include/net/netns/xfrm.h

   1 /* SPDX-License-Identifier: GPL-2.0 */
   2 #ifndef __NETNS_XFRM_H
   3 #define __NETNS_XFRM_H
   4
   5 #include <linux/list.h>
   6 #include <linux/wait.h>
   7 #include <linux/workqueue.h>
   8 #include <linux/xfrm.h>
   9 #include <net/dst_ops.h>
  10
  11 struct ctl_table_header;
  12
  13 struct xfrm_policy_hash {
  14         struct hlist_head       __rcu *table;
  15         unsigned int            hmask;
  16         u8                      dbits4;
  17         u8                      sbits4;
  18         u8                      dbits6;
  19         u8                      sbits6;
  20 };
  21
  22 struct xfrm_policy_hthresh {
  23         struct work_struct      work;
  24         seqlock_t               lock;
  25         u8                      lbits4;
  26         u8                      rbits4;
  27         u8                      lbits6;
  28         u8                      rbits6;
  29 };
  30
  31 struct netns_xfrm {
  32         struct list_head        state_all;
  33         /*
  34          * Hash table to find appropriate SA towards given target (endpoint of
  35          * tunnel or destination of transport mode) allowed by selector.
  36          *
  37          * Main use is finding SA after policy selected tunnel or transport
  38          * mode. Also, it can be used by ah/esp icmp error handler to find
  39          * offending SA.
  40          */
  41         struct hlist_head       __rcu *state_bydst;
  42         struct hlist_head       __rcu *state_bysrc;
  43         struct hlist_head       __rcu *state_byspi;
  44         unsigned int            state_hmask;
  45         unsigned int            state_num;
  46         struct work_struct      state_hash_work;
  47
  48         struct list_head        policy_all;
  49         struct hlist_head       *policy_byidx;
  50         unsigned int            policy_idx_hmask;
  51         unsigned int            idx_generator;
  52         struct hlist_head       policy_inexact[XFRM_POLICY_MAX];
  53         struct xfrm_policy_hash policy_bydst[XFRM_POLICY_MAX];
  54         unsigned int            policy_count[XFRM_POLICY_MAX * 2];
  55         struct work_struct      policy_hash_work;
  56         struct xfrm_policy_hthresh policy_hthresh;
  57
  58
  59         struct sock             *nlsk;
  60         struct sock             *nlsk_stash;
  61
  62         u32                     sysctl_aevent_etime;
  63         u32                     sysctl_aevent_rseqth;
  64         int                     sysctl_larval_drop;
  65         u32                     sysctl_acq_expires;
  66 #ifdef CONFIG_SYSCTL
  67         struct ctl_table_header *sysctl_hdr;
  68 #endif
  69
  70         struct dst_ops          xfrm4_dst_ops;
  71 #if IS_ENABLED(CONFIG_IPV6)
  72         struct dst_ops          xfrm6_dst_ops;
  73 #endif
  74         spinlock_t              xfrm_state_lock;
  75         seqcount_t              xfrm_state_hash_generation;
  76
  77         spinlock_t xfrm_policy_lock;
  78         struct mutex xfrm_cfg_mutex;
  79 };
  80
  81 #endif