1 #ifndef __NETNS_XFRM_H 2 #define __NETNS_XFRM_H 3 4 #include <linux/list.h> 5 #include <linux/wait.h> 6 #include <linux/workqueue.h> 7 #include <linux/xfrm.h> 8 #include <net/dst_ops.h> 9 #include <net/flowcache.h> 10 11 struct ctl_table_header; 12 13 struct xfrm_policy_hash { 14 struct hlist_head *table; 15 unsigned int hmask; 16 u8 dbits4; 17 u8 sbits4; 18 u8 dbits6; 19 u8 sbits6; 20 }; 21 22 struct xfrm_policy_hthresh { 23 struct work_struct work; 24 seqlock_t lock; 25 u8 lbits4; 26 u8 rbits4; 27 u8 lbits6; 28 u8 rbits6; 29 }; 30 31 struct netns_xfrm { 32 struct list_head state_all; 33 /* 34 * Hash table to find appropriate SA towards given target (endpoint of 35 * tunnel or destination of transport mode) allowed by selector. 36 * 37 * Main use is finding SA after policy selected tunnel or transport 38 * mode. Also, it can be used by ah/esp icmp error handler to find 39 * offending SA. 40 */ 41 struct hlist_head *state_bydst; 42 struct hlist_head *state_bysrc; 43 struct hlist_head *state_byspi; 44 unsigned int state_hmask; 45 unsigned int state_num; 46 struct work_struct state_hash_work; 47 struct hlist_head state_gc_list; 48 struct work_struct state_gc_work; 49 50 struct list_head policy_all; 51 struct hlist_head *policy_byidx; 52 unsigned int policy_idx_hmask; 53 struct hlist_head policy_inexact[XFRM_POLICY_MAX]; 54 struct xfrm_policy_hash policy_bydst[XFRM_POLICY_MAX]; 55 unsigned int policy_count[XFRM_POLICY_MAX * 2]; 56 struct work_struct policy_hash_work; 57 struct xfrm_policy_hthresh policy_hthresh; 58 59 60 struct sock *nlsk; 61 struct sock *nlsk_stash; 62 63 u32 sysctl_aevent_etime; 64 u32 sysctl_aevent_rseqth; 65 int sysctl_larval_drop; 66 u32 sysctl_acq_expires; 67 #ifdef CONFIG_SYSCTL 68 struct ctl_table_header *sysctl_hdr; 69 #endif 70 71 struct dst_ops xfrm4_dst_ops; 72 #if IS_ENABLED(CONFIG_IPV6) 73 struct dst_ops xfrm6_dst_ops; 74 #endif 75 spinlock_t xfrm_state_lock; 76 rwlock_t xfrm_policy_lock; 77 struct mutex xfrm_cfg_mutex; 78 79 /* flow cache part */ 80 struct flow_cache flow_cache_global; 81 atomic_t flow_cache_genid; 82 struct list_head flow_cache_gc_list; 83 atomic_t flow_cache_gc_count; 84 spinlock_t flow_cache_gc_lock; 85 struct work_struct flow_cache_gc_work; 86 struct work_struct flow_cache_flush_work; 87 struct mutex flow_flush_sem; 88 }; 89 90 #endif 91