IPv6 specific thing is wrongly removed from transformation at net-2.6.25.
This patch recovers it with current design.
o Update "path" of xfrm_dst since IPv6 transformation should
care about routing changes. It is required by MIPv6 and
off-link destined IPsec.
o Rename nfheader_len which is for non-fragment transformation used by
MIPv6 to rt6i_nfheader_len as IPv6 name space.
Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
atomic_t rt6i_ref;
/* more non-fragment space at head required */
- unsigned short nfheader_len;
+ unsigned short rt6i_nfheader_len;
u8 rt6i_protocol;
struct flowi *fl,
int reverse);
int (*get_tos)(struct flowi *fl);
+ int (*init_path)(struct xfrm_dst *path,
+ struct dst_entry *dst,
+ int nfheader_len);
int (*fill_dst)(struct xfrm_dst *xdst,
struct net_device *dev);
};
return fl->fl4_tos;
}
+static int xfrm4_init_path(struct xfrm_dst *path, struct dst_entry *dst,
+ int nfheader_len)
+{
+ return 0;
+}
+
static int xfrm4_fill_dst(struct xfrm_dst *xdst, struct net_device *dev)
{
struct rtable *rt = (struct rtable *)xdst->route;
.find_bundle = __xfrm4_find_bundle,
.decode_session = _decode_session4,
.get_tos = xfrm4_get_tos,
+ .init_path = xfrm4_init_path,
.fill_dst = xfrm4_fill_dst,
};
sk->sk_sndmsg_page = NULL;
sk->sk_sndmsg_off = 0;
exthdrlen = rt->u.dst.header_len + (opt ? opt->opt_flen : 0) -
- rt->nfheader_len;
+ rt->rt6i_nfheader_len;
length += exthdrlen;
transhdrlen += exthdrlen;
} else {
hh_len = LL_RESERVED_SPACE(rt->u.dst.dev);
- fragheaderlen = sizeof(struct ipv6hdr) + rt->nfheader_len +
+ fragheaderlen = sizeof(struct ipv6hdr) + rt->rt6i_nfheader_len +
(opt ? opt->opt_nflen : 0);
maxfraglen = ((mtu - fragheaderlen) & ~7) + fragheaderlen - sizeof(struct frag_hdr);
return 0;
}
+static int xfrm6_init_path(struct xfrm_dst *path, struct dst_entry *dst,
+ int nfheader_len)
+{
+ if (dst->ops->family == AF_INET6) {
+ struct rt6_info *rt = (struct rt6_info*)dst;
+ if (rt->rt6i_node)
+ path->path_cookie = rt->rt6i_node->fn_sernum;
+ }
+
+ path->u.rt6.rt6i_nfheader_len = nfheader_len;
+
+ return 0;
+}
+
static int xfrm6_fill_dst(struct xfrm_dst *xdst, struct net_device *dev)
{
struct rt6_info *rt = (struct rt6_info*)xdst->route;
RTF_LOCAL);
xdst->u.rt6.rt6i_metric = rt->rt6i_metric;
xdst->u.rt6.rt6i_node = rt->rt6i_node;
+ if (rt->rt6i_node)
+ xdst->route_cookie = rt->rt6i_node->fn_sernum;
xdst->u.rt6.rt6i_gateway = rt->rt6i_gateway;
xdst->u.rt6.rt6i_dst = rt->rt6i_dst;
xdst->u.rt6.rt6i_src = rt->rt6i_src;
.find_bundle = __xfrm6_find_bundle,
.decode_session = _decode_session6,
.get_tos = xfrm6_get_tos,
+ .init_path = xfrm6_init_path,
.fill_dst = xfrm6_fill_dst,
};
return xdst;
}
+static inline int xfrm_init_path(struct xfrm_dst *path, struct dst_entry *dst,
+ int nfheader_len)
+{
+ struct xfrm_policy_afinfo *afinfo =
+ xfrm_policy_get_afinfo(dst->ops->family);
+ int err;
+
+ if (!afinfo)
+ return -EINVAL;
+
+ err = afinfo->init_path(path, dst, nfheader_len);
+
+ xfrm_policy_put_afinfo(afinfo);
+
+ return err;
+}
+
static inline int xfrm_fill_dst(struct xfrm_dst *xdst, struct net_device *dev)
{
struct xfrm_policy_afinfo *afinfo =
int i = 0;
int err;
int header_len = 0;
+ int nfheader_len = 0;
int trailer_len = 0;
int tos;
int family = policy->selector.family;
dst_prev = dst1;
header_len += xfrm[i]->props.header_len;
+ if (xfrm[i]->type->flags & XFRM_TYPE_NON_FRAGMENT)
+ nfheader_len += xfrm[i]->props.header_len;
trailer_len += xfrm[i]->props.trailer_len;
}
/* Copy neighbout for reachability confirmation */
dst0->neighbour = neigh_clone(dst->neighbour);
+ xfrm_init_path((struct xfrm_dst *)dst0, dst, nfheader_len);
xfrm_init_pmtu(dst_prev);
for (dst_prev = dst0; dst_prev != dst; dst_prev = dst_prev->child) {