xref: /openbmc/linux/include/net/netns/xfrm.h (revision ce55c22ec8b223a90ff3e084d842f73cfba35588) 
1  /* SPDX-License-Identifier: GPL-2.0 */
2  #ifndef __NETNS_XFRM_H
3  #define __NETNS_XFRM_H
4  
5  #include <linux/list.h>
6  #include <linux/wait.h>
7  #include <linux/workqueue.h>
8  #include <linux/rhashtable-types.h>
9  #include <linux/xfrm.h>
10  #include <net/dst_ops.h>
11  
12  struct ctl_table_header;
13  
14  struct xfrm_policy_hash {
15  	struct hlist_head	__rcu *table;
16  	unsigned int		hmask;
17  	u8			dbits4;
18  	u8			sbits4;
19  	u8			dbits6;
20  	u8			sbits6;
21  };
22  
23  struct xfrm_policy_hthresh {
24  	struct work_struct	work;
25  	seqlock_t		lock;
26  	u8			lbits4;
27  	u8			rbits4;
28  	u8			lbits6;
29  	u8			rbits6;
30  };
31  
32  struct netns_xfrm {
33  	struct list_head	state_all;
34  	/*
35  	 * Hash table to find appropriate SA towards given target (endpoint of
36  	 * tunnel or destination of transport mode) allowed by selector.
37  	 *
38  	 * Main use is finding SA after policy selected tunnel or transport
39  	 * mode. Also, it can be used by ah/esp icmp error handler to find
40  	 * offending SA.
41  	 */
42  	struct hlist_head	__rcu *state_bydst;
43  	struct hlist_head	__rcu *state_bysrc;
44  	struct hlist_head	__rcu *state_byspi;
45  	struct hlist_head	__rcu *state_byseq;
46  	unsigned int		state_hmask;
47  	unsigned int		state_num;
48  	struct work_struct	state_hash_work;
49  
50  	struct list_head	policy_all;
51  	struct hlist_head	*policy_byidx;
52  	unsigned int		policy_idx_hmask;
53  	unsigned int		idx_generator;
54  	struct hlist_head	policy_inexact[XFRM_POLICY_MAX];
55  	struct xfrm_policy_hash	policy_bydst[XFRM_POLICY_MAX];
56  	unsigned int		policy_count[XFRM_POLICY_MAX * 2];
57  	struct work_struct	policy_hash_work;
58  	struct xfrm_policy_hthresh policy_hthresh;
59  	struct list_head	inexact_bins;
60  
61  
62  	struct sock		*nlsk;
63  	struct sock		*nlsk_stash;
64  
65  	u32			sysctl_aevent_etime;
66  	u32			sysctl_aevent_rseqth;
67  	int			sysctl_larval_drop;
68  	u32			sysctl_acq_expires;
69  
70  	u8			policy_default[XFRM_POLICY_MAX];
71  
72  #ifdef CONFIG_SYSCTL
73  	struct ctl_table_header	*sysctl_hdr;
74  #endif
75  
76  	struct dst_ops		xfrm4_dst_ops;
77  #if IS_ENABLED(CONFIG_IPV6)
78  	struct dst_ops		xfrm6_dst_ops;
79  #endif
80  	spinlock_t		xfrm_state_lock;
81  	seqcount_spinlock_t	xfrm_state_hash_generation;
82  	seqcount_spinlock_t	xfrm_policy_hash_generation;
83  
84  	spinlock_t xfrm_policy_lock;
85  	struct mutex xfrm_cfg_mutex;
86  };
87  
88  #endif
89