include/inet/iptun/iptun_impl.h

   1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  23  * Use is subject to license terms.
  24  */
  25
  26 #ifndef _INET_IPTUN_IMPL_H
  27 #define _INET_IPTUN_IMPL_H
  28
  29 #include <sys/sunddi.h>
  30 #include <sys/sunldi.h>
  31 #include <sys/stream.h>
  32 #include <sys/modhash.h>
  33 #include <sys/list.h>
  34 #include <sys/dls.h>
  35 #include <sys/mac.h>
  36 #include <sys/dld_impl.h>
  37 #include <sys/netstack.h>
  38 #include <sys/sunddi.h>
  39 #include <sys/sunldi.h>
  40 #include <sys/socket.h>
  41 #include <inet/iptun.h>
  42 #include <inet/ipclassifier.h>
  43 #include <inet/ipsec_impl.h>
  44 #include <netinet/in.h>
  45
  46 #ifdef  __cplusplus
  47 extern "C" {
  48 #endif
  49
  50 #ifdef _KERNEL
  51
  52 #define IPTUN_MODID             5134
  53 #define IPTUN_DRIVER_NAME       "iptun"
  54
  55 typedef struct iptun_encaplim_s {
  56         ip6_dest_t              iel_destopt;
  57         struct ip6_opt_tunnel   iel_telopt;
  58         uint8_t                 iel_padn[3];
  59 } iptun_encaplim_t;
  60
  61 typedef struct iptun_ipv6hdrs_s {
  62         ip6_t                   it6h_ip6h;
  63         iptun_encaplim_t        it6h_encaplim;
  64 } iptun_ipv6hdrs_t;
  65
  66 typedef union iptun_header_u {
  67         ipha_t                  ihu_hdr4;
  68         iptun_ipv6hdrs_t        ihu_hdr6;
  69 } iptun_header_t;
  70
  71 typedef struct iptun_addr_s {
  72         sa_family_t     ia_family;
  73         union {
  74                 ipaddr_t        iau_addr4;
  75                 in6_addr_t      iau_addr6;
  76         } ia_addr;
  77 } iptun_addr_t;
  78
  79 typedef struct iptun_typeinfo {
  80         iptun_type_t    iti_type;
  81         const char      *iti_ident;     /* MAC-Type plugin identifier */
  82         uint_t          iti_ipvers;     /* outer header IP version */
  83         uint32_t        iti_minmtu;     /* minimum possible tunnel MTU */
  84         uint32_t        iti_maxmtu;     /* maximum possible tunnel MTU */
  85         boolean_t       iti_hasraddr;   /* has a remote adress */
  86 } iptun_typeinfo_t;
  87
  88 /*
  89  * An iptun_t represents an IP tunnel link.  The iptun_lock protects the
  90  * integrity of all fields except statistics which are updated atomically, and
  91  * is also used by iptun_upcall_cv and iptun_enter_cv.  Access to all fields
  92  * must be done under the protection of iptun_lock with the following
  93  * exceptions:
  94  *
  95  * The datapath reads certain fields without locks for performance reasons.
  96  *
  97  * - IPTUN_IS_RUNNING() is used (read access to iptun_flags IPTUN_BOUND and
  98  *   IPTUN_MAC_STARTED) to drop packets if they're sent while the tunnel is
  99  *   not running.  This is harmless as the worst case scenario is that a
 100  *   packet will be needlessly sent down to ip and be dropped due to an
 101  *   unspecified source or destination.
 102  */
 103 typedef struct iptun_s {
 104         datalink_id_t   iptun_linkid;
 105         kmutex_t        iptun_lock;
 106         kcondvar_t      iptun_upcall_cv;
 107         kcondvar_t      iptun_enter_cv;
 108         uint32_t        iptun_flags;
 109         list_node_t     iptun_link;
 110         mac_handle_t    iptun_mh;
 111         conn_t          *iptun_connp;
 112         zoneid_t        iptun_zoneid;
 113         netstack_t      *iptun_ns;
 114         struct ipsec_tun_pol_s  *iptun_itp;
 115         iptun_typeinfo_t        *iptun_typeinfo;
 116         uint32_t        iptun_mtu;
 117         uint32_t        iptun_dpmtu;    /* destination path MTU */
 118         uint8_t         iptun_hoplimit;
 119         uint8_t         iptun_encaplimit;
 120         iptun_addr_t    iptun_laddr;    /* local address */
 121         iptun_addr_t    iptun_raddr;    /* remote address */
 122         iptun_header_t  iptun_header;
 123         size_t          iptun_header_size;
 124         ipsec_req_t     iptun_simple_policy;
 125
 126         /* statistics */
 127         uint64_t        iptun_ierrors;
 128         uint64_t        iptun_oerrors;
 129         uint64_t        iptun_rbytes;
 130         uint64_t        iptun_obytes;
 131         uint64_t        iptun_ipackets;
 132         uint64_t        iptun_opackets;
 133         uint64_t        iptun_norcvbuf;
 134         uint64_t        iptun_noxmtbuf;
 135         uint64_t        iptun_taskq_fail;
 136 } iptun_t;
 137
 138 #define iptun_iptuns    iptun_ns->netstack_iptun
 139 #define iptun_laddr4    iptun_laddr.ia_addr.iau_addr4
 140 #define iptun_laddr6    iptun_laddr.ia_addr.iau_addr6
 141 #define iptun_raddr4    iptun_raddr.ia_addr.iau_addr4
 142 #define iptun_raddr6    iptun_raddr.ia_addr.iau_addr6
 143 #define iptun_header4   iptun_header.ihu_hdr4
 144 #define iptun_header6   iptun_header.ihu_hdr6
 145
 146 /* iptun_flags */
 147 #define IPTUN_BOUND             0x0001  /* tunnel address(es) bound with ip */
 148 #define IPTUN_LADDR             0x0002  /* local address is set */
 149 #define IPTUN_RADDR             0x0004  /* remote address is set */
 150 #define IPTUN_MAC_REGISTERED    0x0008  /* registered with the mac module */
 151 #define IPTUN_MAC_STARTED       0x0010  /* iptun_m_start() has been called */
 152 #define IPTUN_HASH_INSERTED     0x0020  /* iptun_t in iptun_hash */
 153 #define IPTUN_FIXED_MTU         0x0040  /* MTU was set using mtu link prop */
 154 #define IPTUN_IMPLICIT          0x0080  /* implicitly created IP tunnel */
 155 #define IPTUN_SIMPLE_POLICY     0x0100  /* cached iptun_simple_policy */
 156 #define IPTUN_UPCALL_PENDING    0x0200  /* upcall to mac module in progress */
 157 #define IPTUN_DELETE_PENDING    0x0400  /* iptun_delete() is issuing upcalls */
 158 #define IPTUN_CONDEMNED         0x0800  /* iptun_t is to be freed */
 159
 160 #define IS_IPTUN_RUNNING(iptun)                                         \
 161         ((iptun->iptun_flags & (IPTUN_BOUND | IPTUN_MAC_STARTED)) ==    \
 162             (IPTUN_BOUND | IPTUN_MAC_STARTED))
 163
 164 /*
 165  * iptuns_lock protects iptuns_iptunlist.
 166  */
 167 typedef struct iptun_stack {
 168         netstack_t      *iptuns_netstack; /* Common netstack */
 169         kmutex_t        iptuns_lock;
 170         list_t          iptuns_iptunlist; /* list of tunnels in this stack. */
 171         ipaddr_t        iptuns_relay_rtr_addr;
 172 } iptun_stack_t;
 173
 174 extern dev_info_t       *iptun_dip;
 175 extern mod_hash_t       *iptun_hash;
 176 extern kmem_cache_t     *iptun_cache;
 177 extern ddi_taskq_t      *iptun_taskq;
 178 extern ldi_ident_t      iptun_ldi_ident;
 179
 180 extern int      iptun_ioc_init(void);
 181 extern void     iptun_ioc_fini(void);
 182 extern uint_t   iptun_count(void);
 183 extern int      iptun_create(iptun_kparams_t *, cred_t *);
 184 extern int      iptun_delete(datalink_id_t, cred_t *);
 185 extern int      iptun_modify(const iptun_kparams_t *, cred_t *);
 186 extern int      iptun_info(iptun_kparams_t *, cred_t *);
 187 extern int      iptun_set_6to4relay(netstack_t *, ipaddr_t);
 188 extern void     iptun_get_6to4relay(netstack_t *, ipaddr_t *);
 189 extern void     iptun_set_policy(datalink_id_t, ipsec_tun_pol_t *);
 190
 191 #endif  /* _KERNEL */
 192
 193 #ifdef  __cplusplus
 194 }
 195 #endif
 196
 197 #endif  /* _INET_IPTUN_IMPL_H */