ipsec_loader.c revision 7c478bd95313f5f23a4c958a745db2134aa03244
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2000-2003 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <sys/sysmacros.h>
#include <inet/ipsec_impl.h>
/*
* Loader commands..
*/
#define IPSEC_LOADER_EXITNOW -1
#define IPSEC_LOADER_LOADNOW 1
/*
* The following variables are kept because IPsec should be loaded only when
* it is used.
*/
static kt_did_t ipsec_loader_tid;
static int ipsec_loader_sig = IPSEC_LOADER_WAIT;
/*
* NOTE: This function is entered w/o holding any STREAMS perimeters.
*/
/* ARGSUSED */
static void
ipsec_loader(void *ignoreme)
{
extern int keysock_plumb_ipsec(void);
"ipsec_loader");
for (;;) {
/*
* Wait for someone to tell me to continue.
*/
while (ipsec_loader_sig == IPSEC_LOADER_WAIT) {
}
/* IPSEC_LOADER_EXITNOW implies signal by _fini(). */
if (ipsec_loader_sig == IPSEC_LOADER_EXITNOW) {
/*
* Let user patch ipsec_loader_tid to
* 0 to try again.
*/
/* ipsec_loader_lock is held at this point! */
thread_exit();
}
/*
* Load IPsec, which is done by modloading keysock and calling
* keysock_plumb_ipsec().
*/
/* Pardon my hardcoding... */
/*
* Only this function can set ipsec_failure. If the
* damage can be repaired, use adb to set this to
* B_FALSE and try again.
*/
} else if (keysock_plumb_ipsec() != 0) {
/*
* Only this function can set ipsec_failure. If the
* damage can be repaired, use adb to set this to
* B_FALSE and try again.
*/
} else {
}
if (ipsec_failure) {
if (ipsec_loader_sig == IPSEC_LOADER_LOADNOW)
} else {
}
if (!ipsec_failure) {
thread_exit();
}
}
}
/*
* Called from ip_ddi_init() to initialize ipsec loader thread.
*/
void
ipsec_loader_init(void)
{
}
/*
* Called from ip_ddi_destroy() to take down ipsec loader thread.
*/
void
ipsec_loader_destroy(void)
{
if (tid != 0) {
ipsec_loader_tid = 0;
}
/*
* Wait for ipsec_loader() to finish before we destroy
* cvs and mutexes.
*/
if (tid != 0)
}
void
ipsec_loader_start(void)
{
if (ipsec_loader_tid == 0) {
}
/* Else we lost the race, oh well. */
}
void
{
/*
* It is possible that an algorithm update message was
* received before IPsec is loaded. Such messages are
* saved in spdsock for later processing. Since IPsec
* loading can be initiated by interfaces different
* than spdsock, we must trigger the processing of
* update messages from the ipsec loader.
*/
if ((ipsec_loader_state == IPSEC_LOADER_WAIT) &&
(ipsec_loader_sig == IPSEC_LOADER_WAIT)) {
}
}
/*
* Dummy callback routine (placeholder) to avoid keysock plumbing
* races. Used in conjunction with qtimeout() and qwait() to wait
* until ipsec has loaded -- the qwait() in ipsec_loader_loadwait will
* wake up once this routine returns.
*/
/* ARGSUSED */
static void
loader_nop(void *ignoreme)
{
}
/*
* Called from keysock driver open to delay until ipsec is done loading.
* Returns B_TRUE if it worked, B_FALSE if it didn't.
*/
{
/*
* 30ms delay per loop is arbitrary; it takes ~300ms to
* load and plumb ipsec on an ultra-1.
*/
while (ipsec_loader_state == IPSEC_LOADER_WAIT) {
qwait(q);
}
return (ipsec_loader_state == IPSEC_LOADER_SUCCEEDED);
}
/*
* Just check to see if IPsec is loaded (or not).
*/
ipsec_loaded(void)
{
return (ipsec_loader_state == IPSEC_LOADER_SUCCEEDED);
}
/*
* Check to see if IPsec loading failed.
*/
ipsec_failed(void)
{
return (ipsec_loader_state == IPSEC_LOADER_FAILED);
}