1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #ifndef _INET_IPTUN_IMPL_H 27 #define _INET_IPTUN_IMPL_H 28 29 #include <sys/sunddi.h> 30 #include <sys/sunldi.h> 31 #include <sys/stream.h> 32 #include <sys/modhash.h> 33 #include <sys/list.h> 34 #include <sys/dls.h> 35 #include <sys/mac.h> 36 #include <sys/dld_impl.h> 37 #include <sys/netstack.h> 38 #include <sys/sunddi.h> 39 #include <sys/sunldi.h> 40 #include <sys/socket.h> 41 #include <inet/iptun.h> 42 #include <inet/ipclassifier.h> 43 #include <inet/ipsec_impl.h> 44 #include <netinet/in.h> 45 46 #ifdef __cplusplus 47 extern "C" { 48 #endif 49 50 #ifdef _KERNEL 51 52 #define IPTUN_MODID 5134 53 #define IPTUN_DRIVER_NAME "iptun" 54 55 typedef struct iptun_encaplim_s { 56 ip6_dest_t iel_destopt; 57 struct ip6_opt_tunnel iel_telopt; 58 uint8_t iel_padn[3]; 59 } iptun_encaplim_t; 60 61 typedef struct iptun_ipv6hdrs_s { 62 ip6_t it6h_ip6h; 63 iptun_encaplim_t it6h_encaplim; 64 } iptun_ipv6hdrs_t; 65 66 typedef union iptun_header_u { 67 ipha_t ihu_hdr4; 68 iptun_ipv6hdrs_t ihu_hdr6; 69 } iptun_header_t; 70 71 typedef struct iptun_addr_s { 72 sa_family_t ia_family; 73 union { 74 ipaddr_t iau_addr4; 75 in6_addr_t iau_addr6; 76 } ia_addr; 77 } iptun_addr_t; 78 79 typedef struct iptun_typeinfo { 80 iptun_type_t iti_type; 81 const char *iti_ident; /* MAC-Type plugin identifier */ 82 uint_t iti_ipvers; /* outer header IP version */ 83 uint32_t iti_minmtu; /* minimum possible tunnel MTU */ 84 uint32_t iti_maxmtu; /* maximum possible tunnel MTU */ 85 boolean_t iti_hasraddr; /* has a remote adress */ 86 } iptun_typeinfo_t; 87 88 /* 89 * An iptun_t represents an IP tunnel link. The iptun_lock protects the 90 * integrity of all fields except statistics which are updated atomically, and 91 * is also used by iptun_upcall_cv and iptun_enter_cv. Access to all fields 92 * must be done under the protection of iptun_lock with the following 93 * exceptions: 94 * 95 * The datapath reads certain fields without locks for performance reasons. 96 * 97 * - IPTUN_IS_RUNNING() is used (read access to iptun_flags IPTUN_BOUND and 98 * IPTUN_MAC_STARTED) to drop packets if they're sent while the tunnel is 99 * not running. This is harmless as the worst case scenario is that a 100 * packet will be needlessly sent down to ip and be dropped due to an 101 * unspecified source or destination. 102 */ 103 typedef struct iptun_s { 104 datalink_id_t iptun_linkid; 105 kmutex_t iptun_lock; 106 kcondvar_t iptun_upcall_cv; 107 kcondvar_t iptun_enter_cv; 108 uint32_t iptun_flags; 109 list_node_t iptun_link; 110 mac_handle_t iptun_mh; 111 conn_t *iptun_connp; 112 zoneid_t iptun_zoneid; 113 netstack_t *iptun_ns; 114 struct ipsec_tun_pol_s *iptun_itp; 115 iptun_typeinfo_t *iptun_typeinfo; 116 uint32_t iptun_mtu; 117 uint32_t iptun_dpmtu; /* destination path MTU */ 118 uint8_t iptun_hoplimit; 119 uint8_t iptun_encaplimit; 120 iptun_addr_t iptun_laddr; /* local address */ 121 iptun_addr_t iptun_raddr; /* remote address */ 122 iptun_header_t iptun_header; 123 size_t iptun_header_size; 124 ipsec_req_t iptun_simple_policy; 125 126 /* statistics */ 127 uint64_t iptun_ierrors; 128 uint64_t iptun_oerrors; 129 uint64_t iptun_rbytes; 130 uint64_t iptun_obytes; 131 uint64_t iptun_ipackets; 132 uint64_t iptun_opackets; 133 uint64_t iptun_norcvbuf; 134 uint64_t iptun_noxmtbuf; 135 uint64_t iptun_taskq_fail; 136 } iptun_t; 137 138 #define iptun_iptuns iptun_ns->netstack_iptun 139 #define iptun_laddr4 iptun_laddr.ia_addr.iau_addr4 140 #define iptun_laddr6 iptun_laddr.ia_addr.iau_addr6 141 #define iptun_raddr4 iptun_raddr.ia_addr.iau_addr4 142 #define iptun_raddr6 iptun_raddr.ia_addr.iau_addr6 143 #define iptun_header4 iptun_header.ihu_hdr4 144 #define iptun_header6 iptun_header.ihu_hdr6 145 146 /* iptun_flags */ 147 #define IPTUN_BOUND 0x0001 /* tunnel address(es) bound with ip */ 148 #define IPTUN_LADDR 0x0002 /* local address is set */ 149 #define IPTUN_RADDR 0x0004 /* remote address is set */ 150 #define IPTUN_MAC_REGISTERED 0x0008 /* registered with the mac module */ 151 #define IPTUN_MAC_STARTED 0x0010 /* iptun_m_start() has been called */ 152 #define IPTUN_HASH_INSERTED 0x0020 /* iptun_t in iptun_hash */ 153 #define IPTUN_FIXED_MTU 0x0040 /* MTU was set using mtu link prop */ 154 #define IPTUN_IMPLICIT 0x0080 /* implicitly created IP tunnel */ 155 #define IPTUN_SIMPLE_POLICY 0x0100 /* cached iptun_simple_policy */ 156 #define IPTUN_UPCALL_PENDING 0x0200 /* upcall to mac module in progress */ 157 #define IPTUN_DELETE_PENDING 0x0400 /* iptun_delete() is issuing upcalls */ 158 #define IPTUN_CONDEMNED 0x0800 /* iptun_t is to be freed */ 159 160 #define IS_IPTUN_RUNNING(iptun) \ 161 ((iptun->iptun_flags & (IPTUN_BOUND | IPTUN_MAC_STARTED)) == \ 162 (IPTUN_BOUND | IPTUN_MAC_STARTED)) 163 164 /* 165 * iptuns_lock protects iptuns_iptunlist. 166 */ 167 typedef struct iptun_stack { 168 netstack_t *iptuns_netstack; /* Common netstack */ 169 kmutex_t iptuns_lock; 170 list_t iptuns_iptunlist; /* list of tunnels in this stack. */ 171 ipaddr_t iptuns_relay_rtr_addr; 172 } iptun_stack_t; 173 174 extern dev_info_t *iptun_dip; 175 extern mod_hash_t *iptun_hash; 176 extern kmem_cache_t *iptun_cache; 177 extern ddi_taskq_t *iptun_taskq; 178 extern ldi_ident_t iptun_ldi_ident; 179 180 extern int iptun_ioc_init(void); 181 extern void iptun_ioc_fini(void); 182 extern uint_t iptun_count(void); 183 extern int iptun_create(iptun_kparams_t *, cred_t *); 184 extern int iptun_delete(datalink_id_t, cred_t *); 185 extern int iptun_modify(const iptun_kparams_t *, cred_t *); 186 extern int iptun_info(iptun_kparams_t *, cred_t *); 187 extern int iptun_set_6to4relay(netstack_t *, ipaddr_t); 188 extern void iptun_get_6to4relay(netstack_t *, ipaddr_t *); 189 extern void iptun_set_policy(datalink_id_t, ipsec_tun_pol_t *); 190 191 #endif /* _KERNEL */ 192 193 #ifdef __cplusplus 194 } 195 #endif 196 197 #endif /* _INET_IPTUN_IMPL_H */ 198