mirror of
https://gitlab.freedesktop.org/NetworkManager/NetworkManager
synced 2024-07-22 02:35:25 +00:00
libnm,nmcli: add macsec.offload property
Introduce a new property to control the MACsec offload mode.
This commit is contained in:
parent
09f2e1c107
commit
aa418275cf
|
@ -1959,6 +1959,7 @@ global:
|
|||
nm_setting_connection_get_autoconnect_ports;
|
||||
nm_setting_connection_get_controller;
|
||||
nm_setting_connection_get_port_type;
|
||||
nm_setting_get_enum_property_type;
|
||||
nm_setting_hsr_get_multicast_spec;
|
||||
nm_setting_hsr_get_port1;
|
||||
nm_setting_hsr_get_port2;
|
||||
|
@ -1966,11 +1967,12 @@ global:
|
|||
nm_setting_hsr_get_type;
|
||||
nm_setting_hsr_new;
|
||||
nm_setting_ip_config_get_dhcp_dscp;
|
||||
nm_setting_get_enum_property_type;
|
||||
nm_setting_sriov_get_eswitch_mode;
|
||||
nm_sriov_eswitch_mode_get_type;
|
||||
nm_setting_sriov_get_eswitch_inline_mode;
|
||||
nm_sriov_eswitch_inline_mode_get_type;
|
||||
nm_setting_macsec_get_offload;
|
||||
nm_setting_macsec_offload_get_type;
|
||||
nm_setting_sriov_get_eswitch_encap_mode;
|
||||
nm_setting_sriov_get_eswitch_inline_mode;
|
||||
nm_setting_sriov_get_eswitch_mode;
|
||||
nm_sriov_eswitch_encap_mode_get_type;
|
||||
nm_sriov_eswitch_inline_mode_get_type;
|
||||
nm_sriov_eswitch_mode_get_type;
|
||||
} libnm_1_44_0;
|
||||
|
|
|
@ -1876,6 +1876,10 @@
|
|||
dbus-type="i"
|
||||
gprop-type="gint"
|
||||
/>
|
||||
<property name="offload"
|
||||
dbus-type="i"
|
||||
gprop-type="gint"
|
||||
/>
|
||||
<property name="parent"
|
||||
dbus-type="s"
|
||||
gprop-type="gchararray"
|
||||
|
|
|
@ -35,7 +35,8 @@ NM_GOBJECT_PROPERTIES_DEFINE_BASE(PROP_PARENT,
|
|||
PROP_MKA_CKN,
|
||||
PROP_PORT,
|
||||
PROP_VALIDATION,
|
||||
PROP_SEND_SCI, );
|
||||
PROP_SEND_SCI,
|
||||
PROP_OFFLOAD, );
|
||||
|
||||
typedef struct {
|
||||
char *parent;
|
||||
|
@ -47,6 +48,7 @@ typedef struct {
|
|||
gint32 port;
|
||||
bool encrypt;
|
||||
bool send_sci;
|
||||
gint32 offload;
|
||||
} NMSettingMacsecPrivate;
|
||||
|
||||
/**
|
||||
|
@ -212,6 +214,22 @@ nm_setting_macsec_get_send_sci(NMSettingMacsec *setting)
|
|||
return NM_SETTING_MACSEC_GET_PRIVATE(setting)->send_sci;
|
||||
}
|
||||
|
||||
/**
|
||||
* nm_setting_macsec_get_offload:
|
||||
* @setting: the #NMSettingMacsec
|
||||
*
|
||||
* Returns: the #NMSettingMacsec:offload property of the setting
|
||||
*
|
||||
* Since: 1.46
|
||||
**/
|
||||
NMSettingMacsecOffload
|
||||
nm_setting_macsec_get_offload(NMSettingMacsec *setting)
|
||||
{
|
||||
g_return_val_if_fail(NM_IS_SETTING_MACSEC(setting), NM_SETTING_MACSEC_OFFLOAD_DEFAULT);
|
||||
|
||||
return NM_SETTING_MACSEC_GET_PRIVATE(setting)->offload;
|
||||
}
|
||||
|
||||
static GPtrArray *
|
||||
need_secrets(NMSetting *setting, gboolean check_rerequest)
|
||||
{
|
||||
|
@ -597,6 +615,35 @@ nm_setting_macsec_class_init(NMSettingMacsecClass *klass)
|
|||
NMSettingMacsecPrivate,
|
||||
send_sci);
|
||||
|
||||
/**
|
||||
* NMSettingMacsec:offload:
|
||||
*
|
||||
* Specifies the MACsec offload mode.
|
||||
*
|
||||
* %NM_SETTING_MACSEC_OFFLOAD_OFF disables MACsec offload.
|
||||
*
|
||||
* %NM_SETTING_MACSEC_OFFLOAD_PHY and %NM_SETTING_MACSEC_OFFLOAD_MAC request offload
|
||||
* respectively to the PHY or to the MAC; if the selected mode is not available, the
|
||||
* connection will fail.
|
||||
*
|
||||
* %NM_SETTING_MACSEC_OFFLOAD_DEFAULT uses the global default value specified in
|
||||
* NetworkManager configuration; if no global default is defined, the built-in
|
||||
* default is %NM_SETTING_MACSEC_OFFLOAD_OFF.
|
||||
*
|
||||
* Since: 1.46
|
||||
**/
|
||||
_nm_setting_property_define_direct_enum(properties_override,
|
||||
obj_properties,
|
||||
NM_SETTING_MACSEC_OFFLOAD,
|
||||
PROP_OFFLOAD,
|
||||
NM_TYPE_SETTING_MACSEC_OFFLOAD,
|
||||
NM_SETTING_MACSEC_OFFLOAD_DEFAULT,
|
||||
NM_SETTING_PARAM_INFERRABLE
|
||||
| NM_SETTING_PARAM_FUZZY_IGNORE,
|
||||
NULL,
|
||||
NMSettingMacsecPrivate,
|
||||
offload);
|
||||
|
||||
g_object_class_install_properties(object_class, _PROPERTY_ENUMS_LAST, obj_properties);
|
||||
|
||||
_nm_setting_class_commit(setting_class,
|
||||
|
|
|
@ -35,6 +35,7 @@ G_BEGIN_DECLS
|
|||
#define NM_SETTING_MACSEC_PORT "port"
|
||||
#define NM_SETTING_MACSEC_VALIDATION "validation"
|
||||
#define NM_SETTING_MACSEC_SEND_SCI "send-sci"
|
||||
#define NM_SETTING_MACSEC_OFFLOAD "offload"
|
||||
|
||||
typedef struct _NMSettingMacsecClass NMSettingMacsecClass;
|
||||
|
||||
|
@ -77,6 +78,24 @@ typedef enum {
|
|||
/* Deprecated. The CKN can be between 2 and 64 characters. */
|
||||
#define NM_SETTING_MACSEC_MKA_CKN_LENGTH 64
|
||||
|
||||
/**
|
||||
* NMSettingMacsecOffload:
|
||||
* @NM_SETTING_MACSEC_OFFLOAD_DEFAULT: use the global default; disable if not defined
|
||||
* @NM_SETTING_MACSEC_OFFLOAD_OFF: disable offload
|
||||
* @NM_SETTING_MACSEC_OFFLOAD_PHY: request offload to the PHY
|
||||
* @NM_SETTING_MACSEC_OFFLOAD_MAC: request offload to the MAC
|
||||
*
|
||||
* These flags control the MACsec offload mode.
|
||||
*
|
||||
* Since: 1.46
|
||||
**/
|
||||
typedef enum {
|
||||
NM_SETTING_MACSEC_OFFLOAD_DEFAULT = -1,
|
||||
NM_SETTING_MACSEC_OFFLOAD_OFF = 0,
|
||||
NM_SETTING_MACSEC_OFFLOAD_PHY = 1,
|
||||
NM_SETTING_MACSEC_OFFLOAD_MAC = 2,
|
||||
} NMSettingMacsecOffload;
|
||||
|
||||
NM_AVAILABLE_IN_1_6
|
||||
GType nm_setting_macsec_get_type(void);
|
||||
NM_AVAILABLE_IN_1_6
|
||||
|
@ -100,6 +119,8 @@ NM_AVAILABLE_IN_1_6
|
|||
NMSettingMacsecValidation nm_setting_macsec_get_validation(NMSettingMacsec *setting);
|
||||
NM_AVAILABLE_IN_1_12
|
||||
gboolean nm_setting_macsec_get_send_sci(NMSettingMacsec *setting);
|
||||
NM_AVAILABLE_IN_1_46
|
||||
NMSettingMacsecOffload nm_setting_macsec_get_offload(NMSettingMacsec *setting);
|
||||
|
||||
G_END_DECLS
|
||||
|
||||
|
|
|
@ -6909,6 +6909,9 @@ static const NMMetaPropertyInfo *const property_infos_MACSEC[] = {
|
|||
PROPERTY_INFO_WITH_DESC (NM_SETTING_MACSEC_SEND_SCI,
|
||||
.property_type = &_pt_gobject_bool,
|
||||
),
|
||||
PROPERTY_INFO_WITH_DESC (NM_SETTING_MACSEC_OFFLOAD,
|
||||
.property_type = &_pt_gobject_enum,
|
||||
),
|
||||
NULL
|
||||
};
|
||||
|
||||
|
|
|
@ -243,6 +243,7 @@
|
|||
#define DESCRIBE_DOC_NM_SETTING_MACSEC_MKA_CAK_FLAGS N_("Flags indicating how to handle the \"mka-cak\" property.")
|
||||
#define DESCRIBE_DOC_NM_SETTING_MACSEC_MKA_CKN N_("The pre-shared CKN (Connectivity-association Key Name) for MACsec Key Agreement. Must be a string of hexadecimal characters with a even length between 2 and 64.")
|
||||
#define DESCRIBE_DOC_NM_SETTING_MACSEC_MODE N_("Specifies how the CAK (Connectivity Association Key) for MKA (MACsec Key Agreement) is obtained.")
|
||||
#define DESCRIBE_DOC_NM_SETTING_MACSEC_OFFLOAD N_("Specifies the MACsec offload mode. \"off\" (0) disables MACsec offload. \"phy\" (1) and \"mac\" (2) request offload respectively to the PHY or to the MAC; if the selected mode is not available, the connection will fail. \"default\" (-1) uses the global default value specified in NetworkManager configuration; if no global default is defined, the built-in default is \"off\" (0).")
|
||||
#define DESCRIBE_DOC_NM_SETTING_MACSEC_PARENT N_("If given, specifies the parent interface name or parent connection UUID from which this MACSEC interface should be created. If this property is not specified, the connection must contain an \"802-3-ethernet\" setting with a \"mac-address\" property.")
|
||||
#define DESCRIBE_DOC_NM_SETTING_MACSEC_PORT N_("The port component of the SCI (Secure Channel Identifier), between 1 and 65534.")
|
||||
#define DESCRIBE_DOC_NM_SETTING_MACSEC_SEND_SCI N_("Specifies whether the SCI (Secure Channel Identifier) is included in every packet.")
|
||||
|
|
|
@ -1548,6 +1548,10 @@
|
|||
nmcli-description="Specifies whether the SCI (Secure Channel Identifier) is included in every packet."
|
||||
format="boolean"
|
||||
values="true/yes/on, false/no/off" />
|
||||
<property name="offload"
|
||||
nmcli-description="Specifies the MACsec offload mode. "off" (0) disables MACsec offload. "phy" (1) and "mac" (2) request offload respectively to the PHY or to the MAC; if the selected mode is not available, the connection will fail. "default" (-1) uses the global default value specified in NetworkManager configuration; if no global default is defined, the built-in default is "off" (0)."
|
||||
format="choice (NMSettingMacsecOffload)"
|
||||
values="default (-1), off (0), phy (1), mac (2)" />
|
||||
</setting>
|
||||
<setting name="macvlan" >
|
||||
<property name="parent"
|
||||
|
|
Loading…
Reference in a new issue