Eric Lee / smarc-fsl-linux-kernel

Blame view

include/linux/xfrm.h 8.91 KB

1da177e4c Linus Torvalds Linux-2.6.12-rc2	1 2 3 4 5 6 7 8 9 10 11 12 13 14	#ifndef _LINUX_XFRM_H #define _LINUX_XFRM_H #include <linux/types.h> /* All of the structures in this file may not change size as they are * passed into the kernel from userspace via netlink sockets. / / Structure to encapsulate addresses. I do not want to use * "standard" structure. My apologies. */ typedef union {
737b5761d Al Viro [XFRM]: xfrm_addr...	15 16	__be32 a4; __be32 a6[4];
1da177e4c Linus Torvalds Linux-2.6.12-rc2	17 18 19 20 21 22 23 24 25	} xfrm_address_t; /* Ident of a specific xfrm_state. It is used on input to lookup * the state by (spi,daddr,ah/esp) or to store information about * spi, protocol and tunnel address on output. */ struct xfrm_id { xfrm_address_t daddr;
e037c39bf Al Viro [XFRM]: struct xf...	26	__be32 spi;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	27 28	__u8 proto; };
df71837d5 Trent Jaeger [LSM-IPSec]: Secu...	29 30 31 32 33 34 35 36 37 38 39 40 41 42 43	struct xfrm_sec_ctx { __u8 ctx_doi; __u8 ctx_alg; __u16 ctx_len; __u32 ctx_sid; char ctx_str[0]; }; /* Security Context Domains of Interpretation / #define XFRM_SC_DOI_RESERVED 0 #define XFRM_SC_DOI_LSM 1 / Security Context Algorithms */ #define XFRM_SC_ALG_RESERVED 0 #define XFRM_SC_ALG_SELINUX 1
1da177e4c Linus Torvalds Linux-2.6.12-rc2	44 45 46 47 48 49	/* Selector, used as selector both on policy rules (SPD) and SAs. */ struct xfrm_selector { xfrm_address_t daddr; xfrm_address_t saddr;
8f83f23e6 Al Viro [XFRM]: ports in ...	50 51 52 53	__be16 dport; __be16 dport_mask; __be16 sport; __be16 sport_mask;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104	__u16 family; __u8 prefixlen_d; __u8 prefixlen_s; __u8 proto; int ifindex; uid_t user; }; #define XFRM_INF (~(__u64)0) struct xfrm_lifetime_cfg { __u64 soft_byte_limit; __u64 hard_byte_limit; __u64 soft_packet_limit; __u64 hard_packet_limit; __u64 soft_add_expires_seconds; __u64 hard_add_expires_seconds; __u64 soft_use_expires_seconds; __u64 hard_use_expires_seconds; }; struct xfrm_lifetime_cur { __u64 bytes; __u64 packets; __u64 add_time; __u64 use_time; }; struct xfrm_replay_state { __u32 oseq; __u32 seq; __u32 bitmap; }; struct xfrm_algo { char alg_name[64]; int alg_key_len; /* in bits */ char alg_key[0]; }; struct xfrm_stats { __u32 replay_window; __u32 replay; __u32 integrity_failed; }; enum {
4e81bb833 Masahide NAKAMURA [XFRM] POLICY: su...	105 106 107 108 109 110 111	XFRM_POLICY_TYPE_MAIN = 0, XFRM_POLICY_TYPE_SUB = 1, XFRM_POLICY_TYPE_MAX = 2 }; enum {
1da177e4c Linus Torvalds Linux-2.6.12-rc2	112 113 114 115 116 117 118 119 120 121 122 123 124	XFRM_POLICY_IN = 0, XFRM_POLICY_OUT = 1, XFRM_POLICY_FWD = 2, XFRM_POLICY_MAX = 3 }; enum { XFRM_SHARE_ANY, /* No limitations / XFRM_SHARE_SESSION, / For this session only / XFRM_SHARE_USER, / For this user only / XFRM_SHARE_UNIQUE / Use once */ };
b59f45d0b Herbert Xu [IPSEC] xfrm: Abs...	125 126	#define XFRM_MODE_TRANSPORT 0 #define XFRM_MODE_TUNNEL 1
7e49e6de3 Masahide NAKAMURA [XFRM]: Add XFRM_...	127 128	#define XFRM_MODE_ROUTEOPTIMIZATION 2 #define XFRM_MODE_IN_TRIGGER 3
0a69452cb Diego Beltrami [XFRM]: BEET mode	129 130	#define XFRM_MODE_BEET 4 #define XFRM_MODE_MAX 5
b59f45d0b Herbert Xu [IPSEC] xfrm: Abs...	131
1da177e4c Linus Torvalds Linux-2.6.12-rc2	132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168	/* Netlink configuration messages. */ enum { XFRM_MSG_BASE = 0x10, XFRM_MSG_NEWSA = 0x10, #define XFRM_MSG_NEWSA XFRM_MSG_NEWSA XFRM_MSG_DELSA, #define XFRM_MSG_DELSA XFRM_MSG_DELSA XFRM_MSG_GETSA, #define XFRM_MSG_GETSA XFRM_MSG_GETSA XFRM_MSG_NEWPOLICY, #define XFRM_MSG_NEWPOLICY XFRM_MSG_NEWPOLICY XFRM_MSG_DELPOLICY, #define XFRM_MSG_DELPOLICY XFRM_MSG_DELPOLICY XFRM_MSG_GETPOLICY, #define XFRM_MSG_GETPOLICY XFRM_MSG_GETPOLICY XFRM_MSG_ALLOCSPI, #define XFRM_MSG_ALLOCSPI XFRM_MSG_ALLOCSPI XFRM_MSG_ACQUIRE, #define XFRM_MSG_ACQUIRE XFRM_MSG_ACQUIRE XFRM_MSG_EXPIRE, #define XFRM_MSG_EXPIRE XFRM_MSG_EXPIRE XFRM_MSG_UPDPOLICY, #define XFRM_MSG_UPDPOLICY XFRM_MSG_UPDPOLICY XFRM_MSG_UPDSA, #define XFRM_MSG_UPDSA XFRM_MSG_UPDSA XFRM_MSG_POLEXPIRE, #define XFRM_MSG_POLEXPIRE XFRM_MSG_POLEXPIRE XFRM_MSG_FLUSHSA, #define XFRM_MSG_FLUSHSA XFRM_MSG_FLUSHSA XFRM_MSG_FLUSHPOLICY, #define XFRM_MSG_FLUSHPOLICY XFRM_MSG_FLUSHPOLICY
f8cd54884 Jamal Hadi Salim [IPSEC]: Sync ser...	169 170 171 172	XFRM_MSG_NEWAE, #define XFRM_MSG_NEWAE XFRM_MSG_NEWAE XFRM_MSG_GETAE, #define XFRM_MSG_GETAE XFRM_MSG_GETAE
97a64b457 Masahide NAKAMURA [XFRM]: Introduce...	173 174 175	XFRM_MSG_REPORT, #define XFRM_MSG_REPORT XFRM_MSG_REPORT
80c9abaab Shinta Sugimoto [XFRM]: Extension...	176 177	XFRM_MSG_MIGRATE, #define XFRM_MSG_MIGRATE XFRM_MSG_MIGRATE
28d8909bc Jamal Hadi Salim [XFRM]: Export SA...	178 179 180 181	XFRM_MSG_NEWSADINFO, #define XFRM_MSG_NEWSADINFO XFRM_MSG_NEWSADINFO XFRM_MSG_GETSADINFO, #define XFRM_MSG_GETSADINFO XFRM_MSG_GETSADINFO
ecfd6b183 Jamal Hadi Salim [XFRM]: Export SP...	182 183 184 185 186	XFRM_MSG_NEWSPDINFO, #define XFRM_MSG_NEWSPDINFO XFRM_MSG_NEWSPDINFO XFRM_MSG_GETSPDINFO, #define XFRM_MSG_GETSPDINFO XFRM_MSG_GETSPDINFO
526bdb80a Thomas Graf [XFRM]: Prevent o...	187	__XFRM_MSG_MAX
1da177e4c Linus Torvalds Linux-2.6.12-rc2	188	};
526bdb80a Thomas Graf [XFRM]: Prevent o...	189	#define XFRM_MSG_MAX (__XFRM_MSG_MAX - 1)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	190
492b558b3 Thomas Graf [XFRM]: Cleanup x...	191	#define XFRM_NR_MSGTYPES (XFRM_MSG_MAX + 1 - XFRM_MSG_BASE)
df71837d5 Trent Jaeger [LSM-IPSec]: Secu...	192 193 194 195 196 197 198 199 200 201 202	/* * Generic LSM security context for comunicating to user space * NOTE: Same format as sadb_x_sec_ctx / struct xfrm_user_sec_ctx { __u16 len; __u16 exttype; __u8 ctx_alg; / LSMs: e.g., selinux == 1 */ __u8 ctx_doi; __u16 ctx_len; };
1da177e4c Linus Torvalds Linux-2.6.12-rc2	203 204 205 206 207 208 209 210 211 212 213 214 215 216 217	struct xfrm_user_tmpl { struct xfrm_id id; __u16 family; xfrm_address_t saddr; __u32 reqid; __u8 mode; __u8 share; __u8 optional; __u32 aalgos; __u32 ealgos; __u32 calgos; }; struct xfrm_encap_tmpl { __u16 encap_type;
d5a0a1e31 Al Viro [IPV4]: encapsula...	218 219	__be16 encap_sport; __be16 encap_dport;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	220 221	xfrm_address_t encap_oa; };
f8cd54884 Jamal Hadi Salim [IPSEC]: Sync ser...	222 223 224 225 226 227 228 229 230 231 232 233 234 235	/* AEVENT flags / enum xfrm_ae_ftype_t { XFRM_AE_UNSPEC, XFRM_AE_RTHR=1, / replay threshold/ XFRM_AE_RVAL=2, / replay value / XFRM_AE_LVAL=4, / lifetime value / XFRM_AE_ETHR=8, / expiry timer threshold / XFRM_AE_CR=16, / Event cause is replay update / XFRM_AE_CE=32, / Event cause is timer expiry / XFRM_AE_CU=64, / Event cause is policy update */ __XFRM_AE_MAX #define XFRM_AE_MAX (__XFRM_AE_MAX - 1) };
f7b6983f0 Masahide NAKAMURA [XFRM] POLICY: Su...	236 237 238 239 240	struct xfrm_userpolicy_type { __u8 type; __u16 reserved1; __u8 reserved2; };
1da177e4c Linus Torvalds Linux-2.6.12-rc2	241 242 243 244 245 246 247 248	/* Netlink message attributes. / enum xfrm_attr_type_t { XFRMA_UNSPEC, XFRMA_ALG_AUTH, / struct xfrm_algo / XFRMA_ALG_CRYPT, / struct xfrm_algo / XFRMA_ALG_COMP, / struct xfrm_algo / XFRMA_ENCAP, / struct xfrm_algo + struct xfrm_encap_tmpl / XFRMA_TMPL, / 1 or more struct xfrm_user_tmpl */
0603eac0d Herbert Xu [IPSEC]: Add XFRM...	249 250	XFRMA_SA, XFRMA_POLICY,
df71837d5 Trent Jaeger [LSM-IPSec]: Secu...	251	XFRMA_SEC_CTX, /* struct xfrm_sec_ctx */
f8cd54884 Jamal Hadi Salim [IPSEC]: Sync ser...	252 253 254 255	XFRMA_LTIME_VAL, XFRMA_REPLAY_VAL, XFRMA_REPLAY_THRESH, XFRMA_ETIMER_THRESH,
eb2971b68 Masahide NAKAMURA [XFRM] STATE: Sea...	256	XFRMA_SRCADDR, /* xfrm_address_t */
060f02a3b Noriaki TAKAMIYA [XFRM] STATE: Int...	257	XFRMA_COADDR, /* xfrm_address_t */
9afaca057 Masahide NAKAMURA [XFRM] IPV6: Upda...	258	XFRMA_LASTUSED,
f7b6983f0 Masahide NAKAMURA [XFRM] POLICY: Su...	259	XFRMA_POLICY_TYPE, /* struct xfrm_userpolicy_type */
80c9abaab Shinta Sugimoto [XFRM]: Extension...	260	XFRMA_MIGRATE,
1da177e4c Linus Torvalds Linux-2.6.12-rc2	261 262 263 264	__XFRMA_MAX #define XFRMA_MAX (__XFRMA_MAX - 1) };
28d8909bc Jamal Hadi Salim [XFRM]: Export SA...	265 266	enum xfrm_sadattr_type_t { XFRMA_SAD_UNSPEC,
af11e3160 Jamal Hadi Salim [XFRM] SAD info T...	267 268	XFRMA_SAD_CNT, XFRMA_SAD_HINFO,
28d8909bc Jamal Hadi Salim [XFRM]: Export SA...	269 270 271 272	__XFRMA_SAD_MAX #define XFRMA_SAD_MAX (__XFRMA_SAD_MAX - 1) };
af11e3160 Jamal Hadi Salim [XFRM] SAD info T...	273 274 275 276	struct xfrmu_sadhinfo { __u32 sadhcnt; /* current hash bkts / __u32 sadhmcnt; / max allowed hash bkts */ };
ecfd6b183 Jamal Hadi Salim [XFRM]: Export SP...	277 278	enum xfrm_spdattr_type_t { XFRMA_SPD_UNSPEC,
5a6d34162 Jamal Hadi Salim [XFRM] SPD info T...	279 280	XFRMA_SPD_INFO, XFRMA_SPD_HINFO,
ecfd6b183 Jamal Hadi Salim [XFRM]: Export SP...	281 282 283 284	__XFRMA_SPD_MAX #define XFRMA_SPD_MAX (__XFRMA_SPD_MAX - 1) };
5a6d34162 Jamal Hadi Salim [XFRM] SPD info T...	285 286 287 288 289 290 291 292 293 294 295 296 297	struct xfrmu_spdinfo { __u32 incnt; __u32 outcnt; __u32 fwdcnt; __u32 inscnt; __u32 outscnt; __u32 fwdscnt; }; struct xfrmu_spdhinfo { __u32 spdhcnt; __u32 spdhmcnt; };
1da177e4c Linus Torvalds Linux-2.6.12-rc2	298 299 300 301 302 303 304 305 306 307	struct xfrm_usersa_info { struct xfrm_selector sel; struct xfrm_id id; xfrm_address_t saddr; struct xfrm_lifetime_cfg lft; struct xfrm_lifetime_cur curlft; struct xfrm_stats stats; __u32 seq; __u32 reqid; __u16 family;
7e49e6de3 Masahide NAKAMURA [XFRM]: Add XFRM_...	308	__u8 mode; /* XFRM_MODE_xxx */
1da177e4c Linus Torvalds Linux-2.6.12-rc2	309 310 311 312	__u8 replay_window; __u8 flags; #define XFRM_STATE_NOECN 1 #define XFRM_STATE_DECAP_DSCP 2
dd87147ee Herbert Xu [IPSEC]: Add XFRM...	313	#define XFRM_STATE_NOPMTUDISC 4
fbd9a5b47 Masahide NAKAMURA [XFRM] STATE: Com...	314	#define XFRM_STATE_WILDRECV 8
1da177e4c Linus Torvalds Linux-2.6.12-rc2	315 316 317 318	}; struct xfrm_usersa_id { xfrm_address_t daddr;
9916ecb0a Al Viro [XFRM]: struct xf...	319	__be32 spi;
1da177e4c Linus Torvalds Linux-2.6.12-rc2	320 321 322	__u16 family; __u8 proto; };
f8cd54884 Jamal Hadi Salim [IPSEC]: Sync ser...	323	struct xfrm_aevent_id {
f8cd54884 Jamal Hadi Salim [IPSEC]: Sync ser...	324	struct xfrm_usersa_id sa_id;
2b5f6dcce Jamal Hadi Salim [XFRM]: Fix aeven...	325	xfrm_address_t saddr;
4bf07ef3f Jamal Hadi Salim [XFRM]: Rearrange...	326	__u32 flags;
2b5f6dcce Jamal Hadi Salim [XFRM]: Fix aeven...	327	__u32 reqid;
f8cd54884 Jamal Hadi Salim [IPSEC]: Sync ser...	328	};
1da177e4c Linus Torvalds Linux-2.6.12-rc2	329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379	struct xfrm_userspi_info { struct xfrm_usersa_info info; __u32 min; __u32 max; }; struct xfrm_userpolicy_info { struct xfrm_selector sel; struct xfrm_lifetime_cfg lft; struct xfrm_lifetime_cur curlft; __u32 priority; __u32 index; __u8 dir; __u8 action; #define XFRM_POLICY_ALLOW 0 #define XFRM_POLICY_BLOCK 1 __u8 flags; #define XFRM_POLICY_LOCALOK 1 /* Allow user to override global policy */ __u8 share; }; struct xfrm_userpolicy_id { struct xfrm_selector sel; __u32 index; __u8 dir; }; struct xfrm_user_acquire { struct xfrm_id id; xfrm_address_t saddr; struct xfrm_selector sel; struct xfrm_userpolicy_info policy; __u32 aalgos; __u32 ealgos; __u32 calgos; __u32 seq; }; struct xfrm_user_expire { struct xfrm_usersa_info state; __u8 hard; }; struct xfrm_user_polexpire { struct xfrm_userpolicy_info pol; __u8 hard; }; struct xfrm_usersa_flush { __u8 proto; };
97a64b457 Masahide NAKAMURA [XFRM]: Introduce...	380 381 382 383	struct xfrm_user_report { __u8 proto; struct xfrm_selector sel; };
80c9abaab Shinta Sugimoto [XFRM]: Extension...	384 385 386 387 388 389 390 391 392 393 394 395	struct xfrm_user_migrate { xfrm_address_t old_daddr; xfrm_address_t old_saddr; xfrm_address_t new_daddr; xfrm_address_t new_saddr; __u8 proto; __u8 mode; __u16 reserved; __u32 reqid; __u16 old_family; __u16 new_family; };
ac6d439d2 Patrick McHardy [NETLINK]: Conver...	396 397	#ifndef __KERNEL__ /* backwards compatibility for userspace */
1da177e4c Linus Torvalds Linux-2.6.12-rc2	398 399	#define XFRMGRP_ACQUIRE 1 #define XFRMGRP_EXPIRE 2
26b15dad9 Jamal Hadi Salim [IPSEC] Add compl...	400 401	#define XFRMGRP_SA 4 #define XFRMGRP_POLICY 8
93366c537 J Hadi Salim [XFRM]: Fix XFRMG...	402	#define XFRMGRP_REPORT 0x20
ac6d439d2 Patrick McHardy [NETLINK]: Conver...	403 404 405 406 407 408 409 410 411 412 413 414 415	#endif enum xfrm_nlgroups { XFRMNLGRP_NONE, #define XFRMNLGRP_NONE XFRMNLGRP_NONE XFRMNLGRP_ACQUIRE, #define XFRMNLGRP_ACQUIRE XFRMNLGRP_ACQUIRE XFRMNLGRP_EXPIRE, #define XFRMNLGRP_EXPIRE XFRMNLGRP_EXPIRE XFRMNLGRP_SA, #define XFRMNLGRP_SA XFRMNLGRP_SA XFRMNLGRP_POLICY, #define XFRMNLGRP_POLICY XFRMNLGRP_POLICY
f8cd54884 Jamal Hadi Salim [IPSEC]: Sync ser...	416 417	XFRMNLGRP_AEVENTS, #define XFRMNLGRP_AEVENTS XFRMNLGRP_AEVENTS
97a64b457 Masahide NAKAMURA [XFRM]: Introduce...	418 419	XFRMNLGRP_REPORT, #define XFRMNLGRP_REPORT XFRMNLGRP_REPORT
80c9abaab Shinta Sugimoto [XFRM]: Extension...	420 421	XFRMNLGRP_MIGRATE, #define XFRMNLGRP_MIGRATE XFRMNLGRP_MIGRATE
ac6d439d2 Patrick McHardy [NETLINK]: Conver...	422 423 424	__XFRMNLGRP_MAX }; #define XFRMNLGRP_MAX (__XFRMNLGRP_MAX - 1)
1da177e4c Linus Torvalds Linux-2.6.12-rc2	425 426	#endif /* _LINUX_XFRM_H */