1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 */
26
27 #ifndef _INET_IP_STACK_H
28 #define _INET_IP_STACK_H
29
30 #ifdef __cplusplus
31 extern "C" {
32 #endif
33
34 #include <sys/netstack.h>
35 #include <netinet/igmp_var.h>
36 #include <sys/modhash.h>
37
38 #ifdef _KERNEL
39 #include <sys/list.h>
40
41
42 /*
43 * IP statistics.
44 */
45 #define IP_STAT(ipst, x) ((ipst)->ips_ip_statistics.x.value.ui64++)
46 #define IP_STAT_UPDATE(ipst, x, n) \
47 ((ipst)->ips_ip_statistics.x.value.ui64 += (n))
48
49 typedef struct ip_stat {
50 kstat_named_t ip_udp_fannorm;
51 kstat_named_t ip_udp_fanmb;
52 kstat_named_t ip_recv_pullup;
53 kstat_named_t ip_db_ref;
54 kstat_named_t ip_notaligned;
55 kstat_named_t ip_multimblk;
56 kstat_named_t ip_opt;
57 kstat_named_t ipsec_proto_ahesp;
58 kstat_named_t ip_conn_flputbq;
59 kstat_named_t ip_conn_walk_drain;
60 kstat_named_t ip_out_sw_cksum;
61 kstat_named_t ip_out_sw_cksum_bytes;
62 kstat_named_t ip_in_sw_cksum;
63 kstat_named_t ip_ire_reclaim_calls;
64 kstat_named_t ip_ire_reclaim_deleted;
65 kstat_named_t ip_nce_reclaim_calls;
66 kstat_named_t ip_nce_reclaim_deleted;
67 kstat_named_t ip_dce_reclaim_calls;
68 kstat_named_t ip_dce_reclaim_deleted;
69 kstat_named_t ip_tcp_in_full_hw_cksum_err;
70 kstat_named_t ip_tcp_in_part_hw_cksum_err;
71 kstat_named_t ip_tcp_in_sw_cksum_err;
72 kstat_named_t ip_udp_in_full_hw_cksum_err;
73 kstat_named_t ip_udp_in_part_hw_cksum_err;
74 kstat_named_t ip_udp_in_sw_cksum_err;
75 kstat_named_t conn_in_recvdstaddr;
76 kstat_named_t conn_in_recvopts;
77 kstat_named_t conn_in_recvif;
78 kstat_named_t conn_in_recvslla;
79 kstat_named_t conn_in_recvucred;
80 kstat_named_t conn_in_recvttl;
81 kstat_named_t conn_in_recvhopopts;
82 kstat_named_t conn_in_recvhoplimit;
83 kstat_named_t conn_in_recvdstopts;
84 kstat_named_t conn_in_recvrthdrdstopts;
85 kstat_named_t conn_in_recvrthdr;
86 kstat_named_t conn_in_recvpktinfo;
87 kstat_named_t conn_in_recvtclass;
88 kstat_named_t conn_in_timestamp;
89 } ip_stat_t;
90
91
92 /*
93 * IP6 statistics.
94 */
95 #define IP6_STAT(ipst, x) ((ipst)->ips_ip6_statistics.x.value.ui64++)
96 #define IP6_STAT_UPDATE(ipst, x, n) \
97 ((ipst)->ips_ip6_statistics.x.value.ui64 += (n))
98
99 typedef struct ip6_stat {
100 kstat_named_t ip6_udp_fannorm;
101 kstat_named_t ip6_udp_fanmb;
102 kstat_named_t ip6_recv_pullup;
103 kstat_named_t ip6_db_ref;
104 kstat_named_t ip6_notaligned;
105 kstat_named_t ip6_multimblk;
106 kstat_named_t ipsec_proto_ahesp;
107 kstat_named_t ip6_out_sw_cksum;
108 kstat_named_t ip6_out_sw_cksum_bytes;
109 kstat_named_t ip6_in_sw_cksum;
110 kstat_named_t ip6_tcp_in_full_hw_cksum_err;
111 kstat_named_t ip6_tcp_in_part_hw_cksum_err;
112 kstat_named_t ip6_tcp_in_sw_cksum_err;
113 kstat_named_t ip6_udp_in_full_hw_cksum_err;
114 kstat_named_t ip6_udp_in_part_hw_cksum_err;
115 kstat_named_t ip6_udp_in_sw_cksum_err;
116 kstat_named_t ip6_frag_mdt_pkt_out;
117 kstat_named_t ip6_frag_mdt_discarded;
118 kstat_named_t ip6_frag_mdt_allocfail;
119 kstat_named_t ip6_frag_mdt_addpdescfail;
120 kstat_named_t ip6_frag_mdt_allocd;
121 } ip6_stat_t;
122
123 typedef struct ire_stats {
124 uint64_t ire_stats_alloced; /* # of ires alloced */
125 uint64_t ire_stats_freed; /* # of ires freed */
126 uint64_t ire_stats_inserted; /* # of ires inserted in the bucket */
127 uint64_t ire_stats_deleted; /* # of ires deleted from the bucket */
128 } ire_stats_t;
129
130 #define TX_FANOUT_SIZE 128
131 #define IDLHASHINDEX(X) \
132 ((((uintptr_t)(X) >> 2) + ((uintptr_t)(X) >> 9)) & (TX_FANOUT_SIZE - 1))
133
134 /* Data structure to represent addresses */
135 typedef struct srcid_map {
136 struct srcid_map *sm_next;
137 in6_addr_t sm_addr; /* Local address */
138 uint_t sm_srcid; /* source id */
139 uint_t sm_refcnt; /* > 1 ipif with same addr? */
140 zoneid_t sm_zoneid; /* zone id */
141 } srcid_map_t;
142
143 /*
144 * IP stack instances
145 */
146 struct ip_stack {
147 netstack_t *ips_netstack; /* Common netstack */
148
149 uint_t ips_src_generation; /* Both IPv4 and IPv6 */
150
151 struct mod_prop_info_s *ips_propinfo_tbl; /* ip tunables table */
152
153 mib2_ipIfStatsEntry_t ips_ip_mib; /* SNMP fixed size info */
154 mib2_icmp_t ips_icmp_mib;
155 /*
156 * IPv6 mibs when the interface (ill) is not known.
157 * When the ill is known the per-interface mib in the ill is used.
158 */
159 mib2_ipIfStatsEntry_t ips_ip6_mib;
160 mib2_ipv6IfIcmpEntry_t ips_icmp6_mib;
161
162 struct igmpstat ips_igmpstat;
163
164 kstat_t *ips_ip_mibkp; /* kstat exporting ip_mib data */
165 kstat_t *ips_icmp_mibkp; /* kstat exporting icmp_mib data */
166 kstat_t *ips_ip_kstat;
167 ip_stat_t ips_ip_statistics;
168 kstat_t *ips_ip6_kstat;
169 ip6_stat_t ips_ip6_statistics;
170
171 /* ip.c */
172 kmutex_t ips_igmp_timer_lock;
173 kmutex_t ips_mld_timer_lock;
174 kmutex_t ips_ip_mi_lock;
175 kmutex_t ips_ip_addr_avail_lock;
176 krwlock_t ips_ill_g_lock;
177
178 krwlock_t ips_ill_g_usesrc_lock;
179
180 /* Taskq dispatcher for capability operations */
181 kmutex_t ips_capab_taskq_lock;
182 kcondvar_t ips_capab_taskq_cv;
183 mblk_t *ips_capab_taskq_head;
184 mblk_t *ips_capab_taskq_tail;
185 kthread_t *ips_capab_taskq_thread;
186 boolean_t ips_capab_taskq_quit;
187
188 /* ipclassifier.c - keep in ip_stack_t */
189 /* ipclassifier hash tables */
190 struct connf_s *ips_rts_clients;
191 struct connf_s *ips_ipcl_conn_fanout;
192 struct connf_s *ips_ipcl_bind_fanout;
193 struct connf_s *ips_ipcl_proto_fanout_v4;
194 struct connf_s *ips_ipcl_proto_fanout_v6;
195 struct connf_s *ips_ipcl_udp_fanout;
196 struct connf_s *ips_ipcl_raw_fanout; /* RAW SCTP sockets */
197 struct connf_s *ips_ipcl_iptun_fanout;
198 struct connf_s *ips_ipcl_dccp_conn_fanout;
199 struct connf_s *ips_ipcl_dccp_bind_fanout;
200 uint_t ips_ipcl_conn_fanout_size;
201 uint_t ips_ipcl_bind_fanout_size;
202 uint_t ips_ipcl_udp_fanout_size;
203 uint_t ips_ipcl_raw_fanout_size;
204 uint_t ips_ipcl_iptun_fanout_size;
205 uint_t ips_ipcl_dccp_conn_fanout_size;
206 uint_t ips_ipcl_dccp_bind_fanout_size;
207 struct connf_s *ips_ipcl_globalhash_fanout;
208 int ips_conn_g_index;
209
210 /* ip.c */
211 /* Following protected by igmp_timer_lock */
212 int ips_igmp_time_to_next; /* Time since last timeout */
213 int ips_igmp_timer_scheduled_last;
214 int ips_igmp_deferred_next;
215 timeout_id_t ips_igmp_timeout_id;
216 boolean_t ips_igmp_timer_setter_active;
217
218 /* Following protected by mld_timer_lock */
219 int ips_mld_time_to_next; /* Time since last timeout */
220 int ips_mld_timer_scheduled_last;
221 int ips_mld_deferred_next;
222 timeout_id_t ips_mld_timeout_id;
223 boolean_t ips_mld_timer_setter_active;
224
225 /* Protected by igmp_slowtimeout_lock */
226 timeout_id_t ips_igmp_slowtimeout_id;
227 kmutex_t ips_igmp_slowtimeout_lock;
228
229 /* Protected by mld_slowtimeout_lock */
230 timeout_id_t ips_mld_slowtimeout_id;
231 kmutex_t ips_mld_slowtimeout_lock;
232
233 /* IPv4 forwarding table */
234 struct radix_node_head *ips_ip_ftable;
235
236 #define IPV6_ABITS 128
237 #define IP6_MASK_TABLE_SIZE (IPV6_ABITS + 1) /* 129 ptrs */
238 struct irb *ips_ip_forwarding_table_v6[IP6_MASK_TABLE_SIZE];
239
240 /*
241 * ire_ft_init_lock is used while initializing ip_forwarding_table
242 * dynamically in ire_add.
243 */
244 kmutex_t ips_ire_ft_init_lock;
245
246 /*
247 * This is the IPv6 counterpart of RADIX_NODE_HEAD_LOCK. It is used
248 * to prevent adds and deletes while we are doing a ftable_lookup
249 * and extracting the ire_generation.
250 */
251 krwlock_t ips_ip6_ire_head_lock;
252
253 uint32_t ips_ip6_ftable_hash_size;
254
255 ire_stats_t ips_ire_stats_v4; /* IPv4 ire statistics */
256 ire_stats_t ips_ire_stats_v6; /* IPv6 ire statistics */
257
258 /* Count how many condemned objects for kmem_cache callbacks */
259 uint32_t ips_num_ire_condemned;
260 uint32_t ips_num_nce_condemned;
261 uint32_t ips_num_dce_condemned;
262
263 struct ire_s *ips_ire_reject_v4; /* For unreachable dests */
264 struct ire_s *ips_ire_reject_v6; /* For unreachable dests */
265 struct ire_s *ips_ire_blackhole_v4; /* For temporary failures */
266 struct ire_s *ips_ire_blackhole_v6; /* For temporary failures */
267
268 /* ips_ire_dep_lock protects ire_dep_* relationship between IREs */
269 krwlock_t ips_ire_dep_lock;
270
271 /* Destination Cache Entries */
272 struct dce_s *ips_dce_default;
273 uint_t ips_dce_hashsize;
274 struct dcb_s *ips_dce_hash_v4;
275 struct dcb_s *ips_dce_hash_v6;
276
277 /* pending binds */
278 mblk_t *ips_ip6_asp_pending_ops;
279 mblk_t *ips_ip6_asp_pending_ops_tail;
280
281 /* Synchronize updates with table usage */
282 mblk_t *ips_ip6_asp_pending_update; /* pending table updates */
283
284 boolean_t ips_ip6_asp_uip; /* table update in progress */
285 kmutex_t ips_ip6_asp_lock; /* protect all the above */
286 uint32_t ips_ip6_asp_refcnt; /* outstanding references */
287
288 struct ip6_asp *ips_ip6_asp_table;
289 /* The number of policy entries in the table */
290 uint_t ips_ip6_asp_table_count;
291
292 struct conn_s *ips_ip_g_mrouter;
293
294 /* Time since last icmp_pkt_err */
295 clock_t ips_icmp_pkt_err_last;
296 /* Number of packets sent in burst */
297 uint_t ips_icmp_pkt_err_sent;
298
299 /* Protected by ip_mi_lock */
300 void *ips_ip_g_head; /* IP Instance Data List Head */
301 void *ips_arp_g_head; /* ARP Instance Data List Head */
302
303 /* Multirouting stuff */
304 /* Interval (in ms) between consecutive 'bad MTU' warnings */
305 hrtime_t ips_ip_multirt_log_interval;
306 /* Time since last warning issued. */
307 hrtime_t ips_multirt_bad_mtu_last_time;
308
309 /*
310 * CGTP hooks. Enabling and disabling of hooks is controlled by an
311 * IP tunable 'ips_ip_cgtp_filter'.
312 */
313 struct cgtp_filter_ops *ips_ip_cgtp_filter_ops;
314
315 struct ipsq_s *ips_ipsq_g_head;
316 uint_t ips_ill_index; /* Used to assign interface indicies */
317 /* When set search for unused index */
318 boolean_t ips_ill_index_wrap;
319
320 uint_t ips_loopback_packets;
321
322 /* NDP/NCE structures for IPv4 and IPv6 */
323 struct ndp_g_s *ips_ndp4;
324 struct ndp_g_s *ips_ndp6;
325
326 /* ip_mroute stuff */
327 kmutex_t ips_ip_g_mrouter_mutex;
328
329 struct mrtstat *ips_mrtstat; /* Stats for netstat */
330 int ips_saved_ip_forwarding;
331
332 /* numvifs is only a hint about the max interface being used. */
333 ushort_t ips_numvifs;
334 kmutex_t ips_numvifs_mutex;
335
336 struct vif *ips_vifs;
337 struct mfcb *ips_mfcs; /* kernel routing table */
338 struct tbf *ips_tbfs;
339 /*
340 * One-back cache used to locate a tunnel's vif,
341 * given a datagram's src ip address.
342 */
343 ipaddr_t ips_last_encap_src;
344 struct vif *ips_last_encap_vif;
345 kmutex_t ips_last_encap_lock; /* Protects the above */
346
347 /*
348 * reg_vif_num is protected by numvifs_mutex
349 */
350 /* Whether or not special PIM assert processing is enabled. */
351 ushort_t ips_reg_vif_num; /* Index to Register vif */
352 int ips_pim_assert;
353
354 union ill_g_head_u *ips_ill_g_heads; /* ILL List Head */
355
356 kstat_t *ips_loopback_ksp;
357
358 /* Array of conn drain lists */
359 struct idl_tx_list_s *ips_idl_tx_list;
360 uint_t ips_conn_drain_list_cnt; /* Count of conn_drain_list */
361
362 /*
363 * ID used to assign next free one.
364 * Increases by one. Once it wraps we search for an unused ID.
365 */
366 uint_t ips_ip_src_id;
367 boolean_t ips_srcid_wrapped;
368
369 struct srcid_map *ips_srcid_head;
370 krwlock_t ips_srcid_lock;
371
372 uint64_t ips_ipif_g_seqid; /* Used only for sctp_addr.c */
373 union phyint_list_u *ips_phyint_g_list; /* start of phyint list */
374
375 /* ip_netinfo.c */
376 hook_family_t ips_ipv4root;
377 hook_family_t ips_ipv6root;
378 hook_family_t ips_arproot;
379
380 net_handle_t ips_ipv4_net_data;
381 net_handle_t ips_ipv6_net_data;
382 net_handle_t ips_arp_net_data;
383
384 /*
385 * Hooks for firewalling
386 */
387 hook_event_t ips_ip4_physical_in_event;
388 hook_event_t ips_ip4_physical_out_event;
389 hook_event_t ips_ip4_forwarding_event;
390 hook_event_t ips_ip4_loopback_in_event;
391 hook_event_t ips_ip4_loopback_out_event;
392
393 hook_event_t ips_ip6_physical_in_event;
394 hook_event_t ips_ip6_physical_out_event;
395 hook_event_t ips_ip6_forwarding_event;
396 hook_event_t ips_ip6_loopback_in_event;
397 hook_event_t ips_ip6_loopback_out_event;
398
399 hook_event_t ips_arp_physical_in_event;
400 hook_event_t ips_arp_physical_out_event;
401 hook_event_t ips_arp_nic_events;
402
403 hook_event_token_t ips_ipv4firewall_physical_in;
404 hook_event_token_t ips_ipv4firewall_physical_out;
405 hook_event_token_t ips_ipv4firewall_forwarding;
406 hook_event_token_t ips_ipv4firewall_loopback_in;
407 hook_event_token_t ips_ipv4firewall_loopback_out;
408
409 hook_event_token_t ips_ipv6firewall_physical_in;
410 hook_event_token_t ips_ipv6firewall_physical_out;
411 hook_event_token_t ips_ipv6firewall_forwarding;
412 hook_event_token_t ips_ipv6firewall_loopback_in;
413 hook_event_token_t ips_ipv6firewall_loopback_out;
414
415 hook_event_t ips_ip4_nic_events;
416 hook_event_t ips_ip6_nic_events;
417 hook_event_token_t ips_ipv4nicevents;
418 hook_event_token_t ips_ipv6nicevents;
419
420 hook_event_token_t ips_arp_physical_in;
421 hook_event_token_t ips_arp_physical_out;
422 hook_event_token_t ips_arpnicevents;
423
424 net_handle_t ips_ip4_observe_pr;
425 net_handle_t ips_ip6_observe_pr;
426 hook_event_t ips_ip4_observe;
427 hook_event_t ips_ip6_observe;
428 hook_event_token_t ips_ipv4observing;
429 hook_event_token_t ips_ipv6observing;
430
431 struct __ldi_ident *ips_ldi_ident;
432
433 /* ipmp.c */
434 krwlock_t ips_ipmp_lock;
435 mod_hash_t *ips_ipmp_grp_hash;
436
437 };
438 typedef struct ip_stack ip_stack_t;
439
440 /* Finding an ip_stack_t */
441 #define CONNQ_TO_IPST(_q) (Q_TO_CONN(_q)->conn_netstack->netstack_ip)
442 #define ILLQ_TO_IPST(_q) (((ill_t *)(_q)->q_ptr)->ill_ipst)
443 #define PHYINT_TO_IPST(phyi) ((phyi)->phyint_ipsq->ipsq_ipst)
444
445 #else /* _KERNEL */
446 typedef int ip_stack_t;
447 #endif /* _KERNEL */
448
449 #ifdef __cplusplus
450 }
451 #endif
452
453 #endif /* _INET_IP_STACK_H */