diff options
author | Jamal Hadi Salim <hadi@cyberus.ca> | 2005-06-18 22:42:13 -0700 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2005-06-18 22:42:13 -0700 |
commit | 26b15dad9f1c19d6d4f7b999b07eaa6d98e4b375 (patch) | |
tree | 2ca3039488d9df023fb84eaa7c1f52aa8d1ce69c /include | |
parent | 3aa3dfb372576f30835a94409556e3c8681b5756 (diff) | |
download | op-kernel-dev-26b15dad9f1c19d6d4f7b999b07eaa6d98e4b375.zip op-kernel-dev-26b15dad9f1c19d6d4f7b999b07eaa6d98e4b375.tar.gz |
[IPSEC] Add complete xfrm event notification
Heres the final patch.
What this patch provides
- netlink xfrm events
- ability to have events generated by netlink propagated to pfkey
and vice versa.
- fixes the acquire lets-be-happy-with-one-success issue
Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/xfrm.h | 2 | ||||
-rw-r--r-- | include/net/xfrm.h | 29 |
2 files changed, 28 insertions, 3 deletions
diff --git a/include/linux/xfrm.h b/include/linux/xfrm.h index fd2ef74..03bc600 100644 --- a/include/linux/xfrm.h +++ b/include/linux/xfrm.h @@ -257,5 +257,7 @@ struct xfrm_usersa_flush { #define XFRMGRP_ACQUIRE 1 #define XFRMGRP_EXPIRE 2 +#define XFRMGRP_SA 4 +#define XFRMGRP_POLICY 8 #endif /* _LINUX_XFRM_H */ diff --git a/include/net/xfrm.h b/include/net/xfrm.h index d675836..a159655 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h @@ -158,6 +158,27 @@ enum { XFRM_STATE_DEAD }; +/* events that could be sent by kernel */ +enum { + XFRM_SAP_INVALID, + XFRM_SAP_EXPIRED, + XFRM_SAP_ADDED, + XFRM_SAP_UPDATED, + XFRM_SAP_DELETED, + XFRM_SAP_FLUSHED, + __XFRM_SAP_MAX +}; +#define XFRM_SAP_MAX (__XFRM_SAP_MAX - 1) + +/* callback structure passed from either netlink or pfkey */ +struct km_event +{ + u32 data; + u32 seq; + u32 pid; + u32 event; +}; + struct xfrm_type; struct xfrm_dst; struct xfrm_policy_afinfo { @@ -179,6 +200,8 @@ struct xfrm_policy_afinfo { extern int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo); extern int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo); +extern void km_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c); +extern void km_state_notify(struct xfrm_state *x, struct km_event *c); #define XFRM_ACQ_EXPIRES 30 @@ -290,11 +313,11 @@ struct xfrm_mgr { struct list_head list; char *id; - int (*notify)(struct xfrm_state *x, int event); + int (*notify)(struct xfrm_state *x, struct km_event *c); int (*acquire)(struct xfrm_state *x, struct xfrm_tmpl *, struct xfrm_policy *xp, int dir); struct xfrm_policy *(*compile_policy)(u16 family, int opt, u8 *data, int len, int *dir); int (*new_mapping)(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport); - int (*notify_policy)(struct xfrm_policy *x, int dir, int event); + int (*notify_policy)(struct xfrm_policy *x, int dir, struct km_event *c); }; extern int xfrm_register_km(struct xfrm_mgr *km); @@ -817,7 +840,7 @@ extern int xfrm_state_add(struct xfrm_state *x); extern int xfrm_state_update(struct xfrm_state *x); extern struct xfrm_state *xfrm_state_lookup(xfrm_address_t *daddr, u32 spi, u8 proto, unsigned short family); extern struct xfrm_state *xfrm_find_acq_byseq(u32 seq); -extern void xfrm_state_delete(struct xfrm_state *x); +extern int xfrm_state_delete(struct xfrm_state *x); extern void xfrm_state_flush(u8 proto); extern int xfrm_replay_check(struct xfrm_state *x, u32 seq); extern void xfrm_replay_advance(struct xfrm_state *x, u32 seq); |