The Linux Kernel Logo
  • Development process
  • Submitting patches
  • Code of conduct
  • Maintainer handbook
  • All development-process docs
  • Core API
  • Driver APIs
  • Subsystems
    • Core subsystems
    • Human interfaces
    • Networking interfaces
      • Networking
        • AF_XDP
        • Bare UDP Tunnelling Module Documentation
        • batman-adv
        • SocketCAN - Controller Area Network
        • The UCAN Protocol
        • Hardware Device Drivers
        • Networking Diagnostics
        • Distributed Switch Architecture
        • Linux Devlink Documentation
        • CAIF
        • Netlink interface for ethtool
        • IEEE 802.15.4 Developer’s Guide
        • ISO 15765-2 (ISO-TP)
        • J1939 Documentation
        • Linux Networking and Network Devices APIs
        • MSG_ZEROCOPY
        • FAILOVER
        • Net DIM - Generic Network Dynamic Interrupt Moderation
        • NET_FAILOVER
        • Page Pool API
        • PHY Abstraction Layer
        • phylink
        • IP-Aliasing
        • Ethernet Bridging
        • SNMP counter
        • Checksum Offloads
        • Segmentation Offloads
        • Scaling in the Linux Networking Stack
        • Kernel TLS
        • Kernel TLS offload
        • In-Kernel TLS Handshake
        • Linux NFC subsystem
        • Netdev private dataroom for 6lowpan interfaces
        • 6pack Protocol
        • ARCnet Hardware
        • ARCnet
        • ATM
        • AX.25
        • Linux Ethernet Bonding Driver HOWTO
        • cdc_mbim - Driver for CDC MBIM Mobile Broadband modems
        • DCTCP (DataCenter TCP)
        • Device Memory TCP
        • DNS Resolver Module
        • Softnet Driver Issues
        • EQL Driver: Serial IP Load Balancing HOWTO
        • LC-trie implementation notes
        • Linux Socket Filtering aka Berkeley Packet Filter (BPF)
        • Generic HDLC layer
        • Generic Netlink
        • Netlink Family Specifications
          • Family binder netlink specification
          • Family conntrack netlink specification
          • Family devlink netlink specification
          • Family dpll netlink specification
          • Family ethtool netlink specification
          • Family fou netlink specification
          • Family handshake netlink specification
          • Family lockd netlink specification
          • Family mptcp_pm netlink specification
          • Family net-shaper netlink specification
          • Family netdev netlink specification
          • Family nfsd netlink specification
          • Family nftables netlink specification
          • Family nl80211 netlink specification
          • Family nlctrl netlink specification
          • Family ovpn netlink specification
          • Family ovs_datapath netlink specification
          • Family ovs_flow netlink specification
          • Family ovs_vport netlink specification
          • Family psp netlink specification
            • Summary
            • Operations
              • dev-get
              • dev-add-ntf
              • dev-del-ntf
              • dev-set
              • dev-change-ntf
              • key-rotate
              • key-rotate-ntf
              • rx-assoc
              • tx-assoc
            • Multicast groups
            • Definitions
              • version
            • Attribute sets
              • dev
                • id (u32)
                • ifindex (u32)
                • psp-versions-cap (u32)
                • psp-versions-ena (u32)
              • assoc
                • dev-id (u32)
                • version (u32)
                • rx-key (nest)
                • tx-key (nest)
                • sock-fd (u32)
              • keys
                • key (binary)
                • spi (u32)
          • Family rt-addr netlink specification
          • Family rt-link netlink specification
          • Family rt-neigh netlink specification
          • Family rt-route netlink specification
          • Family rt-rule netlink specification
          • Family tc netlink specification
          • Family tcp_metrics netlink specification
          • Family team netlink specification
        • Generic networking statistics for netlink users
        • The Linux kernel GTP tunneling module
        • Identifier Locator Addressing (ILA)
        • IOAM6 Sysfs variables
        • io_uring zero copy Rx
        • IP dynamic address hack-port v0.03
        • IPsec
        • IP Sysctl
        • IPv6
        • IPVLAN Driver HOWTO
        • IPvs-sysctl
        • Kernel Connection Multiplexor
        • L2TP
        • The Linux LAPB Module Interface
        • How to use packet injection with mac80211
        • Management Component Transport Protocol (MCTP)
        • MPLS Sysfs variables
        • Multipath TCP (MPTCP)
        • MPTCP Sysfs variables
        • HOWTO for multiqueue network device support
        • Multi-PF Netdev
        • NAPI
        • Common Networking Struct Cachelines
        • Netconsole
        • Netdev features mess and how to get out from it alive
        • Network Devices, the Kernel, and You!
        • Netfilter Sysfs variables
        • NETIF Msg Level
        • Netmem Support for Network Drivers
        • Resilient Next-hop Groups
        • Netfilter Conntrack Sysfs variables
        • Netfilter’s flowtable infrastructure
        • OPEN Alliance 10BASE-T1x MAC-PHY Serial Interface (TC6) Framework Support
        • Open vSwitch datapath developer documentation
        • Operational States
        • Packet MMAP
        • Linux Phonet protocol family
        • PHY link topology
        • HOWTO for the linux packet generator
        • PLIP: The Parallel Line Internet Protocol Device
        • PPP Generic Driver and Channel Interface
        • The proc/net/tcp and proc/net/tcp6 variables
        • Power Sourcing Equipment (PSE) Documentation
        • PSP Security Protocol
        • How to use radiotap headers
        • RDS
        • Linux wireless regulatory documentation
        • Network Function Representors
        • RxRPC Network Protocol
        • Linux Kernel SCTP
        • LSM/SeLinux secid
        • Seg6 Sysfs variables
        • struct sk_buff
        • SMC Sysctl
        • NIC SR-IOV APIs
        • Interface statistics
        • Stream Parser (strparser)
        • Ethernet switch device driver model (switchdev)
        • Sysfs tagging
        • TC Actions - Environmental Rules
        • TC queue based filtering
        • TCP Authentication Option Linux implementation (RFC5925)
        • Thin-streams and TCP
        • Team
        • Timestamping
        • Linux Kernel TIPC
        • Transparent proxy support
        • Universal TUN/TAP device driver
        • The UDP-Lite protocol (RFC 3828)
        • Virtual Routing and Forwarding (VRF)
        • Virtual eXtensible Local Area Networking documentation
        • Linux X.25 Project
        • X.25 Device Driver Interface
        • XFRM device - offloading the IPsec computations
        • XFRM proc - /proc/net/xfrm_* files
        • XFRM
        • XFRM Syscall
        • XDP RX Metadata
        • AF_XDP TX Metadata
      • NetLabel
      • InfiniBand
      • ISDN
      • MHI
    • Storage interfaces
    • Other subsystems
  • Locking
  • Licensing rules
  • Writing documentation
  • Development tools
  • Testing guide
  • Hacking guide
  • Tracing
  • Fault injection
  • Livepatching
  • Rust
  • Administration
  • Build system
  • Reporting issues
  • Userspace tools
  • Userspace API
  • Firmware
  • Firmware and Devicetree
  • CPU architectures
  • Unsorted documentation
  • Translations
The Linux Kernel
  • Kernel subsystem documentation
  • Networking
  • Netlink Family Specifications
  • Family psp netlink specification
  • View page source

Family psp netlink specification¶

Contents

  • Family psp netlink specification

    • Summary

    • Operations

      • dev-get

      • dev-add-ntf

      • dev-del-ntf

      • dev-set

      • dev-change-ntf

      • key-rotate

      • key-rotate-ntf

      • rx-assoc

      • tx-assoc

    • Multicast groups

    • Definitions

      • version

    • Attribute sets

      • dev

      • assoc

      • keys

Summary¶

PSP Security Protocol Generic Netlink family.

Operations¶

dev-get¶

Get / dump information about PSP capable devices on the system.

attribute-set:

dev

do:
request
attributes:

[id]

reply
attributes:

[id, ifindex, psp-versions-cap, psp-versions-ena]

pre

psp-device-get-locked

post

psp-device-unlock

dump:
reply
attributes:

[id, ifindex, psp-versions-cap, psp-versions-ena]

dev-add-ntf¶

Notification about device appearing.

notify:

dev-get

mcgrp:

mgmt

dev-del-ntf¶

Notification about device disappearing.

notify:

dev-get

mcgrp:

mgmt

dev-set¶

Set the configuration of a PSP device.

attribute-set:

dev

do:
request
attributes:

[id, psp-versions-ena]

reply
attributes:

[]

pre

psp-device-get-locked

post

psp-device-unlock

dev-change-ntf¶

Notification about device configuration being changed.

notify:

dev-get

mcgrp:

mgmt

key-rotate¶

Rotate the device key.

attribute-set:

dev

do:
request
attributes:

[id]

reply
attributes:

[id]

pre

psp-device-get-locked

post

psp-device-unlock

key-rotate-ntf¶

Notification about device key getting rotated.

notify:

key-rotate

mcgrp:

use

rx-assoc¶

Allocate a new Rx key + SPI pair, associate it with a socket.

attribute-set:

assoc

do:
request
attributes:

[dev-id, version, sock-fd]

reply
attributes:

[dev-id, rx-key]

pre

psp-assoc-device-get-locked

post

psp-device-unlock

tx-assoc¶

Add a PSP Tx association.

attribute-set:

assoc

do:
request
attributes:

[dev-id, version, tx-key, sock-fd]

reply
attributes:

[]

pre

psp-assoc-device-get-locked

post

psp-device-unlock

Multicast groups¶

  • mgmt

  • use

Definitions¶

version¶

type:

enum

entries:

  • hdr0-aes-gcm-128

  • hdr0-aes-gcm-256

  • hdr0-aes-gmac-128

  • hdr0-aes-gmac-256

Attribute sets¶

dev¶

id (u32)¶

doc:

PSP device ID.

ifindex (u32)¶

doc:

ifindex of the main netdevice linked to the PSP device.

psp-versions-cap (u32)¶

doc:

Bitmask of PSP versions supported by the device.

enum:

version

enum-as-flags:

True

psp-versions-ena (u32)¶

doc:

Bitmask of currently enabled (accepted on Rx) PSP versions.

enum:

version

enum-as-flags:

True

assoc¶

dev-id (u32)¶

doc:

PSP device ID.

version (u32)¶

doc:

PSP versions (AEAD and protocol version) used by this association, dictates the size of the key.

enum:

version

rx-key (nest)¶

nested-attributes:

keys

tx-key (nest)¶

nested-attributes:

keys

sock-fd (u32)¶

doc:

Sockets which should be bound to the association immediately.

keys¶

key (binary)¶

spi (u32)¶

doc:

Security Parameters Index (SPI) of the association.

Previous Next

© Copyright The kernel development community.

Built with Sphinx using a theme provided by Read the Docs.