qca-nss-clients/ipsecmgr/v2.0/plugins/xfrm/nss_ipsec_xfrm_tunnel.h - manifest_repos/sdk - Git at Google

 /* Copyright (c) 2021, The Linux Foundation. All rights reserved.
  *
  * Permission to use, copy, modify, and/or distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
  *
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */

 #ifndef __NSS_IPSEC_XFRM_TUNNEL_H
 #define __NSS_IPSEC_XFRM_TUNNEL_H

 /*
  * 20(IPv4 Header) + 8(ESP Header) + 16(Max IV len) + 8(UDP header for NATT tunnels) +
  * 2(NSS_IPSECMGR_ESP_TRAIL_SZ) + 14(NSS_IPSECMGR_ESP_PAD_SZ) + 16(Max ICV len).
  */
 #define NSS_IPSEC_XFRM_TUNNEL_V4_MAX_OVERHEAD 84

 /*
  * 40(IPv6 Header) + 8(ESP Header) + 16(Max IV len) + 2(NSS_IPSECMGR_ESP_TRAIL_SZ) +
  * 14(NSS_IPSECMGR_ESP_PAD_SZ) + 16(Max ICV len).
  */
 #define NSS_IPSEC_XFRM_TUNNEL_V6_MAX_OVERHEAD 96

 /*
  * Forward Declarations
  */
 struct nss_ipsec_xfrm_drv;
 struct nss_ipsec_xfrm_sa;

 /*
  * NSS IPSec xfrm Tunnel obj
  */
 struct nss_ipsec_xfrm_tunnel {
 	struct nss_ipsec_xfrm_drv *drv;		/* Pointer to IPSec xfrm plugin instance */
 	struct work_struct free_work;		/* Tunnel free work */
 	struct list_head list_entry;		/* Hash DB entry */
 	struct net_device *dev;			/* Pointer to corrosponding NSS device */

 	xfrm_address_t remote;			/* Remote endpoint Address in networks order */
 	xfrm_address_t local;			/* Local endpoint Address in network order */
 	atomic_t default_spi;			/* spi idx for the default outer SA */

 	struct kref ref;			/* Ref Count */
 	uint16_t family;			/* AF_INET or AF_INET6 */
 	atomic_t num_sa;			/* Number of Active SAs */
 	uint8_t ttl;				/* TTL or hop limit for this tunnel */
 };

 void nss_ipsec_xfrm_tunnel_deref(struct nss_ipsec_xfrm_tunnel *tun);
 struct nss_ipsec_xfrm_tunnel *nss_ipsec_xfrm_tunnel_ref(struct nss_ipsec_xfrm_tunnel *tun);
 bool nss_ipsec_xfrm_tunnel_match(struct nss_ipsec_xfrm_tunnel *tun, xfrm_address_t *l, xfrm_address_t *r, uint16_t family);
 void nss_ipsec_xfrm_tunnel_dealloc(struct nss_ipsec_xfrm_tunnel *tun);
 struct nss_ipsec_xfrm_tunnel *nss_ipsec_xfrm_tunnel_alloc(struct nss_ipsec_xfrm_drv *ctx, xfrm_address_t *l,
 							xfrm_address_t *r, uint16_t family);
 #endif /* !__NSS_IPSEC_XFRM_TUNNEL_H */
	/* Copyright (c) 2021, The Linux Foundation. All rights reserved.
	*
	* Permission to use, copy, modify, and/or distribute this software for any
	* purpose with or without fee is hereby granted, provided that the above
	* copyright notice and this permission notice appear in all copies.
	*
	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
	*/

	#ifndef __NSS_IPSEC_XFRM_TUNNEL_H
	#define __NSS_IPSEC_XFRM_TUNNEL_H

	/*
	* 20(IPv4 Header) + 8(ESP Header) + 16(Max IV len) + 8(UDP header for NATT tunnels) +
	* 2(NSS_IPSECMGR_ESP_TRAIL_SZ) + 14(NSS_IPSECMGR_ESP_PAD_SZ) + 16(Max ICV len).
	*/
	#define NSS_IPSEC_XFRM_TUNNEL_V4_MAX_OVERHEAD 84

	/*
	* 40(IPv6 Header) + 8(ESP Header) + 16(Max IV len) + 2(NSS_IPSECMGR_ESP_TRAIL_SZ) +
	* 14(NSS_IPSECMGR_ESP_PAD_SZ) + 16(Max ICV len).
	*/
	#define NSS_IPSEC_XFRM_TUNNEL_V6_MAX_OVERHEAD 96

	/*
	* Forward Declarations
	*/
	struct nss_ipsec_xfrm_drv;
	struct nss_ipsec_xfrm_sa;

	/*
	* NSS IPSec xfrm Tunnel obj
	*/
	struct nss_ipsec_xfrm_tunnel {
	struct nss_ipsec_xfrm_drv drv; / Pointer to IPSec xfrm plugin instance */
	struct work_struct free_work; /* Tunnel free work */
	struct list_head list_entry; /* Hash DB entry */
	struct net_device dev; / Pointer to corrosponding NSS device */

	xfrm_address_t remote; /* Remote endpoint Address in networks order */
	xfrm_address_t local; /* Local endpoint Address in network order */
	atomic_t default_spi; /* spi idx for the default outer SA */

	struct kref ref; /* Ref Count */
	uint16_t family; /* AF_INET or AF_INET6 */
	atomic_t num_sa; /* Number of Active SAs */
	uint8_t ttl; /* TTL or hop limit for this tunnel */
	};

	void nss_ipsec_xfrm_tunnel_deref(struct nss_ipsec_xfrm_tunnel *tun);
	struct nss_ipsec_xfrm_tunnel nss_ipsec_xfrm_tunnel_ref(struct nss_ipsec_xfrm_tunnel tun);
	bool nss_ipsec_xfrm_tunnel_match(struct nss_ipsec_xfrm_tunnel tun, xfrm_address_t l, xfrm_address_t *r, uint16_t family);
	void nss_ipsec_xfrm_tunnel_dealloc(struct nss_ipsec_xfrm_tunnel *tun);
	struct nss_ipsec_xfrm_tunnel nss_ipsec_xfrm_tunnel_alloc(struct nss_ipsec_xfrm_drv ctx, xfrm_address_t *l,
	xfrm_address_t *r, uint16_t family);
	#endif /* !__NSS_IPSEC_XFRM_TUNNEL_H */