diff options
| author | Steffen Klassert <steffen.klassert@secunet.com> | 2014-02-21 08:41:08 +0100 |
|---|---|---|
| committer | Steffen Klassert <steffen.klassert@secunet.com> | 2014-02-25 07:04:16 +0100 |
| commit | 3328715e6c1fcb10cd86b0f3212d18290b7e4463 (patch) | |
| tree | 15ba89891638afb7075b5a5046d357c9263ac265 /include/net/xfrm.h | |
| parent | 51adfcc333e1490d3a22490f5b3504f64c7b28b4 (diff) | |
| download | linux-3328715e6c1fcb10cd86b0f3212d18290b7e4463.tar.gz linux-3328715e6c1fcb10cd86b0f3212d18290b7e4463.tar.xz | |
xfrm4: Add IPsec protocol multiplexer
This patch add an IPsec protocol multiplexer. With this
it is possible to add alternative protocol handlers as
needed for IPsec virtual tunnel interfaces.
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'include/net/xfrm.h')
| -rw-r--r-- | include/net/xfrm.h | 31 |
1 files changed, 30 insertions, 1 deletions
diff --git a/include/net/xfrm.h b/include/net/xfrm.h index 45332acac022..345a15084557 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h @@ -1347,6 +1347,18 @@ struct xfrm_algo_desc { struct sadb_alg desc; }; +/* XFRM protocol handlers. */ +struct xfrm4_protocol { + int (*handler)(struct sk_buff *skb); + int (*input_handler)(struct sk_buff *skb, int nexthdr, __be32 spi, + int encap_type); + int (*cb_handler)(struct sk_buff *skb, int err); + int (*err_handler)(struct sk_buff *skb, u32 info); + + struct xfrm4_protocol __rcu *next; + int priority; +}; + /* XFRM tunnel handlers. */ struct xfrm_tunnel { int (*handler)(struct sk_buff *skb); @@ -1498,13 +1510,18 @@ int xfrm4_rcv(struct sk_buff *skb); static inline int xfrm4_rcv_spi(struct sk_buff *skb, int nexthdr, __be32 spi) { - return xfrm4_rcv_encap(skb, nexthdr, spi, 0); + XFRM_SPI_SKB_CB(skb)->family = AF_INET; + XFRM_SPI_SKB_CB(skb)->daddroff = offsetof(struct iphdr, daddr); + return xfrm_input(skb, nexthdr, spi, 0); } int xfrm4_extract_output(struct xfrm_state *x, struct sk_buff *skb); int xfrm4_prepare_output(struct xfrm_state *x, struct sk_buff *skb); int xfrm4_output(struct sk_buff *skb); int xfrm4_output_finish(struct sk_buff *skb); +int xfrm4_rcv_cb(struct sk_buff *skb, u8 protocol, int err); +int xfrm4_protocol_register(struct xfrm4_protocol *handler, unsigned char protocol); +int xfrm4_protocol_deregister(struct xfrm4_protocol *handler, unsigned char protocol); int xfrm4_tunnel_register(struct xfrm_tunnel *handler, unsigned short family); int xfrm4_tunnel_deregister(struct xfrm_tunnel *handler, unsigned short family); void xfrm4_local_error(struct sk_buff *skb, u32 mtu); @@ -1752,4 +1769,16 @@ static inline int xfrm_mark_put(struct sk_buff *skb, const struct xfrm_mark *m) return ret; } +static inline int xfrm_rcv_cb(struct sk_buff *skb, unsigned int family, + u8 protocol, int err) +{ + switch(family) { +#ifdef CONFIG_INET + case AF_INET: + return xfrm4_rcv_cb(skb, protocol, err); +#endif + } + return 0; +} + #endif /* _NET_XFRM_H */ |