4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
26 #ifndef _INET_IPTUN_IMPL_H
27 #define _INET_IPTUN_IMPL_H
29 #include <sys/sunddi.h>
30 #include <sys/sunldi.h>
31 #include <sys/stream.h>
32 #include <sys/modhash.h>
36 #include <sys/dld_impl.h>
37 #include <sys/netstack.h>
38 #include <sys/sunddi.h>
39 #include <sys/sunldi.h>
40 #include <sys/socket.h>
41 #include <inet/iptun.h>
42 #include <inet/ipclassifier.h>
43 #include <inet/ipsec_impl.h>
44 #include <netinet/in.h>
52 #define IPTUN_MODID 5134
53 #define IPTUN_DRIVER_NAME "iptun"
55 typedef struct iptun_encaplim_s
{
56 ip6_dest_t iel_destopt
;
57 struct ip6_opt_tunnel iel_telopt
;
61 typedef struct iptun_ipv6hdrs_s
{
63 iptun_encaplim_t it6h_encaplim
;
66 typedef union iptun_header_u
{
68 iptun_ipv6hdrs_t ihu_hdr6
;
71 typedef struct iptun_addr_s
{
72 sa_family_t ia_family
;
79 typedef struct iptun_typeinfo
{
80 iptun_type_t iti_type
;
81 const char *iti_ident
; /* MAC-Type plugin identifier */
82 uint_t iti_ipvers
; /* outer header IP version */
83 uint32_t iti_minmtu
; /* minimum possible tunnel MTU */
84 uint32_t iti_maxmtu
; /* maximum possible tunnel MTU */
85 boolean_t iti_hasraddr
; /* has a remote adress */
89 * An iptun_t represents an IP tunnel link. The iptun_lock protects the
90 * integrity of all fields except statistics which are updated atomically, and
91 * is also used by iptun_upcall_cv and iptun_enter_cv. Access to all fields
92 * must be done under the protection of iptun_lock with the following
95 * The datapath reads certain fields without locks for performance reasons.
97 * - IPTUN_IS_RUNNING() is used (read access to iptun_flags IPTUN_BOUND and
98 * IPTUN_MAC_STARTED) to drop packets if they're sent while the tunnel is
99 * not running. This is harmless as the worst case scenario is that a
100 * packet will be needlessly sent down to ip and be dropped due to an
101 * unspecified source or destination.
103 typedef struct iptun_s
{
104 datalink_id_t iptun_linkid
;
106 kcondvar_t iptun_upcall_cv
;
107 kcondvar_t iptun_enter_cv
;
108 uint32_t iptun_flags
;
109 list_node_t iptun_link
;
110 mac_handle_t iptun_mh
;
112 zoneid_t iptun_zoneid
;
113 netstack_t
*iptun_ns
;
114 struct ipsec_tun_pol_s
*iptun_itp
;
115 iptun_typeinfo_t
*iptun_typeinfo
;
117 uint32_t iptun_dpmtu
; /* destination path MTU */
118 uint8_t iptun_hoplimit
;
119 uint8_t iptun_encaplimit
;
120 iptun_addr_t iptun_laddr
; /* local address */
121 iptun_addr_t iptun_raddr
; /* remote address */
122 iptun_header_t iptun_header
;
123 size_t iptun_header_size
;
124 ipsec_req_t iptun_simple_policy
;
127 uint64_t iptun_ierrors
;
128 uint64_t iptun_oerrors
;
129 uint64_t iptun_rbytes
;
130 uint64_t iptun_obytes
;
131 uint64_t iptun_ipackets
;
132 uint64_t iptun_opackets
;
133 uint64_t iptun_norcvbuf
;
134 uint64_t iptun_noxmtbuf
;
135 uint64_t iptun_taskq_fail
;
138 #define iptun_iptuns iptun_ns->netstack_iptun
139 #define iptun_laddr4 iptun_laddr.ia_addr.iau_addr4
140 #define iptun_laddr6 iptun_laddr.ia_addr.iau_addr6
141 #define iptun_raddr4 iptun_raddr.ia_addr.iau_addr4
142 #define iptun_raddr6 iptun_raddr.ia_addr.iau_addr6
143 #define iptun_header4 iptun_header.ihu_hdr4
144 #define iptun_header6 iptun_header.ihu_hdr6
147 #define IPTUN_BOUND 0x0001 /* tunnel address(es) bound with ip */
148 #define IPTUN_LADDR 0x0002 /* local address is set */
149 #define IPTUN_RADDR 0x0004 /* remote address is set */
150 #define IPTUN_MAC_REGISTERED 0x0008 /* registered with the mac module */
151 #define IPTUN_MAC_STARTED 0x0010 /* iptun_m_start() has been called */
152 #define IPTUN_HASH_INSERTED 0x0020 /* iptun_t in iptun_hash */
153 #define IPTUN_FIXED_MTU 0x0040 /* MTU was set using mtu link prop */
154 #define IPTUN_IMPLICIT 0x0080 /* implicitly created IP tunnel */
155 #define IPTUN_SIMPLE_POLICY 0x0100 /* cached iptun_simple_policy */
156 #define IPTUN_UPCALL_PENDING 0x0200 /* upcall to mac module in progress */
157 #define IPTUN_DELETE_PENDING 0x0400 /* iptun_delete() is issuing upcalls */
158 #define IPTUN_CONDEMNED 0x0800 /* iptun_t is to be freed */
160 #define IS_IPTUN_RUNNING(iptun) \
161 ((iptun->iptun_flags & (IPTUN_BOUND | IPTUN_MAC_STARTED)) == \
162 (IPTUN_BOUND | IPTUN_MAC_STARTED))
165 * iptuns_lock protects iptuns_iptunlist.
167 typedef struct iptun_stack
{
168 netstack_t
*iptuns_netstack
; /* Common netstack */
169 kmutex_t iptuns_lock
;
170 list_t iptuns_iptunlist
; /* list of tunnels in this stack. */
171 ipaddr_t iptuns_relay_rtr_addr
;
174 extern dev_info_t
*iptun_dip
;
175 extern mod_hash_t
*iptun_hash
;
176 extern kmem_cache_t
*iptun_cache
;
177 extern ddi_taskq_t
*iptun_taskq
;
178 extern ldi_ident_t iptun_ldi_ident
;
180 extern int iptun_ioc_init(void);
181 extern void iptun_ioc_fini(void);
182 extern uint_t
iptun_count(void);
183 extern int iptun_create(iptun_kparams_t
*, cred_t
*);
184 extern int iptun_delete(datalink_id_t
, cred_t
*);
185 extern int iptun_modify(const iptun_kparams_t
*, cred_t
*);
186 extern int iptun_info(iptun_kparams_t
*, cred_t
*);
187 extern int iptun_set_6to4relay(netstack_t
*, ipaddr_t
);
188 extern void iptun_get_6to4relay(netstack_t
*, ipaddr_t
*);
189 extern void iptun_set_policy(datalink_id_t
, ipsec_tun_pol_t
*);
197 #endif /* _INET_IPTUN_IMPL_H */