iptun_impl.h - OpenGrok cross reference for /illumos-gate/usr/src/uts/common/inet/iptun/iptun

Deleted Added

sdiffudifftextold ( 2b24ab6b )new ( bd670b35 )

iptun_impl.h (2b24ab6b)	iptun_impl.h (bd670b35)
1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE --- 66 unchanged lines hidden (view full) --- 75 in6_addr_t iau_addr6; 76 } ia_addr; 77} iptun_addr_t; 78 79typedef struct iptun_typeinfo { 80 iptun_type_t iti_type; 81 const char iti_ident; / MAC-Type plugin identifier / 82 uint_t iti_ipvers; / outer header IP version */	1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE --- 66 unchanged lines hidden (view full) --- 75 in6_addr_t iau_addr6; 76 } ia_addr; 77} iptun_addr_t; 78 79typedef struct iptun_typeinfo { 80 iptun_type_t iti_type; 81 const char iti_ident; / MAC-Type plugin identifier / 82 uint_t iti_ipvers; / outer header IP version */
83 edesc_spf iti_txfunc; /* function used to transmit to ip */
84 uint32_t iti_minmtu; /* minimum possible tunnel MTU / 85 uint32_t iti_maxmtu; / maximum possible tunnel MTU / 86 boolean_t iti_hasraddr; / has a remote adress / 87} iptun_typeinfo_t; 88 89/ 90 * An iptun_t represents an IP tunnel link. The iptun_lock protects the 91 * integrity of all fields except statistics which are updated atomically, and 92 * is also used by iptun_upcall_cv and iptun_enter_cv. Access to all fields 93 * must be done under the protection of iptun_lock with the following 94 * exceptions: 95 * 96 * The datapath reads certain fields without locks for performance reasons. 97 *	83 uint32_t iti_minmtu; /* minimum possible tunnel MTU / 84 uint32_t iti_maxmtu; / maximum possible tunnel MTU / 85 boolean_t iti_hasraddr; / has a remote adress / 86} iptun_typeinfo_t; 87 88/ 89 * An iptun_t represents an IP tunnel link. The iptun_lock protects the 90 * integrity of all fields except statistics which are updated atomically, and 91 * is also used by iptun_upcall_cv and iptun_enter_cv. Access to all fields 92 * must be done under the protection of iptun_lock with the following 93 * exceptions: 94 * 95 * The datapath reads certain fields without locks for performance reasons. 96 *
98 * - IPTUN_PMTU_TOO_OLD() is used without a lock to determine if the 99 * destination path-MTU should be queried. This reads iptun_flags 100 * IPTUN_RADDR, IPTUN_FIXED_MTU, and iptun_dpmtu_lastupdate. All of these 101 * can change without adversely affecting the tunnel, as the worst case 102 * scenario is that we launch a task that will ultimately either do nothing 103 * or needlessly query the destination path-MTU. 104 *
105 * - IPTUN_IS_RUNNING() is used (read access to iptun_flags IPTUN_BOUND and 106 * IPTUN_MAC_STARTED) to drop packets if they're sent while the tunnel is 107 * not running. This is harmless as the worst case scenario is that a 108 * packet will be needlessly sent down to ip and be dropped due to an 109 * unspecified source or destination. 110 / 111typedef struct iptun_s { 112* datalink_id_t iptun_linkid; 113 kmutex_t iptun_lock; 114 kcondvar_t iptun_upcall_cv; 115 kcondvar_t iptun_enter_cv; 116 uint32_t iptun_flags; 117 list_node_t iptun_link; 118 mac_handle_t iptun_mh; 119 conn_t iptun_connp; 120* zoneid_t iptun_zoneid; 121 netstack_t *iptun_ns;	97 * - IPTUN_IS_RUNNING() is used (read access to iptun_flags IPTUN_BOUND and 98 * IPTUN_MAC_STARTED) to drop packets if they're sent while the tunnel is 99 * not running. This is harmless as the worst case scenario is that a 100 * packet will be needlessly sent down to ip and be dropped due to an 101 * unspecified source or destination. 102 / 103typedef struct iptun_s { 104* datalink_id_t iptun_linkid; 105 kmutex_t iptun_lock; 106 kcondvar_t iptun_upcall_cv; 107 kcondvar_t iptun_enter_cv; 108 uint32_t iptun_flags; 109 list_node_t iptun_link; 110 mac_handle_t iptun_mh; 111 conn_t iptun_connp; 112* zoneid_t iptun_zoneid; 113 netstack_t *iptun_ns;
122 cred_t *iptun_cred;
123 struct ipsec_tun_pol_s iptun_itp; 124* iptun_typeinfo_t iptun_typeinfo; 125* uint32_t iptun_mtu; 126 uint32_t iptun_dpmtu; /* destination path MTU */	114 struct ipsec_tun_pol_s iptun_itp; 115* iptun_typeinfo_t iptun_typeinfo; 116* uint32_t iptun_mtu; 117 uint32_t iptun_dpmtu; /* destination path MTU */
127 clock_t iptun_dpmtu_lastupdate;
128 uint8_t iptun_hoplimit; 129 uint8_t iptun_encaplimit; 130 iptun_addr_t iptun_laddr; /* local address / 131* iptun_addr_t iptun_raddr; /* remote address / 132* iptun_header_t iptun_header; 133 size_t iptun_header_size; 134 ipsec_req_t iptun_simple_policy; 135 --- 31 unchanged lines hidden (view full) --- 167#define IPTUN_DELETE_PENDING 0x0400 /* iptun_delete() is issuing upcalls / 168#define IPTUN_CONDEMNED 0x0800 / iptun_t is to be freed / 169* 170#define IS_IPTUN_RUNNING(iptun) \ 171 ((iptun->iptun_flags & (IPTUN_BOUND \| IPTUN_MAC_STARTED)) == \ 172 (IPTUN_BOUND \| IPTUN_MAC_STARTED)) 173 174/*	118 uint8_t iptun_hoplimit; 119 uint8_t iptun_encaplimit; 120 iptun_addr_t iptun_laddr; /* local address / 121* iptun_addr_t iptun_raddr; /* remote address / 122* iptun_header_t iptun_header; 123 size_t iptun_header_size; 124 ipsec_req_t iptun_simple_policy; 125 --- 31 unchanged lines hidden (view full) --- 157#define IPTUN_DELETE_PENDING 0x0400 /* iptun_delete() is issuing upcalls / 158#define IPTUN_CONDEMNED 0x0800 / iptun_t is to be freed / 159* 160#define IS_IPTUN_RUNNING(iptun) \ 161 ((iptun->iptun_flags & (IPTUN_BOUND \| IPTUN_MAC_STARTED)) == \ 162 (IPTUN_BOUND \| IPTUN_MAC_STARTED)) 163 164/*
175 * We request ire information for the tunnel destination in order to obtain 176 * its path MTU information. We use that to calculate the initial link MTU of 177 * a tunnel. 178 * 179 * After that, if the path MTU of the tunnel destination becomes smaller 180 * than the link MTU of the tunnel, then we will receive a packet too big 181 * (aka fragmentation needed) ICMP error when we transmit a packet larger 182 * than the path MTU, and we will adjust the tunne's MTU based on the ICMP 183 * error's MTU information. 184 * 185 * In addition to that, we also need to request the ire information 186 * periodically to make sure the link MTU of a tunnel doesn't become stale 187 * if the path MTU of the tunnel destination becomes larger than the link 188 * MTU of the tunnel. The period for the requests is ten minutes in 189 * accordance with rfc1191.	165 * iptuns_lock protects iptuns_iptunlist.
190 */	166 */
191#define IPTUN_PMTU_AGE SEC_TO_TICK(600) 192#define IPTUN_PMTU_TOO_OLD(ipt) \ 193 (((ipt)->iptun_flags & IPTUN_RADDR) && \ 194 !((ipt)->iptun_flags & IPTUN_FIXED_MTU) && \ 195 (ddi_get_lbolt() - (ipt)->iptun_dpmtu_lastupdate) > IPTUN_PMTU_AGE) 196 197/* 198 * iptuns_lock protects iptuns_iptunlist and iptuns_g_q. 199 */
200typedef struct iptun_stack { 201 netstack_t iptuns_netstack; / Common netstack / 202* kmutex_t iptuns_lock; 203 list_t iptuns_iptunlist; /* list of tunnels in this stack. */	167typedef struct iptun_stack { 168 netstack_t iptuns_netstack; / Common netstack / 169* kmutex_t iptuns_lock; 170 list_t iptuns_iptunlist; /* list of tunnels in this stack. */
204 queue_t iptuns_g_q; / read-side IP queue / 205* ldi_handle_t iptuns_g_q_lh;
206 ipaddr_t iptuns_relay_rtr_addr; 207} iptun_stack_t; 208 209extern dev_info_t iptun_dip; 210extern mod_hash_t iptun_hash; 211extern kmem_cache_t iptun_cache; 212extern ddi_taskq_t iptun_taskq; 213extern ldi_ident_t iptun_ldi_ident; 214 215extern int iptun_ioc_init(void); 216extern void iptun_ioc_fini(void); 217extern uint_t iptun_count(void); 218extern int iptun_create(iptun_kparams_t , cred_t ); 219extern int iptun_delete(datalink_id_t, cred_t ); 220extern int iptun_modify(const iptun_kparams_t , cred_t ); 221extern int iptun_info(iptun_kparams_t , cred_t ); 222extern int iptun_set_6to4relay(netstack_t , ipaddr_t); 223extern void iptun_get_6to4relay(netstack_t , ipaddr_t ); 224extern void iptun_set_policy(datalink_id_t, ipsec_tun_pol_t *);	171 ipaddr_t iptuns_relay_rtr_addr; 172} iptun_stack_t; 173 174extern dev_info_t iptun_dip; 175extern mod_hash_t iptun_hash; 176extern kmem_cache_t iptun_cache; 177extern ddi_taskq_t iptun_taskq; 178extern ldi_ident_t iptun_ldi_ident; 179 180extern int iptun_ioc_init(void); 181extern void iptun_ioc_fini(void); 182extern uint_t iptun_count(void); 183extern int iptun_create(iptun_kparams_t , cred_t ); 184extern int iptun_delete(datalink_id_t, cred_t ); 185extern int iptun_modify(const iptun_kparams_t , cred_t ); 186extern int iptun_info(iptun_kparams_t , cred_t ); 187extern int iptun_set_6to4relay(netstack_t , ipaddr_t); 188extern void iptun_get_6to4relay(netstack_t , ipaddr_t ); 189extern void iptun_set_policy(datalink_id_t, ipsec_tun_pol_t *);
225extern void iptun_set_g_q(netstack_t , queue_t ); 226extern void iptun_clear_g_q(netstack_t *);
227 228#endif /* _KERNEL / 229* 230#ifdef __cplusplus 231} 232#endif 233 234#endif /* _INET_IPTUN_IMPL_H */	190 191#endif /* _KERNEL / 192* 193#ifdef __cplusplus 194} 195#endif 196 197#endif /* _INET_IPTUN_IMPL_H */

iptun_impl.h (2b24ab6b)	iptun_impl.h (bd670b35)
1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE --- 66 unchanged lines hidden (view full) --- 75 in6_addr_t iau_addr6; 76 } ia_addr; 77} iptun_addr_t; 78 79typedef struct iptun_typeinfo { 80 iptun_type_t iti_type; 81 const char iti_ident; / MAC-Type plugin identifier / 82 uint_t iti_ipvers; / outer header IP version */	1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE --- 66 unchanged lines hidden (view full) --- 75 in6_addr_t iau_addr6; 76 } ia_addr; 77} iptun_addr_t; 78 79typedef struct iptun_typeinfo { 80 iptun_type_t iti_type; 81 const char iti_ident; / MAC-Type plugin identifier / 82 uint_t iti_ipvers; / outer header IP version */
83 edesc_spf iti_txfunc; /* function used to transmit to ip */
84 uint32_t iti_minmtu; /* minimum possible tunnel MTU / 85 uint32_t iti_maxmtu; / maximum possible tunnel MTU / 86 boolean_t iti_hasraddr; / has a remote adress / 87} iptun_typeinfo_t; 88 89/ 90 * An iptun_t represents an IP tunnel link. The iptun_lock protects the 91 * integrity of all fields except statistics which are updated atomically, and 92 * is also used by iptun_upcall_cv and iptun_enter_cv. Access to all fields 93 * must be done under the protection of iptun_lock with the following 94 * exceptions: 95 * 96 * The datapath reads certain fields without locks for performance reasons. 97 *	83 uint32_t iti_minmtu; /* minimum possible tunnel MTU / 84 uint32_t iti_maxmtu; / maximum possible tunnel MTU / 85 boolean_t iti_hasraddr; / has a remote adress / 86} iptun_typeinfo_t; 87 88/ 89 * An iptun_t represents an IP tunnel link. The iptun_lock protects the 90 * integrity of all fields except statistics which are updated atomically, and 91 * is also used by iptun_upcall_cv and iptun_enter_cv. Access to all fields 92 * must be done under the protection of iptun_lock with the following 93 * exceptions: 94 * 95 * The datapath reads certain fields without locks for performance reasons. 96 *
98 * - IPTUN_PMTU_TOO_OLD() is used without a lock to determine if the 99 * destination path-MTU should be queried. This reads iptun_flags 100 * IPTUN_RADDR, IPTUN_FIXED_MTU, and iptun_dpmtu_lastupdate. All of these 101 * can change without adversely affecting the tunnel, as the worst case 102 * scenario is that we launch a task that will ultimately either do nothing 103 * or needlessly query the destination path-MTU. 104 *
105 * - IPTUN_IS_RUNNING() is used (read access to iptun_flags IPTUN_BOUND and 106 * IPTUN_MAC_STARTED) to drop packets if they're sent while the tunnel is 107 * not running. This is harmless as the worst case scenario is that a 108 * packet will be needlessly sent down to ip and be dropped due to an 109 * unspecified source or destination. 110 / 111typedef struct iptun_s { 112* datalink_id_t iptun_linkid; 113 kmutex_t iptun_lock; 114 kcondvar_t iptun_upcall_cv; 115 kcondvar_t iptun_enter_cv; 116 uint32_t iptun_flags; 117 list_node_t iptun_link; 118 mac_handle_t iptun_mh; 119 conn_t iptun_connp; 120* zoneid_t iptun_zoneid; 121 netstack_t *iptun_ns;	97 * - IPTUN_IS_RUNNING() is used (read access to iptun_flags IPTUN_BOUND and 98 * IPTUN_MAC_STARTED) to drop packets if they're sent while the tunnel is 99 * not running. This is harmless as the worst case scenario is that a 100 * packet will be needlessly sent down to ip and be dropped due to an 101 * unspecified source or destination. 102 / 103typedef struct iptun_s { 104* datalink_id_t iptun_linkid; 105 kmutex_t iptun_lock; 106 kcondvar_t iptun_upcall_cv; 107 kcondvar_t iptun_enter_cv; 108 uint32_t iptun_flags; 109 list_node_t iptun_link; 110 mac_handle_t iptun_mh; 111 conn_t iptun_connp; 112* zoneid_t iptun_zoneid; 113 netstack_t *iptun_ns;
122 cred_t *iptun_cred;
123 struct ipsec_tun_pol_s iptun_itp; 124* iptun_typeinfo_t iptun_typeinfo; 125* uint32_t iptun_mtu; 126 uint32_t iptun_dpmtu; /* destination path MTU */	114 struct ipsec_tun_pol_s iptun_itp; 115* iptun_typeinfo_t iptun_typeinfo; 116* uint32_t iptun_mtu; 117 uint32_t iptun_dpmtu; /* destination path MTU */
127 clock_t iptun_dpmtu_lastupdate;
128 uint8_t iptun_hoplimit; 129 uint8_t iptun_encaplimit; 130 iptun_addr_t iptun_laddr; /* local address / 131* iptun_addr_t iptun_raddr; /* remote address / 132* iptun_header_t iptun_header; 133 size_t iptun_header_size; 134 ipsec_req_t iptun_simple_policy; 135 --- 31 unchanged lines hidden (view full) --- 167#define IPTUN_DELETE_PENDING 0x0400 /* iptun_delete() is issuing upcalls / 168#define IPTUN_CONDEMNED 0x0800 / iptun_t is to be freed / 169* 170#define IS_IPTUN_RUNNING(iptun) \ 171 ((iptun->iptun_flags & (IPTUN_BOUND \| IPTUN_MAC_STARTED)) == \ 172 (IPTUN_BOUND \| IPTUN_MAC_STARTED)) 173 174/*	118 uint8_t iptun_hoplimit; 119 uint8_t iptun_encaplimit; 120 iptun_addr_t iptun_laddr; /* local address / 121* iptun_addr_t iptun_raddr; /* remote address / 122* iptun_header_t iptun_header; 123 size_t iptun_header_size; 124 ipsec_req_t iptun_simple_policy; 125 --- 31 unchanged lines hidden (view full) --- 157#define IPTUN_DELETE_PENDING 0x0400 /* iptun_delete() is issuing upcalls / 158#define IPTUN_CONDEMNED 0x0800 / iptun_t is to be freed / 159* 160#define IS_IPTUN_RUNNING(iptun) \ 161 ((iptun->iptun_flags & (IPTUN_BOUND \| IPTUN_MAC_STARTED)) == \ 162 (IPTUN_BOUND \| IPTUN_MAC_STARTED)) 163 164/*
175 * We request ire information for the tunnel destination in order to obtain 176 * its path MTU information. We use that to calculate the initial link MTU of 177 * a tunnel. 178 * 179 * After that, if the path MTU of the tunnel destination becomes smaller 180 * than the link MTU of the tunnel, then we will receive a packet too big 181 * (aka fragmentation needed) ICMP error when we transmit a packet larger 182 * than the path MTU, and we will adjust the tunne's MTU based on the ICMP 183 * error's MTU information. 184 * 185 * In addition to that, we also need to request the ire information 186 * periodically to make sure the link MTU of a tunnel doesn't become stale 187 * if the path MTU of the tunnel destination becomes larger than the link 188 * MTU of the tunnel. The period for the requests is ten minutes in 189 * accordance with rfc1191.	165 * iptuns_lock protects iptuns_iptunlist.
190 */	166 */
191#define IPTUN_PMTU_AGE SEC_TO_TICK(600) 192#define IPTUN_PMTU_TOO_OLD(ipt) \ 193 (((ipt)->iptun_flags & IPTUN_RADDR) && \ 194 !((ipt)->iptun_flags & IPTUN_FIXED_MTU) && \ 195 (ddi_get_lbolt() - (ipt)->iptun_dpmtu_lastupdate) > IPTUN_PMTU_AGE) 196 197/* 198 * iptuns_lock protects iptuns_iptunlist and iptuns_g_q. 199 */
200typedef struct iptun_stack { 201 netstack_t iptuns_netstack; / Common netstack / 202* kmutex_t iptuns_lock; 203 list_t iptuns_iptunlist; /* list of tunnels in this stack. */	167typedef struct iptun_stack { 168 netstack_t iptuns_netstack; / Common netstack / 169* kmutex_t iptuns_lock; 170 list_t iptuns_iptunlist; /* list of tunnels in this stack. */
204 queue_t iptuns_g_q; / read-side IP queue / 205* ldi_handle_t iptuns_g_q_lh;
206 ipaddr_t iptuns_relay_rtr_addr; 207} iptun_stack_t; 208 209extern dev_info_t iptun_dip; 210extern mod_hash_t iptun_hash; 211extern kmem_cache_t iptun_cache; 212extern ddi_taskq_t iptun_taskq; 213extern ldi_ident_t iptun_ldi_ident; 214 215extern int iptun_ioc_init(void); 216extern void iptun_ioc_fini(void); 217extern uint_t iptun_count(void); 218extern int iptun_create(iptun_kparams_t , cred_t ); 219extern int iptun_delete(datalink_id_t, cred_t ); 220extern int iptun_modify(const iptun_kparams_t , cred_t ); 221extern int iptun_info(iptun_kparams_t , cred_t ); 222extern int iptun_set_6to4relay(netstack_t , ipaddr_t); 223extern void iptun_get_6to4relay(netstack_t , ipaddr_t ); 224extern void iptun_set_policy(datalink_id_t, ipsec_tun_pol_t *);	171 ipaddr_t iptuns_relay_rtr_addr; 172} iptun_stack_t; 173 174extern dev_info_t iptun_dip; 175extern mod_hash_t iptun_hash; 176extern kmem_cache_t iptun_cache; 177extern ddi_taskq_t iptun_taskq; 178extern ldi_ident_t iptun_ldi_ident; 179 180extern int iptun_ioc_init(void); 181extern void iptun_ioc_fini(void); 182extern uint_t iptun_count(void); 183extern int iptun_create(iptun_kparams_t , cred_t ); 184extern int iptun_delete(datalink_id_t, cred_t ); 185extern int iptun_modify(const iptun_kparams_t , cred_t ); 186extern int iptun_info(iptun_kparams_t , cred_t ); 187extern int iptun_set_6to4relay(netstack_t , ipaddr_t); 188extern void iptun_get_6to4relay(netstack_t , ipaddr_t ); 189extern void iptun_set_policy(datalink_id_t, ipsec_tun_pol_t *);
225extern void iptun_set_g_q(netstack_t , queue_t ); 226extern void iptun_clear_g_q(netstack_t *);
227 228#endif /* _KERNEL / 229* 230#ifdef __cplusplus 231} 232#endif 233 234#endif /* _INET_IPTUN_IMPL_H */	190 191#endif /* _KERNEL / 192* 193#ifdef __cplusplus 194} 195#endif 196 197#endif /* _INET_IPTUN_IMPL_H */