Scroll to navigation

libnvme(9) API Manual libnvme(9)

NAME

enum nbft_security_flags - Security Profile Descriptor Flags (Figure 22)

SYNOPSIS

enum nbft_security_flags {
NBFT_SECURITY_VALID ,
NBFT_SECURITY_IN_BAND_AUTH_MASK ,
NBFT_SECURITY_IN_BAND_AUTH_NOT_SUPPORTED ,
NBFT_SECURITY_IN_BAND_AUTH_NOT_REQUIRED ,
NBFT_SECURITY_IN_BAND_AUTH_REQUIRED ,
NBFT_SECURITY_AUTH_POLICY_LIST_MASK ,
NBFT_SECURITY_AUTH_POLICY_LIST_NOT_SUPPORTED ,
NBFT_SECURITY_AUTH_POLICY_LIST_DRIVER ,
NBFT_SECURITY_AUTH_POLICY_LIST_ADMIN ,
NBFT_SECURITY_SEC_CHAN_NEG_MASK ,
NBFT_SECURITY_SEC_CHAN_NEG_NOT_SUPPORTED ,
NBFT_SECURITY_SEC_CHAN_NEG_NOT_REQUIRED ,
NBFT_SECURITY_SEC_CHAN_NEG_REQUIRED ,
NBFT_SECURITY_SEC_POLICY_LIST_MASK ,
NBFT_SECURITY_SEC_POLICY_LIST_NOT_SUPPORTED ,
NBFT_SECURITY_SEC_POLICY_LIST_DRIVER ,
NBFT_SECURITY_SEC_POLICY_LIST_ADMIN ,
NBFT_SECURITY_CIPHER_RESTRICTED ,
NBFT_SECURITY_AUTH_DH_GROUPS_RESTRICTED ,
NBFT_SECURITY_SEC_HASH_FUNC_POLICY_LIST

};

Constants

Descriptor Valid: If set to 1h, then this descriptor is valid. If cleared to 0h, then this descriptor is not valid.
Mask to get the In-Band Authentication Required field.
In-band authentication is not supported by the NVM subsystem.
In-band authentication is supported by the NVM subsystem and is not required.
In-band authentication is supported by the NVM subsystem and is required.
Mask to get the Authentication Policy List flag: This field indicates whether authentication protocols were indicated by policy from driver defaults or administrative configuration.
Authentication Protocols Heap Object Reference field Offset and Length are reserved.
Authentication Protocols Offset field and the Authentication Protocols Length field indicate a list of authentication protocols used by the driver.
Authentication Protocols Offset field and the Authentication Protocols Length field indicate a list of authentication protocols that were administratively set and used by the driver.
Mask to get the Secure Channel Negotiation Required flag: This field indicates whether secure channel negotiation (e.g. TLS) is required.
Secure channel negotiation is not supported by the NVM subsystem.
Secure channel negotiation is supported by the NVM subsystem and is not required.
Secure channel negotiation is supported by the NVM subsystem and is required.
Mask to get the Security Policy List flag: This field indicates whether secure channel protocols were indicated by policy from driver defaults or administrative configuration.
The Offset field and Length field in the Secure Channel Algorithm Heap Object Reference field are reserved.
The Heap Object specified by the Secure Channel Algorithm Heap Object Reference field indicates a list of authentication protocols used by the driver.
The Heap Object specified by the Secure Channel Algorithm Heap Object Reference field indicates a list of authentication protocols that were administratively set and used by the driver.
Cipher Suites Restricted by Policy: If set to 1h, then the Cipher Suite Offset field and the Ciper Suite Length field indicate a list of supported cipher suites by the driver. If cleared to 0h, then the Cipher Suite Offset field and the Cipher Suite Length field are reserved.
Authentication DH Groups Restricted by Policy List: If set to 1h, then connections shall use one of the authentication DH groups in the Authentication DH Groups List is required. If cleared to 0h, then no Authentication DH Groups List is indicated and use of an authentication DH Group is not required.
Secure Hash Functions Policy List: If set to 1h, then connections shall use one of the secure hash functions in the Secure Hash Functions Policy List is required. If cleared to 0h, then no Secure Hash Functions Policy List is indicated and use of a secure hash function is not required.
enum nbft_security_flags October 2024