mirror of
https://github.com/torvalds/linux.git
synced 2024-11-22 12:11:40 +00:00
e7cd191f83
In packet offload mode, append Security Association (SA) information to each packet, replicating the crypto offload implementation. The XFRM_XMIT flag is set to enable packet to be returned immediately from the validate_xmit_xfrm function, thus aligning with the existing code path for packet offload mode. This SA info helps HW offload match packets to their correct security policies. The XFRM interface ID is included, which is crucial in setups with multiple XFRM interfaces where source/destination addresses alone can't pinpoint the right policy. Signed-off-by: wangfe <wangfe@google.com> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> |
||
---|---|---|
.. | ||
espintcp.c | ||
Kconfig | ||
Makefile | ||
xfrm_algo.c | ||
xfrm_compat.c | ||
xfrm_device.c | ||
xfrm_hash.c | ||
xfrm_hash.h | ||
xfrm_inout.h | ||
xfrm_input.c | ||
xfrm_interface_bpf.c | ||
xfrm_interface_core.c | ||
xfrm_ipcomp.c | ||
xfrm_nat_keepalive.c | ||
xfrm_output.c | ||
xfrm_policy.c | ||
xfrm_proc.c | ||
xfrm_replay.c | ||
xfrm_state_bpf.c | ||
xfrm_state.c | ||
xfrm_sysctl.c | ||
xfrm_user.c |