Avoid beyond bounds copy while caching ACL
[zen-stable.git] / include / net / flow.h
blob6c469dbdb9176d278a7815ad0aaf82acdfbc78e5
1 /*
3 * Generic internet FLOW.
5 */
7 #ifndef _NET_FLOW_H
8 #define _NET_FLOW_H
10 #include <linux/socket.h>
11 #include <linux/in6.h>
12 #include <linux/atomic.h>
14 struct flowi_common {
15 int flowic_oif;
16 int flowic_iif;
17 __u32 flowic_mark;
18 __u8 flowic_tos;
19 __u8 flowic_scope;
20 __u8 flowic_proto;
21 __u8 flowic_flags;
22 #define FLOWI_FLAG_ANYSRC 0x01
23 #define FLOWI_FLAG_PRECOW_METRICS 0x02
24 #define FLOWI_FLAG_CAN_SLEEP 0x04
25 __u32 flowic_secid;
28 union flowi_uli {
29 struct {
30 __be16 dport;
31 __be16 sport;
32 } ports;
34 struct {
35 __u8 type;
36 __u8 code;
37 } icmpt;
39 struct {
40 __le16 dport;
41 __le16 sport;
42 } dnports;
44 __be32 spi;
45 __be32 gre_key;
47 struct {
48 __u8 type;
49 } mht;
52 struct flowi4 {
53 struct flowi_common __fl_common;
54 #define flowi4_oif __fl_common.flowic_oif
55 #define flowi4_iif __fl_common.flowic_iif
56 #define flowi4_mark __fl_common.flowic_mark
57 #define flowi4_tos __fl_common.flowic_tos
58 #define flowi4_scope __fl_common.flowic_scope
59 #define flowi4_proto __fl_common.flowic_proto
60 #define flowi4_flags __fl_common.flowic_flags
61 #define flowi4_secid __fl_common.flowic_secid
63 /* (saddr,daddr) must be grouped, same order as in IP header */
64 __be32 saddr;
65 __be32 daddr;
67 union flowi_uli uli;
68 #define fl4_sport uli.ports.sport
69 #define fl4_dport uli.ports.dport
70 #define fl4_icmp_type uli.icmpt.type
71 #define fl4_icmp_code uli.icmpt.code
72 #define fl4_ipsec_spi uli.spi
73 #define fl4_mh_type uli.mht.type
74 #define fl4_gre_key uli.gre_key
75 } __attribute__((__aligned__(BITS_PER_LONG/8)));
77 static inline void flowi4_init_output(struct flowi4 *fl4, int oif,
78 __u32 mark, __u8 tos, __u8 scope,
79 __u8 proto, __u8 flags,
80 __be32 daddr, __be32 saddr,
81 __be16 dport, __be16 sport)
83 fl4->flowi4_oif = oif;
84 fl4->flowi4_iif = 0;
85 fl4->flowi4_mark = mark;
86 fl4->flowi4_tos = tos;
87 fl4->flowi4_scope = scope;
88 fl4->flowi4_proto = proto;
89 fl4->flowi4_flags = flags;
90 fl4->flowi4_secid = 0;
91 fl4->daddr = daddr;
92 fl4->saddr = saddr;
93 fl4->fl4_dport = dport;
94 fl4->fl4_sport = sport;
97 /* Reset some input parameters after previous lookup */
98 static inline void flowi4_update_output(struct flowi4 *fl4, int oif, __u8 tos,
99 __be32 daddr, __be32 saddr)
101 fl4->flowi4_oif = oif;
102 fl4->flowi4_tos = tos;
103 fl4->daddr = daddr;
104 fl4->saddr = saddr;
108 struct flowi6 {
109 struct flowi_common __fl_common;
110 #define flowi6_oif __fl_common.flowic_oif
111 #define flowi6_iif __fl_common.flowic_iif
112 #define flowi6_mark __fl_common.flowic_mark
113 #define flowi6_tos __fl_common.flowic_tos
114 #define flowi6_scope __fl_common.flowic_scope
115 #define flowi6_proto __fl_common.flowic_proto
116 #define flowi6_flags __fl_common.flowic_flags
117 #define flowi6_secid __fl_common.flowic_secid
118 struct in6_addr daddr;
119 struct in6_addr saddr;
120 __be32 flowlabel;
121 union flowi_uli uli;
122 #define fl6_sport uli.ports.sport
123 #define fl6_dport uli.ports.dport
124 #define fl6_icmp_type uli.icmpt.type
125 #define fl6_icmp_code uli.icmpt.code
126 #define fl6_ipsec_spi uli.spi
127 #define fl6_mh_type uli.mht.type
128 #define fl6_gre_key uli.gre_key
129 } __attribute__((__aligned__(BITS_PER_LONG/8)));
131 struct flowidn {
132 struct flowi_common __fl_common;
133 #define flowidn_oif __fl_common.flowic_oif
134 #define flowidn_iif __fl_common.flowic_iif
135 #define flowidn_mark __fl_common.flowic_mark
136 #define flowidn_scope __fl_common.flowic_scope
137 #define flowidn_proto __fl_common.flowic_proto
138 #define flowidn_flags __fl_common.flowic_flags
139 __le16 daddr;
140 __le16 saddr;
141 union flowi_uli uli;
142 #define fld_sport uli.ports.sport
143 #define fld_dport uli.ports.dport
144 } __attribute__((__aligned__(BITS_PER_LONG/8)));
146 struct flowi {
147 union {
148 struct flowi_common __fl_common;
149 struct flowi4 ip4;
150 struct flowi6 ip6;
151 struct flowidn dn;
152 } u;
153 #define flowi_oif u.__fl_common.flowic_oif
154 #define flowi_iif u.__fl_common.flowic_iif
155 #define flowi_mark u.__fl_common.flowic_mark
156 #define flowi_tos u.__fl_common.flowic_tos
157 #define flowi_scope u.__fl_common.flowic_scope
158 #define flowi_proto u.__fl_common.flowic_proto
159 #define flowi_flags u.__fl_common.flowic_flags
160 #define flowi_secid u.__fl_common.flowic_secid
161 } __attribute__((__aligned__(BITS_PER_LONG/8)));
163 static inline struct flowi *flowi4_to_flowi(struct flowi4 *fl4)
165 return container_of(fl4, struct flowi, u.ip4);
168 static inline struct flowi *flowi6_to_flowi(struct flowi6 *fl6)
170 return container_of(fl6, struct flowi, u.ip6);
173 static inline struct flowi *flowidn_to_flowi(struct flowidn *fldn)
175 return container_of(fldn, struct flowi, u.dn);
178 typedef unsigned long flow_compare_t;
180 static inline size_t flow_key_size(u16 family)
182 switch (family) {
183 case AF_INET:
184 BUILD_BUG_ON(sizeof(struct flowi4) % sizeof(flow_compare_t));
185 return sizeof(struct flowi4) / sizeof(flow_compare_t);
186 case AF_INET6:
187 BUILD_BUG_ON(sizeof(struct flowi6) % sizeof(flow_compare_t));
188 return sizeof(struct flowi6) / sizeof(flow_compare_t);
189 case AF_DECnet:
190 BUILD_BUG_ON(sizeof(struct flowidn) % sizeof(flow_compare_t));
191 return sizeof(struct flowidn) / sizeof(flow_compare_t);
193 return 0;
196 #define FLOW_DIR_IN 0
197 #define FLOW_DIR_OUT 1
198 #define FLOW_DIR_FWD 2
200 struct net;
201 struct sock;
202 struct flow_cache_ops;
204 struct flow_cache_object {
205 const struct flow_cache_ops *ops;
208 struct flow_cache_ops {
209 struct flow_cache_object *(*get)(struct flow_cache_object *);
210 int (*check)(struct flow_cache_object *);
211 void (*delete)(struct flow_cache_object *);
214 typedef struct flow_cache_object *(*flow_resolve_t)(
215 struct net *net, const struct flowi *key, u16 family,
216 u8 dir, struct flow_cache_object *oldobj, void *ctx);
218 extern struct flow_cache_object *flow_cache_lookup(
219 struct net *net, const struct flowi *key, u16 family,
220 u8 dir, flow_resolve_t resolver, void *ctx);
222 extern void flow_cache_flush(void);
223 extern void flow_cache_flush_deferred(void);
224 extern atomic_t flow_cache_genid;
226 #endif