Commit 62515f95 authored by David S. Miller's avatar David S. Miller
Browse files

Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next 



Minor conflict in ip_output.c, overlapping changes to
the body of an if() statement.

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents 9d4927f0 565f0fa9

net/ipv4/ip_output.c

+1 −1
Original line number Diff line number Diff line
@@ -910,7 +910,7 @@ static int __ip_append_data(struct sock *sk, 
	    length + fragheaderlen <= mtu &&

	    rt->dst.dev->features & (NETIF_F_HW_CSUM | NETIF_F_IP_CSUM) &&

	    (!(flags & MSG_MORE) || cork->gso_size) &&

	    !exthdrlen)

	    (!exthdrlen || (rt->dst.dev->features & NETIF_F_HW_ESP_TX_CSUM)))

		csummode = CHECKSUM_PARTIAL;



	cork->length += length;

net/ipv6/ip6_vti.c

+1 −1
Original line number Diff line number Diff line
@@ -743,7 +743,7 @@ vti6_parm_to_user(struct ip6_tnl_parm2 *u, const struct __ip6_tnl_parm *p) 
}



/**

 * vti6_tnl_ioctl - configure vti6 tunnels from userspace

 * vti6_ioctl - configure vti6 tunnels from userspace

 *   @dev: virtual device associated with tunnel

 *   @ifr: parameters passed from userspace

 *   @cmd: command to be performed

net/ipv6/xfrm6_state.c

+2 −4
Original line number Diff line number Diff line
@@ -60,11 +60,9 @@ xfrm6_init_temprop(struct xfrm_state *x, const struct xfrm_tmpl *tmpl, 
static int

__xfrm6_sort(void **dst, void **src, int n, int (*cmp)(void *p), int maxclass)

{

	int i;

	int count[XFRM_MAX_DEPTH] = { };

	int class[XFRM_MAX_DEPTH];

	int count[maxclass];



	memset(count, 0, sizeof(count));

	int i;



	for (i = 0; i < n; i++) {

		int c;

net/xfrm/xfrm_state.c

+7 −2
Original line number Diff line number Diff line
@@ -42,6 +42,7 @@ static void xfrm_state_gc_task(struct work_struct *work); 


static unsigned int xfrm_state_hashmax __read_mostly = 1 * 1024 * 1024;

static __read_mostly seqcount_t xfrm_state_hash_generation = SEQCNT_ZERO(xfrm_state_hash_generation);

static struct kmem_cache *xfrm_state_cache __ro_after_init;



static DECLARE_WORK(xfrm_state_gc_work, xfrm_state_gc_task);

static HLIST_HEAD(xfrm_state_gc_list);
@@ -451,7 +452,7 @@ static void xfrm_state_gc_destroy(struct xfrm_state *x) 
	}

	xfrm_dev_state_free(x);

	security_xfrm_state_free(x);

	kfree(x);

	kmem_cache_free(xfrm_state_cache, x);

}



static void xfrm_state_gc_task(struct work_struct *work)
@@ -563,7 +564,7 @@ struct xfrm_state *xfrm_state_alloc(struct net *net) 
{

	struct xfrm_state *x;



	x = kzalloc(sizeof(struct xfrm_state), GFP_ATOMIC);

	x = kmem_cache_alloc(xfrm_state_cache, GFP_ATOMIC | __GFP_ZERO);



	if (x) {

		write_pnet(&x->xs_net, net);
@@ -2307,6 +2308,10 @@ int __net_init xfrm_state_init(struct net *net) 
{

	unsigned int sz;



	if (net_eq(net, &init_net))

		xfrm_state_cache = KMEM_CACHE(xfrm_state,

					      SLAB_HWCACHE_ALIGN | SLAB_PANIC);



	INIT_LIST_HEAD(&net->xfrm.state_all);



	sz = sizeof(struct hlist_head) * 8;

tools/testing/selftests/net/rtnetlink.sh

+103 −0
Original line number Diff line number Diff line
@@ -502,6 +502,108 @@ kci_test_macsec() 
	echo "PASS: macsec"

}



#-------------------------------------------------------------------

# Example commands

#   ip x s add proto esp src 14.0.0.52 dst 14.0.0.70 \

#            spi 0x07 mode transport reqid 0x07 replay-window 32 \

#            aead 'rfc4106(gcm(aes))' 1234567890123456dcba 128 \

#            sel src 14.0.0.52/24 dst 14.0.0.70/24

#   ip x p add dir out src 14.0.0.52/24 dst 14.0.0.70/24 \

#            tmpl proto esp src 14.0.0.52 dst 14.0.0.70 \

#            spi 0x07 mode transport reqid 0x07

#

# Subcommands not tested

#    ip x s update

#    ip x s allocspi

#    ip x s deleteall

#    ip x p update

#    ip x p deleteall

#    ip x p set

#-------------------------------------------------------------------

kci_test_ipsec()

{

	srcip="14.0.0.52"

	dstip="14.0.0.70"

	algo="aead rfc4106(gcm(aes)) 0x3132333435363738393031323334353664636261 128"



	# flush to be sure there's nothing configured

	ip x s flush ; ip x p flush

	check_err $?



	# start the monitor in the background

	tmpfile=`mktemp ipsectestXXX`

	ip x m > $tmpfile &

	mpid=$!

	sleep 0.2



	ipsecid="proto esp src $srcip dst $dstip spi 0x07"

	ip x s add $ipsecid \

            mode transport reqid 0x07 replay-window 32 \

            $algo sel src $srcip/24 dst $dstip/24

	check_err $?



	lines=`ip x s list | grep $srcip | grep $dstip | wc -l`

	test $lines -eq 2

	check_err $?



	ip x s count | grep -q "SAD count 1"

	check_err $?



	lines=`ip x s get $ipsecid | grep $srcip | grep $dstip | wc -l`

	test $lines -eq 2

	check_err $?



	ip x s delete $ipsecid

	check_err $?



	lines=`ip x s list | wc -l`

	test $lines -eq 0

	check_err $?



	ipsecsel="dir out src $srcip/24 dst $dstip/24"

	ip x p add $ipsecsel \

		    tmpl proto esp src $srcip dst $dstip \

		    spi 0x07 mode transport reqid 0x07

	check_err $?



	lines=`ip x p list | grep $srcip | grep $dstip | wc -l`

	test $lines -eq 2

	check_err $?



	ip x p count | grep -q "SPD IN  0 OUT 1 FWD 0"

	check_err $?



	lines=`ip x p get $ipsecsel | grep $srcip | grep $dstip | wc -l`

	test $lines -eq 2

	check_err $?



	ip x p delete $ipsecsel

	check_err $?



	lines=`ip x p list | wc -l`

	test $lines -eq 0

	check_err $?



	# check the monitor results

	kill $mpid

	lines=`wc -l $tmpfile | cut "-d " -f1`

	test $lines -eq 20

	check_err $?

	rm -rf $tmpfile



	# clean up any leftovers

	ip x s flush

	check_err $?

	ip x p flush

	check_err $?



	if [ $ret -ne 0 ]; then

		echo "FAIL: ipsec"

		return 1

	fi

	echo "PASS: ipsec"

}



kci_test_gretap()

{

	testns="testns"
@@ -755,6 +857,7 @@ kci_test_rtnl() 
	kci_test_vrf

	kci_test_encap

	kci_test_macsec

	kci_test_ipsec



	kci_del_dummy

}