xref: /illumos-gate/usr/src/uts/common/inet/ipsecesp.h (revision 9b009fc1b553084f6003dcd46b171890049de0ff)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #ifndef	_INET_IPSECESP_H
27 #define	_INET_IPSECESP_H
28 
29 #include <inet/ip.h>
30 #include <inet/ipdrop.h>
31 
32 #ifdef	__cplusplus
33 extern "C" {
34 #endif
35 
36 #ifdef _KERNEL
37 
38 /* Named Dispatch Parameter Management Structure */
39 typedef struct ipsecespparam_s {
40 	uint_t	ipsecesp_param_min;
41 	uint_t	ipsecesp_param_max;
42 	uint_t	ipsecesp_param_value;
43 	char	*ipsecesp_param_name;
44 } ipsecespparam_t;
45 
46 /*
47  * IPSECESP stack instances
48  */
49 struct ipsecesp_stack {
50 	netstack_t		*ipsecesp_netstack;	/* Common netstack */
51 
52 	caddr_t			ipsecesp_g_nd;
53 	struct ipsecespparam_s	*ipsecesp_params;
54 	kmutex_t		ipsecesp_param_lock;	/* Protects params */
55 
56 	/* Packet dropper for ESP drops. */
57 	ipdropper_t		esp_dropper;
58 
59 	kstat_t			*esp_ksp;
60 	struct esp_kstats_s	*esp_kstats;
61 
62 	/*
63 	 * Keysock instance of ESP.  There can be only one per stack instance.
64 	 * Use casptr() on this because I don't set it until KEYSOCK_HELLO
65 	 * comes down.
66 	 * Paired up with the esp_pfkey_q is the esp_event, which will age SAs.
67 	 */
68 	queue_t			*esp_pfkey_q;
69 	timeout_id_t		esp_event;
70 
71 	sadbp_t			esp_sadb;
72 };
73 typedef struct ipsecesp_stack ipsecesp_stack_t;
74 
75 /* Define *this* NDD variable here because we use it outside ESP proper. */
76 #define	ipsecesp_nat_keepalive_interval	\
77 	ipsecesp_params[14].ipsecesp_param_value
78 
79 #endif	/* _KERNEL */
80 
81 /*
82  * For now, only provide "aligned" version of header.
83  * If aligned version is needed, we'll go with the naming conventions then.
84  */
85 
86 typedef struct esph {
87 	uint32_t esph_spi;
88 	uint32_t esph_replay;
89 } esph_t;
90 
91 /* No need for "old" ESP, just point a uint32_t *. */
92 
93 #ifdef	__cplusplus
94 }
95 #endif
96 
97 #endif /* _INET_IPSECESP_H */
98