diff options
Diffstat (limited to 'net/ipv4')
36 files changed, 92 insertions, 52 deletions
diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c index 0ffd2d2..1a3488a 100644 --- a/net/ipv4/arp.c +++ b/net/ipv4/arp.c @@ -78,7 +78,6 @@ #include <linux/types.h> #include <linux/string.h> #include <linux/kernel.h> -#include <linux/sched.h> #include <linux/capability.h> #include <linux/socket.h> #include <linux/sockios.h> diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index ba5e7f4..8a0ec10 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -35,7 +35,6 @@ #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> -#include <linux/sched.h> #include <linux/string.h> #include <linux/mm.h> #include <linux/socket.h> @@ -1577,7 +1576,6 @@ static void devinet_sysctl_register(struct in_device *in_dev, return; for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) { t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf; - t->devinet_vars[i].de = NULL; } if (dev) { @@ -1599,15 +1597,11 @@ static void devinet_sysctl_register(struct in_device *in_dev, t->devinet_dev[0].procname = dev_name; t->devinet_dev[0].child = t->devinet_vars; - t->devinet_dev[0].de = NULL; t->devinet_conf_dir[0].child = t->devinet_dev; - t->devinet_conf_dir[0].de = NULL; t->devinet_proto_dir[0].child = t->devinet_conf_dir; - t->devinet_proto_dir[0].de = NULL; t->devinet_root_dir[0].child = t->devinet_proto_dir; - t->devinet_root_dir[0].de = NULL; - t->sysctl_header = register_sysctl_table(t->devinet_root_dir, 0); + t->sysctl_header = register_sysctl_table(t->devinet_root_dir); if (!t->sysctl_header) goto free_procname; @@ -1641,7 +1635,7 @@ void __init devinet_init(void) rtnetlink_links[PF_INET] = inet_rtnetlink_table; #ifdef CONFIG_SYSCTL devinet_sysctl.sysctl_header = - register_sysctl_table(devinet_sysctl.devinet_root_dir, 0); + register_sysctl_table(devinet_sysctl.devinet_root_dir); devinet_sysctl_register(NULL, &ipv4_devconf_dflt); #endif } diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c index 64f31e6..1fba643 100644 --- a/net/ipv4/fib_frontend.c +++ b/net/ipv4/fib_frontend.c @@ -22,7 +22,6 @@ #include <linux/capability.h> #include <linux/types.h> #include <linux/kernel.h> -#include <linux/sched.h> #include <linux/mm.h> #include <linux/string.h> #include <linux/socket.h> diff --git a/net/ipv4/fib_hash.c b/net/ipv4/fib_hash.c index b21bb28..a4949f9 100644 --- a/net/ipv4/fib_hash.c +++ b/net/ipv4/fib_hash.c @@ -20,7 +20,6 @@ #include <linux/bitops.h> #include <linux/types.h> #include <linux/kernel.h> -#include <linux/sched.h> #include <linux/mm.h> #include <linux/string.h> #include <linux/socket.h> diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c index c33dca0..72b3036 100644 --- a/net/ipv4/fib_trie.c +++ b/net/ipv4/fib_trie.c @@ -57,7 +57,6 @@ #include <asm/bitops.h> #include <linux/types.h> #include <linux/kernel.h> -#include <linux/sched.h> #include <linux/mm.h> #include <linux/string.h> #include <linux/socket.h> diff --git a/net/ipv4/inetpeer.c b/net/ipv4/inetpeer.c index 711eb6d..db3ef96 100644 --- a/net/ipv4/inetpeer.c +++ b/net/ipv4/inetpeer.c @@ -14,7 +14,6 @@ #include <linux/interrupt.h> #include <linux/spinlock.h> #include <linux/random.h> -#include <linux/sched.h> #include <linux/timer.h> #include <linux/time.h> #include <linux/kernel.h> diff --git a/net/ipv4/ip_forward.c b/net/ipv4/ip_forward.c index c3ea0cd..369e721 100644 --- a/net/ipv4/ip_forward.c +++ b/net/ipv4/ip_forward.c @@ -23,7 +23,6 @@ #include <linux/types.h> #include <linux/mm.h> -#include <linux/sched.h> #include <linux/skbuff.h> #include <linux/ip.h> #include <linux/icmp.h> diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c index f12c0d6..9151da6 100644 --- a/net/ipv4/ip_gre.c +++ b/net/ipv4/ip_gre.c @@ -13,7 +13,6 @@ #include <linux/capability.h> #include <linux/module.h> #include <linux/types.h> -#include <linux/sched.h> #include <linux/kernel.h> #include <asm/uaccess.h> #include <linux/skbuff.h> diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c index bb0bb8f..d096332 100644 --- a/net/ipv4/ip_output.c +++ b/net/ipv4/ip_output.c @@ -49,7 +49,6 @@ #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> -#include <linux/sched.h> #include <linux/mm.h> #include <linux/string.h> #include <linux/errno.h> diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c index e120686..23048d9 100644 --- a/net/ipv4/ip_sockglue.c +++ b/net/ipv4/ip_sockglue.c @@ -20,7 +20,6 @@ #include <linux/module.h> #include <linux/types.h> #include <linux/mm.h> -#include <linux/sched.h> #include <linux/skbuff.h> #include <linux/ip.h> #include <linux/icmp.h> diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c index 475bcd1..3ec5ce0 100644 --- a/net/ipv4/ipip.c +++ b/net/ipv4/ipip.c @@ -96,7 +96,6 @@ #include <linux/capability.h> #include <linux/module.h> #include <linux/types.h> -#include <linux/sched.h> #include <linux/kernel.h> #include <asm/uaccess.h> #include <linux/skbuff.h> @@ -871,7 +870,7 @@ static int __init ipip_init(void) printk(banner); - if (xfrm4_tunnel_register(&ipip_handler)) { + if (xfrm4_tunnel_register(&ipip_handler, AF_INET)) { printk(KERN_INFO "ipip init: can't register tunnel\n"); return -EAGAIN; } @@ -893,7 +892,7 @@ static int __init ipip_init(void) err2: free_netdev(ipip_fb_tunnel_dev); err1: - xfrm4_tunnel_deregister(&ipip_handler); + xfrm4_tunnel_deregister(&ipip_handler, AF_INET); goto out; } @@ -913,7 +912,7 @@ static void __exit ipip_destroy_tunnels(void) static void __exit ipip_fini(void) { - if (xfrm4_tunnel_deregister(&ipip_handler)) + if (xfrm4_tunnel_deregister(&ipip_handler, AF_INET)) printk(KERN_INFO "ipip close: can't deregister tunnel\n"); rtnl_lock(); diff --git a/net/ipv4/ipmr.c b/net/ipv4/ipmr.c index e6d11ab..601e3df 100644 --- a/net/ipv4/ipmr.c +++ b/net/ipv4/ipmr.c @@ -31,7 +31,6 @@ #include <asm/system.h> #include <asm/uaccess.h> #include <linux/types.h> -#include <linux/sched.h> #include <linux/capability.h> #include <linux/errno.h> #include <linux/timer.h> diff --git a/net/ipv4/ipvs/ip_vs_ctl.c b/net/ipv4/ipvs/ip_vs_ctl.c index 8b08d9c..b3050a6 100644 --- a/net/ipv4/ipvs/ip_vs_ctl.c +++ b/net/ipv4/ipvs/ip_vs_ctl.c @@ -2359,7 +2359,7 @@ int ip_vs_control_init(void) proc_net_fops_create("ip_vs", 0, &ip_vs_info_fops); proc_net_fops_create("ip_vs_stats",0, &ip_vs_stats_fops); - sysctl_header = register_sysctl_table(vs_root_table, 0); + sysctl_header = register_sysctl_table(vs_root_table); /* Initialize ip_vs_svc_table, ip_vs_svc_fwm_table, ip_vs_rtable */ for(idx = 0; idx < IP_VS_SVC_TAB_SIZE; idx++) { diff --git a/net/ipv4/ipvs/ip_vs_lblc.c b/net/ipv4/ipvs/ip_vs_lblc.c index 76fd1fb..c801273 100644 --- a/net/ipv4/ipvs/ip_vs_lblc.c +++ b/net/ipv4/ipvs/ip_vs_lblc.c @@ -583,7 +583,7 @@ static struct ip_vs_scheduler ip_vs_lblc_scheduler = static int __init ip_vs_lblc_init(void) { INIT_LIST_HEAD(&ip_vs_lblc_scheduler.n_list); - sysctl_header = register_sysctl_table(lblc_root_table, 0); + sysctl_header = register_sysctl_table(lblc_root_table); return register_ip_vs_scheduler(&ip_vs_lblc_scheduler); } diff --git a/net/ipv4/ipvs/ip_vs_lblcr.c b/net/ipv4/ipvs/ip_vs_lblcr.c index bf1e7f2..23f9b9e 100644 --- a/net/ipv4/ipvs/ip_vs_lblcr.c +++ b/net/ipv4/ipvs/ip_vs_lblcr.c @@ -841,7 +841,7 @@ static struct ip_vs_scheduler ip_vs_lblcr_scheduler = static int __init ip_vs_lblcr_init(void) { INIT_LIST_HEAD(&ip_vs_lblcr_scheduler.n_list); - sysctl_header = register_sysctl_table(lblcr_root_table, 0); + sysctl_header = register_sysctl_table(lblcr_root_table); #ifdef CONFIG_IP_VS_LBLCR_DEBUG proc_net_create("ip_vs_lblcr", 0, ip_vs_lblcr_getinfo); #endif diff --git a/net/ipv4/ipvs/ip_vs_sched.c b/net/ipv4/ipvs/ip_vs_sched.c index 8bc42b7..1602304 100644 --- a/net/ipv4/ipvs/ip_vs_sched.c +++ b/net/ipv4/ipvs/ip_vs_sched.c @@ -20,7 +20,6 @@ */ #include <linux/module.h> -#include <linux/sched.h> #include <linux/spinlock.h> #include <linux/interrupt.h> #include <asm/string.h> diff --git a/net/ipv4/multipath_drr.c b/net/ipv4/multipath_drr.c index cb8fce4..574c735 100644 --- a/net/ipv4/multipath_drr.c +++ b/net/ipv4/multipath_drr.c @@ -15,7 +15,6 @@ #include <asm/system.h> #include <asm/uaccess.h> #include <linux/types.h> -#include <linux/sched.h> #include <linux/errno.h> #include <linux/timer.h> #include <linux/mm.h> diff --git a/net/ipv4/multipath_random.c b/net/ipv4/multipath_random.c index 047e861..57f4814 100644 --- a/net/ipv4/multipath_random.c +++ b/net/ipv4/multipath_random.c @@ -15,7 +15,6 @@ #include <asm/system.h> #include <asm/uaccess.h> #include <linux/types.h> -#include <linux/sched.h> #include <linux/errno.h> #include <linux/timer.h> #include <linux/mm.h> diff --git a/net/ipv4/multipath_rr.c b/net/ipv4/multipath_rr.c index 896246d..0ad2252 100644 --- a/net/ipv4/multipath_rr.c +++ b/net/ipv4/multipath_rr.c @@ -15,7 +15,6 @@ #include <asm/system.h> #include <asm/uaccess.h> #include <linux/types.h> -#include <linux/sched.h> #include <linux/errno.h> #include <linux/timer.h> #include <linux/mm.h> diff --git a/net/ipv4/multipath_wrandom.c b/net/ipv4/multipath_wrandom.c index 7e22f15..2bdbb92 100644 --- a/net/ipv4/multipath_wrandom.c +++ b/net/ipv4/multipath_wrandom.c @@ -15,7 +15,6 @@ #include <asm/system.h> #include <asm/uaccess.h> #include <linux/types.h> -#include <linux/sched.h> #include <linux/errno.h> #include <linux/timer.h> #include <linux/mm.h> diff --git a/net/ipv4/netfilter/ip_conntrack_proto_generic.c b/net/ipv4/netfilter/ip_conntrack_proto_generic.c index 36f2b5e..88af82e 100644 --- a/net/ipv4/netfilter/ip_conntrack_proto_generic.c +++ b/net/ipv4/netfilter/ip_conntrack_proto_generic.c @@ -7,7 +7,6 @@ */ #include <linux/types.h> -#include <linux/sched.h> #include <linux/timer.h> #include <linux/netfilter.h> #include <linux/netfilter_ipv4/ip_conntrack_protocol.h> diff --git a/net/ipv4/netfilter/ip_conntrack_proto_icmp.c b/net/ipv4/netfilter/ip_conntrack_proto_icmp.c index ec71abe..ad70c81 100644 --- a/net/ipv4/netfilter/ip_conntrack_proto_icmp.c +++ b/net/ipv4/netfilter/ip_conntrack_proto_icmp.c @@ -7,7 +7,6 @@ */ #include <linux/types.h> -#include <linux/sched.h> #include <linux/timer.h> #include <linux/netfilter.h> #include <linux/in.h> diff --git a/net/ipv4/netfilter/ip_conntrack_proto_sctp.c b/net/ipv4/netfilter/ip_conntrack_proto_sctp.c index 9d5b917..e694299 100644 --- a/net/ipv4/netfilter/ip_conntrack_proto_sctp.c +++ b/net/ipv4/netfilter/ip_conntrack_proto_sctp.c @@ -14,7 +14,6 @@ */ #include <linux/types.h> -#include <linux/sched.h> #include <linux/timer.h> #include <linux/interrupt.h> #include <linux/netfilter.h> @@ -623,7 +622,7 @@ static int __init ip_conntrack_proto_sctp_init(void) } #ifdef CONFIG_SYSCTL - ip_ct_sysctl_header = register_sysctl_table(ip_ct_net_table, 0); + ip_ct_sysctl_header = register_sysctl_table(ip_ct_net_table); if (ip_ct_sysctl_header == NULL) { ret = -ENOMEM; printk("ip_conntrack_proto_sctp: can't register to sysctl.\n"); diff --git a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c index fa35b49f..170d625 100644 --- a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c +++ b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c @@ -20,7 +20,6 @@ */ #include <linux/types.h> -#include <linux/sched.h> #include <linux/timer.h> #include <linux/netfilter.h> #include <linux/module.h> diff --git a/net/ipv4/netfilter/ip_conntrack_proto_udp.c b/net/ipv4/netfilter/ip_conntrack_proto_udp.c index a99a7c7..14c30c6 100644 --- a/net/ipv4/netfilter/ip_conntrack_proto_udp.c +++ b/net/ipv4/netfilter/ip_conntrack_proto_udp.c @@ -7,7 +7,6 @@ */ #include <linux/types.h> -#include <linux/sched.h> #include <linux/timer.h> #include <linux/netfilter.h> #include <linux/in.h> diff --git a/net/ipv4/netfilter/ip_conntrack_standalone.c b/net/ipv4/netfilter/ip_conntrack_standalone.c index c7c1ec6..56b2f75 100644 --- a/net/ipv4/netfilter/ip_conntrack_standalone.c +++ b/net/ipv4/netfilter/ip_conntrack_standalone.c @@ -848,7 +848,7 @@ static int __init ip_conntrack_standalone_init(void) goto cleanup_proc_stat; } #ifdef CONFIG_SYSCTL - ip_ct_sysctl_header = register_sysctl_table(ip_ct_net_table, 0); + ip_ct_sysctl_header = register_sysctl_table(ip_ct_net_table); if (ip_ct_sysctl_header == NULL) { printk("ip_conntrack: can't register to sysctl.\n"); ret = -ENOMEM; diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c index 68bf19f..a14798a 100644 --- a/net/ipv4/netfilter/ip_queue.c +++ b/net/ipv4/netfilter/ip_queue.c @@ -693,7 +693,7 @@ static int __init ip_queue_init(void) } register_netdevice_notifier(&ipq_dev_notifier); - ipq_sysctl_header = register_sysctl_table(ipq_root_table, 0); + ipq_sysctl_header = register_sysctl_table(ipq_root_table); status = nf_register_queue_handler(PF_INET, &nfqh); if (status < 0) { diff --git a/net/ipv4/netfilter/ipt_REJECT.c b/net/ipv4/netfilter/ipt_REJECT.c index a9eb363..80f739e 100644 --- a/net/ipv4/netfilter/ipt_REJECT.c +++ b/net/ipv4/netfilter/ipt_REJECT.c @@ -80,6 +80,10 @@ static void send_reset(struct sk_buff *oldskb, int hook) nskb->mark = 0; skb_init_secmark(nskb); + skb_shinfo(nskb)->gso_size = 0; + skb_shinfo(nskb)->gso_segs = 0; + skb_shinfo(nskb)->gso_type = 0; + tcph = (struct tcphdr *)((u_int32_t*)nskb->nh.iph + nskb->nh.iph->ihl); /* Swap source and dest */ diff --git a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c index e5aa4d8..88cfa6a 100644 --- a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c +++ b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c @@ -12,7 +12,6 @@ */ #include <linux/types.h> -#include <linux/sched.h> #include <linux/timer.h> #include <linux/netfilter.h> #include <linux/in.h> diff --git a/net/ipv4/protocol.c b/net/ipv4/protocol.c index 6cd6340..da70fef 100644 --- a/net/ipv4/protocol.c +++ b/net/ipv4/protocol.c @@ -30,7 +30,6 @@ #include <linux/module.h> #include <linux/types.h> #include <linux/kernel.h> -#include <linux/sched.h> #include <linux/string.h> #include <linux/socket.h> #include <linux/in.h> diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 9b5e564..37e0d4d 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -70,7 +70,6 @@ #include <linux/bitops.h> #include <linux/types.h> #include <linux/kernel.h> -#include <linux/sched.h> #include <linux/mm.h> #include <linux/bootmem.h> #include <linux/string.h> diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c index cebe9aa..dc15113 100644 --- a/net/ipv4/tcp_output.c +++ b/net/ipv4/tcp_output.c @@ -481,7 +481,7 @@ static int tcp_transmit_skb(struct sock *sk, struct sk_buff *skb, int clone_it, /* RFC1323: The window in SYN & SYN/ACK segments * is never scaled. */ - th->window = htons(tp->rcv_wnd); + th->window = htons(min(tp->rcv_wnd, 65535U)); } else { th->window = htons(tcp_select_window(sk)); } @@ -2160,7 +2160,7 @@ struct sk_buff * tcp_make_synack(struct sock *sk, struct dst_entry *dst, } /* RFC1323: The window in SYN & SYN/ACK segments is never scaled. */ - th->window = htons(req->rcv_wnd); + th->window = htons(min(req->rcv_wnd, 65535U)); TCP_SKB_CB(skb)->when = tcp_time_stamp; tcp_syn_build_options((__be32 *)(th + 1), dst_metric(dst, RTAX_ADVMSS), ireq->tstamp_ok, diff --git a/net/ipv4/tunnel4.c b/net/ipv4/tunnel4.c index 8d30c48..a794a8c 100644 --- a/net/ipv4/tunnel4.c +++ b/net/ipv4/tunnel4.c @@ -14,9 +14,10 @@ #include <net/xfrm.h> static struct xfrm_tunnel *tunnel4_handlers; +static struct xfrm_tunnel *tunnel64_handlers; static DEFINE_MUTEX(tunnel4_mutex); -int xfrm4_tunnel_register(struct xfrm_tunnel *handler) +int xfrm4_tunnel_register(struct xfrm_tunnel *handler, unsigned short family) { struct xfrm_tunnel **pprev; int ret = -EEXIST; @@ -24,7 +25,8 @@ int xfrm4_tunnel_register(struct xfrm_tunnel *handler) mutex_lock(&tunnel4_mutex); - for (pprev = &tunnel4_handlers; *pprev; pprev = &(*pprev)->next) { + for (pprev = (family == AF_INET) ? &tunnel4_handlers : &tunnel64_handlers; + *pprev; pprev = &(*pprev)->next) { if ((*pprev)->priority > priority) break; if ((*pprev)->priority == priority) @@ -44,14 +46,15 @@ err: EXPORT_SYMBOL(xfrm4_tunnel_register); -int xfrm4_tunnel_deregister(struct xfrm_tunnel *handler) +int xfrm4_tunnel_deregister(struct xfrm_tunnel *handler, unsigned short family) { struct xfrm_tunnel **pprev; int ret = -ENOENT; mutex_lock(&tunnel4_mutex); - for (pprev = &tunnel4_handlers; *pprev; pprev = &(*pprev)->next) { + for (pprev = (family == AF_INET) ? &tunnel4_handlers : &tunnel64_handlers; + *pprev; pprev = &(*pprev)->next) { if (*pprev == handler) { *pprev = handler->next; ret = 0; @@ -86,6 +89,26 @@ drop: return 0; } +#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) +static int tunnel64_rcv(struct sk_buff *skb) +{ + struct xfrm_tunnel *handler; + + if (!pskb_may_pull(skb, sizeof(struct iphdr))) + goto drop; + + for (handler = tunnel64_handlers; handler; handler = handler->next) + if (!handler->handler(skb)) + return 0; + + icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0); + +drop: + kfree_skb(skb); + return 0; +} +#endif + static void tunnel4_err(struct sk_buff *skb, u32 info) { struct xfrm_tunnel *handler; @@ -101,17 +124,36 @@ static struct net_protocol tunnel4_protocol = { .no_policy = 1, }; +#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) +static struct net_protocol tunnel64_protocol = { + .handler = tunnel64_rcv, + .err_handler = tunnel4_err, + .no_policy = 1, +}; +#endif + static int __init tunnel4_init(void) { if (inet_add_protocol(&tunnel4_protocol, IPPROTO_IPIP)) { printk(KERN_ERR "tunnel4 init: can't add protocol\n"); return -EAGAIN; } +#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) + if (inet_add_protocol(&tunnel64_protocol, IPPROTO_IPV6)) { + printk(KERN_ERR "tunnel64 init: can't add protocol\n"); + inet_del_protocol(&tunnel4_protocol, IPPROTO_IPIP); + return -EAGAIN; + } +#endif return 0; } static void __exit tunnel4_fini(void) { +#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) + if (inet_del_protocol(&tunnel64_protocol, IPPROTO_IPV6)) + printk(KERN_ERR "tunnel64 close: can't remove protocol\n"); +#endif if (inet_del_protocol(&tunnel4_protocol, IPPROTO_IPIP)) printk(KERN_ERR "tunnel4 close: can't remove protocol\n"); } diff --git a/net/ipv4/xfrm4_input.c b/net/ipv4/xfrm4_input.c index 289146b..78e80de 100644 --- a/net/ipv4/xfrm4_input.c +++ b/net/ipv4/xfrm4_input.c @@ -27,6 +27,7 @@ static int xfrm4_parse_spi(struct sk_buff *skb, u8 nexthdr, __be32 *spi, __be32 { switch (nexthdr) { case IPPROTO_IPIP: + case IPPROTO_IPV6: *spi = skb->nh.iph->saddr; *seq = 0; return 0; @@ -70,7 +71,8 @@ int xfrm4_rcv_encap(struct sk_buff *skb, __u16 encap_type) if (xfrm_nr == XFRM_MAX_DEPTH) goto drop; - x = xfrm_state_lookup((xfrm_address_t *)&iph->daddr, spi, iph->protocol, AF_INET); + x = xfrm_state_lookup((xfrm_address_t *)&iph->daddr, spi, + iph->protocol != IPPROTO_IPV6 ? iph->protocol : IPPROTO_IPIP, AF_INET); if (x == NULL) goto drop; diff --git a/net/ipv4/xfrm4_mode_tunnel.c b/net/ipv4/xfrm4_mode_tunnel.c index e54c549..e1cab33 100644 --- a/net/ipv4/xfrm4_mode_tunnel.c +++ b/net/ipv4/xfrm4_mode_tunnel.c @@ -95,6 +95,7 @@ static int xfrm4_tunnel_input(struct xfrm_state *x, struct sk_buff *skb) switch(iph->protocol){ case IPPROTO_IPIP: + break; #if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE) case IPPROTO_IPV6: break; diff --git a/net/ipv4/xfrm4_tunnel.c b/net/ipv4/xfrm4_tunnel.c index 1be6762..3eef064 100644 --- a/net/ipv4/xfrm4_tunnel.c +++ b/net/ipv4/xfrm4_tunnel.c @@ -64,24 +64,45 @@ static struct xfrm_tunnel xfrm_tunnel_handler = { .priority = 2, }; +#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) +static struct xfrm_tunnel xfrm64_tunnel_handler = { + .handler = xfrm4_rcv, + .err_handler = xfrm_tunnel_err, + .priority = 2, +}; +#endif + static int __init ipip_init(void) { if (xfrm_register_type(&ipip_type, AF_INET) < 0) { printk(KERN_INFO "ipip init: can't add xfrm type\n"); return -EAGAIN; } - if (xfrm4_tunnel_register(&xfrm_tunnel_handler)) { - printk(KERN_INFO "ipip init: can't add xfrm handler\n"); + + if (xfrm4_tunnel_register(&xfrm_tunnel_handler, AF_INET)) { + printk(KERN_INFO "ipip init: can't add xfrm handler for AF_INET\n"); + xfrm_unregister_type(&ipip_type, AF_INET); + return -EAGAIN; + } +#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) + if (xfrm4_tunnel_register(&xfrm64_tunnel_handler, AF_INET6)) { + printk(KERN_INFO "ipip init: can't add xfrm handler for AF_INET6\n"); + xfrm4_tunnel_deregister(&xfrm_tunnel_handler, AF_INET); xfrm_unregister_type(&ipip_type, AF_INET); return -EAGAIN; } +#endif return 0; } static void __exit ipip_fini(void) { - if (xfrm4_tunnel_deregister(&xfrm_tunnel_handler)) - printk(KERN_INFO "ipip close: can't remove xfrm handler\n"); +#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) + if (xfrm4_tunnel_deregister(&xfrm64_tunnel_handler, AF_INET6)) + printk(KERN_INFO "ipip close: can't remove xfrm handler for AF_INET6\n"); +#endif + if (xfrm4_tunnel_deregister(&xfrm_tunnel_handler, AF_INET)) + printk(KERN_INFO "ipip close: can't remove xfrm handler for AF_INET\n"); if (xfrm_unregister_type(&ipip_type, AF_INET) < 0) printk(KERN_INFO "ipip close: can't remove xfrm type\n"); } |