struct nbft_security - Security Profile Descriptor (Figure 21)
struct nbft_security {
__u8 structure_id;
__u8 index;
__le16 flags;
__u8 secret_type;
__u8 reserved1;
struct nbft_heap_obj sec_chan_alg_obj;
struct nbft_heap_obj auth_proto_obj;
struct nbft_heap_obj cipher_suite_obj;
struct nbft_heap_obj dh_grp_obj;
struct nbft_heap_obj sec_hash_func_obj;
struct nbft_heap_obj sec_keypath_obj;
__u8 reserved2[22];
};
- structure_id
- Structure ID: This field shall be set to 5h (i.e., Security;
#NBFT_DESC_SECURITY).
- index
- Security Profile Descriptor Index: This field indicates the number of this
Security Profile Descriptor in the Security Profile Descriptor List.
- flags
- Security Profile Descriptor Flags, see enum
nbft_security_flags.
- secret_type
- Secret Type, see enum nbft_security_secret_type.
- reserved1
- Reserved.
- sec_chan_alg_obj
- Secure Channel Algorithm Heap Object Reference: If the Security Policy
List field is set to 1h, then this field indicates the location and size
of a heap object containing a list of secure channel algorithms. The list
is an array of bytes and the values are defined in the Security Type
(SECTYPE) field in the Transport Specific Address Subtype Definition in
the NVMe TCP Transport Specification. If the Security Policy List field is
cleared to 0h, then this field is reserved.
- auth_proto_obj
- Authentication Protocols Heap Object Reference: If the Authentication
Policy List field is set to 1h, then this field indicates the location and
size of a heap object containing a list of authentication protocol
identifiers. If the Authentication Policy List field is cleared to 0h,
then this field is reserved.
- cipher_suite_obj
- Cipher Suite Offset Heap Object Reference: If the Cipher Suites Restricted
by Policy bit is set to 1h, then this field indicates the location and
size of a heap object containing a list of cipher suite identifiers. The
list, if any, is an array of bytes and the values are defined in the IANA
TLS Parameters Registry. If the Cipher Suites Restricted by Policy bit is
cleared to 0h, then this field is reserved.
- dh_grp_obj
- DH Groups Heap Object Reference: If the Authentication DH Groups
Restricted by Policy List bit is set to 1h, then this field indicates the
location and size of a heap object containing a list of DH-HMAC-CHAP
Diffie-Hellman (DH) group identifiers. If the Authentication DH Groups
Restricted by Policy List bit is cleared to 0h, then this field is
reserved.
- sec_hash_func_obj
- Secure Hash Functions Offset Heap Object Reference: If the Secure Hash
Functions Policy List bit is set to 1h, then this field indicates the
offset in bytes of a heap object containing a list of DH-HMAC-CHAP hash
function identifiers. The list is an array of bytes and the values are
defined in the NVM Express Base Specification. If the Secure Hash
Functions Policy List bit is cleared to 0h, then this field is
reserved.
- sec_keypath_obj
- Secret Keypath Offset Heap Object Reference: if this field is set to a
non-zero value, then this field indicates the location and size of a heap
object containing a URI. The type of the URI is specified in the Secret
Type field. If this field is cleared to 0h, then this field is
reserved.
- reserved2
- Reserved.