?? beet-simple-and-interfamily.patch-does-not-work
字號:
+ /* Without this, the atomic inc below segfaults */+ if (outer_family == AF_INET6) {+ rt->peer = NULL;+ rt_bind_peer(rt,1);+ } } else dst_hold(&rt->u.dst); }@@ -160,6 +188,11 @@ } xfrm_init_pmtu(dst);+ if (beet && outer_family == AF_INET6) {+ int delta = sizeof(struct ipv6hdr) - sizeof(struct iphdr);+ u32 mtu = dst_mtu(dst);+ xfrm4_update_pmtu(dst, mtu - delta);+ } return 0; error:diff -urN linux-2.6.18.1/net/ipv4/xfrm4_tunnel.c linux-2.6.18.1.beet/net/ipv4/xfrm4_tunnel.c--- linux-2.6.18.1/net/ipv4/xfrm4_tunnel.c 2006-10-14 06:34:03.000000000 +0300+++ linux-2.6.18.1.beet/net/ipv4/xfrm4_tunnel.c 2006-10-21 14:59:54.000000000 +0300@@ -28,13 +28,20 @@ static int ipip_init_state(struct xfrm_state *x) {- if (!x->props.mode)- return -EINVAL;- if (x->encap) return -EINVAL; - x->props.header_len = sizeof(struct iphdr);+ switch (x->props.mode) {+ case XFRM_MODE_TRANSPORT:+ return -EINVAL;+ default:+ case XFRM_MODE_TUNNEL:+ x->props.header_len = sizeof(struct iphdr);+ break;+ case XFRM_MODE_BEET:+ x->props.header_len += IPV4_BEET_PHMAXLEN;+ break;+ } return 0; }diff -urN linux-2.6.18.1/net/ipv6/ah6.c linux-2.6.18.1.beet/net/ipv6/ah6.c--- linux-2.6.18.1/net/ipv6/ah6.c 2006-10-14 06:34:03.000000000 +0300+++ linux-2.6.18.1.beet/net/ipv6/ah6.c 2006-10-21 14:59:54.000000000 +0300@@ -387,8 +387,10 @@ goto error; x->props.header_len = XFRM_ALIGN8(sizeof(struct ipv6_auth_hdr) + ahp->icv_trunc_len);- if (x->props.mode)+ if (x->props.mode == XFRM_MODE_TUNNEL) x->props.header_len += sizeof(struct ipv6hdr);+ else if (x->props.mode == XFRM_MODE_BEET)+ x->props.header_len += IPV4_BEET_PHMAXLEN; x->data = ahp; return 0;diff -urN linux-2.6.18.1/net/ipv6/esp6.c linux-2.6.18.1.beet/net/ipv6/esp6.c--- linux-2.6.18.1/net/ipv6/esp6.c 2006-10-14 06:34:03.000000000 +0300+++ linux-2.6.18.1.beet/net/ipv6/esp6.c 2006-10-21 14:59:54.000000000 +0300@@ -344,8 +344,10 @@ if (crypto_cipher_setkey(esp->conf.tfm, esp->conf.key, esp->conf.key_len)) goto error; x->props.header_len = sizeof(struct ipv6_esp_hdr) + esp->conf.ivlen;- if (x->props.mode)+ if (x->props.mode == XFRM_MODE_TUNNEL) x->props.header_len += sizeof(struct ipv6hdr);+ else if (x->props.mode == XFRM_MODE_BEET)+ x->props.header_len += IPV4_BEET_PHMAXLEN; x->data = esp; return 0; diff -urN linux-2.6.18.1/net/ipv6/ipcomp6.c linux-2.6.18.1.beet/net/ipv6/ipcomp6.c--- linux-2.6.18.1/net/ipv6/ipcomp6.c 2006-10-14 06:34:03.000000000 +0300+++ linux-2.6.18.1.beet/net/ipv6/ipcomp6.c 2006-10-21 14:59:54.000000000 +0300@@ -416,8 +416,10 @@ goto out; x->props.header_len = 0;- if (x->props.mode)+ if (x->props.mode == XFRM_MODE_TUNNEL) x->props.header_len += sizeof(struct ipv6hdr);+ else if (x->props.mode == XFRM_MODE_BEET)+ x->props.header_len += IPV4_BEET_PHMAXLEN; mutex_lock(&ipcomp6_resource_mutex); if (!ipcomp6_alloc_scratches())@@ -428,7 +430,7 @@ goto error; mutex_unlock(&ipcomp6_resource_mutex); - if (x->props.mode) {+ if (x->props.mode == XFRM_MODE_TUNNEL) { err = ipcomp6_tunnel_attach(x); if (err) goto error_tunnel;diff -urN linux-2.6.18.1/net/ipv6/xfrm6_input.c linux-2.6.18.1.beet/net/ipv6/xfrm6_input.c--- linux-2.6.18.1/net/ipv6/xfrm6_input.c 2006-10-14 06:34:03.000000000 +0300+++ linux-2.6.18.1.beet/net/ipv6/xfrm6_input.c 2006-10-21 14:59:54.000000000 +0300@@ -75,6 +75,79 @@ if (x->props.mode) { /* XXX */ decaps = 1; break;+ } else if (x->props.mode == XFRM_MODE_BEET) {+ struct ip_beet_phdr *ph = (struct ip_beet_phdr*)(skb->h.raw);+ int size = (x->sel.family == AF_INET) ? sizeof(struct iphdr) : sizeof(struct ipv6hdr);+ int delta = sizeof(struct ipv6hdr) - sizeof(struct iphdr);+ __u8 proto = skb->nh.ipv6h->nexthdr, hops = skb->nh.ipv6h->hop_limit;+ __u8 ph_nexthdr = 0;+ int phlen = 0;+ int optlen = 0;++ if (x->sel.family == AF_INET) {+ /* Inner = IPv4, therefore the IPhdr must be shrunk */+ /* Inner = 4, Outer = 6 */+ if (unlikely(proto == IPPROTO_BEETPH)) {+ if (!pskb_may_pull(skb, sizeof(*ph)))+ goto drop;+ phlen = ph->hdrlen * 8;+ optlen = phlen - ph->padlen - sizeof(*ph);++ if (optlen < 0 || optlen & 3 || optlen > 250)+ goto drop;+ if (!pskb_may_pull(skb, phlen))+ goto drop;++ proto = ph_nexthdr = ph->nexthdr;+ }+ skb->nh.raw += delta;+ }++ if (skb_cloned(skb) &&+ pskb_expand_head(skb, 0, 0, GFP_ATOMIC))+ goto drop;++ skb_push(skb, size);+ memmove(skb->data, skb->nh.raw, size);+ skb->nh.raw = skb->data;++ skb->mac.raw = memmove(skb->data - skb->mac_len,+ skb->mac.raw, skb->mac_len);+ if (unlikely(phlen)) {+ skb_pull(skb, phlen - optlen);+ skb->nh.raw = skb->data;+ }++ if (x->sel.family == AF_INET6) {+ struct ipv6hdr *ip6h = skb->nh.ipv6h;+ ip6h->payload_len = htons(skb->len - size);+ ipv6_addr_copy(&ip6h->daddr, (struct in6_addr *) &x->sel.daddr.a6);+ ipv6_addr_copy(&ip6h->saddr, (struct in6_addr *) &x->sel.saddr.a6);+ } else if (x->sel.family == AF_INET) {+ struct iphdr *iph = skb->nh.iph;+ iph->ihl = (sizeof(*iph) + optlen) / 4;+ iph->version = 4;+ iph->tos = 0;+ iph->id = 0;+ iph->frag_off = 0;+ iph->ttl = hops;+ iph->protocol = proto;+ iph->daddr = x->sel.daddr.a4;+ iph->saddr = x->sel.saddr.a4;+ iph->tot_len = htons(skb->len);+ ip_send_check(iph);+ skb->protocol = htons(ETH_P_IP);+ if (unlikely(!optlen)) {+ skb->h.raw = skb->nh.raw;+ }+ dst_release(skb->dst);+ skb->dst = NULL;+ } else+ BUG_ON(1);++ decaps = 1;+ break;+ } if ((err = xfrm_parse_spi(skb, nexthdr, &spi, &seq)) < 0)diff -urN linux-2.6.18.1/net/ipv6/xfrm6_output.c linux-2.6.18.1.beet/net/ipv6/xfrm6_output.c--- linux-2.6.18.1/net/ipv6/xfrm6_output.c 2006-10-14 06:34:03.000000000 +0300+++ linux-2.6.18.1.beet/net/ipv6/xfrm6_output.c 2006-10-21 14:59:54.000000000 +0300@@ -16,6 +16,7 @@ #include <linux/netfilter_ipv6.h> #include <net/ipv6.h> #include <net/xfrm.h>+#include <net/ip.h> static int xfrm6_tunnel_check_size(struct sk_buff *skb) {@@ -47,7 +48,7 @@ goto error_nolock; } - if (x->props.mode) {+ if (x->props.mode == XFRM_MODE_TUNNEL) { err = xfrm6_tunnel_check_size(skb); if (err) goto error_nolock;diff -urN linux-2.6.18.1/net/ipv6/xfrm6_policy.c linux-2.6.18.1.beet/net/ipv6/xfrm6_policy.c--- linux-2.6.18.1/net/ipv6/xfrm6_policy.c 2006-10-14 06:34:03.000000000 +0300+++ linux-2.6.18.1.beet/net/ipv6/xfrm6_policy.c 2006-10-21 14:59:54.000000000 +0300@@ -22,6 +22,8 @@ static struct dst_ops xfrm6_dst_ops; static struct xfrm_policy_afinfo xfrm6_policy_afinfo; +static void xfrm6_update_pmtu(struct dst_entry *dst, u32 mtu);+ static int xfrm6_dst_lookup(struct xfrm_dst **dst, struct flowi *fl) { int err = 0;@@ -70,16 +72,19 @@ struct dst_entry *dst, *dst_prev; struct rt6_info *rt0 = (struct rt6_info*)(*dst_p); struct rt6_info *rt = rt0;- struct in6_addr *remote = &fl->fl6_dst;- struct in6_addr *local = &fl->fl6_src; struct flowi fl_tunnel = { .nl_u = { .ip6_u = {- .saddr = *local,- .daddr = *remote+ .saddr = fl->fl6_src,+ .daddr = fl->fl6_dst } } };+ union {+ struct in6_addr *in6;+ struct in_addr *in;+ } remote, local;+ unsigned short outer_family = 0, beet = 0; int i; int err = 0; int header_len = 0;@@ -91,7 +96,6 @@ for (i = 0; i < nx; i++) { struct dst_entry *dst1 = dst_alloc(&xfrm6_dst_ops); struct xfrm_dst *xdst;- int tunnel = 0; if (unlikely(dst1 == NULL)) { err = -ENOBUFS;@@ -114,19 +118,35 @@ dst1->next = dst_prev; dst_prev = dst1;- if (xfrm[i]->props.mode) {- remote = (struct in6_addr*)&xfrm[i]->id.daddr;- local = (struct in6_addr*)&xfrm[i]->props.saddr;- tunnel = 1;+ if (xfrm[i]->props.mode == XFRM_MODE_TUNNEL || xfrm[i]->props.mode == XFRM_MODE_BEET) {+ outer_family = xfrm[i]->props.family;+ beet = (xfrm[i]->props.mode == XFRM_MODE_BEET);+ if (outer_family == AF_INET6) {+ remote.in6 = (struct in6_addr*)&xfrm[i]->id.daddr;+ local.in6 = (struct in6_addr*)&xfrm[i]->props.saddr;+ } else if(outer_family == AF_INET){+ remote.in = (struct in_addr*)&xfrm[i]->id.daddr;+ local.in = (struct in_addr*)&xfrm[i]->props.saddr;+ } } header_len += xfrm[i]->props.header_len; trailer_len += xfrm[i]->props.trailer_len; - if (tunnel) {- ipv6_addr_copy(&fl_tunnel.fl6_dst, remote);- ipv6_addr_copy(&fl_tunnel.fl6_src, local);+ if (outer_family) {+ switch(outer_family) {+ case AF_INET:+ fl_tunnel.fl4_dst = remote.in->s_addr;+ fl_tunnel.fl4_src = local.in->s_addr;+ break;+ case AF_INET6:+ ipv6_addr_copy(&fl_tunnel.fl6_dst, remote.in6);+ ipv6_addr_copy(&fl_tunnel.fl6_src, local.in6);+ break;+ default:+ BUG_ON(1);+ } err = xfrm_dst_lookup((struct xfrm_dst **) &rt,- &fl_tunnel, AF_INET6);+ &fl_tunnel, outer_family); if (err) goto error; } else@@ -177,6 +197,11 @@ } xfrm_init_pmtu(dst);+ if (beet && outer_family == AF_INET) {+ int delta = sizeof(struct ipv6hdr) - sizeof(struct iphdr);+ u32 mtu = dst_mtu(dst);+ xfrm6_update_pmtu(dst, mtu + delta);+ } return 0; error:diff -urN linux-2.6.18.1/net/key/af_key.c linux-2.6.18.1.beet/net/key/af_key.c--- linux-2.6.18.1/net/key/af_key.c 2006-10-14 06:34:03.000000000 +0300+++ linux-2.6.18.1.beet/net/key/af_key.c 2006-10-21 14:59:54.000000000 +0300@@ -1166,7 +1166,8 @@ /* Nobody uses this, but we try. */ x->sel.family = pfkey_sadb_addr2xfrm_addr(addr, &x->sel.saddr); x->sel.prefixlen_s = addr->sadb_address_prefixlen;- }+ } else+ x->sel.family = x->props.family; /* Conservative */ if (ext_hdrs[SADB_X_EXT_NAT_T_TYPE-1]) { struct sadb_x_nat_t_type* n_type;@@ -1763,14 +1764,13 @@ if (!t->reqid && !(t->reqid = gen_reqid())) return -ENOBUFS; }-- /* addresses present only in tunnel mode */- if (t->mode) {- switch (xp->family) {+/* addresses present in any mode */+ {+ struct sockaddr *sa;+ sa = (struct sockaddr *)(rq+1);+ switch(sa->sa_family) { case AF_INET:- sin = (void*)(rq+1);- if (sin->sin_family != AF_INET)- return -EINVAL;+ sin = (struct sockaddr_in *)sa; t->saddr.a4 = sin->sin_addr.s_addr; sin++; if (sin->sin_family != AF_INET)@@ -1779,9 +1779,7 @@ break; #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) case AF_INET6:- sin6 = (void *)(rq+1);- if (sin6->sin6_family != AF_INET6)- return -EINVAL;+ sin6 = (struct sockaddr_in6 *)sa; memcpy(t->saddr.a6, &sin6->sin6_addr, sizeof(struct in6_addr)); sin6++; if (sin6->sin6_family != AF_INET6)@@ -1792,6 +1790,7 @@ default: return -EINVAL; }+ t->outer_family = sa->sa_family; } /* No way to set this via kame pfkey */ t->aalgos = t->ealgos = t->calgos = ~0;diff -urN linux-2.6.18.1/net/xfrm/xfrm_policy.c linux-2.6.18.1.beet/net/xfrm/xfrm_policy.c--- linux-2.6.18.1/net/xfrm/xfrm_policy.c 2006-10-14 06:34:03.000000000 +0300+++ linux-2.6.18.1.beet/net/xfrm/xfrm_policy.c 2006-10-21 14:59:54.000000000 +0300@@ -782,6 +782,7 @@ if (tmpl->mode) { remote = &tmpl->id.daddr; local = &tmpl->saddr;+ family = tmpl->outer_family; } x = xfrm_state_find(remote, local, fl, tmpl, policy, &error, family);diff -urN linux-2.6.18.1/net/xfrm/xfrm_user.c linux-2.6.18.1.beet/net/xfrm/xfrm_user.c--- linux-2.6.18.1/net/xfrm/xfrm_user.c 2006-10-14 06:34:03.000000000 +0300+++ linux-2.6.18.1.beet/net/xfrm/xfrm_user.c 2006-10-21 14:59:54.000000000 +0300@@ -173,8 +173,9 @@ err = -EINVAL; switch (p->mode) {- case 0:- case 1:+ case XFRM_MODE_TRANSPORT:+ case XFRM_MODE_TUNNEL:+ case XFRM_MODE_BEET: break; default:@@ -763,6 +764,7 @@ t->aalgos = ut->aalgos; t->ealgos = ut->ealgos; t->calgos = ut->calgos;+ t->outer_family = ut->family; } } ?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -