diff options
author | Jamal Hadi Salim <hadi@cyberus.ca> | 2005-06-19 01:42:13 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2005-06-19 01:42:13 -0400 |
commit | 26b15dad9f1c19d6d4f7b999b07eaa6d98e4b375 (patch) | |
tree | 2ca3039488d9df023fb84eaa7c1f52aa8d1ce69c /include | |
parent | 3aa3dfb372576f30835a94409556e3c8681b5756 (diff) |
[IPSEC] Add complete xfrm event notification
Heres the final patch.
What this patch provides
- netlink xfrm events
- ability to have events generated by netlink propagated to pfkey
and vice versa.
- fixes the acquire lets-be-happy-with-one-success issue
Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/xfrm.h | 2 | ||||
-rw-r--r-- | include/net/xfrm.h | 29 |
2 files changed, 28 insertions, 3 deletions
diff --git a/include/linux/xfrm.h b/include/linux/xfrm.h index fd2ef742a9fd..03bc600516ea 100644 --- a/include/linux/xfrm.h +++ b/include/linux/xfrm.h | |||
@@ -257,5 +257,7 @@ struct xfrm_usersa_flush { | |||
257 | 257 | ||
258 | #define XFRMGRP_ACQUIRE 1 | 258 | #define XFRMGRP_ACQUIRE 1 |
259 | #define XFRMGRP_EXPIRE 2 | 259 | #define XFRMGRP_EXPIRE 2 |
260 | #define XFRMGRP_SA 4 | ||
261 | #define XFRMGRP_POLICY 8 | ||
260 | 262 | ||
261 | #endif /* _LINUX_XFRM_H */ | 263 | #endif /* _LINUX_XFRM_H */ |
diff --git a/include/net/xfrm.h b/include/net/xfrm.h index d675836ba6c3..a159655ebede 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h | |||
@@ -158,6 +158,27 @@ enum { | |||
158 | XFRM_STATE_DEAD | 158 | XFRM_STATE_DEAD |
159 | }; | 159 | }; |
160 | 160 | ||
161 | /* events that could be sent by kernel */ | ||
162 | enum { | ||
163 | XFRM_SAP_INVALID, | ||
164 | XFRM_SAP_EXPIRED, | ||
165 | XFRM_SAP_ADDED, | ||
166 | XFRM_SAP_UPDATED, | ||
167 | XFRM_SAP_DELETED, | ||
168 | XFRM_SAP_FLUSHED, | ||
169 | __XFRM_SAP_MAX | ||
170 | }; | ||
171 | #define XFRM_SAP_MAX (__XFRM_SAP_MAX - 1) | ||
172 | |||
173 | /* callback structure passed from either netlink or pfkey */ | ||
174 | struct km_event | ||
175 | { | ||
176 | u32 data; | ||
177 | u32 seq; | ||
178 | u32 pid; | ||
179 | u32 event; | ||
180 | }; | ||
181 | |||
161 | struct xfrm_type; | 182 | struct xfrm_type; |
162 | struct xfrm_dst; | 183 | struct xfrm_dst; |
163 | struct xfrm_policy_afinfo { | 184 | struct xfrm_policy_afinfo { |
@@ -179,6 +200,8 @@ struct xfrm_policy_afinfo { | |||
179 | 200 | ||
180 | extern int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo); | 201 | extern int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo); |
181 | extern int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo); | 202 | extern int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo); |
203 | extern void km_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c); | ||
204 | extern void km_state_notify(struct xfrm_state *x, struct km_event *c); | ||
182 | 205 | ||
183 | #define XFRM_ACQ_EXPIRES 30 | 206 | #define XFRM_ACQ_EXPIRES 30 |
184 | 207 | ||
@@ -290,11 +313,11 @@ struct xfrm_mgr | |||
290 | { | 313 | { |
291 | struct list_head list; | 314 | struct list_head list; |
292 | char *id; | 315 | char *id; |
293 | int (*notify)(struct xfrm_state *x, int event); | 316 | int (*notify)(struct xfrm_state *x, struct km_event *c); |
294 | int (*acquire)(struct xfrm_state *x, struct xfrm_tmpl *, struct xfrm_policy *xp, int dir); | 317 | int (*acquire)(struct xfrm_state *x, struct xfrm_tmpl *, struct xfrm_policy *xp, int dir); |
295 | struct xfrm_policy *(*compile_policy)(u16 family, int opt, u8 *data, int len, int *dir); | 318 | struct xfrm_policy *(*compile_policy)(u16 family, int opt, u8 *data, int len, int *dir); |
296 | int (*new_mapping)(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport); | 319 | int (*new_mapping)(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport); |
297 | int (*notify_policy)(struct xfrm_policy *x, int dir, int event); | 320 | int (*notify_policy)(struct xfrm_policy *x, int dir, struct km_event *c); |
298 | }; | 321 | }; |
299 | 322 | ||
300 | extern int xfrm_register_km(struct xfrm_mgr *km); | 323 | extern int xfrm_register_km(struct xfrm_mgr *km); |
@@ -817,7 +840,7 @@ extern int xfrm_state_add(struct xfrm_state *x); | |||
817 | extern int xfrm_state_update(struct xfrm_state *x); | 840 | extern int xfrm_state_update(struct xfrm_state *x); |
818 | extern struct xfrm_state *xfrm_state_lookup(xfrm_address_t *daddr, u32 spi, u8 proto, unsigned short family); | 841 | extern struct xfrm_state *xfrm_state_lookup(xfrm_address_t *daddr, u32 spi, u8 proto, unsigned short family); |
819 | extern struct xfrm_state *xfrm_find_acq_byseq(u32 seq); | 842 | extern struct xfrm_state *xfrm_find_acq_byseq(u32 seq); |
820 | extern void xfrm_state_delete(struct xfrm_state *x); | 843 | extern int xfrm_state_delete(struct xfrm_state *x); |
821 | extern void xfrm_state_flush(u8 proto); | 844 | extern void xfrm_state_flush(u8 proto); |
822 | extern int xfrm_replay_check(struct xfrm_state *x, u32 seq); | 845 | extern int xfrm_replay_check(struct xfrm_state *x, u32 seq); |
823 | extern void xfrm_replay_advance(struct xfrm_state *x, u32 seq); | 846 | extern void xfrm_replay_advance(struct xfrm_state *x, u32 seq); |