| Alexey Dobriyan | d62ddc2 | 2008-11-25 17:14:31 -0800 | [diff] [blame] | 1 | #ifndef __NETNS_XFRM_H |
| 2 | #define __NETNS_XFRM_H |
| 3 | |
| Alexey Dobriyan | 9d4139c | 2008-11-25 17:16:11 -0800 | [diff] [blame] | 4 | #include <linux/list.h> |
| Alexey Dobriyan | 50a3065 | 2008-11-25 17:21:01 -0800 | [diff] [blame] | 5 | #include <linux/wait.h> |
| Alexey Dobriyan | 6308273 | 2008-11-25 17:19:07 -0800 | [diff] [blame] | 6 | #include <linux/workqueue.h> |
| Alexey Dobriyan | 8b18f8e | 2008-11-25 17:23:26 -0800 | [diff] [blame] | 7 | #include <linux/xfrm.h> |
| Alexey Dobriyan | d7c7544 | 2010-01-24 22:47:53 -0800 | [diff] [blame] | 8 | #include <net/dst_ops.h> |
| Alexey Dobriyan | 9d4139c | 2008-11-25 17:16:11 -0800 | [diff] [blame] | 9 | |
| Alexey Dobriyan | b27aead | 2008-11-25 18:00:48 -0800 | [diff] [blame] | 10 | struct ctl_table_header; |
| 11 | |
| Alexey Dobriyan | a35f6c5 | 2008-11-25 17:23:48 -0800 | [diff] [blame] | 12 | struct xfrm_policy_hash { |
| Florian Westphal | a7c44247 | 2016-08-11 15:17:56 +0200 | [diff] [blame] | 13 | struct hlist_head __rcu *table; |
| Alexey Dobriyan | a35f6c5 | 2008-11-25 17:23:48 -0800 | [diff] [blame] | 14 | unsigned int hmask; |
| Christophe Gouault | b58555f | 2014-08-29 16:16:04 +0200 | [diff] [blame] | 15 | u8 dbits4; |
| 16 | u8 sbits4; |
| 17 | u8 dbits6; |
| 18 | u8 sbits6; |
| Alexey Dobriyan | a35f6c5 | 2008-11-25 17:23:48 -0800 | [diff] [blame] | 19 | }; |
| 20 | |
| Christophe Gouault | 880a6fa | 2014-08-29 16:16:05 +0200 | [diff] [blame] | 21 | struct xfrm_policy_hthresh { |
| 22 | struct work_struct work; |
| 23 | seqlock_t lock; |
| 24 | u8 lbits4; |
| 25 | u8 rbits4; |
| 26 | u8 lbits6; |
| 27 | u8 rbits6; |
| 28 | }; |
| 29 | |
| Alexey Dobriyan | d62ddc2 | 2008-11-25 17:14:31 -0800 | [diff] [blame] | 30 | struct netns_xfrm { |
| Alexey Dobriyan | 9d4139c | 2008-11-25 17:16:11 -0800 | [diff] [blame] | 31 | struct list_head state_all; |
| Alexey Dobriyan | 73d189d | 2008-11-25 17:16:58 -0800 | [diff] [blame] | 32 | /* |
| 33 | * Hash table to find appropriate SA towards given target (endpoint of |
| 34 | * tunnel or destination of transport mode) allowed by selector. |
| 35 | * |
| 36 | * Main use is finding SA after policy selected tunnel or transport |
| 37 | * mode. Also, it can be used by ah/esp icmp error handler to find |
| 38 | * offending SA. |
| 39 | */ |
| Florian Westphal | d737a58 | 2016-08-09 12:16:09 +0200 | [diff] [blame] | 40 | struct hlist_head __rcu *state_bydst; |
| 41 | struct hlist_head __rcu *state_bysrc; |
| 42 | struct hlist_head __rcu *state_byspi; |
| Alexey Dobriyan | 529983e | 2008-11-25 17:18:12 -0800 | [diff] [blame] | 43 | unsigned int state_hmask; |
| Alexey Dobriyan | 0bf7c5b | 2008-11-25 17:18:39 -0800 | [diff] [blame] | 44 | unsigned int state_num; |
| Alexey Dobriyan | 6308273 | 2008-11-25 17:19:07 -0800 | [diff] [blame] | 45 | struct work_struct state_hash_work; |
| Alexey Dobriyan | 50a3065 | 2008-11-25 17:21:01 -0800 | [diff] [blame] | 46 | |
| Alexey Dobriyan | adfcf0b | 2008-11-25 17:22:11 -0800 | [diff] [blame] | 47 | struct list_head policy_all; |
| Alexey Dobriyan | 93b851c | 2008-11-25 17:22:35 -0800 | [diff] [blame] | 48 | struct hlist_head *policy_byidx; |
| Alexey Dobriyan | 8100bea | 2008-11-25 17:22:58 -0800 | [diff] [blame] | 49 | unsigned int policy_idx_hmask; |
| Herbert Xu | 53c2e28 | 2014-11-13 17:09:49 +0800 | [diff] [blame] | 50 | struct hlist_head policy_inexact[XFRM_POLICY_MAX]; |
| 51 | struct xfrm_policy_hash policy_bydst[XFRM_POLICY_MAX]; |
| Alexey Dobriyan | dc2caba | 2008-11-25 17:24:15 -0800 | [diff] [blame] | 52 | unsigned int policy_count[XFRM_POLICY_MAX * 2]; |
| Alexey Dobriyan | 66caf62 | 2008-11-25 17:28:57 -0800 | [diff] [blame] | 53 | struct work_struct policy_hash_work; |
| Christophe Gouault | 880a6fa | 2014-08-29 16:16:05 +0200 | [diff] [blame] | 54 | struct xfrm_policy_hthresh policy_hthresh; |
| Alexey Dobriyan | a6483b7 | 2008-11-25 17:38:20 -0800 | [diff] [blame] | 55 | |
| Alexey Dobriyan | d7c7544 | 2010-01-24 22:47:53 -0800 | [diff] [blame] | 56 | |
| Alexey Dobriyan | a6483b7 | 2008-11-25 17:38:20 -0800 | [diff] [blame] | 57 | struct sock *nlsk; |
| Eric W. Biederman | d79d792 | 2009-12-03 02:29:05 +0000 | [diff] [blame] | 58 | struct sock *nlsk_stash; |
| Alexey Dobriyan | b27aead | 2008-11-25 18:00:48 -0800 | [diff] [blame] | 59 | |
| 60 | u32 sysctl_aevent_etime; |
| 61 | u32 sysctl_aevent_rseqth; |
| 62 | int sysctl_larval_drop; |
| 63 | u32 sysctl_acq_expires; |
| 64 | #ifdef CONFIG_SYSCTL |
| 65 | struct ctl_table_header *sysctl_hdr; |
| 66 | #endif |
| Eric Dumazet | 8e602ce | 2010-10-14 05:56:18 +0000 | [diff] [blame] | 67 | |
| 68 | struct dst_ops xfrm4_dst_ops; |
| Eric Dumazet | dfd56b8 | 2011-12-10 09:48:31 +0000 | [diff] [blame] | 69 | #if IS_ENABLED(CONFIG_IPV6) |
| Eric Dumazet | 8e602ce | 2010-10-14 05:56:18 +0000 | [diff] [blame] | 70 | struct dst_ops xfrm6_dst_ops; |
| 71 | #endif |
| Fan Du | 283bc9f | 2013-11-07 17:47:50 +0800 | [diff] [blame] | 72 | spinlock_t xfrm_state_lock; |
| Florian Westphal | 9d0380d | 2016-08-11 15:17:59 +0200 | [diff] [blame] | 73 | spinlock_t xfrm_policy_lock; |
| Fan Du | 283bc9f | 2013-11-07 17:47:50 +0800 | [diff] [blame] | 74 | struct mutex xfrm_cfg_mutex; |
| Alexey Dobriyan | d62ddc2 | 2008-11-25 17:14:31 -0800 | [diff] [blame] | 75 | }; |
| 76 | |
| 77 | #endif |