Eric Lee / smarc-fsl-linux-kernel

12 Dec, 2011

1 commit

31 Aug, 2010

1 commit

01 Feb, 2008

2 commits

18 Oct, 2007

2 commits

  • c4541b41c   [IPSEC]: Move tunnel parsing for IPv4 out of xfrm4_input ... Browse Code »

    This patch moves the tunnel parsing for IPv4 out of xfrm4_input and into
    xfrm4_tunnel. This change is in line with what IPv6 does and will allow
    us to merge the two input functions.

    Signed-off-by: Herbert Xu
    Signed-off-by: David S. Miller

    Herbert Xu
     
  • 04663d0b8   [IPSEC]: Fix pure tunnel modes involving IPv6 ... Browse Code »

    I noticed that my recent patch broke 6-on-4 pure IPsec tunnels (the ones
    that are only used for incompressible IPsec packets). Subsequent reviews
    show that I broke 6-on-6 pure tunnels more than three years ago and nobody
    ever noticed. I suppose every must be testing 6-on-6 IPComp with large
    pings which are very compressible :)

    This patch fixes both cases.

    Signed-off-by: Herbert Xu
    Signed-off-by: David S. Miller

    Herbert Xu
     

11 Oct, 2007

3 commits

  • 631a6698d   [IPSEC]: Move IP protocol setting from transforms into xfrm4_input.c ... Browse Code »

    This patch makes the IPv4 x->type->input functions return the next protocol
    instead of setting it directly. This is identical to how we do things in
    IPv6 and will help us merge common code on the input path.

    Signed-off-by: Herbert Xu
    Signed-off-by: David S. Miller

    Herbert Xu
     
  • ceb1eec82   [IPSEC]: Move IP length/checksum setting out of transforms ... Browse Code »

    This patch moves the setting of the IP length and checksum fields out of
    the transforms and into the xfrmX_output functions. This would help future
    efforts in merging the transforms themselves.

    It also adds an optimisation to ipcomp due to the fact that the transport
    offset is guaranteed to be zero.

    Signed-off-by: Herbert Xu
    Signed-off-by: David S. Miller

    Herbert Xu
     
  • 7b277b1a5   [IPSEC]: Set skb->data to payload in x->mode->output ... Browse Code »

    This patch changes the calling convention so that on entry from
    x->mode->output and before entry into x->type->output skb->data
    will point to the payload instead of the IP header.

    This is essentially a redistribution of skb_push/skb_pull calls
    with the aim of minimising them on the common path of tunnel +
    ESP.

    It'll also let us use the same calling convention between IPv4
    and IPv6 with the next patch.

    Signed-off-by: Herbert Xu
    Signed-off-by: David S. Miller

    Herbert Xu
     

11 Jul, 2007

1 commit

  • d3d6dd3ad   [XFRM]: Add module alias for transformation type. ... Browse Code »

    It is clean-up for XFRM type modules and adds aliases with its
    protocol:
    ESP, AH, IPCOMP, IPIP and IPv6 for IPsec
    ROUTING and DSTOPTS for MIPv6

    It is almost the same thing as XFRM mode alias, but it is added
    new defines XFRM_PROTO_XXX for preprocessing since some protocols
    are defined as enum.

    Signed-off-by: Masahide NAKAMURA
    Acked-by: Ingo Oeser
    Signed-off-by: David S. Miller

    Masahide NAKAMURA
     

26 Apr, 2007

1 commit

14 Feb, 2007

1 commit

11 Feb, 2007

1 commit

23 Sep, 2006

1 commit

  • 7e49e6de3   [XFRM]: Add XFRM_MODE_xxx for future use. ... Browse Code »

    Transformation mode is used as either IPsec transport or tunnel.
    It is required to add two more items, route optimization and inbound trigger
    for Mobile IPv6.
    Based on MIPL2 kernel patch.

    This patch was also written by: Ville Nuorvala

    Signed-off-by: Masahide NAKAMURA
    Signed-off-by: YOSHIFUJI Hideaki
    Signed-off-by: David S. Miller

    Masahide NAKAMURA
     

01 Apr, 2006

1 commit

  • e695633e2   [IPSEC]: Kill unused decap state argument ... Browse Code »

    This patch removes the decap_state argument from the xfrm input hook.
    Previously this function allowed the input hook to share state with
    the post_input hook. The latter has since been removed.

    The only purpose for it now is to check the encap type. However, it
    is easier and better to move the encap type check to the generic
    xfrm_rcv function. This allows us to get rid of the decap state
    argument altogether.

    Signed-off-by: Herbert Xu
    Signed-off-by: David S. Miller

    Herbert Xu
     

29 Mar, 2006

1 commit

  • d2acc3479   [INET]: Introduce tunnel4/tunnel6 ... Browse Code »

    Basically this patch moves the generic tunnel protocol stuff out of
    xfrm4_tunnel/xfrm6_tunnel and moves it into the new files of tunnel4.c
    and tunnel6 respectively.

    The reason for this is that the problem that Hugo uncovered is only
    the tip of the iceberg. The real problem is that when we removed the
    dependency of ipip on xfrm4_tunnel we didn't really consider the module
    case at all.

    For instance, as it is it's possible to build both ipip and xfrm4_tunnel
    as modules and if the latter is loaded then ipip simply won't load.

    After considering the alternatives I've decided that the best way out of
    this is to restore the dependency of ipip on the non-xfrm-specific part
    of xfrm4_tunnel. This is acceptable IMHO because the intention of the
    removal was really to be able to use ipip without the xfrm subsystem.
    This is still preserved by this patch.

    So now both ipip/xfrm4_tunnel depend on the new tunnel4.c which handles
    the arbitration between the two. The order of processing is determined
    by a simple integer which ensures that ipip gets processed before
    xfrm4_tunnel.

    The situation for ICMP handling is a little bit more complicated since
    we may not have enough information to determine who it's for. It's not
    a big deal at the moment since the xfrm ICMP handlers are basically
    no-ops. In future we can deal with this when we look at ICMP caching
    in general.

    The user-visible change to this is the removal of the TUNNEL Kconfig
    prompts. This makes sense because it can only be used through IPCOMP
    as it stands.

    The addition of the new modules shouldn't introduce any problems since
    module dependency will cause them to be loaded.

    Oh and I also turned some unnecessary pskb's in IPv6 related to this
    patch to skb's.

    Signed-off-by: Herbert Xu
    Signed-off-by: David S. Miller

    Herbert Xu
     

21 Mar, 2006

1 commit

  • 4a3e2f711   [NET] sem2mutex: net/ ... Browse Code »

    Semaphore to mutex conversion.

    The conversion was generated via scripts, and the result was validated
    automatically via a script as well.

    Signed-off-by: Arjan van de Ven
    Signed-off-by: Ingo Molnar
    Signed-off-by: Andrew Morton
    Signed-off-by: David S. Miller

    Arjan van de Ven
     

20 Jul, 2005

1 commit

21 Jun, 2005

1 commit

  • 72cb6962a   [IPSEC]: Add xfrm_init_state ... Browse Code »

    This patch adds xfrm_init_state which is simply a wrapper that calls
    xfrm_get_type and subsequently x->type->init_state. It also gets rid
    of the unused args argument.

    Abstracting it out allows us to add common initialisation code, e.g.,
    to set family-specific flags.

    The add_time setting in xfrm_user.c was deleted because it's already
    set by xfrm_state_alloc.

    Signed-off-by: Herbert Xu
    Acked-by: James Morris
    Signed-off-by: David S. Miller

    Herbert Xu
     

17 Apr, 2005

1 commit

  • 1da177e4c   Linux-2.6.12-rc2 ... Browse Code »

    Initial git repository build. I'm not bothering with the full history,
    even though we have it. We can create a separate "historical" git
    archive of that later if we want to, and in the meantime it's about
    3.2GB when imported into git - space that would just make the early
    git days unnecessarily complicated, when we don't have a lot of good
    infrastructure for it.

    Let it rip!

    Linus Torvalds