1libnvme(9) API Manual libnvme(9)
2
6 enum nbft_security_flags - Security Profile Descriptor Flags (Figure
7 22)
8
10 enum nbft_security_flags {
11 NBFT_SECURITY_VALID ,
12 NBFT_SECURITY_IN_BAND_AUTH_MASK ,
13 NBFT_SECURITY_IN_BAND_AUTH_NOT_SUPPORTED ,
14 NBFT_SECURITY_IN_BAND_AUTH_NOT_REQUIRED ,
15 NBFT_SECURITY_IN_BAND_AUTH_REQUIRED ,
16 NBFT_SECURITY_AUTH_POLICY_LIST_MASK ,
17 NBFT_SECURITY_AUTH_POLICY_LIST_NOT_SUPPORTED ,
18 NBFT_SECURITY_AUTH_POLICY_LIST_DRIVER ,
19 NBFT_SECURITY_AUTH_POLICY_LIST_ADMIN ,
20 NBFT_SECURITY_SEC_CHAN_NEG_MASK ,
21 NBFT_SECURITY_SEC_CHAN_NEG_NOT_SUPPORTED ,
22 NBFT_SECURITY_SEC_CHAN_NEG_NOT_REQUIRED ,
23 NBFT_SECURITY_SEC_CHAN_NEG_REQUIRED ,
24 NBFT_SECURITY_SEC_POLICY_LIST_MASK ,
25 NBFT_SECURITY_SEC_POLICY_LIST_NOT_SUPPORTED ,
26 NBFT_SECURITY_SEC_POLICY_LIST_DRIVER ,
27 NBFT_SECURITY_SEC_POLICY_LIST_ADMIN ,
28 NBFT_SECURITY_CIPHER_RESTRICTED ,
29 NBFT_SECURITY_AUTH_DH_GROUPS_RESTRICTED ,
30 NBFT_SECURITY_SEC_HASH_FUNC_POLICY_LIST
31 };
33
35 NBFT_SECURITY_VALID
36 Descriptor Valid: If set to 1h, then this descriptor is
37 valid. If cleared to 0h, then this descriptor is not valid.
38 NBFT_SECURITY_IN_BAND_AUTH_MASK
40 Mask to get the In-Band Authentication Required field.
41 NBFT_SECURITY_IN_BAND_AUTH_NOT_SUPPORTED
43 In-band authentication is not supported by the NVM subsys‐
44 tem.
45 NBFT_SECURITY_IN_BAND_AUTH_NOT_REQUIRED
47 In-band authentication is supported by the NVM subsystem
48 and is not required.
49 NBFT_SECURITY_IN_BAND_AUTH_REQUIRED
51 In-band authentication is supported by the NVM subsystem
52 and is required.
53 NBFT_SECURITY_AUTH_POLICY_LIST_MASK
55 Mask to get the Authentication Policy List flag: This field
56 indicates whether authentication protocols were indicated
57 by policy from driver defaults or administrative configura‐
58 tion.
59 NBFT_SECURITY_AUTH_POLICY_LIST_NOT_SUPPORTED
61 Authentication Protocols Heap Object Reference field Offset
62 and Length are reserved.
63 NBFT_SECURITY_AUTH_POLICY_LIST_DRIVER
65 Authentication Protocols Offset field and the Authentica‐
66 tion Protocols Length field indicate a list of authentica‐
67 tion protocols used by the driver.
68 NBFT_SECURITY_AUTH_POLICY_LIST_ADMIN
70 Authentication Protocols Offset field and the Authentica‐
71 tion Protocols Length field indicate a list of authentica‐
72 tion protocols that were administratively set and used by
73 the driver.
74 NBFT_SECURITY_SEC_CHAN_NEG_MASK
76 Mask to get the Secure Channel Negotiation Required flag:
77 This field indicates whether secure channel negotiation
78 (e.g. TLS) is required.
79 NBFT_SECURITY_SEC_CHAN_NEG_NOT_SUPPORTED
81 Secure channel negotiation is not supported by the NVM sub‐
82 system.
83 NBFT_SECURITY_SEC_CHAN_NEG_NOT_REQUIRED
85 Secure channel negotiation is supported by the NVM subsys‐
86 tem and is not required.
87 NBFT_SECURITY_SEC_CHAN_NEG_REQUIRED
89 Secure channel negotiation is supported by the NVM subsys‐
90 tem and is required.
91 NBFT_SECURITY_SEC_POLICY_LIST_MASK
93 Mask to get the Security Policy List flag: This field indi‐
94 cates whether secure channel protocols were indicated by
95 policy from driver defaults or administrative configura‐
96 tion.
97 NBFT_SECURITY_SEC_POLICY_LIST_NOT_SUPPORTED
99 The Offset field and Length field in the Secure Channel Al‐
100 gorithm Heap Object Reference field are reserved.
101 NBFT_SECURITY_SEC_POLICY_LIST_DRIVER
103 The Heap Object specified by the Secure Channel Algorithm
104 Heap Object Reference field indicates a list of authentica‐
105 tion protocols used by the driver.
106 NBFT_SECURITY_SEC_POLICY_LIST_ADMIN
108 The Heap Object specified by the Secure Channel Algorithm
109 Heap Object Reference field indicates a list of authentica‐
110 tion protocols that were administratively set and used by
111 the driver.
112 NBFT_SECURITY_CIPHER_RESTRICTED
114 Cipher Suites Restricted by Policy: If set to 1h, then the
115 Cipher Suite Offset field and the Ciper Suite Length field
116 indicate a list of supported cipher suites by the driver.
117 If cleared to 0h, then the Cipher Suite Offset field and
118 the Cipher Suite Length field are reserved.
119 NBFT_SECURITY_AUTH_DH_GROUPS_RESTRICTED
121 Authentication DH Groups Restricted by Policy List: If set
122 to 1h, then connections shall use one of the authentication
123 DH groups in the Authentication DH Groups List is required.
124 If cleared to 0h, then no Authentication DH Groups List is
125 indicated and use of an authentication DH Group is not re‐
126 quired.
127 NBFT_SECURITY_SEC_HASH_FUNC_POLICY_LIST
129 Secure Hash Functions Policy List: If set to 1h, then con‐
130 nections shall use one of the secure hash functions in the
131 Secure Hash Functions Policy List is required. If cleared
132 to 0h, then no Secure Hash Functions Policy List is indi‐
133 cated and use of a secure hash function is not required.
134April 2023 enum nbft_security_flags libnvme(9)