1d62ddc21b674b5ac1466091ff3fbf7baa53bc92cAlexey Dobriyan#ifndef __NETNS_XFRM_H 2d62ddc21b674b5ac1466091ff3fbf7baa53bc92cAlexey Dobriyan#define __NETNS_XFRM_H 3d62ddc21b674b5ac1466091ff3fbf7baa53bc92cAlexey Dobriyan 49d4139c76905833afcb77fe8ccc17f302a0eb9abAlexey Dobriyan#include <linux/list.h> 550a30657fd7ee77a94a6bf0ad86eba7c37c3032eAlexey Dobriyan#include <linux/wait.h> 6630827338585022b851ec0a6335df8e436c900e4Alexey Dobriyan#include <linux/workqueue.h> 78b18f8eaf9207d53ba3e69f2b98d7290f4dec227Alexey Dobriyan#include <linux/xfrm.h> 8d7c7544c3d5f59033d1bf3236bc7b289f5f26b75Alexey Dobriyan#include <net/dst_ops.h> 9ca925cf1534ebcec332c08719a7dee6ee1782ce4Fan Du#include <net/flowcache.h> 109d4139c76905833afcb77fe8ccc17f302a0eb9abAlexey Dobriyan 11b27aeadb5948d400df83db4d29590fb9862ba49dAlexey Dobriyanstruct ctl_table_header; 12b27aeadb5948d400df83db4d29590fb9862ba49dAlexey Dobriyan 13a35f6c5de32664d82c072a7e2c7d5c5234de4158Alexey Dobriyanstruct xfrm_policy_hash { 14a35f6c5de32664d82c072a7e2c7d5c5234de4158Alexey Dobriyan struct hlist_head *table; 15a35f6c5de32664d82c072a7e2c7d5c5234de4158Alexey Dobriyan unsigned int hmask; 16b58555f1767c9f4e330fcf168e4e753d2d9196e0Christophe Gouault u8 dbits4; 17b58555f1767c9f4e330fcf168e4e753d2d9196e0Christophe Gouault u8 sbits4; 18b58555f1767c9f4e330fcf168e4e753d2d9196e0Christophe Gouault u8 dbits6; 19b58555f1767c9f4e330fcf168e4e753d2d9196e0Christophe Gouault u8 sbits6; 20a35f6c5de32664d82c072a7e2c7d5c5234de4158Alexey Dobriyan}; 21a35f6c5de32664d82c072a7e2c7d5c5234de4158Alexey Dobriyan 22880a6fab8f6ba5b5abe59ea68533202ddea1012cChristophe Gouaultstruct xfrm_policy_hthresh { 23880a6fab8f6ba5b5abe59ea68533202ddea1012cChristophe Gouault struct work_struct work; 24880a6fab8f6ba5b5abe59ea68533202ddea1012cChristophe Gouault seqlock_t lock; 25880a6fab8f6ba5b5abe59ea68533202ddea1012cChristophe Gouault u8 lbits4; 26880a6fab8f6ba5b5abe59ea68533202ddea1012cChristophe Gouault u8 rbits4; 27880a6fab8f6ba5b5abe59ea68533202ddea1012cChristophe Gouault u8 lbits6; 28880a6fab8f6ba5b5abe59ea68533202ddea1012cChristophe Gouault u8 rbits6; 29880a6fab8f6ba5b5abe59ea68533202ddea1012cChristophe Gouault}; 30880a6fab8f6ba5b5abe59ea68533202ddea1012cChristophe Gouault 31d62ddc21b674b5ac1466091ff3fbf7baa53bc92cAlexey Dobriyanstruct netns_xfrm { 329d4139c76905833afcb77fe8ccc17f302a0eb9abAlexey Dobriyan struct list_head state_all; 3373d189dce486cd6693fa29169b1aac0872efbceaAlexey Dobriyan /* 3473d189dce486cd6693fa29169b1aac0872efbceaAlexey Dobriyan * Hash table to find appropriate SA towards given target (endpoint of 3573d189dce486cd6693fa29169b1aac0872efbceaAlexey Dobriyan * tunnel or destination of transport mode) allowed by selector. 3673d189dce486cd6693fa29169b1aac0872efbceaAlexey Dobriyan * 3773d189dce486cd6693fa29169b1aac0872efbceaAlexey Dobriyan * Main use is finding SA after policy selected tunnel or transport 3873d189dce486cd6693fa29169b1aac0872efbceaAlexey Dobriyan * mode. Also, it can be used by ah/esp icmp error handler to find 3973d189dce486cd6693fa29169b1aac0872efbceaAlexey Dobriyan * offending SA. 4073d189dce486cd6693fa29169b1aac0872efbceaAlexey Dobriyan */ 4173d189dce486cd6693fa29169b1aac0872efbceaAlexey Dobriyan struct hlist_head *state_bydst; 42d320bbb306f2085892bc958781e8fcaf5d491589Alexey Dobriyan struct hlist_head *state_bysrc; 43b754a4fd8f58d245c9b5e92914cce09c4309cb67Alexey Dobriyan struct hlist_head *state_byspi; 44529983ecabeae3d8e61c9e27079154b1b8544dcdAlexey Dobriyan unsigned int state_hmask; 450bf7c5b019518d3fe9cb96b9c97bf44d251472c3Alexey Dobriyan unsigned int state_num; 46630827338585022b851ec0a6335df8e436c900e4Alexey Dobriyan struct work_struct state_hash_work; 47b8a0ae20b0eecd4b86a113d2abe2fa5a582b30a6Alexey Dobriyan struct hlist_head state_gc_list; 48c78371441c0d957f54c9f8a35b3ee5a378d14808Alexey Dobriyan struct work_struct state_gc_work; 4950a30657fd7ee77a94a6bf0ad86eba7c37c3032eAlexey Dobriyan 50adfcf0b27e87d16a6a8c364daa724653d4d8930bAlexey Dobriyan struct list_head policy_all; 5193b851c1c93c7d5cd8d94cd3f3a268b2d5460e9eAlexey Dobriyan struct hlist_head *policy_byidx; 528100bea7d619e8496ad8e545d1b41f536e076cd5Alexey Dobriyan unsigned int policy_idx_hmask; 538b18f8eaf9207d53ba3e69f2b98d7290f4dec227Alexey Dobriyan struct hlist_head policy_inexact[XFRM_POLICY_MAX * 2]; 54a35f6c5de32664d82c072a7e2c7d5c5234de4158Alexey Dobriyan struct xfrm_policy_hash policy_bydst[XFRM_POLICY_MAX * 2]; 55dc2caba7b321289e7d02e63d7216961ccecfa103Alexey Dobriyan unsigned int policy_count[XFRM_POLICY_MAX * 2]; 5666caf628c3b634c57b14a1a104dcd57e4fab2e3bAlexey Dobriyan struct work_struct policy_hash_work; 57880a6fab8f6ba5b5abe59ea68533202ddea1012cChristophe Gouault struct xfrm_policy_hthresh policy_hthresh; 58a6483b790f8efcd8db190c1c0ff93f9d9efe919aAlexey Dobriyan 59d7c7544c3d5f59033d1bf3236bc7b289f5f26b75Alexey Dobriyan 60a6483b790f8efcd8db190c1c0ff93f9d9efe919aAlexey Dobriyan struct sock *nlsk; 61d79d792ef9f99cca463b6619a93e860d1c833a6eEric W. Biederman struct sock *nlsk_stash; 62b27aeadb5948d400df83db4d29590fb9862ba49dAlexey Dobriyan 63b27aeadb5948d400df83db4d29590fb9862ba49dAlexey Dobriyan u32 sysctl_aevent_etime; 64b27aeadb5948d400df83db4d29590fb9862ba49dAlexey Dobriyan u32 sysctl_aevent_rseqth; 65b27aeadb5948d400df83db4d29590fb9862ba49dAlexey Dobriyan int sysctl_larval_drop; 66b27aeadb5948d400df83db4d29590fb9862ba49dAlexey Dobriyan u32 sysctl_acq_expires; 67b27aeadb5948d400df83db4d29590fb9862ba49dAlexey Dobriyan#ifdef CONFIG_SYSCTL 68b27aeadb5948d400df83db4d29590fb9862ba49dAlexey Dobriyan struct ctl_table_header *sysctl_hdr; 69b27aeadb5948d400df83db4d29590fb9862ba49dAlexey Dobriyan#endif 708e602ce2980fd6941dc0d3dda12e5095e8206f34Eric Dumazet 718e602ce2980fd6941dc0d3dda12e5095e8206f34Eric Dumazet struct dst_ops xfrm4_dst_ops; 72dfd56b8b38fff3586f36232db58e1e9f7885a605Eric Dumazet#if IS_ENABLED(CONFIG_IPV6) 738e602ce2980fd6941dc0d3dda12e5095e8206f34Eric Dumazet struct dst_ops xfrm6_dst_ops; 748e602ce2980fd6941dc0d3dda12e5095e8206f34Eric Dumazet#endif 75283bc9f35bbbcb0e9ab4e6d2427da7f9f710d52dFan Du spinlock_t xfrm_state_lock; 76283bc9f35bbbcb0e9ab4e6d2427da7f9f710d52dFan Du rwlock_t xfrm_policy_lock; 77283bc9f35bbbcb0e9ab4e6d2427da7f9f710d52dFan Du struct mutex xfrm_cfg_mutex; 78ca925cf1534ebcec332c08719a7dee6ee1782ce4Fan Du 79ca925cf1534ebcec332c08719a7dee6ee1782ce4Fan Du /* flow cache part */ 80ca925cf1534ebcec332c08719a7dee6ee1782ce4Fan Du struct flow_cache flow_cache_global; 81ca925cf1534ebcec332c08719a7dee6ee1782ce4Fan Du atomic_t flow_cache_genid; 82ca925cf1534ebcec332c08719a7dee6ee1782ce4Fan Du struct list_head flow_cache_gc_list; 83ca925cf1534ebcec332c08719a7dee6ee1782ce4Fan Du spinlock_t flow_cache_gc_lock; 84ca925cf1534ebcec332c08719a7dee6ee1782ce4Fan Du struct work_struct flow_cache_gc_work; 85ca925cf1534ebcec332c08719a7dee6ee1782ce4Fan Du struct work_struct flow_cache_flush_work; 86ca925cf1534ebcec332c08719a7dee6ee1782ce4Fan Du struct mutex flow_flush_sem; 87d62ddc21b674b5ac1466091ff3fbf7baa53bc92cAlexey Dobriyan}; 88d62ddc21b674b5ac1466091ff3fbf7baa53bc92cAlexey Dobriyan 89d62ddc21b674b5ac1466091ff3fbf7baa53bc92cAlexey Dobriyan#endif 90