Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next

F:	net/ipv6/xfrm*

F:	net/key/

F:	net/xfrm/

F:	tools/testing/selftests/net/ipsec.c

NETWORKING [IPv4/IPv6]

M:	"David S. Miller" <davem@davemloft.net>

	return 0;

}

extern const int xfrm_msg_min[XFRM_NR_MSGTYPES];

extern const struct nla_policy xfrma_policy[XFRMA_MAX+1];

struct xfrm_translator {

	/* Allocate frag_list and put compat translation there */

	int (*alloc_compat)(struct sk_buff *skb, const struct nlmsghdr *src);

	/* Allocate nlmsg with 64-bit translaton of received 32-bit message */

	struct nlmsghdr *(*rcv_msg_compat)(const struct nlmsghdr *nlh,

			int maxtype, const struct nla_policy *policy,

			struct netlink_ext_ack *extack);

	/* Translate 32-bit user_policy from sockptr */

	int (*xlate_user_policy_sockptr)(u8 **pdata32, int optlen);

	struct module *owner;

};

#if IS_ENABLED(CONFIG_XFRM_USER_COMPAT)

extern int xfrm_register_translator(struct xfrm_translator *xtr);

extern int xfrm_unregister_translator(struct xfrm_translator *xtr);

extern struct xfrm_translator *xfrm_get_translator(void);

extern void xfrm_put_translator(struct xfrm_translator *xtr);

#else

static inline struct xfrm_translator *xfrm_get_translator(void)

{

	return NULL;

}

static inline void xfrm_put_translator(struct xfrm_translator *xtr)

{

}

#endif

#if IS_ENABLED(CONFIG_IPV6)

static inline bool xfrm6_local_dontfrag(const struct sock *sk)

{

 * It would be better to create kernel thread.

 */

static int netlink_dump_done(struct netlink_sock *nlk, struct sk_buff *skb,

			     struct netlink_callback *cb,

			     struct netlink_ext_ack *extack)

{

	struct nlmsghdr *nlh;

	nlh = nlmsg_put_answer(skb, cb, NLMSG_DONE, sizeof(nlk->dump_done_errno),

			       NLM_F_MULTI | cb->answer_flags);

	if (WARN_ON(!nlh))

		return -ENOBUFS;

	nl_dump_check_consistent(cb, nlh);

	memcpy(nlmsg_data(nlh), &nlk->dump_done_errno, sizeof(nlk->dump_done_errno));

	if (extack->_msg && nlk->flags & NETLINK_F_EXT_ACK) {

		nlh->nlmsg_flags |= NLM_F_ACK_TLVS;

		if (!nla_put_string(skb, NLMSGERR_ATTR_MSG, extack->_msg))

			nlmsg_end(skb, nlh);

	}

	return 0;

}

static int netlink_dump(struct sock *sk)

{

	struct netlink_sock *nlk = nlk_sk(sk);

	struct netlink_ext_ack extack = {};

	struct netlink_callback *cb;

	struct sk_buff *skb = NULL;

	struct nlmsghdr *nlh;

	struct module *module;

	int err = -ENOBUFS;

	int alloc_min_size;

		return 0;

	}

	nlh = nlmsg_put_answer(skb, cb, NLMSG_DONE,

			       sizeof(nlk->dump_done_errno),

			       NLM_F_MULTI | cb->answer_flags);

	if (WARN_ON(!nlh))

	if (netlink_dump_done(nlk, skb, cb, &extack))

		goto errout_skb;

	nl_dump_check_consistent(cb, nlh);

	memcpy(nlmsg_data(nlh), &nlk->dump_done_errno,

	       sizeof(nlk->dump_done_errno));

	if (extack._msg && nlk->flags & NETLINK_F_EXT_ACK) {

		nlh->nlmsg_flags |= NLM_F_ACK_TLVS;

		if (!nla_put_string(skb, NLMSGERR_ATTR_MSG, extack._msg))

			nlmsg_end(skb, nlh);

#ifdef CONFIG_COMPAT_NETLINK_MESSAGES

	/* frag_list skb's data is used for compat tasks

	 * and the regular skb's data for normal (non-compat) tasks.

	 * See netlink_recvmsg().

	 */

	if (unlikely(skb_shinfo(skb)->frag_list)) {

		if (netlink_dump_done(nlk, skb_shinfo(skb)->frag_list, cb, &extack))

			goto errout_skb;

	}

#endif

	if (sk_filter(sk, skb))

		kfree_skb(skb);

	  If unsure, say Y.

config XFRM_USER_COMPAT

	tristate "Compatible ABI support"

	depends on XFRM_USER && COMPAT_FOR_U64_ALIGNMENT && \

		HAVE_EFFICIENT_UNALIGNED_ACCESS

	select WANT_COMPAT_NETLINK_MESSAGES

	help

	  Transformation(XFRM) user configuration interface like IPsec

	  used by compatible Linux applications.

	  If unsure, say N.

config XFRM_INTERFACE

	tristate "Transformation virtual interface"

	depends on XFRM && IPV6

obj-$(CONFIG_XFRM_STATISTICS) += xfrm_proc.o

obj-$(CONFIG_XFRM_ALGO) += xfrm_algo.o

obj-$(CONFIG_XFRM_USER) += xfrm_user.o

obj-$(CONFIG_XFRM_USER_COMPAT) += xfrm_compat.o

obj-$(CONFIG_XFRM_IPCOMP) += xfrm_ipcomp.o

obj-$(CONFIG_XFRM_INTERFACE) += xfrm_interface.o

obj-$(CONFIG_XFRM_ESPINTCP) += espintcp.o