Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-08 21:21:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
a0073fe18e
linux/include/net
History
Steffen Klassert a0073fe18e xfrm: Add a state resolution packet queue 
As the default, we blackhole packets until the key manager resolves
the states. This patch implements a packet queue where IPsec packets
are queued until the states are resolved. We generate a dummy xfrm
bundle, the output routine of the returned route enqueues the packet
to a per policy queue and arms a timer that checks for state resolution
when dst_output() is called. Once the states are resolved, the packets
are sent out of the queue. If the states are not resolved after some
time, the queue is flushed.

This patch keeps the defaut behaviour to blackhole packets as long
as we have no states. To enable the packet queue the sysctl
xfrm_larval_drop must be switched off.

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
2013-02-06 08:31:10 +01:00
..
9p 9p: Reduce object size with CONFIG_NET_9P_DEBUG 2012-01-05 10:51:44 -06:00
bluetooth Bluetooth: trivial: Change NO_FCS_RECV to RECV_NO_FCS 2012-12-03 16:00:01 -02:00
caif caif-hsi: Remove use of module parameters 2012-06-25 16:44:12 -07:00
irda various: Fix spelling of "registered" in comments. 2012-11-19 14:29:46 +01:00
iucv af_iucv: add shutdown for HS transport 2012-03-07 22:52:24 -08:00
netfilter Merge branch 'master' of git://1984.lsi.us.es/nf-next 2013-01-27 00:56:10 -05:00
netns netfilter: add connlabel conntrack extension 2013-01-18 00:28:15 +01:00
nfc NFC: Export nfc_hci_sak_to_protocol() 2012-11-19 23:56:59 +01:00
phonet net: remove my future former mail address 2012-06-17 16:29:38 -07:00
sctp sctp: Add RCU protection to assoc->transport_addr_list 2012-12-07 14:15:04 -05:00
tc_act
act_api.h pkt_sched: namespace aware act_mirred 2013-01-14 15:09:36 -05:00
addrconf.h ipv6: Optimize ipv6_addr_is_ll_all_{nodes,routers}(). 2013-01-20 22:29:49 -05:00
af_ieee802154.h
af_rxrpc.h
af_unix.h unix: Remove unused field from unix_sock 2012-10-21 20:37:06 -04:00
ah.h
arp.h net: Dont use ifindices in hash fns 2012-08-09 16:18:06 -07:00
atmclip.h atm: clip: Use device neigh support on top of "arp_tbl". 2011-11-30 18:51:03 -05:00
ax25.h userns: Convert net/ax25 to use kuid_t where appropriate 2012-08-14 21:49:42 -07:00
ax88796.h
cfg80211-wext.h
cfg80211.h net: use ETHTOOL_FWVERS_LEN instead of ETHTOOL_BUSINFO_LEN for fw_ver strings 2013-01-06 21:06:31 -08:00
checksum.h net: core: add function for incremental IPv6 pseudo header checksum updates 2012-08-30 03:00:16 +02:00
cipso_ipv4.h cipso: handle CIPSO options correctly when NetLabel is disabled 2012-06-01 14:18:29 -04:00
cls_cgroup.h net: Update args to dummy sock_update_classid(). 2012-10-26 05:07:00 -04:00
codel.h codel: refine one condition to avoid a nul rec_inv_sqrt 2012-08-10 16:52:54 -07:00
compat.h net: cleanup unsigned to unsigned int 2012-04-15 12:44:40 -04:00
datalink.h
dcbevent.h dcb: Add stub routines for !CONFIG_DCB 2011-10-06 15:49:51 -04:00
dcbnl.h net/dcb: Add an optional max rate attribute 2012-04-05 05:08:04 -04:00
dn_dev.h
dn_fib.h net: cleanup unsigned to unsigned int 2012-04-15 12:44:40 -04:00
dn_neigh.h
dn_nsp.h
dn_route.h decnet: use correct RCU API to deref sk_dst_cache field 2013-01-28 00:15:27 -05:00
dn.h net: cleanup unsigned to unsigned int 2012-04-15 12:44:40 -04:00
dsa.h dsa: Include linux/if_ether.h to fix build error 2011-12-01 11:41:06 -05:00
dsfield.h ipv6: Optimize ipv6_change_dsfield(). 2013-01-09 23:59:53 -08:00
dst_ops.h net: Fix warnings in dst_ops.h 2012-07-19 10:43:03 -07:00
dst.h xfrm: Add a state resolution packet queue 2013-02-06 08:31:10 +01:00
esp.h
ethoc.h
fib_rules.h ipv4: Elide fib_validate_source() completely when possible. 2012-06-29 01:36:36 -07:00
flow_keys.h flow_dissector: use a 64bit load/store 2011-11-29 13:17:03 -05:00
flow.h ipv4: Add FLOWI_FLAG_KNOWN_NH 2012-10-08 17:42:36 -04:00
garp.h
gen_stats.h
genetlink.h netlink: Rename pid to portid to avoid confusion 2012-09-10 15:30:41 -04:00
gre.h
gro_cells.h gro: Fix kcalloc argument order 2013-01-27 22:46:33 -05:00
icmp.h net: cleanup unsigned to unsigned int 2012-04-15 12:44:40 -04:00
ieee80211_radiotap.h mac80211: support (partial) VHT radiotap information 2012-11-27 11:56:18 +01:00
ieee802154_netdev.h mac802154: declare reduced mlme operations 2012-05-16 15:16:56 -04:00
ieee802154.h 6LoWPAN: add fragmentation support 2011-11-14 00:19:42 -05:00
if_inet6.h net: delete all instances of special processing for token ring 2012-05-15 20:14:35 -04:00
inet6_connection_sock.h ipv6: Add helper inet6_csk_update_pmtu(). 2012-07-16 03:44:56 -07:00
inet6_hashtables.h soreuseport: TCP/IPv6 implementation 2013-01-23 13:44:01 -05:00
inet_common.h net-tcp: Fast Open client - sendmsg(MSG_FASTOPEN) 2012-07-19 11:02:03 -07:00
inet_connection_sock.h inet: Fix kmemleak in tcp_v4/6_syn_recv_sock and dccp_v4/6_request_recv_sock 2012-12-14 13:14:07 -05:00
inet_ecn.h tunnel: drop packet if ECN present with not-ECT 2012-09-27 18:12:37 -04:00
inet_frag.h ipv6: unify fragment thresh handling code 2012-09-19 17:23:28 -04:00
inet_hashtables.h soreuseport: TCP/IPv4 implementation 2013-01-23 13:44:01 -05:00
inet_sock.h net: move inet_dport/inet_num in sock_common 2012-11-30 15:02:56 -05:00
inet_timewait_sock.h net: move inet_dport/inet_num in sock_common 2012-11-30 15:02:56 -05:00
inetpeer.h ipv4: Maintain redirect and PMTU info in struct rtable again. 2012-07-10 22:40:14 -07:00
ip6_checksum.h ipv6: move csum_ipv6_magic() and udp6_csum_init() into static library 2013-01-08 17:56:10 -08:00
ip6_fib.h ipv6: Complete neighbour entry removal from dst_entry. 2013-01-17 18:38:19 -05:00
ip6_route.h ipv6: Remove unused neigh argument for icmp6_dst_alloc() and its callers. 2013-01-18 14:41:13 -05:00
ip6_tunnel.h gre: Support GRE over IPv6 2012-08-14 14:28:32 -07:00
ip_fib.h ipv4: add a fib_type to fib_info 2012-10-04 13:58:26 -04:00
ip_vs.h ipvs: fix build errors related to config option combinations 2012-10-23 09:23:40 +09:00
ip.h ipv4: fix path MTU discovery with connection tracking 2012-08-26 19:13:55 +02:00
ipcomp.h
ipconfig.h
ipip.h net: convert __IPTUNNEL_XMIT() to an inline function 2012-11-14 18:49:50 -05:00
ipv6.h ipv6: Unshare ip6_nd_hdr() and change return type to void. 2013-01-21 13:33:15 -05:00
ipx.h
iw_handler.h
lapb.h lapb: Neaten debugging 2012-05-17 18:45:20 -04:00
lib80211.h include: replace linux/module.h with "struct module" wherever possible 2011-10-31 19:32:32 -04:00
llc_c_ac.h
llc_c_ev.h net: cleanup unsigned to unsigned int 2012-04-15 12:44:40 -04:00
llc_c_st.h
llc_conn.h
llc_if.h
llc_pdu.h net: delete all instances of special processing for token ring 2012-05-15 20:14:35 -04:00
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
llc.h llc: Remove stray reference to sysctl_llc_station_ack_timeout. 2012-09-17 13:13:24 -04:00
mac80211.h mac80211: introduce IEEE80211_HW_TEARDOWN_AGGR_ON_BAR_FAIL 2012-12-05 09:53:31 +01:00
mac802154.h mac802154: add wpan device-class support 2012-06-26 21:06:11 -07:00
mip6.h
mld.h
ndisc.h ndisc: Move ndisc_opt_addr_space() to include/net/ndisc.h. 2013-01-21 13:33:14 -05:00
neighbour.h net: output path optimizations 2012-08-07 16:24:55 -07:00
net_namespace.h proc: Usable inode numbers for the namespace file descriptors. 2012-11-20 04:19:49 -08:00
net_ratelimit.h
netdma.h
netevent.h ipv6 netevent: Remove old_neigh from netevent_redirect. 2013-01-14 15:04:59 -05:00
netlabel.h userns: Convert the audit loginuid to be a kuid 2012-09-17 18:08:54 -07:00
netlink.h netlink: Rename pid to portid to avoid confusion 2012-09-10 15:30:41 -04:00
netprio_cgroup.h netprio_cgroup: use cgroup->id instead of cgroup_netprio_state->prioidx 2012-11-22 07:32:47 -08:00
netrom.h
nexthop.h
nl802154.h
p8022.h
ping.h
pkt_cls.h pkt_sched: namespace aware act_mirred 2013-01-14 15:09:36 -05:00
pkt_sched.h net: cleanup unsigned to unsigned int 2012-04-15 12:44:40 -04:00
protocol.h net: Remove code duplication between offload structures 2012-11-15 17:39:51 -05:00
psnap.h
raw.h
rawv6.h ipv6: bool/const conversions phase2 2012-05-19 01:08:16 -04:00
red.h net_sched: red: Make minor corrections to comments 2012-04-16 23:53:11 -04:00
regulatory.h cfg80211: add cellular base station regulatory hint support 2012-07-17 12:16:39 +02:00
request_sock.h tcp: better retrans tracking for defer-accept 2012-11-03 14:45:00 -04:00
rose.h
route.h ipv4: avoid a test in ip_rt_put() 2012-11-03 14:59:04 -04:00
rtnetlink.h rtnelink: remove unused parameter from rtnl_create_link(). 2012-11-30 12:24:40 -05:00
sch_generic.h pkt_sched: namespace aware act_mirred 2013-01-14 15:09:36 -05:00
scm.h net: Remove unnecessary NULL check in scm_destroy(). 2012-09-24 15:52:33 -04:00
secure_seq.h tcp: add const qualifiers where possible 2011-10-21 05:22:42 -04:00
slhc_vj.h
snmp.h net: avoid reloads in SNMP_UPD_PO_STATS 2012-08-06 13:40:47 -07:00
sock.h net: add RCU annotation to sk_dst_cache field 2013-01-28 00:15:28 -05:00
stp.h
tcp_memcontrol.h cgroup: pass struct mem_cgroup instead of struct cgroup to socket memcg 2012-04-10 10:04:07 -07:00
tcp_states.h
tcp.h tcp: make sysctl_tcp_ecn namespace aware 2013-01-06 21:09:56 -08:00
timewait_sock.h [PATCH] tcp: Cache inetpeer in timewait socket, and only when necessary. 2012-06-09 14:56:12 -07:00
transp_v6.h
udp.h net/ipv6/udp: UDP encapsulation: introduce encap_rcv hook into IPv6 2012-04-28 22:21:51 -04:00
udplite.h net: ipv4: Standardize prefixes for message logging 2012-03-12 17:05:21 -07:00
wext.h
wimax.h net: cleanup unsigned to unsigned int 2012-04-15 12:44:40 -04:00
wpan-phy.h mac802154: monitor device support 2012-05-16 15:17:08 -04:00
x25.h net: cleanup unsigned to unsigned int 2012-04-15 12:44:40 -04:00
x25device.h
xfrm.h xfrm: Add a state resolution packet queue 2013-02-06 08:31:10 +01:00