17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 58810c16bSdanmcd * Common Development and Distribution License (the "License"). 68810c16bSdanmcd * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22*134a1f4eSCasper H.S. Dik * Copyright (c) 2001, 2010, Oracle and/or its affiliates. All rights reserved. 237c478bd9Sstevel@tonic-gate */ 247c478bd9Sstevel@tonic-gate 257c478bd9Sstevel@tonic-gate #ifndef _INET_SPDSOCK_H 267c478bd9Sstevel@tonic-gate #define _INET_SPDSOCK_H 277c478bd9Sstevel@tonic-gate 28f4b3ec61Sdh155122 #include <sys/netstack.h> 29f4b3ec61Sdh155122 307c478bd9Sstevel@tonic-gate #ifdef __cplusplus 317c478bd9Sstevel@tonic-gate extern "C" { 327c478bd9Sstevel@tonic-gate #endif 337c478bd9Sstevel@tonic-gate 347c478bd9Sstevel@tonic-gate /* 35f4b3ec61Sdh155122 * SPDSOCK stack instances 36f4b3ec61Sdh155122 */ 37f4b3ec61Sdh155122 struct spd_stack { 38f4b3ec61Sdh155122 netstack_t *spds_netstack; /* Common netstack */ 39f4b3ec61Sdh155122 40f4b3ec61Sdh155122 caddr_t spds_g_nd; 41f4b3ec61Sdh155122 struct spdsockparam_s *spds_params; 42f4b3ec61Sdh155122 kmutex_t spds_param_lock; 43f4b3ec61Sdh155122 /* Protects the NDD variables. */ 44f4b3ec61Sdh155122 45f4b3ec61Sdh155122 /* 46f4b3ec61Sdh155122 * To save algorithm update messages that are processed only after 47f4b3ec61Sdh155122 * IPsec is loaded. 48f4b3ec61Sdh155122 */ 49f4b3ec61Sdh155122 struct spd_ext *spds_extv_algs[SPD_EXT_MAX + 1]; 50f4b3ec61Sdh155122 mblk_t *spds_mp_algs; 51f4b3ec61Sdh155122 struct ipsec_alginfo 52f4b3ec61Sdh155122 *spds_algs[IPSEC_NALGTYPES][IPSEC_MAX_ALGS]; 53f4b3ec61Sdh155122 int spds_algs_exec_mode[IPSEC_NALGTYPES]; 54f4b3ec61Sdh155122 kmutex_t spds_alg_lock; 55f4b3ec61Sdh155122 }; 56f4b3ec61Sdh155122 typedef struct spd_stack spd_stack_t; 57f4b3ec61Sdh155122 58f4b3ec61Sdh155122 59f4b3ec61Sdh155122 /* 607c478bd9Sstevel@tonic-gate * spdsock (PF_POLICY) session state; one per open PF_POLICY socket. 617c478bd9Sstevel@tonic-gate * 627c478bd9Sstevel@tonic-gate * These are kept on a linked list by the spdsock module. 637c478bd9Sstevel@tonic-gate */ 647c478bd9Sstevel@tonic-gate 657c478bd9Sstevel@tonic-gate typedef struct spdsock_s 667c478bd9Sstevel@tonic-gate { 677c478bd9Sstevel@tonic-gate uint_t spdsock_state; /* TLI gorp */ 687c478bd9Sstevel@tonic-gate 697c478bd9Sstevel@tonic-gate minor_t spdsock_minor; 707c478bd9Sstevel@tonic-gate 717c478bd9Sstevel@tonic-gate /* 727c478bd9Sstevel@tonic-gate * In-progress SPD_DUMP state, valid if spdsock_dump_req is non-NULL. 737c478bd9Sstevel@tonic-gate * 747c478bd9Sstevel@tonic-gate * spdsock_dump_req is the request which got us started. 757c478bd9Sstevel@tonic-gate * spdsock_dump_head is a reference to a policy head. 767c478bd9Sstevel@tonic-gate * spdsock_dump_cur_* tell us where we are in the policy walk, 777c478bd9Sstevel@tonic-gate * validated by looking at spdsock_dump_gen vs 787c478bd9Sstevel@tonic-gate * dump_head->iph_gen after taking a read lock on the policy 797c478bd9Sstevel@tonic-gate * head. 807c478bd9Sstevel@tonic-gate */ 817c478bd9Sstevel@tonic-gate mblk_t *spdsock_dump_req; 827c478bd9Sstevel@tonic-gate ipsec_policy_head_t *spdsock_dump_head; 837c478bd9Sstevel@tonic-gate uint64_t spdsock_dump_gen; 847c478bd9Sstevel@tonic-gate timeout_id_t spdsock_timeout; 857c478bd9Sstevel@tonic-gate mblk_t *spdsock_timeout_arg; 867c478bd9Sstevel@tonic-gate int spdsock_dump_cur_type; 877c478bd9Sstevel@tonic-gate int spdsock_dump_cur_af; 887c478bd9Sstevel@tonic-gate ipsec_policy_t *spdsock_dump_cur_rule; 896a182920Ssommerfe uint32_t spdsock_dump_cur_chain; 907c478bd9Sstevel@tonic-gate uint32_t spdsock_dump_count; 91f4b3ec61Sdh155122 spd_stack_t *spdsock_spds; 928810c16bSdanmcd /* These are used for all-polhead dumps. */ 938810c16bSdanmcd int spdsock_dump_tun_gen; 948810c16bSdanmcd boolean_t spdsock_dump_active; 958810c16bSdanmcd boolean_t spdsock_dump_tunnel; 968810c16bSdanmcd int spdsock_dump_remaining_polheads; 97db061fdfSdanmcd ipsec_tun_pol_t *spdsock_itp; 987c478bd9Sstevel@tonic-gate } spdsock_t; 997c478bd9Sstevel@tonic-gate 1007c478bd9Sstevel@tonic-gate #define LOADCHECK_INTERVAL (drv_usectohz(30000)) 1017c478bd9Sstevel@tonic-gate 1027c478bd9Sstevel@tonic-gate /* 1037c478bd9Sstevel@tonic-gate * Socket option boilerplate code. 1047c478bd9Sstevel@tonic-gate */ 1057c478bd9Sstevel@tonic-gate 1067c478bd9Sstevel@tonic-gate extern optdb_obj_t spdsock_opt_obj; 1077c478bd9Sstevel@tonic-gate extern uint_t spdsock_max_optsize; 1087c478bd9Sstevel@tonic-gate 1097c478bd9Sstevel@tonic-gate extern int spdsock_opt_get(queue_t *, int, int, uchar_t *); 1107c478bd9Sstevel@tonic-gate extern int spdsock_opt_set(queue_t *, uint_t, int, int, uint_t, uchar_t *, 111bd670b35SErik Nordmark uint_t *, uchar_t *, void *, cred_t *); 1127c478bd9Sstevel@tonic-gate 1137c478bd9Sstevel@tonic-gate #ifdef __cplusplus 1147c478bd9Sstevel@tonic-gate } 1157c478bd9Sstevel@tonic-gate #endif 1167c478bd9Sstevel@tonic-gate 1177c478bd9Sstevel@tonic-gate #endif /* _INET_SPDSOCK_H */ 118