1 /* 2 * This header was generated from the Linux kernel headers by update_headers.py, 3 * to provide necessary information from kernel to userspace, such as constants, 4 * structures, and macros, and thus, contains no copyrightable information. 5 */ 6 #ifndef _LINUX_XFRM_H 7 #define _LINUX_XFRM_H 8 #include <linux/in6.h> 9 #include <linux/types.h> 10 typedef union { 11 __be32 a4; 12 __be32 a6[4]; 13 struct in6_addr in6; 14 } xfrm_address_t; 15 struct xfrm_id { 16 xfrm_address_t daddr; 17 __be32 spi; 18 __u8 proto; 19 }; 20 struct xfrm_sec_ctx { 21 __u8 ctx_doi; 22 __u8 ctx_alg; 23 __u16 ctx_len; 24 __u32 ctx_sid; 25 char ctx_str[0]; 26 }; 27 #define XFRM_SC_DOI_RESERVED 0 28 #define XFRM_SC_DOI_LSM 1 29 #define XFRM_SC_ALG_RESERVED 0 30 #define XFRM_SC_ALG_SELINUX 1 31 struct xfrm_selector { 32 xfrm_address_t daddr; 33 xfrm_address_t saddr; 34 __be16 dport; 35 __be16 dport_mask; 36 __be16 sport; 37 __be16 sport_mask; 38 __u16 family; 39 __u8 prefixlen_d; 40 __u8 prefixlen_s; 41 __u8 proto; 42 int ifindex; 43 __kernel_uid32_t user; 44 }; 45 #define XFRM_INF (~(__u64)0) 46 struct xfrm_lifetime_cfg { 47 __u64 soft_byte_limit; 48 __u64 hard_byte_limit; 49 __u64 soft_packet_limit; 50 __u64 hard_packet_limit; 51 __u64 soft_add_expires_seconds; 52 __u64 hard_add_expires_seconds; 53 __u64 soft_use_expires_seconds; 54 __u64 hard_use_expires_seconds; 55 }; 56 struct xfrm_lifetime_cur { 57 __u64 bytes; 58 __u64 packets; 59 __u64 add_time; 60 __u64 use_time; 61 }; 62 struct xfrm_replay_state { 63 __u32 oseq; 64 __u32 seq; 65 __u32 bitmap; 66 }; 67 #define XFRMA_REPLAY_ESN_MAX 4096 68 struct xfrm_replay_state_esn { 69 unsigned int bmp_len; 70 __u32 oseq; 71 __u32 seq; 72 __u32 oseq_hi; 73 __u32 seq_hi; 74 __u32 replay_window; 75 __u32 bmp[0]; 76 }; 77 struct xfrm_algo { 78 char alg_name[64]; 79 unsigned int alg_key_len; 80 char alg_key[0]; 81 }; 82 struct xfrm_algo_auth { 83 char alg_name[64]; 84 unsigned int alg_key_len; 85 unsigned int alg_trunc_len; 86 char alg_key[0]; 87 }; 88 struct xfrm_algo_aead { 89 char alg_name[64]; 90 unsigned int alg_key_len; 91 unsigned int alg_icv_len; 92 char alg_key[0]; 93 }; 94 struct xfrm_stats { 95 __u32 replay_window; 96 __u32 replay; 97 __u32 integrity_failed; 98 }; 99 enum { 100 XFRM_POLICY_TYPE_MAIN = 0, 101 XFRM_POLICY_TYPE_SUB = 1, 102 XFRM_POLICY_TYPE_MAX = 2, 103 XFRM_POLICY_TYPE_ANY = 255 104 }; 105 enum { 106 XFRM_POLICY_IN = 0, 107 XFRM_POLICY_OUT = 1, 108 XFRM_POLICY_FWD = 2, 109 XFRM_POLICY_MASK = 3, 110 XFRM_POLICY_MAX = 3 111 }; 112 enum { 113 XFRM_SHARE_ANY, 114 XFRM_SHARE_SESSION, 115 XFRM_SHARE_USER, 116 XFRM_SHARE_UNIQUE 117 }; 118 #define XFRM_MODE_TRANSPORT 0 119 #define XFRM_MODE_TUNNEL 1 120 #define XFRM_MODE_ROUTEOPTIMIZATION 2 121 #define XFRM_MODE_IN_TRIGGER 3 122 #define XFRM_MODE_BEET 4 123 #define XFRM_MODE_MAX 5 124 enum { 125 XFRM_MSG_BASE = 0x10, 126 XFRM_MSG_NEWSA = 0x10, 127 #define XFRM_MSG_NEWSA XFRM_MSG_NEWSA 128 XFRM_MSG_DELSA, 129 #define XFRM_MSG_DELSA XFRM_MSG_DELSA 130 XFRM_MSG_GETSA, 131 #define XFRM_MSG_GETSA XFRM_MSG_GETSA 132 XFRM_MSG_NEWPOLICY, 133 #define XFRM_MSG_NEWPOLICY XFRM_MSG_NEWPOLICY 134 XFRM_MSG_DELPOLICY, 135 #define XFRM_MSG_DELPOLICY XFRM_MSG_DELPOLICY 136 XFRM_MSG_GETPOLICY, 137 #define XFRM_MSG_GETPOLICY XFRM_MSG_GETPOLICY 138 XFRM_MSG_ALLOCSPI, 139 #define XFRM_MSG_ALLOCSPI XFRM_MSG_ALLOCSPI 140 XFRM_MSG_ACQUIRE, 141 #define XFRM_MSG_ACQUIRE XFRM_MSG_ACQUIRE 142 XFRM_MSG_EXPIRE, 143 #define XFRM_MSG_EXPIRE XFRM_MSG_EXPIRE 144 XFRM_MSG_UPDPOLICY, 145 #define XFRM_MSG_UPDPOLICY XFRM_MSG_UPDPOLICY 146 XFRM_MSG_UPDSA, 147 #define XFRM_MSG_UPDSA XFRM_MSG_UPDSA 148 XFRM_MSG_POLEXPIRE, 149 #define XFRM_MSG_POLEXPIRE XFRM_MSG_POLEXPIRE 150 XFRM_MSG_FLUSHSA, 151 #define XFRM_MSG_FLUSHSA XFRM_MSG_FLUSHSA 152 XFRM_MSG_FLUSHPOLICY, 153 #define XFRM_MSG_FLUSHPOLICY XFRM_MSG_FLUSHPOLICY 154 XFRM_MSG_NEWAE, 155 #define XFRM_MSG_NEWAE XFRM_MSG_NEWAE 156 XFRM_MSG_GETAE, 157 #define XFRM_MSG_GETAE XFRM_MSG_GETAE 158 XFRM_MSG_REPORT, 159 #define XFRM_MSG_REPORT XFRM_MSG_REPORT 160 XFRM_MSG_MIGRATE, 161 #define XFRM_MSG_MIGRATE XFRM_MSG_MIGRATE 162 XFRM_MSG_NEWSADINFO, 163 #define XFRM_MSG_NEWSADINFO XFRM_MSG_NEWSADINFO 164 XFRM_MSG_GETSADINFO, 165 #define XFRM_MSG_GETSADINFO XFRM_MSG_GETSADINFO 166 XFRM_MSG_NEWSPDINFO, 167 #define XFRM_MSG_NEWSPDINFO XFRM_MSG_NEWSPDINFO 168 XFRM_MSG_GETSPDINFO, 169 #define XFRM_MSG_GETSPDINFO XFRM_MSG_GETSPDINFO 170 XFRM_MSG_MAPPING, 171 #define XFRM_MSG_MAPPING XFRM_MSG_MAPPING 172 __XFRM_MSG_MAX 173 }; 174 #define XFRM_MSG_MAX (__XFRM_MSG_MAX - 1) 175 #define XFRM_NR_MSGTYPES (XFRM_MSG_MAX + 1 - XFRM_MSG_BASE) 176 struct xfrm_user_sec_ctx { 177 __u16 len; 178 __u16 exttype; 179 __u8 ctx_alg; 180 __u8 ctx_doi; 181 __u16 ctx_len; 182 }; 183 struct xfrm_user_tmpl { 184 struct xfrm_id id; 185 __u16 family; 186 xfrm_address_t saddr; 187 __u32 reqid; 188 __u8 mode; 189 __u8 share; 190 __u8 optional; 191 __u32 aalgos; 192 __u32 ealgos; 193 __u32 calgos; 194 }; 195 struct xfrm_encap_tmpl { 196 __u16 encap_type; 197 __be16 encap_sport; 198 __be16 encap_dport; 199 xfrm_address_t encap_oa; 200 }; 201 enum xfrm_ae_ftype_t { 202 XFRM_AE_UNSPEC, 203 XFRM_AE_RTHR=1, 204 XFRM_AE_RVAL=2, 205 XFRM_AE_LVAL=4, 206 XFRM_AE_ETHR=8, 207 XFRM_AE_CR=16, 208 XFRM_AE_CE=32, 209 XFRM_AE_CU=64, 210 __XFRM_AE_MAX 211 #define XFRM_AE_MAX (__XFRM_AE_MAX - 1) 212 }; 213 struct xfrm_userpolicy_type { 214 __u8 type; 215 __u16 reserved1; 216 __u8 reserved2; 217 }; 218 enum xfrm_attr_type_t { 219 XFRMA_UNSPEC, 220 XFRMA_ALG_AUTH, 221 XFRMA_ALG_CRYPT, 222 XFRMA_ALG_COMP, 223 XFRMA_ENCAP, 224 XFRMA_TMPL, 225 XFRMA_SA, 226 XFRMA_POLICY, 227 XFRMA_SEC_CTX, 228 XFRMA_LTIME_VAL, 229 XFRMA_REPLAY_VAL, 230 XFRMA_REPLAY_THRESH, 231 XFRMA_ETIMER_THRESH, 232 XFRMA_SRCADDR, 233 XFRMA_COADDR, 234 XFRMA_LASTUSED, 235 XFRMA_POLICY_TYPE, 236 XFRMA_MIGRATE, 237 XFRMA_ALG_AEAD, 238 XFRMA_KMADDRESS, 239 XFRMA_ALG_AUTH_TRUNC, 240 XFRMA_MARK, 241 XFRMA_TFCPAD, 242 XFRMA_REPLAY_ESN_VAL, 243 XFRMA_SA_EXTRA_FLAGS, 244 XFRMA_PROTO, 245 XFRMA_ADDRESS_FILTER, 246 XFRMA_PAD, 247 XFRMA_OFFLOAD_DEV, 248 XFRMA_SET_MARK, 249 XFRMA_SET_MARK_MASK, 250 XFRMA_IF_ID, 251 __XFRMA_MAX 252 #define XFRMA_OUTPUT_MARK XFRMA_SET_MARK 253 #define XFRMA_MAX (__XFRMA_MAX - 1) 254 }; 255 struct xfrm_mark { 256 __u32 v; 257 __u32 m; 258 }; 259 enum xfrm_sadattr_type_t { 260 XFRMA_SAD_UNSPEC, 261 XFRMA_SAD_CNT, 262 XFRMA_SAD_HINFO, 263 __XFRMA_SAD_MAX 264 #define XFRMA_SAD_MAX (__XFRMA_SAD_MAX - 1) 265 }; 266 struct xfrmu_sadhinfo { 267 __u32 sadhcnt; 268 __u32 sadhmcnt; 269 }; 270 enum xfrm_spdattr_type_t { 271 XFRMA_SPD_UNSPEC, 272 XFRMA_SPD_INFO, 273 XFRMA_SPD_HINFO, 274 XFRMA_SPD_IPV4_HTHRESH, 275 XFRMA_SPD_IPV6_HTHRESH, 276 __XFRMA_SPD_MAX 277 #define XFRMA_SPD_MAX (__XFRMA_SPD_MAX - 1) 278 }; 279 struct xfrmu_spdinfo { 280 __u32 incnt; 281 __u32 outcnt; 282 __u32 fwdcnt; 283 __u32 inscnt; 284 __u32 outscnt; 285 __u32 fwdscnt; 286 }; 287 struct xfrmu_spdhinfo { 288 __u32 spdhcnt; 289 __u32 spdhmcnt; 290 }; 291 struct xfrmu_spdhthresh { 292 __u8 lbits; 293 __u8 rbits; 294 }; 295 struct xfrm_usersa_info { 296 struct xfrm_selector sel; 297 struct xfrm_id id; 298 xfrm_address_t saddr; 299 struct xfrm_lifetime_cfg lft; 300 struct xfrm_lifetime_cur curlft; 301 struct xfrm_stats stats; 302 __u32 seq; 303 __u32 reqid; 304 __u16 family; 305 __u8 mode; 306 __u8 replay_window; 307 __u8 flags; 308 #define XFRM_STATE_NOECN 1 309 #define XFRM_STATE_DECAP_DSCP 2 310 #define XFRM_STATE_NOPMTUDISC 4 311 #define XFRM_STATE_WILDRECV 8 312 #define XFRM_STATE_ICMP 16 313 #define XFRM_STATE_AF_UNSPEC 32 314 #define XFRM_STATE_ALIGN4 64 315 #define XFRM_STATE_ESN 128 316 }; 317 #define XFRM_SA_XFLAG_DONT_ENCAP_DSCP 1 318 struct xfrm_usersa_id { 319 xfrm_address_t daddr; 320 __be32 spi; 321 __u16 family; 322 __u8 proto; 323 }; 324 struct xfrm_aevent_id { 325 struct xfrm_usersa_id sa_id; 326 xfrm_address_t saddr; 327 __u32 flags; 328 __u32 reqid; 329 }; 330 struct xfrm_userspi_info { 331 struct xfrm_usersa_info info; 332 __u32 min; 333 __u32 max; 334 }; 335 struct xfrm_userpolicy_info { 336 struct xfrm_selector sel; 337 struct xfrm_lifetime_cfg lft; 338 struct xfrm_lifetime_cur curlft; 339 __u32 priority; 340 __u32 index; 341 __u8 dir; 342 __u8 action; 343 #define XFRM_POLICY_ALLOW 0 344 #define XFRM_POLICY_BLOCK 1 345 __u8 flags; 346 #define XFRM_POLICY_LOCALOK 1 347 348 #define XFRM_POLICY_ICMP 2 349 __u8 share; 350 }; 351 struct xfrm_userpolicy_id { 352 struct xfrm_selector sel; 353 __u32 index; 354 __u8 dir; 355 }; 356 struct xfrm_user_acquire { 357 struct xfrm_id id; 358 xfrm_address_t saddr; 359 struct xfrm_selector sel; 360 struct xfrm_userpolicy_info policy; 361 __u32 aalgos; 362 __u32 ealgos; 363 __u32 calgos; 364 __u32 seq; 365 }; 366 struct xfrm_user_expire { 367 struct xfrm_usersa_info state; 368 __u8 hard; 369 }; 370 struct xfrm_user_polexpire { 371 struct xfrm_userpolicy_info pol; 372 __u8 hard; 373 }; 374 struct xfrm_usersa_flush { 375 __u8 proto; 376 }; 377 struct xfrm_user_report { 378 __u8 proto; 379 struct xfrm_selector sel; 380 }; 381 struct xfrm_user_kmaddress { 382 xfrm_address_t local; 383 xfrm_address_t remote; 384 __u32 reserved; 385 __u16 family; 386 }; 387 struct xfrm_user_migrate { 388 xfrm_address_t old_daddr; 389 xfrm_address_t old_saddr; 390 xfrm_address_t new_daddr; 391 xfrm_address_t new_saddr; 392 __u8 proto; 393 __u8 mode; 394 __u16 reserved; 395 __u32 reqid; 396 __u16 old_family; 397 __u16 new_family; 398 }; 399 struct xfrm_user_mapping { 400 struct xfrm_usersa_id id; 401 __u32 reqid; 402 xfrm_address_t old_saddr; 403 xfrm_address_t new_saddr; 404 __be16 old_sport; 405 __be16 new_sport; 406 }; 407 struct xfrm_address_filter { 408 xfrm_address_t saddr; 409 xfrm_address_t daddr; 410 __u16 family; 411 __u8 splen; 412 __u8 dplen; 413 }; 414 struct xfrm_user_offload { 415 int ifindex; 416 __u8 flags; 417 }; 418 #define XFRM_OFFLOAD_IPV6 1 419 #define XFRM_OFFLOAD_INBOUND 2 420 #ifndef __KERNEL__ 421 #define XFRMGRP_ACQUIRE 1 422 #define XFRMGRP_EXPIRE 2 423 #define XFRMGRP_SA 4 424 #define XFRMGRP_POLICY 8 425 #define XFRMGRP_REPORT 0x20 426 #endif 427 enum xfrm_nlgroups { 428 XFRMNLGRP_NONE, 429 #define XFRMNLGRP_NONE XFRMNLGRP_NONE 430 XFRMNLGRP_ACQUIRE, 431 #define XFRMNLGRP_ACQUIRE XFRMNLGRP_ACQUIRE 432 XFRMNLGRP_EXPIRE, 433 #define XFRMNLGRP_EXPIRE XFRMNLGRP_EXPIRE 434 XFRMNLGRP_SA, 435 #define XFRMNLGRP_SA XFRMNLGRP_SA 436 XFRMNLGRP_POLICY, 437 #define XFRMNLGRP_POLICY XFRMNLGRP_POLICY 438 XFRMNLGRP_AEVENTS, 439 #define XFRMNLGRP_AEVENTS XFRMNLGRP_AEVENTS 440 XFRMNLGRP_REPORT, 441 #define XFRMNLGRP_REPORT XFRMNLGRP_REPORT 442 XFRMNLGRP_MIGRATE, 443 #define XFRMNLGRP_MIGRATE XFRMNLGRP_MIGRATE 444 XFRMNLGRP_MAPPING, 445 #define XFRMNLGRP_MAPPING XFRMNLGRP_MAPPING 446 __XFRMNLGRP_MAX 447 }; 448 #define XFRMNLGRP_MAX (__XFRMNLGRP_MAX - 1) 449 #endif 450