Commit f643f785 authored by David S. Miller's avatar David S. Miller

Merge nuts.ninka.net:/home/davem/src/BK/network-2.5

into nuts.ninka.net:/home/davem/src/BK/net-2.5
parents 582a045d b07bd9cb
...@@ -55,6 +55,7 @@ ...@@ -55,6 +55,7 @@
#include <linux/module.h> #include <linux/module.h>
#include <linux/init.h> #include <linux/init.h>
#include <linux/types.h> #include <linux/types.h>
#include <linux/errno.h>
#include <linux/crypto.h> #include <linux/crypto.h>
#include <asm/byteorder.h> #include <asm/byteorder.h>
......
...@@ -15,6 +15,7 @@ ...@@ -15,6 +15,7 @@
*/ */
#include <linux/init.h> #include <linux/init.h>
#include <linux/crypto.h> #include <linux/crypto.h>
#include <linux/errno.h>
#include <linux/rwsem.h> #include <linux/rwsem.h>
#include <linux/slab.h> #include <linux/slab.h>
#include "internal.h" #include "internal.h"
......
...@@ -23,6 +23,7 @@ ...@@ -23,6 +23,7 @@
#include <linux/init.h> #include <linux/init.h>
#include <linux/module.h> #include <linux/module.h>
#include <linux/mm.h> #include <linux/mm.h>
#include <linux/errno.h>
#include <asm/scatterlist.h> #include <asm/scatterlist.h>
#include <linux/crypto.h> #include <linux/crypto.h>
......
...@@ -13,6 +13,7 @@ ...@@ -13,6 +13,7 @@
*/ */
#include <linux/crypto.h> #include <linux/crypto.h>
#include <linux/mm.h> #include <linux/mm.h>
#include <linux/errno.h>
#include <linux/highmem.h> #include <linux/highmem.h>
#include <asm/scatterlist.h> #include <asm/scatterlist.h>
#include "internal.h" #include "internal.h"
......
...@@ -13,6 +13,7 @@ ...@@ -13,6 +13,7 @@
#include <linux/init.h> #include <linux/init.h>
#include <linux/module.h> #include <linux/module.h>
#include <linux/errno.h>
#include <asm/byteorder.h> #include <asm/byteorder.h>
#include <linux/crypto.h> #include <linux/crypto.h>
......
...@@ -40,6 +40,7 @@ ...@@ -40,6 +40,7 @@
#include <linux/module.h> #include <linux/module.h>
#include <linux/init.h> #include <linux/init.h>
#include <linux/types.h> #include <linux/types.h>
#include <linux/errno.h>
#include <linux/crypto.h> #include <linux/crypto.h>
......
...@@ -180,5 +180,8 @@ struct in6_flowlabel_req ...@@ -180,5 +180,8 @@ struct in6_flowlabel_req
#define IPV6_FLOWLABEL_MGR 32 #define IPV6_FLOWLABEL_MGR 32
#define IPV6_FLOWINFO_SEND 33 #define IPV6_FLOWINFO_SEND 33
#define IPV6_IPSEC_POLICY 34
#define IPV6_XFRM_POLICY 35
#endif #endif
...@@ -10,6 +10,7 @@ ...@@ -10,6 +10,7 @@
#include <linux/pfkeyv2.h> #include <linux/pfkeyv2.h>
#include <linux/in6.h> #include <linux/in6.h>
#include <net/sock.h>
#include <net/dst.h> #include <net/dst.h>
#include <net/route.h> #include <net/route.h>
#include <net/ip6_fib.h> #include <net/ip6_fib.h>
......
...@@ -1086,10 +1086,26 @@ struct xfrm_policy *xfrm_compile_policy(u16 family, int opt, ...@@ -1086,10 +1086,26 @@ struct xfrm_policy *xfrm_compile_policy(u16 family, int opt,
struct xfrm_policy *xp; struct xfrm_policy *xp;
int nr; int nr;
switch (family) {
case AF_INET:
if (opt != IP_XFRM_POLICY) { if (opt != IP_XFRM_POLICY) {
*dir = -EOPNOTSUPP; *dir = -EOPNOTSUPP;
return NULL; return NULL;
} }
break;
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
case AF_INET6:
if (opt != IPV6_XFRM_POLICY) {
*dir = -EOPNOTSUPP;
return NULL;
}
break;
#endif
default:
*dir = -EINVAL;
return NULL;
}
*dir = -EINVAL; *dir = -EINVAL;
if (len < sizeof(*p) || if (len < sizeof(*p) ||
......
...@@ -47,6 +47,7 @@ ...@@ -47,6 +47,7 @@
#include <net/inet_common.h> #include <net/inet_common.h>
#include <net/tcp.h> #include <net/tcp.h>
#include <net/udp.h> #include <net/udp.h>
#include <net/xfrm.h>
#include <asm/uaccess.h> #include <asm/uaccess.h>
...@@ -404,6 +405,10 @@ int ipv6_setsockopt(struct sock *sk, int level, int optname, char *optval, ...@@ -404,6 +405,10 @@ int ipv6_setsockopt(struct sock *sk, int level, int optname, char *optval,
case IPV6_FLOWLABEL_MGR: case IPV6_FLOWLABEL_MGR:
retv = ipv6_flowlabel_opt(sk, optval, optlen); retv = ipv6_flowlabel_opt(sk, optval, optlen);
break; break;
case IPV6_IPSEC_POLICY:
case IPV6_XFRM_POLICY:
retv = xfrm_user_policy(sk, optname, optval, optlen);
break;
#ifdef CONFIG_NETFILTER #ifdef CONFIG_NETFILTER
default: default:
......
...@@ -967,7 +967,7 @@ static void tcp_v6_send_check(struct sock *sk, struct tcphdr *th, int len, ...@@ -967,7 +967,7 @@ static void tcp_v6_send_check(struct sock *sk, struct tcphdr *th, int len,
struct ipv6_pinfo *np = inet6_sk(sk); struct ipv6_pinfo *np = inet6_sk(sk);
if (skb->ip_summed == CHECKSUM_HW) { if (skb->ip_summed == CHECKSUM_HW) {
th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0); th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0);
skb->csum = offsetof(struct tcphdr, check); skb->csum = offsetof(struct tcphdr, check);
} else { } else {
th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP,
...@@ -1642,7 +1642,7 @@ static int tcp_v6_rcv(struct sk_buff *skb) ...@@ -1642,7 +1642,7 @@ static int tcp_v6_rcv(struct sk_buff *skb)
goto discard_and_relse; goto discard_and_relse;
if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb)) if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
goto discard_it; goto discard_and_relse;
skb->dev = NULL; skb->dev = NULL;
......
...@@ -2416,10 +2416,25 @@ static struct xfrm_policy *pfkey_compile_policy(u16 family, int opt, ...@@ -2416,10 +2416,25 @@ static struct xfrm_policy *pfkey_compile_policy(u16 family, int opt,
struct xfrm_policy *xp; struct xfrm_policy *xp;
struct sadb_x_policy *pol = (struct sadb_x_policy*)data; struct sadb_x_policy *pol = (struct sadb_x_policy*)data;
switch (family) {
case AF_INET:
if (opt != IP_IPSEC_POLICY) { if (opt != IP_IPSEC_POLICY) {
*dir = -EOPNOTSUPP; *dir = -EOPNOTSUPP;
return NULL; return NULL;
} }
break;
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
case AF_INET6:
if (opt != IPV6_IPSEC_POLICY) {
*dir = -EOPNOTSUPP;
return NULL;
}
break;
#endif
default:
*dir = -EINVAL;
return NULL;
}
*dir = -EINVAL; *dir = -EINVAL;
......
...@@ -292,6 +292,7 @@ extern int (*dlci_ioctl_hook)(unsigned int, void *); ...@@ -292,6 +292,7 @@ extern int (*dlci_ioctl_hook)(unsigned int, void *);
EXPORT_SYMBOL(dlci_ioctl_hook); EXPORT_SYMBOL(dlci_ioctl_hook);
#endif #endif
EXPORT_SYMBOL(xfrm_user_policy);
EXPORT_SYMBOL(km_waitq); EXPORT_SYMBOL(km_waitq);
EXPORT_SYMBOL(xfrm_cfg_sem); EXPORT_SYMBOL(xfrm_cfg_sem);
EXPORT_SYMBOL(xfrm_policy_alloc); EXPORT_SYMBOL(xfrm_policy_alloc);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment