1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #ifndef _INET_SPDSOCK_H 27 #define _INET_SPDSOCK_H 28 29 #pragma ident "%Z%%M% %I% %E% SMI" 30 31 #include <sys/netstack.h> 32 33 #ifdef __cplusplus 34 extern "C" { 35 #endif 36 37 /* 38 * SPDSOCK stack instances 39 */ 40 struct spd_stack { 41 netstack_t *spds_netstack; /* Common netstack */ 42 43 caddr_t spds_g_nd; 44 struct spdsockparam_s *spds_params; 45 kmutex_t spds_param_lock; 46 /* Protects the NDD variables. */ 47 48 /* 49 * To save algorithm update messages that are processed only after 50 * IPsec is loaded. 51 */ 52 struct spd_ext *spds_extv_algs[SPD_EXT_MAX + 1]; 53 mblk_t *spds_mp_algs; 54 boolean_t spds_algs_pending; 55 struct ipsec_alginfo 56 *spds_algs[IPSEC_NALGTYPES][IPSEC_MAX_ALGS]; 57 int spds_algs_exec_mode[IPSEC_NALGTYPES]; 58 kmutex_t spds_alg_lock; 59 }; 60 typedef struct spd_stack spd_stack_t; 61 62 63 /* 64 * spdsock (PF_POLICY) session state; one per open PF_POLICY socket. 65 * 66 * These are kept on a linked list by the spdsock module. 67 */ 68 69 typedef struct spdsock_s 70 { 71 uint_t spdsock_state; /* TLI gorp */ 72 73 minor_t spdsock_minor; 74 75 /* 76 * In-progress SPD_DUMP state, valid if spdsock_dump_req is non-NULL. 77 * 78 * spdsock_dump_req is the request which got us started. 79 * spdsock_dump_head is a reference to a policy head. 80 * spdsock_dump_cur_* tell us where we are in the policy walk, 81 * validated by looking at spdsock_dump_gen vs 82 * dump_head->iph_gen after taking a read lock on the policy 83 * head. 84 */ 85 mblk_t *spdsock_dump_req; 86 ipsec_policy_head_t *spdsock_dump_head; 87 uint64_t spdsock_dump_gen; 88 timeout_id_t spdsock_timeout; 89 mblk_t *spdsock_timeout_arg; 90 int spdsock_dump_cur_type; 91 int spdsock_dump_cur_af; 92 ipsec_policy_t *spdsock_dump_cur_rule; 93 uint32_t spdsock_dump_cur_chain; 94 uint32_t spdsock_dump_count; 95 spd_stack_t *spdsock_spds; 96 /* These are used for all-polhead dumps. */ 97 int spdsock_dump_tun_gen; 98 boolean_t spdsock_dump_active; 99 boolean_t spdsock_dump_tunnel; 100 int spdsock_dump_remaining_polheads; 101 char spdsock_dump_name[LIFNAMSIZ]; 102 } spdsock_t; 103 104 #define LOADCHECK_INTERVAL (drv_usectohz(30000)) 105 106 /* 107 * Socket option boilerplate code. 108 */ 109 110 extern optdb_obj_t spdsock_opt_obj; 111 extern uint_t spdsock_max_optsize; 112 113 extern int spdsock_opt_get(queue_t *, int, int, uchar_t *); 114 extern int spdsock_opt_set(queue_t *, uint_t, int, int, uint_t, uchar_t *, 115 uint_t *, uchar_t *, void *, cred_t *, 116 mblk_t *); 117 118 #ifdef __cplusplus 119 } 120 #endif 121 122 #endif /* _INET_SPDSOCK_H */ 123