Home
last modified time | relevance | path

Searched refs:xfrm (Results 1 – 35 of 35) sorted by relevance

/linux-4.1.27/net/xfrm/
Dxfrm_sysctl.c8 net->xfrm.sysctl_aevent_etime = XFRM_AE_ETIME; in __xfrm_sysctl_init()
9 net->xfrm.sysctl_aevent_rseqth = XFRM_AE_SEQT_SIZE; in __xfrm_sysctl_init()
10 net->xfrm.sysctl_larval_drop = 1; in __xfrm_sysctl_init()
11 net->xfrm.sysctl_acq_expires = 30; in __xfrm_sysctl_init()
52 table[0].data = &net->xfrm.sysctl_aevent_etime; in xfrm_sysctl_init()
53 table[1].data = &net->xfrm.sysctl_aevent_rseqth; in xfrm_sysctl_init()
54 table[2].data = &net->xfrm.sysctl_larval_drop; in xfrm_sysctl_init()
55 table[3].data = &net->xfrm.sysctl_acq_expires; in xfrm_sysctl_init()
61 net->xfrm.sysctl_hdr = register_net_sysctl(net, "net/core", table); in xfrm_sysctl_init()
62 if (!net->xfrm.sysctl_hdr) in xfrm_sysctl_init()
[all …]
Dxfrm_state.c46 return __xfrm_dst_hash(daddr, saddr, reqid, family, net->xfrm.state_hmask); in xfrm_dst_hash()
54 return __xfrm_src_hash(daddr, saddr, family, net->xfrm.state_hmask); in xfrm_src_hash()
61 return __xfrm_spi_hash(daddr, spi, proto, family, net->xfrm.state_hmask); in xfrm_spi_hash()
102 struct net *net = container_of(work, struct net, xfrm.state_hash_work); in xfrm_hash_resize()
108 nsize = xfrm_hash_new_size(net->xfrm.state_hmask); in xfrm_hash_resize()
124 spin_lock_bh(&net->xfrm.xfrm_state_lock); in xfrm_hash_resize()
127 for (i = net->xfrm.state_hmask; i >= 0; i--) in xfrm_hash_resize()
128 xfrm_hash_transfer(net->xfrm.state_bydst+i, ndst, nsrc, nspi, in xfrm_hash_resize()
131 odst = net->xfrm.state_bydst; in xfrm_hash_resize()
132 osrc = net->xfrm.state_bysrc; in xfrm_hash_resize()
[all …]
Dxfrm_policy.c350 return __idx_hash(index, net->xfrm.policy_idx_hmask); in idx_hash()
360 *dbits = net->xfrm.policy_bydst[dir].dbits4; in __get_hash_thresh()
361 *sbits = net->xfrm.policy_bydst[dir].sbits4; in __get_hash_thresh()
365 *dbits = net->xfrm.policy_bydst[dir].dbits6; in __get_hash_thresh()
366 *sbits = net->xfrm.policy_bydst[dir].sbits6; in __get_hash_thresh()
379 unsigned int hmask = net->xfrm.policy_bydst[dir].hmask; in policy_hash_bysel()
388 &net->xfrm.policy_inexact[dir] : in policy_hash_bysel()
389 net->xfrm.policy_bydst[dir].table + hash); in policy_hash_bysel()
397 unsigned int hmask = net->xfrm.policy_bydst[dir].hmask; in policy_hash_direct()
405 return net->xfrm.policy_bydst[dir].table + hash; in policy_hash_direct()
[all …]
Dxfrm_output.c44 struct xfrm_state *x = dst->xfrm; in xfrm_output_one()
107 x = dst->xfrm; in xfrm_output_one()
129 if (!skb_dst(skb)->xfrm) in xfrm_output_resume()
Dxfrm_user.c570 x->replay_maxdiff = net->xfrm.sysctl_aevent_rseqth; in xfrm_state_construct()
572 x->replay_maxage = (net->xfrm.sysctl_aevent_etime*HZ)/XFRM_AE_ETH_M; in xfrm_state_construct()
956 struct sock *nlsk = rcu_dereference(net->xfrm.nlsk); in xfrm_nlmsg_multicast()
1002 lseq = read_seqbegin(&net->xfrm.policy_hthresh.lock); in build_spdinfo()
1004 spt4.lbits = net->xfrm.policy_hthresh.lbits4; in build_spdinfo()
1005 spt4.rbits = net->xfrm.policy_hthresh.rbits4; in build_spdinfo()
1006 spt6.lbits = net->xfrm.policy_hthresh.lbits6; in build_spdinfo()
1007 spt6.rbits = net->xfrm.policy_hthresh.rbits6; in build_spdinfo()
1008 } while (read_seqretry(&net->xfrm.policy_hthresh.lock, lseq)); in build_spdinfo()
1054 write_seqlock(&net->xfrm.policy_hthresh.lock); in xfrm_set_spdinfo()
[all …]
/linux-4.1.27/net/core/
Dflow.c66 struct netns_xfrm *xfrm) in flow_entry_valid() argument
68 if (atomic_read(&xfrm->flow_cache_genid) != fle->genid) in flow_entry_valid()
76 struct netns_xfrm *xfrm) in flow_entry_kill() argument
87 struct netns_xfrm *xfrm = container_of(work, struct netns_xfrm, in flow_cache_gc_task() local
91 spin_lock_bh(&xfrm->flow_cache_gc_lock); in flow_cache_gc_task()
92 list_splice_tail_init(&xfrm->flow_cache_gc_list, &gc_list); in flow_cache_gc_task()
93 spin_unlock_bh(&xfrm->flow_cache_gc_lock); in flow_cache_gc_task()
96 flow_entry_kill(fce, xfrm); in flow_cache_gc_task()
101 struct netns_xfrm *xfrm) in flow_cache_queue_garbage() argument
105 spin_lock_bh(&xfrm->flow_cache_gc_lock); in flow_cache_queue_garbage()
[all …]
Ddst.c184 dst->xfrm = NULL; in dst_alloc()
/linux-4.1.27/net/ipv4/
Dxfrm4_policy.c191 struct net *net = container_of(ops, struct net, xfrm.xfrm4_dst_ops); in xfrm4_garbage_collect()
261 .data = &init_net.xfrm.xfrm4_dst_ops.gc_thresh,
280 table[0].data = &net->xfrm.xfrm4_dst_ops.gc_thresh; in xfrm4_net_sysctl_init()
324 memcpy(&net->xfrm.xfrm4_dst_ops, &xfrm4_dst_ops_template, in xfrm4_net_init()
326 ret = dst_entries_init(&net->xfrm.xfrm4_dst_ops); in xfrm4_net_init()
332 dst_entries_destroy(&net->xfrm.xfrm4_dst_ops); in xfrm4_net_init()
340 dst_entries_destroy(&net->xfrm.xfrm4_dst_ops); in xfrm4_net_exit()
Dxfrm4_output.c85 struct xfrm_state *x = skb_dst(skb)->xfrm; in __xfrm4_output()
Dah4.c17 struct xfrm_skb_cb xfrm; member
123 struct xfrm_state *x = skb_dst(skb)->xfrm; in ah_output_done()
Dip_vti.c173 if (!vti_state_check(dst->xfrm, parms->iph.daddr, parms->iph.saddr)) { in vti_xmit()
Desp4.c22 struct xfrm_skb_cb xfrm; member
Dip_output.c266 if (skb_dst(skb)->xfrm) { in ip_finish_output()
DKconfig306 encapsulating protocol. This can be used with xfrm mode tunnel to give
/linux-4.1.27/net/ipv6/
Dxfrm6_policy.c227 struct net *net = container_of(ops, struct net, xfrm.xfrm6_dst_ops); in xfrm6_garbage_collect()
284 } while (xdst->u.dst.xfrm); in xfrm6_dst_ifdown()
331 .data = &init_net.xfrm.xfrm6_dst_ops.gc_thresh,
350 table[0].data = &net->xfrm.xfrm6_dst_ops.gc_thresh; in xfrm6_net_sysctl_init()
394 memcpy(&net->xfrm.xfrm6_dst_ops, &xfrm6_dst_ops_template, in xfrm6_net_init()
396 ret = dst_entries_init(&net->xfrm.xfrm6_dst_ops); in xfrm6_net_init()
402 dst_entries_destroy(&net->xfrm.xfrm6_dst_ops); in xfrm6_net_init()
410 dst_entries_destroy(&net->xfrm.xfrm6_dst_ops); in xfrm6_net_exit()
Dxfrm6_output.c137 struct xfrm_state *x = dst->xfrm; in __xfrm6_output()
Dah6.c54 struct xfrm_skb_cb xfrm; member
303 struct xfrm_state *x = skb_dst(skb)->xfrm; in ah6_output_done()
DKconfig146 encapsulating protocol. This can be used with xfrm mode tunnel to give
Desp6.c48 struct xfrm_skb_cb xfrm; member
Dip6_vti.c451 x = dst->xfrm; in vti6_xmit()
/linux-4.1.27/net/netfilter/
Dxt_policy.c93 if (dst->xfrm == NULL) in match_policy_out()
96 for (i = 0; dst && dst->xfrm; dst = dst->child, i++) { in match_policy_out()
102 if (match_xfrm_state(dst->xfrm, e, family)) { in match_policy_out()
Dnf_nat_core.c98 if (dst->xfrm) in nf_xfrm_me_harder()
/linux-4.1.27/security/selinux/
DMakefile12 selinux-$(CONFIG_SECURITY_NETWORK_XFRM) += xfrm.o
Dxfrm.c220 x = dst->xfrm; in selinux_xfrm_skb_sid_egress()
459 struct xfrm_state *x = iter->xfrm; in selinux_xfrm_postroute_last()
Dhooks.c4987 if (skb_dst(skb) != NULL && skb_dst(skb)->xfrm != NULL && in selinux_ip_postroute()
/linux-4.1.27/Documentation/networking/
Dsecid.txt5 matching labeled xfrm(s).
/linux-4.1.27/security/selinux/include/
Dxfrm.h51 atomic_inc(&net->xfrm.flow_cache_genid); in selinux_xfrm_notify_policyload()
/linux-4.1.27/net/
DMakefile18 obj-$(CONFIG_XFRM) += xfrm/
DKconfig52 source "net/xfrm/Kconfig"
/linux-4.1.27/include/net/
Ddst.h43 struct xfrm_state *xfrm; member
556 return dst->xfrm; in dst_xfrm()
Dxfrm.h965 if (likely(xdst->u.dst.xfrm)) in xfrm_dst_destroy()
966 xfrm_state_put(xdst->u.dst.xfrm); in xfrm_dst_destroy()
1073 return (!net->xfrm.policy_count[dir] && !skb->sp) || in __xfrm_policy_check2()
1127 return !net->xfrm.policy_count[XFRM_POLICY_OUT] || in xfrm_route_forward()
1667 nlsk = rcu_dereference(net->xfrm.nlsk); in xfrm_aevent_is_on()
1680 nlsk = rcu_dereference(net->xfrm.nlsk); in xfrm_acquire_is_on()
Dnet_namespace.h126 struct netns_xfrm xfrm; member
/linux-4.1.27/include/uapi/linux/
DKbuild450 header-y += xfrm.h
/linux-4.1.27/net/key/
Daf_key.c3620 mutex_lock(&net->xfrm.xfrm_cfg_mutex); in pfkey_sendmsg()
3622 mutex_unlock(&net->xfrm.xfrm_cfg_mutex); in pfkey_sendmsg()
/linux-4.1.27/
DMAINTAINERS6847 F: net/xfrm/
6849 F: net/ipv4/xfrm*
6854 F: net/ipv6/xfrm*
6859 F: include/uapi/linux/xfrm.h
6860 F: include/net/xfrm.h