/* * CDDL HEADER START * * The contents of this file are subject to the terms of the * Common Development and Distribution License (the "License"). * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. * See the License for the specific language governing permissions * and limitations under the License. * * When distributing Covered Code, include this CDDL HEADER in each * file and include the License file at usr/src/OPENSOLARIS.LICENSE. * If applicable, add the following below this CDDL HEADER, with the * fields enclosed by brackets "[]" replaced with your own identifying * information: Portions Copyright [yyyy] [name of copyright owner] * * CDDL HEADER END */ /* * Copyright 2008 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ #ifndef _SYS_NETSTACK_H #define _SYS_NETSTACK_H #include #ifdef __cplusplus extern "C" { #endif /* * This allows various pieces in and around IP to have a separate instance * for each instance of IP. This is used to support zones that have an * exclusive stack. * Pieces of software far removed from IP (e.g., kernel software * sitting on top of TCP or UDP) probably should not use the netstack * support; if such software wants to support separate zones it * can do that using the zones framework (zone_key_create() etc) * whether there is a shared IP stack or and exclusive IP stack underneath. */ /* * Each netstack has an identifier. We reuse the zoneid allocation for * this but have a separate typedef. Thus the shared stack (used by * the global zone and other shared stack zones) have a zero ID, and * the exclusive stacks have a netstackid that is the same as their zoneid. */ typedef id_t netstackid_t; #define GLOBAL_NETSTACKID 0 /* * One for each module which uses netstack support. * Used in netstack_register(). * * The order of these is important for some modules both for * the creation (which done in ascending order) and destruction (which is * done ine in decending order). */ #define NS_ALL -1 /* Match all */ #define NS_STR 0 /* autopush list etc */ #define NS_HOOK 1 #define NS_NETI 2 #define NS_ARP 3 #define NS_IP 4 #define NS_ICMP 5 #define NS_UDP 6 #define NS_TCP 7 #define NS_SCTP 8 #define NS_RTS 9 #define NS_IPSEC 10 #define NS_KEYSOCK 11 #define NS_SPDSOCK 12 #define NS_IPSECAH 13 #define NS_IPSECESP 14 #define NS_TUN 15 #define NS_MAX (NS_TUN+1) /* * State maintained for each module which tracks the state of * the create, shutdown and destroy callbacks. * * Keeps track of pending actions to avoid holding locks when * calling into the create/shutdown/destroy functions in the module. */ #ifdef _KERNEL typedef struct { uint16_t nms_flags; kcondvar_t nms_cv; } nm_state_t; /* * nms_flags */ #define NSS_CREATE_NEEDED 0x0001 #define NSS_CREATE_INPROGRESS 0x0002 #define NSS_CREATE_COMPLETED 0x0004 #define NSS_SHUTDOWN_NEEDED 0x0010 #define NSS_SHUTDOWN_INPROGRESS 0x0020 #define NSS_SHUTDOWN_COMPLETED 0x0040 #define NSS_DESTROY_NEEDED 0x0100 #define NSS_DESTROY_INPROGRESS 0x0200 #define NSS_DESTROY_COMPLETED 0x0400 #define NSS_CREATE_ALL \ (NSS_CREATE_NEEDED|NSS_CREATE_INPROGRESS|NSS_CREATE_COMPLETED) #define NSS_SHUTDOWN_ALL \ (NSS_SHUTDOWN_NEEDED|NSS_SHUTDOWN_INPROGRESS|NSS_SHUTDOWN_COMPLETED) #define NSS_DESTROY_ALL \ (NSS_DESTROY_NEEDED|NSS_DESTROY_INPROGRESS|NSS_DESTROY_COMPLETED) #define NSS_ALL_INPROGRESS \ (NSS_CREATE_INPROGRESS|NSS_SHUTDOWN_INPROGRESS|NSS_DESTROY_INPROGRESS) #else /* User-level compile like IP Filter needs a netstack_t. Dummy */ typedef uint_t nm_state_t; #endif /* _KERNEL */ /* * One for every netstack in the system. * We use a union so that the compilar and lint can provide type checking - * in principle we could have * #define netstack_arp netstack_modules[NS_ARP] * etc, but that would imply void * types hence no type checking by the * compiler. * * All the fields in netstack_t except netstack_next are protected by * netstack_lock. netstack_next is protected by netstack_g_lock. */ struct netstack { union { void *nu_modules[NS_MAX]; struct { struct str_stack *nu_str; struct hook_stack *nu_hook; struct neti_stack *nu_neti; struct arp_stack *nu_arp; struct ip_stack *nu_ip; struct icmp_stack *nu_icmp; struct udp_stack *nu_udp; struct tcp_stack *nu_tcp; struct sctp_stack *nu_sctp; struct rts_stack *nu_rts; struct ipsec_stack *nu_ipsec; struct keysock_stack *nu_keysock; struct spd_stack *nu_spdsock; struct ipsecah_stack *nu_ipsecah; struct ipsecesp_stack *nu_ipsecesp; struct tun_stack *nu_tun; } nu_s; } netstack_u; #define netstack_modules netstack_u.nu_modules #define netstack_str netstack_u.nu_s.nu_str #define netstack_hook netstack_u.nu_s.nu_hook #define netstack_neti netstack_u.nu_s.nu_neti #define netstack_arp netstack_u.nu_s.nu_arp #define netstack_ip netstack_u.nu_s.nu_ip #define netstack_icmp netstack_u.nu_s.nu_icmp #define netstack_udp netstack_u.nu_s.nu_udp #define netstack_tcp netstack_u.nu_s.nu_tcp #define netstack_sctp netstack_u.nu_s.nu_sctp #define netstack_rts netstack_u.nu_s.nu_rts #define netstack_ipsec netstack_u.nu_s.nu_ipsec #define netstack_keysock netstack_u.nu_s.nu_keysock #define netstack_spdsock netstack_u.nu_s.nu_spdsock #define netstack_ipsecah netstack_u.nu_s.nu_ipsecah #define netstack_ipsecesp netstack_u.nu_s.nu_ipsecesp #define netstack_tun netstack_u.nu_s.nu_tun nm_state_t netstack_m_state[NS_MAX]; /* module state */ kmutex_t netstack_lock; struct netstack *netstack_next; netstackid_t netstack_stackid; int netstack_numzones; /* Number of zones using this */ int netstack_refcnt; /* Number of hold-rele */ int netstack_flags; /* See below */ #ifdef _KERNEL /* Needed to ensure that we run the callback functions in order */ kcondvar_t netstack_cv; #endif }; typedef struct netstack netstack_t; /* netstack_flags values */ #define NSF_UNINIT 0x01 /* Not initialized */ #define NSF_CLOSING 0x02 /* Going away */ #define NSF_ZONE_CREATE 0x04 /* create callbacks inprog */ #define NSF_ZONE_SHUTDOWN 0x08 /* shutdown callbacks */ #define NSF_ZONE_DESTROY 0x10 /* destroy callbacks */ #define NSF_ZONE_INPROGRESS \ (NSF_ZONE_CREATE|NSF_ZONE_SHUTDOWN|NSF_ZONE_DESTROY) /* * One for each of the NS_* values. */ struct netstack_registry { int nr_flags; /* 0 if nothing registered */ void *(*nr_create)(netstackid_t, netstack_t *); void (*nr_shutdown)(netstackid_t, void *); void (*nr_destroy)(netstackid_t, void *); }; /* nr_flags values */ #define NRF_REGISTERED 0x01 #define NRF_DYING 0x02 /* No new creates */ /* * To support kstat_create_netstack() using kstat_add_zone we need * to track both * - all zoneids that use the global/shared stack * - all kstats that have been added for the shared stack */ extern void netstack_init(void); extern void netstack_hold(netstack_t *); extern void netstack_rele(netstack_t *); extern netstack_t *netstack_find_by_cred(const cred_t *); extern netstack_t *netstack_find_by_stackid(netstackid_t); extern netstack_t *netstack_find_by_zoneid(zoneid_t); extern zoneid_t netstackid_to_zoneid(netstackid_t); extern netstackid_t zoneid_to_netstackid(zoneid_t); extern netstack_t *netstack_get_current(void); /* * Register interest in changes to the set of netstacks. * The createfn and destroyfn are required, but the shutdownfn can be * NULL. * Note that due to the current zsd implementation, when the create * function is called the zone isn't fully present, thus functions * like zone_find_by_* will fail, hence the create function can not * use many zones kernel functions including zcmn_err(). */ extern void netstack_register(int, void *(*)(netstackid_t, netstack_t *), void (*)(netstackid_t, void *), void (*)(netstackid_t, void *)); extern void netstack_unregister(int); extern kstat_t *kstat_create_netstack(char *, int, char *, char *, uchar_t, uint_t, uchar_t, netstackid_t); extern void kstat_delete_netstack(kstat_t *, netstackid_t); /* * Simple support for walking all the netstacks. * The caller of netstack_next() needs to call netstack_rele() when * done with a netstack. */ typedef int netstack_handle_t; extern void netstack_next_init(netstack_handle_t *); extern void netstack_next_fini(netstack_handle_t *); extern netstack_t *netstack_next(netstack_handle_t *); #ifdef __cplusplus } #endif #endif /* _SYS_NETSTACK_H */