URL https://opencores.org/ocsvn/hf-risc/hf-risc/trunk

Subversion Repositories hf-risc

[/] [hf-risc/] [trunk/] [tools/] [riscv-gnu-toolchain-master/] [linux-headers/] [include/] [linux/] [xfrm.h] - Blame information for rev 13

Details | Compare with Previous | View Log


#ifndef _LINUX_XFRM_H
#define _LINUX_XFRM_H
 
#include <linux/types.h>
 
/* All of the structures in this file may not change size as they are
 * passed into the kernel from userspace via netlink sockets.
 */
 
/* Structure to encapsulate addresses. I do not want to use
 * "standard" structure. My apologies.
 */
typedef union {
        __be32          a4;
        __be32          a6[4];
} xfrm_address_t;
 
/* Ident of a specific xfrm_state. It is used on input to lookup
 * the state by (spi,daddr,ah/esp) or to store information about
 * spi, protocol and tunnel address on output.
 */
struct xfrm_id {
        xfrm_address_t  daddr;
        __be32          spi;
        __u8            proto;
};
 
struct xfrm_sec_ctx {
        __u8    ctx_doi;
        __u8    ctx_alg;
        __u16   ctx_len;
        __u32   ctx_sid;
        char    ctx_str[0];
};
 
/* Security Context Domains of Interpretation */
#define XFRM_SC_DOI_RESERVED 0
#define XFRM_SC_DOI_LSM 1
 
/* Security Context Algorithms */
#define XFRM_SC_ALG_RESERVED 0
#define XFRM_SC_ALG_SELINUX 1
 
/* Selector, used as selector both on policy rules (SPD) and SAs. */
 
struct xfrm_selector {
        xfrm_address_t  daddr;
        xfrm_address_t  saddr;
        __be16  dport;
        __be16  dport_mask;
        __be16  sport;
        __be16  sport_mask;
        __u16   family;
        __u8    prefixlen_d;
        __u8    prefixlen_s;
        __u8    proto;
        int     ifindex;
        __kernel_uid32_t        user;
};
 
#define XFRM_INF (~(__u64)0)
 
struct xfrm_lifetime_cfg {
        __u64   soft_byte_limit;
        __u64   hard_byte_limit;
        __u64   soft_packet_limit;
        __u64   hard_packet_limit;
        __u64   soft_add_expires_seconds;
        __u64   hard_add_expires_seconds;
        __u64   soft_use_expires_seconds;
        __u64   hard_use_expires_seconds;
};
 
struct xfrm_lifetime_cur {
        __u64   bytes;
        __u64   packets;
        __u64   add_time;
        __u64   use_time;
};
 
struct xfrm_replay_state {
        __u32   oseq;
        __u32   seq;
        __u32   bitmap;
};
 
#define XFRMA_REPLAY_ESN_MAX    4096
 
struct xfrm_replay_state_esn {
        unsigned int    bmp_len;
        __u32           oseq;
        __u32           seq;
        __u32           oseq_hi;
        __u32           seq_hi;
        __u32           replay_window;
        __u32           bmp[0];
};
 
struct xfrm_algo {
        char            alg_name[64];
        unsigned int    alg_key_len;    /* in bits */
        char            alg_key[0];
};
 
struct xfrm_algo_auth {
        char            alg_name[64];
        unsigned int    alg_key_len;    /* in bits */
        unsigned int    alg_trunc_len;  /* in bits */
        char            alg_key[0];
};
 
struct xfrm_algo_aead {
        char            alg_name[64];
        unsigned int    alg_key_len;    /* in bits */
        unsigned int    alg_icv_len;    /* in bits */
        char            alg_key[0];
};
 
struct xfrm_stats {
        __u32   replay_window;
        __u32   replay;
        __u32   integrity_failed;
};
 
enum {
        XFRM_POLICY_TYPE_MAIN   = 0,
        XFRM_POLICY_TYPE_SUB    = 1,
        XFRM_POLICY_TYPE_MAX    = 2,
        XFRM_POLICY_TYPE_ANY    = 255
};
 
enum {
        XFRM_POLICY_IN  = 0,
        XFRM_POLICY_OUT = 1,
        XFRM_POLICY_FWD = 2,
        XFRM_POLICY_MASK = 3,
        XFRM_POLICY_MAX = 3
};
 
enum {
        XFRM_SHARE_ANY,         /* No limitations */
        XFRM_SHARE_SESSION,     /* For this session only */
        XFRM_SHARE_USER,        /* For this user only */
        XFRM_SHARE_UNIQUE       /* Use once */
};
 
#define XFRM_MODE_TRANSPORT 0
#define XFRM_MODE_TUNNEL 1
#define XFRM_MODE_ROUTEOPTIMIZATION 2
#define XFRM_MODE_IN_TRIGGER 3
#define XFRM_MODE_BEET 4
#define XFRM_MODE_MAX 5
 
/* Netlink configuration messages.  */
enum {
        XFRM_MSG_BASE = 0x10,
 
        XFRM_MSG_NEWSA = 0x10,
#define XFRM_MSG_NEWSA XFRM_MSG_NEWSA
        XFRM_MSG_DELSA,
#define XFRM_MSG_DELSA XFRM_MSG_DELSA
        XFRM_MSG_GETSA,
#define XFRM_MSG_GETSA XFRM_MSG_GETSA
 
        XFRM_MSG_NEWPOLICY,
#define XFRM_MSG_NEWPOLICY XFRM_MSG_NEWPOLICY
        XFRM_MSG_DELPOLICY,
#define XFRM_MSG_DELPOLICY XFRM_MSG_DELPOLICY
        XFRM_MSG_GETPOLICY,
#define XFRM_MSG_GETPOLICY XFRM_MSG_GETPOLICY
 
        XFRM_MSG_ALLOCSPI,
#define XFRM_MSG_ALLOCSPI XFRM_MSG_ALLOCSPI
        XFRM_MSG_ACQUIRE,
#define XFRM_MSG_ACQUIRE XFRM_MSG_ACQUIRE
        XFRM_MSG_EXPIRE,
#define XFRM_MSG_EXPIRE XFRM_MSG_EXPIRE
 
        XFRM_MSG_UPDPOLICY,
#define XFRM_MSG_UPDPOLICY XFRM_MSG_UPDPOLICY
        XFRM_MSG_UPDSA,
#define XFRM_MSG_UPDSA XFRM_MSG_UPDSA
 
        XFRM_MSG_POLEXPIRE,
#define XFRM_MSG_POLEXPIRE XFRM_MSG_POLEXPIRE
 
        XFRM_MSG_FLUSHSA,
#define XFRM_MSG_FLUSHSA XFRM_MSG_FLUSHSA
        XFRM_MSG_FLUSHPOLICY,
#define XFRM_MSG_FLUSHPOLICY XFRM_MSG_FLUSHPOLICY
 
        XFRM_MSG_NEWAE,
#define XFRM_MSG_NEWAE XFRM_MSG_NEWAE
        XFRM_MSG_GETAE,
#define XFRM_MSG_GETAE XFRM_MSG_GETAE
 
        XFRM_MSG_REPORT,
#define XFRM_MSG_REPORT XFRM_MSG_REPORT
 
        XFRM_MSG_MIGRATE,
#define XFRM_MSG_MIGRATE XFRM_MSG_MIGRATE
 
        XFRM_MSG_NEWSADINFO,
#define XFRM_MSG_NEWSADINFO XFRM_MSG_NEWSADINFO
        XFRM_MSG_GETSADINFO,
#define XFRM_MSG_GETSADINFO XFRM_MSG_GETSADINFO
 
        XFRM_MSG_NEWSPDINFO,
#define XFRM_MSG_NEWSPDINFO XFRM_MSG_NEWSPDINFO
        XFRM_MSG_GETSPDINFO,
#define XFRM_MSG_GETSPDINFO XFRM_MSG_GETSPDINFO
 
        XFRM_MSG_MAPPING,
#define XFRM_MSG_MAPPING XFRM_MSG_MAPPING
        __XFRM_MSG_MAX
};
#define XFRM_MSG_MAX (__XFRM_MSG_MAX - 1)
 
#define XFRM_NR_MSGTYPES (XFRM_MSG_MAX + 1 - XFRM_MSG_BASE)
 
/*
 * Generic LSM security context for comunicating to user space
 * NOTE: Same format as sadb_x_sec_ctx
 */
struct xfrm_user_sec_ctx {
        __u16                   len;
        __u16                   exttype;
        __u8                    ctx_alg;  /* LSMs: e.g., selinux == 1 */
        __u8                    ctx_doi;
        __u16                   ctx_len;
};
 
struct xfrm_user_tmpl {
        struct xfrm_id          id;
        __u16                   family;
        xfrm_address_t          saddr;
        __u32                   reqid;
        __u8                    mode;
        __u8                    share;
        __u8                    optional;
        __u32                   aalgos;
        __u32                   ealgos;
        __u32                   calgos;
};
 
struct xfrm_encap_tmpl {
        __u16           encap_type;
        __be16          encap_sport;
        __be16          encap_dport;
        xfrm_address_t  encap_oa;
};
 
/* AEVENT flags  */
enum xfrm_ae_ftype_t {
        XFRM_AE_UNSPEC,
        XFRM_AE_RTHR=1, /* replay threshold*/
        XFRM_AE_RVAL=2, /* replay value */
        XFRM_AE_LVAL=4, /* lifetime value */
        XFRM_AE_ETHR=8, /* expiry timer threshold */
        XFRM_AE_CR=16, /* Event cause is replay update */
        XFRM_AE_CE=32, /* Event cause is timer expiry */
        XFRM_AE_CU=64, /* Event cause is policy update */
        __XFRM_AE_MAX
 
#define XFRM_AE_MAX (__XFRM_AE_MAX - 1)
};
 
struct xfrm_userpolicy_type {
        __u8            type;
        __u16           reserved1;
        __u8            reserved2;
};
 
/* Netlink message attributes.  */
enum xfrm_attr_type_t {
        XFRMA_UNSPEC,
        XFRMA_ALG_AUTH,         /* struct xfrm_algo */
        XFRMA_ALG_CRYPT,        /* struct xfrm_algo */
        XFRMA_ALG_COMP,         /* struct xfrm_algo */
        XFRMA_ENCAP,            /* struct xfrm_algo + struct xfrm_encap_tmpl */
        XFRMA_TMPL,             /* 1 or more struct xfrm_user_tmpl */
        XFRMA_SA,               /* struct xfrm_usersa_info  */
        XFRMA_POLICY,           /*struct xfrm_userpolicy_info */
        XFRMA_SEC_CTX,          /* struct xfrm_sec_ctx */
        XFRMA_LTIME_VAL,
        XFRMA_REPLAY_VAL,
        XFRMA_REPLAY_THRESH,
        XFRMA_ETIMER_THRESH,
        XFRMA_SRCADDR,          /* xfrm_address_t */
        XFRMA_COADDR,           /* xfrm_address_t */
        XFRMA_LASTUSED,         /* unsigned long  */
        XFRMA_POLICY_TYPE,      /* struct xfrm_userpolicy_type */
        XFRMA_MIGRATE,
        XFRMA_ALG_AEAD,         /* struct xfrm_algo_aead */
        XFRMA_KMADDRESS,        /* struct xfrm_user_kmaddress */
        XFRMA_ALG_AUTH_TRUNC,   /* struct xfrm_algo_auth */
        XFRMA_MARK,             /* struct xfrm_mark */
        XFRMA_TFCPAD,           /* __u32 */
        XFRMA_REPLAY_ESN_VAL,   /* struct xfrm_replay_esn */
        XFRMA_SA_EXTRA_FLAGS,   /* __u32 */
        __XFRMA_MAX
 
#define XFRMA_MAX (__XFRMA_MAX - 1)
};
 
struct xfrm_mark {
        __u32           v; /* value */
        __u32           m; /* mask */
};
 
enum xfrm_sadattr_type_t {
        XFRMA_SAD_UNSPEC,
        XFRMA_SAD_CNT,
        XFRMA_SAD_HINFO,
        __XFRMA_SAD_MAX
 
#define XFRMA_SAD_MAX (__XFRMA_SAD_MAX - 1)
};
 
struct xfrmu_sadhinfo {
        __u32 sadhcnt; /* current hash bkts */
        __u32 sadhmcnt; /* max allowed hash bkts */
};
 
enum xfrm_spdattr_type_t {
        XFRMA_SPD_UNSPEC,
        XFRMA_SPD_INFO,
        XFRMA_SPD_HINFO,
        __XFRMA_SPD_MAX
 
#define XFRMA_SPD_MAX (__XFRMA_SPD_MAX - 1)
};
 
struct xfrmu_spdinfo {
        __u32 incnt;
        __u32 outcnt;
        __u32 fwdcnt;
        __u32 inscnt;
        __u32 outscnt;
        __u32 fwdscnt;
};
 
struct xfrmu_spdhinfo {
        __u32 spdhcnt;
        __u32 spdhmcnt;
};
 
struct xfrm_usersa_info {
        struct xfrm_selector            sel;
        struct xfrm_id                  id;
        xfrm_address_t                  saddr;
        struct xfrm_lifetime_cfg        lft;
        struct xfrm_lifetime_cur        curlft;
        struct xfrm_stats               stats;
        __u32                           seq;
        __u32                           reqid;
        __u16                           family;
        __u8                            mode;           /* XFRM_MODE_xxx */
        __u8                            replay_window;
        __u8                            flags;
#define XFRM_STATE_NOECN        1
#define XFRM_STATE_DECAP_DSCP   2
#define XFRM_STATE_NOPMTUDISC   4
#define XFRM_STATE_WILDRECV     8
#define XFRM_STATE_ICMP         16
#define XFRM_STATE_AF_UNSPEC    32
#define XFRM_STATE_ALIGN4       64
#define XFRM_STATE_ESN          128
};
 
#define XFRM_SA_XFLAG_DONT_ENCAP_DSCP   1
 
struct xfrm_usersa_id {
        xfrm_address_t                  daddr;
        __be32                          spi;
        __u16                           family;
        __u8                            proto;
};
 
struct xfrm_aevent_id {
        struct xfrm_usersa_id           sa_id;
        xfrm_address_t                  saddr;
        __u32                           flags;
        __u32                           reqid;
};
 
struct xfrm_userspi_info {
        struct xfrm_usersa_info         info;
        __u32                           min;
        __u32                           max;
};
 
struct xfrm_userpolicy_info {
        struct xfrm_selector            sel;
        struct xfrm_lifetime_cfg        lft;
        struct xfrm_lifetime_cur        curlft;
        __u32                           priority;
        __u32                           index;
        __u8                            dir;
        __u8                            action;
#define XFRM_POLICY_ALLOW       0
#define XFRM_POLICY_BLOCK       1
        __u8                            flags;
#define XFRM_POLICY_LOCALOK     1       /* Allow user to override global policy */
        /* Automatically expand selector to include matching ICMP payloads. */
#define XFRM_POLICY_ICMP        2
        __u8                            share;
};
 
struct xfrm_userpolicy_id {
        struct xfrm_selector            sel;
        __u32                           index;
        __u8                            dir;
};
 
struct xfrm_user_acquire {
        struct xfrm_id                  id;
        xfrm_address_t                  saddr;
        struct xfrm_selector            sel;
        struct xfrm_userpolicy_info     policy;
        __u32                           aalgos;
        __u32                           ealgos;
        __u32                           calgos;
        __u32                           seq;
};
 
struct xfrm_user_expire {
        struct xfrm_usersa_info         state;
        __u8                            hard;
};
 
struct xfrm_user_polexpire {
        struct xfrm_userpolicy_info     pol;
        __u8                            hard;
};
 
struct xfrm_usersa_flush {
        __u8                            proto;
};
 
struct xfrm_user_report {
        __u8                            proto;
        struct xfrm_selector            sel;
};
 
/* Used by MIGRATE to pass addresses IKE should use to perform
 * SA negotiation with the peer */
struct xfrm_user_kmaddress {
        xfrm_address_t                  local;
        xfrm_address_t                  remote;
        __u32                           reserved;
        __u16                           family;
};
 
struct xfrm_user_migrate {
        xfrm_address_t                  old_daddr;
        xfrm_address_t                  old_saddr;
        xfrm_address_t                  new_daddr;
        xfrm_address_t                  new_saddr;
        __u8                            proto;
        __u8                            mode;
        __u16                           reserved;
        __u32                           reqid;
        __u16                           old_family;
        __u16                           new_family;
};
 
struct xfrm_user_mapping {
        struct xfrm_usersa_id           id;
        __u32                           reqid;
        xfrm_address_t                  old_saddr;
        xfrm_address_t                  new_saddr;
        __be16                          old_sport;
        __be16                          new_sport;
};
 
/* backwards compatibility for userspace */
#define XFRMGRP_ACQUIRE         1
#define XFRMGRP_EXPIRE          2
#define XFRMGRP_SA              4
#define XFRMGRP_POLICY          8
#define XFRMGRP_REPORT          0x20
 
enum xfrm_nlgroups {
        XFRMNLGRP_NONE,
#define XFRMNLGRP_NONE          XFRMNLGRP_NONE
        XFRMNLGRP_ACQUIRE,
#define XFRMNLGRP_ACQUIRE       XFRMNLGRP_ACQUIRE
        XFRMNLGRP_EXPIRE,
#define XFRMNLGRP_EXPIRE        XFRMNLGRP_EXPIRE
        XFRMNLGRP_SA,
#define XFRMNLGRP_SA            XFRMNLGRP_SA
        XFRMNLGRP_POLICY,
#define XFRMNLGRP_POLICY        XFRMNLGRP_POLICY
        XFRMNLGRP_AEVENTS,
#define XFRMNLGRP_AEVENTS       XFRMNLGRP_AEVENTS
        XFRMNLGRP_REPORT,
#define XFRMNLGRP_REPORT        XFRMNLGRP_REPORT
        XFRMNLGRP_MIGRATE,
#define XFRMNLGRP_MIGRATE       XFRMNLGRP_MIGRATE
        XFRMNLGRP_MAPPING,
#define XFRMNLGRP_MAPPING       XFRMNLGRP_MAPPING
        __XFRMNLGRP_MAX
};
#define XFRMNLGRP_MAX   (__XFRMNLGRP_MAX - 1)
 
#endif /* _LINUX_XFRM_H */

Browse

Tools

Subversion Repositories hf-risc

[/] [hf-risc/] [trunk/] [tools/] [riscv-gnu-toolchain-master/] [linux-headers/] [include/] [linux/] [xfrm.h] - Blame information for rev 13

Line No.	Rev	Author	Line
1	13	serginhofr	`#ifndef _LINUX_XFRM_H`
2			`#define _LINUX_XFRM_H`
3
4			`#include <linux/types.h>`
5
6			`/* All of the structures in this file may not change size as they are`
7			`* passed into the kernel from userspace via netlink sockets.`
8			`*/`
9
10			`/* Structure to encapsulate addresses. I do not want to use`
11			`* "standard" structure. My apologies.`
12			`*/`
13			`typedef union {`
14			`__be32 a4;`
15			`__be32 a6[4];`
16			`} xfrm_address_t;`
17
18			`/* Ident of a specific xfrm_state. It is used on input to lookup`
19			`* the state by (spi,daddr,ah/esp) or to store information about`
20			`* spi, protocol and tunnel address on output.`
21			`*/`
22			`struct xfrm_id {`
23			`xfrm_address_t daddr;`
24			`__be32 spi;`
25			`__u8 proto;`
26			`};`
27
28			`struct xfrm_sec_ctx {`
29			`__u8 ctx_doi;`
30			`__u8 ctx_alg;`
31			`__u16 ctx_len;`
32			`__u32 ctx_sid;`
33			`char ctx_str[0];`
34			`};`
35
36			`/* Security Context Domains of Interpretation */`
37			`#define XFRM_SC_DOI_RESERVED 0`
38			`#define XFRM_SC_DOI_LSM 1`
39
40			`/* Security Context Algorithms */`
41			`#define XFRM_SC_ALG_RESERVED 0`
42			`#define XFRM_SC_ALG_SELINUX 1`
43
44			`/* Selector, used as selector both on policy rules (SPD) and SAs. */`
45
46			`struct xfrm_selector {`
47			`xfrm_address_t daddr;`
48			`xfrm_address_t saddr;`
49			`__be16 dport;`
50			`__be16 dport_mask;`
51			`__be16 sport;`
52			`__be16 sport_mask;`
53			`__u16 family;`
54			`__u8 prefixlen_d;`
55			`__u8 prefixlen_s;`
56			`__u8 proto;`
57			`int ifindex;`
58			`__kernel_uid32_t user;`
59			`};`
60
61			`#define XFRM_INF (~(__u64)0)`
62
63			`struct xfrm_lifetime_cfg {`
64			`__u64 soft_byte_limit;`
65			`__u64 hard_byte_limit;`
66			`__u64 soft_packet_limit;`
67			`__u64 hard_packet_limit;`
68			`__u64 soft_add_expires_seconds;`
69			`__u64 hard_add_expires_seconds;`
70			`__u64 soft_use_expires_seconds;`
71			`__u64 hard_use_expires_seconds;`
72			`};`
73
74			`struct xfrm_lifetime_cur {`
75			`__u64 bytes;`
76			`__u64 packets;`
77			`__u64 add_time;`
78			`__u64 use_time;`
79			`};`
80
81			`struct xfrm_replay_state {`
82			`__u32 oseq;`
83			`__u32 seq;`
84			`__u32 bitmap;`
85			`};`
86
87			`#define XFRMA_REPLAY_ESN_MAX 4096`
88
89			`struct xfrm_replay_state_esn {`
90			`unsigned int bmp_len;`
91			`__u32 oseq;`
92			`__u32 seq;`
93			`__u32 oseq_hi;`
94			`__u32 seq_hi;`
95			`__u32 replay_window;`
96			`__u32 bmp[0];`
97			`};`
98
99			`struct xfrm_algo {`
100			`char alg_name[64];`
101			`unsigned int alg_key_len; /* in bits */`
102			`char alg_key[0];`
103			`};`
104
105			`struct xfrm_algo_auth {`
106			`char alg_name[64];`
107			`unsigned int alg_key_len; /* in bits */`
108			`unsigned int alg_trunc_len; /* in bits */`
109			`char alg_key[0];`
110			`};`
111
112			`struct xfrm_algo_aead {`
113			`char alg_name[64];`
114			`unsigned int alg_key_len; /* in bits */`
115			`unsigned int alg_icv_len; /* in bits */`
116			`char alg_key[0];`
117			`};`
118
119			`struct xfrm_stats {`
120			`__u32 replay_window;`
121			`__u32 replay;`
122			`__u32 integrity_failed;`
123			`};`
124
125			`enum {`
126			`XFRM_POLICY_TYPE_MAIN = 0,`
127			`XFRM_POLICY_TYPE_SUB = 1,`
128			`XFRM_POLICY_TYPE_MAX = 2,`
129			`XFRM_POLICY_TYPE_ANY = 255`
130			`};`
131
132			`enum {`
133			`XFRM_POLICY_IN = 0,`
134			`XFRM_POLICY_OUT = 1,`
135			`XFRM_POLICY_FWD = 2,`
136			`XFRM_POLICY_MASK = 3,`
137			`XFRM_POLICY_MAX = 3`
138			`};`
139
140			`enum {`
141			`XFRM_SHARE_ANY, /* No limitations */`
142			`XFRM_SHARE_SESSION, /* For this session only */`
143			`XFRM_SHARE_USER, /* For this user only */`
144			`XFRM_SHARE_UNIQUE /* Use once */`
145			`};`
146
147			`#define XFRM_MODE_TRANSPORT 0`
148			`#define XFRM_MODE_TUNNEL 1`
149			`#define XFRM_MODE_ROUTEOPTIMIZATION 2`
150			`#define XFRM_MODE_IN_TRIGGER 3`
151			`#define XFRM_MODE_BEET 4`
152			`#define XFRM_MODE_MAX 5`
153
154			`/* Netlink configuration messages. */`
155			`enum {`
156			`XFRM_MSG_BASE = 0x10,`
157
158			`XFRM_MSG_NEWSA = 0x10,`
159			`#define XFRM_MSG_NEWSA XFRM_MSG_NEWSA`
160			`XFRM_MSG_DELSA,`
161			`#define XFRM_MSG_DELSA XFRM_MSG_DELSA`
162			`XFRM_MSG_GETSA,`
163			`#define XFRM_MSG_GETSA XFRM_MSG_GETSA`
164
165			`XFRM_MSG_NEWPOLICY,`
166			`#define XFRM_MSG_NEWPOLICY XFRM_MSG_NEWPOLICY`
167			`XFRM_MSG_DELPOLICY,`
168			`#define XFRM_MSG_DELPOLICY XFRM_MSG_DELPOLICY`
169			`XFRM_MSG_GETPOLICY,`
170			`#define XFRM_MSG_GETPOLICY XFRM_MSG_GETPOLICY`
171
172			`XFRM_MSG_ALLOCSPI,`
173			`#define XFRM_MSG_ALLOCSPI XFRM_MSG_ALLOCSPI`
174			`XFRM_MSG_ACQUIRE,`
175			`#define XFRM_MSG_ACQUIRE XFRM_MSG_ACQUIRE`
176			`XFRM_MSG_EXPIRE,`
177			`#define XFRM_MSG_EXPIRE XFRM_MSG_EXPIRE`
178
179			`XFRM_MSG_UPDPOLICY,`
180			`#define XFRM_MSG_UPDPOLICY XFRM_MSG_UPDPOLICY`
181			`XFRM_MSG_UPDSA,`
182			`#define XFRM_MSG_UPDSA XFRM_MSG_UPDSA`
183
184			`XFRM_MSG_POLEXPIRE,`
185			`#define XFRM_MSG_POLEXPIRE XFRM_MSG_POLEXPIRE`
186
187			`XFRM_MSG_FLUSHSA,`
188			`#define XFRM_MSG_FLUSHSA XFRM_MSG_FLUSHSA`
189			`XFRM_MSG_FLUSHPOLICY,`
190			`#define XFRM_MSG_FLUSHPOLICY XFRM_MSG_FLUSHPOLICY`
191
192			`XFRM_MSG_NEWAE,`
193			`#define XFRM_MSG_NEWAE XFRM_MSG_NEWAE`
194			`XFRM_MSG_GETAE,`
195			`#define XFRM_MSG_GETAE XFRM_MSG_GETAE`
196
197			`XFRM_MSG_REPORT,`
198			`#define XFRM_MSG_REPORT XFRM_MSG_REPORT`
199
200			`XFRM_MSG_MIGRATE,`
201			`#define XFRM_MSG_MIGRATE XFRM_MSG_MIGRATE`
202
203			`XFRM_MSG_NEWSADINFO,`
204			`#define XFRM_MSG_NEWSADINFO XFRM_MSG_NEWSADINFO`
205			`XFRM_MSG_GETSADINFO,`
206			`#define XFRM_MSG_GETSADINFO XFRM_MSG_GETSADINFO`
207
208			`XFRM_MSG_NEWSPDINFO,`
209			`#define XFRM_MSG_NEWSPDINFO XFRM_MSG_NEWSPDINFO`
210			`XFRM_MSG_GETSPDINFO,`
211			`#define XFRM_MSG_GETSPDINFO XFRM_MSG_GETSPDINFO`
212
213			`XFRM_MSG_MAPPING,`
214			`#define XFRM_MSG_MAPPING XFRM_MSG_MAPPING`
215			`__XFRM_MSG_MAX`
216			`};`
217			`#define XFRM_MSG_MAX (__XFRM_MSG_MAX - 1)`
218
219			`#define XFRM_NR_MSGTYPES (XFRM_MSG_MAX + 1 - XFRM_MSG_BASE)`
220
221			`/*`
222			`* Generic LSM security context for comunicating to user space`
223			`* NOTE: Same format as sadb_x_sec_ctx`
224			`*/`
225			`struct xfrm_user_sec_ctx {`
226			`__u16 len;`
227			`__u16 exttype;`
228			`__u8 ctx_alg; /* LSMs: e.g., selinux == 1 */`
229			`__u8 ctx_doi;`
230			`__u16 ctx_len;`
231			`};`
232
233			`struct xfrm_user_tmpl {`
234			`struct xfrm_id id;`
235			`__u16 family;`
236			`xfrm_address_t saddr;`
237			`__u32 reqid;`
238			`__u8 mode;`
239			`__u8 share;`
240			`__u8 optional;`
241			`__u32 aalgos;`
242			`__u32 ealgos;`
243			`__u32 calgos;`
244			`};`
245
246			`struct xfrm_encap_tmpl {`
247			`__u16 encap_type;`
248			`__be16 encap_sport;`
249			`__be16 encap_dport;`
250			`xfrm_address_t encap_oa;`
251			`};`
252
253			`/* AEVENT flags */`
254			`enum xfrm_ae_ftype_t {`
255			`XFRM_AE_UNSPEC,`
256			`XFRM_AE_RTHR=1, /* replay threshold*/`
257			`XFRM_AE_RVAL=2, /* replay value */`
258			`XFRM_AE_LVAL=4, /* lifetime value */`
259			`XFRM_AE_ETHR=8, /* expiry timer threshold */`
260			`XFRM_AE_CR=16, /* Event cause is replay update */`
261			`XFRM_AE_CE=32, /* Event cause is timer expiry */`
262			`XFRM_AE_CU=64, /* Event cause is policy update */`
263			`__XFRM_AE_MAX`
264
265			`#define XFRM_AE_MAX (__XFRM_AE_MAX - 1)`
266			`};`
267
268			`struct xfrm_userpolicy_type {`
269			`__u8 type;`
270			`__u16 reserved1;`
271			`__u8 reserved2;`
272			`};`
273
274			`/* Netlink message attributes. */`
275			`enum xfrm_attr_type_t {`
276			`XFRMA_UNSPEC,`
277			`XFRMA_ALG_AUTH, /* struct xfrm_algo */`
278			`XFRMA_ALG_CRYPT, /* struct xfrm_algo */`
279			`XFRMA_ALG_COMP, /* struct xfrm_algo */`
280			`XFRMA_ENCAP, /* struct xfrm_algo + struct xfrm_encap_tmpl */`
281			`XFRMA_TMPL, /* 1 or more struct xfrm_user_tmpl */`
282			`XFRMA_SA, /* struct xfrm_usersa_info */`
283			`XFRMA_POLICY, /struct xfrm_userpolicy_info /`
284			`XFRMA_SEC_CTX, /* struct xfrm_sec_ctx */`
285			`XFRMA_LTIME_VAL,`
286			`XFRMA_REPLAY_VAL,`
287			`XFRMA_REPLAY_THRESH,`
288			`XFRMA_ETIMER_THRESH,`
289			`XFRMA_SRCADDR, /* xfrm_address_t */`
290			`XFRMA_COADDR, /* xfrm_address_t */`
291			`XFRMA_LASTUSED, /* unsigned long */`
292			`XFRMA_POLICY_TYPE, /* struct xfrm_userpolicy_type */`
293			`XFRMA_MIGRATE,`
294			`XFRMA_ALG_AEAD, /* struct xfrm_algo_aead */`
295			`XFRMA_KMADDRESS, /* struct xfrm_user_kmaddress */`
296			`XFRMA_ALG_AUTH_TRUNC, /* struct xfrm_algo_auth */`
297			`XFRMA_MARK, /* struct xfrm_mark */`
298			`XFRMA_TFCPAD, /* __u32 */`
299			`XFRMA_REPLAY_ESN_VAL, /* struct xfrm_replay_esn */`
300			`XFRMA_SA_EXTRA_FLAGS, /* __u32 */`
301			`__XFRMA_MAX`
302
303			`#define XFRMA_MAX (__XFRMA_MAX - 1)`
304			`};`
305
306			`struct xfrm_mark {`
307			`__u32 v; /* value */`
308			`__u32 m; /* mask */`
309			`};`
310
311			`enum xfrm_sadattr_type_t {`
312			`XFRMA_SAD_UNSPEC,`
313			`XFRMA_SAD_CNT,`
314			`XFRMA_SAD_HINFO,`
315			`__XFRMA_SAD_MAX`
316
317			`#define XFRMA_SAD_MAX (__XFRMA_SAD_MAX - 1)`
318			`};`
319
320			`struct xfrmu_sadhinfo {`
321			`__u32 sadhcnt; /* current hash bkts */`
322			`__u32 sadhmcnt; /* max allowed hash bkts */`
323			`};`
324
325			`enum xfrm_spdattr_type_t {`
326			`XFRMA_SPD_UNSPEC,`
327			`XFRMA_SPD_INFO,`
328			`XFRMA_SPD_HINFO,`
329			`__XFRMA_SPD_MAX`
330
331			`#define XFRMA_SPD_MAX (__XFRMA_SPD_MAX - 1)`
332			`};`
333
334			`struct xfrmu_spdinfo {`
335			`__u32 incnt;`
336			`__u32 outcnt;`
337			`__u32 fwdcnt;`
338			`__u32 inscnt;`
339			`__u32 outscnt;`
340			`__u32 fwdscnt;`
341			`};`
342
343			`struct xfrmu_spdhinfo {`
344			`__u32 spdhcnt;`
345			`__u32 spdhmcnt;`
346			`};`
347
348			`struct xfrm_usersa_info {`
349			`struct xfrm_selector sel;`
350			`struct xfrm_id id;`
351			`xfrm_address_t saddr;`
352			`struct xfrm_lifetime_cfg lft;`
353			`struct xfrm_lifetime_cur curlft;`
354			`struct xfrm_stats stats;`
355			`__u32 seq;`
356			`__u32 reqid;`
357			`__u16 family;`
358			`__u8 mode; /* XFRM_MODE_xxx */`
359			`__u8 replay_window;`
360			`__u8 flags;`
361			`#define XFRM_STATE_NOECN 1`
362			`#define XFRM_STATE_DECAP_DSCP 2`
363			`#define XFRM_STATE_NOPMTUDISC 4`
364			`#define XFRM_STATE_WILDRECV 8`
365			`#define XFRM_STATE_ICMP 16`
366			`#define XFRM_STATE_AF_UNSPEC 32`
367			`#define XFRM_STATE_ALIGN4 64`
368			`#define XFRM_STATE_ESN 128`
369			`};`
370
371			`#define XFRM_SA_XFLAG_DONT_ENCAP_DSCP 1`
372
373			`struct xfrm_usersa_id {`
374			`xfrm_address_t daddr;`
375			`__be32 spi;`
376			`__u16 family;`
377			`__u8 proto;`
378			`};`
379
380			`struct xfrm_aevent_id {`
381			`struct xfrm_usersa_id sa_id;`
382			`xfrm_address_t saddr;`
383			`__u32 flags;`
384			`__u32 reqid;`
385			`};`
386
387			`struct xfrm_userspi_info {`
388			`struct xfrm_usersa_info info;`
389			`__u32 min;`
390			`__u32 max;`
391			`};`
392
393			`struct xfrm_userpolicy_info {`
394			`struct xfrm_selector sel;`
395			`struct xfrm_lifetime_cfg lft;`
396			`struct xfrm_lifetime_cur curlft;`
397			`__u32 priority;`
398			`__u32 index;`
399			`__u8 dir;`
400			`__u8 action;`
401			`#define XFRM_POLICY_ALLOW 0`
402			`#define XFRM_POLICY_BLOCK 1`
403			`__u8 flags;`
404			`#define XFRM_POLICY_LOCALOK 1 /* Allow user to override global policy */`
405			`/* Automatically expand selector to include matching ICMP payloads. */`
406			`#define XFRM_POLICY_ICMP 2`
407			`__u8 share;`
408			`};`
409
410			`struct xfrm_userpolicy_id {`
411			`struct xfrm_selector sel;`
412			`__u32 index;`
413			`__u8 dir;`
414			`};`
415
416			`struct xfrm_user_acquire {`
417			`struct xfrm_id id;`
418			`xfrm_address_t saddr;`
419			`struct xfrm_selector sel;`
420			`struct xfrm_userpolicy_info policy;`
421			`__u32 aalgos;`
422			`__u32 ealgos;`
423			`__u32 calgos;`
424			`__u32 seq;`
425			`};`
426
427			`struct xfrm_user_expire {`
428			`struct xfrm_usersa_info state;`
429			`__u8 hard;`
430			`};`
431
432			`struct xfrm_user_polexpire {`
433			`struct xfrm_userpolicy_info pol;`
434			`__u8 hard;`
435			`};`
436
437			`struct xfrm_usersa_flush {`
438			`__u8 proto;`
439			`};`
440
441			`struct xfrm_user_report {`
442			`__u8 proto;`
443			`struct xfrm_selector sel;`
444			`};`
445
446			`/* Used by MIGRATE to pass addresses IKE should use to perform`
447			`* SA negotiation with the peer */`
448			`struct xfrm_user_kmaddress {`
449			`xfrm_address_t local;`
450			`xfrm_address_t remote;`
451			`__u32 reserved;`
452			`__u16 family;`
453			`};`
454
455			`struct xfrm_user_migrate {`
456			`xfrm_address_t old_daddr;`
457			`xfrm_address_t old_saddr;`
458			`xfrm_address_t new_daddr;`
459			`xfrm_address_t new_saddr;`
460			`__u8 proto;`
461			`__u8 mode;`
462			`__u16 reserved;`
463			`__u32 reqid;`
464			`__u16 old_family;`
465			`__u16 new_family;`
466			`};`
467
468			`struct xfrm_user_mapping {`
469			`struct xfrm_usersa_id id;`
470			`__u32 reqid;`
471			`xfrm_address_t old_saddr;`
472			`xfrm_address_t new_saddr;`
473			`__be16 old_sport;`
474			`__be16 new_sport;`
475			`};`
476
477			`/* backwards compatibility for userspace */`
478			`#define XFRMGRP_ACQUIRE 1`
479			`#define XFRMGRP_EXPIRE 2`
480			`#define XFRMGRP_SA 4`
481			`#define XFRMGRP_POLICY 8`
482			`#define XFRMGRP_REPORT 0x20`
483
484			`enum xfrm_nlgroups {`
485			`XFRMNLGRP_NONE,`
486			`#define XFRMNLGRP_NONE XFRMNLGRP_NONE`
487			`XFRMNLGRP_ACQUIRE,`
488			`#define XFRMNLGRP_ACQUIRE XFRMNLGRP_ACQUIRE`
489			`XFRMNLGRP_EXPIRE,`
490			`#define XFRMNLGRP_EXPIRE XFRMNLGRP_EXPIRE`
491			`XFRMNLGRP_SA,`
492			`#define XFRMNLGRP_SA XFRMNLGRP_SA`
493			`XFRMNLGRP_POLICY,`
494			`#define XFRMNLGRP_POLICY XFRMNLGRP_POLICY`
495			`XFRMNLGRP_AEVENTS,`
496			`#define XFRMNLGRP_AEVENTS XFRMNLGRP_AEVENTS`
497			`XFRMNLGRP_REPORT,`
498			`#define XFRMNLGRP_REPORT XFRMNLGRP_REPORT`
499			`XFRMNLGRP_MIGRATE,`
500			`#define XFRMNLGRP_MIGRATE XFRMNLGRP_MIGRATE`
501			`XFRMNLGRP_MAPPING,`
502			`#define XFRMNLGRP_MAPPING XFRMNLGRP_MAPPING`
503			`__XFRMNLGRP_MAX`
504			`};`
505			`#define XFRMNLGRP_MAX (__XFRMNLGRP_MAX - 1)`
506
507			`#endif /* _LINUX_XFRM_H */`