forked from Minki/linux
xfrm: make xfrm modes builtin
after previous changes, xfrm_mode contains no function pointers anymore and all modules defining such struct contain no code except an init/exit functions to register the xfrm_mode struct with the xfrm core. Just place the xfrm modes core and remove the modules, the run-time xfrm_mode register/unregister functionality is removed. Before: text data bss dec filename 7523 200 2364 10087 net/xfrm/xfrm_input.o 40003 628 440 41071 net/xfrm/xfrm_state.o 15730338 6937080 4046908 26714326 vmlinux 7389 200 2364 9953 net/xfrm/xfrm_input.o 40574 656 440 41670 net/xfrm/xfrm_state.o 15730084 6937068 4046908 26714060 vmlinux The xfrm*_mode_{transport,tunnel,beet} modules are gone. v2: replace CONFIG_INET6_XFRM_MODE_* IS_ENABLED guards with CONFIG_IPV6 ones rather than removing them. Signed-off-by: Florian Westphal <fw@strlen.de> Reviewed-by: Sabrina Dubroca <sd@queasysnail.net> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
This commit is contained in:
parent
733a5fac2f
commit
4c145dce26
@ -234,9 +234,9 @@ struct xfrm_state {
|
||||
/* Reference to data common to all the instances of this
|
||||
* transformer. */
|
||||
const struct xfrm_type *type;
|
||||
struct xfrm_mode *inner_mode;
|
||||
struct xfrm_mode *inner_mode_iaf;
|
||||
struct xfrm_mode *outer_mode;
|
||||
const struct xfrm_mode *inner_mode;
|
||||
const struct xfrm_mode *inner_mode_iaf;
|
||||
const struct xfrm_mode *outer_mode;
|
||||
|
||||
const struct xfrm_type_offload *type_offload;
|
||||
|
||||
@ -347,7 +347,6 @@ struct xfrm_state_afinfo {
|
||||
struct module *owner;
|
||||
const struct xfrm_type *type_map[IPPROTO_MAX];
|
||||
const struct xfrm_type_offload *type_offload_map[IPPROTO_MAX];
|
||||
struct xfrm_mode *mode_map[XFRM_MODE_MAX];
|
||||
|
||||
int (*init_flags)(struct xfrm_state *x);
|
||||
void (*init_tempsel)(struct xfrm_selector *sel,
|
||||
@ -423,7 +422,6 @@ int xfrm_register_type_offload(const struct xfrm_type_offload *type, unsigned sh
|
||||
int xfrm_unregister_type_offload(const struct xfrm_type_offload *type, unsigned short family);
|
||||
|
||||
struct xfrm_mode {
|
||||
struct module *owner;
|
||||
u8 encap;
|
||||
u8 family;
|
||||
u8 flags;
|
||||
@ -434,9 +432,6 @@ enum {
|
||||
XFRM_MODE_FLAG_TUNNEL = 1,
|
||||
};
|
||||
|
||||
int xfrm_register_mode(struct xfrm_mode *mode);
|
||||
void xfrm_unregister_mode(struct xfrm_mode *mode);
|
||||
|
||||
static inline int xfrm_af2proto(unsigned int family)
|
||||
{
|
||||
switch(family) {
|
||||
@ -449,7 +444,7 @@ static inline int xfrm_af2proto(unsigned int family)
|
||||
}
|
||||
}
|
||||
|
||||
static inline struct xfrm_mode *xfrm_ip2inner_mode(struct xfrm_state *x, int ipproto)
|
||||
static inline const struct xfrm_mode *xfrm_ip2inner_mode(struct xfrm_state *x, int ipproto)
|
||||
{
|
||||
if ((ipproto == IPPROTO_IPIP && x->props.family == AF_INET) ||
|
||||
(ipproto == IPPROTO_IPV6 && x->props.family == AF_INET6))
|
||||
|
@ -304,7 +304,7 @@ config NET_IPVTI
|
||||
tristate "Virtual (secure) IP: tunneling"
|
||||
select INET_TUNNEL
|
||||
select NET_IP_TUNNEL
|
||||
depends on INET_XFRM_MODE_TUNNEL
|
||||
select XFRM
|
||||
---help---
|
||||
Tunneling means encapsulating data of one protocol type within
|
||||
another protocol and sending it over a channel that understands the
|
||||
@ -396,33 +396,6 @@ config INET_TUNNEL
|
||||
tristate
|
||||
default n
|
||||
|
||||
config INET_XFRM_MODE_TRANSPORT
|
||||
tristate "IP: IPsec transport mode"
|
||||
default y
|
||||
select XFRM
|
||||
---help---
|
||||
Support for IPsec transport mode.
|
||||
|
||||
If unsure, say Y.
|
||||
|
||||
config INET_XFRM_MODE_TUNNEL
|
||||
tristate "IP: IPsec tunnel mode"
|
||||
default y
|
||||
select XFRM
|
||||
---help---
|
||||
Support for IPsec tunnel mode.
|
||||
|
||||
If unsure, say Y.
|
||||
|
||||
config INET_XFRM_MODE_BEET
|
||||
tristate "IP: IPsec BEET mode"
|
||||
default y
|
||||
select XFRM
|
||||
---help---
|
||||
Support for IPsec BEET mode.
|
||||
|
||||
If unsure, say Y.
|
||||
|
||||
config INET_DIAG
|
||||
tristate "INET: socket monitoring interface"
|
||||
default y
|
||||
|
@ -37,10 +37,7 @@ obj-$(CONFIG_INET_ESP) += esp4.o
|
||||
obj-$(CONFIG_INET_ESP_OFFLOAD) += esp4_offload.o
|
||||
obj-$(CONFIG_INET_IPCOMP) += ipcomp.o
|
||||
obj-$(CONFIG_INET_XFRM_TUNNEL) += xfrm4_tunnel.o
|
||||
obj-$(CONFIG_INET_XFRM_MODE_BEET) += xfrm4_mode_beet.o
|
||||
obj-$(CONFIG_INET_TUNNEL) += tunnel4.o
|
||||
obj-$(CONFIG_INET_XFRM_MODE_TRANSPORT) += xfrm4_mode_transport.o
|
||||
obj-$(CONFIG_INET_XFRM_MODE_TUNNEL) += xfrm4_mode_tunnel.o
|
||||
obj-$(CONFIG_IP_PNP) += ipconfig.o
|
||||
obj-$(CONFIG_NETFILTER) += netfilter.o netfilter/
|
||||
obj-$(CONFIG_INET_DIAG) += inet_diag.o
|
||||
|
@ -107,7 +107,7 @@ static int vti_rcv_cb(struct sk_buff *skb, int err)
|
||||
struct net_device *dev;
|
||||
struct pcpu_sw_netstats *tstats;
|
||||
struct xfrm_state *x;
|
||||
struct xfrm_mode *inner_mode;
|
||||
const struct xfrm_mode *inner_mode;
|
||||
struct ip_tunnel *tunnel = XFRM_TUNNEL_SKB_CB(skb)->tunnel.ip4;
|
||||
u32 orig_mark = skb->mark;
|
||||
int ret;
|
||||
|
@ -1,41 +0,0 @@
|
||||
/*
|
||||
* xfrm4_mode_beet.c - BEET mode encapsulation for IPv4.
|
||||
*
|
||||
* Copyright (c) 2006 Diego Beltrami <diego.beltrami@gmail.com>
|
||||
* Miika Komu <miika@iki.fi>
|
||||
* Herbert Xu <herbert@gondor.apana.org.au>
|
||||
* Abhinav Pathak <abhinav.pathak@hiit.fi>
|
||||
* Jeff Ahrenholz <ahrenholz@gmail.com>
|
||||
*/
|
||||
|
||||
#include <linux/init.h>
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/module.h>
|
||||
#include <linux/skbuff.h>
|
||||
#include <linux/stringify.h>
|
||||
#include <net/dst.h>
|
||||
#include <net/ip.h>
|
||||
#include <net/xfrm.h>
|
||||
|
||||
|
||||
static struct xfrm_mode xfrm4_beet_mode = {
|
||||
.owner = THIS_MODULE,
|
||||
.encap = XFRM_MODE_BEET,
|
||||
.flags = XFRM_MODE_FLAG_TUNNEL,
|
||||
.family = AF_INET,
|
||||
};
|
||||
|
||||
static int __init xfrm4_beet_init(void)
|
||||
{
|
||||
return xfrm_register_mode(&xfrm4_beet_mode);
|
||||
}
|
||||
|
||||
static void __exit xfrm4_beet_exit(void)
|
||||
{
|
||||
xfrm_unregister_mode(&xfrm4_beet_mode);
|
||||
}
|
||||
|
||||
module_init(xfrm4_beet_init);
|
||||
module_exit(xfrm4_beet_exit);
|
||||
MODULE_LICENSE("GPL");
|
||||
MODULE_ALIAS_XFRM_MODE(AF_INET, XFRM_MODE_BEET);
|
@ -1,36 +0,0 @@
|
||||
/*
|
||||
* xfrm4_mode_transport.c - Transport mode encapsulation for IPv4.
|
||||
*
|
||||
* Copyright (c) 2004-2006 Herbert Xu <herbert@gondor.apana.org.au>
|
||||
*/
|
||||
|
||||
#include <linux/init.h>
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/module.h>
|
||||
#include <linux/skbuff.h>
|
||||
#include <linux/stringify.h>
|
||||
#include <net/dst.h>
|
||||
#include <net/ip.h>
|
||||
#include <net/xfrm.h>
|
||||
#include <net/protocol.h>
|
||||
|
||||
static struct xfrm_mode xfrm4_transport_mode = {
|
||||
.owner = THIS_MODULE,
|
||||
.encap = XFRM_MODE_TRANSPORT,
|
||||
.family = AF_INET,
|
||||
};
|
||||
|
||||
static int __init xfrm4_transport_init(void)
|
||||
{
|
||||
return xfrm_register_mode(&xfrm4_transport_mode);
|
||||
}
|
||||
|
||||
static void __exit xfrm4_transport_exit(void)
|
||||
{
|
||||
xfrm_unregister_mode(&xfrm4_transport_mode);
|
||||
}
|
||||
|
||||
module_init(xfrm4_transport_init);
|
||||
module_exit(xfrm4_transport_exit);
|
||||
MODULE_LICENSE("GPL");
|
||||
MODULE_ALIAS_XFRM_MODE(AF_INET, XFRM_MODE_TRANSPORT);
|
@ -1,38 +0,0 @@
|
||||
/*
|
||||
* xfrm4_mode_tunnel.c - Tunnel mode encapsulation for IPv4.
|
||||
*
|
||||
* Copyright (c) 2004-2006 Herbert Xu <herbert@gondor.apana.org.au>
|
||||
*/
|
||||
|
||||
#include <linux/gfp.h>
|
||||
#include <linux/init.h>
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/module.h>
|
||||
#include <linux/skbuff.h>
|
||||
#include <linux/stringify.h>
|
||||
#include <net/dst.h>
|
||||
#include <net/inet_ecn.h>
|
||||
#include <net/ip.h>
|
||||
#include <net/xfrm.h>
|
||||
|
||||
static struct xfrm_mode xfrm4_tunnel_mode = {
|
||||
.owner = THIS_MODULE,
|
||||
.encap = XFRM_MODE_TUNNEL,
|
||||
.flags = XFRM_MODE_FLAG_TUNNEL,
|
||||
.family = AF_INET,
|
||||
};
|
||||
|
||||
static int __init xfrm4_mode_tunnel_init(void)
|
||||
{
|
||||
return xfrm_register_mode(&xfrm4_tunnel_mode);
|
||||
}
|
||||
|
||||
static void __exit xfrm4_mode_tunnel_exit(void)
|
||||
{
|
||||
xfrm_unregister_mode(&xfrm4_tunnel_mode);
|
||||
}
|
||||
|
||||
module_init(xfrm4_mode_tunnel_init);
|
||||
module_exit(xfrm4_mode_tunnel_exit);
|
||||
MODULE_LICENSE("GPL");
|
||||
MODULE_ALIAS_XFRM_MODE(AF_INET, XFRM_MODE_TUNNEL);
|
@ -135,44 +135,11 @@ config INET6_TUNNEL
|
||||
tristate
|
||||
default n
|
||||
|
||||
config INET6_XFRM_MODE_TRANSPORT
|
||||
tristate "IPv6: IPsec transport mode"
|
||||
default IPV6
|
||||
select XFRM
|
||||
---help---
|
||||
Support for IPsec transport mode.
|
||||
|
||||
If unsure, say Y.
|
||||
|
||||
config INET6_XFRM_MODE_TUNNEL
|
||||
tristate "IPv6: IPsec tunnel mode"
|
||||
default IPV6
|
||||
select XFRM
|
||||
---help---
|
||||
Support for IPsec tunnel mode.
|
||||
|
||||
If unsure, say Y.
|
||||
|
||||
config INET6_XFRM_MODE_BEET
|
||||
tristate "IPv6: IPsec BEET mode"
|
||||
default IPV6
|
||||
select XFRM
|
||||
---help---
|
||||
Support for IPsec BEET mode.
|
||||
|
||||
If unsure, say Y.
|
||||
|
||||
config INET6_XFRM_MODE_ROUTEOPTIMIZATION
|
||||
tristate "IPv6: MIPv6 route optimization mode"
|
||||
select XFRM
|
||||
---help---
|
||||
Support for MIPv6 route optimization mode.
|
||||
|
||||
config IPV6_VTI
|
||||
tristate "Virtual (secure) IPv6: tunneling"
|
||||
select IPV6_TUNNEL
|
||||
select NET_IP_TUNNEL
|
||||
depends on INET6_XFRM_MODE_TUNNEL
|
||||
select XFRM
|
||||
---help---
|
||||
Tunneling means encapsulating data of one protocol type within
|
||||
another protocol and sending it over a channel that understands the
|
||||
|
@ -35,10 +35,6 @@ obj-$(CONFIG_INET6_ESP_OFFLOAD) += esp6_offload.o
|
||||
obj-$(CONFIG_INET6_IPCOMP) += ipcomp6.o
|
||||
obj-$(CONFIG_INET6_XFRM_TUNNEL) += xfrm6_tunnel.o
|
||||
obj-$(CONFIG_INET6_TUNNEL) += tunnel6.o
|
||||
obj-$(CONFIG_INET6_XFRM_MODE_TRANSPORT) += xfrm6_mode_transport.o
|
||||
obj-$(CONFIG_INET6_XFRM_MODE_TUNNEL) += xfrm6_mode_tunnel.o
|
||||
obj-$(CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION) += xfrm6_mode_ro.o
|
||||
obj-$(CONFIG_INET6_XFRM_MODE_BEET) += xfrm6_mode_beet.o
|
||||
obj-$(CONFIG_IPV6_MIP6) += mip6.o
|
||||
obj-$(CONFIG_IPV6_ILA) += ila/
|
||||
obj-$(CONFIG_NETFILTER) += netfilter/
|
||||
|
@ -342,7 +342,7 @@ static int vti6_rcv_cb(struct sk_buff *skb, int err)
|
||||
struct net_device *dev;
|
||||
struct pcpu_sw_netstats *tstats;
|
||||
struct xfrm_state *x;
|
||||
struct xfrm_mode *inner_mode;
|
||||
const struct xfrm_mode *inner_mode;
|
||||
struct ip6_tnl *t = XFRM_TUNNEL_SKB_CB(skb)->tunnel.ip6;
|
||||
u32 orig_mark = skb->mark;
|
||||
int ret;
|
||||
|
@ -1,42 +0,0 @@
|
||||
/*
|
||||
* xfrm6_mode_beet.c - BEET mode encapsulation for IPv6.
|
||||
*
|
||||
* Copyright (c) 2006 Diego Beltrami <diego.beltrami@gmail.com>
|
||||
* Miika Komu <miika@iki.fi>
|
||||
* Herbert Xu <herbert@gondor.apana.org.au>
|
||||
* Abhinav Pathak <abhinav.pathak@hiit.fi>
|
||||
* Jeff Ahrenholz <ahrenholz@gmail.com>
|
||||
*/
|
||||
|
||||
#include <linux/init.h>
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/module.h>
|
||||
#include <linux/skbuff.h>
|
||||
#include <linux/stringify.h>
|
||||
#include <net/dsfield.h>
|
||||
#include <net/dst.h>
|
||||
#include <net/inet_ecn.h>
|
||||
#include <net/ipv6.h>
|
||||
#include <net/xfrm.h>
|
||||
|
||||
static struct xfrm_mode xfrm6_beet_mode = {
|
||||
.owner = THIS_MODULE,
|
||||
.encap = XFRM_MODE_BEET,
|
||||
.flags = XFRM_MODE_FLAG_TUNNEL,
|
||||
.family = AF_INET6,
|
||||
};
|
||||
|
||||
static int __init xfrm6_beet_init(void)
|
||||
{
|
||||
return xfrm_register_mode(&xfrm6_beet_mode);
|
||||
}
|
||||
|
||||
static void __exit xfrm6_beet_exit(void)
|
||||
{
|
||||
xfrm_unregister_mode(&xfrm6_beet_mode);
|
||||
}
|
||||
|
||||
module_init(xfrm6_beet_init);
|
||||
module_exit(xfrm6_beet_exit);
|
||||
MODULE_LICENSE("GPL");
|
||||
MODULE_ALIAS_XFRM_MODE(AF_INET6, XFRM_MODE_BEET);
|
@ -1,55 +0,0 @@
|
||||
/*
|
||||
* xfrm6_mode_ro.c - Route optimization mode for IPv6.
|
||||
*
|
||||
* Copyright (C)2003-2006 Helsinki University of Technology
|
||||
* Copyright (C)2003-2006 USAGI/WIDE Project
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/*
|
||||
* Authors:
|
||||
* Noriaki TAKAMIYA @USAGI
|
||||
* Masahide NAKAMURA @USAGI
|
||||
*/
|
||||
|
||||
#include <linux/init.h>
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/module.h>
|
||||
#include <linux/skbuff.h>
|
||||
#include <linux/spinlock.h>
|
||||
#include <linux/stringify.h>
|
||||
#include <linux/time.h>
|
||||
#include <net/ipv6.h>
|
||||
#include <net/xfrm.h>
|
||||
|
||||
static struct xfrm_mode xfrm6_ro_mode = {
|
||||
.owner = THIS_MODULE,
|
||||
.encap = XFRM_MODE_ROUTEOPTIMIZATION,
|
||||
.family = AF_INET6,
|
||||
};
|
||||
|
||||
static int __init xfrm6_ro_init(void)
|
||||
{
|
||||
return xfrm_register_mode(&xfrm6_ro_mode);
|
||||
}
|
||||
|
||||
static void __exit xfrm6_ro_exit(void)
|
||||
{
|
||||
xfrm_unregister_mode(&xfrm6_ro_mode);
|
||||
}
|
||||
|
||||
module_init(xfrm6_ro_init);
|
||||
module_exit(xfrm6_ro_exit);
|
||||
MODULE_LICENSE("GPL");
|
||||
MODULE_ALIAS_XFRM_MODE(AF_INET6, XFRM_MODE_ROUTEOPTIMIZATION);
|
@ -1,37 +0,0 @@
|
||||
/*
|
||||
* xfrm6_mode_transport.c - Transport mode encapsulation for IPv6.
|
||||
*
|
||||
* Copyright (C) 2002 USAGI/WIDE Project
|
||||
* Copyright (c) 2004-2006 Herbert Xu <herbert@gondor.apana.org.au>
|
||||
*/
|
||||
|
||||
#include <linux/init.h>
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/module.h>
|
||||
#include <linux/skbuff.h>
|
||||
#include <linux/stringify.h>
|
||||
#include <net/dst.h>
|
||||
#include <net/ipv6.h>
|
||||
#include <net/xfrm.h>
|
||||
#include <net/protocol.h>
|
||||
|
||||
static struct xfrm_mode xfrm6_transport_mode = {
|
||||
.owner = THIS_MODULE,
|
||||
.encap = XFRM_MODE_TRANSPORT,
|
||||
.family = AF_INET6,
|
||||
};
|
||||
|
||||
static int __init xfrm6_transport_init(void)
|
||||
{
|
||||
return xfrm_register_mode(&xfrm6_transport_mode);
|
||||
}
|
||||
|
||||
static void __exit xfrm6_transport_exit(void)
|
||||
{
|
||||
xfrm_unregister_mode(&xfrm6_transport_mode);
|
||||
}
|
||||
|
||||
module_init(xfrm6_transport_init);
|
||||
module_exit(xfrm6_transport_exit);
|
||||
MODULE_LICENSE("GPL");
|
||||
MODULE_ALIAS_XFRM_MODE(AF_INET6, XFRM_MODE_TRANSPORT);
|
@ -1,45 +0,0 @@
|
||||
/*
|
||||
* xfrm6_mode_tunnel.c - Tunnel mode encapsulation for IPv6.
|
||||
*
|
||||
* Copyright (C) 2002 USAGI/WIDE Project
|
||||
* Copyright (c) 2004-2006 Herbert Xu <herbert@gondor.apana.org.au>
|
||||
*/
|
||||
|
||||
#include <linux/gfp.h>
|
||||
#include <linux/init.h>
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/module.h>
|
||||
#include <linux/skbuff.h>
|
||||
#include <linux/stringify.h>
|
||||
#include <net/dsfield.h>
|
||||
#include <net/dst.h>
|
||||
#include <net/inet_ecn.h>
|
||||
#include <net/ip6_route.h>
|
||||
#include <net/ipv6.h>
|
||||
#include <net/xfrm.h>
|
||||
|
||||
/* Add encapsulation header.
|
||||
*
|
||||
* The top IP header will be constructed per RFC 2401.
|
||||
*/
|
||||
static struct xfrm_mode xfrm6_tunnel_mode = {
|
||||
.owner = THIS_MODULE,
|
||||
.encap = XFRM_MODE_TUNNEL,
|
||||
.flags = XFRM_MODE_FLAG_TUNNEL,
|
||||
.family = AF_INET6,
|
||||
};
|
||||
|
||||
static int __init xfrm6_mode_tunnel_init(void)
|
||||
{
|
||||
return xfrm_register_mode(&xfrm6_tunnel_mode);
|
||||
}
|
||||
|
||||
static void __exit xfrm6_mode_tunnel_exit(void)
|
||||
{
|
||||
xfrm_unregister_mode(&xfrm6_tunnel_mode);
|
||||
}
|
||||
|
||||
module_init(xfrm6_mode_tunnel_init);
|
||||
module_exit(xfrm6_mode_tunnel_exit);
|
||||
MODULE_LICENSE("GPL");
|
||||
MODULE_ALIAS_XFRM_MODE(AF_INET6, XFRM_MODE_TUNNEL);
|
@ -351,7 +351,7 @@ xfrm_inner_mode_encap_remove(struct xfrm_state *x,
|
||||
|
||||
static int xfrm_prepare_input(struct xfrm_state *x, struct sk_buff *skb)
|
||||
{
|
||||
struct xfrm_mode *inner_mode = x->inner_mode;
|
||||
const struct xfrm_mode *inner_mode = x->inner_mode;
|
||||
const struct xfrm_state_afinfo *afinfo;
|
||||
int err = -EAFNOSUPPORT;
|
||||
|
||||
@ -394,7 +394,6 @@ static int xfrm_prepare_input(struct xfrm_state *x, struct sk_buff *skb)
|
||||
*/
|
||||
static int xfrm4_transport_input(struct xfrm_state *x, struct sk_buff *skb)
|
||||
{
|
||||
#if IS_ENABLED(CONFIG_INET_XFRM_MODE_TRANSPORT)
|
||||
int ihl = skb->data - skb_transport_header(skb);
|
||||
|
||||
if (skb->transport_header != skb->network_header) {
|
||||
@ -405,14 +404,11 @@ static int xfrm4_transport_input(struct xfrm_state *x, struct sk_buff *skb)
|
||||
ip_hdr(skb)->tot_len = htons(skb->len + ihl);
|
||||
skb_reset_transport_header(skb);
|
||||
return 0;
|
||||
#else
|
||||
return -EOPNOTSUPP;
|
||||
#endif
|
||||
}
|
||||
|
||||
static int xfrm6_transport_input(struct xfrm_state *x, struct sk_buff *skb)
|
||||
{
|
||||
#if IS_ENABLED(CONFIG_INET6_XFRM_MODE_TRANSPORT)
|
||||
#if IS_ENABLED(CONFIG_IPV6)
|
||||
int ihl = skb->data - skb_transport_header(skb);
|
||||
|
||||
if (skb->transport_header != skb->network_header) {
|
||||
@ -425,7 +421,8 @@ static int xfrm6_transport_input(struct xfrm_state *x, struct sk_buff *skb)
|
||||
skb_reset_transport_header(skb);
|
||||
return 0;
|
||||
#else
|
||||
return -EOPNOTSUPP;
|
||||
WARN_ON_ONCE(1);
|
||||
return -EAFNOSUPPORT;
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -458,12 +455,12 @@ int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type)
|
||||
{
|
||||
const struct xfrm_state_afinfo *afinfo;
|
||||
struct net *net = dev_net(skb->dev);
|
||||
const struct xfrm_mode *inner_mode;
|
||||
int err;
|
||||
__be32 seq;
|
||||
__be32 seq_hi;
|
||||
struct xfrm_state *x = NULL;
|
||||
xfrm_address_t *daddr;
|
||||
struct xfrm_mode *inner_mode;
|
||||
u32 mark = skb->mark;
|
||||
unsigned int family = AF_UNSPEC;
|
||||
int decaps = 0;
|
||||
|
@ -244,8 +244,8 @@ static void xfrmi_scrub_packet(struct sk_buff *skb, bool xnet)
|
||||
|
||||
static int xfrmi_rcv_cb(struct sk_buff *skb, int err)
|
||||
{
|
||||
const struct xfrm_mode *inner_mode;
|
||||
struct pcpu_sw_netstats *tstats;
|
||||
struct xfrm_mode *inner_mode;
|
||||
struct net_device *dev;
|
||||
struct xfrm_state *x;
|
||||
struct xfrm_if *xi;
|
||||
|
@ -61,7 +61,6 @@ static struct dst_entry *skb_dst_pop(struct sk_buff *skb)
|
||||
*/
|
||||
static int xfrm4_transport_output(struct xfrm_state *x, struct sk_buff *skb)
|
||||
{
|
||||
#if IS_ENABLED(CONFIG_INET_XFRM_MODE_TRANSPORT)
|
||||
struct iphdr *iph = ip_hdr(skb);
|
||||
int ihl = iph->ihl * 4;
|
||||
|
||||
@ -74,10 +73,6 @@ static int xfrm4_transport_output(struct xfrm_state *x, struct sk_buff *skb)
|
||||
__skb_pull(skb, ihl);
|
||||
memmove(skb_network_header(skb), iph, ihl);
|
||||
return 0;
|
||||
#else
|
||||
WARN_ON_ONCE(1);
|
||||
return -EOPNOTSUPP;
|
||||
#endif
|
||||
}
|
||||
|
||||
/* Add encapsulation header.
|
||||
@ -87,7 +82,7 @@ static int xfrm4_transport_output(struct xfrm_state *x, struct sk_buff *skb)
|
||||
*/
|
||||
static int xfrm6_transport_output(struct xfrm_state *x, struct sk_buff *skb)
|
||||
{
|
||||
#if IS_ENABLED(CONFIG_INET6_XFRM_MODE_TRANSPORT)
|
||||
#if IS_ENABLED(CONFIG_IPV6)
|
||||
struct ipv6hdr *iph;
|
||||
u8 *prevhdr;
|
||||
int hdr_len;
|
||||
@ -107,7 +102,7 @@ static int xfrm6_transport_output(struct xfrm_state *x, struct sk_buff *skb)
|
||||
return 0;
|
||||
#else
|
||||
WARN_ON_ONCE(1);
|
||||
return -EOPNOTSUPP;
|
||||
return -EAFNOSUPPORT;
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -118,7 +113,7 @@ static int xfrm6_transport_output(struct xfrm_state *x, struct sk_buff *skb)
|
||||
*/
|
||||
static int xfrm6_ro_output(struct xfrm_state *x, struct sk_buff *skb)
|
||||
{
|
||||
#if IS_ENABLED(CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION)
|
||||
#if IS_ENABLED(CONFIG_IPV6)
|
||||
struct ipv6hdr *iph;
|
||||
u8 *prevhdr;
|
||||
int hdr_len;
|
||||
@ -140,7 +135,7 @@ static int xfrm6_ro_output(struct xfrm_state *x, struct sk_buff *skb)
|
||||
return 0;
|
||||
#else
|
||||
WARN_ON_ONCE(1);
|
||||
return -EOPNOTSUPP;
|
||||
return -EAFNOSUPPORT;
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -624,7 +619,7 @@ EXPORT_SYMBOL_GPL(xfrm_output);
|
||||
static int xfrm_inner_extract_output(struct xfrm_state *x, struct sk_buff *skb)
|
||||
{
|
||||
const struct xfrm_state_afinfo *afinfo;
|
||||
struct xfrm_mode *inner_mode;
|
||||
const struct xfrm_mode *inner_mode;
|
||||
int err = -EAFNOSUPPORT;
|
||||
|
||||
if (x->sel.family == AF_UNSPEC)
|
||||
|
@ -2546,10 +2546,10 @@ static struct dst_entry *xfrm_bundle_create(struct xfrm_policy *policy,
|
||||
struct dst_entry *dst)
|
||||
{
|
||||
const struct xfrm_state_afinfo *afinfo;
|
||||
const struct xfrm_mode *inner_mode;
|
||||
struct net *net = xp_net(policy);
|
||||
unsigned long now = jiffies;
|
||||
struct net_device *dev;
|
||||
struct xfrm_mode *inner_mode;
|
||||
struct xfrm_dst *xdst_prev = NULL;
|
||||
struct xfrm_dst *xdst0 = NULL;
|
||||
int i = 0;
|
||||
|
@ -330,92 +330,67 @@ static void xfrm_put_type_offload(const struct xfrm_type_offload *type)
|
||||
module_put(type->owner);
|
||||
}
|
||||
|
||||
static DEFINE_SPINLOCK(xfrm_mode_lock);
|
||||
int xfrm_register_mode(struct xfrm_mode *mode)
|
||||
static const struct xfrm_mode xfrm4_mode_map[XFRM_MODE_MAX] = {
|
||||
[XFRM_MODE_BEET] = {
|
||||
.encap = XFRM_MODE_BEET,
|
||||
.flags = XFRM_MODE_FLAG_TUNNEL,
|
||||
.family = AF_INET,
|
||||
},
|
||||
[XFRM_MODE_TRANSPORT] = {
|
||||
.encap = XFRM_MODE_TRANSPORT,
|
||||
.family = AF_INET,
|
||||
},
|
||||
[XFRM_MODE_TUNNEL] = {
|
||||
.encap = XFRM_MODE_TUNNEL,
|
||||
.flags = XFRM_MODE_FLAG_TUNNEL,
|
||||
.family = AF_INET,
|
||||
},
|
||||
};
|
||||
|
||||
static const struct xfrm_mode xfrm6_mode_map[XFRM_MODE_MAX] = {
|
||||
[XFRM_MODE_BEET] = {
|
||||
.encap = XFRM_MODE_BEET,
|
||||
.flags = XFRM_MODE_FLAG_TUNNEL,
|
||||
.family = AF_INET6,
|
||||
},
|
||||
[XFRM_MODE_ROUTEOPTIMIZATION] = {
|
||||
.encap = XFRM_MODE_ROUTEOPTIMIZATION,
|
||||
.family = AF_INET6,
|
||||
},
|
||||
[XFRM_MODE_TRANSPORT] = {
|
||||
.encap = XFRM_MODE_TRANSPORT,
|
||||
.family = AF_INET6,
|
||||
},
|
||||
[XFRM_MODE_TUNNEL] = {
|
||||
.encap = XFRM_MODE_TUNNEL,
|
||||
.flags = XFRM_MODE_FLAG_TUNNEL,
|
||||
.family = AF_INET6,
|
||||
},
|
||||
};
|
||||
|
||||
static const struct xfrm_mode *xfrm_get_mode(unsigned int encap, int family)
|
||||
{
|
||||
struct xfrm_state_afinfo *afinfo;
|
||||
struct xfrm_mode **modemap;
|
||||
int err;
|
||||
|
||||
if (unlikely(mode->encap >= XFRM_MODE_MAX))
|
||||
return -EINVAL;
|
||||
|
||||
afinfo = xfrm_state_get_afinfo(mode->family);
|
||||
if (unlikely(afinfo == NULL))
|
||||
return -EAFNOSUPPORT;
|
||||
|
||||
err = -EEXIST;
|
||||
modemap = afinfo->mode_map;
|
||||
spin_lock_bh(&xfrm_mode_lock);
|
||||
if (modemap[mode->encap])
|
||||
goto out;
|
||||
|
||||
err = -ENOENT;
|
||||
if (!try_module_get(afinfo->owner))
|
||||
goto out;
|
||||
|
||||
modemap[mode->encap] = mode;
|
||||
err = 0;
|
||||
|
||||
out:
|
||||
spin_unlock_bh(&xfrm_mode_lock);
|
||||
rcu_read_unlock();
|
||||
return err;
|
||||
}
|
||||
EXPORT_SYMBOL(xfrm_register_mode);
|
||||
|
||||
void xfrm_unregister_mode(struct xfrm_mode *mode)
|
||||
{
|
||||
struct xfrm_state_afinfo *afinfo;
|
||||
struct xfrm_mode **modemap;
|
||||
|
||||
afinfo = xfrm_state_get_afinfo(mode->family);
|
||||
if (WARN_ON_ONCE(!afinfo))
|
||||
return;
|
||||
|
||||
modemap = afinfo->mode_map;
|
||||
spin_lock_bh(&xfrm_mode_lock);
|
||||
if (likely(modemap[mode->encap] == mode)) {
|
||||
modemap[mode->encap] = NULL;
|
||||
module_put(afinfo->owner);
|
||||
}
|
||||
|
||||
spin_unlock_bh(&xfrm_mode_lock);
|
||||
rcu_read_unlock();
|
||||
}
|
||||
EXPORT_SYMBOL(xfrm_unregister_mode);
|
||||
|
||||
static struct xfrm_mode *xfrm_get_mode(unsigned int encap, int family)
|
||||
{
|
||||
struct xfrm_state_afinfo *afinfo;
|
||||
struct xfrm_mode *mode;
|
||||
int modload_attempted = 0;
|
||||
const struct xfrm_mode *mode;
|
||||
|
||||
if (unlikely(encap >= XFRM_MODE_MAX))
|
||||
return NULL;
|
||||
|
||||
retry:
|
||||
afinfo = xfrm_state_get_afinfo(family);
|
||||
if (unlikely(afinfo == NULL))
|
||||
return NULL;
|
||||
|
||||
mode = READ_ONCE(afinfo->mode_map[encap]);
|
||||
if (unlikely(mode && !try_module_get(mode->owner)))
|
||||
mode = NULL;
|
||||
|
||||
rcu_read_unlock();
|
||||
if (!mode && !modload_attempted) {
|
||||
request_module("xfrm-mode-%d-%d", family, encap);
|
||||
modload_attempted = 1;
|
||||
goto retry;
|
||||
switch (family) {
|
||||
case AF_INET:
|
||||
mode = &xfrm4_mode_map[encap];
|
||||
if (mode->family == family)
|
||||
return mode;
|
||||
break;
|
||||
case AF_INET6:
|
||||
mode = &xfrm6_mode_map[encap];
|
||||
if (mode->family == family)
|
||||
return mode;
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
|
||||
return mode;
|
||||
}
|
||||
|
||||
static void xfrm_put_mode(struct xfrm_mode *mode)
|
||||
{
|
||||
module_put(mode->owner);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
void xfrm_state_free(struct xfrm_state *x)
|
||||
@ -436,12 +411,6 @@ static void ___xfrm_state_destroy(struct xfrm_state *x)
|
||||
kfree(x->coaddr);
|
||||
kfree(x->replay_esn);
|
||||
kfree(x->preplay_esn);
|
||||
if (x->inner_mode)
|
||||
xfrm_put_mode(x->inner_mode);
|
||||
if (x->inner_mode_iaf)
|
||||
xfrm_put_mode(x->inner_mode_iaf);
|
||||
if (x->outer_mode)
|
||||
xfrm_put_mode(x->outer_mode);
|
||||
if (x->type_offload)
|
||||
xfrm_put_type_offload(x->type_offload);
|
||||
if (x->type) {
|
||||
@ -2235,8 +2204,8 @@ int xfrm_state_mtu(struct xfrm_state *x, int mtu)
|
||||
|
||||
int __xfrm_init_state(struct xfrm_state *x, bool init_replay, bool offload)
|
||||
{
|
||||
struct xfrm_state_afinfo *afinfo;
|
||||
struct xfrm_mode *inner_mode;
|
||||
const struct xfrm_mode *inner_mode;
|
||||
const struct xfrm_state_afinfo *afinfo;
|
||||
int family = x->props.family;
|
||||
int err;
|
||||
|
||||
@ -2262,24 +2231,21 @@ int __xfrm_init_state(struct xfrm_state *x, bool init_replay, bool offload)
|
||||
goto error;
|
||||
|
||||
if (!(inner_mode->flags & XFRM_MODE_FLAG_TUNNEL) &&
|
||||
family != x->sel.family) {
|
||||
xfrm_put_mode(inner_mode);
|
||||
family != x->sel.family)
|
||||
goto error;
|
||||
}
|
||||
|
||||
x->inner_mode = inner_mode;
|
||||
} else {
|
||||
struct xfrm_mode *inner_mode_iaf;
|
||||
const struct xfrm_mode *inner_mode_iaf;
|
||||
int iafamily = AF_INET;
|
||||
|
||||
inner_mode = xfrm_get_mode(x->props.mode, x->props.family);
|
||||
if (inner_mode == NULL)
|
||||
goto error;
|
||||
|
||||
if (!(inner_mode->flags & XFRM_MODE_FLAG_TUNNEL)) {
|
||||
xfrm_put_mode(inner_mode);
|
||||
if (!(inner_mode->flags & XFRM_MODE_FLAG_TUNNEL))
|
||||
goto error;
|
||||
}
|
||||
|
||||
x->inner_mode = inner_mode;
|
||||
|
||||
if (x->props.family == AF_INET)
|
||||
@ -2289,8 +2255,6 @@ int __xfrm_init_state(struct xfrm_state *x, bool init_replay, bool offload)
|
||||
if (inner_mode_iaf) {
|
||||
if (inner_mode_iaf->flags & XFRM_MODE_FLAG_TUNNEL)
|
||||
x->inner_mode_iaf = inner_mode_iaf;
|
||||
else
|
||||
xfrm_put_mode(inner_mode_iaf);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -7,9 +7,7 @@ CONFIG_NET_L3_MASTER_DEV=y
|
||||
CONFIG_IPV6=y
|
||||
CONFIG_IPV6_MULTIPLE_TABLES=y
|
||||
CONFIG_VETH=y
|
||||
CONFIG_INET_XFRM_MODE_TUNNEL=y
|
||||
CONFIG_NET_IPVTI=y
|
||||
CONFIG_INET6_XFRM_MODE_TUNNEL=y
|
||||
CONFIG_IPV6_VTI=y
|
||||
CONFIG_DUMMY=y
|
||||
CONFIG_BRIDGE=y
|
||||
|
Loading…
Reference in New Issue
Block a user