Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec (31372fe9) · Commits · EulixOS / Software / Kernel

include/net/xfrm.h

+3 −3

Original line number	Diff line number	Diff line
		@@ -1568,7 +1568,6 @@ void xfrm_sad_getinfo(struct net net, struct xfrmk_sadinfo si);
		void xfrm_spd_getinfo(struct net net, struct xfrmk_spdinfo si);
		u32 xfrm_replay_seqhi(struct xfrm_state *x, __be32 net_seq);
		int xfrm_init_replay(struct xfrm_state *x);
		u32 __xfrm_state_mtu(struct xfrm_state *x, int mtu);
		u32 xfrm_state_mtu(struct xfrm_state *x, int mtu);
		int __xfrm_init_state(struct xfrm_state *x, bool init_replay, bool offload);
		int xfrm_init_state(struct xfrm_state *x);
		@@ -1681,14 +1680,15 @@ int km_migrate(const struct xfrm_selector *sel, u8 dir, u8 type,
		const struct xfrm_migrate *m, int num_bundles,
		const struct xfrm_kmaddress *k,
		const struct xfrm_encap_tmpl *encap);
		struct xfrm_state xfrm_migrate_state_find(struct xfrm_migrate m, struct net *net);
		struct xfrm_state xfrm_migrate_state_find(struct xfrm_migrate m, struct net *net,
		u32 if_id);
		struct xfrm_state xfrm_state_migrate(struct xfrm_state x,
		struct xfrm_migrate *m,
		struct xfrm_encap_tmpl *encap);
		int xfrm_migrate(const struct xfrm_selector *sel, u8 dir, u8 type,
		struct xfrm_migrate *m, int num_bundles,
		struct xfrm_kmaddress k, struct net net,
		struct xfrm_encap_tmpl *encap);
		struct xfrm_encap_tmpl *encap, u32 if_id);
		#endif

		int km_new_mapping(struct xfrm_state x, xfrm_address_t ipaddr, __be16 sport);

+6 −0

Original line number	Diff line number	Diff line
		@@ -511,6 +511,12 @@ struct xfrm_user_offload {
		int ifindex;
		__u8 flags;
		};
		/* This flag was exposed without any kernel code that supporting it.
		* Unfortunately, strongswan has the code that uses sets this flag,
		* which makes impossible to reuse this bit.
		*
		* So leave it here to make sure that it won't be reused by mistake.
		*/
		#define XFRM_OFFLOAD_IPV6 1
		#define XFRM_OFFLOAD_INBOUND 2

+1 −1

Original line number	Diff line number	Diff line
		@@ -671,7 +671,7 @@ static int esp_output(struct xfrm_state x, struct sk_buff skb)
		struct xfrm_dst dst = (struct xfrm_dst )skb_dst(skb);
		u32 padto;

		padto = min(x->tfcpad, __xfrm_state_mtu(x, dst->child_mtu_cached));
		padto = min(x->tfcpad, xfrm_state_mtu(x, dst->child_mtu_cached));
		if (skb->len < padto)
		esp.tfclen = padto - skb->len;
		}

+1 −1

Original line number	Diff line number	Diff line
		@@ -707,7 +707,7 @@ static int esp6_output(struct xfrm_state x, struct sk_buff skb)
		struct xfrm_dst dst = (struct xfrm_dst )skb_dst(skb);
		u32 padto;

		padto = min(x->tfcpad, __xfrm_state_mtu(x, dst->child_mtu_cached));
		padto = min(x->tfcpad, xfrm_state_mtu(x, dst->child_mtu_cached));
		if (skb->len < padto)
		esp.tfclen = padto - skb->len;
		}

+7 −4

Original line number	Diff line number	Diff line
		@@ -1408,8 +1408,6 @@ static int ip6_setup_cork(struct sock sk, struct inet_cork_full cork,
		if (np->frag_size)
		mtu = np->frag_size;
		}
		if (mtu < IPV6_MIN_MTU)
		return -EINVAL;
		cork->base.fragsize = mtu;
		cork->base.gso_size = ipc6->gso_size;
		cork->base.tx_flags = 0;
		@@ -1471,8 +1469,6 @@ static int __ip6_append_data(struct sock *sk,

		fragheaderlen = sizeof(struct ipv6hdr) + rt->rt6i_nfheader_len +
		(opt ? opt->opt_nflen : 0);
		maxfraglen = ((mtu - fragheaderlen) & ~7) + fragheaderlen -
		sizeof(struct frag_hdr);

		headersize = sizeof(struct ipv6hdr) +
		(opt ? opt->opt_flen + opt->opt_nflen : 0) +
		@@ -1480,6 +1476,13 @@ static int __ip6_append_data(struct sock *sk,
		sizeof(struct frag_hdr) : 0) +
		rt->rt6i_nfheader_len;

		if (mtu < fragheaderlen \|\|
		((mtu - fragheaderlen) & ~7) + fragheaderlen < sizeof(struct frag_hdr))
		goto emsgsize;

		maxfraglen = ((mtu - fragheaderlen) & ~7) + fragheaderlen -
		sizeof(struct frag_hdr);

		/* as per RFC 7112 section 5, the entire IPv6 Header Chain must fit
		* the first fragment
		*/