1 #ifndef __NETNS_XFRM_H 2 #define __NETNS_XFRM_H 3 4 #include <linux/list.h> 5 #include <linux/wait.h> 6 #include <linux/workqueue.h> 7 #include <linux/xfrm.h> 8 #include <net/dst_ops.h> 9 10 struct ctl_table_header; 11 12 struct xfrm_policy_hash { 13 struct hlist_head __rcu *table; 14 unsigned int hmask; 15 u8 dbits4; 16 u8 sbits4; 17 u8 dbits6; 18 u8 sbits6; 19 }; 20 21 struct xfrm_policy_hthresh { 22 struct work_struct work; 23 seqlock_t lock; 24 u8 lbits4; 25 u8 rbits4; 26 u8 lbits6; 27 u8 rbits6; 28 }; 29 30 struct netns_xfrm { 31 struct list_head state_all; 32 /* 33 * Hash table to find appropriate SA towards given target (endpoint of 34 * tunnel or destination of transport mode) allowed by selector. 35 * 36 * Main use is finding SA after policy selected tunnel or transport 37 * mode. Also, it can be used by ah/esp icmp error handler to find 38 * offending SA. 39 */ 40 struct hlist_head __rcu *state_bydst; 41 struct hlist_head __rcu *state_bysrc; 42 struct hlist_head __rcu *state_byspi; 43 unsigned int state_hmask; 44 unsigned int state_num; 45 struct work_struct state_hash_work; 46 47 struct list_head policy_all; 48 struct hlist_head *policy_byidx; 49 unsigned int policy_idx_hmask; 50 struct hlist_head policy_inexact[XFRM_POLICY_MAX]; 51 struct xfrm_policy_hash policy_bydst[XFRM_POLICY_MAX]; 52 unsigned int policy_count[XFRM_POLICY_MAX * 2]; 53 struct work_struct policy_hash_work; 54 struct xfrm_policy_hthresh policy_hthresh; 55 56 57 struct sock *nlsk; 58 struct sock *nlsk_stash; 59 60 u32 sysctl_aevent_etime; 61 u32 sysctl_aevent_rseqth; 62 int sysctl_larval_drop; 63 u32 sysctl_acq_expires; 64 #ifdef CONFIG_SYSCTL 65 struct ctl_table_header *sysctl_hdr; 66 #endif 67 68 struct dst_ops xfrm4_dst_ops; 69 #if IS_ENABLED(CONFIG_IPV6) 70 struct dst_ops xfrm6_dst_ops; 71 #endif 72 spinlock_t xfrm_state_lock; 73 spinlock_t xfrm_policy_lock; 74 struct mutex xfrm_cfg_mutex; 75 }; 76 77 #endif 78