Commit 9e51fd37 authored by Masahide NAKAMURA's avatar Masahide NAKAMURA Committed by David S. Miller

[XFRM]: Rename secpath_has_tunnel to secpath_has_nontransport.

On current kernel inbound transformation state is allowed transport and
disallowed tunnel mode when mismatch is occurred between tempates and states.
As the result of adding two more modes by Mobile IPv6, this function name
is misleading. Inbound transformation can allow only transport mode
when mismatch is occurred between template and secpath.
Based on MIPL2 kernel patch.
Signed-off-by: default avatarMasahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: default avatarYOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent fbd9a5b4
...@@ -1046,7 +1046,7 @@ xfrm_decode_session(struct sk_buff *skb, struct flowi *fl, unsigned short family ...@@ -1046,7 +1046,7 @@ xfrm_decode_session(struct sk_buff *skb, struct flowi *fl, unsigned short family
} }
EXPORT_SYMBOL(xfrm_decode_session); EXPORT_SYMBOL(xfrm_decode_session);
static inline int secpath_has_tunnel(struct sec_path *sp, int k) static inline int secpath_has_nontransport(struct sec_path *sp, int k)
{ {
for (; k < sp->len; k++) { for (; k < sp->len; k++) {
if (sp->xvec[k]->props.mode != XFRM_MODE_TRANSPORT) if (sp->xvec[k]->props.mode != XFRM_MODE_TRANSPORT)
...@@ -1087,7 +1087,7 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb, ...@@ -1087,7 +1087,7 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb,
xfrm_policy_lookup); xfrm_policy_lookup);
if (!pol) if (!pol)
return !skb->sp || !secpath_has_tunnel(skb->sp, 0); return !skb->sp || !secpath_has_nontransport(skb->sp, 0);
pol->curlft.use_time = (unsigned long)xtime.tv_sec; pol->curlft.use_time = (unsigned long)xtime.tv_sec;
...@@ -1111,7 +1111,7 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb, ...@@ -1111,7 +1111,7 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb,
goto reject; goto reject;
} }
if (secpath_has_tunnel(sp, k)) if (secpath_has_nontransport(sp, k))
goto reject; goto reject;
xfrm_pol_put(pol); xfrm_pol_put(pol);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment