diff options
| author | Arnaud Ebalard <arno@natisbad.org> | 2008-10-05 16:33:42 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2008-10-05 16:33:42 -0400 |
| commit | 13c1d18931ebb5cf407cb348ef2cd6284d68902d (patch) | |
| tree | 6d590f85e48b4cce8f67e42c65b88fce8fcc49c6 /include/linux | |
| parent | 95430c0b140c31cb9e39f876afe1c0e9947d1aaf (diff) | |
xfrm: MIGRATE enhancements (draft-ebalard-mext-pfkey-enhanced-migrate)
Provides implementation of the enhancements of XFRM/PF_KEY MIGRATE mechanism
specified in draft-ebalard-mext-pfkey-enhanced-migrate-00. Defines associated
PF_KEY SADB_X_EXT_KMADDRESS extension and XFRM/netlink XFRMA_KMADDRESS
attribute.
Signed-off-by: Arnaud Ebalard <arno@natisbad.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/linux')
| -rw-r--r-- | include/linux/pfkeyv2.h | 13 | ||||
| -rw-r--r-- | include/linux/xfrm.h | 10 |
2 files changed, 22 insertions, 1 deletions
diff --git a/include/linux/pfkeyv2.h b/include/linux/pfkeyv2.h index 700725ddcaae..01b262959f2e 100644 --- a/include/linux/pfkeyv2.h +++ b/include/linux/pfkeyv2.h | |||
| @@ -226,6 +226,15 @@ struct sadb_x_sec_ctx { | |||
| 226 | } __attribute__((packed)); | 226 | } __attribute__((packed)); |
| 227 | /* sizeof(struct sadb_sec_ctx) = 8 */ | 227 | /* sizeof(struct sadb_sec_ctx) = 8 */ |
| 228 | 228 | ||
| 229 | /* Used by MIGRATE to pass addresses IKE will use to perform | ||
| 230 | * negotiation with the peer */ | ||
| 231 | struct sadb_x_kmaddress { | ||
| 232 | uint16_t sadb_x_kmaddress_len; | ||
| 233 | uint16_t sadb_x_kmaddress_exttype; | ||
| 234 | uint32_t sadb_x_kmaddress_reserved; | ||
| 235 | } __attribute__((packed)); | ||
| 236 | /* sizeof(struct sadb_x_kmaddress) == 8 */ | ||
| 237 | |||
| 229 | /* Message types */ | 238 | /* Message types */ |
| 230 | #define SADB_RESERVED 0 | 239 | #define SADB_RESERVED 0 |
| 231 | #define SADB_GETSPI 1 | 240 | #define SADB_GETSPI 1 |
| @@ -346,7 +355,9 @@ struct sadb_x_sec_ctx { | |||
| 346 | #define SADB_X_EXT_NAT_T_DPORT 22 | 355 | #define SADB_X_EXT_NAT_T_DPORT 22 |
| 347 | #define SADB_X_EXT_NAT_T_OA 23 | 356 | #define SADB_X_EXT_NAT_T_OA 23 |
| 348 | #define SADB_X_EXT_SEC_CTX 24 | 357 | #define SADB_X_EXT_SEC_CTX 24 |
| 349 | #define SADB_EXT_MAX 24 | 358 | /* Used with MIGRATE to pass @ to IKE for negotiation */ |
| 359 | #define SADB_X_EXT_KMADDRESS 25 | ||
| 360 | #define SADB_EXT_MAX 25 | ||
| 350 | 361 | ||
| 351 | /* Identity Extension values */ | 362 | /* Identity Extension values */ |
| 352 | #define SADB_IDENTTYPE_RESERVED 0 | 363 | #define SADB_IDENTTYPE_RESERVED 0 |
diff --git a/include/linux/xfrm.h b/include/linux/xfrm.h index fb0c215a3051..4bc1e6b86cb2 100644 --- a/include/linux/xfrm.h +++ b/include/linux/xfrm.h | |||
| @@ -279,6 +279,7 @@ enum xfrm_attr_type_t { | |||
| 279 | XFRMA_POLICY_TYPE, /* struct xfrm_userpolicy_type */ | 279 | XFRMA_POLICY_TYPE, /* struct xfrm_userpolicy_type */ |
| 280 | XFRMA_MIGRATE, | 280 | XFRMA_MIGRATE, |
| 281 | XFRMA_ALG_AEAD, /* struct xfrm_algo_aead */ | 281 | XFRMA_ALG_AEAD, /* struct xfrm_algo_aead */ |
| 282 | XFRMA_KMADDRESS, /* struct xfrm_user_kmaddress */ | ||
| 282 | __XFRMA_MAX | 283 | __XFRMA_MAX |
| 283 | 284 | ||
| 284 | #define XFRMA_MAX (__XFRMA_MAX - 1) | 285 | #define XFRMA_MAX (__XFRMA_MAX - 1) |
| @@ -415,6 +416,15 @@ struct xfrm_user_report { | |||
| 415 | struct xfrm_selector sel; | 416 | struct xfrm_selector sel; |
| 416 | }; | 417 | }; |
| 417 | 418 | ||
| 419 | /* Used by MIGRATE to pass addresses IKE should use to perform | ||
| 420 | * SA negotiation with the peer */ | ||
| 421 | struct xfrm_user_kmaddress { | ||
| 422 | xfrm_address_t local; | ||
| 423 | xfrm_address_t remote; | ||
| 424 | __u32 reserved; | ||
| 425 | __u16 family; | ||
| 426 | }; | ||
| 427 | |||
| 418 | struct xfrm_user_migrate { | 428 | struct xfrm_user_migrate { |
| 419 | xfrm_address_t old_daddr; | 429 | xfrm_address_t old_daddr; |
| 420 | xfrm_address_t old_saddr; | 430 | xfrm_address_t old_saddr; |