1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright (c) 2001, 2010, Oracle and/or its affiliates. All rights reserved. 23 */ 24 25 #ifndef _INET_SPDSOCK_H 26 #define _INET_SPDSOCK_H 27 28 #include <sys/netstack.h> 29 30 #ifdef __cplusplus 31 extern "C" { 32 #endif 33 34 /* 35 * SPDSOCK stack instances 36 */ 37 struct spd_stack { 38 netstack_t *spds_netstack; /* Common netstack */ 39 40 caddr_t spds_g_nd; 41 struct spdsockparam_s *spds_params; 42 kmutex_t spds_param_lock; 43 /* Protects the NDD variables. */ 44 45 /* 46 * To save algorithm update messages that are processed only after 47 * IPsec is loaded. 48 */ 49 struct spd_ext *spds_extv_algs[SPD_EXT_MAX + 1]; 50 mblk_t *spds_mp_algs; 51 struct ipsec_alginfo 52 *spds_algs[IPSEC_NALGTYPES][IPSEC_MAX_ALGS]; 53 int spds_algs_exec_mode[IPSEC_NALGTYPES]; 54 kmutex_t spds_alg_lock; 55 }; 56 typedef struct spd_stack spd_stack_t; 57 58 59 /* 60 * spdsock (PF_POLICY) session state; one per open PF_POLICY socket. 61 * 62 * These are kept on a linked list by the spdsock module. 63 */ 64 65 typedef struct spdsock_s 66 { 67 uint_t spdsock_state; /* TLI gorp */ 68 69 minor_t spdsock_minor; 70 71 /* 72 * In-progress SPD_DUMP state, valid if spdsock_dump_req is non-NULL. 73 * 74 * spdsock_dump_req is the request which got us started. 75 * spdsock_dump_head is a reference to a policy head. 76 * spdsock_dump_cur_* tell us where we are in the policy walk, 77 * validated by looking at spdsock_dump_gen vs 78 * dump_head->iph_gen after taking a read lock on the policy 79 * head. 80 */ 81 mblk_t *spdsock_dump_req; 82 ipsec_policy_head_t *spdsock_dump_head; 83 uint64_t spdsock_dump_gen; 84 timeout_id_t spdsock_timeout; 85 mblk_t *spdsock_timeout_arg; 86 int spdsock_dump_cur_type; 87 int spdsock_dump_cur_af; 88 ipsec_policy_t *spdsock_dump_cur_rule; 89 uint32_t spdsock_dump_cur_chain; 90 uint32_t spdsock_dump_count; 91 spd_stack_t *spdsock_spds; 92 /* These are used for all-polhead dumps. */ 93 int spdsock_dump_tun_gen; 94 boolean_t spdsock_dump_active; 95 boolean_t spdsock_dump_tunnel; 96 int spdsock_dump_remaining_polheads; 97 ipsec_tun_pol_t *spdsock_itp; 98 } spdsock_t; 99 100 #define LOADCHECK_INTERVAL (drv_usectohz(30000)) 101 102 /* 103 * Socket option boilerplate code. 104 */ 105 106 extern optdb_obj_t spdsock_opt_obj; 107 extern uint_t spdsock_max_optsize; 108 109 extern int spdsock_opt_get(queue_t *, int, int, uchar_t *); 110 extern int spdsock_opt_set(queue_t *, uint_t, int, int, uint_t, uchar_t *, 111 uint_t *, uchar_t *, void *, cred_t *); 112 113 #ifdef __cplusplus 114 } 115 #endif 116 117 #endif /* _INET_SPDSOCK_H */ 118