2 * @file kernel_interface.h
4 * @brief Interface of kernel_interface_t.
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Hochschule fuer Technik Rapperswil
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
23 #ifndef KERNEL_INTERFACE_H_
24 #define KERNEL_INTERFACE_H_
26 #include <linux/xfrm.h>
28 #include <utils/host.h>
29 #include <encoding/payloads/proposal_substructure.h>
31 typedef struct kernel_interface_t kernel_interface_t
;
34 * @brief Interface to the kernel.
36 * The kernel interface handles the communication with the kernel
37 * for SA and policy management. It allows setup of these, and provides
38 * further the handling of kernel events.
41 * - kernel_interface_create()
45 struct kernel_interface_t
{
48 * @brief Get a SPI from the kernel.
50 * @param this calling object
51 * @param src source address of SA
52 * @param dst destination address of SA
53 * @param protocol protocol for SA (ESP/AH)
54 * @param reqid unique ID for this SA
55 * @param[out] spi allocated spi
58 * - FAILED if kernel comm failed
60 status_t (*get_spi
) (kernel_interface_t
*this,
61 host_t
*src
, host_t
*dst
,
62 protocol_id_t protocol
,
67 * @brief Add an SA to the SAD.
69 * add_sa() may update an already allocated
70 * SPI (via get_spi). In this case, the replace
72 * This function does install a single SA for a
73 * single protocol in one direction.
75 * @param this calling object
76 * @param src source address for this SA
77 * @param dst destination address for this SA
78 * @param spi SPI allocated by us or remote peer
79 * @param protocol protocol for this SA (ESP/AH)
80 * @param reqid unique ID for this SA
81 * @param enc_alg Algorithm to use for encryption (ESP only)
82 * @param enc_key Key to use for encryption
83 * @param int_alg Algorithm to use for integrity protection
84 * @param int_key Key for integrity protection
85 * @param replace Should an already installed SA be updated?
88 * - FAILED if kernel comm failed
90 status_t (*add_sa
)(kernel_interface_t
*this,
91 host_t
*src
, host_t
*dst
,
93 protocol_id_t protocol
,
95 encryption_algorithm_t enc_alg
,
97 integrity_algorithm_t int_alg
,
101 * @brief Delete a previusly installed SA from the SAD.
103 * @param this calling object
104 * @param dst destination address for this SA
105 * @param spi SPI allocated by us or remote peer
106 * @param protocol protocol for this SA (ESP/AH)
109 * - FAILED if kernel comm failed
111 status_t (*del_sa
) (kernel_interface_t
*this,
114 protocol_id_t protocol
);
117 * @brief Add a policy to the SPD.
119 * A policy is always associated to an SA, so
120 * traffic applied to a policy. Traffic which
121 * matches a policy is handled by the SA with the same
124 * @param this calling object
125 * @param me address of local peer
126 * @param other address of remote peer
127 * @param src src address of traffic this policy applies
128 * @param dst dest address of traffic this policy applies
129 * @param src_hostbits subnetmask to use for src address
130 * @param dst_hostbits subnetmask to use for dst address
131 * @param direction direction of traffic, XFRM_POLICY_OUT, XFRM_POLICY_IN, XFRM_POLICY_FWD
132 * @param upper_proto upper layer protocol of traffic for this policy (TCP, UDP, ICMP, ...)
133 * @param ah protect traffic with AH?
134 * @param esp protect traffic with ESP?
135 * @param reqid uniqe ID of an SA to use to enforce policy
138 * - FAILED if kernel comm failed
140 status_t (*add_policy
) (kernel_interface_t
*this,
141 host_t
*me
, host_t
*other
,
142 host_t
*src
, host_t
*dst
,
143 u_int8_t src_hostbits
, u_int8_t dst_hostbits
,
144 int direction
, int upper_proto
,
149 * @brief Remove a policy from the SPD.
151 * @param this calling object
152 * @param me address of local peer
153 * @param other address of remote peer
154 * @param src src address of traffic this policy applies
155 * @param dst dest address of traffic this policy applies
156 * @param src_hostbits subnetmask to use for src address
157 * @param dst_hostbits subnetmask to use for dst address
158 * @param direction direction of traffic, XFRM_POLICY_OUT, XFRM_POLICY_IN, XFRM_POLICY_FWD
159 * @param upper_proto upper layer protocol of traffic for this policy (TCP, UDP, ICMP, ...)
162 * - FAILED if kernel comm failed
164 status_t (*del_policy
) (kernel_interface_t
*this,
165 host_t
*me
, host_t
*other
,
166 host_t
*src
, host_t
*dst
,
167 u_int8_t src_hostbits
, u_int8_t dst_hostbits
,
168 int direction
, int upper_proto
);
171 * @brief Destroys a kernel_interface object.
173 * @param kernel_interface_t calling object
175 void (*destroy
) (kernel_interface_t
*kernel_interface
);
179 * @brief Creates an object of type kernel_interface_t.
183 kernel_interface_t
*kernel_interface_create();
185 #endif /*KERNEL_INTERFACE_H_*/