[mirror_ubuntu-artful-kernel.git] / include / net / netns / xfrm.h

#ifndef __NETNS_XFRM_H
#define __NETNS_XFRM_H

#include <linux/list.h>
#include <linux/wait.h>
#include <linux/workqueue.h>
#include <linux/xfrm.h>
#include <net/dst_ops.h>
#include <net/flowcache.h>

struct ctl_table_header;

struct xfrm_policy_hash {
	struct hlist_head	*table;
	unsigned int		hmask;
};

struct netns_xfrm {
	struct list_head	state_all;
	/*
	 * Hash table to find appropriate SA towards given target (endpoint of
	 * tunnel or destination of transport mode) allowed by selector.
	 *
	 * Main use is finding SA after policy selected tunnel or transport
	 * mode. Also, it can be used by ah/esp icmp error handler to find
	 * offending SA.
	 */
	struct hlist_head	*state_bydst;
	struct hlist_head	*state_bysrc;
	struct hlist_head	*state_byspi;
	unsigned int		state_hmask;
	unsigned int		state_num;
	struct work_struct	state_hash_work;
	struct hlist_head	state_gc_list;
	struct work_struct	state_gc_work;

	struct list_head	policy_all;
	struct hlist_head	*policy_byidx;
	unsigned int		policy_idx_hmask;
	struct hlist_head	policy_inexact[XFRM_POLICY_MAX * 2];
	struct xfrm_policy_hash	policy_bydst[XFRM_POLICY_MAX * 2];
	unsigned int		policy_count[XFRM_POLICY_MAX * 2];
	struct work_struct	policy_hash_work;


	struct sock		*nlsk;
	struct sock		*nlsk_stash;

	u32			sysctl_aevent_etime;
	u32			sysctl_aevent_rseqth;
	int			sysctl_larval_drop;
	u32			sysctl_acq_expires;
#ifdef CONFIG_SYSCTL
	struct ctl_table_header	*sysctl_hdr;
#endif

	struct dst_ops		xfrm4_dst_ops;
#if IS_ENABLED(CONFIG_IPV6)
	struct dst_ops		xfrm6_dst_ops;
#endif
	spinlock_t xfrm_state_lock;
	rwlock_t xfrm_policy_lock;
	struct mutex xfrm_cfg_mutex;

	/* flow cache part */
	struct flow_cache	flow_cache_global;
	atomic_t		flow_cache_genid;
	struct list_head	flow_cache_gc_list;
	spinlock_t		flow_cache_gc_lock;
	struct work_struct	flow_cache_gc_work;
	struct work_struct	flow_cache_flush_work;
	struct mutex		flow_flush_sem;
};

#endif
Commit	Line	Data
	1	#ifndef __NETNS_XFRM_H
	2	#define __NETNS_XFRM_H
	3
	4	#include <linux/list.h>
	5	#include <linux/wait.h>
	6	#include <linux/workqueue.h>
	7	#include <linux/xfrm.h>
	8	#include <net/dst_ops.h>
	9	#include <net/flowcache.h>
	10
	11	struct ctl_table_header;
	12
	13	struct xfrm_policy_hash {
	14	struct hlist_head *table;
	15	unsigned int hmask;
	16	};
	17
	18	struct netns_xfrm {
	19	struct list_head state_all;
	20	/*
	21	* Hash table to find appropriate SA towards given target (endpoint of
	22	* tunnel or destination of transport mode) allowed by selector.
	23	*
	24	* Main use is finding SA after policy selected tunnel or transport
	25	* mode. Also, it can be used by ah/esp icmp error handler to find
	26	* offending SA.
	27	*/
	28	struct hlist_head *state_bydst;
	29	struct hlist_head *state_bysrc;
	30	struct hlist_head *state_byspi;
	31	unsigned int state_hmask;
	32	unsigned int state_num;
	33	struct work_struct state_hash_work;
	34	struct hlist_head state_gc_list;
	35	struct work_struct state_gc_work;
	36
	37	struct list_head policy_all;
	38	struct hlist_head *policy_byidx;
	39	unsigned int policy_idx_hmask;
	40	struct hlist_head policy_inexact[XFRM_POLICY_MAX * 2];
	41	struct xfrm_policy_hash policy_bydst[XFRM_POLICY_MAX * 2];
	42	unsigned int policy_count[XFRM_POLICY_MAX * 2];
	43	struct work_struct policy_hash_work;
	44
	45
	46	struct sock *nlsk;
	47	struct sock *nlsk_stash;
	48
	49	u32 sysctl_aevent_etime;
	50	u32 sysctl_aevent_rseqth;
	51	int sysctl_larval_drop;
	52	u32 sysctl_acq_expires;
	53	#ifdef CONFIG_SYSCTL
	54	struct ctl_table_header *sysctl_hdr;
	55	#endif
	56
	57	struct dst_ops xfrm4_dst_ops;
	58	#if IS_ENABLED(CONFIG_IPV6)
	59	struct dst_ops xfrm6_dst_ops;
	60	#endif
	61	spinlock_t xfrm_state_lock;
	62	rwlock_t xfrm_policy_lock;
	63	struct mutex xfrm_cfg_mutex;
	64
	65	/* flow cache part */
	66	struct flow_cache flow_cache_global;
	67	atomic_t flow_cache_genid;
	68	struct list_head flow_cache_gc_list;
	69	spinlock_t flow_cache_gc_lock;
	70	struct work_struct flow_cache_gc_work;
	71	struct work_struct flow_cache_flush_work;
	72	struct mutex flow_flush_sem;
	73	};
	74
	75	#endif