summaryrefslogtreecommitdiffstats
path: root/include/net/xfrm.h
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2005-05-03 16:27:10 -0700
committerDavid S. Miller <davem@davemloft.net>2005-05-03 16:27:10 -0700
commitaabc9761b69f1bfa30a78f7005be95cc9cc06175 (patch)
tree50dc9f510011ac03656aeba0595b2b0b5c5f5e22 /include/net/xfrm.h
parentd5d75cd6b10ddad2f375b61092754474ad78aec7 (diff)
[IPSEC]: Store idev entries
I found a bug that stopped IPsec/IPv6 from working. About a month ago IPv6 started using rt6i_idev->dev on the cached socket dst entries. If the cached socket dst entry is IPsec, then rt6i_idev will be NULL. Since we want to look at the rt6i_idev of the original route in this case, the easiest fix is to store rt6i_idev in the IPsec dst entry just as we do for a number of other IPv6 route attributes. Unfortunately this means that we need some new code to handle the references to rt6i_idev. That's why this patch is bigger than it would otherwise be. I've also done the same thing for IPv4 since it is conceivable that once these idev attributes start getting used for accounting, we probably need to dereference them for IPv4 IPsec entries too. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net/xfrm.h')
-rw-r--r--include/net/xfrm.h10
1 files changed, 10 insertions, 0 deletions
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index 73e9a8ca3d3..e142a256d5d 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -1,6 +1,7 @@
#ifndef _NET_XFRM_H
#define _NET_XFRM_H
+#include <linux/compiler.h>
#include <linux/xfrm.h>
#include <linux/spinlock.h>
#include <linux/list.h>
@@ -516,6 +517,15 @@ struct xfrm_dst
u32 child_mtu_cached;
};
+static inline void xfrm_dst_destroy(struct xfrm_dst *xdst)
+{
+ dst_release(xdst->route);
+ if (likely(xdst->u.dst.xfrm))
+ xfrm_state_put(xdst->u.dst.xfrm);
+}
+
+extern void xfrm_dst_ifdown(struct dst_entry *dst, struct net_device *dev);
+
/* Decapsulation state, used by the input to store data during
* decapsulation procedure, to be used later (during the policy
* check