

typedef struct ReceiveAssociation {
        MACsec *macsec;
        NetworkConfigSection *section;

        MACsecSCI sci;
        SecurityAssociation sa;
} ReceiveAssociation;

typedef struct ReceiveChannel {
        MACsec *macsec;
        NetworkConfigSection *section;

        MACsecSCI sci;
        ReceiveAssociation *rxsa[MACSEC_MAX_ASSOCIATION_NUMBER];
        unsigned n_rxsa;
} ReceiveChannel;

struct MACsec {
        NetDev meta;

        uint16_t port;
        int encrypt;
        uint8_t encoding_an;

        OrderedHashmap *receive_channels;
        OrderedHashmap *receive_channels_by_section;
        OrderedHashmap *transmit_associations_by_section;
        OrderedHashmap *receive_associations_by_section;
};

DEFINE_NETDEV_CAST(MACSEC, MACsec);
extern const NetDevVTable macsec_vtable;

CONFIG_PARSER_PROTOTYPE(config_parse_macsec_port);
CONFIG_PARSER_PROTOTYPE(config_parse_macsec_hw_address);
CONFIG_PARSER_PROTOTYPE(config_parse_macsec_packet_number);
CONFIG_PARSER_PROTOTYPE(config_parse_macsec_key_id);
CONFIG_PARSER_PROTOTYPE(config_parse_macsec_key);
CONFIG_PARSER_PROTOTYPE(config_parse_macsec_key_file);
CONFIG_PARSER_PROTOTYPE(config_parse_macsec_sa_activate);
CONFIG_PARSER_PROTOTYPE(config_parse_macsec_use_for_encoding);
Commit	Line	Data
81962db7 SS	1	/* SPDX-License-Identifier: LGPL-2.1+ */
	2	#pragma once
	3
9aa5d8ba	4	#include <netinet/in.h>
81962db7 SS	5	#include <linux/if_macsec.h>
	6
	7	#include "in-addr-util.h"
	8	#include "netdev.h"
	9	#include "networkd-util.h"
	10	#include "sparse-endian.h"
	11
e0fde24c YW	12	/* See the definition of MACSEC_NUM_AN in kernel's drivers/net/macsec.c */
	13	#define MACSEC_MAX_ASSOCIATION_NUMBER 4
	14
81962db7 SS	15	typedef struct MACsec MACsec;
	16
	17	typedef union MACsecSCI {
	18	uint64_t as_uint64;
	19
	20	struct {
	21	struct ether_addr mac;
	22	be16_t port;
	23	} _packed_;
	24	} MACsecSCI;
	25
	26	assert_cc(sizeof(MACsecSCI) == sizeof(uint64_t));
	27
	28	typedef struct SecurityAssociation {
	29	uint8_t association_number;
	30	uint32_t packet_number;
	31	uint8_t key_id[MACSEC_KEYID_LEN];
	32	uint8_t *key;
	33	uint32_t key_len;
eb4705fb	34	char *key_file;
a7b9c52f	35	int activate;
b0e13c31	36	int use_for_encoding;
81962db7 SS	37	} SecurityAssociation;
	38
	39	typedef struct TransmitAssociation {
	40	MACsec *macsec;
	41	NetworkConfigSection *section;
	42
	43	SecurityAssociation sa;
	44	} TransmitAssociation;
	45
	46	typedef struct ReceiveAssociation {
	47	MACsec *macsec;
	48	NetworkConfigSection *section;
	49
	50	MACsecSCI sci;
	51	SecurityAssociation sa;
	52	} ReceiveAssociation;
	53
	54	typedef struct ReceiveChannel {
	55	MACsec *macsec;
	56	NetworkConfigSection *section;
	57
	58	MACsecSCI sci;
e0fde24c YW	59	ReceiveAssociation *rxsa[MACSEC_MAX_ASSOCIATION_NUMBER];
e0fde24c YW	60	unsigned n_rxsa;
81962db7 SS	61	} ReceiveChannel;
	62
	63	struct MACsec {
	64	NetDev meta;
	65
	66	uint16_t port;
	67	int encrypt;
b0e13c31	68	uint8_t encoding_an;
81962db7	69
e0fde24c	70	OrderedHashmap *receive_channels;
81962db7 SS	71	OrderedHashmap *receive_channels_by_section;
	72	OrderedHashmap *transmit_associations_by_section;
	73	OrderedHashmap *receive_associations_by_section;
	74	};
	75
	76	DEFINE_NETDEV_CAST(MACSEC, MACsec);
	77	extern const NetDevVTable macsec_vtable;
	78
	79	CONFIG_PARSER_PROTOTYPE(config_parse_macsec_port);
	80	CONFIG_PARSER_PROTOTYPE(config_parse_macsec_hw_address);
	81	CONFIG_PARSER_PROTOTYPE(config_parse_macsec_packet_number);
	82	CONFIG_PARSER_PROTOTYPE(config_parse_macsec_key_id);
	83	CONFIG_PARSER_PROTOTYPE(config_parse_macsec_key);
eb4705fb	84	CONFIG_PARSER_PROTOTYPE(config_parse_macsec_key_file);
a7b9c52f	85	CONFIG_PARSER_PROTOTYPE(config_parse_macsec_sa_activate);
b0e13c31	86	CONFIG_PARSER_PROTOTYPE(config_parse_macsec_use_for_encoding);