aboutsummaryrefslogtreecommitdiffstats
path: root/include/net
diff options
context:
space:
mode:
authorShinta Sugimoto <shinta.sugimoto@ericsson.com>2007-02-08 16:11:42 -0500
committerDavid S. Miller <davem@davemloft.net>2007-02-08 16:11:42 -0500
commit80c9abaabf4283f7cf4a0b3597cd302506635b7f (patch)
tree7dd4270a22e039c827114d182c2071a84826f563 /include/net
parent9934e81c8c4981342dab3e386aff5d4499bea0d2 (diff)
[XFRM]: Extension for dynamic update of endpoint address(es)
Extend the XFRM framework so that endpoint address(es) in the XFRM databases could be dynamically updated according to a request (MIGRATE message) from user application. Target XFRM policy is first identified by the selector in the MIGRATE message. Next, the endpoint addresses of the matching templates and XFRM states are updated according to the MIGRATE message. Signed-off-by: Shinta Sugimoto <shinta.sugimoto@ericsson.com> Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net')
-rw-r--r--include/net/xfrm.h44
1 files changed, 44 insertions, 0 deletions
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index bf91d632901..16924cb772c 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -362,6 +362,19 @@ struct xfrm_policy
362 struct xfrm_tmpl xfrm_vec[XFRM_MAX_DEPTH]; 362 struct xfrm_tmpl xfrm_vec[XFRM_MAX_DEPTH];
363}; 363};
364 364
365struct xfrm_migrate {
366 xfrm_address_t old_daddr;
367 xfrm_address_t old_saddr;
368 xfrm_address_t new_daddr;
369 xfrm_address_t new_saddr;
370 u8 proto;
371 u8 mode;
372 u16 reserved;
373 u32 reqid;
374 u16 old_family;
375 u16 new_family;
376};
377
365#define XFRM_KM_TIMEOUT 30 378#define XFRM_KM_TIMEOUT 30
366/* which seqno */ 379/* which seqno */
367#define XFRM_REPLAY_SEQ 1 380#define XFRM_REPLAY_SEQ 1
@@ -388,6 +401,7 @@ struct xfrm_mgr
388 int (*new_mapping)(struct xfrm_state *x, xfrm_address_t *ipaddr, __be16 sport); 401 int (*new_mapping)(struct xfrm_state *x, xfrm_address_t *ipaddr, __be16 sport);
389 int (*notify_policy)(struct xfrm_policy *x, int dir, struct km_event *c); 402 int (*notify_policy)(struct xfrm_policy *x, int dir, struct km_event *c);
390 int (*report)(u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr); 403 int (*report)(u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr);
404 int (*migrate)(struct xfrm_selector *sel, u8 dir, u8 type, struct xfrm_migrate *m, int num_bundles);
391}; 405};
392 406
393extern int xfrm_register_km(struct xfrm_mgr *km); 407extern int xfrm_register_km(struct xfrm_mgr *km);
@@ -988,6 +1002,16 @@ extern int xfrm_bundle_ok(struct xfrm_policy *pol, struct xfrm_dst *xdst,
988 struct flowi *fl, int family, int strict); 1002 struct flowi *fl, int family, int strict);
989extern void xfrm_init_pmtu(struct dst_entry *dst); 1003extern void xfrm_init_pmtu(struct dst_entry *dst);
990 1004
1005#ifdef CONFIG_XFRM_MIGRATE
1006extern int km_migrate(struct xfrm_selector *sel, u8 dir, u8 type,
1007 struct xfrm_migrate *m, int num_bundles);
1008extern struct xfrm_state * xfrm_migrate_state_find(struct xfrm_migrate *m);
1009extern struct xfrm_state * xfrm_state_migrate(struct xfrm_state *x,
1010 struct xfrm_migrate *m);
1011extern int xfrm_migrate(struct xfrm_selector *sel, u8 dir, u8 type,
1012 struct xfrm_migrate *m, int num_bundles);
1013#endif
1014
991extern wait_queue_head_t km_waitq; 1015extern wait_queue_head_t km_waitq;
992extern int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, __be16 sport); 1016extern int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, __be16 sport);
993extern void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 pid); 1017extern void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 pid);
@@ -1053,5 +1077,25 @@ static inline void xfrm_aevent_doreplay(struct xfrm_state *x)
1053 xfrm_replay_notify(x, XFRM_REPLAY_UPDATE); 1077 xfrm_replay_notify(x, XFRM_REPLAY_UPDATE);
1054} 1078}
1055 1079
1080#ifdef CONFIG_XFRM_MIGRATE
1081static inline struct xfrm_algo *xfrm_algo_clone(struct xfrm_algo *orig)
1082{
1083 return (struct xfrm_algo *)kmemdup(orig, sizeof(*orig) + orig->alg_key_len, GFP_KERNEL);
1084}
1085
1086static inline void xfrm_states_put(struct xfrm_state **states, int n)
1087{
1088 int i;
1089 for (i = 0; i < n; i++)
1090 xfrm_state_put(*(states + i));
1091}
1092
1093static inline void xfrm_states_delete(struct xfrm_state **states, int n)
1094{
1095 int i;
1096 for (i = 0; i < n; i++)
1097 xfrm_state_delete(*(states + i));
1098}
1099#endif
1056 1100
1057#endif /* _NET_XFRM_H */ 1101#endif /* _NET_XFRM_H */