ipxfrm.o xfrm_state.o xfrm_policy.o xfrm_monitor.o iplink_dummy.o \
iplink_ifb.o iplink_nlmon.o iplink_team.o iplink_vcan.o iplink_vxcan.o \
iplink_vlan.o link_veth.o link_gre.o iplink_can.o iplink_xdp.o \
- iplink_macvlan.o ipl2tp.o link_vti.o link_vti6.o \
+ iplink_macvlan.o ipl2tp.o link_vti.o link_vti6.o link_xfrm.o \
iplink_vxlan.o tcp_metrics.o iplink_ipoib.o ipnetconf.o link_ip6tnl.o \
link_iptnl.o link_gre6.o iplink_bond.o iplink_bond_slave.o iplink_hsr.o \
iplink_bridge.o iplink_bridge_slave.o ipfou.o iplink_ipvlan.o \
--- /dev/null
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * link_xfrm.c Virtual XFRM Interface driver module
+ *
+ * Authors: Matt Ellison <matt@arroyo.io>
+ */
+
+#include <string.h>
+#include <linux/if_link.h>
+
+#include "rt_names.h"
+#include "utils.h"
+#include "ip_common.h"
+#include "tunnel.h"
+
+static void xfrm_print_help(struct link_util *lu, int argc, char **argv,
+ FILE *f)
+{
+ fprintf(f, "Usage: ... %-4s dev PHYS_DEV [ if_id IF-ID ]\n", lu->id);
+ fprintf(f, "\nWhere: IF-ID := { 0x0..0xffffffff }\n");
+}
+
+static int xfrm_parse_opt(struct link_util *lu, int argc, char **argv,
+ struct nlmsghdr *n)
+{
+ unsigned int link = 0;
+ __u32 if_id = 0;
+
+ while (argc > 0) {
+ if (!matches(*argv, "dev")) {
+ NEXT_ARG();
+ link = ll_name_to_index(*argv);
+ if (!link)
+ exit(nodev(*argv));
+ } else if (!matches(*argv, "if_id")) {
+ NEXT_ARG();
+ if (!get_u32(&if_id, *argv, 0))
+ addattr32(n, 1024, IFLA_XFRM_IF_ID, if_id);
+ } else {
+ xfrm_print_help(lu, argc, argv, stderr);
+ return -1;
+ }
+ argc--; argv++;
+ }
+
+ if (link) {
+ addattr32(n, 1024, IFLA_XFRM_LINK, link);
+ } else {
+ fprintf(stderr, "must specify physical device\n");
+ return -1;
+ }
+
+ return 0;
+}
+
+static void xfrm_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[])
+{
+
+ if (!tb)
+ return;
+
+ if (tb[IFLA_XFRM_IF_ID]) {
+ __u32 id = rta_getattr_u32(tb[IFLA_XFRM_IF_ID]);
+
+ print_0xhex(PRINT_ANY, "if_id", "if_id %#llx ", id);
+
+ }
+
+}
+
+struct link_util xfrm_link_util = {
+ .id = "xfrm",
+ .maxattr = IFLA_XFRM_MAX,
+ .parse_opt = xfrm_parse_opt,
+ .print_opt = xfrm_print_opt,
+ .print_help = xfrm_print_help,
+};
.BR vrf " |"
.BR macsec " |"
.BR netdevsim " |"
-.BR rmnet " ]"
+.BR rmnet " |"
+.BR xfrm " ]"
.ti -8
.IR ETYPE " := [ " TYPE " |"
.sp
.BR rmnet
- Qualcomm rmnet device
+.sp
+.BR xfrm
+- Virtual xfrm interface
.in -8
.TP
.in -8
+.TP
+XFRM Type Support
+For a link of type
+.I XFRM
+the following additional arguments are supported:
+
+.BI "ip link add " DEVICE " type xfrm dev " PHYS_DEV " [ if_id " IF_ID " ]"
+
+.in +8
+.sp
+.BI dev " PHYS_DEV "
+- specifies the underlying physical interface from which transform traffic is sent and received.
+
+.sp
+.BI if_id " IF-ID "
+- specifies the hexadecimal lookup key used to send traffic to and from specific xfrm
+policies. Policies must be configured with the same key. If not set, the key defaults to
+0 and will match any policies which similarly do not have a lookup key configuration.
+
+.in -8
+
.SS ip link delete - delete virtual link
.TP
--- /dev/null
+#!/bin/sh
+
+. lib/generic.sh
+
+ts_log "[Testing Add XFRM Interface, With IF-ID]"
+
+PHYS_DEV="lo"
+NEW_DEV="$(rand_dev)"
+IF_ID="0xf"
+
+ts_ip "$0" "Add $NEW_DEV xfrm interface" link add dev $NEW_DEV type xfrm dev $PHYS_DEV if_id $IF_ID
+
+ts_ip "$0" "Show $NEW_DEV xfrm interface" -d link show dev $NEW_DEV
+test_on "$NEW_DEV"
+test_on "if_id $IF_ID"
+
+ts_ip "$0" "Del $NEW_DEV xfrm interface" link del dev $NEW_DEV
+
+
+ts_log "[Testing Add XFRM Interface, No IF-ID]"
+
+PHYS_DEV="lo"
+NEW_DEV="$(rand_dev)"
+IF_ID="0xf"
+
+ts_ip "$0" "Add $NEW_DEV xfrm interface" link add dev $NEW_DEV type xfrm dev $PHYS_DEV
+
+ts_ip "$0" "Show $NEW_DEV xfrm interface" -d link show dev $NEW_DEV
+test_on "$NEW_DEV"
+test_on_not "if_id $IF_ID"
+
+ts_ip "$0" "Del $NEW_DEV xfrm interface" link del dev $NEW_DEV
projects / mirror_iproute2.git / commitdiff