1*f80ad8b4SAndroid Build Coastguard Worker /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ 2*f80ad8b4SAndroid Build Coastguard Worker #ifndef _LINUX_XFRM_H 3*f80ad8b4SAndroid Build Coastguard Worker #define _LINUX_XFRM_H 4*f80ad8b4SAndroid Build Coastguard Worker 5*f80ad8b4SAndroid Build Coastguard Worker #include <linux/in6.h> 6*f80ad8b4SAndroid Build Coastguard Worker #include <linux/types.h> 7*f80ad8b4SAndroid Build Coastguard Worker #include <linux/stddef.h> 8*f80ad8b4SAndroid Build Coastguard Worker 9*f80ad8b4SAndroid Build Coastguard Worker /* All of the structures in this file may not change size as they are 10*f80ad8b4SAndroid Build Coastguard Worker * passed into the kernel from userspace via netlink sockets. 11*f80ad8b4SAndroid Build Coastguard Worker */ 12*f80ad8b4SAndroid Build Coastguard Worker 13*f80ad8b4SAndroid Build Coastguard Worker /* Structure to encapsulate addresses. I do not want to use 14*f80ad8b4SAndroid Build Coastguard Worker * "standard" structure. My apologies. 15*f80ad8b4SAndroid Build Coastguard Worker */ 16*f80ad8b4SAndroid Build Coastguard Worker typedef union { 17*f80ad8b4SAndroid Build Coastguard Worker __be32 a4; 18*f80ad8b4SAndroid Build Coastguard Worker __be32 a6[4]; 19*f80ad8b4SAndroid Build Coastguard Worker struct in6_addr in6; 20*f80ad8b4SAndroid Build Coastguard Worker } xfrm_address_t; 21*f80ad8b4SAndroid Build Coastguard Worker 22*f80ad8b4SAndroid Build Coastguard Worker /* Ident of a specific xfrm_state. It is used on input to lookup 23*f80ad8b4SAndroid Build Coastguard Worker * the state by (spi,daddr,ah/esp) or to store information about 24*f80ad8b4SAndroid Build Coastguard Worker * spi, protocol and tunnel address on output. 25*f80ad8b4SAndroid Build Coastguard Worker */ 26*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_id { 27*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t daddr; 28*f80ad8b4SAndroid Build Coastguard Worker __be32 spi; 29*f80ad8b4SAndroid Build Coastguard Worker __u8 proto; 30*f80ad8b4SAndroid Build Coastguard Worker }; 31*f80ad8b4SAndroid Build Coastguard Worker 32*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_sec_ctx { 33*f80ad8b4SAndroid Build Coastguard Worker __u8 ctx_doi; 34*f80ad8b4SAndroid Build Coastguard Worker __u8 ctx_alg; 35*f80ad8b4SAndroid Build Coastguard Worker __u16 ctx_len; 36*f80ad8b4SAndroid Build Coastguard Worker __u32 ctx_sid; 37*f80ad8b4SAndroid Build Coastguard Worker char ctx_str[] __counted_by(ctx_len); 38*f80ad8b4SAndroid Build Coastguard Worker }; 39*f80ad8b4SAndroid Build Coastguard Worker 40*f80ad8b4SAndroid Build Coastguard Worker /* Security Context Domains of Interpretation */ 41*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_SC_DOI_RESERVED 0 42*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_SC_DOI_LSM 1 43*f80ad8b4SAndroid Build Coastguard Worker 44*f80ad8b4SAndroid Build Coastguard Worker /* Security Context Algorithms */ 45*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_SC_ALG_RESERVED 0 46*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_SC_ALG_SELINUX 1 47*f80ad8b4SAndroid Build Coastguard Worker 48*f80ad8b4SAndroid Build Coastguard Worker /* Selector, used as selector both on policy rules (SPD) and SAs. */ 49*f80ad8b4SAndroid Build Coastguard Worker 50*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_selector { 51*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t daddr; 52*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t saddr; 53*f80ad8b4SAndroid Build Coastguard Worker __be16 dport; 54*f80ad8b4SAndroid Build Coastguard Worker __be16 dport_mask; 55*f80ad8b4SAndroid Build Coastguard Worker __be16 sport; 56*f80ad8b4SAndroid Build Coastguard Worker __be16 sport_mask; 57*f80ad8b4SAndroid Build Coastguard Worker __u16 family; 58*f80ad8b4SAndroid Build Coastguard Worker __u8 prefixlen_d; 59*f80ad8b4SAndroid Build Coastguard Worker __u8 prefixlen_s; 60*f80ad8b4SAndroid Build Coastguard Worker __u8 proto; 61*f80ad8b4SAndroid Build Coastguard Worker int ifindex; 62*f80ad8b4SAndroid Build Coastguard Worker __kernel_uid32_t user; 63*f80ad8b4SAndroid Build Coastguard Worker }; 64*f80ad8b4SAndroid Build Coastguard Worker 65*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_INF (~(__u64)0) 66*f80ad8b4SAndroid Build Coastguard Worker 67*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_lifetime_cfg { 68*f80ad8b4SAndroid Build Coastguard Worker __u64 soft_byte_limit; 69*f80ad8b4SAndroid Build Coastguard Worker __u64 hard_byte_limit; 70*f80ad8b4SAndroid Build Coastguard Worker __u64 soft_packet_limit; 71*f80ad8b4SAndroid Build Coastguard Worker __u64 hard_packet_limit; 72*f80ad8b4SAndroid Build Coastguard Worker __u64 soft_add_expires_seconds; 73*f80ad8b4SAndroid Build Coastguard Worker __u64 hard_add_expires_seconds; 74*f80ad8b4SAndroid Build Coastguard Worker __u64 soft_use_expires_seconds; 75*f80ad8b4SAndroid Build Coastguard Worker __u64 hard_use_expires_seconds; 76*f80ad8b4SAndroid Build Coastguard Worker }; 77*f80ad8b4SAndroid Build Coastguard Worker 78*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_lifetime_cur { 79*f80ad8b4SAndroid Build Coastguard Worker __u64 bytes; 80*f80ad8b4SAndroid Build Coastguard Worker __u64 packets; 81*f80ad8b4SAndroid Build Coastguard Worker __u64 add_time; 82*f80ad8b4SAndroid Build Coastguard Worker __u64 use_time; 83*f80ad8b4SAndroid Build Coastguard Worker }; 84*f80ad8b4SAndroid Build Coastguard Worker 85*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_replay_state { 86*f80ad8b4SAndroid Build Coastguard Worker __u32 oseq; 87*f80ad8b4SAndroid Build Coastguard Worker __u32 seq; 88*f80ad8b4SAndroid Build Coastguard Worker __u32 bitmap; 89*f80ad8b4SAndroid Build Coastguard Worker }; 90*f80ad8b4SAndroid Build Coastguard Worker 91*f80ad8b4SAndroid Build Coastguard Worker #define XFRMA_REPLAY_ESN_MAX 4096 92*f80ad8b4SAndroid Build Coastguard Worker 93*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_replay_state_esn { 94*f80ad8b4SAndroid Build Coastguard Worker unsigned int bmp_len; 95*f80ad8b4SAndroid Build Coastguard Worker __u32 oseq; 96*f80ad8b4SAndroid Build Coastguard Worker __u32 seq; 97*f80ad8b4SAndroid Build Coastguard Worker __u32 oseq_hi; 98*f80ad8b4SAndroid Build Coastguard Worker __u32 seq_hi; 99*f80ad8b4SAndroid Build Coastguard Worker __u32 replay_window; 100*f80ad8b4SAndroid Build Coastguard Worker __u32 bmp[]; 101*f80ad8b4SAndroid Build Coastguard Worker }; 102*f80ad8b4SAndroid Build Coastguard Worker 103*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_algo { 104*f80ad8b4SAndroid Build Coastguard Worker char alg_name[64]; 105*f80ad8b4SAndroid Build Coastguard Worker unsigned int alg_key_len; /* in bits */ 106*f80ad8b4SAndroid Build Coastguard Worker char alg_key[]; 107*f80ad8b4SAndroid Build Coastguard Worker }; 108*f80ad8b4SAndroid Build Coastguard Worker 109*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_algo_auth { 110*f80ad8b4SAndroid Build Coastguard Worker char alg_name[64]; 111*f80ad8b4SAndroid Build Coastguard Worker unsigned int alg_key_len; /* in bits */ 112*f80ad8b4SAndroid Build Coastguard Worker unsigned int alg_trunc_len; /* in bits */ 113*f80ad8b4SAndroid Build Coastguard Worker char alg_key[]; 114*f80ad8b4SAndroid Build Coastguard Worker }; 115*f80ad8b4SAndroid Build Coastguard Worker 116*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_algo_aead { 117*f80ad8b4SAndroid Build Coastguard Worker char alg_name[64]; 118*f80ad8b4SAndroid Build Coastguard Worker unsigned int alg_key_len; /* in bits */ 119*f80ad8b4SAndroid Build Coastguard Worker unsigned int alg_icv_len; /* in bits */ 120*f80ad8b4SAndroid Build Coastguard Worker char alg_key[]; 121*f80ad8b4SAndroid Build Coastguard Worker }; 122*f80ad8b4SAndroid Build Coastguard Worker 123*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_stats { 124*f80ad8b4SAndroid Build Coastguard Worker __u32 replay_window; 125*f80ad8b4SAndroid Build Coastguard Worker __u32 replay; 126*f80ad8b4SAndroid Build Coastguard Worker __u32 integrity_failed; 127*f80ad8b4SAndroid Build Coastguard Worker }; 128*f80ad8b4SAndroid Build Coastguard Worker 129*f80ad8b4SAndroid Build Coastguard Worker enum { 130*f80ad8b4SAndroid Build Coastguard Worker XFRM_POLICY_TYPE_MAIN = 0, 131*f80ad8b4SAndroid Build Coastguard Worker XFRM_POLICY_TYPE_SUB = 1, 132*f80ad8b4SAndroid Build Coastguard Worker XFRM_POLICY_TYPE_MAX = 2, 133*f80ad8b4SAndroid Build Coastguard Worker XFRM_POLICY_TYPE_ANY = 255 134*f80ad8b4SAndroid Build Coastguard Worker }; 135*f80ad8b4SAndroid Build Coastguard Worker 136*f80ad8b4SAndroid Build Coastguard Worker enum { 137*f80ad8b4SAndroid Build Coastguard Worker XFRM_POLICY_IN = 0, 138*f80ad8b4SAndroid Build Coastguard Worker XFRM_POLICY_OUT = 1, 139*f80ad8b4SAndroid Build Coastguard Worker XFRM_POLICY_FWD = 2, 140*f80ad8b4SAndroid Build Coastguard Worker XFRM_POLICY_MASK = 3, 141*f80ad8b4SAndroid Build Coastguard Worker XFRM_POLICY_MAX = 3 142*f80ad8b4SAndroid Build Coastguard Worker }; 143*f80ad8b4SAndroid Build Coastguard Worker 144*f80ad8b4SAndroid Build Coastguard Worker enum xfrm_sa_dir { 145*f80ad8b4SAndroid Build Coastguard Worker XFRM_SA_DIR_IN = 1, 146*f80ad8b4SAndroid Build Coastguard Worker XFRM_SA_DIR_OUT = 2 147*f80ad8b4SAndroid Build Coastguard Worker }; 148*f80ad8b4SAndroid Build Coastguard Worker 149*f80ad8b4SAndroid Build Coastguard Worker enum { 150*f80ad8b4SAndroid Build Coastguard Worker XFRM_SHARE_ANY, /* No limitations */ 151*f80ad8b4SAndroid Build Coastguard Worker XFRM_SHARE_SESSION, /* For this session only */ 152*f80ad8b4SAndroid Build Coastguard Worker XFRM_SHARE_USER, /* For this user only */ 153*f80ad8b4SAndroid Build Coastguard Worker XFRM_SHARE_UNIQUE /* Use once */ 154*f80ad8b4SAndroid Build Coastguard Worker }; 155*f80ad8b4SAndroid Build Coastguard Worker 156*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MODE_TRANSPORT 0 157*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MODE_TUNNEL 1 158*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MODE_ROUTEOPTIMIZATION 2 159*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MODE_IN_TRIGGER 3 160*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MODE_BEET 4 161*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MODE_MAX 5 162*f80ad8b4SAndroid Build Coastguard Worker 163*f80ad8b4SAndroid Build Coastguard Worker /* Netlink configuration messages. */ 164*f80ad8b4SAndroid Build Coastguard Worker enum { 165*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_BASE = 0x10, 166*f80ad8b4SAndroid Build Coastguard Worker 167*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_NEWSA = 0x10, 168*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_NEWSA XFRM_MSG_NEWSA 169*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_DELSA, 170*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_DELSA XFRM_MSG_DELSA 171*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_GETSA, 172*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_GETSA XFRM_MSG_GETSA 173*f80ad8b4SAndroid Build Coastguard Worker 174*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_NEWPOLICY, 175*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_NEWPOLICY XFRM_MSG_NEWPOLICY 176*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_DELPOLICY, 177*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_DELPOLICY XFRM_MSG_DELPOLICY 178*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_GETPOLICY, 179*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_GETPOLICY XFRM_MSG_GETPOLICY 180*f80ad8b4SAndroid Build Coastguard Worker 181*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_ALLOCSPI, 182*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_ALLOCSPI XFRM_MSG_ALLOCSPI 183*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_ACQUIRE, 184*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_ACQUIRE XFRM_MSG_ACQUIRE 185*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_EXPIRE, 186*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_EXPIRE XFRM_MSG_EXPIRE 187*f80ad8b4SAndroid Build Coastguard Worker 188*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_UPDPOLICY, 189*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_UPDPOLICY XFRM_MSG_UPDPOLICY 190*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_UPDSA, 191*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_UPDSA XFRM_MSG_UPDSA 192*f80ad8b4SAndroid Build Coastguard Worker 193*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_POLEXPIRE, 194*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_POLEXPIRE XFRM_MSG_POLEXPIRE 195*f80ad8b4SAndroid Build Coastguard Worker 196*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_FLUSHSA, 197*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_FLUSHSA XFRM_MSG_FLUSHSA 198*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_FLUSHPOLICY, 199*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_FLUSHPOLICY XFRM_MSG_FLUSHPOLICY 200*f80ad8b4SAndroid Build Coastguard Worker 201*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_NEWAE, 202*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_NEWAE XFRM_MSG_NEWAE 203*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_GETAE, 204*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_GETAE XFRM_MSG_GETAE 205*f80ad8b4SAndroid Build Coastguard Worker 206*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_REPORT, 207*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_REPORT XFRM_MSG_REPORT 208*f80ad8b4SAndroid Build Coastguard Worker 209*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_MIGRATE, 210*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_MIGRATE XFRM_MSG_MIGRATE 211*f80ad8b4SAndroid Build Coastguard Worker 212*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_NEWSADINFO, 213*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_NEWSADINFO XFRM_MSG_NEWSADINFO 214*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_GETSADINFO, 215*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_GETSADINFO XFRM_MSG_GETSADINFO 216*f80ad8b4SAndroid Build Coastguard Worker 217*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_NEWSPDINFO, 218*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_NEWSPDINFO XFRM_MSG_NEWSPDINFO 219*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_GETSPDINFO, 220*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_GETSPDINFO XFRM_MSG_GETSPDINFO 221*f80ad8b4SAndroid Build Coastguard Worker 222*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_MAPPING, 223*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_MAPPING XFRM_MSG_MAPPING 224*f80ad8b4SAndroid Build Coastguard Worker 225*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_SETDEFAULT, 226*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_SETDEFAULT XFRM_MSG_SETDEFAULT 227*f80ad8b4SAndroid Build Coastguard Worker XFRM_MSG_GETDEFAULT, 228*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_GETDEFAULT XFRM_MSG_GETDEFAULT 229*f80ad8b4SAndroid Build Coastguard Worker __XFRM_MSG_MAX 230*f80ad8b4SAndroid Build Coastguard Worker }; 231*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_MSG_MAX (__XFRM_MSG_MAX - 1) 232*f80ad8b4SAndroid Build Coastguard Worker 233*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_NR_MSGTYPES (XFRM_MSG_MAX + 1 - XFRM_MSG_BASE) 234*f80ad8b4SAndroid Build Coastguard Worker 235*f80ad8b4SAndroid Build Coastguard Worker /* 236*f80ad8b4SAndroid Build Coastguard Worker * Generic LSM security context for communicating to user space 237*f80ad8b4SAndroid Build Coastguard Worker * NOTE: Same format as sadb_x_sec_ctx 238*f80ad8b4SAndroid Build Coastguard Worker */ 239*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_user_sec_ctx { 240*f80ad8b4SAndroid Build Coastguard Worker __u16 len; 241*f80ad8b4SAndroid Build Coastguard Worker __u16 exttype; 242*f80ad8b4SAndroid Build Coastguard Worker __u8 ctx_alg; /* LSMs: e.g., selinux == 1 */ 243*f80ad8b4SAndroid Build Coastguard Worker __u8 ctx_doi; 244*f80ad8b4SAndroid Build Coastguard Worker __u16 ctx_len; 245*f80ad8b4SAndroid Build Coastguard Worker }; 246*f80ad8b4SAndroid Build Coastguard Worker 247*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_user_tmpl { 248*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_id id; 249*f80ad8b4SAndroid Build Coastguard Worker __u16 family; 250*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t saddr; 251*f80ad8b4SAndroid Build Coastguard Worker __u32 reqid; 252*f80ad8b4SAndroid Build Coastguard Worker __u8 mode; 253*f80ad8b4SAndroid Build Coastguard Worker __u8 share; 254*f80ad8b4SAndroid Build Coastguard Worker __u8 optional; 255*f80ad8b4SAndroid Build Coastguard Worker __u32 aalgos; 256*f80ad8b4SAndroid Build Coastguard Worker __u32 ealgos; 257*f80ad8b4SAndroid Build Coastguard Worker __u32 calgos; 258*f80ad8b4SAndroid Build Coastguard Worker }; 259*f80ad8b4SAndroid Build Coastguard Worker 260*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_encap_tmpl { 261*f80ad8b4SAndroid Build Coastguard Worker __u16 encap_type; 262*f80ad8b4SAndroid Build Coastguard Worker __be16 encap_sport; 263*f80ad8b4SAndroid Build Coastguard Worker __be16 encap_dport; 264*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t encap_oa; 265*f80ad8b4SAndroid Build Coastguard Worker }; 266*f80ad8b4SAndroid Build Coastguard Worker 267*f80ad8b4SAndroid Build Coastguard Worker /* AEVENT flags */ 268*f80ad8b4SAndroid Build Coastguard Worker enum xfrm_ae_ftype_t { 269*f80ad8b4SAndroid Build Coastguard Worker XFRM_AE_UNSPEC, 270*f80ad8b4SAndroid Build Coastguard Worker XFRM_AE_RTHR=1, /* replay threshold*/ 271*f80ad8b4SAndroid Build Coastguard Worker XFRM_AE_RVAL=2, /* replay value */ 272*f80ad8b4SAndroid Build Coastguard Worker XFRM_AE_LVAL=4, /* lifetime value */ 273*f80ad8b4SAndroid Build Coastguard Worker XFRM_AE_ETHR=8, /* expiry timer threshold */ 274*f80ad8b4SAndroid Build Coastguard Worker XFRM_AE_CR=16, /* Event cause is replay update */ 275*f80ad8b4SAndroid Build Coastguard Worker XFRM_AE_CE=32, /* Event cause is timer expiry */ 276*f80ad8b4SAndroid Build Coastguard Worker XFRM_AE_CU=64, /* Event cause is policy update */ 277*f80ad8b4SAndroid Build Coastguard Worker __XFRM_AE_MAX 278*f80ad8b4SAndroid Build Coastguard Worker 279*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_AE_MAX (__XFRM_AE_MAX - 1) 280*f80ad8b4SAndroid Build Coastguard Worker }; 281*f80ad8b4SAndroid Build Coastguard Worker 282*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_userpolicy_type { 283*f80ad8b4SAndroid Build Coastguard Worker __u8 type; 284*f80ad8b4SAndroid Build Coastguard Worker __u16 reserved1; 285*f80ad8b4SAndroid Build Coastguard Worker __u8 reserved2; 286*f80ad8b4SAndroid Build Coastguard Worker }; 287*f80ad8b4SAndroid Build Coastguard Worker 288*f80ad8b4SAndroid Build Coastguard Worker /* Netlink message attributes. */ 289*f80ad8b4SAndroid Build Coastguard Worker enum xfrm_attr_type_t { 290*f80ad8b4SAndroid Build Coastguard Worker XFRMA_UNSPEC, 291*f80ad8b4SAndroid Build Coastguard Worker XFRMA_ALG_AUTH, /* struct xfrm_algo */ 292*f80ad8b4SAndroid Build Coastguard Worker XFRMA_ALG_CRYPT, /* struct xfrm_algo */ 293*f80ad8b4SAndroid Build Coastguard Worker XFRMA_ALG_COMP, /* struct xfrm_algo */ 294*f80ad8b4SAndroid Build Coastguard Worker XFRMA_ENCAP, /* struct xfrm_algo + struct xfrm_encap_tmpl */ 295*f80ad8b4SAndroid Build Coastguard Worker XFRMA_TMPL, /* 1 or more struct xfrm_user_tmpl */ 296*f80ad8b4SAndroid Build Coastguard Worker XFRMA_SA, /* struct xfrm_usersa_info */ 297*f80ad8b4SAndroid Build Coastguard Worker XFRMA_POLICY, /*struct xfrm_userpolicy_info */ 298*f80ad8b4SAndroid Build Coastguard Worker XFRMA_SEC_CTX, /* struct xfrm_sec_ctx */ 299*f80ad8b4SAndroid Build Coastguard Worker XFRMA_LTIME_VAL, 300*f80ad8b4SAndroid Build Coastguard Worker XFRMA_REPLAY_VAL, 301*f80ad8b4SAndroid Build Coastguard Worker XFRMA_REPLAY_THRESH, 302*f80ad8b4SAndroid Build Coastguard Worker XFRMA_ETIMER_THRESH, 303*f80ad8b4SAndroid Build Coastguard Worker XFRMA_SRCADDR, /* xfrm_address_t */ 304*f80ad8b4SAndroid Build Coastguard Worker XFRMA_COADDR, /* xfrm_address_t */ 305*f80ad8b4SAndroid Build Coastguard Worker XFRMA_LASTUSED, /* __u64 */ 306*f80ad8b4SAndroid Build Coastguard Worker XFRMA_POLICY_TYPE, /* struct xfrm_userpolicy_type */ 307*f80ad8b4SAndroid Build Coastguard Worker XFRMA_MIGRATE, 308*f80ad8b4SAndroid Build Coastguard Worker XFRMA_ALG_AEAD, /* struct xfrm_algo_aead */ 309*f80ad8b4SAndroid Build Coastguard Worker XFRMA_KMADDRESS, /* struct xfrm_user_kmaddress */ 310*f80ad8b4SAndroid Build Coastguard Worker XFRMA_ALG_AUTH_TRUNC, /* struct xfrm_algo_auth */ 311*f80ad8b4SAndroid Build Coastguard Worker XFRMA_MARK, /* struct xfrm_mark */ 312*f80ad8b4SAndroid Build Coastguard Worker XFRMA_TFCPAD, /* __u32 */ 313*f80ad8b4SAndroid Build Coastguard Worker XFRMA_REPLAY_ESN_VAL, /* struct xfrm_replay_state_esn */ 314*f80ad8b4SAndroid Build Coastguard Worker XFRMA_SA_EXTRA_FLAGS, /* __u32 */ 315*f80ad8b4SAndroid Build Coastguard Worker XFRMA_PROTO, /* __u8 */ 316*f80ad8b4SAndroid Build Coastguard Worker XFRMA_ADDRESS_FILTER, /* struct xfrm_address_filter */ 317*f80ad8b4SAndroid Build Coastguard Worker XFRMA_PAD, 318*f80ad8b4SAndroid Build Coastguard Worker XFRMA_OFFLOAD_DEV, /* struct xfrm_user_offload */ 319*f80ad8b4SAndroid Build Coastguard Worker XFRMA_SET_MARK, /* __u32 */ 320*f80ad8b4SAndroid Build Coastguard Worker XFRMA_SET_MARK_MASK, /* __u32 */ 321*f80ad8b4SAndroid Build Coastguard Worker XFRMA_IF_ID, /* __u32 */ 322*f80ad8b4SAndroid Build Coastguard Worker XFRMA_MTIMER_THRESH, /* __u32 in seconds for input SA */ 323*f80ad8b4SAndroid Build Coastguard Worker XFRMA_SA_DIR, /* __u8 */ 324*f80ad8b4SAndroid Build Coastguard Worker XFRMA_NAT_KEEPALIVE_INTERVAL, /* __u32 in seconds for NAT keepalive */ 325*f80ad8b4SAndroid Build Coastguard Worker __XFRMA_MAX 326*f80ad8b4SAndroid Build Coastguard Worker 327*f80ad8b4SAndroid Build Coastguard Worker #define XFRMA_OUTPUT_MARK XFRMA_SET_MARK /* Compatibility */ 328*f80ad8b4SAndroid Build Coastguard Worker #define XFRMA_MAX (__XFRMA_MAX - 1) 329*f80ad8b4SAndroid Build Coastguard Worker }; 330*f80ad8b4SAndroid Build Coastguard Worker 331*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_mark { 332*f80ad8b4SAndroid Build Coastguard Worker __u32 v; /* value */ 333*f80ad8b4SAndroid Build Coastguard Worker __u32 m; /* mask */ 334*f80ad8b4SAndroid Build Coastguard Worker }; 335*f80ad8b4SAndroid Build Coastguard Worker 336*f80ad8b4SAndroid Build Coastguard Worker enum xfrm_sadattr_type_t { 337*f80ad8b4SAndroid Build Coastguard Worker XFRMA_SAD_UNSPEC, 338*f80ad8b4SAndroid Build Coastguard Worker XFRMA_SAD_CNT, 339*f80ad8b4SAndroid Build Coastguard Worker XFRMA_SAD_HINFO, 340*f80ad8b4SAndroid Build Coastguard Worker __XFRMA_SAD_MAX 341*f80ad8b4SAndroid Build Coastguard Worker 342*f80ad8b4SAndroid Build Coastguard Worker #define XFRMA_SAD_MAX (__XFRMA_SAD_MAX - 1) 343*f80ad8b4SAndroid Build Coastguard Worker }; 344*f80ad8b4SAndroid Build Coastguard Worker 345*f80ad8b4SAndroid Build Coastguard Worker struct xfrmu_sadhinfo { 346*f80ad8b4SAndroid Build Coastguard Worker __u32 sadhcnt; /* current hash bkts */ 347*f80ad8b4SAndroid Build Coastguard Worker __u32 sadhmcnt; /* max allowed hash bkts */ 348*f80ad8b4SAndroid Build Coastguard Worker }; 349*f80ad8b4SAndroid Build Coastguard Worker 350*f80ad8b4SAndroid Build Coastguard Worker enum xfrm_spdattr_type_t { 351*f80ad8b4SAndroid Build Coastguard Worker XFRMA_SPD_UNSPEC, 352*f80ad8b4SAndroid Build Coastguard Worker XFRMA_SPD_INFO, 353*f80ad8b4SAndroid Build Coastguard Worker XFRMA_SPD_HINFO, 354*f80ad8b4SAndroid Build Coastguard Worker XFRMA_SPD_IPV4_HTHRESH, 355*f80ad8b4SAndroid Build Coastguard Worker XFRMA_SPD_IPV6_HTHRESH, 356*f80ad8b4SAndroid Build Coastguard Worker __XFRMA_SPD_MAX 357*f80ad8b4SAndroid Build Coastguard Worker 358*f80ad8b4SAndroid Build Coastguard Worker #define XFRMA_SPD_MAX (__XFRMA_SPD_MAX - 1) 359*f80ad8b4SAndroid Build Coastguard Worker }; 360*f80ad8b4SAndroid Build Coastguard Worker 361*f80ad8b4SAndroid Build Coastguard Worker struct xfrmu_spdinfo { 362*f80ad8b4SAndroid Build Coastguard Worker __u32 incnt; 363*f80ad8b4SAndroid Build Coastguard Worker __u32 outcnt; 364*f80ad8b4SAndroid Build Coastguard Worker __u32 fwdcnt; 365*f80ad8b4SAndroid Build Coastguard Worker __u32 inscnt; 366*f80ad8b4SAndroid Build Coastguard Worker __u32 outscnt; 367*f80ad8b4SAndroid Build Coastguard Worker __u32 fwdscnt; 368*f80ad8b4SAndroid Build Coastguard Worker }; 369*f80ad8b4SAndroid Build Coastguard Worker 370*f80ad8b4SAndroid Build Coastguard Worker struct xfrmu_spdhinfo { 371*f80ad8b4SAndroid Build Coastguard Worker __u32 spdhcnt; 372*f80ad8b4SAndroid Build Coastguard Worker __u32 spdhmcnt; 373*f80ad8b4SAndroid Build Coastguard Worker }; 374*f80ad8b4SAndroid Build Coastguard Worker 375*f80ad8b4SAndroid Build Coastguard Worker struct xfrmu_spdhthresh { 376*f80ad8b4SAndroid Build Coastguard Worker __u8 lbits; 377*f80ad8b4SAndroid Build Coastguard Worker __u8 rbits; 378*f80ad8b4SAndroid Build Coastguard Worker }; 379*f80ad8b4SAndroid Build Coastguard Worker 380*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_usersa_info { 381*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_selector sel; 382*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_id id; 383*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t saddr; 384*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_lifetime_cfg lft; 385*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_lifetime_cur curlft; 386*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_stats stats; 387*f80ad8b4SAndroid Build Coastguard Worker __u32 seq; 388*f80ad8b4SAndroid Build Coastguard Worker __u32 reqid; 389*f80ad8b4SAndroid Build Coastguard Worker __u16 family; 390*f80ad8b4SAndroid Build Coastguard Worker __u8 mode; /* XFRM_MODE_xxx */ 391*f80ad8b4SAndroid Build Coastguard Worker __u8 replay_window; 392*f80ad8b4SAndroid Build Coastguard Worker __u8 flags; 393*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_STATE_NOECN 1 394*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_STATE_DECAP_DSCP 2 395*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_STATE_NOPMTUDISC 4 396*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_STATE_WILDRECV 8 397*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_STATE_ICMP 16 398*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_STATE_AF_UNSPEC 32 399*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_STATE_ALIGN4 64 400*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_STATE_ESN 128 401*f80ad8b4SAndroid Build Coastguard Worker }; 402*f80ad8b4SAndroid Build Coastguard Worker 403*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_SA_XFLAG_DONT_ENCAP_DSCP 1 404*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_SA_XFLAG_OSEQ_MAY_WRAP 2 405*f80ad8b4SAndroid Build Coastguard Worker 406*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_usersa_id { 407*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t daddr; 408*f80ad8b4SAndroid Build Coastguard Worker __be32 spi; 409*f80ad8b4SAndroid Build Coastguard Worker __u16 family; 410*f80ad8b4SAndroid Build Coastguard Worker __u8 proto; 411*f80ad8b4SAndroid Build Coastguard Worker }; 412*f80ad8b4SAndroid Build Coastguard Worker 413*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_aevent_id { 414*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_usersa_id sa_id; 415*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t saddr; 416*f80ad8b4SAndroid Build Coastguard Worker __u32 flags; 417*f80ad8b4SAndroid Build Coastguard Worker __u32 reqid; 418*f80ad8b4SAndroid Build Coastguard Worker }; 419*f80ad8b4SAndroid Build Coastguard Worker 420*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_userspi_info { 421*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_usersa_info info; 422*f80ad8b4SAndroid Build Coastguard Worker __u32 min; 423*f80ad8b4SAndroid Build Coastguard Worker __u32 max; 424*f80ad8b4SAndroid Build Coastguard Worker }; 425*f80ad8b4SAndroid Build Coastguard Worker 426*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_userpolicy_info { 427*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_selector sel; 428*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_lifetime_cfg lft; 429*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_lifetime_cur curlft; 430*f80ad8b4SAndroid Build Coastguard Worker __u32 priority; 431*f80ad8b4SAndroid Build Coastguard Worker __u32 index; 432*f80ad8b4SAndroid Build Coastguard Worker __u8 dir; 433*f80ad8b4SAndroid Build Coastguard Worker __u8 action; 434*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_POLICY_ALLOW 0 435*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_POLICY_BLOCK 1 436*f80ad8b4SAndroid Build Coastguard Worker __u8 flags; 437*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_POLICY_LOCALOK 1 /* Allow user to override global policy */ 438*f80ad8b4SAndroid Build Coastguard Worker /* Automatically expand selector to include matching ICMP payloads. */ 439*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_POLICY_ICMP 2 440*f80ad8b4SAndroid Build Coastguard Worker __u8 share; 441*f80ad8b4SAndroid Build Coastguard Worker }; 442*f80ad8b4SAndroid Build Coastguard Worker 443*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_userpolicy_id { 444*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_selector sel; 445*f80ad8b4SAndroid Build Coastguard Worker __u32 index; 446*f80ad8b4SAndroid Build Coastguard Worker __u8 dir; 447*f80ad8b4SAndroid Build Coastguard Worker }; 448*f80ad8b4SAndroid Build Coastguard Worker 449*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_user_acquire { 450*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_id id; 451*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t saddr; 452*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_selector sel; 453*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_userpolicy_info policy; 454*f80ad8b4SAndroid Build Coastguard Worker __u32 aalgos; 455*f80ad8b4SAndroid Build Coastguard Worker __u32 ealgos; 456*f80ad8b4SAndroid Build Coastguard Worker __u32 calgos; 457*f80ad8b4SAndroid Build Coastguard Worker __u32 seq; 458*f80ad8b4SAndroid Build Coastguard Worker }; 459*f80ad8b4SAndroid Build Coastguard Worker 460*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_user_expire { 461*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_usersa_info state; 462*f80ad8b4SAndroid Build Coastguard Worker __u8 hard; 463*f80ad8b4SAndroid Build Coastguard Worker }; 464*f80ad8b4SAndroid Build Coastguard Worker 465*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_user_polexpire { 466*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_userpolicy_info pol; 467*f80ad8b4SAndroid Build Coastguard Worker __u8 hard; 468*f80ad8b4SAndroid Build Coastguard Worker }; 469*f80ad8b4SAndroid Build Coastguard Worker 470*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_usersa_flush { 471*f80ad8b4SAndroid Build Coastguard Worker __u8 proto; 472*f80ad8b4SAndroid Build Coastguard Worker }; 473*f80ad8b4SAndroid Build Coastguard Worker 474*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_user_report { 475*f80ad8b4SAndroid Build Coastguard Worker __u8 proto; 476*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_selector sel; 477*f80ad8b4SAndroid Build Coastguard Worker }; 478*f80ad8b4SAndroid Build Coastguard Worker 479*f80ad8b4SAndroid Build Coastguard Worker /* Used by MIGRATE to pass addresses IKE should use to perform 480*f80ad8b4SAndroid Build Coastguard Worker * SA negotiation with the peer */ 481*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_user_kmaddress { 482*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t local; 483*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t remote; 484*f80ad8b4SAndroid Build Coastguard Worker __u32 reserved; 485*f80ad8b4SAndroid Build Coastguard Worker __u16 family; 486*f80ad8b4SAndroid Build Coastguard Worker }; 487*f80ad8b4SAndroid Build Coastguard Worker 488*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_user_migrate { 489*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t old_daddr; 490*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t old_saddr; 491*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t new_daddr; 492*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t new_saddr; 493*f80ad8b4SAndroid Build Coastguard Worker __u8 proto; 494*f80ad8b4SAndroid Build Coastguard Worker __u8 mode; 495*f80ad8b4SAndroid Build Coastguard Worker __u16 reserved; 496*f80ad8b4SAndroid Build Coastguard Worker __u32 reqid; 497*f80ad8b4SAndroid Build Coastguard Worker __u16 old_family; 498*f80ad8b4SAndroid Build Coastguard Worker __u16 new_family; 499*f80ad8b4SAndroid Build Coastguard Worker }; 500*f80ad8b4SAndroid Build Coastguard Worker 501*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_user_mapping { 502*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_usersa_id id; 503*f80ad8b4SAndroid Build Coastguard Worker __u32 reqid; 504*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t old_saddr; 505*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t new_saddr; 506*f80ad8b4SAndroid Build Coastguard Worker __be16 old_sport; 507*f80ad8b4SAndroid Build Coastguard Worker __be16 new_sport; 508*f80ad8b4SAndroid Build Coastguard Worker }; 509*f80ad8b4SAndroid Build Coastguard Worker 510*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_address_filter { 511*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t saddr; 512*f80ad8b4SAndroid Build Coastguard Worker xfrm_address_t daddr; 513*f80ad8b4SAndroid Build Coastguard Worker __u16 family; 514*f80ad8b4SAndroid Build Coastguard Worker __u8 splen; 515*f80ad8b4SAndroid Build Coastguard Worker __u8 dplen; 516*f80ad8b4SAndroid Build Coastguard Worker }; 517*f80ad8b4SAndroid Build Coastguard Worker 518*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_user_offload { 519*f80ad8b4SAndroid Build Coastguard Worker int ifindex; 520*f80ad8b4SAndroid Build Coastguard Worker __u8 flags; 521*f80ad8b4SAndroid Build Coastguard Worker }; 522*f80ad8b4SAndroid Build Coastguard Worker /* This flag was exposed without any kernel code that supports it. 523*f80ad8b4SAndroid Build Coastguard Worker * Unfortunately, strongswan has the code that sets this flag, 524*f80ad8b4SAndroid Build Coastguard Worker * which makes it impossible to reuse this bit. 525*f80ad8b4SAndroid Build Coastguard Worker * 526*f80ad8b4SAndroid Build Coastguard Worker * So leave it here to make sure that it won't be reused by mistake. 527*f80ad8b4SAndroid Build Coastguard Worker */ 528*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_OFFLOAD_IPV6 1 529*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_OFFLOAD_INBOUND 2 530*f80ad8b4SAndroid Build Coastguard Worker /* Two bits above are relevant for state path only, while 531*f80ad8b4SAndroid Build Coastguard Worker * offload is used for both policy and state flows. 532*f80ad8b4SAndroid Build Coastguard Worker * 533*f80ad8b4SAndroid Build Coastguard Worker * In policy offload mode, they are free and can be safely reused. 534*f80ad8b4SAndroid Build Coastguard Worker */ 535*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_OFFLOAD_PACKET 4 536*f80ad8b4SAndroid Build Coastguard Worker 537*f80ad8b4SAndroid Build Coastguard Worker struct xfrm_userpolicy_default { 538*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_USERPOLICY_UNSPEC 0 539*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_USERPOLICY_BLOCK 1 540*f80ad8b4SAndroid Build Coastguard Worker #define XFRM_USERPOLICY_ACCEPT 2 541*f80ad8b4SAndroid Build Coastguard Worker __u8 in; 542*f80ad8b4SAndroid Build Coastguard Worker __u8 fwd; 543*f80ad8b4SAndroid Build Coastguard Worker __u8 out; 544*f80ad8b4SAndroid Build Coastguard Worker }; 545*f80ad8b4SAndroid Build Coastguard Worker 546*f80ad8b4SAndroid Build Coastguard Worker #ifndef __KERNEL__ 547*f80ad8b4SAndroid Build Coastguard Worker /* backwards compatibility for userspace */ 548*f80ad8b4SAndroid Build Coastguard Worker #define XFRMGRP_ACQUIRE 1 549*f80ad8b4SAndroid Build Coastguard Worker #define XFRMGRP_EXPIRE 2 550*f80ad8b4SAndroid Build Coastguard Worker #define XFRMGRP_SA 4 551*f80ad8b4SAndroid Build Coastguard Worker #define XFRMGRP_POLICY 8 552*f80ad8b4SAndroid Build Coastguard Worker #define XFRMGRP_REPORT 0x20 553*f80ad8b4SAndroid Build Coastguard Worker #endif 554*f80ad8b4SAndroid Build Coastguard Worker 555*f80ad8b4SAndroid Build Coastguard Worker enum xfrm_nlgroups { 556*f80ad8b4SAndroid Build Coastguard Worker XFRMNLGRP_NONE, 557*f80ad8b4SAndroid Build Coastguard Worker #define XFRMNLGRP_NONE XFRMNLGRP_NONE 558*f80ad8b4SAndroid Build Coastguard Worker XFRMNLGRP_ACQUIRE, 559*f80ad8b4SAndroid Build Coastguard Worker #define XFRMNLGRP_ACQUIRE XFRMNLGRP_ACQUIRE 560*f80ad8b4SAndroid Build Coastguard Worker XFRMNLGRP_EXPIRE, 561*f80ad8b4SAndroid Build Coastguard Worker #define XFRMNLGRP_EXPIRE XFRMNLGRP_EXPIRE 562*f80ad8b4SAndroid Build Coastguard Worker XFRMNLGRP_SA, 563*f80ad8b4SAndroid Build Coastguard Worker #define XFRMNLGRP_SA XFRMNLGRP_SA 564*f80ad8b4SAndroid Build Coastguard Worker XFRMNLGRP_POLICY, 565*f80ad8b4SAndroid Build Coastguard Worker #define XFRMNLGRP_POLICY XFRMNLGRP_POLICY 566*f80ad8b4SAndroid Build Coastguard Worker XFRMNLGRP_AEVENTS, 567*f80ad8b4SAndroid Build Coastguard Worker #define XFRMNLGRP_AEVENTS XFRMNLGRP_AEVENTS 568*f80ad8b4SAndroid Build Coastguard Worker XFRMNLGRP_REPORT, 569*f80ad8b4SAndroid Build Coastguard Worker #define XFRMNLGRP_REPORT XFRMNLGRP_REPORT 570*f80ad8b4SAndroid Build Coastguard Worker XFRMNLGRP_MIGRATE, 571*f80ad8b4SAndroid Build Coastguard Worker #define XFRMNLGRP_MIGRATE XFRMNLGRP_MIGRATE 572*f80ad8b4SAndroid Build Coastguard Worker XFRMNLGRP_MAPPING, 573*f80ad8b4SAndroid Build Coastguard Worker #define XFRMNLGRP_MAPPING XFRMNLGRP_MAPPING 574*f80ad8b4SAndroid Build Coastguard Worker __XFRMNLGRP_MAX 575*f80ad8b4SAndroid Build Coastguard Worker }; 576*f80ad8b4SAndroid Build Coastguard Worker #define XFRMNLGRP_MAX (__XFRMNLGRP_MAX - 1) 577*f80ad8b4SAndroid Build Coastguard Worker 578*f80ad8b4SAndroid Build Coastguard Worker #endif /* _LINUX_XFRM_H */ 579