aboutsummaryrefslogtreecommitdiffstats
path: root/net/xfrm
diff options
context:
space:
mode:
authorMasahide NAKAMURA <nakam@linux-ipv6.org>2006-09-22 18:05:15 -0400
committerDavid S. Miller <davem@davemloft.net>2006-09-22 18:05:15 -0400
commit7e49e6de30efa716614e280d97963c570f3acf29 (patch)
tree8eaef9d40300d16a7675722e082c5d8ab2a53d40 /net/xfrm
parent77d16f450ae0452d7d4b009f78debb1294fb435c (diff)
[XFRM]: Add XFRM_MODE_xxx for future use.
Transformation mode is used as either IPsec transport or tunnel. It is required to add two more items, route optimization and inbound trigger for Mobile IPv6. Based on MIPL2 kernel patch. This patch was also written by: Ville Nuorvala <vnuorval@tcs.hut.fi> Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/xfrm')
-rw-r--r--net/xfrm/xfrm_policy.c11
-rw-r--r--net/xfrm/xfrm_user.c4
2 files changed, 8 insertions, 7 deletions
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index 32c963c90573..a0d58971391d 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -779,7 +779,7 @@ xfrm_tmpl_resolve(struct xfrm_policy *policy, struct flowi *fl,
779 xfrm_address_t *local = saddr; 779 xfrm_address_t *local = saddr;
780 struct xfrm_tmpl *tmpl = &policy->xfrm_vec[i]; 780 struct xfrm_tmpl *tmpl = &policy->xfrm_vec[i];
781 781
782 if (tmpl->mode) { 782 if (tmpl->mode == XFRM_MODE_TUNNEL) {
783 remote = &tmpl->id.daddr; 783 remote = &tmpl->id.daddr;
784 local = &tmpl->saddr; 784 local = &tmpl->saddr;
785 } 785 }
@@ -1005,7 +1005,8 @@ xfrm_state_ok(struct xfrm_tmpl *tmpl, struct xfrm_state *x,
1005 (x->props.reqid == tmpl->reqid || !tmpl->reqid) && 1005 (x->props.reqid == tmpl->reqid || !tmpl->reqid) &&
1006 x->props.mode == tmpl->mode && 1006 x->props.mode == tmpl->mode &&
1007 (tmpl->aalgos & (1<<x->props.aalgo)) && 1007 (tmpl->aalgos & (1<<x->props.aalgo)) &&
1008 !(x->props.mode && xfrm_state_addr_cmp(tmpl, x, family)); 1008 !(x->props.mode != XFRM_MODE_TRANSPORT &&
1009 xfrm_state_addr_cmp(tmpl, x, family));
1009} 1010}
1010 1011
1011static inline int 1012static inline int
@@ -1015,14 +1016,14 @@ xfrm_policy_ok(struct xfrm_tmpl *tmpl, struct sec_path *sp, int start,
1015 int idx = start; 1016 int idx = start;
1016 1017
1017 if (tmpl->optional) { 1018 if (tmpl->optional) {
1018 if (!tmpl->mode) 1019 if (tmpl->mode == XFRM_MODE_TRANSPORT)
1019 return start; 1020 return start;
1020 } else 1021 } else
1021 start = -1; 1022 start = -1;
1022 for (; idx < sp->len; idx++) { 1023 for (; idx < sp->len; idx++) {
1023 if (xfrm_state_ok(tmpl, sp->xvec[idx], family)) 1024 if (xfrm_state_ok(tmpl, sp->xvec[idx], family))
1024 return ++idx; 1025 return ++idx;
1025 if (sp->xvec[idx]->props.mode) 1026 if (sp->xvec[idx]->props.mode != XFRM_MODE_TRANSPORT)
1026 break; 1027 break;
1027 } 1028 }
1028 return start; 1029 return start;
@@ -1047,7 +1048,7 @@ EXPORT_SYMBOL(xfrm_decode_session);
1047static inline int secpath_has_tunnel(struct sec_path *sp, int k) 1048static inline int secpath_has_tunnel(struct sec_path *sp, int k)
1048{ 1049{
1049 for (; k < sp->len; k++) { 1050 for (; k < sp->len; k++) {
1050 if (sp->xvec[k]->props.mode) 1051 if (sp->xvec[k]->props.mode != XFRM_MODE_TRANSPORT)
1051 return 1; 1052 return 1;
1052 } 1053 }
1053 1054
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index f70e158874d2..0d580ac19771 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -174,8 +174,8 @@ static int verify_newsa_info(struct xfrm_usersa_info *p,
174 174
175 err = -EINVAL; 175 err = -EINVAL;
176 switch (p->mode) { 176 switch (p->mode) {
177 case 0: 177 case XFRM_MODE_TRANSPORT:
178 case 1: 178 case XFRM_MODE_TUNNEL:
179 break; 179 break;
180 180
181 default: 181 default:
generated by cgit v1.2.2 (git 2.25.0) at 2024-09-20 01:54:01 -0400