path: root/include
diff options
authorLinus Torvalds <torvalds@woody.osdl.org>2006-12-07 12:05:15 -0500
committerLinus Torvalds <torvalds@woody.osdl.org>2006-12-07 12:05:15 -0500
commit2685b267bce34c9b66626cb11664509c32a761a5 (patch)
treece8b4ad47b4a1aa1b0e7634298d63c4cb0ca46c5 /include
parent4522d58275f124105819723e24e912c8e5bf3cdd (diff)
parent272491ef423b6976a230a998b10f46976aa91342 (diff)
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: (48 commits) [NETFILTER]: Fix non-ANSI func. decl. [TG3]: Identify Serdes devices more clearly. [TG3]: Use msleep. [TG3]: Use netif_msg_*. [TG3]: Allow partial speed advertisement. [TG3]: Add TG3_FLG2_IS_NIC flag. [TG3]: Add 5787F device ID. [TG3]: Fix Phy loopback. [WANROUTER]: Kill kmalloc debugging code. [TCP] inet_twdr_hangman: Delete unnecessary memory barrier(). [NET]: Memory barrier cleanups [IPSEC]: Fix inetpeer leak in ipv4 xfrm dst entries. audit: disable ipsec auditing when CONFIG_AUDITSYSCALL=n audit: Add auditing to ipsec [IRDA] irlan: Fix compile warning when CONFIG_PROC_FS=n [IrDA]: Incorrect TTP header reservation [IrDA]: PXA FIR code device model conversion [GENETLINK]: Fix misplaced command flags. [NETLIK]: Add a pointer to the Generic Netlink wiki page. [IPV6] RAW: Don't release unlocked sock. ...
Diffstat (limited to 'include')
10 files changed, 314 insertions, 31 deletions
diff --git a/include/crypto/b128ops.h b/include/crypto/b128ops.h
new file mode 100644
index 0000000000..0b8e6bc553
--- /dev/null
+++ b/include/crypto/b128ops.h
@@ -0,0 +1,80 @@
1/* b128ops.h - common 128-bit block operations
2 *
3 * Copyright (c) 2003, Dr Brian Gladman, Worcester, UK.
4 * Copyright (c) 2006, Rik Snel <rsnel@cube.dyndns.org>
5 *
6 * Based on Dr Brian Gladman's (GPL'd) work published at
7 * http://fp.gladman.plus.com/cryptography_technology/index.htm
8 * See the original copyright notice below.
9 *
10 * This program is free software; you can redistribute it and/or modify it
11 * under the terms of the GNU General Public License as published by the Free
12 * Software Foundation; either version 2 of the License, or (at your option)
13 * any later version.
14 */
16 ---------------------------------------------------------------------------
17 Copyright (c) 2003, Dr Brian Gladman, Worcester, UK. All rights reserved.
21 The free distribution and use of this software in both source and binary
22 form is allowed (with or without changes) provided that:
24 1. distributions of this source code include the above copyright
25 notice, this list of conditions and the following disclaimer;
27 2. distributions in binary form include the above copyright
28 notice, this list of conditions and the following disclaimer
29 in the documentation and/or other associated materials;
31 3. the copyright holder's name is not used to endorse products
32 built using this software without specific written permission.
34 ALTERNATIVELY, provided that this notice is retained in full, this product
35 may be distributed under the terms of the GNU General Public License (GPL),
36 in which case the provisions of the GPL apply INSTEAD OF those given above.
40 This software is provided 'as is' with no explicit or implied warranties
41 in respect of its properties, including, but not limited to, correctness
42 and/or fitness for purpose.
43 ---------------------------------------------------------------------------
44 Issue Date: 13/06/2006
47#ifndef _CRYPTO_B128OPS_H
48#define _CRYPTO_B128OPS_H
50#include <linux/types.h>
52typedef struct {
53 u64 a, b;
54} u128;
56typedef struct {
57 __be64 a, b;
58} be128;
60typedef struct {
61 __le64 b, a;
62} le128;
64static inline void u128_xor(u128 *r, const u128 *p, const u128 *q)
66 r->a = p->a ^ q->a;
67 r->b = p->b ^ q->b;
70static inline void be128_xor(be128 *r, const be128 *p, const be128 *q)
72 u128_xor((u128 *)r, (u128 *)p, (u128 *)q);
75static inline void le128_xor(le128 *r, const le128 *p, const le128 *q)
77 u128_xor((u128 *)r, (u128 *)p, (u128 *)q);
80#endif /* _CRYPTO_B128OPS_H */
diff --git a/include/crypto/gf128mul.h b/include/crypto/gf128mul.h
new file mode 100644
index 0000000000..4fd3152024
--- /dev/null
+++ b/include/crypto/gf128mul.h
@@ -0,0 +1,198 @@
1/* gf128mul.h - GF(2^128) multiplication functions
2 *
3 * Copyright (c) 2003, Dr Brian Gladman, Worcester, UK.
4 * Copyright (c) 2006 Rik Snel <rsnel@cube.dyndns.org>
5 *
6 * Based on Dr Brian Gladman's (GPL'd) work published at
7 * http://fp.gladman.plus.com/cryptography_technology/index.htm
8 * See the original copyright notice below.
9 *
10 * This program is free software; you can redistribute it and/or modify it
11 * under the terms of the GNU General Public License as published by the Free
12 * Software Foundation; either version 2 of the License, or (at your option)
13 * any later version.
14 */
16 ---------------------------------------------------------------------------
17 Copyright (c) 2003, Dr Brian Gladman, Worcester, UK. All rights reserved.
21 The free distribution and use of this software in both source and binary
22 form is allowed (with or without changes) provided that:
24 1. distributions of this source code include the above copyright
25 notice, this list of conditions and the following disclaimer;
27 2. distributions in binary form include the above copyright
28 notice, this list of conditions and the following disclaimer
29 in the documentation and/or other associated materials;
31 3. the copyright holder's name is not used to endorse products
32 built using this software without specific written permission.
34 ALTERNATIVELY, provided that this notice is retained in full, this product
35 may be distributed under the terms of the GNU General Public License (GPL),
36 in which case the provisions of the GPL apply INSTEAD OF those given above.
40 This software is provided 'as is' with no explicit or implied warranties
41 in respect of its properties, including, but not limited to, correctness
42 and/or fitness for purpose.
43 ---------------------------------------------------------------------------
44 Issue Date: 31/01/2006
46 An implementation of field multiplication in Galois Field GF(128)
49#ifndef _CRYPTO_GF128MUL_H
50#define _CRYPTO_GF128MUL_H
52#include <crypto/b128ops.h>
53#include <linux/slab.h>
55/* Comment by Rik:
56 *
57 * For some background on GF(2^128) see for example: http://-
58 * csrc.nist.gov/CryptoToolkit/modes/proposedmodes/gcm/gcm-revised-spec.pdf
59 *
60 * The elements of GF(2^128) := GF(2)[X]/(X^128-X^7-X^2-X^1-1) can
61 * be mapped to computer memory in a variety of ways. Let's examine
62 * three common cases.
63 *
64 * Take a look at the 16 binary octets below in memory order. The msb's
65 * are left and the lsb's are right. char b[16] is an array and b[0] is
66 * the first octet.
67 *
68 * 80000000 00000000 00000000 00000000 .... 00000000 00000000 00000000
69 * b[0] b[1] b[2] b[3] b[13] b[14] b[15]
70 *
71 * Every bit is a coefficient of some power of X. We can store the bits
72 * in every byte in little-endian order and the bytes themselves also in
73 * little endian order. I will call this lle (little-little-endian).
74 * The above buffer represents the polynomial 1, and X^7+X^2+X^1+1 looks
75 * like 11100001 00000000 .... 00000000 = { 0xE1, 0x00, }.
76 * This format was originally implemented in gf128mul and is used
77 * in GCM (Galois/Counter mode) and in ABL (Arbitrary Block Length).
78 *
79 * Another convention says: store the bits in bigendian order and the
80 * bytes also. This is bbe (big-big-endian). Now the buffer above
81 * represents X^127. X^7+X^2+X^1+1 looks like 00000000 .... 10000111,
82 * b[15] = 0x87 and the rest is 0. LRW uses this convention and bbe
83 * is partly implemented.
84 *
85 * Both of the above formats are easy to implement on big-endian
86 * machines.
87 *
88 * EME (which is patent encumbered) uses the ble format (bits are stored
89 * in big endian order and the bytes in little endian). The above buffer
90 * represents X^7 in this case and the primitive polynomial is b[0] = 0x87.
91 *
92 * The common machine word-size is smaller than 128 bits, so to make
93 * an efficient implementation we must split into machine word sizes.
94 * This file uses one 32bit for the moment. Machine endianness comes into
95 * play. The lle format in relation to machine endianness is discussed
96 * below by the original author of gf128mul Dr Brian Gladman.
97 *
98 * Let's look at the bbe and ble format on a little endian machine.
99 *
100 * bbe on a little endian machine u32 x[4]:
101 *
102 * MS x[0] LS MS x[1] LS
103 * ms ls ms ls ms ls ms ls ms ls ms ls ms ls ms ls
104 * 103..96 111.104 119.112 127.120 71...64 79...72 87...80 95...88
105 *
106 * MS x[2] LS MS x[3] LS
107 * ms ls ms ls ms ls ms ls ms ls ms ls ms ls ms ls
108 * 39...32 47...40 55...48 63...56 07...00 15...08 23...16 31...24
109 *
110 * ble on a little endian machine
111 *
112 * MS x[0] LS MS x[1] LS
113 * ms ls ms ls ms ls ms ls ms ls ms ls ms ls ms ls
114 * 31...24 23...16 15...08 07...00 63...56 55...48 47...40 39...32
115 *
116 * MS x[2] LS MS x[3] LS
117 * ms ls ms ls ms ls ms ls ms ls ms ls ms ls ms ls
118 * 95...88 87...80 79...72 71...64 127.120 199.112 111.104 103..96
119 *
120 * Multiplications in GF(2^128) are mostly bit-shifts, so you see why
121 * ble (and lbe also) are easier to implement on a little-endian
122 * machine than on a big-endian machine. The converse holds for bbe
123 * and lle.
124 *
125 * Note: to have good alignment, it seems to me that it is sufficient
126 * to keep elements of GF(2^128) in type u64[2]. On 32-bit wordsize
127 * machines this will automatically aligned to wordsize and on a 64-bit
128 * machine also.
129 */
130/* Multiply a GF128 field element by x. Field elements are held in arrays
131 of bytes in which field bits 8n..8n + 7 are held in byte[n], with lower
132 indexed bits placed in the more numerically significant bit positions
133 within bytes.
135 On little endian machines the bit indexes translate into the bit
136 positions within four 32-bit words in the following way
138 MS x[0] LS MS x[1] LS
139 ms ls ms ls ms ls ms ls ms ls ms ls ms ls ms ls
140 24...31 16...23 08...15 00...07 56...63 48...55 40...47 32...39
142 MS x[2] LS MS x[3] LS
143 ms ls ms ls ms ls ms ls ms ls ms ls ms ls ms ls
144 88...95 80...87 72...79 64...71 120.127 112.119 104.111 96..103
146 On big endian machines the bit indexes translate into the bit
147 positions within four 32-bit words in the following way
149 MS x[0] LS MS x[1] LS
150 ms ls ms ls ms ls ms ls ms ls ms ls ms ls ms ls
151 00...07 08...15 16...23 24...31 32...39 40...47 48...55 56...63
153 MS x[2] LS MS x[3] LS
154 ms ls ms ls ms ls ms ls ms ls ms ls ms ls ms ls
155 64...71 72...79 80...87 88...95 96..103 104.111 112.119 120.127
158/* A slow generic version of gf_mul, implemented for lle and bbe
159 * It multiplies a and b and puts the result in a */
160void gf128mul_lle(be128 *a, const be128 *b);
162void gf128mul_bbe(be128 *a, const be128 *b);
165/* 4k table optimization */
167struct gf128mul_4k {
168 be128 t[256];
171struct gf128mul_4k *gf128mul_init_4k_lle(const be128 *g);
172struct gf128mul_4k *gf128mul_init_4k_bbe(const be128 *g);
173void gf128mul_4k_lle(be128 *a, struct gf128mul_4k *t);
174void gf128mul_4k_bbe(be128 *a, struct gf128mul_4k *t);
176static inline void gf128mul_free_4k(struct gf128mul_4k *t)
178 kfree(t);
182/* 64k table optimization, implemented for lle and bbe */
184struct gf128mul_64k {
185 struct gf128mul_4k *t[16];
188/* first initialize with the constant factor with which you
189 * want to multiply and then call gf128_64k_lle with the other
190 * factor in the first argument, the table in the second and a
191 * scratch register in the third. Afterwards *a = *r. */
192struct gf128mul_64k *gf128mul_init_64k_lle(const be128 *g);
193struct gf128mul_64k *gf128mul_init_64k_bbe(const be128 *g);
194void gf128mul_free_64k(struct gf128mul_64k *t);
195void gf128mul_64k_lle(be128 *a, struct gf128mul_64k *t);
196void gf128mul_64k_bbe(be128 *a, struct gf128mul_64k *t);
198#endif /* _CRYPTO_GF128MUL_H */
diff --git a/include/linux/audit.h b/include/linux/audit.h
index b2ca666d99..0e07db6cc0 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -101,6 +101,10 @@
101#define AUDIT_MAC_CIPSOV4_DEL 1408 /* NetLabel: del CIPSOv4 DOI entry */ 101#define AUDIT_MAC_CIPSOV4_DEL 1408 /* NetLabel: del CIPSOv4 DOI entry */
102#define AUDIT_MAC_MAP_ADD 1409 /* NetLabel: add LSM domain mapping */ 102#define AUDIT_MAC_MAP_ADD 1409 /* NetLabel: add LSM domain mapping */
103#define AUDIT_MAC_MAP_DEL 1410 /* NetLabel: del LSM domain mapping */ 103#define AUDIT_MAC_MAP_DEL 1410 /* NetLabel: del LSM domain mapping */
104#define AUDIT_MAC_IPSEC_ADDSA 1411 /* Add a XFRM state */
105#define AUDIT_MAC_IPSEC_DELSA 1412 /* Delete a XFRM state */
106#define AUDIT_MAC_IPSEC_ADDSPD 1413 /* Add a XFRM policy */
107#define AUDIT_MAC_IPSEC_DELSPD 1414 /* Delete a XFRM policy */
104 108
106#define AUDIT_LAST_KERN_ANOM_MSG 1799 110#define AUDIT_LAST_KERN_ANOM_MSG 1799
@@ -377,6 +381,7 @@ extern void auditsc_get_stamp(struct audit_context *ctx,
377 struct timespec *t, unsigned int *serial); 381 struct timespec *t, unsigned int *serial);
378extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid); 382extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid);
379extern uid_t audit_get_loginuid(struct audit_context *ctx); 383extern uid_t audit_get_loginuid(struct audit_context *ctx);
384extern void audit_log_task_context(struct audit_buffer *ab);
380extern int __audit_ipc_obj(struct kern_ipc_perm *ipcp); 385extern int __audit_ipc_obj(struct kern_ipc_perm *ipcp);
381extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode); 386extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);
382extern int audit_bprm(struct linux_binprm *bprm); 387extern int audit_bprm(struct linux_binprm *bprm);
@@ -449,6 +454,7 @@ extern int audit_n_rules;
449#define audit_inode_update(i) do { ; } while (0) 454#define audit_inode_update(i) do { ; } while (0)
450#define auditsc_get_stamp(c,t,s) do { BUG(); } while (0) 455#define auditsc_get_stamp(c,t,s) do { BUG(); } while (0)
451#define audit_get_loginuid(c) ({ -1; }) 456#define audit_get_loginuid(c) ({ -1; })
457#define audit_log_task_context(b) do { ; } while (0)
452#define audit_ipc_obj(i) ({ 0; }) 458#define audit_ipc_obj(i) ({ 0; })
453#define audit_ipc_set_perm(q,u,g,m) ({ 0; }) 459#define audit_ipc_set_perm(q,u,g,m) ({ 0; })
454#define audit_bprm(p) ({ 0; }) 460#define audit_bprm(p) ({ 0; })
diff --git a/include/linux/crypto.h b/include/linux/crypto.h
index 6485e9716b..4aa9046601 100644
--- a/include/linux/crypto.h
+++ b/include/linux/crypto.h
@@ -241,12 +241,8 @@ int crypto_unregister_alg(struct crypto_alg *alg);
241 * Algorithm query interface. 241 * Algorithm query interface.
242 */ 242 */
244int crypto_alg_available(const char *name, u32 flags)
245 __deprecated_for_modules;
246int crypto_has_alg(const char *name, u32 type, u32 mask); 244int crypto_has_alg(const char *name, u32 type, u32 mask);
247#else 245#else
248static int crypto_alg_available(const char *name, u32 flags)
249 __deprecated_for_modules;
250static inline int crypto_alg_available(const char *name, u32 flags) 246static inline int crypto_alg_available(const char *name, u32 flags)
251{ 247{
252 return 0; 248 return 0;
@@ -707,16 +703,6 @@ static inline void crypto_cipher_decrypt_one(struct crypto_cipher *tfm,
707 dst, src); 703 dst, src);
708} 704}
709 705
710void crypto_digest_init(struct crypto_tfm *tfm) __deprecated_for_modules;
711void crypto_digest_update(struct crypto_tfm *tfm,
712 struct scatterlist *sg, unsigned int nsg)
713 __deprecated_for_modules;
714void crypto_digest_final(struct crypto_tfm *tfm, u8 *out)
715 __deprecated_for_modules;
716void crypto_digest_digest(struct crypto_tfm *tfm,
717 struct scatterlist *sg, unsigned int nsg, u8 *out)
718 __deprecated_for_modules;
720static inline struct crypto_hash *__crypto_hash_cast(struct crypto_tfm *tfm) 706static inline struct crypto_hash *__crypto_hash_cast(struct crypto_tfm *tfm)
721{ 707{
722 return (struct crypto_hash *)tfm; 708 return (struct crypto_hash *)tfm;
@@ -729,14 +715,6 @@ static inline struct crypto_hash *crypto_hash_cast(struct crypto_tfm *tfm)
729 return __crypto_hash_cast(tfm); 715 return __crypto_hash_cast(tfm);
730} 716}
731 717
732static int crypto_digest_setkey(struct crypto_tfm *tfm, const u8 *key,
733 unsigned int keylen) __deprecated;
734static inline int crypto_digest_setkey(struct crypto_tfm *tfm,
735 const u8 *key, unsigned int keylen)
737 return tfm->crt_hash.setkey(crypto_hash_cast(tfm), key, keylen);
740static inline struct crypto_hash *crypto_alloc_hash(const char *alg_name, 718static inline struct crypto_hash *crypto_alloc_hash(const char *alg_name,
741 u32 type, u32 mask) 719 u32 type, u32 mask)
742{ 720{
diff --git a/include/linux/genetlink.h b/include/linux/genetlink.h
index 9049dc65ae..f7a93770e1 100644
--- a/include/linux/genetlink.h
+++ b/include/linux/genetlink.h
@@ -17,6 +17,9 @@ struct genlmsghdr {
17#define GENL_HDRLEN NLMSG_ALIGN(sizeof(struct genlmsghdr)) 17#define GENL_HDRLEN NLMSG_ALIGN(sizeof(struct genlmsghdr))
18 18
19#define GENL_ADMIN_PERM 0x01 19#define GENL_ADMIN_PERM 0x01
20#define GENL_CMD_CAP_DO 0x02
21#define GENL_CMD_CAP_DUMP 0x04
22#define GENL_CMD_CAP_HASPOL 0x08
20 23
21/* 24/*
22 * List of reserved static generic netlink identifiers: 25 * List of reserved static generic netlink identifiers:
@@ -58,9 +61,6 @@ enum {
65}; 65};
66 66
diff --git a/include/linux/netfilter/nf_conntrack_pptp.h b/include/linux/netfilter/nf_conntrack_pptp.h
index fb049ec11f..9d8144a488 100644
--- a/include/linux/netfilter/nf_conntrack_pptp.h
+++ b/include/linux/netfilter/nf_conntrack_pptp.h
@@ -2,6 +2,8 @@
4 4
5#include <linux/netfilter/nf_conntrack_common.h>
5/* state of the control session */ 7/* state of the control session */
6enum pptp_ctrlsess_state { 8enum pptp_ctrlsess_state {
7 PPTP_SESSION_NONE, /* no session present */ 9 PPTP_SESSION_NONE, /* no session present */
@@ -295,7 +297,6 @@ union pptp_ctrl_union {
295/* crap needed for nf_conntrack_compat.h */ 297/* crap needed for nf_conntrack_compat.h */
296struct nf_conn; 298struct nf_conn;
297struct nf_conntrack_expect; 299struct nf_conntrack_expect;
298enum ip_conntrack_info;
299 300
300extern int 301extern int
301(*nf_nat_pptp_hook_outbound)(struct sk_buff **pskb, 302(*nf_nat_pptp_hook_outbound)(struct sk_buff **pskb,
diff --git a/include/linux/pci_ids.h b/include/linux/pci_ids.h
index ff2dcb436c..4d972bbef3 100644
--- a/include/linux/pci_ids.h
+++ b/include/linux/pci_ids.h
@@ -1931,6 +1931,7 @@
1931#define PCI_DEVICE_ID_TIGON3_5750M 0x167c 1931#define PCI_DEVICE_ID_TIGON3_5750M 0x167c
1932#define PCI_DEVICE_ID_TIGON3_5751M 0x167d 1932#define PCI_DEVICE_ID_TIGON3_5751M 0x167d
1933#define PCI_DEVICE_ID_TIGON3_5751F 0x167e 1933#define PCI_DEVICE_ID_TIGON3_5751F 0x167e
1934#define PCI_DEVICE_ID_TIGON3_5787F 0x167f
1934#define PCI_DEVICE_ID_TIGON3_5787M 0x1693 1935#define PCI_DEVICE_ID_TIGON3_5787M 0x1693
1935#define PCI_DEVICE_ID_TIGON3_5782 0x1696 1936#define PCI_DEVICE_ID_TIGON3_5782 0x1696
1936#define PCI_DEVICE_ID_TIGON3_5786 0x169a 1937#define PCI_DEVICE_ID_TIGON3_5786 0x169a
@@ -2002,6 +2003,8 @@
2002#define PCI_DEVICE_ID_FARSITE_TE1 0x1610 2003#define PCI_DEVICE_ID_FARSITE_TE1 0x1610
2003#define PCI_DEVICE_ID_FARSITE_TE1C 0x1612 2004#define PCI_DEVICE_ID_FARSITE_TE1C 0x1612
2004 2005
2006#define PCI_VENDOR_ID_ARIMA 0x161f
2005#define PCI_VENDOR_ID_SIBYTE 0x166d 2008#define PCI_VENDOR_ID_SIBYTE 0x166d
2006#define PCI_DEVICE_ID_BCM1250_PCI 0x0001 2009#define PCI_DEVICE_ID_BCM1250_PCI 0x0001
2007#define PCI_DEVICE_ID_BCM1250_HT 0x0002 2010#define PCI_DEVICE_ID_BCM1250_HT 0x0002
diff --git a/include/linux/pfkeyv2.h b/include/linux/pfkeyv2.h
index 0f0b880c42..265bafab64 100644
--- a/include/linux/pfkeyv2.h
+++ b/include/linux/pfkeyv2.h
@@ -285,6 +285,7 @@ struct sadb_x_sec_ctx {
285#define SADB_X_AALG_SHA2_384HMAC 6 285#define SADB_X_AALG_SHA2_384HMAC 6
286#define SADB_X_AALG_SHA2_512HMAC 7 286#define SADB_X_AALG_SHA2_512HMAC 7
287#define SADB_X_AALG_RIPEMD160HMAC 8 287#define SADB_X_AALG_RIPEMD160HMAC 8
288#define SADB_X_AALG_NULL 251 /* kame */ 289#define SADB_X_AALG_NULL 251 /* kame */
289#define SADB_AALG_MAX 251 290#define SADB_AALG_MAX 251
290 291
diff --git a/include/net/irda/irlan_filter.h b/include/net/irda/irlan_filter.h
index 492dedaa8a..1720539ac2 100644
--- a/include/net/irda/irlan_filter.h
+++ b/include/net/irda/irlan_filter.h
@@ -28,6 +28,8 @@
28void irlan_check_command_param(struct irlan_cb *self, char *param, 28void irlan_check_command_param(struct irlan_cb *self, char *param,
29 char *value); 29 char *value);
30void irlan_filter_request(struct irlan_cb *self, struct sk_buff *skb); 30void irlan_filter_request(struct irlan_cb *self, struct sk_buff *skb);
31void irlan_print_filter(struct seq_file *seq, int filter_type); 32void irlan_print_filter(struct seq_file *seq, int filter_type);
32 34
33#endif /* IRLAN_FILTER_H */ 35#endif /* IRLAN_FILTER_H */
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index 15ec19dcf9..e4765413cf 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -392,6 +392,20 @@ extern int xfrm_unregister_km(struct xfrm_mgr *km);
392 392
393extern unsigned int xfrm_policy_count[XFRM_POLICY_MAX*2]; 393extern unsigned int xfrm_policy_count[XFRM_POLICY_MAX*2];
394 394
395/* Audit Information */
396struct xfrm_audit
398 uid_t loginuid;
399 u32 secid;
403extern void xfrm_audit_log(uid_t auid, u32 secid, int type, int result,
404 struct xfrm_policy *xp, struct xfrm_state *x);
406#define xfrm_audit_log(a,s,t,r,p,x) do { ; } while (0)
395static inline void xfrm_pol_hold(struct xfrm_policy *policy) 409static inline void xfrm_pol_hold(struct xfrm_policy *policy)
396{ 410{
397 if (likely(policy != NULL)) 411 if (likely(policy != NULL))
@@ -906,7 +920,7 @@ static inline int xfrm_state_sort(struct xfrm_state **dst, struct xfrm_state **s
906#endif 920#endif
907extern struct xfrm_state *xfrm_find_acq_byseq(u32 seq); 921extern struct xfrm_state *xfrm_find_acq_byseq(u32 seq);
908extern int xfrm_state_delete(struct xfrm_state *x); 922extern int xfrm_state_delete(struct xfrm_state *x);
909extern void xfrm_state_flush(u8 proto); 923extern void xfrm_state_flush(u8 proto, struct xfrm_audit *audit_info);
910extern int xfrm_replay_check(struct xfrm_state *x, __be32 seq); 924extern int xfrm_replay_check(struct xfrm_state *x, __be32 seq);
911extern void xfrm_replay_advance(struct xfrm_state *x, __be32 seq); 925extern void xfrm_replay_advance(struct xfrm_state *x, __be32 seq);
912extern void xfrm_replay_notify(struct xfrm_state *x, int event); 926extern void xfrm_replay_notify(struct xfrm_state *x, int event);
@@ -959,13 +973,13 @@ struct xfrm_policy *xfrm_policy_bysel_ctx(u8 type, int dir,
959 struct xfrm_selector *sel, 973 struct xfrm_selector *sel,
960 struct xfrm_sec_ctx *ctx, int delete); 974 struct xfrm_sec_ctx *ctx, int delete);
961struct xfrm_policy *xfrm_policy_byid(u8, int dir, u32 id, int delete); 975struct xfrm_policy *xfrm_policy_byid(u8, int dir, u32 id, int delete);
962void xfrm_policy_flush(u8 type); 976void xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info);
963u32 xfrm_get_acqseq(void); 977u32 xfrm_get_acqseq(void);
964void xfrm_alloc_spi(struct xfrm_state *x, __be32 minspi, __be32 maxspi); 978void xfrm_alloc_spi(struct xfrm_state *x, __be32 minspi, __be32 maxspi);
965struct xfrm_state * xfrm_find_acq(u8 mode, u32 reqid, u8 proto, 979struct xfrm_state * xfrm_find_acq(u8 mode, u32 reqid, u8 proto,
966 xfrm_address_t *daddr, xfrm_address_t *saddr, 980 xfrm_address_t *daddr, xfrm_address_t *saddr,
967 int create, unsigned short family); 981 int create, unsigned short family);
968extern void xfrm_policy_flush(u8 type); 982extern void xfrm_policy_flush(u8 type, struct xfrm_audit *audit_info);
969extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol); 983extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol);
970extern int xfrm_bundle_ok(struct xfrm_policy *pol, struct xfrm_dst *xdst, 984extern int xfrm_bundle_ok(struct xfrm_policy *pol, struct xfrm_dst *xdst,
971 struct flowi *fl, int family, int strict); 985 struct flowi *fl, int family, int strict);