iptun_impl.h revision 11042:2d6e217af1b4 
1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23 * Use is subject to license terms.
24 */
25
26#ifndef	_INET_IPTUN_IMPL_H
27#define	_INET_IPTUN_IMPL_H
28
29#include <sys/sunddi.h>
30#include <sys/sunldi.h>
31#include <sys/stream.h>
32#include <sys/modhash.h>
33#include <sys/list.h>
34#include <sys/dls.h>
35#include <sys/mac.h>
36#include <sys/dld_impl.h>
37#include <sys/netstack.h>
38#include <sys/sunddi.h>
39#include <sys/sunldi.h>
40#include <sys/socket.h>
41#include <inet/iptun.h>
42#include <inet/ipclassifier.h>
43#include <inet/ipsec_impl.h>
44#include <netinet/in.h>
45
46#ifdef	__cplusplus
47extern "C" {
48#endif
49
50#ifdef _KERNEL
51
52#define	IPTUN_MODID		5134
53#define	IPTUN_DRIVER_NAME	"iptun"
54
55typedef struct iptun_encaplim_s {
56	ip6_dest_t		iel_destopt;
57	struct ip6_opt_tunnel	iel_telopt;
58	uint8_t			iel_padn[3];
59} iptun_encaplim_t;
60
61typedef struct iptun_ipv6hdrs_s {
62	ip6_t			it6h_ip6h;
63	iptun_encaplim_t	it6h_encaplim;
64} iptun_ipv6hdrs_t;
65
66typedef union iptun_header_u {
67	ipha_t			ihu_hdr4;
68	iptun_ipv6hdrs_t	ihu_hdr6;
69} iptun_header_t;
70
71typedef struct iptun_addr_s {
72	sa_family_t	ia_family;
73	union {
74		ipaddr_t	iau_addr4;
75		in6_addr_t	iau_addr6;
76	} ia_addr;
77} iptun_addr_t;
78
79typedef struct iptun_typeinfo {
80	iptun_type_t	iti_type;
81	const char	*iti_ident;	/* MAC-Type plugin identifier */
82	uint_t		iti_ipvers;	/* outer header IP version */
83	uint32_t	iti_minmtu;	/* minimum possible tunnel MTU */
84	uint32_t	iti_maxmtu;	/* maximum possible tunnel MTU */
85	boolean_t	iti_hasraddr;	/* has a remote adress */
86} iptun_typeinfo_t;
87
88/*
89 * An iptun_t represents an IP tunnel link.  The iptun_lock protects the
90 * integrity of all fields except statistics which are updated atomically, and
91 * is also used by iptun_upcall_cv and iptun_enter_cv.  Access to all fields
92 * must be done under the protection of iptun_lock with the following
93 * exceptions:
94 *
95 * The datapath reads certain fields without locks for performance reasons.
96 *
97 * - IPTUN_IS_RUNNING() is used (read access to iptun_flags IPTUN_BOUND and
98 *   IPTUN_MAC_STARTED) to drop packets if they're sent while the tunnel is
99 *   not running.  This is harmless as the worst case scenario is that a
100 *   packet will be needlessly sent down to ip and be dropped due to an
101 *   unspecified source or destination.
102 */
103typedef struct iptun_s {
104	datalink_id_t	iptun_linkid;
105	kmutex_t	iptun_lock;
106	kcondvar_t	iptun_upcall_cv;
107	kcondvar_t	iptun_enter_cv;
108	uint32_t	iptun_flags;
109	list_node_t	iptun_link;
110	mac_handle_t	iptun_mh;
111	conn_t		*iptun_connp;
112	zoneid_t	iptun_zoneid;
113	netstack_t	*iptun_ns;
114	struct ipsec_tun_pol_s	*iptun_itp;
115	iptun_typeinfo_t	*iptun_typeinfo;
116	uint32_t	iptun_mtu;
117	uint32_t	iptun_dpmtu;	/* destination path MTU */
118	uint8_t		iptun_hoplimit;
119	uint8_t		iptun_encaplimit;
120	iptun_addr_t	iptun_laddr;	/* local address */
121	iptun_addr_t	iptun_raddr;	/* remote address */
122	iptun_header_t	iptun_header;
123	size_t		iptun_header_size;
124	ipsec_req_t	iptun_simple_policy;
125
126	/* statistics */
127	uint64_t	iptun_ierrors;
128	uint64_t	iptun_oerrors;
129	uint64_t	iptun_rbytes;
130	uint64_t	iptun_obytes;
131	uint64_t	iptun_ipackets;
132	uint64_t	iptun_opackets;
133	uint64_t	iptun_norcvbuf;
134	uint64_t	iptun_noxmtbuf;
135	uint64_t	iptun_taskq_fail;
136} iptun_t;
137
138#define	iptun_iptuns	iptun_ns->netstack_iptun
139#define	iptun_laddr4	iptun_laddr.ia_addr.iau_addr4
140#define	iptun_laddr6	iptun_laddr.ia_addr.iau_addr6
141#define	iptun_raddr4	iptun_raddr.ia_addr.iau_addr4
142#define	iptun_raddr6	iptun_raddr.ia_addr.iau_addr6
143#define	iptun_header4	iptun_header.ihu_hdr4
144#define	iptun_header6	iptun_header.ihu_hdr6
145
146/* iptun_flags */
147#define	IPTUN_BOUND		0x0001	/* tunnel address(es) bound with ip */
148#define	IPTUN_LADDR		0x0002	/* local address is set */
149#define	IPTUN_RADDR		0x0004	/* remote address is set */
150#define	IPTUN_MAC_REGISTERED	0x0008	/* registered with the mac module */
151#define	IPTUN_MAC_STARTED	0x0010	/* iptun_m_start() has been called */
152#define	IPTUN_HASH_INSERTED	0x0020	/* iptun_t in iptun_hash */
153#define	IPTUN_FIXED_MTU		0x0040	/* MTU was set using mtu link prop */
154#define	IPTUN_IMPLICIT		0x0080	/* implicitly created IP tunnel */
155#define	IPTUN_SIMPLE_POLICY	0x0100	/* cached iptun_simple_policy */
156#define	IPTUN_UPCALL_PENDING	0x0200	/* upcall to mac module in progress */
157#define	IPTUN_DELETE_PENDING	0x0400	/* iptun_delete() is issuing upcalls */
158#define	IPTUN_CONDEMNED		0x0800	/* iptun_t is to be freed */
159
160#define	IS_IPTUN_RUNNING(iptun)						\
161	((iptun->iptun_flags & (IPTUN_BOUND | IPTUN_MAC_STARTED)) ==	\
162	    (IPTUN_BOUND | IPTUN_MAC_STARTED))
163
164/*
165 * iptuns_lock protects iptuns_iptunlist.
166 */
167typedef struct iptun_stack {
168	netstack_t	*iptuns_netstack; /* Common netstack */
169	kmutex_t	iptuns_lock;
170	list_t		iptuns_iptunlist; /* list of tunnels in this stack. */
171	ipaddr_t	iptuns_relay_rtr_addr;
172} iptun_stack_t;
173
174extern dev_info_t	*iptun_dip;
175extern mod_hash_t	*iptun_hash;
176extern kmem_cache_t	*iptun_cache;
177extern ddi_taskq_t	*iptun_taskq;
178extern ldi_ident_t	iptun_ldi_ident;
179
180extern int	iptun_ioc_init(void);
181extern void	iptun_ioc_fini(void);
182extern uint_t	iptun_count(void);
183extern int	iptun_create(iptun_kparams_t *, cred_t *);
184extern int	iptun_delete(datalink_id_t, cred_t *);
185extern int	iptun_modify(const iptun_kparams_t *, cred_t *);
186extern int	iptun_info(iptun_kparams_t *, cred_t *);
187extern int	iptun_set_6to4relay(netstack_t *, ipaddr_t);
188extern void	iptun_get_6to4relay(netstack_t *, ipaddr_t *);
189extern void	iptun_set_policy(datalink_id_t, ipsec_tun_pol_t *);
190
191#endif	/* _KERNEL */
192
193#ifdef	__cplusplus
194}
195#endif
196
197#endif	/* _INET_IPTUN_IMPL_H */
198