aboutsummaryrefslogtreecommitdiffstats
path: root/include/net/xfrm.h
diff options
context:
space:
mode:
Diffstat (limited to 'include/net/xfrm.h')
-rw-r--r--include/net/xfrm.h382
1 files changed, 197 insertions, 185 deletions
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index e253bf0cc7ef..6b82fdf4ba71 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -307,15 +307,17 @@ struct xfrm_policy_afinfo {
307 struct dst_entry *(*blackhole_route)(struct net *net, struct dst_entry *orig); 307 struct dst_entry *(*blackhole_route)(struct net *net, struct dst_entry *orig);
308}; 308};
309 309
310extern int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo); 310int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo);
311extern int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo); 311int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo);
312extern void km_policy_notify(struct xfrm_policy *xp, int dir, const struct km_event *c); 312void km_policy_notify(struct xfrm_policy *xp, int dir,
313extern void km_state_notify(struct xfrm_state *x, const struct km_event *c); 313 const struct km_event *c);
314void km_state_notify(struct xfrm_state *x, const struct km_event *c);
314 315
315struct xfrm_tmpl; 316struct xfrm_tmpl;
316extern int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol); 317int km_query(struct xfrm_state *x, struct xfrm_tmpl *t,
317extern void km_state_expired(struct xfrm_state *x, int hard, u32 portid); 318 struct xfrm_policy *pol);
318extern int __xfrm_state_delete(struct xfrm_state *x); 319void km_state_expired(struct xfrm_state *x, int hard, u32 portid);
320int __xfrm_state_delete(struct xfrm_state *x);
319 321
320struct xfrm_state_afinfo { 322struct xfrm_state_afinfo {
321 unsigned int family; 323 unsigned int family;
@@ -344,12 +346,12 @@ struct xfrm_state_afinfo {
344 void (*local_error)(struct sk_buff *skb, u32 mtu); 346 void (*local_error)(struct sk_buff *skb, u32 mtu);
345}; 347};
346 348
347extern int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo); 349int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo);
348extern int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo *afinfo); 350int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo *afinfo);
349extern struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned int family); 351struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned int family);
350extern void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo); 352void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo);
351 353
352extern void xfrm_state_delete_tunnel(struct xfrm_state *x); 354void xfrm_state_delete_tunnel(struct xfrm_state *x);
353 355
354struct xfrm_type { 356struct xfrm_type {
355 char *description; 357 char *description;
@@ -372,8 +374,8 @@ struct xfrm_type {
372 u32 (*get_mtu)(struct xfrm_state *, int size); 374 u32 (*get_mtu)(struct xfrm_state *, int size);
373}; 375};
374 376
375extern int xfrm_register_type(const struct xfrm_type *type, unsigned short family); 377int xfrm_register_type(const struct xfrm_type *type, unsigned short family);
376extern int xfrm_unregister_type(const struct xfrm_type *type, unsigned short family); 378int xfrm_unregister_type(const struct xfrm_type *type, unsigned short family);
377 379
378struct xfrm_mode { 380struct xfrm_mode {
379 /* 381 /*
@@ -434,8 +436,8 @@ enum {
434 XFRM_MODE_FLAG_TUNNEL = 1, 436 XFRM_MODE_FLAG_TUNNEL = 1,
435}; 437};
436 438
437extern int xfrm_register_mode(struct xfrm_mode *mode, int family); 439int xfrm_register_mode(struct xfrm_mode *mode, int family);
438extern int xfrm_unregister_mode(struct xfrm_mode *mode, int family); 440int xfrm_unregister_mode(struct xfrm_mode *mode, int family);
439 441
440static inline int xfrm_af2proto(unsigned int family) 442static inline int xfrm_af2proto(unsigned int family)
441{ 443{
@@ -595,8 +597,8 @@ struct xfrm_mgr {
595 const struct xfrm_kmaddress *k); 597 const struct xfrm_kmaddress *k);
596}; 598};
597 599
598extern int xfrm_register_km(struct xfrm_mgr *km); 600int xfrm_register_km(struct xfrm_mgr *km);
599extern int xfrm_unregister_km(struct xfrm_mgr *km); 601int xfrm_unregister_km(struct xfrm_mgr *km);
600 602
601/* 603/*
602 * This structure is used for the duration where packets are being 604 * This structure is used for the duration where packets are being
@@ -713,23 +715,23 @@ static inline void xfrm_audit_helper_usrinfo(kuid_t auid, u32 ses, u32 secid,
713 audit_log_task_context(audit_buf); 715 audit_log_task_context(audit_buf);
714} 716}
715 717
716extern void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, 718void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, kuid_t auid,
717 kuid_t auid, u32 ses, u32 secid); 719 u32 ses, u32 secid);
718extern void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result, 720void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result, kuid_t auid,
719 kuid_t auid, u32 ses, u32 secid); 721 u32 ses, u32 secid);
720extern void xfrm_audit_state_add(struct xfrm_state *x, int result, 722void xfrm_audit_state_add(struct xfrm_state *x, int result, kuid_t auid,
721 kuid_t auid, u32 ses, u32 secid); 723 u32 ses, u32 secid);
722extern void xfrm_audit_state_delete(struct xfrm_state *x, int result, 724void xfrm_audit_state_delete(struct xfrm_state *x, int result, kuid_t auid,
723 kuid_t auid, u32 ses, u32 secid); 725 u32 ses, u32 secid);
724extern void xfrm_audit_state_replay_overflow(struct xfrm_state *x, 726void xfrm_audit_state_replay_overflow(struct xfrm_state *x,
725 struct sk_buff *skb); 727 struct sk_buff *skb);
726extern void xfrm_audit_state_replay(struct xfrm_state *x, 728void xfrm_audit_state_replay(struct xfrm_state *x, struct sk_buff *skb,
727 struct sk_buff *skb, __be32 net_seq); 729 __be32 net_seq);
728extern void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family); 730void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family);
729extern void xfrm_audit_state_notfound(struct sk_buff *skb, u16 family, 731void xfrm_audit_state_notfound(struct sk_buff *skb, u16 family, __be32 net_spi,
730 __be32 net_spi, __be32 net_seq); 732 __be32 net_seq);
731extern void xfrm_audit_state_icvfail(struct xfrm_state *x, 733void xfrm_audit_state_icvfail(struct xfrm_state *x, struct sk_buff *skb,
732 struct sk_buff *skb, u8 proto); 734 u8 proto);
733#else 735#else
734 736
735static inline void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, 737static inline void xfrm_audit_policy_add(struct xfrm_policy *xp, int result,
@@ -784,7 +786,7 @@ static inline void xfrm_pol_hold(struct xfrm_policy *policy)
784 atomic_inc(&policy->refcnt); 786 atomic_inc(&policy->refcnt);
785} 787}
786 788
787extern void xfrm_policy_destroy(struct xfrm_policy *policy); 789void xfrm_policy_destroy(struct xfrm_policy *policy);
788 790
789static inline void xfrm_pol_put(struct xfrm_policy *policy) 791static inline void xfrm_pol_put(struct xfrm_policy *policy)
790{ 792{
@@ -799,7 +801,7 @@ static inline void xfrm_pols_put(struct xfrm_policy **pols, int npols)
799 xfrm_pol_put(pols[i]); 801 xfrm_pol_put(pols[i]);
800} 802}
801 803
802extern void __xfrm_state_destroy(struct xfrm_state *); 804void __xfrm_state_destroy(struct xfrm_state *);
803 805
804static inline void __xfrm_state_put(struct xfrm_state *x) 806static inline void __xfrm_state_put(struct xfrm_state *x)
805{ 807{
@@ -903,9 +905,8 @@ __be16 xfrm_flowi_dport(const struct flowi *fl, const union flowi_uli *uli)
903 return port; 905 return port;
904} 906}
905 907
906extern bool xfrm_selector_match(const struct xfrm_selector *sel, 908bool xfrm_selector_match(const struct xfrm_selector *sel,
907 const struct flowi *fl, 909 const struct flowi *fl, unsigned short family);
908 unsigned short family);
909 910
910#ifdef CONFIG_SECURITY_NETWORK_XFRM 911#ifdef CONFIG_SECURITY_NETWORK_XFRM
911/* If neither has a context --> match 912/* If neither has a context --> match
@@ -975,7 +976,7 @@ static inline void xfrm_dst_destroy(struct xfrm_dst *xdst)
975} 976}
976#endif 977#endif
977 978
978extern void xfrm_dst_ifdown(struct dst_entry *dst, struct net_device *dev); 979void xfrm_dst_ifdown(struct dst_entry *dst, struct net_device *dev);
979 980
980struct sec_path { 981struct sec_path {
981 atomic_t refcnt; 982 atomic_t refcnt;
@@ -1000,7 +1001,7 @@ secpath_get(struct sec_path *sp)
1000 return sp; 1001 return sp;
1001} 1002}
1002 1003
1003extern void __secpath_destroy(struct sec_path *sp); 1004void __secpath_destroy(struct sec_path *sp);
1004 1005
1005static inline void 1006static inline void
1006secpath_put(struct sec_path *sp) 1007secpath_put(struct sec_path *sp)
@@ -1009,7 +1010,7 @@ secpath_put(struct sec_path *sp)
1009 __secpath_destroy(sp); 1010 __secpath_destroy(sp);
1010} 1011}
1011 1012
1012extern struct sec_path *secpath_dup(struct sec_path *src); 1013struct sec_path *secpath_dup(struct sec_path *src);
1013 1014
1014static inline void 1015static inline void
1015secpath_reset(struct sk_buff *skb) 1016secpath_reset(struct sk_buff *skb)
@@ -1059,7 +1060,8 @@ xfrm_state_addr_cmp(const struct xfrm_tmpl *tmpl, const struct xfrm_state *x, un
1059} 1060}
1060 1061
1061#ifdef CONFIG_XFRM 1062#ifdef CONFIG_XFRM
1062extern int __xfrm_policy_check(struct sock *, int dir, struct sk_buff *skb, unsigned short family); 1063int __xfrm_policy_check(struct sock *, int dir, struct sk_buff *skb,
1064 unsigned short family);
1063 1065
1064static inline int __xfrm_policy_check2(struct sock *sk, int dir, 1066static inline int __xfrm_policy_check2(struct sock *sk, int dir,
1065 struct sk_buff *skb, 1067 struct sk_buff *skb,
@@ -1103,8 +1105,8 @@ static inline int xfrm6_policy_check_reverse(struct sock *sk, int dir,
1103 return __xfrm_policy_check2(sk, dir, skb, AF_INET6, 1); 1105 return __xfrm_policy_check2(sk, dir, skb, AF_INET6, 1);
1104} 1106}
1105 1107
1106extern int __xfrm_decode_session(struct sk_buff *skb, struct flowi *fl, 1108int __xfrm_decode_session(struct sk_buff *skb, struct flowi *fl,
1107 unsigned int family, int reverse); 1109 unsigned int family, int reverse);
1108 1110
1109static inline int xfrm_decode_session(struct sk_buff *skb, struct flowi *fl, 1111static inline int xfrm_decode_session(struct sk_buff *skb, struct flowi *fl,
1110 unsigned int family) 1112 unsigned int family)
@@ -1119,7 +1121,7 @@ static inline int xfrm_decode_session_reverse(struct sk_buff *skb,
1119 return __xfrm_decode_session(skb, fl, family, 1); 1121 return __xfrm_decode_session(skb, fl, family, 1);
1120} 1122}
1121 1123
1122extern int __xfrm_route_forward(struct sk_buff *skb, unsigned short family); 1124int __xfrm_route_forward(struct sk_buff *skb, unsigned short family);
1123 1125
1124static inline int xfrm_route_forward(struct sk_buff *skb, unsigned short family) 1126static inline int xfrm_route_forward(struct sk_buff *skb, unsigned short family)
1125{ 1127{
@@ -1140,7 +1142,7 @@ static inline int xfrm6_route_forward(struct sk_buff *skb)
1140 return xfrm_route_forward(skb, AF_INET6); 1142 return xfrm_route_forward(skb, AF_INET6);
1141} 1143}
1142 1144
1143extern int __xfrm_sk_clone_policy(struct sock *sk); 1145int __xfrm_sk_clone_policy(struct sock *sk);
1144 1146
1145static inline int xfrm_sk_clone_policy(struct sock *sk) 1147static inline int xfrm_sk_clone_policy(struct sock *sk)
1146{ 1148{
@@ -1149,7 +1151,7 @@ static inline int xfrm_sk_clone_policy(struct sock *sk)
1149 return 0; 1151 return 0;
1150} 1152}
1151 1153
1152extern int xfrm_policy_delete(struct xfrm_policy *pol, int dir); 1154int xfrm_policy_delete(struct xfrm_policy *pol, int dir);
1153 1155
1154static inline void xfrm_sk_free_policy(struct sock *sk) 1156static inline void xfrm_sk_free_policy(struct sock *sk)
1155{ 1157{
@@ -1163,7 +1165,7 @@ static inline void xfrm_sk_free_policy(struct sock *sk)
1163 } 1165 }
1164} 1166}
1165 1167
1166extern void xfrm_garbage_collect(struct net *net); 1168void xfrm_garbage_collect(struct net *net);
1167 1169
1168#else 1170#else
1169 1171
@@ -1355,6 +1357,12 @@ struct xfrm_tunnel {
1355 int priority; 1357 int priority;
1356}; 1358};
1357 1359
1360struct xfrm_tunnel_notifier {
1361 int (*handler)(struct sk_buff *skb);
1362 struct xfrm_tunnel_notifier __rcu *next;
1363 int priority;
1364};
1365
1358struct xfrm6_tunnel { 1366struct xfrm6_tunnel {
1359 int (*handler)(struct sk_buff *skb); 1367 int (*handler)(struct sk_buff *skb);
1360 int (*err_handler)(struct sk_buff *skb, struct inet6_skb_parm *opt, 1368 int (*err_handler)(struct sk_buff *skb, struct inet6_skb_parm *opt,
@@ -1363,16 +1371,16 @@ struct xfrm6_tunnel {
1363 int priority; 1371 int priority;
1364}; 1372};
1365 1373
1366extern void xfrm_init(void); 1374void xfrm_init(void);
1367extern void xfrm4_init(void); 1375void xfrm4_init(void);
1368extern int xfrm_state_init(struct net *net); 1376int xfrm_state_init(struct net *net);
1369extern void xfrm_state_fini(struct net *net); 1377void xfrm_state_fini(struct net *net);
1370extern void xfrm4_state_init(void); 1378void xfrm4_state_init(void);
1371#ifdef CONFIG_XFRM 1379#ifdef CONFIG_XFRM
1372extern int xfrm6_init(void); 1380int xfrm6_init(void);
1373extern void xfrm6_fini(void); 1381void xfrm6_fini(void);
1374extern int xfrm6_state_init(void); 1382int xfrm6_state_init(void);
1375extern void xfrm6_state_fini(void); 1383void xfrm6_state_fini(void);
1376#else 1384#else
1377static inline int xfrm6_init(void) 1385static inline int xfrm6_init(void)
1378{ 1386{
@@ -1385,52 +1393,52 @@ static inline void xfrm6_fini(void)
1385#endif 1393#endif
1386 1394
1387#ifdef CONFIG_XFRM_STATISTICS 1395#ifdef CONFIG_XFRM_STATISTICS
1388extern int xfrm_proc_init(struct net *net); 1396int xfrm_proc_init(struct net *net);
1389extern void xfrm_proc_fini(struct net *net); 1397void xfrm_proc_fini(struct net *net);
1390#endif 1398#endif
1391 1399
1392extern int xfrm_sysctl_init(struct net *net); 1400int xfrm_sysctl_init(struct net *net);
1393#ifdef CONFIG_SYSCTL 1401#ifdef CONFIG_SYSCTL
1394extern void xfrm_sysctl_fini(struct net *net); 1402void xfrm_sysctl_fini(struct net *net);
1395#else 1403#else
1396static inline void xfrm_sysctl_fini(struct net *net) 1404static inline void xfrm_sysctl_fini(struct net *net)
1397{ 1405{
1398} 1406}
1399#endif 1407#endif
1400 1408
1401extern void xfrm_state_walk_init(struct xfrm_state_walk *walk, u8 proto); 1409void xfrm_state_walk_init(struct xfrm_state_walk *walk, u8 proto);
1402extern int xfrm_state_walk(struct net *net, struct xfrm_state_walk *walk, 1410int xfrm_state_walk(struct net *net, struct xfrm_state_walk *walk,
1403 int (*func)(struct xfrm_state *, int, void*), void *); 1411 int (*func)(struct xfrm_state *, int, void*), void *);
1404extern void xfrm_state_walk_done(struct xfrm_state_walk *walk); 1412void xfrm_state_walk_done(struct xfrm_state_walk *walk);
1405extern struct xfrm_state *xfrm_state_alloc(struct net *net); 1413struct xfrm_state *xfrm_state_alloc(struct net *net);
1406extern struct xfrm_state *xfrm_state_find(const xfrm_address_t *daddr, 1414struct xfrm_state *xfrm_state_find(const xfrm_address_t *daddr,
1407 const xfrm_address_t *saddr, 1415 const xfrm_address_t *saddr,
1408 const struct flowi *fl, 1416 const struct flowi *fl,
1409 struct xfrm_tmpl *tmpl, 1417 struct xfrm_tmpl *tmpl,
1410 struct xfrm_policy *pol, int *err, 1418 struct xfrm_policy *pol, int *err,
1411 unsigned short family); 1419 unsigned short family);
1412extern struct xfrm_state *xfrm_stateonly_find(struct net *net, u32 mark, 1420struct xfrm_state *xfrm_stateonly_find(struct net *net, u32 mark,
1413 xfrm_address_t *daddr, 1421 xfrm_address_t *daddr,
1414 xfrm_address_t *saddr, 1422 xfrm_address_t *saddr,
1415 unsigned short family, 1423 unsigned short family,
1416 u8 mode, u8 proto, u32 reqid); 1424 u8 mode, u8 proto, u32 reqid);
1417extern int xfrm_state_check_expire(struct xfrm_state *x); 1425int xfrm_state_check_expire(struct xfrm_state *x);
1418extern void xfrm_state_insert(struct xfrm_state *x); 1426void xfrm_state_insert(struct xfrm_state *x);
1419extern int xfrm_state_add(struct xfrm_state *x); 1427int xfrm_state_add(struct xfrm_state *x);
1420extern int xfrm_state_update(struct xfrm_state *x); 1428int xfrm_state_update(struct xfrm_state *x);
1421extern struct xfrm_state *xfrm_state_lookup(struct net *net, u32 mark, 1429struct xfrm_state *xfrm_state_lookup(struct net *net, u32 mark,
1422 const xfrm_address_t *daddr, __be32 spi, 1430 const xfrm_address_t *daddr, __be32 spi,
1423 u8 proto, unsigned short family); 1431 u8 proto, unsigned short family);
1424extern struct xfrm_state *xfrm_state_lookup_byaddr(struct net *net, u32 mark, 1432struct xfrm_state *xfrm_state_lookup_byaddr(struct net *net, u32 mark,
1425 const xfrm_address_t *daddr, 1433 const xfrm_address_t *daddr,
1426 const xfrm_address_t *saddr, 1434 const xfrm_address_t *saddr,
1427 u8 proto, 1435 u8 proto,
1428 unsigned short family); 1436 unsigned short family);
1429#ifdef CONFIG_XFRM_SUB_POLICY 1437#ifdef CONFIG_XFRM_SUB_POLICY
1430extern int xfrm_tmpl_sort(struct xfrm_tmpl **dst, struct xfrm_tmpl **src, 1438int xfrm_tmpl_sort(struct xfrm_tmpl **dst, struct xfrm_tmpl **src, int n,
1431 int n, unsigned short family); 1439 unsigned short family);
1432extern int xfrm_state_sort(struct xfrm_state **dst, struct xfrm_state **src, 1440int xfrm_state_sort(struct xfrm_state **dst, struct xfrm_state **src, int n,
1433 int n, unsigned short family); 1441 unsigned short family);
1434#else 1442#else
1435static inline int xfrm_tmpl_sort(struct xfrm_tmpl **dst, struct xfrm_tmpl **src, 1443static inline int xfrm_tmpl_sort(struct xfrm_tmpl **dst, struct xfrm_tmpl **src,
1436 int n, unsigned short family) 1444 int n, unsigned short family)
@@ -1462,68 +1470,69 @@ struct xfrmk_spdinfo {
1462 u32 spdhmcnt; 1470 u32 spdhmcnt;
1463}; 1471};
1464 1472
1465extern struct xfrm_state *xfrm_find_acq_byseq(struct net *net, u32 mark, 1473struct xfrm_state *xfrm_find_acq_byseq(struct net *net, u32 mark, u32 seq);
1466 u32 seq); 1474int xfrm_state_delete(struct xfrm_state *x);
1467extern int xfrm_state_delete(struct xfrm_state *x); 1475int xfrm_state_flush(struct net *net, u8 proto, struct xfrm_audit *audit_info);
1468extern int xfrm_state_flush(struct net *net, u8 proto, struct xfrm_audit *audit_info); 1476void xfrm_sad_getinfo(struct net *net, struct xfrmk_sadinfo *si);
1469extern void xfrm_sad_getinfo(struct net *net, struct xfrmk_sadinfo *si); 1477void xfrm_spd_getinfo(struct net *net, struct xfrmk_spdinfo *si);
1470extern void xfrm_spd_getinfo(struct net *net, struct xfrmk_spdinfo *si); 1478u32 xfrm_replay_seqhi(struct xfrm_state *x, __be32 net_seq);
1471extern u32 xfrm_replay_seqhi(struct xfrm_state *x, __be32 net_seq); 1479int xfrm_init_replay(struct xfrm_state *x);
1472extern int xfrm_init_replay(struct xfrm_state *x); 1480int xfrm_state_mtu(struct xfrm_state *x, int mtu);
1473extern int xfrm_state_mtu(struct xfrm_state *x, int mtu); 1481int __xfrm_init_state(struct xfrm_state *x, bool init_replay);
1474extern int __xfrm_init_state(struct xfrm_state *x, bool init_replay); 1482int xfrm_init_state(struct xfrm_state *x);
1475extern int xfrm_init_state(struct xfrm_state *x); 1483int xfrm_prepare_input(struct xfrm_state *x, struct sk_buff *skb);
1476extern int xfrm_prepare_input(struct xfrm_state *x, struct sk_buff *skb); 1484int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type);
1477extern int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, 1485int xfrm_input_resume(struct sk_buff *skb, int nexthdr);
1478 int encap_type); 1486int xfrm_output_resume(struct sk_buff *skb, int err);
1479extern int xfrm_input_resume(struct sk_buff *skb, int nexthdr); 1487int xfrm_output(struct sk_buff *skb);
1480extern int xfrm_output_resume(struct sk_buff *skb, int err); 1488int xfrm_inner_extract_output(struct xfrm_state *x, struct sk_buff *skb);
1481extern int xfrm_output(struct sk_buff *skb); 1489void xfrm_local_error(struct sk_buff *skb, int mtu);
1482extern int xfrm_inner_extract_output(struct xfrm_state *x, struct sk_buff *skb); 1490int xfrm4_extract_header(struct sk_buff *skb);
1483extern void xfrm_local_error(struct sk_buff *skb, int mtu); 1491int xfrm4_extract_input(struct xfrm_state *x, struct sk_buff *skb);
1484extern int xfrm4_extract_header(struct sk_buff *skb); 1492int xfrm4_rcv_encap(struct sk_buff *skb, int nexthdr, __be32 spi,
1485extern int xfrm4_extract_input(struct xfrm_state *x, struct sk_buff *skb); 1493 int encap_type);
1486extern int xfrm4_rcv_encap(struct sk_buff *skb, int nexthdr, __be32 spi, 1494int xfrm4_transport_finish(struct sk_buff *skb, int async);
1487 int encap_type); 1495int xfrm4_rcv(struct sk_buff *skb);
1488extern int xfrm4_transport_finish(struct sk_buff *skb, int async);
1489extern int xfrm4_rcv(struct sk_buff *skb);
1490 1496
1491static inline int xfrm4_rcv_spi(struct sk_buff *skb, int nexthdr, __be32 spi) 1497static inline int xfrm4_rcv_spi(struct sk_buff *skb, int nexthdr, __be32 spi)
1492{ 1498{
1493 return xfrm4_rcv_encap(skb, nexthdr, spi, 0); 1499 return xfrm4_rcv_encap(skb, nexthdr, spi, 0);
1494} 1500}
1495 1501
1496extern int xfrm4_extract_output(struct xfrm_state *x, struct sk_buff *skb); 1502int xfrm4_extract_output(struct xfrm_state *x, struct sk_buff *skb);
1497extern int xfrm4_prepare_output(struct xfrm_state *x, struct sk_buff *skb); 1503int xfrm4_prepare_output(struct xfrm_state *x, struct sk_buff *skb);
1498extern int xfrm4_output(struct sk_buff *skb); 1504int xfrm4_output(struct sk_buff *skb);
1499extern int xfrm4_output_finish(struct sk_buff *skb); 1505int xfrm4_output_finish(struct sk_buff *skb);
1500extern int xfrm4_tunnel_register(struct xfrm_tunnel *handler, unsigned short family); 1506int xfrm4_tunnel_register(struct xfrm_tunnel *handler, unsigned short family);
1501extern int xfrm4_tunnel_deregister(struct xfrm_tunnel *handler, unsigned short family); 1507int xfrm4_tunnel_deregister(struct xfrm_tunnel *handler, unsigned short family);
1502extern int xfrm4_mode_tunnel_input_register(struct xfrm_tunnel *handler); 1508void xfrm4_local_error(struct sk_buff *skb, u32 mtu);
1503extern int xfrm4_mode_tunnel_input_deregister(struct xfrm_tunnel *handler); 1509int xfrm4_mode_tunnel_input_register(struct xfrm_tunnel_notifier *handler);
1504extern void xfrm4_local_error(struct sk_buff *skb, u32 mtu); 1510int xfrm4_mode_tunnel_input_deregister(struct xfrm_tunnel_notifier *handler);
1505extern int xfrm6_extract_header(struct sk_buff *skb); 1511int xfrm6_mode_tunnel_input_register(struct xfrm_tunnel_notifier *handler);
1506extern int xfrm6_extract_input(struct xfrm_state *x, struct sk_buff *skb); 1512int xfrm6_mode_tunnel_input_deregister(struct xfrm_tunnel_notifier *handler);
1507extern int xfrm6_rcv_spi(struct sk_buff *skb, int nexthdr, __be32 spi); 1513int xfrm6_extract_header(struct sk_buff *skb);
1508extern int xfrm6_transport_finish(struct sk_buff *skb, int async); 1514int xfrm6_extract_input(struct xfrm_state *x, struct sk_buff *skb);
1509extern int xfrm6_rcv(struct sk_buff *skb); 1515int xfrm6_rcv_spi(struct sk_buff *skb, int nexthdr, __be32 spi);
1510extern int xfrm6_input_addr(struct sk_buff *skb, xfrm_address_t *daddr, 1516int xfrm6_transport_finish(struct sk_buff *skb, int async);
1511 xfrm_address_t *saddr, u8 proto); 1517int xfrm6_rcv(struct sk_buff *skb);
1512extern int xfrm6_tunnel_register(struct xfrm6_tunnel *handler, unsigned short family); 1518int xfrm6_input_addr(struct sk_buff *skb, xfrm_address_t *daddr,
1513extern int xfrm6_tunnel_deregister(struct xfrm6_tunnel *handler, unsigned short family); 1519 xfrm_address_t *saddr, u8 proto);
1514extern __be32 xfrm6_tunnel_alloc_spi(struct net *net, xfrm_address_t *saddr); 1520void xfrm6_local_error(struct sk_buff *skb, u32 mtu);
1515extern __be32 xfrm6_tunnel_spi_lookup(struct net *net, const xfrm_address_t *saddr); 1521int xfrm6_tunnel_register(struct xfrm6_tunnel *handler, unsigned short family);
1516extern int xfrm6_extract_output(struct xfrm_state *x, struct sk_buff *skb); 1522int xfrm6_tunnel_deregister(struct xfrm6_tunnel *handler, unsigned short family);
1517extern int xfrm6_prepare_output(struct xfrm_state *x, struct sk_buff *skb); 1523__be32 xfrm6_tunnel_alloc_spi(struct net *net, xfrm_address_t *saddr);
1518extern int xfrm6_output(struct sk_buff *skb); 1524__be32 xfrm6_tunnel_spi_lookup(struct net *net, const xfrm_address_t *saddr);
1519extern int xfrm6_output_finish(struct sk_buff *skb); 1525int xfrm6_extract_output(struct xfrm_state *x, struct sk_buff *skb);
1520extern int xfrm6_find_1stfragopt(struct xfrm_state *x, struct sk_buff *skb, 1526int xfrm6_prepare_output(struct xfrm_state *x, struct sk_buff *skb);
1521 u8 **prevhdr); 1527int xfrm6_output(struct sk_buff *skb);
1522extern void xfrm6_local_error(struct sk_buff *skb, u32 mtu); 1528int xfrm6_output_finish(struct sk_buff *skb);
1529int xfrm6_find_1stfragopt(struct xfrm_state *x, struct sk_buff *skb,
1530 u8 **prevhdr);
1523 1531
1524#ifdef CONFIG_XFRM 1532#ifdef CONFIG_XFRM
1525extern int xfrm4_udp_encap_rcv(struct sock *sk, struct sk_buff *skb); 1533int xfrm4_udp_encap_rcv(struct sock *sk, struct sk_buff *skb);
1526extern int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optval, int optlen); 1534int xfrm_user_policy(struct sock *sk, int optname,
1535 u8 __user *optval, int optlen);
1527#else 1536#else
1528static inline int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optval, int optlen) 1537static inline int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optval, int optlen)
1529{ 1538{
@@ -1540,59 +1549,62 @@ static inline int xfrm4_udp_encap_rcv(struct sock *sk, struct sk_buff *skb)
1540 1549
1541struct xfrm_policy *xfrm_policy_alloc(struct net *net, gfp_t gfp); 1550struct xfrm_policy *xfrm_policy_alloc(struct net *net, gfp_t gfp);
1542 1551
1543extern void xfrm_policy_walk_init(struct xfrm_policy_walk *walk, u8 type); 1552void xfrm_policy_walk_init(struct xfrm_policy_walk *walk, u8 type);
1544extern int xfrm_policy_walk(struct net *net, struct xfrm_policy_walk *walk, 1553int xfrm_policy_walk(struct net *net, struct xfrm_policy_walk *walk,
1545 int (*func)(struct xfrm_policy *, int, int, void*), void *); 1554 int (*func)(struct xfrm_policy *, int, int, void*),
1546extern void xfrm_policy_walk_done(struct xfrm_policy_walk *walk); 1555 void *);
1556void xfrm_policy_walk_done(struct xfrm_policy_walk *walk);
1547int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl); 1557int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl);
1548struct xfrm_policy *xfrm_policy_bysel_ctx(struct net *net, u32 mark, 1558struct xfrm_policy *xfrm_policy_bysel_ctx(struct net *net, u32 mark,
1549 u8 type, int dir, 1559 u8 type, int dir,
1550 struct xfrm_selector *sel, 1560 struct xfrm_selector *sel,
1551 struct xfrm_sec_ctx *ctx, int delete, 1561 struct xfrm_sec_ctx *ctx, int delete,
1552 int *err); 1562 int *err);
1553struct xfrm_policy *xfrm_policy_byid(struct net *net, u32 mark, u8, int dir, u32 id, int delete, int *err); 1563struct xfrm_policy *xfrm_policy_byid(struct net *net, u32 mark, u8, int dir,
1564 u32 id, int delete, int *err);
1554int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info); 1565int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info);
1555u32 xfrm_get_acqseq(void); 1566u32 xfrm_get_acqseq(void);
1556extern int xfrm_alloc_spi(struct xfrm_state *x, u32 minspi, u32 maxspi); 1567int xfrm_alloc_spi(struct xfrm_state *x, u32 minspi, u32 maxspi);
1557struct xfrm_state *xfrm_find_acq(struct net *net, const struct xfrm_mark *mark, 1568struct xfrm_state *xfrm_find_acq(struct net *net, const struct xfrm_mark *mark,
1558 u8 mode, u32 reqid, u8 proto, 1569 u8 mode, u32 reqid, u8 proto,
1559 const xfrm_address_t *daddr, 1570 const xfrm_address_t *daddr,
1560 const xfrm_address_t *saddr, int create, 1571 const xfrm_address_t *saddr, int create,
1561 unsigned short family); 1572 unsigned short family);
1562extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol); 1573int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol);
1563 1574
1564#ifdef CONFIG_XFRM_MIGRATE 1575#ifdef CONFIG_XFRM_MIGRATE
1565extern int km_migrate(const struct xfrm_selector *sel, u8 dir, u8 type, 1576int km_migrate(const struct xfrm_selector *sel, u8 dir, u8 type,
1566 const struct xfrm_migrate *m, int num_bundles, 1577 const struct xfrm_migrate *m, int num_bundles,
1567 const struct xfrm_kmaddress *k); 1578 const struct xfrm_kmaddress *k);
1568extern struct xfrm_state * xfrm_migrate_state_find(struct xfrm_migrate *m); 1579struct xfrm_state *xfrm_migrate_state_find(struct xfrm_migrate *m);
1569extern struct xfrm_state * xfrm_state_migrate(struct xfrm_state *x, 1580struct xfrm_state *xfrm_state_migrate(struct xfrm_state *x,
1570 struct xfrm_migrate *m); 1581 struct xfrm_migrate *m);
1571extern int xfrm_migrate(const struct xfrm_selector *sel, u8 dir, u8 type, 1582int xfrm_migrate(const struct xfrm_selector *sel, u8 dir, u8 type,
1572 struct xfrm_migrate *m, int num_bundles, 1583 struct xfrm_migrate *m, int num_bundles,
1573 struct xfrm_kmaddress *k); 1584 struct xfrm_kmaddress *k);
1574#endif 1585#endif
1575 1586
1576extern int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, __be16 sport); 1587int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, __be16 sport);
1577extern void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 portid); 1588void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 portid);
1578extern int km_report(struct net *net, u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr); 1589int km_report(struct net *net, u8 proto, struct xfrm_selector *sel,
1579 1590 xfrm_address_t *addr);
1580extern void xfrm_input_init(void); 1591
1581extern int xfrm_parse_spi(struct sk_buff *skb, u8 nexthdr, __be32 *spi, __be32 *seq); 1592void xfrm_input_init(void);
1582 1593int xfrm_parse_spi(struct sk_buff *skb, u8 nexthdr, __be32 *spi, __be32 *seq);
1583extern void xfrm_probe_algs(void); 1594
1584extern int xfrm_count_pfkey_auth_supported(void); 1595void xfrm_probe_algs(void);
1585extern int xfrm_count_pfkey_enc_supported(void); 1596int xfrm_count_pfkey_auth_supported(void);
1586extern struct xfrm_algo_desc *xfrm_aalg_get_byidx(unsigned int idx); 1597int xfrm_count_pfkey_enc_supported(void);
1587extern struct xfrm_algo_desc *xfrm_ealg_get_byidx(unsigned int idx); 1598struct xfrm_algo_desc *xfrm_aalg_get_byidx(unsigned int idx);
1588extern struct xfrm_algo_desc *xfrm_aalg_get_byid(int alg_id); 1599struct xfrm_algo_desc *xfrm_ealg_get_byidx(unsigned int idx);
1589extern struct xfrm_algo_desc *xfrm_ealg_get_byid(int alg_id); 1600struct xfrm_algo_desc *xfrm_aalg_get_byid(int alg_id);
1590extern struct xfrm_algo_desc *xfrm_calg_get_byid(int alg_id); 1601struct xfrm_algo_desc *xfrm_ealg_get_byid(int alg_id);
1591extern struct xfrm_algo_desc *xfrm_aalg_get_byname(const char *name, int probe); 1602struct xfrm_algo_desc *xfrm_calg_get_byid(int alg_id);
1592extern struct xfrm_algo_desc *xfrm_ealg_get_byname(const char *name, int probe); 1603struct xfrm_algo_desc *xfrm_aalg_get_byname(const char *name, int probe);
1593extern struct xfrm_algo_desc *xfrm_calg_get_byname(const char *name, int probe); 1604struct xfrm_algo_desc *xfrm_ealg_get_byname(const char *name, int probe);
1594extern struct xfrm_algo_desc *xfrm_aead_get_byname(const char *name, int icv_len, 1605struct xfrm_algo_desc *xfrm_calg_get_byname(const char *name, int probe);
1595 int probe); 1606struct xfrm_algo_desc *xfrm_aead_get_byname(const char *name, int icv_len,
1607 int probe);
1596 1608
1597static inline bool xfrm6_addr_equal(const xfrm_address_t *a, 1609static inline bool xfrm6_addr_equal(const xfrm_address_t *a,
1598 const xfrm_address_t *b) 1610 const xfrm_address_t *b)
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-27 01:52:23 -0500