github.com/vishvananda/netlink@v1.3.0/nl/xfrm_linux.go (about) 1 package nl 2 3 import ( 4 "bytes" 5 "net" 6 "unsafe" 7 ) 8 9 // Infinity for packet and byte counts 10 const ( 11 XFRM_INF = ^uint64(0) 12 ) 13 14 type XfrmMsgType uint8 15 16 type XfrmMsg interface { 17 Type() XfrmMsgType 18 } 19 20 // Message Types 21 const ( 22 XFRM_MSG_BASE XfrmMsgType = 0x10 23 XFRM_MSG_NEWSA = 0x10 24 XFRM_MSG_DELSA = 0x11 25 XFRM_MSG_GETSA = 0x12 26 XFRM_MSG_NEWPOLICY = 0x13 27 XFRM_MSG_DELPOLICY = 0x14 28 XFRM_MSG_GETPOLICY = 0x15 29 XFRM_MSG_ALLOCSPI = 0x16 30 XFRM_MSG_ACQUIRE = 0x17 31 XFRM_MSG_EXPIRE = 0x18 32 XFRM_MSG_UPDPOLICY = 0x19 33 XFRM_MSG_UPDSA = 0x1a 34 XFRM_MSG_POLEXPIRE = 0x1b 35 XFRM_MSG_FLUSHSA = 0x1c 36 XFRM_MSG_FLUSHPOLICY = 0x1d 37 XFRM_MSG_NEWAE = 0x1e 38 XFRM_MSG_GETAE = 0x1f 39 XFRM_MSG_REPORT = 0x20 40 XFRM_MSG_MIGRATE = 0x21 41 XFRM_MSG_NEWSADINFO = 0x22 42 XFRM_MSG_GETSADINFO = 0x23 43 XFRM_MSG_NEWSPDINFO = 0x24 44 XFRM_MSG_GETSPDINFO = 0x25 45 XFRM_MSG_MAPPING = 0x26 46 XFRM_MSG_MAX = 0x26 47 XFRM_NR_MSGTYPES = 0x17 48 ) 49 50 // Attribute types 51 const ( 52 /* Netlink message attributes. */ 53 XFRMA_UNSPEC = iota 54 XFRMA_ALG_AUTH /* struct xfrm_algo */ 55 XFRMA_ALG_CRYPT /* struct xfrm_algo */ 56 XFRMA_ALG_COMP /* struct xfrm_algo */ 57 XFRMA_ENCAP /* struct xfrm_algo + struct xfrm_encap_tmpl */ 58 XFRMA_TMPL /* 1 or more struct xfrm_user_tmpl */ 59 XFRMA_SA /* struct xfrm_usersa_info */ 60 XFRMA_POLICY /* struct xfrm_userpolicy_info */ 61 XFRMA_SEC_CTX /* struct xfrm_sec_ctx */ 62 XFRMA_LTIME_VAL 63 XFRMA_REPLAY_VAL 64 XFRMA_REPLAY_THRESH 65 XFRMA_ETIMER_THRESH 66 XFRMA_SRCADDR /* xfrm_address_t */ 67 XFRMA_COADDR /* xfrm_address_t */ 68 XFRMA_LASTUSED /* unsigned long */ 69 XFRMA_POLICY_TYPE /* struct xfrm_userpolicy_type */ 70 XFRMA_MIGRATE 71 XFRMA_ALG_AEAD /* struct xfrm_algo_aead */ 72 XFRMA_KMADDRESS /* struct xfrm_user_kmaddress */ 73 XFRMA_ALG_AUTH_TRUNC /* struct xfrm_algo_auth */ 74 XFRMA_MARK /* struct xfrm_mark */ 75 XFRMA_TFCPAD /* __u32 */ 76 XFRMA_REPLAY_ESN_VAL /* struct xfrm_replay_esn */ 77 XFRMA_SA_EXTRA_FLAGS /* __u32 */ 78 XFRMA_PROTO /* __u8 */ 79 XFRMA_ADDRESS_FILTER /* struct xfrm_address_filter */ 80 XFRMA_PAD 81 XFRMA_OFFLOAD_DEV /* struct xfrm_state_offload */ 82 XFRMA_SET_MARK /* __u32 */ 83 XFRMA_SET_MARK_MASK /* __u32 */ 84 XFRMA_IF_ID /* __u32 */ 85 86 XFRMA_MAX = iota - 1 87 ) 88 89 const XFRMA_OUTPUT_MARK = XFRMA_SET_MARK 90 91 const ( 92 SizeofXfrmAddress = 0x10 93 SizeofXfrmSelector = 0x38 94 SizeofXfrmLifetimeCfg = 0x40 95 SizeofXfrmLifetimeCur = 0x20 96 SizeofXfrmId = 0x18 97 SizeofXfrmMark = 0x08 98 ) 99 100 // Netlink groups 101 const ( 102 XFRMNLGRP_NONE = 0x0 103 XFRMNLGRP_ACQUIRE = 0x1 104 XFRMNLGRP_EXPIRE = 0x2 105 XFRMNLGRP_SA = 0x3 106 XFRMNLGRP_POLICY = 0x4 107 XFRMNLGRP_AEVENTS = 0x5 108 XFRMNLGRP_REPORT = 0x6 109 XFRMNLGRP_MIGRATE = 0x7 110 XFRMNLGRP_MAPPING = 0x8 111 __XFRMNLGRP_MAX = 0x9 112 ) 113 114 // typedef union { 115 // __be32 a4; 116 // __be32 a6[4]; 117 // } xfrm_address_t; 118 119 type XfrmAddress [SizeofXfrmAddress]byte 120 121 func (x *XfrmAddress) ToIP() net.IP { 122 var empty = [12]byte{} 123 ip := make(net.IP, net.IPv6len) 124 if bytes.Equal(x[4:16], empty[:]) { 125 ip[10] = 0xff 126 ip[11] = 0xff 127 copy(ip[12:16], x[0:4]) 128 } else { 129 copy(ip[:], x[:]) 130 } 131 return ip 132 } 133 134 // family is only used when x and prefixlen are both 0 135 func (x *XfrmAddress) ToIPNet(prefixlen uint8, family uint16) *net.IPNet { 136 empty := [SizeofXfrmAddress]byte{} 137 if bytes.Equal(x[:], empty[:]) && prefixlen == 0 { 138 if family == FAMILY_V6 { 139 return &net.IPNet{IP: net.ParseIP("::"), Mask: net.CIDRMask(int(prefixlen), 128)} 140 } 141 return &net.IPNet{IP: net.ParseIP("0.0.0.0"), Mask: net.CIDRMask(int(prefixlen), 32)} 142 } 143 ip := x.ToIP() 144 if GetIPFamily(ip) == FAMILY_V4 { 145 return &net.IPNet{IP: ip, Mask: net.CIDRMask(int(prefixlen), 32)} 146 } 147 return &net.IPNet{IP: ip, Mask: net.CIDRMask(int(prefixlen), 128)} 148 } 149 150 func (x *XfrmAddress) FromIP(ip net.IP) { 151 var empty = [16]byte{} 152 if len(ip) < net.IPv4len { 153 copy(x[4:16], empty[:]) 154 } else if GetIPFamily(ip) == FAMILY_V4 { 155 copy(x[0:4], ip.To4()[0:4]) 156 copy(x[4:16], empty[:12]) 157 } else { 158 copy(x[0:16], ip.To16()[0:16]) 159 } 160 } 161 162 func DeserializeXfrmAddress(b []byte) *XfrmAddress { 163 return (*XfrmAddress)(unsafe.Pointer(&b[0:SizeofXfrmAddress][0])) 164 } 165 166 func (x *XfrmAddress) Serialize() []byte { 167 return (*(*[SizeofXfrmAddress]byte)(unsafe.Pointer(x)))[:] 168 } 169 170 // struct xfrm_selector { 171 // xfrm_address_t daddr; 172 // xfrm_address_t saddr; 173 // __be16 dport; 174 // __be16 dport_mask; 175 // __be16 sport; 176 // __be16 sport_mask; 177 // __u16 family; 178 // __u8 prefixlen_d; 179 // __u8 prefixlen_s; 180 // __u8 proto; 181 // int ifindex; 182 // __kernel_uid32_t user; 183 // }; 184 185 type XfrmSelector struct { 186 Daddr XfrmAddress 187 Saddr XfrmAddress 188 Dport uint16 // big endian 189 DportMask uint16 // big endian 190 Sport uint16 // big endian 191 SportMask uint16 // big endian 192 Family uint16 193 PrefixlenD uint8 194 PrefixlenS uint8 195 Proto uint8 196 Pad [3]byte 197 Ifindex int32 198 User uint32 199 } 200 201 func (msg *XfrmSelector) Len() int { 202 return SizeofXfrmSelector 203 } 204 205 func DeserializeXfrmSelector(b []byte) *XfrmSelector { 206 return (*XfrmSelector)(unsafe.Pointer(&b[0:SizeofXfrmSelector][0])) 207 } 208 209 func (msg *XfrmSelector) Serialize() []byte { 210 return (*(*[SizeofXfrmSelector]byte)(unsafe.Pointer(msg)))[:] 211 } 212 213 // struct xfrm_lifetime_cfg { 214 // __u64 soft_byte_limit; 215 // __u64 hard_byte_limit; 216 // __u64 soft_packet_limit; 217 // __u64 hard_packet_limit; 218 // __u64 soft_add_expires_seconds; 219 // __u64 hard_add_expires_seconds; 220 // __u64 soft_use_expires_seconds; 221 // __u64 hard_use_expires_seconds; 222 // }; 223 // 224 225 type XfrmLifetimeCfg struct { 226 SoftByteLimit uint64 227 HardByteLimit uint64 228 SoftPacketLimit uint64 229 HardPacketLimit uint64 230 SoftAddExpiresSeconds uint64 231 HardAddExpiresSeconds uint64 232 SoftUseExpiresSeconds uint64 233 HardUseExpiresSeconds uint64 234 } 235 236 func (msg *XfrmLifetimeCfg) Len() int { 237 return SizeofXfrmLifetimeCfg 238 } 239 240 func DeserializeXfrmLifetimeCfg(b []byte) *XfrmLifetimeCfg { 241 return (*XfrmLifetimeCfg)(unsafe.Pointer(&b[0:SizeofXfrmLifetimeCfg][0])) 242 } 243 244 func (msg *XfrmLifetimeCfg) Serialize() []byte { 245 return (*(*[SizeofXfrmLifetimeCfg]byte)(unsafe.Pointer(msg)))[:] 246 } 247 248 // struct xfrm_lifetime_cur { 249 // __u64 bytes; 250 // __u64 packets; 251 // __u64 add_time; 252 // __u64 use_time; 253 // }; 254 255 type XfrmLifetimeCur struct { 256 Bytes uint64 257 Packets uint64 258 AddTime uint64 259 UseTime uint64 260 } 261 262 func (msg *XfrmLifetimeCur) Len() int { 263 return SizeofXfrmLifetimeCur 264 } 265 266 func DeserializeXfrmLifetimeCur(b []byte) *XfrmLifetimeCur { 267 return (*XfrmLifetimeCur)(unsafe.Pointer(&b[0:SizeofXfrmLifetimeCur][0])) 268 } 269 270 func (msg *XfrmLifetimeCur) Serialize() []byte { 271 return (*(*[SizeofXfrmLifetimeCur]byte)(unsafe.Pointer(msg)))[:] 272 } 273 274 // struct xfrm_id { 275 // xfrm_address_t daddr; 276 // __be32 spi; 277 // __u8 proto; 278 // }; 279 280 type XfrmId struct { 281 Daddr XfrmAddress 282 Spi uint32 // big endian 283 Proto uint8 284 Pad [3]byte 285 } 286 287 func (msg *XfrmId) Len() int { 288 return SizeofXfrmId 289 } 290 291 func DeserializeXfrmId(b []byte) *XfrmId { 292 return (*XfrmId)(unsafe.Pointer(&b[0:SizeofXfrmId][0])) 293 } 294 295 func (msg *XfrmId) Serialize() []byte { 296 return (*(*[SizeofXfrmId]byte)(unsafe.Pointer(msg)))[:] 297 } 298 299 type XfrmMark struct { 300 Value uint32 301 Mask uint32 302 } 303 304 func (msg *XfrmMark) Len() int { 305 return SizeofXfrmMark 306 } 307 308 func DeserializeXfrmMark(b []byte) *XfrmMark { 309 return (*XfrmMark)(unsafe.Pointer(&b[0:SizeofXfrmMark][0])) 310 } 311 312 func (msg *XfrmMark) Serialize() []byte { 313 return (*(*[SizeofXfrmMark]byte)(unsafe.Pointer(msg)))[:] 314 }