aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlexey Dobriyan <adobriyan@gmail.com>2008-11-25 20:59:27 -0500
committerDavid S. Miller <davem@davemloft.net>2008-11-25 20:59:27 -0500
commit4fb236bac9fc7d51e2267866de6d4c30e549d2f8 (patch)
treee3d024fe85be93a81553a910f556b818c8a85496
parent7013ec30e0e2bc5b1e602e19a4e0668f9b7c0a72 (diff)
netns xfrm: AH/ESP in netns!
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv4/ah4.c4
-rw-r--r--net/ipv4/esp4.c4
-rw-r--r--net/ipv6/ah6.c3
-rw-r--r--net/ipv6/esp6.c3
4 files changed, 10 insertions, 4 deletions
diff --git a/net/ipv4/ah4.c b/net/ipv4/ah4.c
index 750426b0a276..e878e494296e 100644
--- a/net/ipv4/ah4.c
+++ b/net/ipv4/ah4.c
@@ -201,6 +201,7 @@ out:
201 201
202static void ah4_err(struct sk_buff *skb, u32 info) 202static void ah4_err(struct sk_buff *skb, u32 info)
203{ 203{
204 struct net *net = dev_net(skb->dev);
204 struct iphdr *iph = (struct iphdr *)skb->data; 205 struct iphdr *iph = (struct iphdr *)skb->data;
205 struct ip_auth_hdr *ah = (struct ip_auth_hdr *)(skb->data+(iph->ihl<<2)); 206 struct ip_auth_hdr *ah = (struct ip_auth_hdr *)(skb->data+(iph->ihl<<2));
206 struct xfrm_state *x; 207 struct xfrm_state *x;
@@ -209,7 +210,7 @@ static void ah4_err(struct sk_buff *skb, u32 info)
209 icmp_hdr(skb)->code != ICMP_FRAG_NEEDED) 210 icmp_hdr(skb)->code != ICMP_FRAG_NEEDED)
210 return; 211 return;
211 212
212 x = xfrm_state_lookup(&init_net, (xfrm_address_t *)&iph->daddr, ah->spi, IPPROTO_AH, AF_INET); 213 x = xfrm_state_lookup(net, (xfrm_address_t *)&iph->daddr, ah->spi, IPPROTO_AH, AF_INET);
213 if (!x) 214 if (!x)
214 return; 215 return;
215 printk(KERN_DEBUG "pmtu discovery on SA AH/%08x/%08x\n", 216 printk(KERN_DEBUG "pmtu discovery on SA AH/%08x/%08x\n",
@@ -314,6 +315,7 @@ static struct net_protocol ah4_protocol = {
314 .handler = xfrm4_rcv, 315 .handler = xfrm4_rcv,
315 .err_handler = ah4_err, 316 .err_handler = ah4_err,
316 .no_policy = 1, 317 .no_policy = 1,
318 .netns_ok = 1,
317}; 319};
318 320
319static int __init ah4_init(void) 321static int __init ah4_init(void)
diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c
index 35950128aa94..18bb383ea393 100644
--- a/net/ipv4/esp4.c
+++ b/net/ipv4/esp4.c
@@ -413,6 +413,7 @@ static u32 esp4_get_mtu(struct xfrm_state *x, int mtu)
413 413
414static void esp4_err(struct sk_buff *skb, u32 info) 414static void esp4_err(struct sk_buff *skb, u32 info)
415{ 415{
416 struct net *net = dev_net(skb->dev);
416 struct iphdr *iph = (struct iphdr *)skb->data; 417 struct iphdr *iph = (struct iphdr *)skb->data;
417 struct ip_esp_hdr *esph = (struct ip_esp_hdr *)(skb->data+(iph->ihl<<2)); 418 struct ip_esp_hdr *esph = (struct ip_esp_hdr *)(skb->data+(iph->ihl<<2));
418 struct xfrm_state *x; 419 struct xfrm_state *x;
@@ -421,7 +422,7 @@ static void esp4_err(struct sk_buff *skb, u32 info)
421 icmp_hdr(skb)->code != ICMP_FRAG_NEEDED) 422 icmp_hdr(skb)->code != ICMP_FRAG_NEEDED)
422 return; 423 return;
423 424
424 x = xfrm_state_lookup(&init_net, (xfrm_address_t *)&iph->daddr, esph->spi, IPPROTO_ESP, AF_INET); 425 x = xfrm_state_lookup(net, (xfrm_address_t *)&iph->daddr, esph->spi, IPPROTO_ESP, AF_INET);
425 if (!x) 426 if (!x)
426 return; 427 return;
427 NETDEBUG(KERN_DEBUG "pmtu discovery on SA ESP/%08x/%08x\n", 428 NETDEBUG(KERN_DEBUG "pmtu discovery on SA ESP/%08x/%08x\n",
@@ -618,6 +619,7 @@ static struct net_protocol esp4_protocol = {
618 .handler = xfrm4_rcv, 619 .handler = xfrm4_rcv,
619 .err_handler = esp4_err, 620 .err_handler = esp4_err,
620 .no_policy = 1, 621 .no_policy = 1,
622 .netns_ok = 1,
621}; 623};
622 624
623static int __init esp4_init(void) 625static int __init esp4_init(void)
diff --git a/net/ipv6/ah6.c b/net/ipv6/ah6.c
index 6ae014b86b69..52449f7a1b71 100644
--- a/net/ipv6/ah6.c
+++ b/net/ipv6/ah6.c
@@ -407,6 +407,7 @@ out:
407static void ah6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, 407static void ah6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
408 int type, int code, int offset, __be32 info) 408 int type, int code, int offset, __be32 info)
409{ 409{
410 struct net *net = dev_net(skb->dev);
410 struct ipv6hdr *iph = (struct ipv6hdr*)skb->data; 411 struct ipv6hdr *iph = (struct ipv6hdr*)skb->data;
411 struct ip_auth_hdr *ah = (struct ip_auth_hdr*)(skb->data+offset); 412 struct ip_auth_hdr *ah = (struct ip_auth_hdr*)(skb->data+offset);
412 struct xfrm_state *x; 413 struct xfrm_state *x;
@@ -415,7 +416,7 @@ static void ah6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
415 type != ICMPV6_PKT_TOOBIG) 416 type != ICMPV6_PKT_TOOBIG)
416 return; 417 return;
417 418
418 x = xfrm_state_lookup(&init_net, (xfrm_address_t *)&iph->daddr, ah->spi, IPPROTO_AH, AF_INET6); 419 x = xfrm_state_lookup(net, (xfrm_address_t *)&iph->daddr, ah->spi, IPPROTO_AH, AF_INET6);
419 if (!x) 420 if (!x)
420 return; 421 return;
421 422
diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c
index 68f2af8c15c0..c2f250150db1 100644
--- a/net/ipv6/esp6.c
+++ b/net/ipv6/esp6.c
@@ -356,6 +356,7 @@ static u32 esp6_get_mtu(struct xfrm_state *x, int mtu)
356static void esp6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, 356static void esp6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
357 int type, int code, int offset, __be32 info) 357 int type, int code, int offset, __be32 info)
358{ 358{
359 struct net *net = dev_net(skb->dev);
359 struct ipv6hdr *iph = (struct ipv6hdr*)skb->data; 360 struct ipv6hdr *iph = (struct ipv6hdr*)skb->data;
360 struct ip_esp_hdr *esph = (struct ip_esp_hdr *)(skb->data + offset); 361 struct ip_esp_hdr *esph = (struct ip_esp_hdr *)(skb->data + offset);
361 struct xfrm_state *x; 362 struct xfrm_state *x;
@@ -364,7 +365,7 @@ static void esp6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
364 type != ICMPV6_PKT_TOOBIG) 365 type != ICMPV6_PKT_TOOBIG)
365 return; 366 return;
366 367
367 x = xfrm_state_lookup(&init_net, (xfrm_address_t *)&iph->daddr, esph->spi, IPPROTO_ESP, AF_INET6); 368 x = xfrm_state_lookup(net, (xfrm_address_t *)&iph->daddr, esph->spi, IPPROTO_ESP, AF_INET6);
368 if (!x) 369 if (!x)
369 return; 370 return;
370 printk(KERN_DEBUG "pmtu discovery on SA ESP/%08x/%pI6\n", 371 printk(KERN_DEBUG "pmtu discovery on SA ESP/%08x/%pI6\n",