aboutsummaryrefslogtreecommitdiffstats
path: root/include/net/xfrm.h
diff options
context:
space:
mode:
Diffstat (limited to 'include/net/xfrm.h')
-rw-r--r--include/net/xfrm.h212
1 files changed, 124 insertions, 88 deletions
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index 9c5ee9f20b65..11e0b1d6bd47 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -8,8 +8,8 @@
8#include <linux/list.h> 8#include <linux/list.h>
9#include <linux/skbuff.h> 9#include <linux/skbuff.h>
10#include <linux/socket.h> 10#include <linux/socket.h>
11#include <linux/crypto.h>
12#include <linux/pfkeyv2.h> 11#include <linux/pfkeyv2.h>
12#include <linux/ipsec.h>
13#include <linux/in6.h> 13#include <linux/in6.h>
14#include <linux/mutex.h> 14#include <linux/mutex.h>
15 15
@@ -94,8 +94,9 @@ extern struct mutex xfrm_cfg_mutex;
94struct xfrm_state 94struct xfrm_state
95{ 95{
96 /* Note: bydst is re-used during gc */ 96 /* Note: bydst is re-used during gc */
97 struct list_head bydst; 97 struct hlist_node bydst;
98 struct list_head byspi; 98 struct hlist_node bysrc;
99 struct hlist_node byspi;
99 100
100 atomic_t refcnt; 101 atomic_t refcnt;
101 spinlock_t lock; 102 spinlock_t lock;
@@ -103,6 +104,8 @@ struct xfrm_state
103 struct xfrm_id id; 104 struct xfrm_id id;
104 struct xfrm_selector sel; 105 struct xfrm_selector sel;
105 106
107 u32 genid;
108
106 /* Key manger bits */ 109 /* Key manger bits */
107 struct { 110 struct {
108 u8 state; 111 u8 state;
@@ -133,6 +136,9 @@ struct xfrm_state
133 /* Data for encapsulator */ 136 /* Data for encapsulator */
134 struct xfrm_encap_tmpl *encap; 137 struct xfrm_encap_tmpl *encap;
135 138
139 /* Data for care-of address */
140 xfrm_address_t *coaddr;
141
136 /* IPComp needs an IPIP tunnel for handling uncompressed packets */ 142 /* IPComp needs an IPIP tunnel for handling uncompressed packets */
137 struct xfrm_state *tunnel; 143 struct xfrm_state *tunnel;
138 144
@@ -163,6 +169,9 @@ struct xfrm_state
163 struct xfrm_lifetime_cur curlft; 169 struct xfrm_lifetime_cur curlft;
164 struct timer_list timer; 170 struct timer_list timer;
165 171
172 /* Last used time */
173 u64 lastused;
174
166 /* Reference to data common to all the instances of this 175 /* Reference to data common to all the instances of this
167 * transformer. */ 176 * transformer. */
168 struct xfrm_type *type; 177 struct xfrm_type *type;
@@ -196,6 +205,7 @@ struct km_event
196 u32 proto; 205 u32 proto;
197 u32 byid; 206 u32 byid;
198 u32 aevent; 207 u32 aevent;
208 u32 type;
199 } data; 209 } data;
200 210
201 u32 seq; 211 u32 seq;
@@ -212,6 +222,7 @@ struct xfrm_policy_afinfo {
212 struct dst_ops *dst_ops; 222 struct dst_ops *dst_ops;
213 void (*garbage_collect)(void); 223 void (*garbage_collect)(void);
214 int (*dst_lookup)(struct xfrm_dst **dst, struct flowi *fl); 224 int (*dst_lookup)(struct xfrm_dst **dst, struct flowi *fl);
225 int (*get_saddr)(xfrm_address_t *saddr, xfrm_address_t *daddr);
215 struct dst_entry *(*find_bundle)(struct flowi *fl, struct xfrm_policy *policy); 226 struct dst_entry *(*find_bundle)(struct flowi *fl, struct xfrm_policy *policy);
216 int (*bundle_create)(struct xfrm_policy *policy, 227 int (*bundle_create)(struct xfrm_policy *policy,
217 struct xfrm_state **xfrm, 228 struct xfrm_state **xfrm,
@@ -235,16 +246,12 @@ extern int __xfrm_state_delete(struct xfrm_state *x);
235 246
236struct xfrm_state_afinfo { 247struct xfrm_state_afinfo {
237 unsigned short family; 248 unsigned short family;
238 struct list_head *state_bydst;
239 struct list_head *state_byspi;
240 int (*init_flags)(struct xfrm_state *x); 249 int (*init_flags)(struct xfrm_state *x);
241 void (*init_tempsel)(struct xfrm_state *x, struct flowi *fl, 250 void (*init_tempsel)(struct xfrm_state *x, struct flowi *fl,
242 struct xfrm_tmpl *tmpl, 251 struct xfrm_tmpl *tmpl,
243 xfrm_address_t *daddr, xfrm_address_t *saddr); 252 xfrm_address_t *daddr, xfrm_address_t *saddr);
244 struct xfrm_state *(*state_lookup)(xfrm_address_t *daddr, u32 spi, u8 proto); 253 int (*tmpl_sort)(struct xfrm_tmpl **dst, struct xfrm_tmpl **src, int n);
245 struct xfrm_state *(*find_acq)(u8 mode, u32 reqid, u8 proto, 254 int (*state_sort)(struct xfrm_state **dst, struct xfrm_state **src, int n);
246 xfrm_address_t *daddr, xfrm_address_t *saddr,
247 int create);
248}; 255};
249 256
250extern int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo); 257extern int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo);
@@ -257,11 +264,17 @@ struct xfrm_type
257 char *description; 264 char *description;
258 struct module *owner; 265 struct module *owner;
259 __u8 proto; 266 __u8 proto;
267 __u8 flags;
268#define XFRM_TYPE_NON_FRAGMENT 1
260 269
261 int (*init_state)(struct xfrm_state *x); 270 int (*init_state)(struct xfrm_state *x);
262 void (*destructor)(struct xfrm_state *); 271 void (*destructor)(struct xfrm_state *);
263 int (*input)(struct xfrm_state *, struct sk_buff *skb); 272 int (*input)(struct xfrm_state *, struct sk_buff *skb);
264 int (*output)(struct xfrm_state *, struct sk_buff *pskb); 273 int (*output)(struct xfrm_state *, struct sk_buff *pskb);
274 int (*reject)(struct xfrm_state *, struct sk_buff *, struct flowi *);
275 int (*hdr_offset)(struct xfrm_state *, struct sk_buff *, u8 **);
276 xfrm_address_t *(*local_addr)(struct xfrm_state *, xfrm_address_t *);
277 xfrm_address_t *(*remote_addr)(struct xfrm_state *, xfrm_address_t *);
265 /* Estimate maximal size of result of transformation of a dgram */ 278 /* Estimate maximal size of result of transformation of a dgram */
266 u32 (*get_max_size)(struct xfrm_state *, int size); 279 u32 (*get_max_size)(struct xfrm_state *, int size);
267}; 280};
@@ -273,7 +286,7 @@ extern void xfrm_put_type(struct xfrm_type *type);
273 286
274struct xfrm_mode { 287struct xfrm_mode {
275 int (*input)(struct xfrm_state *x, struct sk_buff *skb); 288 int (*input)(struct xfrm_state *x, struct sk_buff *skb);
276 int (*output)(struct sk_buff *skb); 289 int (*output)(struct xfrm_state *x,struct sk_buff *skb);
277 290
278 struct module *owner; 291 struct module *owner;
279 unsigned int encap; 292 unsigned int encap;
@@ -299,7 +312,7 @@ struct xfrm_tmpl
299 312
300 __u32 reqid; 313 __u32 reqid;
301 314
302/* Mode: transport/tunnel */ 315/* Mode: transport, tunnel etc. */
303 __u8 mode; 316 __u8 mode;
304 317
305/* Sharing mode: unique, this session only, this user only etc. */ 318/* Sharing mode: unique, this session only, this user only etc. */
@@ -314,18 +327,20 @@ struct xfrm_tmpl
314 __u32 calgos; 327 __u32 calgos;
315}; 328};
316 329
317#define XFRM_MAX_DEPTH 4 330#define XFRM_MAX_DEPTH 6
318 331
319struct xfrm_policy 332struct xfrm_policy
320{ 333{
321 struct xfrm_policy *next; 334 struct xfrm_policy *next;
322 struct list_head list; 335 struct hlist_node bydst;
336 struct hlist_node byidx;
323 337
324 /* This lock only affects elements except for entry. */ 338 /* This lock only affects elements except for entry. */
325 rwlock_t lock; 339 rwlock_t lock;
326 atomic_t refcnt; 340 atomic_t refcnt;
327 struct timer_list timer; 341 struct timer_list timer;
328 342
343 u8 type;
329 u32 priority; 344 u32 priority;
330 u32 index; 345 u32 index;
331 struct xfrm_selector selector; 346 struct xfrm_selector selector;
@@ -363,16 +378,16 @@ struct xfrm_mgr
363 char *id; 378 char *id;
364 int (*notify)(struct xfrm_state *x, struct km_event *c); 379 int (*notify)(struct xfrm_state *x, struct km_event *c);
365 int (*acquire)(struct xfrm_state *x, struct xfrm_tmpl *, struct xfrm_policy *xp, int dir); 380 int (*acquire)(struct xfrm_state *x, struct xfrm_tmpl *, struct xfrm_policy *xp, int dir);
366 struct xfrm_policy *(*compile_policy)(u16 family, int opt, u8 *data, int len, int *dir); 381 struct xfrm_policy *(*compile_policy)(struct sock *sk, int opt, u8 *data, int len, int *dir);
367 int (*new_mapping)(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport); 382 int (*new_mapping)(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport);
368 int (*notify_policy)(struct xfrm_policy *x, int dir, struct km_event *c); 383 int (*notify_policy)(struct xfrm_policy *x, int dir, struct km_event *c);
384 int (*report)(u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr);
369}; 385};
370 386
371extern int xfrm_register_km(struct xfrm_mgr *km); 387extern int xfrm_register_km(struct xfrm_mgr *km);
372extern int xfrm_unregister_km(struct xfrm_mgr *km); 388extern int xfrm_unregister_km(struct xfrm_mgr *km);
373 389
374 390extern unsigned int xfrm_policy_count[XFRM_POLICY_MAX*2];
375extern struct xfrm_policy *xfrm_policy_list[XFRM_POLICY_MAX*2];
376 391
377static inline void xfrm_pol_hold(struct xfrm_policy *policy) 392static inline void xfrm_pol_hold(struct xfrm_policy *policy)
378{ 393{
@@ -388,67 +403,19 @@ static inline void xfrm_pol_put(struct xfrm_policy *policy)
388 __xfrm_policy_destroy(policy); 403 __xfrm_policy_destroy(policy);
389} 404}
390 405
391#define XFRM_DST_HSIZE 1024 406#ifdef CONFIG_XFRM_SUB_POLICY
392 407static inline void xfrm_pols_put(struct xfrm_policy **pols, int npols)
393static __inline__
394unsigned __xfrm4_dst_hash(xfrm_address_t *addr)
395{
396 unsigned h;
397 h = ntohl(addr->a4);
398 h = (h ^ (h>>16)) % XFRM_DST_HSIZE;
399 return h;
400}
401
402static __inline__
403unsigned __xfrm6_dst_hash(xfrm_address_t *addr)
404{
405 unsigned h;
406 h = ntohl(addr->a6[2]^addr->a6[3]);
407 h = (h ^ (h>>16)) % XFRM_DST_HSIZE;
408 return h;
409}
410
411static __inline__
412unsigned xfrm_dst_hash(xfrm_address_t *addr, unsigned short family)
413{
414 switch (family) {
415 case AF_INET:
416 return __xfrm4_dst_hash(addr);
417 case AF_INET6:
418 return __xfrm6_dst_hash(addr);
419 }
420 return 0;
421}
422
423static __inline__
424unsigned __xfrm4_spi_hash(xfrm_address_t *addr, u32 spi, u8 proto)
425{ 408{
426 unsigned h; 409 int i;
427 h = ntohl(addr->a4^spi^proto); 410 for (i = npols - 1; i >= 0; --i)
428 h = (h ^ (h>>10) ^ (h>>20)) % XFRM_DST_HSIZE; 411 xfrm_pol_put(pols[i]);
429 return h;
430} 412}
431 413#else
432static __inline__ 414static inline void xfrm_pols_put(struct xfrm_policy **pols, int npols)
433unsigned __xfrm6_spi_hash(xfrm_address_t *addr, u32 spi, u8 proto)
434{
435 unsigned h;
436 h = ntohl(addr->a6[2]^addr->a6[3]^spi^proto);
437 h = (h ^ (h>>10) ^ (h>>20)) % XFRM_DST_HSIZE;
438 return h;
439}
440
441static __inline__
442unsigned xfrm_spi_hash(xfrm_address_t *addr, u32 spi, u8 proto, unsigned short family)
443{ 415{
444 switch (family) { 416 xfrm_pol_put(pols[0]);
445 case AF_INET:
446 return __xfrm4_spi_hash(addr, spi, proto);
447 case AF_INET6:
448 return __xfrm6_spi_hash(addr, spi, proto);
449 }
450 return 0; /*XXX*/
451} 417}
418#endif
452 419
453extern void __xfrm_state_destroy(struct xfrm_state *); 420extern void __xfrm_state_destroy(struct xfrm_state *);
454 421
@@ -508,6 +475,11 @@ u16 xfrm_flowi_sport(struct flowi *fl)
508 case IPPROTO_ICMPV6: 475 case IPPROTO_ICMPV6:
509 port = htons(fl->fl_icmp_type); 476 port = htons(fl->fl_icmp_type);
510 break; 477 break;
478#ifdef CONFIG_IPV6_MIP6
479 case IPPROTO_MH:
480 port = htons(fl->fl_mh_type);
481 break;
482#endif
511 default: 483 default:
512 port = 0; /*XXX*/ 484 port = 0; /*XXX*/
513 } 485 }
@@ -608,6 +580,7 @@ struct xfrm_dst
608 struct rt6_info rt6; 580 struct rt6_info rt6;
609 } u; 581 } u;
610 struct dst_entry *route; 582 struct dst_entry *route;
583 u32 genid;
611 u32 route_mtu_cached; 584 u32 route_mtu_cached;
612 u32 child_mtu_cached; 585 u32 child_mtu_cached;
613 u32 route_cookie; 586 u32 route_cookie;
@@ -659,6 +632,18 @@ secpath_reset(struct sk_buff *skb)
659} 632}
660 633
661static inline int 634static inline int
635xfrm_addr_any(xfrm_address_t *addr, unsigned short family)
636{
637 switch (family) {
638 case AF_INET:
639 return addr->a4 == 0;
640 case AF_INET6:
641 return ipv6_addr_any((struct in6_addr *)&addr->a6);
642 }
643 return 0;
644}
645
646static inline int
662__xfrm4_state_addr_cmp(struct xfrm_tmpl *tmpl, struct xfrm_state *x) 647__xfrm4_state_addr_cmp(struct xfrm_tmpl *tmpl, struct xfrm_state *x)
663{ 648{
664 return (tmpl->saddr.a4 && 649 return (tmpl->saddr.a4 &&
@@ -692,8 +677,8 @@ static inline int xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *sk
692{ 677{
693 if (sk && sk->sk_policy[XFRM_POLICY_IN]) 678 if (sk && sk->sk_policy[XFRM_POLICY_IN])
694 return __xfrm_policy_check(sk, dir, skb, family); 679 return __xfrm_policy_check(sk, dir, skb, family);
695 680
696 return (!xfrm_policy_list[dir] && !skb->sp) || 681 return (!xfrm_policy_count[dir] && !skb->sp) ||
697 (skb->dst->flags & DST_NOPOLICY) || 682 (skb->dst->flags & DST_NOPOLICY) ||
698 __xfrm_policy_check(sk, dir, skb, family); 683 __xfrm_policy_check(sk, dir, skb, family);
699} 684}
@@ -713,7 +698,7 @@ extern int __xfrm_route_forward(struct sk_buff *skb, unsigned short family);
713 698
714static inline int xfrm_route_forward(struct sk_buff *skb, unsigned short family) 699static inline int xfrm_route_forward(struct sk_buff *skb, unsigned short family)
715{ 700{
716 return !xfrm_policy_list[XFRM_POLICY_OUT] || 701 return !xfrm_policy_count[XFRM_POLICY_OUT] ||
717 (skb->dst->flags & DST_NOXFRM) || 702 (skb->dst->flags & DST_NOXFRM) ||
718 __xfrm_route_forward(skb, family); 703 __xfrm_route_forward(skb, family);
719} 704}
@@ -831,11 +816,36 @@ xfrm_state_addr_check(struct xfrm_state *x,
831 return 0; 816 return 0;
832} 817}
833 818
819static __inline__ int
820xfrm_state_addr_flow_check(struct xfrm_state *x, struct flowi *fl,
821 unsigned short family)
822{
823 switch (family) {
824 case AF_INET:
825 return __xfrm4_state_addr_check(x,
826 (xfrm_address_t *)&fl->fl4_dst,
827 (xfrm_address_t *)&fl->fl4_src);
828 case AF_INET6:
829 return __xfrm6_state_addr_check(x,
830 (xfrm_address_t *)&fl->fl6_dst,
831 (xfrm_address_t *)&fl->fl6_src);
832 }
833 return 0;
834}
835
834static inline int xfrm_state_kern(struct xfrm_state *x) 836static inline int xfrm_state_kern(struct xfrm_state *x)
835{ 837{
836 return atomic_read(&x->tunnel_users); 838 return atomic_read(&x->tunnel_users);
837} 839}
838 840
841static inline int xfrm_id_proto_match(u8 proto, u8 userproto)
842{
843 return (!userproto || proto == userproto ||
844 (userproto == IPSEC_PROTO_ANY && (proto == IPPROTO_AH ||
845 proto == IPPROTO_ESP ||
846 proto == IPPROTO_COMP)));
847}
848
839/* 849/*
840 * xfrm algorithm information 850 * xfrm algorithm information
841 */ 851 */
@@ -855,6 +865,7 @@ struct xfrm_algo_comp_info {
855 865
856struct xfrm_algo_desc { 866struct xfrm_algo_desc {
857 char *name; 867 char *name;
868 char *compat;
858 u8 available:1; 869 u8 available:1;
859 union { 870 union {
860 struct xfrm_algo_auth_info auth; 871 struct xfrm_algo_auth_info auth;
@@ -902,6 +913,25 @@ extern void xfrm_state_insert(struct xfrm_state *x);
902extern int xfrm_state_add(struct xfrm_state *x); 913extern int xfrm_state_add(struct xfrm_state *x);
903extern int xfrm_state_update(struct xfrm_state *x); 914extern int xfrm_state_update(struct xfrm_state *x);
904extern struct xfrm_state *xfrm_state_lookup(xfrm_address_t *daddr, u32 spi, u8 proto, unsigned short family); 915extern struct xfrm_state *xfrm_state_lookup(xfrm_address_t *daddr, u32 spi, u8 proto, unsigned short family);
916extern struct xfrm_state *xfrm_state_lookup_byaddr(xfrm_address_t *daddr, xfrm_address_t *saddr, u8 proto, unsigned short family);
917#ifdef CONFIG_XFRM_SUB_POLICY
918extern int xfrm_tmpl_sort(struct xfrm_tmpl **dst, struct xfrm_tmpl **src,
919 int n, unsigned short family);
920extern int xfrm_state_sort(struct xfrm_state **dst, struct xfrm_state **src,
921 int n, unsigned short family);
922#else
923static inline int xfrm_tmpl_sort(struct xfrm_tmpl **dst, struct xfrm_tmpl **src,
924 int n, unsigned short family)
925{
926 return -ENOSYS;
927}
928
929static inline int xfrm_state_sort(struct xfrm_state **dst, struct xfrm_state **src,
930 int n, unsigned short family)
931{
932 return -ENOSYS;
933}
934#endif
905extern struct xfrm_state *xfrm_find_acq_byseq(u32 seq); 935extern struct xfrm_state *xfrm_find_acq_byseq(u32 seq);
906extern int xfrm_state_delete(struct xfrm_state *x); 936extern int xfrm_state_delete(struct xfrm_state *x);
907extern void xfrm_state_flush(u8 proto); 937extern void xfrm_state_flush(u8 proto);
@@ -917,12 +947,16 @@ extern int xfrm4_tunnel_register(struct xfrm_tunnel *handler);
917extern int xfrm4_tunnel_deregister(struct xfrm_tunnel *handler); 947extern int xfrm4_tunnel_deregister(struct xfrm_tunnel *handler);
918extern int xfrm6_rcv_spi(struct sk_buff *skb, u32 spi); 948extern int xfrm6_rcv_spi(struct sk_buff *skb, u32 spi);
919extern int xfrm6_rcv(struct sk_buff **pskb); 949extern int xfrm6_rcv(struct sk_buff **pskb);
950extern int xfrm6_input_addr(struct sk_buff *skb, xfrm_address_t *daddr,
951 xfrm_address_t *saddr, u8 proto);
920extern int xfrm6_tunnel_register(struct xfrm6_tunnel *handler); 952extern int xfrm6_tunnel_register(struct xfrm6_tunnel *handler);
921extern int xfrm6_tunnel_deregister(struct xfrm6_tunnel *handler); 953extern int xfrm6_tunnel_deregister(struct xfrm6_tunnel *handler);
922extern u32 xfrm6_tunnel_alloc_spi(xfrm_address_t *saddr); 954extern u32 xfrm6_tunnel_alloc_spi(xfrm_address_t *saddr);
923extern void xfrm6_tunnel_free_spi(xfrm_address_t *saddr); 955extern void xfrm6_tunnel_free_spi(xfrm_address_t *saddr);
924extern u32 xfrm6_tunnel_spi_lookup(xfrm_address_t *saddr); 956extern u32 xfrm6_tunnel_spi_lookup(xfrm_address_t *saddr);
925extern int xfrm6_output(struct sk_buff *skb); 957extern int xfrm6_output(struct sk_buff *skb);
958extern int xfrm6_find_1stfragopt(struct xfrm_state *x, struct sk_buff *skb,
959 u8 **prevhdr);
926 960
927#ifdef CONFIG_XFRM 961#ifdef CONFIG_XFRM
928extern int xfrm4_rcv_encap(struct sk_buff *skb, __u16 encap_type); 962extern int xfrm4_rcv_encap(struct sk_buff *skb, __u16 encap_type);
@@ -947,27 +981,27 @@ static inline int xfrm_dst_lookup(struct xfrm_dst **dst, struct flowi *fl, unsig
947#endif 981#endif
948 982
949struct xfrm_policy *xfrm_policy_alloc(gfp_t gfp); 983struct xfrm_policy *xfrm_policy_alloc(gfp_t gfp);
950extern int xfrm_policy_walk(int (*func)(struct xfrm_policy *, int, int, void*), void *); 984extern int xfrm_policy_walk(u8 type, int (*func)(struct xfrm_policy *, int, int, void*), void *);
951int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl); 985int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl);
952struct xfrm_policy *xfrm_policy_bysel_ctx(int dir, struct xfrm_selector *sel, 986struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir,
987 struct xfrm_selector *sel,
953 struct xfrm_sec_ctx *ctx, int delete); 988 struct xfrm_sec_ctx *ctx, int delete);
954struct xfrm_policy *xfrm_policy_byid(int dir, u32 id, int delete); 989struct xfrm_policy *xfrm_policy_byid(u8, int dir, u32 id, int delete);
955void xfrm_policy_flush(void); 990void xfrm_policy_flush(u8 type);
956u32 xfrm_get_acqseq(void); 991u32 xfrm_get_acqseq(void);
957void xfrm_alloc_spi(struct xfrm_state *x, u32 minspi, u32 maxspi); 992void xfrm_alloc_spi(struct xfrm_state *x, u32 minspi, u32 maxspi);
958struct xfrm_state * xfrm_find_acq(u8 mode, u32 reqid, u8 proto, 993struct xfrm_state * xfrm_find_acq(u8 mode, u32 reqid, u8 proto,
959 xfrm_address_t *daddr, xfrm_address_t *saddr, 994 xfrm_address_t *daddr, xfrm_address_t *saddr,
960 int create, unsigned short family); 995 int create, unsigned short family);
961extern void xfrm_policy_flush(void); 996extern void xfrm_policy_flush(u8 type);
962extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol); 997extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol);
963extern int xfrm_flush_bundles(void); 998extern int xfrm_bundle_ok(struct xfrm_dst *xdst, struct flowi *fl, int family, int strict);
964extern void xfrm_flush_all_bundles(void);
965extern int xfrm_bundle_ok(struct xfrm_dst *xdst, struct flowi *fl, int family);
966extern void xfrm_init_pmtu(struct dst_entry *dst); 999extern void xfrm_init_pmtu(struct dst_entry *dst);
967 1000
968extern wait_queue_head_t km_waitq; 1001extern wait_queue_head_t km_waitq;
969extern int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport); 1002extern int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport);
970extern void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 pid); 1003extern void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 pid);
1004extern int km_report(u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr);
971 1005
972extern void xfrm_input_init(void); 1006extern void xfrm_input_init(void);
973extern int xfrm_parse_spi(struct sk_buff *skb, u8 nexthdr, u32 *spi, u32 *seq); 1007extern int xfrm_parse_spi(struct sk_buff *skb, u8 nexthdr, u32 *spi, u32 *seq);
@@ -984,11 +1018,13 @@ extern struct xfrm_algo_desc *xfrm_aalg_get_byname(char *name, int probe);
984extern struct xfrm_algo_desc *xfrm_ealg_get_byname(char *name, int probe); 1018extern struct xfrm_algo_desc *xfrm_ealg_get_byname(char *name, int probe);
985extern struct xfrm_algo_desc *xfrm_calg_get_byname(char *name, int probe); 1019extern struct xfrm_algo_desc *xfrm_calg_get_byname(char *name, int probe);
986 1020
987struct crypto_tfm; 1021struct hash_desc;
988typedef void (icv_update_fn_t)(struct crypto_tfm *, struct scatterlist *, unsigned int); 1022struct scatterlist;
1023typedef int (icv_update_fn_t)(struct hash_desc *, struct scatterlist *,
1024 unsigned int);
989 1025
990extern void skb_icv_walk(const struct sk_buff *skb, struct crypto_tfm *tfm, 1026extern int skb_icv_walk(const struct sk_buff *skb, struct hash_desc *tfm,
991 int offset, int len, icv_update_fn_t icv_update); 1027 int offset, int len, icv_update_fn_t icv_update);
992 1028
993static inline int xfrm_addr_cmp(xfrm_address_t *a, xfrm_address_t *b, 1029static inline int xfrm_addr_cmp(xfrm_address_t *a, xfrm_address_t *b,
994 int family) 1030 int family)
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-16 23:16:42 -0500