xref: /illumos-gate/usr/src/uts/common/inet/spdsock.h (revision 69a119caa6570c7077699161b7c28b6ee9f8b0f4)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright (c) 2001, 2010, Oracle and/or its affiliates. All rights reserved.
23  */
24 
25 #ifndef	_INET_SPDSOCK_H
26 #define	_INET_SPDSOCK_H
27 
28 #include <sys/netstack.h>
29 
30 #ifdef	__cplusplus
31 extern "C" {
32 #endif
33 
34 /*
35  * SPDSOCK stack instances
36  */
37 struct spd_stack {
38 	netstack_t		*spds_netstack;	/* Common netstack */
39 
40 	caddr_t			spds_g_nd;
41 	struct spdsockparam_s	*spds_params;
42 	kmutex_t		spds_param_lock;
43 				/* Protects the NDD variables. */
44 
45 	/*
46 	 * To save algorithm update messages that are processed only after
47 	 * IPsec is loaded.
48 	 */
49 	struct spd_ext		*spds_extv_algs[SPD_EXT_MAX + 1];
50 	mblk_t			*spds_mp_algs;
51 	struct ipsec_alginfo
52 			*spds_algs[IPSEC_NALGTYPES][IPSEC_MAX_ALGS];
53 	int		spds_algs_exec_mode[IPSEC_NALGTYPES];
54 	kmutex_t		spds_alg_lock;
55 };
56 typedef struct spd_stack spd_stack_t;
57 
58 
59 /*
60  * spdsock (PF_POLICY) session state; one per open PF_POLICY socket.
61  *
62  * These are kept on a linked list by the spdsock module.
63  */
64 
65 typedef struct spdsock_s
66 {
67 	uint_t	spdsock_state;	/* TLI gorp */
68 
69 	minor_t spdsock_minor;
70 
71 	/*
72 	 * In-progress SPD_DUMP state, valid if spdsock_dump_req is non-NULL.
73 	 *
74 	 * spdsock_dump_req is the request which got us started.
75 	 * spdsock_dump_head is a reference to a policy head.
76 	 * spdsock_dump_cur_* tell us where we are in the policy walk,
77 	 * validated by looking at spdsock_dump_gen vs
78 	 * dump_head->iph_gen after taking a read lock on the policy
79 	 * head.
80 	 */
81 	mblk_t			*spdsock_dump_req;
82 	ipsec_policy_head_t 	*spdsock_dump_head;
83 	uint64_t 		spdsock_dump_gen;
84 	timeout_id_t		spdsock_timeout;
85 	mblk_t			*spdsock_timeout_arg;
86 	int			spdsock_dump_cur_type;
87 	int			spdsock_dump_cur_af;
88 	ipsec_policy_t 		*spdsock_dump_cur_rule;
89 	uint32_t		spdsock_dump_cur_chain;
90 	uint32_t		spdsock_dump_count;
91 	spd_stack_t		*spdsock_spds;
92 	/* These are used for all-polhead dumps. */
93 	int			spdsock_dump_tun_gen;
94 	boolean_t		spdsock_dump_active;
95 	boolean_t		spdsock_dump_tunnel;
96 	int			spdsock_dump_remaining_polheads;
97 	ipsec_tun_pol_t		*spdsock_itp;
98 } spdsock_t;
99 
100 #define	LOADCHECK_INTERVAL	(drv_usectohz(30000))
101 
102 /*
103  * Socket option boilerplate code.
104  */
105 
106 extern optdb_obj_t	spdsock_opt_obj;
107 extern uint_t		spdsock_max_optsize;
108 
109 extern int spdsock_opt_get(queue_t *, int, int, uchar_t *);
110 extern int spdsock_opt_set(queue_t *, uint_t, int, int, uint_t, uchar_t *,
111     uint_t *, uchar_t *, void *, cred_t *);
112 
113 #ifdef	__cplusplus
114 }
115 #endif
116 
117 #endif /* _INET_SPDSOCK_H */
118