aboutsummaryrefslogtreecommitdiffstats
path: root/net/key/af_key.c
diff options
context:
space:
mode:
authorMasahide NAKAMURA <nakam@linux-ipv6.org>2006-08-24 01:49:28 -0400
committerDavid S. Miller <davem@sunset.davemloft.net>2006-09-22 18:08:35 -0400
commitf7b6983f0feeefcd2a594138adcffe640593d8de (patch)
tree41878fad9f0f0306718fa832eac7dfa76f51222d /net/key/af_key.c
parent41a49cc3c02ace59d4dddae91ea211c330970ee3 (diff)
[XFRM] POLICY: Support netlink socket interface for sub policy.
Sub policy can be used through netlink socket. PF_KEY uses main only and it is TODO to support sub. Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/key/af_key.c')
-rw-r--r--net/key/af_key.c18
1 files changed, 13 insertions, 5 deletions
diff --git a/net/key/af_key.c b/net/key/af_key.c
index 19e047b0e678..83b443ddc72f 100644
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -1731,7 +1731,8 @@ static u32 gen_reqid(void)
1731 ++reqid; 1731 ++reqid;
1732 if (reqid == 0) 1732 if (reqid == 0)
1733 reqid = IPSEC_MANUAL_REQID_MAX+1; 1733 reqid = IPSEC_MANUAL_REQID_MAX+1;
1734 if (xfrm_policy_walk(check_reqid, (void*)&reqid) != -EEXIST) 1734 if (xfrm_policy_walk(XFRM_POLICY_TYPE_MAIN, check_reqid,
1735 (void*)&reqid) != -EEXIST)
1735 return reqid; 1736 return reqid;
1736 } while (reqid != start); 1737 } while (reqid != start);
1737 return 0; 1738 return 0;
@@ -2268,7 +2269,8 @@ static int pfkey_spddelete(struct sock *sk, struct sk_buff *skb, struct sadb_msg
2268 return err; 2269 return err;
2269 } 2270 }
2270 2271
2271 xp = xfrm_policy_bysel_ctx(pol->sadb_x_policy_dir-1, &sel, tmp.security, 1); 2272 xp = xfrm_policy_bysel_ctx(XFRM_POLICY_TYPE_MAIN, pol->sadb_x_policy_dir-1,
2273 &sel, tmp.security, 1);
2272 security_xfrm_policy_free(&tmp); 2274 security_xfrm_policy_free(&tmp);
2273 if (xp == NULL) 2275 if (xp == NULL)
2274 return -ENOENT; 2276 return -ENOENT;
@@ -2330,7 +2332,7 @@ static int pfkey_spdget(struct sock *sk, struct sk_buff *skb, struct sadb_msg *h
2330 if (dir >= XFRM_POLICY_MAX) 2332 if (dir >= XFRM_POLICY_MAX)
2331 return -EINVAL; 2333 return -EINVAL;
2332 2334
2333 xp = xfrm_policy_byid(dir, pol->sadb_x_policy_id, 2335 xp = xfrm_policy_byid(XFRM_POLICY_TYPE_MAIN, dir, pol->sadb_x_policy_id,
2334 hdr->sadb_msg_type == SADB_X_SPDDELETE2); 2336 hdr->sadb_msg_type == SADB_X_SPDDELETE2);
2335 if (xp == NULL) 2337 if (xp == NULL)
2336 return -ENOENT; 2338 return -ENOENT;
@@ -2378,7 +2380,7 @@ static int pfkey_spddump(struct sock *sk, struct sk_buff *skb, struct sadb_msg *
2378{ 2380{
2379 struct pfkey_dump_data data = { .skb = skb, .hdr = hdr, .sk = sk }; 2381 struct pfkey_dump_data data = { .skb = skb, .hdr = hdr, .sk = sk };
2380 2382
2381 return xfrm_policy_walk(dump_sp, &data); 2383 return xfrm_policy_walk(XFRM_POLICY_TYPE_MAIN, dump_sp, &data);
2382} 2384}
2383 2385
2384static int key_notify_policy_flush(struct km_event *c) 2386static int key_notify_policy_flush(struct km_event *c)
@@ -2405,7 +2407,8 @@ static int pfkey_spdflush(struct sock *sk, struct sk_buff *skb, struct sadb_msg
2405{ 2407{
2406 struct km_event c; 2408 struct km_event c;
2407 2409
2408 xfrm_policy_flush(); 2410 xfrm_policy_flush(XFRM_POLICY_TYPE_MAIN);
2411 c.data.type = XFRM_POLICY_TYPE_MAIN;
2409 c.event = XFRM_MSG_FLUSHPOLICY; 2412 c.event = XFRM_MSG_FLUSHPOLICY;
2410 c.pid = hdr->sadb_msg_pid; 2413 c.pid = hdr->sadb_msg_pid;
2411 c.seq = hdr->sadb_msg_seq; 2414 c.seq = hdr->sadb_msg_seq;
@@ -2667,6 +2670,9 @@ static int pfkey_send_notify(struct xfrm_state *x, struct km_event *c)
2667 2670
2668static int pfkey_send_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c) 2671static int pfkey_send_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c)
2669{ 2672{
2673 if (xp && xp->type != XFRM_POLICY_TYPE_MAIN)
2674 return 0;
2675
2670 switch (c->event) { 2676 switch (c->event) {
2671 case XFRM_MSG_POLEXPIRE: 2677 case XFRM_MSG_POLEXPIRE:
2672 return key_notify_policy_expire(xp, c); 2678 return key_notify_policy_expire(xp, c);
@@ -2675,6 +2681,8 @@ static int pfkey_send_policy_notify(struct xfrm_policy *xp, int dir, struct km_e
2675 case XFRM_MSG_UPDPOLICY: 2681 case XFRM_MSG_UPDPOLICY:
2676 return key_notify_policy(xp, dir, c); 2682 return key_notify_policy(xp, dir, c);
2677 case XFRM_MSG_FLUSHPOLICY: 2683 case XFRM_MSG_FLUSHPOLICY:
2684 if (c->data.type != XFRM_POLICY_TYPE_MAIN)
2685 break;
2678 return key_notify_policy_flush(c); 2686 return key_notify_policy_flush(c);
2679 default: 2687 default:
2680 printk("pfkey: Unknown policy event %d\n", c->event); 2688 printk("pfkey: Unknown policy event %d\n", c->event);