summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--include/net/xfrm.h6
-rw-r--r--net/xfrm/xfrm_state.c22
2 files changed, 13 insertions, 15 deletions
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index 59b9a34..8f08341 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -1764,12 +1764,6 @@ struct asf_ipsec_callbackfn_s {
struct xfrm_state *xfrm);
};
extern struct asf_ipsec_callbackfn_s asf_cb_fns;
-struct policy_list {
- int nr_pol;
- struct xfrm_policy *xpol[256];
-};
-void xfrm_state_policy_mapping(struct xfrm_state *xfrm,
- struct policy_list *pol_list);
#endif
#endif /* _NET_XFRM_H */
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index 8df8da9..76d9cce 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -1628,10 +1628,9 @@ static void xfrm_replay_timer_handler(unsigned long data)
}
#ifdef CONFIG_AS_FASTPATH
-void xfrm_state_policy_mapping(struct xfrm_state *xfrm,
- struct policy_list *pol_lst)
+struct xfrm_policy *xfrm_state_policy_mapping(struct xfrm_state *xfrm)
{
- struct xfrm_policy *xp = 0;
+ struct xfrm_policy *xp = 0, *matched_pol = 0;
struct net *xfrm_net = xs_net(xfrm);
struct list_head *list_policy_head = &xfrm_net->xfrm.policy_all;
struct xfrm_policy_walk_entry *x;
@@ -1640,13 +1639,13 @@ void xfrm_state_policy_mapping(struct xfrm_state *xfrm,
if (!list_policy_head) {
printk(KERN_INFO "No Security Policies in the system\n");
- return;
+ return matched_pol;
}
x = list_first_entry(list_policy_head,
struct xfrm_policy_walk_entry, all);
if (!x) {
printk(KERN_INFO "Security Policies list is empty\n");
- return;
+ return matched_pol;
}
if (xfrm->props.family == AF_INET) {
list_for_each_entry_from(x, list_policy_head, all) {
@@ -1660,7 +1659,9 @@ void xfrm_state_policy_mapping(struct xfrm_state *xfrm,
tmpl->saddr.a4 == xfrm->props.saddr.a4 &&
xfrm->props.reqid == tmpl->reqid &&
xfrm->props.mode == tmpl->mode) {
- pol_lst->xpol[pol_lst->nr_pol++] = xp;
+ matched_pol = xp;
+ xfrm->asf_sa_direction = dir;
+ break;
}
}
} else if (xfrm->props.family == AF_INET6) {
@@ -1677,12 +1678,15 @@ void xfrm_state_policy_mapping(struct xfrm_state *xfrm,
xfrm->props.saddr.a6, 16) &&
xfrm->props.reqid == tmpl->reqid &&
xfrm->props.mode == tmpl->mode) {
- pol_lst->xpol[pol_lst->nr_pol++] = xp;
+ matched_pol = xp;
+ xfrm->asf_sa_direction = dir;
+ break;
}
}
- }
+ } else
+ return NULL;
- return;
+ return matched_pol;
}
EXPORT_SYMBOL(xfrm_state_policy_mapping);
#endif
generated by cgit v0.10.2 at 2024-09-27 23:19:09 (GMT)