2 * xfrm6_state.c: based on xfrm4_state.c
6 * Kazunori MIYAZAWA @USAGI
7 * Kunihiro Ishiguro <kunihiro@ipinfusion.com>
9 * YOSHIFUJI Hideaki @USAGI
10 * Split up af-specific portion
15 #include <linux/pfkeyv2.h>
16 #include <linux/ipsec.h>
17 #include <net/dsfield.h>
19 #include <net/addrconf.h>
21 static struct xfrm_state_afinfo xfrm6_state_afinfo;
24 __xfrm6_init_tempsel(struct xfrm_state *x, struct flowi *fl,
25 struct xfrm_tmpl *tmpl,
26 xfrm_address_t *daddr, xfrm_address_t *saddr)
28 /* Initialize temporary selector matching only
29 * to current session. */
30 ipv6_addr_copy((struct in6_addr *)&x->sel.daddr, &fl->fl6_dst);
31 ipv6_addr_copy((struct in6_addr *)&x->sel.saddr, &fl->fl6_src);
32 x->sel.dport = xfrm_flowi_dport(fl);
33 x->sel.dport_mask = htons(0xffff);
34 x->sel.sport = xfrm_flowi_sport(fl);
35 x->sel.sport_mask = htons(0xffff);
36 x->sel.prefixlen_d = 128;
37 x->sel.prefixlen_s = 128;
38 x->sel.proto = fl->proto;
39 x->sel.ifindex = fl->oif;
41 if (ipv6_addr_any((struct in6_addr*)&x->id.daddr))
42 memcpy(&x->id.daddr, daddr, sizeof(x->sel.daddr));
43 memcpy(&x->props.saddr, &tmpl->saddr, sizeof(x->props.saddr));
44 if (ipv6_addr_any((struct in6_addr*)&x->props.saddr))
45 memcpy(&x->props.saddr, saddr, sizeof(x->props.saddr));
46 x->props.mode = tmpl->mode;
47 x->props.reqid = tmpl->reqid;
48 x->props.family = AF_INET6;
52 __xfrm6_state_sort(struct xfrm_state **dst, struct xfrm_state **src, int n)
57 /* Rule 1: select IPsec transport except AH */
58 for (i = 0; i < n; i++) {
59 if (src[i]->props.mode == XFRM_MODE_TRANSPORT &&
60 src[i]->id.proto != IPPROTO_AH) {
68 /* Rule 2: select MIPv6 RO or inbound trigger */
69 #if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE)
70 for (i = 0; i < n; i++) {
72 (src[i]->props.mode == XFRM_MODE_ROUTEOPTIMIZATION ||
73 src[i]->props.mode == XFRM_MODE_IN_TRIGGER)) {
82 /* Rule 3: select IPsec transport AH */
83 for (i = 0; i < n; i++) {
85 src[i]->props.mode == XFRM_MODE_TRANSPORT &&
86 src[i]->id.proto == IPPROTO_AH) {
94 /* Rule 4: select IPsec tunnel */
95 for (i = 0; i < n; i++) {
97 (src[i]->props.mode == XFRM_MODE_TUNNEL ||
98 src[i]->props.mode == XFRM_MODE_BEET)) {
107 for (i = 0; i < n; i++) {
119 __xfrm6_tmpl_sort(struct xfrm_tmpl **dst, struct xfrm_tmpl **src, int n)
124 /* Rule 1: select IPsec transport */
125 for (i = 0; i < n; i++) {
126 if (src[i]->mode == XFRM_MODE_TRANSPORT) {
134 /* Rule 2: select MIPv6 RO or inbound trigger */
135 #if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE)
136 for (i = 0; i < n; i++) {
138 (src[i]->mode == XFRM_MODE_ROUTEOPTIMIZATION ||
139 src[i]->mode == XFRM_MODE_IN_TRIGGER)) {
148 /* Rule 3: select IPsec tunnel */
149 for (i = 0; i < n; i++) {
151 (src[i]->mode == XFRM_MODE_TUNNEL ||
152 src[i]->mode == XFRM_MODE_BEET)) {
161 for (i = 0; i < n; i++) {
172 int xfrm6_extract_header(struct sk_buff *skb)
174 struct ipv6hdr *iph = ipv6_hdr(skb);
176 XFRM_MODE_SKB_CB(skb)->id = 0;
177 XFRM_MODE_SKB_CB(skb)->frag_off = htons(IP_DF);
178 XFRM_MODE_SKB_CB(skb)->tos = ipv6_get_dsfield(iph);
179 XFRM_MODE_SKB_CB(skb)->ttl = iph->hop_limit;
180 XFRM_MODE_SKB_CB(skb)->protocol =
181 skb_network_header(skb)[IP6CB(skb)->nhoff];
182 memcpy(XFRM_MODE_SKB_CB(skb)->flow_lbl, iph->flow_lbl,
183 sizeof(XFRM_MODE_SKB_CB(skb)->flow_lbl));
188 static struct xfrm_state_afinfo xfrm6_state_afinfo = {
190 .proto = IPPROTO_IPV6,
191 .eth_proto = htons(ETH_P_IPV6),
192 .owner = THIS_MODULE,
193 .init_tempsel = __xfrm6_init_tempsel,
194 .tmpl_sort = __xfrm6_tmpl_sort,
195 .state_sort = __xfrm6_state_sort,
196 .output = xfrm6_output,
197 .extract_input = xfrm6_extract_input,
198 .extract_output = xfrm6_extract_output,
201 void __init xfrm6_state_init(void)
203 xfrm_state_register_afinfo(&xfrm6_state_afinfo);
206 void xfrm6_state_fini(void)
208 xfrm_state_unregister_afinfo(&xfrm6_state_afinfo);
projects / linux-2.6-omap-h63xx.git / blob