xref: /titanic_41/usr/src/uts/common/inet/keysock.h (revision eb82ff87b34e625264561b2d267577cf9821dab0) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #ifndef	_INET_KEYSOCK_H
27 #define	_INET_KEYSOCK_H
28 
29 #ifdef	__cplusplus
30 extern "C" {
31 #endif
32 
33 extern int keysock_opt_get(queue_t *, int, int, uchar_t *);
34 extern int keysock_opt_set(queue_t *, uint_t, int, int, uint_t,
35     uchar_t *, uint_t *, uchar_t *, void *, cred_t *cr);
36 
37 /*
38  * Object to represent database of options to search passed to
39  * {sock,tpi}optcom_req() interface routine to take care of option
40  * management and associated methods.
41  */
42 
43 extern optdb_obj_t	keysock_opt_obj;
44 extern uint_t		keysock_max_optsize;
45 
46 /*
47  * KEYSOCK stack instances
48  */
49 struct keysock_stack {
50 	netstack_t		*keystack_netstack;	/* Common netstack */
51 	/*
52 	 * keysock_plumbed: zero if plumb not attempted, positive if it
53 	 * succeeded,  negative if it failed.
54 	 */
55 	int			keystack_plumbed;
56 	caddr_t			keystack_g_nd;
57 	struct keysockparam_s	*keystack_params;
58 
59 	kmutex_t		keystack_param_lock;
60 				/* Protects the NDD variables. */
61 
62 	/* List of open PF_KEY sockets, protected by keysock_list_lock. */
63 	kmutex_t		keystack_list_lock;
64 	struct keysock_s	*keystack_list;
65 
66 	/*
67 	 * Consumers table. If an entry is NULL, keysock maintains
68 	 * the table.
69 	 */
70 	kmutex_t		keystack_consumers_lock;
71 
72 #define	KEYSOCK_MAX_CONSUMERS 256
73 	struct keysock_consumer_s *keystack_consumers[KEYSOCK_MAX_CONSUMERS];
74 
75 	/*
76 	 * State for flush/dump.  This would normally be a boolean_t, but
77 	 * cas32() works best for a known 32-bit quantity.
78 	 */
79 	uint32_t		keystack_flushdump;
80 	int			keystack_flushdump_errno;
81 
82 	/*
83 	 * This integer counts the number of extended REGISTERed sockets.  This
84 	 * determines if we should send extended REGISTERs.
85 	 */
86 	uint32_t		keystack_num_extended;
87 
88 	/*
89 	 * Global sequence space for SADB_ACQUIRE messages of any sort.
90 	 */
91 	uint32_t		keystack_acquire_seq;
92 };
93 typedef struct keysock_stack keysock_stack_t;
94 
95 /*
96  * keysock session state (one per open PF_KEY socket (i.e. as a driver))
97  *
98  * I keep these in a linked list, and assign a monotonically increasing
99  * serial ## (which is also the minor number).
100  */
101 
102 typedef struct keysock_s {
103 	/* Protected by keysock_list_lock. */
104 	struct keysock_s *keysock_next; /* Next in list */
105 	struct keysock_s **keysock_ptpn; /* Pointer to previous next */
106 
107 	kmutex_t keysock_lock; /* Protects the following. */
108 	queue_t *keysock_rq;   /* Read queue - putnext() to userland */
109 	queue_t *keysock_wq;   /* Write queue */
110 
111 	uint_t keysock_state;
112 	uint_t keysock_flags;
113 	/* If SADB_SATYPE_MAX (in net/pfkeyv2.h) > 255, rewhack this. */
114 	uint64_t keysock_registered[4]; /* Registered types for this socket. */
115 
116 	/* Also protected by keysock_list_lock. */
117 	minor_t keysock_serial; /* Serial number of this socket. */
118 	keysock_stack_t		*keysock_keystack;
119 } keysock_t;
120 
121 #define	KEYSOCK_NOLOOP	0x1	/* Don't loopback messages (no replies). */
122 #define	KEYSOCK_PROMISC	0x2	/* Give me all outbound messages. */
123 				/* DANGER:	Setting this requires EXTRA */
124 				/* 		privilege on an MLS box. */
125 #define	KEYSOCK_EXTENDED 0x4	/* Extended REGISTER received. */
126 
127 /* My apologies for the ugliness of this macro.  And using constants. */
128 #define	KEYSOCK_ISREG(ks, satype) (((ks)->keysock_registered[(satype) >> 3]) & \
129 	(1 << ((satype) & 63)))
130 #define	KEYSOCK_SETREG(ks, satype) (ks)->keysock_registered[(satype) >> 3] |= \
131 	(1 << ((satype) & 63))
132 
133 /*
134  * Keysock consumers (i.e. AH, ESP), in array based on sadb_msg_satype.
135  * For module instances.
136  */
137 
138 typedef struct keysock_consumer_s {
139 	kmutex_t kc_lock;	/* Protects instance. */
140 
141 	queue_t *kc_rq;		/* Read queue, requests from AH, ESP. */
142 	queue_t *kc_wq;		/* Write queue, putnext down */
143 
144 	/* Other goodies as a need them. */
145 	uint8_t			kc_sa_type;	/* What sort of SA am I? */
146 	uint_t			kc_flags;
147 	keysock_stack_t		*kc_keystack;
148 } keysock_consumer_t;
149 
150 /* Can only set flags when keysock_consumer_lock is held. */
151 #define	KC_INTERNAL 0x1		/* Consumer maintained by keysock itself. */
152 #define	KC_FLUSHING 0x2		/* SADB_FLUSH pending on this consumer. */
153 
154 extern int keysock_plumb_ipsec(netstack_t *);
155 
156 #ifdef	__cplusplus
157 }
158 #endif
159 
160 #endif /* _INET_KEYSOCK_H */
161