13448Sdh155122 /* 23448Sdh155122 * CDDL HEADER START 33448Sdh155122 * 43448Sdh155122 * The contents of this file are subject to the terms of the 53448Sdh155122 * Common Development and Distribution License (the "License"). 63448Sdh155122 * You may not use this file except in compliance with the License. 73448Sdh155122 * 83448Sdh155122 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 93448Sdh155122 * or http://www.opensolaris.org/os/licensing. 103448Sdh155122 * See the License for the specific language governing permissions 113448Sdh155122 * and limitations under the License. 123448Sdh155122 * 133448Sdh155122 * When distributing Covered Code, include this CDDL HEADER in each 143448Sdh155122 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 153448Sdh155122 * If applicable, add the following below this CDDL HEADER, with the 163448Sdh155122 * fields enclosed by brackets "[]" replaced with your own identifying 173448Sdh155122 * information: Portions Copyright [yyyy] [name of copyright owner] 183448Sdh155122 * 193448Sdh155122 * CDDL HEADER END 203448Sdh155122 */ 213448Sdh155122 223448Sdh155122 /* 2310616SSebastien.Roy@Sun.COM * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 243448Sdh155122 * Use is subject to license terms. 253448Sdh155122 */ 263448Sdh155122 #ifndef _SYS_NETSTACK_H 273448Sdh155122 #define _SYS_NETSTACK_H 283448Sdh155122 293448Sdh155122 #include <sys/kstat.h> 303448Sdh155122 313448Sdh155122 #ifdef __cplusplus 323448Sdh155122 extern "C" { 333448Sdh155122 #endif 343448Sdh155122 353448Sdh155122 /* 363448Sdh155122 * This allows various pieces in and around IP to have a separate instance 373448Sdh155122 * for each instance of IP. This is used to support zones that have an 383448Sdh155122 * exclusive stack. 393448Sdh155122 * Pieces of software far removed from IP (e.g., kernel software 403448Sdh155122 * sitting on top of TCP or UDP) probably should not use the netstack 413448Sdh155122 * support; if such software wants to support separate zones it 423448Sdh155122 * can do that using the zones framework (zone_key_create() etc) 433448Sdh155122 * whether there is a shared IP stack or and exclusive IP stack underneath. 443448Sdh155122 */ 453448Sdh155122 463448Sdh155122 /* 473448Sdh155122 * Each netstack has an identifier. We reuse the zoneid allocation for 483448Sdh155122 * this but have a separate typedef. Thus the shared stack (used by 493448Sdh155122 * the global zone and other shared stack zones) have a zero ID, and 503448Sdh155122 * the exclusive stacks have a netstackid that is the same as their zoneid. 513448Sdh155122 */ 523448Sdh155122 typedef id_t netstackid_t; 533448Sdh155122 543448Sdh155122 #define GLOBAL_NETSTACKID 0 553448Sdh155122 563448Sdh155122 /* 573448Sdh155122 * One for each module which uses netstack support. 583448Sdh155122 * Used in netstack_register(). 593448Sdh155122 * 603448Sdh155122 * The order of these is important for some modules both for 613448Sdh155122 * the creation (which done in ascending order) and destruction (which is 6210616SSebastien.Roy@Sun.COM * done in in decending order). 633448Sdh155122 */ 644287Snordmark #define NS_ALL -1 /* Match all */ 6510616SSebastien.Roy@Sun.COM #define NS_DLS 0 6610616SSebastien.Roy@Sun.COM #define NS_IPTUN 1 6710616SSebastien.Roy@Sun.COM #define NS_STR 2 /* autopush list etc */ 6810616SSebastien.Roy@Sun.COM #define NS_HOOK 3 6910616SSebastien.Roy@Sun.COM #define NS_NETI 4 7010616SSebastien.Roy@Sun.COM #define NS_ARP 5 7110616SSebastien.Roy@Sun.COM #define NS_IP 6 7210616SSebastien.Roy@Sun.COM #define NS_ICMP 7 7310616SSebastien.Roy@Sun.COM #define NS_UDP 8 7410616SSebastien.Roy@Sun.COM #define NS_TCP 9 7510616SSebastien.Roy@Sun.COM #define NS_SCTP 10 7610616SSebastien.Roy@Sun.COM #define NS_RTS 11 7710616SSebastien.Roy@Sun.COM #define NS_IPSEC 12 7810616SSebastien.Roy@Sun.COM #define NS_KEYSOCK 13 7910616SSebastien.Roy@Sun.COM #define NS_SPDSOCK 14 8010616SSebastien.Roy@Sun.COM #define NS_IPSECAH 15 8110616SSebastien.Roy@Sun.COM #define NS_IPSECESP 16 8210616SSebastien.Roy@Sun.COM #define NS_IPNET 17 83*10946SSangeeta.Misra@Sun.COM #define NS_ILB 18 84*10946SSangeeta.Misra@Sun.COM #define NS_MAX (NS_ILB+1) 853448Sdh155122 863448Sdh155122 /* 875880Snordmark * State maintained for each module which tracks the state of 885880Snordmark * the create, shutdown and destroy callbacks. 895880Snordmark * 905880Snordmark * Keeps track of pending actions to avoid holding locks when 915880Snordmark * calling into the create/shutdown/destroy functions in the module. 925880Snordmark */ 935880Snordmark #ifdef _KERNEL 945880Snordmark typedef struct { 955880Snordmark uint16_t nms_flags; 965880Snordmark kcondvar_t nms_cv; 975880Snordmark } nm_state_t; 985880Snordmark 995880Snordmark /* 1005880Snordmark * nms_flags 1015880Snordmark */ 1025880Snordmark #define NSS_CREATE_NEEDED 0x0001 1035880Snordmark #define NSS_CREATE_INPROGRESS 0x0002 1045880Snordmark #define NSS_CREATE_COMPLETED 0x0004 1055880Snordmark #define NSS_SHUTDOWN_NEEDED 0x0010 1065880Snordmark #define NSS_SHUTDOWN_INPROGRESS 0x0020 1075880Snordmark #define NSS_SHUTDOWN_COMPLETED 0x0040 1085880Snordmark #define NSS_DESTROY_NEEDED 0x0100 1095880Snordmark #define NSS_DESTROY_INPROGRESS 0x0200 1105880Snordmark #define NSS_DESTROY_COMPLETED 0x0400 1115880Snordmark 1125880Snordmark #define NSS_CREATE_ALL \ 1135880Snordmark (NSS_CREATE_NEEDED|NSS_CREATE_INPROGRESS|NSS_CREATE_COMPLETED) 1145880Snordmark #define NSS_SHUTDOWN_ALL \ 1155880Snordmark (NSS_SHUTDOWN_NEEDED|NSS_SHUTDOWN_INPROGRESS|NSS_SHUTDOWN_COMPLETED) 1165880Snordmark #define NSS_DESTROY_ALL \ 1175880Snordmark (NSS_DESTROY_NEEDED|NSS_DESTROY_INPROGRESS|NSS_DESTROY_COMPLETED) 1185880Snordmark 1195880Snordmark #define NSS_ALL_INPROGRESS \ 1205880Snordmark (NSS_CREATE_INPROGRESS|NSS_SHUTDOWN_INPROGRESS|NSS_DESTROY_INPROGRESS) 1215880Snordmark #else 1225880Snordmark /* User-level compile like IP Filter needs a netstack_t. Dummy */ 1235880Snordmark typedef uint_t nm_state_t; 1245880Snordmark #endif /* _KERNEL */ 1255880Snordmark 1265880Snordmark /* 1273448Sdh155122 * One for every netstack in the system. 1283448Sdh155122 * We use a union so that the compilar and lint can provide type checking - 1293448Sdh155122 * in principle we could have 1303448Sdh155122 * #define netstack_arp netstack_modules[NS_ARP] 1313448Sdh155122 * etc, but that would imply void * types hence no type checking by the 1323448Sdh155122 * compiler. 1333448Sdh155122 * 1343448Sdh155122 * All the fields in netstack_t except netstack_next are protected by 1353448Sdh155122 * netstack_lock. netstack_next is protected by netstack_g_lock. 1363448Sdh155122 */ 1373448Sdh155122 struct netstack { 1383448Sdh155122 union { 1393448Sdh155122 void *nu_modules[NS_MAX]; 1403448Sdh155122 struct { 14110616SSebastien.Roy@Sun.COM struct dls_stack *nu_dls; 14210616SSebastien.Roy@Sun.COM struct iptun_stack *nu_iptun; 1437513SDarren.Reed@Sun.COM struct str_stack *nu_str; 1443448Sdh155122 struct hook_stack *nu_hook; 1453448Sdh155122 struct neti_stack *nu_neti; 1463448Sdh155122 struct arp_stack *nu_arp; 1473448Sdh155122 struct ip_stack *nu_ip; 1483448Sdh155122 struct icmp_stack *nu_icmp; 1493448Sdh155122 struct udp_stack *nu_udp; 1503448Sdh155122 struct tcp_stack *nu_tcp; 1513448Sdh155122 struct sctp_stack *nu_sctp; 1523448Sdh155122 struct rts_stack *nu_rts; 1533448Sdh155122 struct ipsec_stack *nu_ipsec; 1543448Sdh155122 struct keysock_stack *nu_keysock; 1553448Sdh155122 struct spd_stack *nu_spdsock; 1563448Sdh155122 struct ipsecah_stack *nu_ipsecah; 1573448Sdh155122 struct ipsecesp_stack *nu_ipsecesp; 1588023SPhil.Kirk@Sun.COM struct ipnet_stack *nu_ipnet; 159*10946SSangeeta.Misra@Sun.COM struct ilb_stack *nu_ilb; 1603448Sdh155122 } nu_s; 1613448Sdh155122 } netstack_u; 1623448Sdh155122 #define netstack_modules netstack_u.nu_modules 16310616SSebastien.Roy@Sun.COM #define netstack_dls netstack_u.nu_s.nu_dls 16410616SSebastien.Roy@Sun.COM #define netstack_iptun netstack_u.nu_s.nu_iptun 1657513SDarren.Reed@Sun.COM #define netstack_str netstack_u.nu_s.nu_str 1663448Sdh155122 #define netstack_hook netstack_u.nu_s.nu_hook 1673448Sdh155122 #define netstack_neti netstack_u.nu_s.nu_neti 1683448Sdh155122 #define netstack_arp netstack_u.nu_s.nu_arp 1693448Sdh155122 #define netstack_ip netstack_u.nu_s.nu_ip 1703448Sdh155122 #define netstack_icmp netstack_u.nu_s.nu_icmp 1713448Sdh155122 #define netstack_udp netstack_u.nu_s.nu_udp 1723448Sdh155122 #define netstack_tcp netstack_u.nu_s.nu_tcp 1733448Sdh155122 #define netstack_sctp netstack_u.nu_s.nu_sctp 1743448Sdh155122 #define netstack_rts netstack_u.nu_s.nu_rts 1753448Sdh155122 #define netstack_ipsec netstack_u.nu_s.nu_ipsec 1763448Sdh155122 #define netstack_keysock netstack_u.nu_s.nu_keysock 1773448Sdh155122 #define netstack_spdsock netstack_u.nu_s.nu_spdsock 1783448Sdh155122 #define netstack_ipsecah netstack_u.nu_s.nu_ipsecah 1793448Sdh155122 #define netstack_ipsecesp netstack_u.nu_s.nu_ipsecesp 1808023SPhil.Kirk@Sun.COM #define netstack_ipnet netstack_u.nu_s.nu_ipnet 181*10946SSangeeta.Misra@Sun.COM #define netstack_ilb netstack_u.nu_s.nu_ilb 1823448Sdh155122 1835880Snordmark nm_state_t netstack_m_state[NS_MAX]; /* module state */ 1843448Sdh155122 1853448Sdh155122 kmutex_t netstack_lock; 1863448Sdh155122 struct netstack *netstack_next; 1873448Sdh155122 netstackid_t netstack_stackid; 1883448Sdh155122 int netstack_numzones; /* Number of zones using this */ 1893448Sdh155122 int netstack_refcnt; /* Number of hold-rele */ 1903448Sdh155122 int netstack_flags; /* See below */ 1915880Snordmark 1925880Snordmark #ifdef _KERNEL 1935880Snordmark /* Needed to ensure that we run the callback functions in order */ 1945880Snordmark kcondvar_t netstack_cv; 1955880Snordmark #endif 1963448Sdh155122 }; 1973448Sdh155122 typedef struct netstack netstack_t; 1983448Sdh155122 1993448Sdh155122 /* netstack_flags values */ 2005880Snordmark #define NSF_UNINIT 0x01 /* Not initialized */ 2015880Snordmark #define NSF_CLOSING 0x02 /* Going away */ 2025880Snordmark #define NSF_ZONE_CREATE 0x04 /* create callbacks inprog */ 2035880Snordmark #define NSF_ZONE_SHUTDOWN 0x08 /* shutdown callbacks */ 2045880Snordmark #define NSF_ZONE_DESTROY 0x10 /* destroy callbacks */ 2053448Sdh155122 2065880Snordmark #define NSF_ZONE_INPROGRESS \ 2075880Snordmark (NSF_ZONE_CREATE|NSF_ZONE_SHUTDOWN|NSF_ZONE_DESTROY) 2083448Sdh155122 2093448Sdh155122 /* 2103448Sdh155122 * One for each of the NS_* values. 2113448Sdh155122 */ 2123448Sdh155122 struct netstack_registry { 2133448Sdh155122 int nr_flags; /* 0 if nothing registered */ 2143448Sdh155122 void *(*nr_create)(netstackid_t, netstack_t *); 2153448Sdh155122 void (*nr_shutdown)(netstackid_t, void *); 2163448Sdh155122 void (*nr_destroy)(netstackid_t, void *); 2173448Sdh155122 }; 2183448Sdh155122 2193448Sdh155122 /* nr_flags values */ 2203448Sdh155122 #define NRF_REGISTERED 0x01 2215880Snordmark #define NRF_DYING 0x02 /* No new creates */ 2223448Sdh155122 2233448Sdh155122 /* 2243448Sdh155122 * To support kstat_create_netstack() using kstat_add_zone we need 2253448Sdh155122 * to track both 2263448Sdh155122 * - all zoneids that use the global/shared stack 2273448Sdh155122 * - all kstats that have been added for the shared stack 2283448Sdh155122 */ 2293448Sdh155122 2303448Sdh155122 extern void netstack_init(void); 2313448Sdh155122 extern void netstack_hold(netstack_t *); 2323448Sdh155122 extern void netstack_rele(netstack_t *); 2333448Sdh155122 extern netstack_t *netstack_find_by_cred(const cred_t *); 2343448Sdh155122 extern netstack_t *netstack_find_by_stackid(netstackid_t); 2353448Sdh155122 extern netstack_t *netstack_find_by_zoneid(zoneid_t); 2363448Sdh155122 2373448Sdh155122 extern zoneid_t netstackid_to_zoneid(netstackid_t); 23810639SDarren.Reed@Sun.COM extern zoneid_t netstack_get_zoneid(netstack_t *); 2393448Sdh155122 extern netstackid_t zoneid_to_netstackid(zoneid_t); 2403448Sdh155122 2414136Snordmark extern netstack_t *netstack_get_current(void); 2424136Snordmark 2433448Sdh155122 /* 2443448Sdh155122 * Register interest in changes to the set of netstacks. 2453448Sdh155122 * The createfn and destroyfn are required, but the shutdownfn can be 2463448Sdh155122 * NULL. 2473448Sdh155122 * Note that due to the current zsd implementation, when the create 2483448Sdh155122 * function is called the zone isn't fully present, thus functions 2493448Sdh155122 * like zone_find_by_* will fail, hence the create function can not 2503448Sdh155122 * use many zones kernel functions including zcmn_err(). 2513448Sdh155122 */ 2523448Sdh155122 extern void netstack_register(int, 2533448Sdh155122 void *(*)(netstackid_t, netstack_t *), 2543448Sdh155122 void (*)(netstackid_t, void *), 2553448Sdh155122 void (*)(netstackid_t, void *)); 2563448Sdh155122 extern void netstack_unregister(int); 2573448Sdh155122 extern kstat_t *kstat_create_netstack(char *, int, char *, char *, uchar_t, 2583448Sdh155122 uint_t, uchar_t, netstackid_t); 2593448Sdh155122 extern void kstat_delete_netstack(kstat_t *, netstackid_t); 2603448Sdh155122 2613448Sdh155122 /* 2623448Sdh155122 * Simple support for walking all the netstacks. 2633448Sdh155122 * The caller of netstack_next() needs to call netstack_rele() when 2643448Sdh155122 * done with a netstack. 2653448Sdh155122 */ 2663448Sdh155122 typedef int netstack_handle_t; 2673448Sdh155122 2683448Sdh155122 extern void netstack_next_init(netstack_handle_t *); 2693448Sdh155122 extern void netstack_next_fini(netstack_handle_t *); 2703448Sdh155122 extern netstack_t *netstack_next(netstack_handle_t *); 2713448Sdh155122 2723448Sdh155122 #ifdef __cplusplus 2733448Sdh155122 } 2743448Sdh155122 #endif 2753448Sdh155122 2763448Sdh155122 2773448Sdh155122 #endif /* _SYS_NETSTACK_H */ 278