reactos/syzkaller
1
0
Fork 0
mirror of https://github.com/reactos/syzkaller.git synced 2025-03-04 01:27:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

sys/linux: netlink xfrm support

Browse Source
This commit is contained in:
Dmitry Vyukov 2017-12-30 13:27:48 +01:00
parent bb6384b81a
commit 6bfd4f1979
34 changed files with 6599 additions and 2467 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
executor/syscalls_linux.h
View File

@ -2,7 +2,7 @@
#if defined(__i386__) || 0
#define GOARCH "386"
#define SYZ_REVISION "c7effbc5a5592ebdab6a55bba75c6b2994451c20"
#define SYZ_REVISION "fee48a31dc67b26cc7a9fcb449101bca47b20f8a"
#define __NR_syz_emit_ethernet 1000000
#define __NR_syz_extract_tcp_res 1000001
#define __NR_syz_fuse_mount 1000002
@ -12,7 +12,7 @@
#define __NR_syz_open_procfs 1000006
#define __NR_syz_open_pts 1000007
unsigned syscall_count = 1467;
unsigned syscall_count = 1469;
call_t syscalls[] = {
{"accept4", 364},
{"accept4$ax25", 364},
@ -1104,6 +1104,7 @@ call_t syscalls[] = {
{"sendmsg$netlink", 370},
{"sendmsg$netrom", 370},
{"sendmsg$nfc_llcp", 370},
{"sendmsg$nl_xfrm", 370},
{"sendmsg$unix", 370},
{"sendto", 369},
{"sendto$ax25", 369},
@ -1368,6 +1369,7 @@ call_t syscalls[] = {
{"socket$netrom", 359},
{"socket$nfc_llcp", 359},
{"socket$nfc_raw", 359},
{"socket$nl_xfrm", 359},
{"socket$packet", 359},
{"socket$unix", 359},
{"socketpair", 360},
@ -1487,7 +1489,7 @@ call_t syscalls[] = {
#if defined(__x86_64__) || 0
#define GOARCH "amd64"
#define SYZ_REVISION "ac6a5a5bd655b83e5dbe105a1b54be1343b60f0b"
#define SYZ_REVISION "e4f21c04e2926d05b33ef3bd4cc96a62cca5c6b8"
#define __NR_syz_emit_ethernet 1000000
#define __NR_syz_extract_tcp_res 1000001
#define __NR_syz_fuse_mount 1000002
@ -1497,7 +1499,7 @@ call_t syscalls[] = {
#define __NR_syz_open_procfs 1000006
#define __NR_syz_open_pts 1000007
unsigned syscall_count = 1527;
unsigned syscall_count = 1529;
call_t syscalls[] = {
{"accept", 43},
{"accept$alg", 43},
@ -2637,6 +2639,7 @@ call_t syscalls[] = {
{"sendmsg$netlink", 46},
{"sendmsg$netrom", 46},
{"sendmsg$nfc_llcp", 46},
{"sendmsg$nl_xfrm", 46},
{"sendmsg$unix", 46},
{"sendto", 44},
{"sendto$ax25", 44},
@ -2913,6 +2916,7 @@ call_t syscalls[] = {
{"socket$netrom", 41},
{"socket$nfc_llcp", 41},
{"socket$nfc_raw", 41},
{"socket$nl_xfrm", 41},
{"socket$packet", 41},
{"socket$unix", 41},
{"socketpair", 53},
@ -3032,7 +3036,7 @@ call_t syscalls[] = {
#if defined(__arm__) || 0
#define GOARCH "arm"
#define SYZ_REVISION "746e1f8a979a61cda0ec74a9dde8863829102924"
#define SYZ_REVISION "152f918ffda73145d892faae9b6754214f34b6fc"
#define __NR_syz_emit_ethernet 1000000
#define __NR_syz_extract_tcp_res 1000001
#define __NR_syz_fuse_mount 1000002
@ -3042,7 +3046,7 @@ call_t syscalls[] = {
#define __NR_syz_open_procfs 1000006
#define __NR_syz_open_pts 1000007
unsigned syscall_count = 1477;
unsigned syscall_count = 1479;
call_t syscalls[] = {
{"accept", 285},
{"accept$alg", 285},
@ -4136,6 +4140,7 @@ call_t syscalls[] = {
{"sendmsg$netlink", 296},
{"sendmsg$netrom", 296},
{"sendmsg$nfc_llcp", 296},
{"sendmsg$nl_xfrm", 296},
{"sendmsg$unix", 296},
{"sendto", 290},
{"sendto$ax25", 290},
@ -4411,6 +4416,7 @@ call_t syscalls[] = {
{"socket$netrom", 281},
{"socket$nfc_llcp", 281},
{"socket$nfc_raw", 281},
{"socket$nl_xfrm", 281},
{"socket$packet", 281},
{"socket$unix", 281},
{"socketpair", 288},
@ -4527,7 +4533,7 @@ call_t syscalls[] = {
#if defined(__aarch64__) || 0
#define GOARCH "arm64"
#define SYZ_REVISION "80a9e94c65306f4462e681d0e5cab948a79e7589"
#define SYZ_REVISION "897bf7d7933f4d1e031f2c1edc6b911c0e6d2f3d"
#define __NR_syz_emit_ethernet 1000000
#define __NR_syz_extract_tcp_res 1000001
#define __NR_syz_fuse_mount 1000002
@ -4537,7 +4543,7 @@ call_t syscalls[] = {
#define __NR_syz_open_procfs 1000006
#define __NR_syz_open_pts 1000007
unsigned syscall_count = 1456;
unsigned syscall_count = 1458;
call_t syscalls[] = {
{"accept", 202},
{"accept$alg", 202},
@ -5619,6 +5625,7 @@ call_t syscalls[] = {
{"sendmsg$netlink", 211},
{"sendmsg$netrom", 211},
{"sendmsg$nfc_llcp", 211},
{"sendmsg$nl_xfrm", 211},
{"sendmsg$unix", 211},
{"sendto", 206},
{"sendto$ax25", 206},
@ -5893,6 +5900,7 @@ call_t syscalls[] = {
{"socket$netrom", 198},
{"socket$nfc_llcp", 198},
{"socket$nfc_raw", 198},
{"socket$nl_xfrm", 198},
{"socket$packet", 198},
{"socket$unix", 198},
{"socketpair", 199},
@ -6001,7 +6009,7 @@ call_t syscalls[] = {
#if defined(__ppc64__) || defined(__PPC64__) || defined(__powerpc64__) || 0
#define GOARCH "ppc64le"
#define SYZ_REVISION "ca206a99ac112668df867a658f27230c3c3254af"
#define SYZ_REVISION "efe1985339c5b36fc5eea7e64f0f675372eeb0ae"
#define __NR_syz_emit_ethernet 1000000
#define __NR_syz_extract_tcp_res 1000001
#define __NR_syz_fuse_mount 1000002
@ -6011,7 +6019,7 @@ call_t syscalls[] = {
#define __NR_syz_open_procfs 1000006
#define __NR_syz_open_pts 1000007
unsigned syscall_count = 1436;
unsigned syscall_count = 1438;
call_t syscalls[] = {
{"accept", 330},
{"accept$alg", 330},
@ -7074,6 +7082,7 @@ call_t syscalls[] = {
{"sendmsg$netlink", 341},
{"sendmsg$netrom", 341},
{"sendmsg$nfc_llcp", 341},
{"sendmsg$nl_xfrm", 341},
{"sendmsg$unix", 341},
{"sendto", 335},
{"sendto$ax25", 335},
@ -7337,6 +7346,7 @@ call_t syscalls[] = {
{"socket$netrom", 326},
{"socket$nfc_llcp", 326},
{"socket$nfc_raw", 326},
{"socket$nl_xfrm", 326},
{"socket$packet", 326},
{"socket$unix", 326},
{"socketpair", 333},

1531
sys/linux/386.go
View File

File diff suppressed because it is too large Load Diff

1557
sys/linux/amd64.go
View File

File diff suppressed because it is too large Load Diff

1472
sys/linux/arm.go
View File

File diff suppressed because it is too large Load Diff

1531
sys/linux/arm64.go
View File

File diff suppressed because it is too large Load Diff

2
sys/linux/bpf_386.const
View File

@ -123,7 +123,7 @@ BPF_SUB0 = 1
BPF_W0 = 0
BPF_XADD0 = 6
BPF_XOR0 = 10
__BPF_FUNC_MAX_ID = 58
__BPF_FUNC_MAX_ID = 59
__NR_bpf = 357
bpf_call_code = 133
bpf_exit_code = 149

2
sys/linux/bpf_amd64.const
View File

@ -123,7 +123,7 @@ BPF_SUB0 = 1
BPF_W0 = 0
BPF_XADD0 = 6
BPF_XOR0 = 10
__BPF_FUNC_MAX_ID = 58
__BPF_FUNC_MAX_ID = 59
__NR_bpf = 321
bpf_call_code = 133
bpf_exit_code = 149

2
sys/linux/bpf_arm64.const
View File

@ -123,7 +123,7 @@ BPF_SUB0 = 1
BPF_W0 = 0
BPF_XADD0 = 6
BPF_XOR0 = 10
__BPF_FUNC_MAX_ID = 58
__BPF_FUNC_MAX_ID = 59
__NR_bpf = 280
bpf_call_code = 133
bpf_exit_code = 149

2
sys/linux/bpf_ppc64le.const
View File

@ -123,7 +123,7 @@ BPF_SUB0 = 1
BPF_W0 = 0
BPF_XADD0 = 6
BPF_XOR0 = 10
__BPF_FUNC_MAX_ID = 58
__BPF_FUNC_MAX_ID = 59
__NR_bpf = 361
bpf_call_code = 133
bpf_exit_code = 149

10
sys/linux/init.go
View File

@ -42,10 +42,12 @@ func initTarget(target *prog.Target) {
target.SanitizeCall = arch.sanitizeCall
target.SpecialStructs = map[string]func(g *prog.Gen, typ *prog.StructType, old *prog.GroupArg) (
prog.Arg, []*prog.Call){
"timespec": arch.generateTimespec,
"timeval": arch.generateTimespec,
"sockaddr_alg": arch.generateSockaddrAlg,
"alg_hash_name": arch.generateAlgHashName,
"timespec": arch.generateTimespec,
"timeval": arch.generateTimespec,
"sockaddr_alg": arch.generateSockaddrAlg,
"alg_aead_name": arch.generateAlgAeadName,
"alg_hash_name": arch.generateAlgHashName,
"alg_blkcipher_name": arch.generateAlgBlkcipherhName,
}
target.StringDictionary = stringDictionary

30
sys/linux/init_alg.go
View File

@ -22,10 +22,8 @@ func (arch *arch) generateSockaddrAlg(g *prog.Gen, typ *prog.StructType, old *pr
}
algType, algName := generateAlgName(g.Rand())
// Extend/truncate type/name to their fixed sizes.
typeSize := typ.Fields[1].Size()
algTypeData := append([]byte(algType), make([]byte, typeSize)...)[:typeSize]
nameSize := typ.Fields[4].Size()
algNameData := append([]byte(algName), make([]byte, nameSize)...)[:nameSize]
algTypeData := fixedSizeData(algType, typ.Fields[1].Size())
algNameData := fixedSizeData(algName, typ.Fields[4].Size())
arg = prog.MakeGroupArg(typ, []prog.Arg{
family,
prog.MakeDataArg(typ.Fields[1], algTypeData),
@ -36,11 +34,27 @@ func (arch *arch) generateSockaddrAlg(g *prog.Gen, typ *prog.StructType, old *pr
return
}
func (arch *arch) generateAlgAeadName(g *prog.Gen, typ *prog.StructType, old *prog.GroupArg) (
arg prog.Arg, calls []*prog.Call) {
return arch.generateAlgName(g, typ, ALG_AEAD)
}
func (arch *arch) generateAlgHashName(g *prog.Gen, typ *prog.StructType, old *prog.GroupArg) (
arg prog.Arg, calls []*prog.Call) {
algName := generateAlg(g.Rand(), ALG_HASH)
return arch.generateAlgName(g, typ, ALG_HASH)
}
func (arch *arch) generateAlgBlkcipherhName(g *prog.Gen, typ *prog.StructType, old *prog.GroupArg) (
arg prog.Arg, calls []*prog.Call) {
return arch.generateAlgName(g, typ, ALG_BLKCIPHER)
}
func (arch *arch) generateAlgName(g *prog.Gen, typ *prog.StructType, algTyp int) (
arg prog.Arg, calls []*prog.Call) {
algName := generateAlg(g.Rand(), algTyp)
algNameData := fixedSizeData(algName, typ.Fields[0].Size())
arg = prog.MakeGroupArg(typ, []prog.Arg{
prog.MakeDataArg(typ.Fields[0], []byte(algName)),
prog.MakeDataArg(typ.Fields[0], algNameData),
})
return
}
@ -72,6 +86,10 @@ func generateAlgImpl(rnd *rand.Rand, alg algDesc) string {
return alg.name + args
}
func fixedSizeData(str string, sz uint64) []byte {
return append([]byte(str), make([]byte, sz)...)[:sz]
}
type algType struct {
name string
typ int

5
sys/linux/key.txt
View File

@ -72,8 +72,3 @@ keyctl_kdf_params {
otherinfolen len[otherinfo, int32]
__spare array[const[0, int32], 8]
}
# Special struct generated by Go code.
alg_hash_name {
name string
}

1529
sys/linux/ppc64le.go
View File

File diff suppressed because it is too large Load Diff

22
sys/linux/socket_alg.txt
View File

@ -28,6 +28,28 @@ sockaddr_alg {
name string["filled later", 64]
}
# Special struct generated by Go code.
alg_aead_name {
name string["filled later", 64]
}
# Special struct generated by Go code.
alg_hash_name {
name string["filled later", 64]
}
# Special struct generated by Go code.
alg_blkcipher_name {
name string["filled later", 64]
}
alg_compress_name {
name string[alg_compress_names, 64]
}
# This is what XFRM supports (see xfrm_calg_list).
alg_compress_names = "deflate", "lzs", "lzjh"
msghdr_alg {
addr const[0, intptr]
addrlen const[0, int32]

83
sys/linux/socket_inet.txt
View File

@ -6,7 +6,6 @@ include <linux/ipv6.h>
include <linux/route.h>
include <uapi/linux/if_arp.h>
include <uapi/linux/netfilter_ipv6/ip6_tables.h>
include <uapi/linux/xfrm.h>
# IP sockets
@ -92,88 +91,6 @@ setsockopt$inet_pktinfo(fd sock_in, level const[IPPROTO_IP], optname const[IP_PK
getsockopt$inet_mtu(fd sock_in, level const[IPPROTO_IP], optname const[IP_MTU_DISCOVER], optval ptr[out, flags[ip_mtu_discover, int32]], optlen ptr[inout, len[optval, int32]])
setsockopt$inet_mtu(fd sock_in, level const[IPPROTO_IP], optname const[IP_MTU_DISCOVER], optval ptr[in, flags[ip_mtu_discover, int32]], optlen len[optval])
xfrm_filter {
info xfrm_userpolicy_info
tmpl xfrm_user_tmpl
}
xfrm_userpolicy_info {
sel xfrm_selector
lft xfrm_lifetime_cfg
curlft xfrm_lifetime_cur
priority int32
index int32
dir int8
action flags[xfrm_policy_actions, int8]
flags flags[xfrm_policy_flags, int8]
share flags[xfrm_policy_shares, int8]
}
xfrm_policy_actions = XFRM_POLICY_ALLOW, XFRM_POLICY_BLOCK
xfrm_policy_flags = XFRM_STATE_NOECN, XFRM_STATE_DECAP_DSCP, XFRM_STATE_NOPMTUDISC, XFRM_STATE_WILDRECV, XFRM_STATE_ICMP, XFRM_STATE_AF_UNSPEC, XFRM_STATE_ALIGN4, XFRM_STATE_ESN
xfrm_policy_shares = XFRM_SHARE_ANY, XFRM_SHARE_SESSION, XFRM_SHARE_USER, XFRM_SHARE_UNIQUE
xfrm_selector {
daddr xfrm_address
saddr xfrm_address
dport proc[20000, 4, int16be]
dport_mask int16
sport proc[20000, 4, int16be]
sport_mask int16
family flags[socket_domain, int16]
prefixlen_d flags[xfrm_prefixlens, int8]
prefixlen_s flags[xfrm_prefixlens, int8]
proto int8
ifindex ifindex
user uid
}
xfrm_prefixlens = 32, 128
xfrm_address [
in ipv4_addr
in6 ipv6_addr
]
xfrm_lifetime_cfg {
soft_byte_limit int64
hard_byte_limit int64
soft_packet_limit int64
hard_packet_limit int64
soft_add_expires_seconds int64
hard_add_expires_seconds int64
soft_use_expires_seconds int64
hard_use_expires_seconds int64
}
xfrm_lifetime_cur {
bytes int64
packets int64
add_time int64
use_time int64
}
xfrm_user_tmpl {
id xfrm_id
family flags[socket_domain, int16]
saddr xfrm_address
reqid int32
mode flags[xfrm_modes, int8]
share flags[xfrm_policy_shares, int8]
optional int8
aalgos int32
ealgos int32
calgos int32
}
xfrm_modes = XFRM_MODE_TRANSPORT, XFRM_MODE_TUNNEL, XFRM_MODE_ROUTEOPTIMIZATION, XFRM_MODE_IN_TRIGGER, XFRM_MODE_BEET
xfrm_id {
daddr xfrm_address
spi int32
proto int8
}
ip_mreq {
imr_multiaddr ipv4_addr
imr_interface ipv4_addr

1
sys/linux/socket_inet6_386.const
View File

@ -1,4 +1,5 @@
# AUTOGENERATED FILE
AF_INET = 2
AF_INET6 = 10
IP6T_SO_GET_REVISION_MATCH = 68
IP6T_SO_GET_REVISION_TARGET = 69

1
sys/linux/socket_inet6_amd64.const
View File

@ -1,4 +1,5 @@
# AUTOGENERATED FILE
AF_INET = 2
AF_INET6 = 10
IP6T_SO_GET_REVISION_MATCH = 68
IP6T_SO_GET_REVISION_TARGET = 69

1
sys/linux/socket_inet6_arm64.const
View File

@ -1,4 +1,5 @@
# AUTOGENERATED FILE
AF_INET = 2
AF_INET6 = 10
IP6T_SO_GET_REVISION_MATCH = 68
IP6T_SO_GET_REVISION_TARGET = 69

1
sys/linux/socket_inet6_ppc64le.const
View File

@ -1,4 +1,5 @@
# AUTOGENERATED FILE
AF_INET = 2
AF_INET6 = 10
IP6T_SO_GET_REVISION_MATCH = 68
IP6T_SO_GET_REVISION_TARGET = 69

19
sys/linux/socket_inet_386.const
View File

@ -88,25 +88,6 @@ SIOCSIFDSTADDR = 35096
SIOCSIFFLAGS = 35092
SIOCSIFNETMASK = 35100
SIOCSIFPFLAGS = 35124
XFRM_MODE_BEET = 4
XFRM_MODE_IN_TRIGGER = 3
XFRM_MODE_ROUTEOPTIMIZATION = 2
XFRM_MODE_TRANSPORT = 0
XFRM_MODE_TUNNEL = 1
XFRM_POLICY_ALLOW = 0
XFRM_POLICY_BLOCK = 1
XFRM_SHARE_ANY = 0
XFRM_SHARE_SESSION = 1
XFRM_SHARE_UNIQUE = 3
XFRM_SHARE_USER = 2
XFRM_STATE_AF_UNSPEC = 32
XFRM_STATE_ALIGN4 = 64
XFRM_STATE_DECAP_DSCP = 2
XFRM_STATE_ESN = 128
XFRM_STATE_ICMP = 16
XFRM_STATE_NOECN = 1
XFRM_STATE_NOPMTUDISC = 4
XFRM_STATE_WILDRECV = 8
__NR_accept4 = 364
__NR_bind = 361
__NR_connect = 362

19
sys/linux/socket_inet_amd64.const
View File

@ -88,25 +88,6 @@ SIOCSIFDSTADDR = 35096
SIOCSIFFLAGS = 35092
SIOCSIFNETMASK = 35100
SIOCSIFPFLAGS = 35124
XFRM_MODE_BEET = 4
XFRM_MODE_IN_TRIGGER = 3
XFRM_MODE_ROUTEOPTIMIZATION = 2
XFRM_MODE_TRANSPORT = 0
XFRM_MODE_TUNNEL = 1
XFRM_POLICY_ALLOW = 0
XFRM_POLICY_BLOCK = 1
XFRM_SHARE_ANY = 0
XFRM_SHARE_SESSION = 1
XFRM_SHARE_UNIQUE = 3
XFRM_SHARE_USER = 2
XFRM_STATE_AF_UNSPEC = 32
XFRM_STATE_ALIGN4 = 64
XFRM_STATE_DECAP_DSCP = 2
XFRM_STATE_ESN = 128
XFRM_STATE_ICMP = 16
XFRM_STATE_NOECN = 1
XFRM_STATE_NOPMTUDISC = 4
XFRM_STATE_WILDRECV = 8
__NR_accept = 43
__NR_accept4 = 288
__NR_bind = 49

19
sys/linux/socket_inet_arm64.const
View File

@ -88,25 +88,6 @@ SIOCSIFDSTADDR = 35096
SIOCSIFFLAGS = 35092
SIOCSIFNETMASK = 35100
SIOCSIFPFLAGS = 35124
XFRM_MODE_BEET = 4
XFRM_MODE_IN_TRIGGER = 3
XFRM_MODE_ROUTEOPTIMIZATION = 2
XFRM_MODE_TRANSPORT = 0
XFRM_MODE_TUNNEL = 1
XFRM_POLICY_ALLOW = 0
XFRM_POLICY_BLOCK = 1
XFRM_SHARE_ANY = 0
XFRM_SHARE_SESSION = 1
XFRM_SHARE_UNIQUE = 3
XFRM_SHARE_USER = 2
XFRM_STATE_AF_UNSPEC = 32
XFRM_STATE_ALIGN4 = 64
XFRM_STATE_DECAP_DSCP = 2
XFRM_STATE_ESN = 128
XFRM_STATE_ICMP = 16
XFRM_STATE_NOECN = 1
XFRM_STATE_NOPMTUDISC = 4
XFRM_STATE_WILDRECV = 8
__NR_accept = 202
__NR_accept4 = 242
__NR_bind = 200

19
sys/linux/socket_inet_ppc64le.const
View File

@ -88,25 +88,6 @@ SIOCSIFDSTADDR = 35096
SIOCSIFFLAGS = 35092
SIOCSIFNETMASK = 35100
SIOCSIFPFLAGS = 35124
XFRM_MODE_BEET = 4
XFRM_MODE_IN_TRIGGER = 3
XFRM_MODE_ROUTEOPTIMIZATION = 2
XFRM_MODE_TRANSPORT = 0
XFRM_MODE_TUNNEL = 1
XFRM_POLICY_ALLOW = 0
XFRM_POLICY_BLOCK = 1
XFRM_SHARE_ANY = 0
XFRM_SHARE_SESSION = 1
XFRM_SHARE_UNIQUE = 3
XFRM_SHARE_USER = 2
XFRM_STATE_AF_UNSPEC = 32
XFRM_STATE_ALIGN4 = 64
XFRM_STATE_DECAP_DSCP = 2
XFRM_STATE_ESN = 128
XFRM_STATE_ICMP = 16
XFRM_STATE_NOECN = 1
XFRM_STATE_NOPMTUDISC = 4
XFRM_STATE_WILDRECV = 8
__NR_accept = 330
__NR_accept4 = 344
__NR_bind = 327

40
sys/linux/socket_key.txt
View File

@ -38,9 +38,8 @@ sadb_msg {
sadb_msg_satype flags[sadb_satype, int8]
sadb_msg_len bytesize8[parent, int16]
sadb_msg_reserved const[0, int16]
sadb_msg_seq int32
# TODO: what is this port id? do we need to pass something meaningful?
sadb_msg_pid int32
sadb_msg_seq proc[7388453, 8, int32]
sadb_msg_pid proc[635427835, 4, int32]
ext_headers array[sadb_ext_hdr]
} [packed]
@ -63,15 +62,16 @@ sadb_ext_hdr [
sadb_sa {
sadb_len bytesize8[parent, int16]
sadb_exttype const[SADB_EXT_SA, int16]
# TODO: what is this?
sadb_sa_spi int32be
sadb_sa_spi proc[1234, 4, int32be]
sadb_sa_replay int8
sadb_sa_state int8
sadb_sa_auth int8[SADB_AALG_NONE:SADB_AALG_MAX]
sadb_sa_encrypt int8[SADB_X_CALG_NONE:SADB_X_CALG_MAX]
sadb_sa_flags int32
sadb_sa_flags flags[sadb_sa_flags, int32]
} [packed, align_8]
sadb_sa_flags = SADB_SAFLAGS_PFS, SADB_SAFLAGS_NOPMTUDISC, SADB_SAFLAGS_DECAP_DSCP, SADB_SAFLAGS_NOECN
sadb_lifetime {
sadb_len bytesize8[parent, int16]
sadb_exttype flags[sadb_lifetime_type, int16]
@ -84,8 +84,8 @@ sadb_lifetime {
sadb_address {
sadb_len bytesize8[parent, int16]
sadb_exttype flags[sadb_address_type, int16]
sadb_address_proto int8
sadb_address_prefixlen int8
sadb_address_proto flags[xfrm_proto, int8]
sadb_address_prefixlen flags[xfrm_prefixlens, int8]
sadb_address_reserved const[0, int16]
addr sadb_address_addr
} [packed, align_8]
@ -98,8 +98,10 @@ sadb_address_addr [
sadb_key {
sadb_len bytesize8[parent, int16]
sadb_exttype flags[sadb_key_type, int16]
sadb_key_bits int16
# TODO: length in bits
sadb_key_bits len[key, int16]
sadb_key_reserved const[0, int16]
key array[int8]
} [packed, align_8]
sadb_ident {
@ -113,8 +115,9 @@ sadb_ident {
sadb_spirange {
sadb_len bytesize8[parent, int16]
sadb_exttype const[SADB_EXT_SPIRANGE, int16]
sadb_spirange_min int32
sadb_spirange_max int32
# TODO: should this be int32be or not?
sadb_spirange_min proc[1234, 4, int32]
sadb_spirange_max proc[1234, 4, int32]
sadb_spirange_reserved const[0, int32]
} [packed, align_8]
@ -122,21 +125,23 @@ sadb_x_policy {
sadb_len bytesize8[parent, int16]
sadb_exttype const[SADB_X_EXT_POLICY, int16]
sadb_x_policy_type int16[IPSEC_POLICY_DISCARD:IPSEC_POLICY_BYPASS]
sadb_x_policy_dir int8
sadb_x_policy_dir flags[ipsec_policy_dir, int8]
sadb_x_policy_reserved const[0, int8]
sadb_x_policy_id int32
sadb_x_policy_id proc[7236528, 16, int32]
sadb_x_policy_priority int32
policy sadb_x_ipsecrequest
} [packed, align_8]
sadb_x_ipsecrequest {
sadb_x_ipsecrequest_len int16
sadb_x_ipsecrequest_proto int16
sadb_x_ipsecrequest_len bytesize8[parent, int16]
sadb_x_ipsecrequest_proto flags[xfrm_proto, int16]
sadb_x_ipsecrequest_mode int8
sadb_x_ipsecrequest_level int8
sadb_x_ipsecrequest_reserved1 const[0, int16]
sadb_x_ipsecrequest_reqid int32
sadb_x_ipsecrequest_reserved2 const[0, int32]
saddr sadb_filter_addr
daddr sadb_filter_addr
} [packed, align_8]
sadb_x_sa2 {
@ -145,8 +150,8 @@ sadb_x_sa2 {
sadb_x_sa2_mode int8
sadb_x_sa2_reserved1 const[0, int8]
sadb_x_sa2_reserved2 const[0, int16]
sadb_x_sa2_sequence int32
sadb_x_sa2_reqid int32
sadb_x_sa2_sequence proc[7388453, 8, int32]
sadb_x_sa2_reqid proc[13567, 8, int32]
} [packed, align_8]
sadb_x_nat_t_type {
@ -201,4 +206,5 @@ sadb_address_type = SADB_EXT_ADDRESS_SRC, SADB_EXT_ADDRESS_DST, SADB_EXT_ADDRESS
sadb_key_type = SADB_EXT_KEY_AUTH, SADB_EXT_KEY_ENCRYPT
sadb_ident_type = SADB_EXT_IDENTITY_SRC, SADB_EXT_IDENTITY_DST
sadb_nat_port_type = SADB_X_EXT_NAT_T_SPORT, SADB_X_EXT_NAT_T_DPORT
ipsec_policy_dir = IPSEC_DIR_ANY, IPSEC_DIR_INBOUND, IPSEC_DIR_OUTBOUND, IPSEC_DIR_FWD, IPSEC_DIR_MAX
sadb_filter_addr_len = 4, 16

9
sys/linux/socket_key_386.const
View File

@ -1,6 +1,11 @@
# AUTOGENERATED FILE
AF_KEY = 15
AT_FDCWD = 18446744073709551516
IPSEC_DIR_ANY = 0
IPSEC_DIR_FWD = 3
IPSEC_DIR_INBOUND = 1
IPSEC_DIR_MAX = 4
IPSEC_DIR_OUTBOUND = 2
IPSEC_POLICY_BYPASS = 4
IPSEC_POLICY_DISCARD = 0
PF_KEY_V2 = 2
@ -20,6 +25,10 @@ SADB_EXT_SA = 1
SADB_EXT_SPIRANGE = 16
SADB_MAX = 24
SADB_RESERVED = 0
SADB_SAFLAGS_DECAP_DSCP = 1073741824
SADB_SAFLAGS_NOECN = 2147483648
SADB_SAFLAGS_NOPMTUDISC = 536870912
SADB_SAFLAGS_PFS = 1
SADB_SATYPE_AH = 2
SADB_SATYPE_ESP = 3
SADB_SATYPE_MAX = 9

9
sys/linux/socket_key_amd64.const
View File

@ -1,6 +1,11 @@
# AUTOGENERATED FILE
AF_KEY = 15
AT_FDCWD = 18446744073709551516
IPSEC_DIR_ANY = 0
IPSEC_DIR_FWD = 3
IPSEC_DIR_INBOUND = 1
IPSEC_DIR_MAX = 4
IPSEC_DIR_OUTBOUND = 2
IPSEC_POLICY_BYPASS = 4
IPSEC_POLICY_DISCARD = 0
PF_KEY_V2 = 2
@ -20,6 +25,10 @@ SADB_EXT_SA = 1
SADB_EXT_SPIRANGE = 16
SADB_MAX = 24
SADB_RESERVED = 0
SADB_SAFLAGS_DECAP_DSCP = 1073741824
SADB_SAFLAGS_NOECN = 2147483648
SADB_SAFLAGS_NOPMTUDISC = 536870912
SADB_SAFLAGS_PFS = 1
SADB_SATYPE_AH = 2
SADB_SATYPE_ESP = 3
SADB_SATYPE_MAX = 9

9
sys/linux/socket_key_arm64.const
View File

@ -1,6 +1,11 @@
# AUTOGENERATED FILE
AF_KEY = 15
AT_FDCWD = 18446744073709551516
IPSEC_DIR_ANY = 0
IPSEC_DIR_FWD = 3
IPSEC_DIR_INBOUND = 1
IPSEC_DIR_MAX = 4
IPSEC_DIR_OUTBOUND = 2
IPSEC_POLICY_BYPASS = 4
IPSEC_POLICY_DISCARD = 0
PF_KEY_V2 = 2
@ -20,6 +25,10 @@ SADB_EXT_SA = 1
SADB_EXT_SPIRANGE = 16
SADB_MAX = 24
SADB_RESERVED = 0
SADB_SAFLAGS_DECAP_DSCP = 1073741824
SADB_SAFLAGS_NOECN = 2147483648
SADB_SAFLAGS_NOPMTUDISC = 536870912
SADB_SAFLAGS_PFS = 1
SADB_SATYPE_AH = 2
SADB_SATYPE_ESP = 3
SADB_SATYPE_MAX = 9

9
sys/linux/socket_key_ppc64le.const
View File

@ -1,6 +1,11 @@
# AUTOGENERATED FILE
AF_KEY = 15
AT_FDCWD = 18446744073709551516
IPSEC_DIR_ANY = 0
IPSEC_DIR_FWD = 3
IPSEC_DIR_INBOUND = 1
IPSEC_DIR_MAX = 4
IPSEC_DIR_OUTBOUND = 2
IPSEC_POLICY_BYPASS = 4
IPSEC_POLICY_DISCARD = 0
PF_KEY_V2 = 2
@ -20,6 +25,10 @@ SADB_EXT_SA = 1
SADB_EXT_SPIRANGE = 16
SADB_MAX = 24
SADB_RESERVED = 0
SADB_SAFLAGS_DECAP_DSCP = 1073741824
SADB_SAFLAGS_NOECN = 2147483648
SADB_SAFLAGS_NOPMTUDISC = 536870912
SADB_SAFLAGS_PFS = 1
SADB_SATYPE_AH = 2
SADB_SATYPE_ESP = 3
SADB_SATYPE_MAX = 9

50
sys/linux/socket_netlink.txt
View File

@ -10,13 +10,13 @@ include <uapi/linux/rtnetlink.h>
resource sock_netlink[sock]
socket$netlink(domain const[AF_NETLINK], type const[SOCK_RAW], proto flags[netlink_proto]) sock_netlink
bind$netlink(fd sock_netlink, addr ptr[in, sockaddr_nl], addrlen len[addr])
bind$netlink(fd sock_netlink, addr ptr[in, sockaddr_nl_proc], addrlen len[addr])
connect$netlink(fd sock_netlink, addr ptr[in, sockaddr_nl], addrlen len[addr])
getsockname$netlink(fd sock_netlink, addr ptr[out, sockaddr_nl], addrlen ptr[inout, len[addr, int32]])
getpeername$netlink(fd sock_netlink, peer ptr[out, sockaddr_nl], peerlen ptr[inout, len[peer, int32]])
getsockname$netlink(fd sock_netlink, addr ptr[out, sockaddr_nl_unspec], addrlen ptr[inout, len[addr, int32]])
getpeername$netlink(fd sock_netlink, peer ptr[out, sockaddr_nl_unspec], peerlen ptr[inout, len[peer, int32]])
sendmsg$netlink(fd sock_netlink, msg ptr[in, msghdr_netlink], f flags[send_flags])
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_ADD_MEMBERSHIP], arg ptr[in, int32], arglen len[arg])
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_DROP_MEMBERSHIP], arg ptr[in, int32], arglen len[arg])
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_ADD_MEMBERSHIP], arg ptr[in, int32[0:31]], arglen len[arg])
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_DROP_MEMBERSHIP], arg ptr[in, int32[0:31]], arglen len[arg])
setsockopt$netlink_NETLINK_PKTINFO(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_PKTINFO], arg ptr[in, int32], arglen len[arg])
setsockopt$netlink_NETLINK_BROADCAST_ERROR(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_BROADCAST_ERROR], arg ptr[in, int32], arglen len[arg])
setsockopt$netlink_NETLINK_NO_ENOBUFS(fd sock_netlink, level const[SOL_NETLINK], opt const[NETLINK_NO_ENOBUFS], arg ptr[in, int32], arglen len[arg])
@ -30,16 +30,42 @@ netlink_family = AF_NETLINK, AF_UNSPEC, AF_INET, AF_INET6, AF_BRIDGE, AF_MPLS, A
netlink_proto = NETLINK_ROUTE, NETLINK_UNUSED, NETLINK_USERSOCK, NETLINK_FIREWALL, NETLINK_SOCK_DIAG, NETLINK_NFLOG, NETLINK_XFRM, NETLINK_SELINUX, NETLINK_ISCSI, NETLINK_AUDIT, NETLINK_FIB_LOOKUP, NETLINK_CONNECTOR, NETLINK_NETFILTER, NETLINK_IP6_FW, NETLINK_DNRTMSG, NETLINK_KOBJECT_UEVENT, NETLINK_GENERIC, NETLINK_SCSITRANSPORT, NETLINK_ECRYPTFS, NETLINK_RDMA, NETLINK_CRYPTO, NETLINK_INET_DIAG, NETLINK_SMC
netlink_sockopts = NETLINK_ADD_MEMBERSHIP, NETLINK_DROP_MEMBERSHIP, NETLINK_PKTINFO, NETLINK_BROADCAST_ERROR, NETLINK_NO_ENOBUFS, NETLINK_RX_RING, NETLINK_TX_RING, NETLINK_LISTEN_ALL_NSID, NETLINK_LIST_MEMBERSHIPS, NETLINK_CAP_ACK
netlink_msg_flags = NLM_F_REQUEST, NLM_F_MULTI, NLM_F_ACK, NLM_F_ECHO, NLM_F_DUMP_INTR, NLM_F_DUMP_FILTERED, NLM_F_ROOT, NLM_F_MATCH, NLM_F_ATOMIC, NLM_F_DUMP, NLM_F_REPLACE, NLM_F_EXCL, NLM_F_CREATE, NLM_F_APPEND
netlink_group_bitmap = 0x0, 0x1, 0x2, 0x4, 0x8, 0x10, 0x20, 0x40, 0x80, 0x100, 0x200, 0x400, 0x800, 0x1000, 0x2000, 0x4000, 0x8000, 0x10000, 0x20000, 0x40000, 0x80000, 0x100000, 0x200000, 0x400000, 0x800000, 0x1000000, 0x2000000, 0x4000000, 0x8000000, 0x10000000, 0x20000000, 0x40000000, 0x80000000
sockaddr_nl {
family const[AF_NETLINK, int16]
pad const[0, int16]
pid int32
groups int32
sockaddr_nl [
kern sockaddr_nl_kern
proc sockaddr_nl_proc
unspec sockaddr_nl_unspec
]
sockaddr_nl_send [
kern sockaddr_nl_kern
proc sockaddr_nl_proc
]
sockaddr_nl_proc {
nl_family const[AF_NETLINK, int16]
nl_pad const[0, int16]
nl_pid proc[635427835, 4, int32]
nl_groups flags[netlink_group_bitmap, int32]
}
sockaddr_nl_kern {
nl_family const[AF_NETLINK, int16]
nl_pad const[0, int16]
nl_pid const[0, int32]
nl_groups flags[netlink_group_bitmap, int32]
}
sockaddr_nl_unspec {
nl_family const[AF_UNSPEC, int16]
nl_pad const[0, int16]
nl_pid const[0, int32]
nl_groups const[0, int32]
}
msghdr_netlink {
addr ptr[in, sockaddr_nl, opt]
addr ptr[in, sockaddr_nl_send, opt]
addrlen len[addr, int32]
vec ptr[in, array[iovec_nl]]
vlen len[vec, intptr]
@ -58,7 +84,7 @@ netlink_msg {
type int16
flags flags[netlink_msg_flags, int16]
seq int32
pid int32
pid proc[635427835, 4, int32]
data array[int8]
} [align_4]

676
sys/linux/socket_netlink_xfrm.txt Normal file
View File

@ -0,0 +1,676 @@
# Copyright 2017 syzkaller project authors. All rights reserved.
# Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
# AF_NETLINK/NETLINK_XFRM support.
include <linux/net.h>
include <uapi/linux/netlink.h>
include <uapi/linux/in.h>
include <uapi/linux/xfrm.h>
include <uapi/linux/ipsec.h>
# TODO: policy id/index and reqid proc types must be marked as opt,
# because 0 is good valid value as well (here and in socket_key.txt).
# However, this is currently not supported.
resource sock_nl_xfrm[sock_netlink]
socket$nl_xfrm(domain const[AF_NETLINK], type const[SOCK_RAW], proto const[NETLINK_XFRM]) sock_nl_xfrm
sendmsg$nl_xfrm(fd sock_nl_xfrm, msg ptr[in, msghdr_nl_xfrm], f flags[send_flags])
msghdr_nl_xfrm {
addr ptr[in, sockaddr_nl_kern]
addrlen len[addr, int32]
vec ptr[in, iovec_nl_xfrm]
vlen const[1, intptr]
ctrl const[0, intptr]
ctrllen const[0, intptr]
f flags[send_flags, int32]
}
iovec_nl_xfrm {
data ptr[in, netlink_msg_xfrm]
len bytesize[data, intptr]
}
netlink_msg_xfrm [
generic array[int8]
newsa xfrm_newsa
delsa xfrm_delsa
newpolicy xfrm_newpolicy
delpolicy xfrm_delpolicy
allocspi xfrm_allocspi
acquire xfrm_acquire
expire xfrm_expire
polexpire xfrm_polexpire
flushsa xfrm_flushsa
report xfrm_report
flushpolicy xfrm_flushpolicy
newae xfrm_newae
getsadinfo xfrm_getsadinfo
] [varlen]
xfrm_newsa {
len len[parent, int32]
type flags[xfrm_newsa_msgs, int16]
flags flags[netlink_msg_flags, int16]
seq proc[7388453, 8, int32]
pid proc[635427835, 4, int32]
msg xfrm_usersa_info
attrs array[xfrm_attr]
} [align_4]
xfrm_newsa_msgs = XFRM_MSG_NEWSA, XFRM_MSG_UPDSA
xfrm_usersa_info {
sel xfrm_selector
id xfrm_id
saddr xfrm_address
lft xfrm_lifetime_cfg
curlft xfrm_lifetime_cur
stats xfrm_stats
seq proc[7388453, 8, int32]
reqid proc[13567, 8, int32]
family flags[xfrm_family, int16]
mode flags[xfrm_mode, int8]
replay_window int8
flags flags[xfrm_state, int8]
}
xfrm_delsa {
len len[parent, int32]
type flags[xfrm_delsa_msgs, int16]
flags flags[netlink_msg_flags, int16]
seq proc[7388453, 8, int32]
pid proc[635427835, 4, int32]
msg xfrm_usersa_id
attrs array[xfrm_attr]
} [align_4]
xfrm_delsa_msgs = XFRM_MSG_DELSA, XFRM_MSG_GETSA
xfrm_usersa_id {
daddr xfrm_address
spi proc[1234, 4, int32be]
family flags[xfrm_family, int16]
proto flags[xfrm_proto, int8]
}
xfrm_newpolicy {
len len[parent, int32]
type flags[xfrm_newpolicy_msgs, int16]
flags flags[netlink_msg_flags, int16]
seq proc[7388453, 8, int32]
pid proc[635427835, 4, int32]
msg xfrm_userpolicy_info
attrs array[xfrm_attr]
} [align_4]
xfrm_newpolicy_msgs = XFRM_MSG_NEWPOLICY, XFRM_MSG_UPDPOLICY
xfrm_delpolicy {
len len[parent, int32]
type flags[xfrm_delpolicy_msgs, int16]
flags flags[netlink_msg_flags, int16]
seq proc[7388453, 8, int32]
pid proc[635427835, 4, int32]
msg xfrm_userpolicy_id
attrs array[xfrm_attr]
} [align_4]
xfrm_delpolicy_msgs = XFRM_MSG_DELPOLICY, XFRM_MSG_GETPOLICY, XFRM_MSG_MIGRATE
xfrm_userpolicy_id {
sel xfrm_selector
index proc[7236528, 16, int32]
dir flags[xfrm_policy_dir, int8]
}
xfrm_allocspi {
len len[parent, int32]
type const[XFRM_MSG_ALLOCSPI, int16]
flags flags[netlink_msg_flags, int16]
seq proc[7388453, 8, int32]
pid proc[635427835, 4, int32]
msg xfrm_userspi_info
attrs array[xfrm_attr]
} [align_4]
xfrm_userspi_info {
info xfrm_usersa_info
min int32
max int32
}
xfrm_acquire {
len len[parent, int32]
type const[XFRM_MSG_ACQUIRE, int16]
flags flags[netlink_msg_flags, int16]
seq proc[7388453, 8, int32]
pid proc[635427835, 4, int32]
msg xfrm_user_acquire
attrs array[xfrm_attr]
} [align_4]
xfrm_user_acquire {
id xfrm_id
saddr xfrm_address
sel xfrm_selector
policy xfrm_userpolicy_info
aalgos int32
ealgos int32
calgo int32
seq proc[7388453, 8, int32]
}
xfrm_expire {
len len[parent, int32]
type const[XFRM_MSG_EXPIRE, int16]
flags flags[netlink_msg_flags, int16]
seq proc[7388453, 8, int32]
pid proc[635427835, 4, int32]
msg xfrm_user_expire
attrs array[xfrm_attr]
} [align_4]
xfrm_user_expire {
state xfrm_usersa_info
hard int8
}
xfrm_polexpire {
len len[parent, int32]
type const[XFRM_MSG_POLEXPIRE, int16]
flags flags[netlink_msg_flags, int16]
seq proc[7388453, 8, int32]
pid proc[635427835, 4, int32]
msg xfrm_user_polexpire
attrs array[xfrm_attr]
} [align_4]
xfrm_user_polexpire {
pol xfrm_userpolicy_info
hard int8
}
xfrm_flushsa {
len len[parent, int32]
type const[XFRM_MSG_FLUSHSA, int16]
flags flags[netlink_msg_flags, int16]
seq proc[7388453, 8, int32]
pid proc[635427835, 4, int32]
msg xfrm_usersa_flush
attrs array[xfrm_attr]
} [align_4]
xfrm_usersa_flush {
proto flags[xfrm_proto, int8]
}
xfrm_report {
len len[parent, int32]
type const[XFRM_MSG_REPORT, int16]
flags flags[netlink_msg_flags, int16]
seq proc[7388453, 8, int32]
pid proc[635427835, 4, int32]
msg xfrm_user_report
attrs array[xfrm_attr]
} [align_4]
xfrm_user_report {
proto flags[xfrm_proto, int8]
sel xfrm_selector
}
xfrm_flushpolicy {
len len[parent, int32]
type const[XFRM_MSG_FLUSHPOLICY, int16]
flags flags[netlink_msg_flags, int16]
seq int32
pid proc[635427835, 4, int32]
attrs array[xfrm_attr]
} [align_4]
xfrm_newae {
len len[parent, int32]
type flags[xfrm_newae_msgs, int16]
flags flags[netlink_msg_flags, int16]
seq proc[7388453, 8, int32]
pid proc[635427835, 4, int32]
data xfrm_aevent_id
attrs array[xfrm_attr]
} [align_4]
xfrm_newae_msgs = XFRM_MSG_NEWAE, XFRM_MSG_GETAE
xfrm_aevent_id {
sa_id xfrm_usersa_id
saddr xfrm_address
flags int32
reqid proc[13567, 8, int32]
}
xfrm_getsadinfo {
len len[parent, int32]
type flags[xfrm_newae_msgs, int16]
flags flags[netlink_msg_flags, int16]
seq proc[7388453, 8, int32]
pid proc[635427835, 4, int32]
data int32
attrs array[xfrm_attr]
} [align_4]
xfrm_getsadinfo_msgs = XFRM_MSG_GETSADINFO, XFRM_MSG_NEWSPDINFO, XFRM_MSG_GETSPDINFO
xfrm_attr [
sa xfrm_attr_sa
policy xfrm_attr_policy
lastused xfrm_attr_lastused
algo_auth_trunc xfrm_attr_algo_auth_trunc
algo_aead xfrm_attr_algo_aead
algo_auth xfrm_attr_algo_auth
algo_crypt xfrm_attr_algo_crypt
algo_comp xfrm_attr_algo_comp
srcaddr xfrm_attr_srcaddr
coaddr xfrm_attr_coaddr
u32 xfrm_attr_u32
encap xfrm_attr_encap
offload xfrm_attr_offload
sec_ctx xfrm_attr_sec_ctx
lifetime_val xfrm_attr_lifetime_val
tmpl xfrm_attr_tmpl
replay_val xfrm_attr_replay_val
replay_esn_val xfrm_attr_replay_esn_val
policy_type xfrm_attr_policy_type
migrate xfrm_attr_migrate
user_kmaddress xfrm_attr_user_kmaddress
mark xfrm_attr_mark
proto xfrm_attr_proto
address_filter xfrm_attr_address_filter
ipv4_hthresh xfrm_attr_ipv4_hthresh
ipv6_hthresh xfrm_attr_ipv6_hthresh
] [varlen]
xfrm_attr_sa {
nla_len len[parent, int16]
nla_type const[XFRMA_SA, int16]
data xfrm_usersa_info
} [align_4]
xfrm_attr_policy {
nla_len len[parent, int16]
nla_type const[XFRMA_POLICY, int16]
data xfrm_userpolicy_info
} [align_4]
xfrm_attr_lastused {
nla_len len[parent, int16]
nla_type const[XFRMA_LASTUSED, int16]
data int64
} [align_4]
xfrm_attr_algo_auth_trunc {
nla_len len[parent, int16]
nla_type const[XFRMA_ALG_AUTH_TRUNC, int16]
data xfrm_algo_auth
} [align_4]
xfrm_attr_algo_aead {
nla_len len[parent, int16]
nla_type const[XFRMA_ALG_AEAD, int16]
data xfrm_algo_aead
} [align_4]
xfrm_attr_algo_auth {
nla_len len[parent, int16]
nla_type const[XFRMA_ALG_AUTH, int16]
data xfrm_algo_hash
} [align_4]
xfrm_attr_algo_crypt {
nla_len len[parent, int16]
nla_type const[XFRMA_ALG_CRYPT, int16]
data xfrm_algo_blkcipher
} [align_4]
xfrm_attr_algo_comp {
nla_len len[parent, int16]
nla_type const[XFRMA_ALG_COMP, int16]
data xfrm_algo_compress
} [align_4]
xfrm_attr_srcaddr {
nla_len len[parent, int16]
nla_type const[XFRMA_SRCADDR, int16]
data xfrm_address
} [align_4]
xfrm_attr_coaddr {
nla_len len[parent, int16]
nla_type const[XFRMA_COADDR, int16]
data xfrm_address
} [align_4]
xfrm_attr_u32 {
nla_len len[parent, int16]
nla_type flags[xfrm_attr_u32s, int16]
data int32
} [align_4]
xfrm_attr_u32s = XFRMA_SA_EXTRA_FLAGS, XFRMA_TFCPAD, XFRMA_REPLAY_THRESH, XFRMA_ETIMER_THRESH, XFRMA_OUTPUT_MARK
xfrm_attr_encap {
nla_len len[parent, int16]
nla_type const[XFRMA_ENCAP, int16]
data xfrm_encap_tmpl
} [align_4]
xfrm_encap_tmpl {
# TODO: what's this?
encap_type int16
encap_sport proc[20000, 4, int16be]
encap_dport proc[20000, 4, int16be]
encap_oa xfrm_address
}
xfrm_attr_offload {
nla_len len[parent, int16]
nla_type const[XFRMA_OFFLOAD_DEV, int16]
data xfrm_user_offload
} [align_4]
xfrm_user_offload {
# TODO: replace int32 with ifindex once I figure out how to get ifindex'es
ifindex int32
flags flags[xfrm_offload_flags, int8]
}
xfrm_offload_flags = XFRM_OFFLOAD_IPV6, XFRM_OFFLOAD_INBOUND
xfrm_attr_sec_ctx {
nla_len len[parent, int16]
nla_type const[XFRMA_SEC_CTX, int16]
# TODO: is this xfrm_sec_ctx or xfrm_user_sec_ctx? comments say first, but code seem to expect the second.
data xfrm_user_sec_ctx
} [align_4]
xfrm_user_sec_ctx {
len len[parent, int16]
exttype const[XFRMA_SEC_CTX, int16]
ctx_alg flags[xfrm_sec_ctx_alg, int8]
ctx_doi int8
ctx_len len[payload, int16]
# TODO: what's this?
payload array[int8]
}
xfrm_sec_ctx_alg = XFRM_SC_ALG_SELINUX
xfrm_attr_lifetime_val {
nla_len len[parent, int16]
nla_type const[XFRMA_LTIME_VAL, int16]
data xfrm_lifetime_cur
} [align_4]
xfrm_attr_tmpl {
nla_len len[parent, int16]
nla_type const[XFRMA_TMPL, int16]
data array[xfrm_user_tmpl]
} [align_4]
xfrm_attr_replay_val {
nla_len len[parent, int16]
nla_type const[XFRMA_REPLAY_VAL, int16]
data xfrm_replay_state
} [align_4]
xfrm_replay_state {
oseq proc[7388453, 8, int32]
seq proc[7388453, 8, int32]
bitmap int32
}
xfrm_attr_replay_esn_val {
nla_len len[parent, int16]
nla_type const[XFRMA_REPLAY_ESN_VAL, int16]
data xfrm_replay_state_esn
} [align_4]
xfrm_replay_state_esn {
bmp_len len[bmp, int32]
oseq proc[7388453, 8, int32]
seq proc[7388453, 8, int32]
oseq_hi proc[7388453, 8, int32]
seq_hi proc[7388453, 8, int32]
replay_window int32
bmp array[int32]
}
xfrm_attr_policy_type {
nla_len len[parent, int16]
nla_type const[XFRMA_POLICY_TYPE, int16]
data xfrm_userpolicy_type
} [align_4]
xfrm_userpolicy_type {
type flags[xfrm_policy_types, int8]
reserved1 const[0, int16]
reserved2 const[0, int8]
}
xfrm_attr_migrate {
nla_len len[parent, int16]
nla_type const[XFRMA_MIGRATE, int16]
data array[xfrm_user_migrate]
} [align_4]
xfrm_user_migrate {
old_daddr xfrm_address
new_saddr xfrm_address
# TODO: what proto is this? all or only xfrm_proto's?
proto flags[ipv6_types, int8]
mode int8
reserved const[0, int16]
reqid proc[13567, 8, int32]
old_family flags[xfrm_family, int16]
new_family flags[xfrm_family, int16]
}
xfrm_attr_user_kmaddress {
nla_len len[parent, int16]
nla_type const[XFRMA_KMADDRESS, int16]
data xfrm_user_kmaddress
} [align_4]
xfrm_user_kmaddress {
local xfrm_address
remote xfrm_address
reserved const[0, int32]
family flags[xfrm_family, int16]
}
xfrm_attr_mark {
nla_len len[parent, int16]
nla_type const[XFRMA_MARK, int16]
data xfrm_mark
} [align_4]
xfrm_mark {
v proc[3475289, 4, int32]
m int32
}
xfrm_attr_proto {
nla_len len[parent, int16]
nla_type const[XFRMA_PROTO, int16]
data flags[xfrm_proto, int8]
} [align_4]
xfrm_attr_address_filter {
nla_len len[parent, int16]
nla_type const[XFRMA_ADDRESS_FILTER, int16]
data xfrm_address_filter
} [align_4]
xfrm_address_filter {
saddr xfrm_address
daddr xfrm_address
family flags[xfrm_family, int16]
splen int8
dplen int8
}
xfrm_attr_ipv4_hthresh {
nla_len len[parent, int16]
nla_type const[XFRMA_SPD_IPV4_HTHRESH, int16]
data xfrmu_spdhthresh4
} [align_4]
xfrmu_spdhthresh4 {
lbits int8[0:32]
rbits int8[0:32]
}
xfrm_attr_ipv6_hthresh {
nla_len len[parent, int16]
nla_type const[XFRMA_SPD_IPV6_HTHRESH, int16]
data xfrmu_spdhthresh6
} [align_4]
xfrmu_spdhthresh6 {
lbits int8[0:128]
rbits int8[0:128]
}
xfrm_selector {
daddr xfrm_address
saddr xfrm_address
dport proc[20000, 4, int16be]
# TODO: dport_mask/sport_mask are some be16, what should we pass here?
dport_mask int16
sport proc[20000, 4, int16be]
sport_mask int16
family flags[xfrm_family, int16]
prefixlen_d flags[xfrm_prefixlens, int8]
prefixlen_s flags[xfrm_prefixlens, int8]
proto flags[ipv6_types, int8]
# TODO: pass real ifindex or 0 (but ifindex is hard to get)
ifindex int32
user uid
}
xfrm_lifetime_cfg {
soft_byte_limit int64
hard_byte_limit int64
soft_packet_limit int64
hard_packet_limit int64
soft_add_expires_seconds int64
hard_add_expires_seconds int64
soft_use_expires_seconds int64
hard_use_expires_seconds int64
}
xfrm_lifetime_cur {
bytes int64
packets int64
add_time int64
use_time int64
}
xfrm_stats {
replay_window int32
replay int32
integrity_failed int32
}
xfrm_algo_hash {
alg_name alg_hash_name
# TODO: alg_key_len is actually in _bits_.
alg_key_len bytesize[alg_key, int32]
alg_key array[int8]
}
xfrm_algo_blkcipher {
alg_name alg_blkcipher_name
# TODO: alg_key_len is actually in _bits_.
alg_key_len bytesize[alg_key, int32]
alg_key array[int8]
}
xfrm_algo_compress {
alg_name alg_compress_name
# TODO: alg_key_len is actually in _bits_.
alg_key_len bytesize[alg_key, int32]
alg_key array[int8]
}
xfrm_algo_auth {
alg_name alg_hash_name
# TODO: alg_key_len is actually in _bits_.
alg_key_len bytesize[alg_key, int32]
alg_icv_len flags[xfrm_algo_truncbits, int32]
alg_key array[int8]
}
xfrm_algo_aead {
alg_name alg_aead_name
# TODO: alg_key_len is actually in _bits_.
alg_key_len bytesize[alg_key, int32]
alg_icv_len flags[xfrm_algo_truncbits, int32]
alg_key array[int8]
}
xfrm_algo_truncbits = 0, 64, 96, 128, 160, 192, 256, 384, 512
xfrm_id {
daddr xfrm_address
spi proc[1234, 4, int32be]
proto flags[xfrm_proto, int8]
}
xfrm_address [
in ipv4_addr
in6 ipv6_addr
]
xfrm_filter {
info xfrm_userpolicy_info
tmpl xfrm_user_tmpl
}
xfrm_userpolicy_info {
sel xfrm_selector
lft xfrm_lifetime_cfg
curlft xfrm_lifetime_cur
priority int32
index proc[7236528, 16, int32]
dir flags[xfrm_policy_dir, int8]
action flags[xfrm_policy_actions, int8]
flags flags[xfrm_policy_flags, int8]
share flags[xfrm_policy_shares, int8]
}
xfrm_user_tmpl {
id xfrm_id
family flags[xfrm_family, int16]
saddr xfrm_address
reqid proc[13567, 8, int32]
mode flags[xfrm_mode, int8]
share flags[xfrm_policy_shares, int8]
optional int8
aalgos int32
ealgos int32
calgos int32
}
xfrm_mode = XFRM_MODE_TRANSPORT, XFRM_MODE_TUNNEL, XFRM_MODE_ROUTEOPTIMIZATION, XFRM_MODE_IN_TRIGGER, XFRM_MODE_BEET
xfrm_state = XFRM_STATE_NOECN, XFRM_STATE_DECAP_DSCP, XFRM_STATE_NOPMTUDISC, XFRM_STATE_WILDRECV, XFRM_STATE_ICMP, XFRM_STATE_AF_UNSPEC, XFRM_STATE_ALIGN4, XFRM_STATE_ESN
xfrm_family = AF_INET, AF_INET6
xfrm_proto = IPPROTO_AH, IPPROTO_ESP, IPPROTO_COMP, IPPROTO_DSTOPTS, IPPROTO_ROUTING, IPSEC_PROTO_ANY
xfrm_policy_types = XFRM_POLICY_TYPE_MAIN, XFRM_POLICY_TYPE_SUB
xfrm_policy_actions = XFRM_POLICY_ALLOW, XFRM_POLICY_BLOCK
xfrm_policy_flags = XFRM_POLICY_LOCALOK, XFRM_POLICY_ICMP
xfrm_policy_shares = XFRM_SHARE_ANY, XFRM_SHARE_SESSION, XFRM_SHARE_USER, XFRM_SHARE_UNIQUE
xfrm_policy_dir = XFRM_POLICY_IN, XFRM_POLICY_OUT, XFRM_POLICY_FWD
xfrm_prefixlens = 32, 128

94
sys/linux/socket_netlink_xfrm_386.const Normal file
View File

@ -0,0 +1,94 @@
# AUTOGENERATED FILE
AF_INET = 2
AF_INET6 = 10
AF_NETLINK = 16
IPPROTO_AH = 51
IPPROTO_COMP = 108
IPPROTO_DSTOPTS = 60
IPPROTO_ESP = 50
IPPROTO_ROUTING = 43
IPSEC_PROTO_ANY = 255
NETLINK_XFRM = 6
SOCK_RAW = 3
XFRMA_ADDRESS_FILTER = 26
XFRMA_ALG_AEAD = 18
XFRMA_ALG_AUTH = 1
XFRMA_ALG_AUTH_TRUNC = 20
XFRMA_ALG_COMP = 3
XFRMA_ALG_CRYPT = 2
XFRMA_COADDR = 14
XFRMA_ENCAP = 4
XFRMA_ETIMER_THRESH = 12
XFRMA_KMADDRESS = 19
XFRMA_LASTUSED = 15
XFRMA_LTIME_VAL = 9
XFRMA_MARK = 21
XFRMA_MIGRATE = 17
XFRMA_OFFLOAD_DEV = 28
XFRMA_OUTPUT_MARK = 29
XFRMA_POLICY = 7
XFRMA_POLICY_TYPE = 16
XFRMA_PROTO = 25
XFRMA_REPLAY_ESN_VAL = 23
XFRMA_REPLAY_THRESH = 11
XFRMA_REPLAY_VAL = 10
XFRMA_SA = 6
XFRMA_SA_EXTRA_FLAGS = 24
XFRMA_SEC_CTX = 8
XFRMA_SPD_IPV4_HTHRESH = 3
XFRMA_SPD_IPV6_HTHRESH = 4
XFRMA_SRCADDR = 13
XFRMA_TFCPAD = 22
XFRMA_TMPL = 5
XFRM_MODE_BEET = 4
XFRM_MODE_IN_TRIGGER = 3
XFRM_MODE_ROUTEOPTIMIZATION = 2
XFRM_MODE_TRANSPORT = 0
XFRM_MODE_TUNNEL = 1
XFRM_MSG_ACQUIRE = 23
XFRM_MSG_ALLOCSPI = 22
XFRM_MSG_DELPOLICY = 20
XFRM_MSG_DELSA = 17
XFRM_MSG_EXPIRE = 24
XFRM_MSG_FLUSHPOLICY = 29
XFRM_MSG_FLUSHSA = 28
XFRM_MSG_GETAE = 31
XFRM_MSG_GETPOLICY = 21
XFRM_MSG_GETSA = 18
XFRM_MSG_GETSADINFO = 35
XFRM_MSG_GETSPDINFO = 37
XFRM_MSG_MIGRATE = 33
XFRM_MSG_NEWAE = 30
XFRM_MSG_NEWPOLICY = 19
XFRM_MSG_NEWSA = 16
XFRM_MSG_NEWSPDINFO = 36
XFRM_MSG_POLEXPIRE = 27
XFRM_MSG_REPORT = 32
XFRM_MSG_UPDPOLICY = 25
XFRM_MSG_UPDSA = 26
XFRM_OFFLOAD_INBOUND = 2
XFRM_OFFLOAD_IPV6 = 1
XFRM_POLICY_ALLOW = 0
XFRM_POLICY_BLOCK = 1
XFRM_POLICY_FWD = 2
XFRM_POLICY_ICMP = 2
XFRM_POLICY_IN = 0
XFRM_POLICY_LOCALOK = 1
XFRM_POLICY_OUT = 1
XFRM_POLICY_TYPE_MAIN = 0
XFRM_POLICY_TYPE_SUB = 1
XFRM_SC_ALG_SELINUX = 1
XFRM_SHARE_ANY = 0
XFRM_SHARE_SESSION = 1
XFRM_SHARE_UNIQUE = 3
XFRM_SHARE_USER = 2
XFRM_STATE_AF_UNSPEC = 32
XFRM_STATE_ALIGN4 = 64
XFRM_STATE_DECAP_DSCP = 2
XFRM_STATE_ESN = 128
XFRM_STATE_ICMP = 16
XFRM_STATE_NOECN = 1
XFRM_STATE_NOPMTUDISC = 4
XFRM_STATE_WILDRECV = 8
__NR_sendmsg = 370
__NR_socket = 359

94
sys/linux/socket_netlink_xfrm_amd64.const Normal file
View File

@ -0,0 +1,94 @@
# AUTOGENERATED FILE
AF_INET = 2
AF_INET6 = 10
AF_NETLINK = 16
IPPROTO_AH = 51
IPPROTO_COMP = 108
IPPROTO_DSTOPTS = 60
IPPROTO_ESP = 50
IPPROTO_ROUTING = 43
IPSEC_PROTO_ANY = 255
NETLINK_XFRM = 6
SOCK_RAW = 3
XFRMA_ADDRESS_FILTER = 26
XFRMA_ALG_AEAD = 18
XFRMA_ALG_AUTH = 1
XFRMA_ALG_AUTH_TRUNC = 20
XFRMA_ALG_COMP = 3
XFRMA_ALG_CRYPT = 2
XFRMA_COADDR = 14
XFRMA_ENCAP = 4
XFRMA_ETIMER_THRESH = 12
XFRMA_KMADDRESS = 19
XFRMA_LASTUSED = 15
XFRMA_LTIME_VAL = 9
XFRMA_MARK = 21
XFRMA_MIGRATE = 17
XFRMA_OFFLOAD_DEV = 28
XFRMA_OUTPUT_MARK = 29
XFRMA_POLICY = 7
XFRMA_POLICY_TYPE = 16
XFRMA_PROTO = 25
XFRMA_REPLAY_ESN_VAL = 23
XFRMA_REPLAY_THRESH = 11
XFRMA_REPLAY_VAL = 10
XFRMA_SA = 6
XFRMA_SA_EXTRA_FLAGS = 24
XFRMA_SEC_CTX = 8
XFRMA_SPD_IPV4_HTHRESH = 3
XFRMA_SPD_IPV6_HTHRESH = 4
XFRMA_SRCADDR = 13
XFRMA_TFCPAD = 22
XFRMA_TMPL = 5
XFRM_MODE_BEET = 4
XFRM_MODE_IN_TRIGGER = 3
XFRM_MODE_ROUTEOPTIMIZATION = 2
XFRM_MODE_TRANSPORT = 0
XFRM_MODE_TUNNEL = 1
XFRM_MSG_ACQUIRE = 23
XFRM_MSG_ALLOCSPI = 22
XFRM_MSG_DELPOLICY = 20
XFRM_MSG_DELSA = 17
XFRM_MSG_EXPIRE = 24
XFRM_MSG_FLUSHPOLICY = 29
XFRM_MSG_FLUSHSA = 28
XFRM_MSG_GETAE = 31
XFRM_MSG_GETPOLICY = 21
XFRM_MSG_GETSA = 18
XFRM_MSG_GETSADINFO = 35
XFRM_MSG_GETSPDINFO = 37
XFRM_MSG_MIGRATE = 33
XFRM_MSG_NEWAE = 30
XFRM_MSG_NEWPOLICY = 19
XFRM_MSG_NEWSA = 16
XFRM_MSG_NEWSPDINFO = 36
XFRM_MSG_POLEXPIRE = 27
XFRM_MSG_REPORT = 32
XFRM_MSG_UPDPOLICY = 25
XFRM_MSG_UPDSA = 26
XFRM_OFFLOAD_INBOUND = 2
XFRM_OFFLOAD_IPV6 = 1
XFRM_POLICY_ALLOW = 0
XFRM_POLICY_BLOCK = 1
XFRM_POLICY_FWD = 2
XFRM_POLICY_ICMP = 2
XFRM_POLICY_IN = 0
XFRM_POLICY_LOCALOK = 1
XFRM_POLICY_OUT = 1
XFRM_POLICY_TYPE_MAIN = 0
XFRM_POLICY_TYPE_SUB = 1
XFRM_SC_ALG_SELINUX = 1
XFRM_SHARE_ANY = 0
XFRM_SHARE_SESSION = 1
XFRM_SHARE_UNIQUE = 3
XFRM_SHARE_USER = 2
XFRM_STATE_AF_UNSPEC = 32
XFRM_STATE_ALIGN4 = 64
XFRM_STATE_DECAP_DSCP = 2
XFRM_STATE_ESN = 128
XFRM_STATE_ICMP = 16
XFRM_STATE_NOECN = 1
XFRM_STATE_NOPMTUDISC = 4
XFRM_STATE_WILDRECV = 8
__NR_sendmsg = 46
__NR_socket = 41

94
sys/linux/socket_netlink_xfrm_arm64.const Normal file
View File

@ -0,0 +1,94 @@
# AUTOGENERATED FILE
AF_INET = 2
AF_INET6 = 10
AF_NETLINK = 16
IPPROTO_AH = 51
IPPROTO_COMP = 108
IPPROTO_DSTOPTS = 60
IPPROTO_ESP = 50
IPPROTO_ROUTING = 43
IPSEC_PROTO_ANY = 255
NETLINK_XFRM = 6
SOCK_RAW = 3
XFRMA_ADDRESS_FILTER = 26
XFRMA_ALG_AEAD = 18
XFRMA_ALG_AUTH = 1
XFRMA_ALG_AUTH_TRUNC = 20
XFRMA_ALG_COMP = 3
XFRMA_ALG_CRYPT = 2
XFRMA_COADDR = 14
XFRMA_ENCAP = 4
XFRMA_ETIMER_THRESH = 12
XFRMA_KMADDRESS = 19
XFRMA_LASTUSED = 15
XFRMA_LTIME_VAL = 9
XFRMA_MARK = 21
XFRMA_MIGRATE = 17
XFRMA_OFFLOAD_DEV = 28
XFRMA_OUTPUT_MARK = 29
XFRMA_POLICY = 7
XFRMA_POLICY_TYPE = 16
XFRMA_PROTO = 25
XFRMA_REPLAY_ESN_VAL = 23
XFRMA_REPLAY_THRESH = 11
XFRMA_REPLAY_VAL = 10
XFRMA_SA = 6
XFRMA_SA_EXTRA_FLAGS = 24
XFRMA_SEC_CTX = 8
XFRMA_SPD_IPV4_HTHRESH = 3
XFRMA_SPD_IPV6_HTHRESH = 4
XFRMA_SRCADDR = 13
XFRMA_TFCPAD = 22
XFRMA_TMPL = 5
XFRM_MODE_BEET = 4
XFRM_MODE_IN_TRIGGER = 3
XFRM_MODE_ROUTEOPTIMIZATION = 2
XFRM_MODE_TRANSPORT = 0
XFRM_MODE_TUNNEL = 1
XFRM_MSG_ACQUIRE = 23
XFRM_MSG_ALLOCSPI = 22
XFRM_MSG_DELPOLICY = 20
XFRM_MSG_DELSA = 17
XFRM_MSG_EXPIRE = 24
XFRM_MSG_FLUSHPOLICY = 29
XFRM_MSG_FLUSHSA = 28
XFRM_MSG_GETAE = 31
XFRM_MSG_GETPOLICY = 21
XFRM_MSG_GETSA = 18
XFRM_MSG_GETSADINFO = 35
XFRM_MSG_GETSPDINFO = 37
XFRM_MSG_MIGRATE = 33
XFRM_MSG_NEWAE = 30
XFRM_MSG_NEWPOLICY = 19
XFRM_MSG_NEWSA = 16
XFRM_MSG_NEWSPDINFO = 36
XFRM_MSG_POLEXPIRE = 27
XFRM_MSG_REPORT = 32
XFRM_MSG_UPDPOLICY = 25
XFRM_MSG_UPDSA = 26
XFRM_OFFLOAD_INBOUND = 2
XFRM_OFFLOAD_IPV6 = 1
XFRM_POLICY_ALLOW = 0
XFRM_POLICY_BLOCK = 1
XFRM_POLICY_FWD = 2
XFRM_POLICY_ICMP = 2
XFRM_POLICY_IN = 0
XFRM_POLICY_LOCALOK = 1
XFRM_POLICY_OUT = 1
XFRM_POLICY_TYPE_MAIN = 0
XFRM_POLICY_TYPE_SUB = 1
XFRM_SC_ALG_SELINUX = 1
XFRM_SHARE_ANY = 0
XFRM_SHARE_SESSION = 1
XFRM_SHARE_UNIQUE = 3
XFRM_SHARE_USER = 2
XFRM_STATE_AF_UNSPEC = 32
XFRM_STATE_ALIGN4 = 64
XFRM_STATE_DECAP_DSCP = 2
XFRM_STATE_ESN = 128
XFRM_STATE_ICMP = 16
XFRM_STATE_NOECN = 1
XFRM_STATE_NOPMTUDISC = 4
XFRM_STATE_WILDRECV = 8
__NR_sendmsg = 211
__NR_socket = 198

94
sys/linux/socket_netlink_xfrm_ppc64le.const Normal file
View File

@ -0,0 +1,94 @@
# AUTOGENERATED FILE
AF_INET = 2
AF_INET6 = 10
AF_NETLINK = 16
IPPROTO_AH = 51
IPPROTO_COMP = 108
IPPROTO_DSTOPTS = 60
IPPROTO_ESP = 50
IPPROTO_ROUTING = 43
IPSEC_PROTO_ANY = 255
NETLINK_XFRM = 6
SOCK_RAW = 3
XFRMA_ADDRESS_FILTER = 26
XFRMA_ALG_AEAD = 18
XFRMA_ALG_AUTH = 1
XFRMA_ALG_AUTH_TRUNC = 20
XFRMA_ALG_COMP = 3
XFRMA_ALG_CRYPT = 2
XFRMA_COADDR = 14
XFRMA_ENCAP = 4
XFRMA_ETIMER_THRESH = 12
XFRMA_KMADDRESS = 19
XFRMA_LASTUSED = 15
XFRMA_LTIME_VAL = 9
XFRMA_MARK = 21
XFRMA_MIGRATE = 17
XFRMA_OFFLOAD_DEV = 28
XFRMA_OUTPUT_MARK = 29
XFRMA_POLICY = 7
XFRMA_POLICY_TYPE = 16
XFRMA_PROTO = 25
XFRMA_REPLAY_ESN_VAL = 23
XFRMA_REPLAY_THRESH = 11
XFRMA_REPLAY_VAL = 10
XFRMA_SA = 6
XFRMA_SA_EXTRA_FLAGS = 24
XFRMA_SEC_CTX = 8
XFRMA_SPD_IPV4_HTHRESH = 3
XFRMA_SPD_IPV6_HTHRESH = 4
XFRMA_SRCADDR = 13
XFRMA_TFCPAD = 22
XFRMA_TMPL = 5
XFRM_MODE_BEET = 4
XFRM_MODE_IN_TRIGGER = 3
XFRM_MODE_ROUTEOPTIMIZATION = 2
XFRM_MODE_TRANSPORT = 0
XFRM_MODE_TUNNEL = 1
XFRM_MSG_ACQUIRE = 23
XFRM_MSG_ALLOCSPI = 22
XFRM_MSG_DELPOLICY = 20
XFRM_MSG_DELSA = 17
XFRM_MSG_EXPIRE = 24
XFRM_MSG_FLUSHPOLICY = 29
XFRM_MSG_FLUSHSA = 28
XFRM_MSG_GETAE = 31
XFRM_MSG_GETPOLICY = 21
XFRM_MSG_GETSA = 18
XFRM_MSG_GETSADINFO = 35
XFRM_MSG_GETSPDINFO = 37
XFRM_MSG_MIGRATE = 33
XFRM_MSG_NEWAE = 30
XFRM_MSG_NEWPOLICY = 19
XFRM_MSG_NEWSA = 16
XFRM_MSG_NEWSPDINFO = 36
XFRM_MSG_POLEXPIRE = 27
XFRM_MSG_REPORT = 32
XFRM_MSG_UPDPOLICY = 25
XFRM_MSG_UPDSA = 26
XFRM_OFFLOAD_INBOUND = 2
XFRM_OFFLOAD_IPV6 = 1
XFRM_POLICY_ALLOW = 0
XFRM_POLICY_BLOCK = 1
XFRM_POLICY_FWD = 2
XFRM_POLICY_ICMP = 2
XFRM_POLICY_IN = 0
XFRM_POLICY_LOCALOK = 1
XFRM_POLICY_OUT = 1
XFRM_POLICY_TYPE_MAIN = 0
XFRM_POLICY_TYPE_SUB = 1
XFRM_SC_ALG_SELINUX = 1
XFRM_SHARE_ANY = 0
XFRM_SHARE_SESSION = 1
XFRM_SHARE_UNIQUE = 3
XFRM_SHARE_USER = 2
XFRM_STATE_AF_UNSPEC = 32
XFRM_STATE_ALIGN4 = 64
XFRM_STATE_DECAP_DSCP = 2
XFRM_STATE_ESN = 128
XFRM_STATE_ICMP = 16
XFRM_STATE_NOECN = 1
XFRM_STATE_NOPMTUDISC = 4
XFRM_STATE_WILDRECV = 8
__NR_sendmsg = 341
__NR_socket = 326