[IPSEC]: Sync series - core changes

This patch provides the core functionality needed for sync events for ipsec. Derived work of Krisztian KOVACS <hidden@balabit.hu> Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Jamal Hadi Salim <hadi@cyberus.ca> 2006-03-20 22:15:11 -0500
committer: David S. Miller <davem@davemloft.net> 2006-03-20 22:15:11 -0500
commit: f8cd54884e675dfaf0c86cc7c088adb6ca9d7638 (patch)
tree: 7850e8ebebf1f8543c96acdd7c197003b3b4d54c /include/net
parent: f5539eb8caa52a9198079df767cc1bb5494e69e3 (diff)
1 files changed, 43 insertions, 1 deletions
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index 8d362c49b8a9..bc005e62e434 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -20,6 +20,10 @@
 #define XFRM_ALIGN8(len)        (((len) + 7) & ~7)
+extern struct sock *xfrm_nl;
+extern u32 sysctl_xfrm_aevent_etime;
+extern u32 sysctl_xfrm_aevent_rseqth;
 extern struct semaphore xfrm_cfg_sem;
 /* Organization of SPD aka "XFRM rules"
@@ -135,6 +139,16 @@ struct xfrm_state
        /* State for replay detection */
        struct xfrm_replay_state replay;
+        /* Replay detection state at the time we sent the last notification */
+        struct xfrm_replay_state preplay;
+        /* Replay detection notification settings */
+        u32                     replay_maxage;
+        u32                     replay_maxdiff;
+        /* Replay detection notification timer */
+        struct timer_list       rtimer;
        /* Statistics */
        struct xfrm_stats       stats;
@@ -169,6 +183,7 @@ struct km_event
                u32 hard;
                u32 proto;
                u32 byid;
+                u32 aevent;
        } data;
        u32     seq;
@@ -305,7 +320,21 @@ struct xfrm_policy
        struct xfrm_tmpl        xfrm_vec[XFRM_MAX_DEPTH];
 };
-#define XFRM_KM_TIMEOUT         30
+#define XFRM_KM_TIMEOUT                30
+/* which seqno */
+#define XFRM_REPLAY_SEQ         1
+#define XFRM_REPLAY_OSEQ        2
+#define XFRM_REPLAY_SEQ_MASK    3
+/* what happened */
+#define XFRM_REPLAY_UPDATE      XFRM_AE_CR
+#define XFRM_REPLAY_TIMEOUT     XFRM_AE_CE
+/* default aevent timeout in units of 100ms */
+#define XFRM_AE_ETIME                   10
+/* Async Event timer multiplier */
+#define XFRM_AE_ETH_M                   10
+/* default seq threshold size */
+#define XFRM_AE_SEQT_SIZE               2
 struct xfrm_mgr
 {
@@ -865,6 +894,7 @@ extern int xfrm_state_delete(struct xfrm_state *x);
 extern void xfrm_state_flush(u8 proto);
 extern int xfrm_replay_check(struct xfrm_state *x, u32 seq);
 extern void xfrm_replay_advance(struct xfrm_state *x, u32 seq);
+extern void xfrm_replay_notify(struct xfrm_state *x, int event);
 extern int xfrm_state_check(struct xfrm_state *x, struct sk_buff *skb);
 extern int xfrm_state_mtu(struct xfrm_state *x, int mtu);
 extern int xfrm_init_state(struct xfrm_state *x);
@@ -965,4 +995,16 @@ static inline int xfrm_policy_id2dir(u32 index)
        return index & 7;
 }
+static inline int xfrm_aevent_is_on(void)
+{
+        return netlink_has_listeners(xfrm_nl,XFRMNLGRP_AEVENTS);
+}
+static inline void xfrm_aevent_doreplay(struct xfrm_state *x)
+{
+        if (xfrm_aevent_is_on())
+                xfrm_replay_notify(x, XFRM_REPLAY_UPDATE);
+}
 #endif  /* _NET_XFRM_H */
author	Jamal Hadi Salim <hadi@cyberus.ca>	2006-03-20 22:15:11 -0500
committer	David S. Miller <davem@davemloft.net>	2006-03-20 22:15:11 -0500
commit	f8cd54884e675dfaf0c86cc7c088adb6ca9d7638 (patch)
tree	7850e8ebebf1f8543c96acdd7c197003b3b4d54c /include/net
parent	f5539eb8caa52a9198079df767cc1bb5494e69e3 (diff)

diff --git a/include/net/xfrm.h b/include/net/xfrm.h index 8d362c49b8a9..bc005e62e434 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h
@@ -20,6 +20,10 @@
20		20
21	#define XFRM_ALIGN8(len) (((len) + 7) & ~7)	21	#define XFRM_ALIGN8(len) (((len) + 7) & ~7)
22		22
		23	extern struct sock *xfrm_nl;
		24	extern u32 sysctl_xfrm_aevent_etime;
		25	extern u32 sysctl_xfrm_aevent_rseqth;
		26
23	extern struct semaphore xfrm_cfg_sem;	27	extern struct semaphore xfrm_cfg_sem;
24		28
25	/* Organization of SPD aka "XFRM rules"	29	/* Organization of SPD aka "XFRM rules"
@@ -135,6 +139,16 @@ struct xfrm_state
135	/* State for replay detection */	139	/* State for replay detection */
136	struct xfrm_replay_state replay;	140	struct xfrm_replay_state replay;
137		141
		142	/* Replay detection state at the time we sent the last notification */
		143	struct xfrm_replay_state preplay;
		144
		145	/* Replay detection notification settings */
		146	u32 replay_maxage;
		147	u32 replay_maxdiff;
		148
		149	/* Replay detection notification timer */
		150	struct timer_list rtimer;
		151
138	/* Statistics */	152	/* Statistics */
139	struct xfrm_stats stats;	153	struct xfrm_stats stats;
140		154
@@ -169,6 +183,7 @@ struct km_event
169	u32 hard;	183	u32 hard;
170	u32 proto;	184	u32 proto;
171	u32 byid;	185	u32 byid;
		186	u32 aevent;
172	} data;	187	} data;
173		188
174	u32 seq;	189	u32 seq;
@@ -305,7 +320,21 @@ struct xfrm_policy
305	struct xfrm_tmpl xfrm_vec[XFRM_MAX_DEPTH];	320	struct xfrm_tmpl xfrm_vec[XFRM_MAX_DEPTH];
306	};	321	};
307		322
308	#define XFRM_KM_TIMEOUT 30	323	#define XFRM_KM_TIMEOUT 30
		324	/* which seqno */
		325	#define XFRM_REPLAY_SEQ 1
		326	#define XFRM_REPLAY_OSEQ 2
		327	#define XFRM_REPLAY_SEQ_MASK 3
		328	/* what happened */
		329	#define XFRM_REPLAY_UPDATE XFRM_AE_CR
		330	#define XFRM_REPLAY_TIMEOUT XFRM_AE_CE
		331
		332	/* default aevent timeout in units of 100ms */
		333	#define XFRM_AE_ETIME 10
		334	/* Async Event timer multiplier */
		335	#define XFRM_AE_ETH_M 10
		336	/* default seq threshold size */
		337	#define XFRM_AE_SEQT_SIZE 2
309		338
310	struct xfrm_mgr	339	struct xfrm_mgr
311	{	340	{
@@ -865,6 +894,7 @@ extern int xfrm_state_delete(struct xfrm_state *x);
865	extern void xfrm_state_flush(u8 proto);	894	extern void xfrm_state_flush(u8 proto);
866	extern int xfrm_replay_check(struct xfrm_state *x, u32 seq);	895	extern int xfrm_replay_check(struct xfrm_state *x, u32 seq);
867	extern void xfrm_replay_advance(struct xfrm_state *x, u32 seq);	896	extern void xfrm_replay_advance(struct xfrm_state *x, u32 seq);
		897	extern void xfrm_replay_notify(struct xfrm_state *x, int event);
868	extern int xfrm_state_check(struct xfrm_state x, struct sk_buff skb);	898	extern int xfrm_state_check(struct xfrm_state x, struct sk_buff skb);
869	extern int xfrm_state_mtu(struct xfrm_state *x, int mtu);	899	extern int xfrm_state_mtu(struct xfrm_state *x, int mtu);
870	extern int xfrm_init_state(struct xfrm_state *x);	900	extern int xfrm_init_state(struct xfrm_state *x);
@@ -965,4 +995,16 @@ static inline int xfrm_policy_id2dir(u32 index)
965	return index & 7;	995	return index & 7;
966	}	996	}
967		997
		998	static inline int xfrm_aevent_is_on(void)
		999	{
		1000	return netlink_has_listeners(xfrm_nl,XFRMNLGRP_AEVENTS);
		1001	}
		1002
		1003	static inline void xfrm_aevent_doreplay(struct xfrm_state *x)
		1004	{
		1005	if (xfrm_aevent_is_on())
		1006	xfrm_replay_notify(x, XFRM_REPLAY_UPDATE);
		1007	}
		1008
		1009
968	#endif /* _NET_XFRM_H */	1010	#endif /* _NET_XFRM_H */