netstack.h revision 854956ce2a18fd37e3f6160d38ffb87fdbc2edc4
0N/A/*
0N/A * CDDL HEADER START
0N/A *
0N/A * The contents of this file are subject to the terms of the
0N/A * Common Development and Distribution License (the "License").
0N/A * You may not use this file except in compliance with the License.
0N/A *
0N/A * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
0N/A * or http://www.opensolaris.org/os/licensing.
0N/A * See the License for the specific language governing permissions
0N/A * and limitations under the License.
0N/A *
0N/A * When distributing Covered Code, include this CDDL HEADER in each
0N/A * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
0N/A * If applicable, add the following below this CDDL HEADER, with the
0N/A * fields enclosed by brackets "[]" replaced with your own identifying
0N/A * information: Portions Copyright [yyyy] [name of copyright owner]
0N/A *
0N/A * CDDL HEADER END
0N/A */
0N/A
0N/A/*
0N/A * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
0N/A * Use is subject to license terms.
0N/A */
0N/A
0N/A/*
0N/A * Copyright (c) 2016, Joyent, Inc. All rights reserved.
0N/A */
0N/A
0N/A#ifndef _SYS_NETSTACK_H
0N/A#define _SYS_NETSTACK_H
0N/A
0N/A#include <sys/kstat.h>
0N/A
0N/A#ifdef __cplusplus
0N/Aextern "C" {
0N/A#endif
0N/A
0N/A/*
0N/A * This allows various pieces in and around IP to have a separate instance
0N/A * for each instance of IP. This is used to support zones that have an
0N/A * exclusive stack.
0N/A * Pieces of software far removed from IP (e.g., kernel software
0N/A * sitting on top of TCP or UDP) probably should not use the netstack
0N/A * support; if such software wants to support separate zones it
0N/A * can do that using the zones framework (zone_key_create() etc)
0N/A * whether there is a shared IP stack or and exclusive IP stack underneath.
0N/A */
0N/A
0N/A/*
0N/A * Each netstack has an identifier. We reuse the zoneid allocation for
0N/A * this but have a separate typedef. Thus the shared stack (used by
0N/A * the global zone and other shared stack zones) have a zero ID, and
0N/A * the exclusive stacks have a netstackid that is the same as their zoneid.
0N/A */
0N/Atypedef id_t netstackid_t;
0N/A
0N/A#define GLOBAL_NETSTACKID 0
0N/A
0N/A/*
0N/A * One for each module which uses netstack support.
0N/A * Used in netstack_register().
0N/A *
0N/A * The order of these is important for some modules both for
0N/A * the creation (which done in ascending order) and destruction (which is
0N/A * done in in decending order).
0N/A */
0N/A#define NS_ALL -1 /* Match all */
0N/A#define NS_DLS 0
0N/A#define NS_IPTUN 1
0N/A#define NS_STR 2 /* autopush list etc */
0N/A#define NS_HOOK 3
0N/A#define NS_NETI 4
0N/A#define NS_ARP 5
0N/A#define NS_IP 6
0N/A#define NS_ICMP 7
0N/A#define NS_UDP 8
0N/A#define NS_TCP 9
0N/A#define NS_SCTP 10
0N/A#define NS_RTS 11
0N/A#define NS_IPSEC 12
0N/A#define NS_KEYSOCK 13
0N/A#define NS_SPDSOCK 14
0N/A#define NS_IPSECAH 15
0N/A#define NS_IPSECESP 16
0N/A#define NS_IPNET 17
0N/A#define NS_ILB 18
0N/A#define NS_MAX (NS_ILB+1)
0N/A
0N/A/*
0N/A * State maintained for each module which tracks the state of
0N/A * the create, shutdown and destroy callbacks.
0N/A *
0N/A * Keeps track of pending actions to avoid holding locks when
0N/A * calling into the create/shutdown/destroy functions in the module.
0N/A */
0N/A#ifdef _KERNEL
0N/Atypedef struct {
0N/A uint16_t nms_flags;
0N/A kcondvar_t nms_cv;
0N/A} nm_state_t;
0N/A
0N/A/*
0N/A * nms_flags
0N/A */
0N/A#define NSS_CREATE_NEEDED 0x0001
0N/A#define NSS_CREATE_INPROGRESS 0x0002
0N/A#define NSS_CREATE_COMPLETED 0x0004
0N/A#define NSS_SHUTDOWN_NEEDED 0x0010
0N/A#define NSS_SHUTDOWN_INPROGRESS 0x0020
0N/A#define NSS_SHUTDOWN_COMPLETED 0x0040
0N/A#define NSS_DESTROY_NEEDED 0x0100
0N/A#define NSS_DESTROY_INPROGRESS 0x0200
0N/A#define NSS_DESTROY_COMPLETED 0x0400
0N/A
0N/A#define NSS_CREATE_ALL \
0N/A (NSS_CREATE_NEEDED|NSS_CREATE_INPROGRESS|NSS_CREATE_COMPLETED)
0N/A#define NSS_SHUTDOWN_ALL \
0N/A (NSS_SHUTDOWN_NEEDED|NSS_SHUTDOWN_INPROGRESS|NSS_SHUTDOWN_COMPLETED)
0N/A#define NSS_DESTROY_ALL \
0N/A (NSS_DESTROY_NEEDED|NSS_DESTROY_INPROGRESS|NSS_DESTROY_COMPLETED)
0N/A
0N/A#define NSS_ALL_INPROGRESS \
0N/A (NSS_CREATE_INPROGRESS|NSS_SHUTDOWN_INPROGRESS|NSS_DESTROY_INPROGRESS)
0N/A#else
0N/A/* User-level compile like IP Filter needs a netstack_t. Dummy */
0N/Atypedef uint_t nm_state_t;
0N/A#endif /* _KERNEL */
0N/A
0N/A/*
0N/A * One for every netstack in the system.
0N/A * We use a union so that the compilar and lint can provide type checking -
0N/A * in principle we could have
0N/A * #define netstack_arp netstack_modules[NS_ARP]
0N/A * etc, but that would imply void * types hence no type checking by the
0N/A * compiler.
0N/A *
0N/A * All the fields in netstack_t except netstack_next are protected by
0N/A * netstack_lock. netstack_next is protected by netstack_g_lock.
0N/A */
0N/Astruct netstack {
0N/A union {
0N/A void *nu_modules[NS_MAX];
0N/A struct {
0N/A struct dls_stack *nu_dls;
0N/A struct iptun_stack *nu_iptun;
0N/A struct str_stack *nu_str;
0N/A struct hook_stack *nu_hook;
0N/A struct neti_stack *nu_neti;
0N/A struct arp_stack *nu_arp;
0N/A struct ip_stack *nu_ip;
0N/A struct icmp_stack *nu_icmp;
0N/A struct udp_stack *nu_udp;
0N/A struct tcp_stack *nu_tcp;
0N/A struct sctp_stack *nu_sctp;
0N/A struct rts_stack *nu_rts;
0N/A struct ipsec_stack *nu_ipsec;
0N/A struct keysock_stack *nu_keysock;
0N/A struct spd_stack *nu_spdsock;
0N/A struct ipsecah_stack *nu_ipsecah;
0N/A struct ipsecesp_stack *nu_ipsecesp;
0N/A struct ipnet_stack *nu_ipnet;
0N/A struct ilb_stack *nu_ilb;
0N/A } nu_s;
0N/A } netstack_u;
0N/A#define netstack_modules netstack_u.nu_modules
0N/A#define netstack_dls netstack_u.nu_s.nu_dls
0N/A#define netstack_iptun netstack_u.nu_s.nu_iptun
0N/A#define netstack_str netstack_u.nu_s.nu_str
0N/A#define netstack_hook netstack_u.nu_s.nu_hook
0N/A#define netstack_neti netstack_u.nu_s.nu_neti
0N/A#define netstack_arp netstack_u.nu_s.nu_arp
0N/A#define netstack_ip netstack_u.nu_s.nu_ip
0N/A#define netstack_icmp netstack_u.nu_s.nu_icmp
0N/A#define netstack_udp netstack_u.nu_s.nu_udp
0N/A#define netstack_tcp netstack_u.nu_s.nu_tcp
0N/A#define netstack_sctp netstack_u.nu_s.nu_sctp
0N/A#define netstack_rts netstack_u.nu_s.nu_rts
0N/A#define netstack_ipsec netstack_u.nu_s.nu_ipsec
0N/A#define netstack_keysock netstack_u.nu_s.nu_keysock
0N/A#define netstack_spdsock netstack_u.nu_s.nu_spdsock
0N/A#define netstack_ipsecah netstack_u.nu_s.nu_ipsecah
0N/A#define netstack_ipsecesp netstack_u.nu_s.nu_ipsecesp
0N/A#define netstack_ipnet netstack_u.nu_s.nu_ipnet
0N/A#define netstack_ilb netstack_u.nu_s.nu_ilb
0N/A
0N/A nm_state_t netstack_m_state[NS_MAX]; /* module state */
0N/A
0N/A kmutex_t netstack_lock;
0N/A struct netstack *netstack_next;
0N/A netstackid_t netstack_stackid;
0N/A int netstack_numzones; /* Number of zones using this */
0N/A int netstack_refcnt; /* Number of hold-rele */
0N/A int netstack_flags; /* See below */
0N/A
0N/A#ifdef _KERNEL
0N/A /* Needed to ensure that we run the callback functions in order */
0N/A kcondvar_t netstack_cv;
0N/A#endif
0N/A};
0N/Atypedef struct netstack netstack_t;
0N/A
0N/A/* netstack_flags values */
0N/A#define NSF_UNINIT 0x01 /* Not initialized */
0N/A#define NSF_CLOSING 0x02 /* Going away */
0N/A#define NSF_ZONE_CREATE 0x04 /* create callbacks inprog */
0N/A#define NSF_ZONE_SHUTDOWN 0x08 /* shutdown callbacks */
0N/A#define NSF_ZONE_DESTROY 0x10 /* destroy callbacks */
0N/A
0N/A#define NSF_ZONE_INPROGRESS \
0N/A (NSF_ZONE_CREATE|NSF_ZONE_SHUTDOWN|NSF_ZONE_DESTROY)
0N/A
0N/A/*
0N/A * One for each of the NS_* values.
0N/A */
0N/Astruct netstack_registry {
0N/A int nr_flags; /* 0 if nothing registered */
0N/A void *(*nr_create)(netstackid_t, netstack_t *);
0N/A void (*nr_shutdown)(netstackid_t, void *);
0N/A void (*nr_destroy)(netstackid_t, void *);
0N/A};
0N/A
0N/A/* nr_flags values */
0N/A#define NRF_REGISTERED 0x01
0N/A#define NRF_DYING 0x02 /* No new creates */
0N/A
0N/A/*
0N/A * To support kstat_create_netstack() using kstat_add_zone we need
0N/A * to track both
0N/A * - all zoneids that use the global/shared stack
0N/A * - all kstats that have been added for the shared stack
0N/A */
0N/A
0N/Aextern void netstack_init(void);
0N/Aextern void netstack_hold(netstack_t *);
0N/Aextern void netstack_rele(netstack_t *);
0N/Aextern netstack_t *netstack_find_by_cred(const cred_t *);
0N/Aextern netstack_t *netstack_find_by_stackid(netstackid_t);
0N/Aextern netstack_t *netstack_find_by_zoneid(zoneid_t);
0N/Aextern boolean_t netstack_inuse_by_stackid(netstackid_t stackid);
0N/A
0N/Aextern zoneid_t netstackid_to_zoneid(netstackid_t);
0N/Aextern zoneid_t netstack_get_zoneid(netstack_t *);
0N/Aextern netstackid_t zoneid_to_netstackid(zoneid_t);
0N/A
0N/Aextern netstack_t *netstack_get_current(void);
0N/A
0N/A/*
0N/A * Register interest in changes to the set of netstacks.
0N/A * The createfn and destroyfn are required, but the shutdownfn can be
0N/A * NULL.
0N/A * Note that due to the current zsd implementation, when the create
0N/A * function is called the zone isn't fully present, thus functions
0N/A * like zone_find_by_* will fail, hence the create function can not
0N/A * use many zones kernel functions including zcmn_err().
0N/A */
0N/Aextern void netstack_register(int,
0N/A void *(*)(netstackid_t, netstack_t *),
0N/A void (*)(netstackid_t, void *),
0N/A void (*)(netstackid_t, void *));
0N/Aextern void netstack_unregister(int);
0N/Aextern kstat_t *kstat_create_netstack(char *, int, char *, char *, uchar_t,
0N/A uint_t, uchar_t, netstackid_t);
0N/Aextern void kstat_delete_netstack(kstat_t *, netstackid_t);
0N/A
0N/A/*
0N/A * Simple support for walking all the netstacks.
0N/A * The caller of netstack_next() needs to call netstack_rele() when
0N/A * done with a netstack.
0N/A */
0N/Atypedef int netstack_handle_t;
0N/A
0N/Aextern void netstack_next_init(netstack_handle_t *);
0N/Aextern void netstack_next_fini(netstack_handle_t *);
0N/Aextern netstack_t *netstack_next(netstack_handle_t *);
0N/A
0N/A#ifdef __cplusplus
0N/A}
0N/A#endif
0N/A
0N/A
0N/A#endif /* _SYS_NETSTACK_H */
0N/A