179 lines
5 KiB
Groff
179 lines
5 KiB
Groff
.TH "libnvme" 9 "enum nbft_security_flags" "November 2024" "API Manual" LINUX
|
|
.SH NAME
|
|
enum nbft_security_flags \- Security Profile Descriptor Flags (Figure 22)
|
|
.SH SYNOPSIS
|
|
enum nbft_security_flags {
|
|
.br
|
|
.BI " NBFT_SECURITY_VALID"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_IN_BAND_AUTH_MASK"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_IN_BAND_AUTH_NOT_SUPPORTED"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_IN_BAND_AUTH_NOT_REQUIRED"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_IN_BAND_AUTH_REQUIRED"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_AUTH_POLICY_LIST_MASK"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_AUTH_POLICY_LIST_NOT_SUPPORTED"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_AUTH_POLICY_LIST_DRIVER"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_AUTH_POLICY_LIST_ADMIN"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_SEC_CHAN_NEG_MASK"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_SEC_CHAN_NEG_NOT_SUPPORTED"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_SEC_CHAN_NEG_NOT_REQUIRED"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_SEC_CHAN_NEG_REQUIRED"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_SEC_POLICY_LIST_MASK"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_SEC_POLICY_LIST_NOT_SUPPORTED"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_SEC_POLICY_LIST_DRIVER"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_SEC_POLICY_LIST_ADMIN"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_CIPHER_RESTRICTED"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_AUTH_DH_GROUPS_RESTRICTED"
|
|
,
|
|
.br
|
|
.br
|
|
.BI " NBFT_SECURITY_SEC_HASH_FUNC_POLICY_LIST"
|
|
|
|
};
|
|
.SH Constants
|
|
.IP "NBFT_SECURITY_VALID" 12
|
|
Descriptor Valid: If set to 1h, then
|
|
this descriptor is valid. If cleared
|
|
to 0h, then this descriptor is not valid.
|
|
.IP "NBFT_SECURITY_IN_BAND_AUTH_MASK" 12
|
|
Mask to get the In-Band Authentication
|
|
Required field.
|
|
.IP "NBFT_SECURITY_IN_BAND_AUTH_NOT_SUPPORTED" 12
|
|
In-band authentication is not supported
|
|
by the NVM subsystem.
|
|
.IP "NBFT_SECURITY_IN_BAND_AUTH_NOT_REQUIRED" 12
|
|
In-band authentication is supported by
|
|
the NVM subsystem and is not required.
|
|
.IP "NBFT_SECURITY_IN_BAND_AUTH_REQUIRED" 12
|
|
In-band authentication is supported by
|
|
the NVM subsystem and is required.
|
|
.IP "NBFT_SECURITY_AUTH_POLICY_LIST_MASK" 12
|
|
Mask to get the Authentication Policy List
|
|
flag: This field indicates whether
|
|
authentication protocols were indicated
|
|
by policy from driver defaults or
|
|
administrative configuration.
|
|
.IP "NBFT_SECURITY_AUTH_POLICY_LIST_NOT_SUPPORTED" 12
|
|
Authentication Protocols Heap Object Reference
|
|
field Offset and Length are reserved.
|
|
.IP "NBFT_SECURITY_AUTH_POLICY_LIST_DRIVER" 12
|
|
Authentication Protocols Offset field and
|
|
the Authentication Protocols Length field
|
|
indicate a list of authentication protocols
|
|
used by the driver.
|
|
.IP "NBFT_SECURITY_AUTH_POLICY_LIST_ADMIN" 12
|
|
Authentication Protocols Offset field and
|
|
the Authentication Protocols Length field
|
|
indicate a list of authentication protocols
|
|
that were administratively set and used
|
|
by the driver.
|
|
.IP "NBFT_SECURITY_SEC_CHAN_NEG_MASK" 12
|
|
Mask to get the Secure Channel Negotiation
|
|
Required flag: This field indicates whether
|
|
secure channel negotiation (e.g. TLS)
|
|
is required.
|
|
.IP "NBFT_SECURITY_SEC_CHAN_NEG_NOT_SUPPORTED" 12
|
|
Secure channel negotiation is not supported
|
|
by the NVM subsystem.
|
|
.IP "NBFT_SECURITY_SEC_CHAN_NEG_NOT_REQUIRED" 12
|
|
Secure channel negotiation is supported
|
|
by the NVM subsystem and is not required.
|
|
.IP "NBFT_SECURITY_SEC_CHAN_NEG_REQUIRED" 12
|
|
Secure channel negotiation is supported
|
|
by the NVM subsystem and is required.
|
|
.IP "NBFT_SECURITY_SEC_POLICY_LIST_MASK" 12
|
|
Mask to get the Security Policy List flag:
|
|
This field indicates whether secure channel
|
|
protocols were indicated by policy from driver
|
|
defaults or administrative configuration.
|
|
.IP "NBFT_SECURITY_SEC_POLICY_LIST_NOT_SUPPORTED" 12
|
|
The Offset field and Length field in the
|
|
Secure Channel Algorithm Heap Object Reference
|
|
field are reserved.
|
|
.IP "NBFT_SECURITY_SEC_POLICY_LIST_DRIVER" 12
|
|
The Heap Object specified by the Secure Channel
|
|
Algorithm Heap Object Reference field indicates
|
|
a list of authentication protocols used
|
|
by the driver.
|
|
.IP "NBFT_SECURITY_SEC_POLICY_LIST_ADMIN" 12
|
|
The Heap Object specified by the Secure Channel
|
|
Algorithm Heap Object Reference field indicates
|
|
a list of authentication protocols that were
|
|
administratively set and used by the driver.
|
|
.IP "NBFT_SECURITY_CIPHER_RESTRICTED" 12
|
|
Cipher Suites Restricted by Policy: If set to 1h,
|
|
then the Cipher Suite Offset field and the
|
|
Ciper Suite Length field indicate a list
|
|
of supported cipher suites by the driver.
|
|
If cleared to 0h, then the Cipher Suite Offset
|
|
field and the Cipher Suite Length field
|
|
are reserved.
|
|
.IP "NBFT_SECURITY_AUTH_DH_GROUPS_RESTRICTED" 12
|
|
Authentication DH Groups Restricted
|
|
by Policy List: If set to 1h, then connections
|
|
shall use one of the authentication DH groups
|
|
in the Authentication DH Groups List is required.
|
|
If cleared to 0h, then no Authentication DH Groups
|
|
List is indicated and use of an authentication
|
|
DH Group is not required.
|
|
.IP "NBFT_SECURITY_SEC_HASH_FUNC_POLICY_LIST" 12
|
|
Secure Hash Functions Policy List: If set to 1h,
|
|
then connections shall use one of the secure
|
|
hash functions in the Secure Hash Functions
|
|
Policy List is required. If cleared to 0h,
|
|
then no Secure Hash Functions Policy
|
|
List is indicated and use of a secure
|
|
hash function is not required.
|