diff options
| author | Herbert Xu <herbert@gondor.apana.org.au> | 2006-05-28 02:05:54 -0400 |
|---|---|---|
| committer | David S. Miller <davem@sunset.davemloft.net> | 2006-06-18 00:28:39 -0400 |
| commit | b59f45d0b2878ab76f8053b0973654e6621828ee (patch) | |
| tree | 40dc5e2ede2620f7935fb3dae0d0eb199851f611 /include/net/xfrm.h | |
| parent | 546be2405be119ef55467aace45f337a16e5d424 (diff) | |
[IPSEC] xfrm: Abstract out encapsulation modes
This patch adds the structure xfrm_mode. It is meant to represent
the operations carried out by transport/tunnel modes.
By doing this we allow additional encapsulation modes to be added
without clogging up the xfrm_input/xfrm_output paths.
Candidate modes include 4-to-6 tunnel mode, 6-to-4 tunnel mode, and
BEET modes.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net/xfrm.h')
| -rw-r--r-- | include/net/xfrm.h | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/include/net/xfrm.h b/include/net/xfrm.h index ed7c9747059d..ed5bb34f817f 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h | |||
| @@ -20,6 +20,8 @@ | |||
| 20 | #include <net/ip6_fib.h> | 20 | #include <net/ip6_fib.h> |
| 21 | 21 | ||
| 22 | #define XFRM_ALIGN8(len) (((len) + 7) & ~7) | 22 | #define XFRM_ALIGN8(len) (((len) + 7) & ~7) |
| 23 | #define MODULE_ALIAS_XFRM_MODE(family, encap) \ | ||
| 24 | MODULE_ALIAS("xfrm-mode-" __stringify(family) "-" __stringify(encap)) | ||
| 23 | 25 | ||
| 24 | extern struct sock *xfrm_nl; | 26 | extern struct sock *xfrm_nl; |
| 25 | extern u32 sysctl_xfrm_aevent_etime; | 27 | extern u32 sysctl_xfrm_aevent_etime; |
| @@ -164,6 +166,7 @@ struct xfrm_state | |||
| 164 | /* Reference to data common to all the instances of this | 166 | /* Reference to data common to all the instances of this |
| 165 | * transformer. */ | 167 | * transformer. */ |
| 166 | struct xfrm_type *type; | 168 | struct xfrm_type *type; |
| 169 | struct xfrm_mode *mode; | ||
| 167 | 170 | ||
| 168 | /* Security context */ | 171 | /* Security context */ |
| 169 | struct xfrm_sec_ctx *security; | 172 | struct xfrm_sec_ctx *security; |
| @@ -205,6 +208,7 @@ struct xfrm_dst; | |||
| 205 | struct xfrm_policy_afinfo { | 208 | struct xfrm_policy_afinfo { |
| 206 | unsigned short family; | 209 | unsigned short family; |
| 207 | struct xfrm_type *type_map[256]; | 210 | struct xfrm_type *type_map[256]; |
| 211 | struct xfrm_mode *mode_map[XFRM_MODE_MAX]; | ||
| 208 | struct dst_ops *dst_ops; | 212 | struct dst_ops *dst_ops; |
| 209 | void (*garbage_collect)(void); | 213 | void (*garbage_collect)(void); |
| 210 | int (*dst_lookup)(struct xfrm_dst **dst, struct flowi *fl); | 214 | int (*dst_lookup)(struct xfrm_dst **dst, struct flowi *fl); |
| @@ -267,6 +271,19 @@ extern int xfrm_unregister_type(struct xfrm_type *type, unsigned short family); | |||
| 267 | extern struct xfrm_type *xfrm_get_type(u8 proto, unsigned short family); | 271 | extern struct xfrm_type *xfrm_get_type(u8 proto, unsigned short family); |
| 268 | extern void xfrm_put_type(struct xfrm_type *type); | 272 | extern void xfrm_put_type(struct xfrm_type *type); |
| 269 | 273 | ||
| 274 | struct xfrm_mode { | ||
| 275 | int (*input)(struct xfrm_state *x, struct sk_buff *skb); | ||
| 276 | int (*output)(struct sk_buff *skb); | ||
| 277 | |||
| 278 | struct module *owner; | ||
| 279 | unsigned int encap; | ||
| 280 | }; | ||
| 281 | |||
| 282 | extern int xfrm_register_mode(struct xfrm_mode *mode, int family); | ||
| 283 | extern int xfrm_unregister_mode(struct xfrm_mode *mode, int family); | ||
| 284 | extern struct xfrm_mode *xfrm_get_mode(unsigned int encap, int family); | ||
| 285 | extern void xfrm_put_mode(struct xfrm_mode *mode); | ||
| 286 | |||
| 270 | struct xfrm_tmpl | 287 | struct xfrm_tmpl |
| 271 | { | 288 | { |
| 272 | /* id in template is interpreted as: | 289 | /* id in template is interpreted as: |