aboutsummaryrefslogtreecommitdiffstats
path: root/include/net
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2007-12-11 12:32:34 -0500
committerDavid S. Miller <davem@davemloft.net>2008-01-28 17:53:43 -0500
commit25ee3286dcbc830a833354bb1d15567956844813 (patch)
treebb5597d9e148f363bf0bbcd1a7269b5f677f0103 /include/net
parent66cdb3ca27323a92712d289fc5edc7841d74a139 (diff)
[IPSEC]: Merge common code into xfrm_bundle_create
Half of the code in xfrm4_bundle_create and xfrm6_bundle_create are common. This patch extracts that logic and puts it into xfrm_bundle_create. The rest of it are then accessed through afinfo. As a result this fixes the problem with inter-family transforms where we treat every xfrm dst in the bundle as if it belongs to the top family. This patch also fixes a long-standing error-path bug where we may free the xfrm states twice. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net')
-rw-r--r--include/net/xfrm.h11
1 files changed, 4 insertions, 7 deletions
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index d427343f527b..c9345fe3f8d2 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -227,6 +227,7 @@ struct km_event
227 u32 event; 227 u32 event;
228}; 228};
229 229
230struct net_device;
230struct xfrm_type; 231struct xfrm_type;
231struct xfrm_dst; 232struct xfrm_dst;
232struct xfrm_policy_afinfo { 233struct xfrm_policy_afinfo {
@@ -237,13 +238,11 @@ struct xfrm_policy_afinfo {
237 xfrm_address_t *daddr); 238 xfrm_address_t *daddr);
238 int (*get_saddr)(xfrm_address_t *saddr, xfrm_address_t *daddr); 239 int (*get_saddr)(xfrm_address_t *saddr, xfrm_address_t *daddr);
239 struct dst_entry *(*find_bundle)(struct flowi *fl, struct xfrm_policy *policy); 240 struct dst_entry *(*find_bundle)(struct flowi *fl, struct xfrm_policy *policy);
240 int (*bundle_create)(struct xfrm_policy *policy,
241 struct xfrm_state **xfrm,
242 int nx,
243 struct flowi *fl,
244 struct dst_entry **dst_p);
245 void (*decode_session)(struct sk_buff *skb, 241 void (*decode_session)(struct sk_buff *skb,
246 struct flowi *fl); 242 struct flowi *fl);
243 int (*get_tos)(struct flowi *fl);
244 int (*fill_dst)(struct xfrm_dst *xdst,
245 struct net_device *dev);
247}; 246};
248 247
249extern int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo); 248extern int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo);
@@ -1094,7 +1093,6 @@ static inline int xfrm4_udp_encap_rcv(struct sock *sk, struct sk_buff *skb)
1094} 1093}
1095#endif 1094#endif
1096 1095
1097extern struct dst_entry *xfrm_dst_lookup(struct xfrm_state *x, int tos);
1098struct xfrm_policy *xfrm_policy_alloc(gfp_t gfp); 1096struct xfrm_policy *xfrm_policy_alloc(gfp_t gfp);
1099extern int xfrm_policy_walk(u8 type, int (*func)(struct xfrm_policy *, int, int, void*), void *); 1097extern int xfrm_policy_walk(u8 type, int (*func)(struct xfrm_policy *, int, int, void*), void *);
1100int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl); 1098int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl);
@@ -1113,7 +1111,6 @@ extern int xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info);
1113extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol); 1111extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol);
1114extern int xfrm_bundle_ok(struct xfrm_policy *pol, struct xfrm_dst *xdst, 1112extern int xfrm_bundle_ok(struct xfrm_policy *pol, struct xfrm_dst *xdst,
1115 struct flowi *fl, int family, int strict); 1113 struct flowi *fl, int family, int strict);
1116extern void xfrm_init_pmtu(struct dst_entry *dst);
1117 1114
1118#ifdef CONFIG_XFRM_MIGRATE 1115#ifdef CONFIG_XFRM_MIGRATE
1119extern int km_migrate(struct xfrm_selector *sel, u8 dir, u8 type, 1116extern int km_migrate(struct xfrm_selector *sel, u8 dir, u8 type,