summaryrefslogtreecommitdiffstats
path: root/net/ipv4/xfrm4_mode_transport.c
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2006-05-27 23:05:54 -0700
committerDavid S. Miller <davem@sunset.davemloft.net>2006-06-17 21:28:39 -0700
commitb59f45d0b2878ab76f8053b0973654e6621828ee (patch)
tree40dc5e2ede2620f7935fb3dae0d0eb199851f611 /net/ipv4/xfrm4_mode_transport.c
parent546be2405be119ef55467aace45f337a16e5d424 (diff)
downloadlinux-b59f45d0b2878ab76f8053b0973654e6621828ee.tar.gz
linux-b59f45d0b2878ab76f8053b0973654e6621828ee.tar.bz2
linux-b59f45d0b2878ab76f8053b0973654e6621828ee.zip
[IPSEC] xfrm: Abstract out encapsulation modes
This patch adds the structure xfrm_mode. It is meant to represent the operations carried out by transport/tunnel modes. By doing this we allow additional encapsulation modes to be added without clogging up the xfrm_input/xfrm_output paths. Candidate modes include 4-to-6 tunnel mode, 6-to-4 tunnel mode, and BEET modes. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4/xfrm4_mode_transport.c')
-rw-r--r--net/ipv4/xfrm4_mode_transport.c69
1 files changed, 69 insertions, 0 deletions
diff --git a/net/ipv4/xfrm4_mode_transport.c b/net/ipv4/xfrm4_mode_transport.c
new file mode 100644
index 000000000000..e46d9a4ccc55
--- /dev/null
+++ b/net/ipv4/xfrm4_mode_transport.c
@@ -0,0 +1,69 @@
+/*
+ * xfrm4_mode_transport.c - Transport mode encapsulation for IPv4.
+ *
+ * Copyright (c) 2004-2006 Herbert Xu <herbert@gondor.apana.org.au>
+ */
+
+#include <linux/init.h>
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/skbuff.h>
+#include <linux/stringify.h>
+#include <net/dst.h>
+#include <net/ip.h>
+#include <net/xfrm.h>
+
+/* Add encapsulation header.
+ *
+ * The IP header will be moved forward to make space for the encapsulation
+ * header.
+ *
+ * On exit, skb->h will be set to the start of the payload to be processed
+ * by x->type->output and skb->nh will be set to the top IP header.
+ */
+static int xfrm4_transport_output(struct sk_buff *skb)
+{
+ struct xfrm_state *x;
+ struct iphdr *iph;
+ int ihl;
+
+ iph = skb->nh.iph;
+ skb->h.ipiph = iph;
+
+ ihl = iph->ihl * 4;
+ skb->h.raw += ihl;
+
+ x = skb->dst->xfrm;
+ skb->nh.raw = memmove(skb_push(skb, x->props.header_len), iph, ihl);
+ return 0;
+}
+
+static int xfrm4_transport_input(struct xfrm_state *x, struct sk_buff *skb)
+{
+ return 0;
+}
+
+static struct xfrm_mode xfrm4_transport_mode = {
+ .input = xfrm4_transport_input,
+ .output = xfrm4_transport_output,
+ .owner = THIS_MODULE,
+ .encap = XFRM_MODE_TRANSPORT,
+};
+
+static int __init xfrm4_transport_init(void)
+{
+ return xfrm_register_mode(&xfrm4_transport_mode, AF_INET);
+}
+
+static void __exit xfrm4_transport_exit(void)
+{
+ int err;
+
+ err = xfrm_unregister_mode(&xfrm4_transport_mode, AF_INET);
+ BUG_ON(err);
+}
+
+module_init(xfrm4_transport_init);
+module_exit(xfrm4_transport_exit);
+MODULE_LICENSE("GPL");
+MODULE_ALIAS_XFRM_MODE(AF_INET, XFRM_MODE_TRANSPORT);