1 files changed, 34 insertions, 0 deletions
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index b88b038530c9..e5ea1347a4ff 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -50,6 +50,40 @@ static void xfrm_policy_put_afinfo(struct xfrm_policy_afinfo *afinfo);
 static struct xfrm_policy_afinfo *xfrm_policy_lock_afinfo(unsigned int family);
 static void xfrm_policy_unlock_afinfo(struct xfrm_policy_afinfo *afinfo);
+static inline int
+__xfrm4_selector_match(struct xfrm_selector *sel, struct flowi *fl)
+{
+        return  addr_match(&fl->fl4_dst, &sel->daddr, sel->prefixlen_d) &&
+                addr_match(&fl->fl4_src, &sel->saddr, sel->prefixlen_s) &&
+                !((xfrm_flowi_dport(fl) ^ sel->dport) & sel->dport_mask) &&
+                !((xfrm_flowi_sport(fl) ^ sel->sport) & sel->sport_mask) &&
+                (fl->proto == sel->proto || !sel->proto) &&
+                (fl->oif == sel->ifindex || !sel->ifindex);
+}
+static inline int
+__xfrm6_selector_match(struct xfrm_selector *sel, struct flowi *fl)
+{
+        return  addr_match(&fl->fl6_dst, &sel->daddr, sel->prefixlen_d) &&
+                addr_match(&fl->fl6_src, &sel->saddr, sel->prefixlen_s) &&
+                !((xfrm_flowi_dport(fl) ^ sel->dport) & sel->dport_mask) &&
+                !((xfrm_flowi_sport(fl) ^ sel->sport) & sel->sport_mask) &&
+                (fl->proto == sel->proto || !sel->proto) &&
+                (fl->oif == sel->ifindex || !sel->ifindex);
+}
+int xfrm_selector_match(struct xfrm_selector *sel, struct flowi *fl,
+                    unsigned short family)
+{
+        switch (family) {
+        case AF_INET:
+                return __xfrm4_selector_match(sel, fl);
+        case AF_INET6:
+                return __xfrm6_selector_match(sel, fl);
+        }
+        return 0;
+}
 int xfrm_register_type(struct xfrm_type *type, unsigned short family)
 {
        struct xfrm_policy_afinfo *afinfo = xfrm_policy_lock_afinfo(family);

diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index b88b038530c9..e5ea1347a4ff 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c
@@ -50,6 +50,40 @@ static void xfrm_policy_put_afinfo(struct xfrm_policy_afinfo *afinfo);
50	static struct xfrm_policy_afinfo *xfrm_policy_lock_afinfo(unsigned int family);	50	static struct xfrm_policy_afinfo *xfrm_policy_lock_afinfo(unsigned int family);
51	static void xfrm_policy_unlock_afinfo(struct xfrm_policy_afinfo *afinfo);	51	static void xfrm_policy_unlock_afinfo(struct xfrm_policy_afinfo *afinfo);
52		52
		53	static inline int
		54	__xfrm4_selector_match(struct xfrm_selector sel, struct flowi fl)
		55	{
		56	return addr_match(&fl->fl4_dst, &sel->daddr, sel->prefixlen_d) &&
		57	addr_match(&fl->fl4_src, &sel->saddr, sel->prefixlen_s) &&
		58	!((xfrm_flowi_dport(fl) ^ sel->dport) & sel->dport_mask) &&
		59	!((xfrm_flowi_sport(fl) ^ sel->sport) & sel->sport_mask) &&
		60	(fl->proto == sel->proto \|\| !sel->proto) &&
		61	(fl->oif == sel->ifindex \|\| !sel->ifindex);
		62	}
		63
		64	static inline int
		65	__xfrm6_selector_match(struct xfrm_selector sel, struct flowi fl)
		66	{
		67	return addr_match(&fl->fl6_dst, &sel->daddr, sel->prefixlen_d) &&
		68	addr_match(&fl->fl6_src, &sel->saddr, sel->prefixlen_s) &&
		69	!((xfrm_flowi_dport(fl) ^ sel->dport) & sel->dport_mask) &&
		70	!((xfrm_flowi_sport(fl) ^ sel->sport) & sel->sport_mask) &&
		71	(fl->proto == sel->proto \|\| !sel->proto) &&
		72	(fl->oif == sel->ifindex \|\| !sel->ifindex);
		73	}
		74
		75	int xfrm_selector_match(struct xfrm_selector sel, struct flowi fl,
		76	unsigned short family)
		77	{
		78	switch (family) {
		79	case AF_INET:
		80	return __xfrm4_selector_match(sel, fl);
		81	case AF_INET6:
		82	return __xfrm6_selector_match(sel, fl);
		83	}
		84	return 0;
		85	}
		86
53	int xfrm_register_type(struct xfrm_type *type, unsigned short family)	87	int xfrm_register_type(struct xfrm_type *type, unsigned short family)
54	{	88	{
55	struct xfrm_policy_afinfo *afinfo = xfrm_policy_lock_afinfo(family);	89	struct xfrm_policy_afinfo *afinfo = xfrm_policy_lock_afinfo(family);