forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
linux-uconsole/include/net
History
Lorenzo Colitti b9a1a57384 BACKPORT: net: xfrm: support setting an output mark. 
On systems that use mark-based routing it may be necessary for
routing lookups to use marks in order for packets to be routed
correctly. An example of such a system is Android, which uses
socket marks to route packets via different networks.

Currently, routing lookups in tunnel mode always use a mark of
zero, making routing incorrect on such systems.

This patch adds a new output_mark element to the xfrm state and
a corresponding XFRMA_OUTPUT_MARK netlink attribute. The output
mark differs from the existing xfrm mark in two ways:

1. The xfrm mark is used to match xfrm policies and states, while
   the xfrm output mark is used to set the mark (and influence
   the routing) of the packets emitted by those states.
2. The existing mark is constrained to be a subset of the bits of
   the originating socket or transformed packet, but the output
   mark is arbitrary and depends only on the state.

The use of a separate mark provides additional flexibility. For
example:

- A packet subject to two transforms (e.g., transport mode inside
  tunnel mode) can have two different output marks applied to it,
  one for the transport mode SA and one for the tunnel mode SA.
- On a system where socket marks determine routing, the packets
  emitted by an IPsec tunnel can be routed based on a mark that
  is determined by the tunnel, not by the marks of the
  unencrypted packets.
- Support for setting the output marks can be introduced without
  breaking any existing setups that employ both mark-based
  routing and xfrm tunnel mode. Simply changing the code to use
  the xfrm mark for routing output packets could xfrm mark could
  change behaviour in a way that breaks these setups.

If the output mark is unspecified or set to zero, the mark is not
set or changed.

[backport of upstream 077fbac405]

Bug: 63589535
Test: https://android-review.googlesource.com/452776/ passes
Tested: make allyesconfig; make -j64
Tested: https://android-review.googlesource.com/452776
Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Change-Id: I76120fba036e21780ced31ad390faf491ea81e52
2017-10-15 23:54:33 +05:30
..
9p 9p: switch p9_client_read() to passing struct iov_iter * 2015-04-11 22:28:27 -04:00
bluetooth Bluetooth: L2CAP: Fix returning correct LE CoC response codes 2015-11-05 04:04:00 +01:00
caif caif: fix a signedness bug in cfpkt_iterate() 2015-02-20 17:35:14 -05:00
irda irda: Convert function pointer arrays and uses to const 2014-12-10 15:33:16 -05:00
iucv s390/iucv: do not use arrays as argument 2015-09-21 16:03:04 -07:00
netfilter netfilter: nf_tables: add clone interface to expression operations 2015-11-10 23:47:32 +01:00
netns Revert "ipv4/icmp: redirect messages can use the ingress daddr as source" 2015-10-14 06:01:07 -07:00
nfc NFC: nci: non-static functions can not be inline 2015-10-28 06:44:45 +01:00
phonet
sctp sctp: fix the check for _sctp_walk_params and _sctp_walk_errors 2017-08-11 09:08:55 -07:00
tc_act act_connmark: Remember the struct net instead of guessing it. 2015-09-18 21:59:31 +02:00
6lowpan.h 6lowpan: remove lowpan_is_addr_broadcast 2015-10-21 00:49:25 +02:00
act_api.h net_sched: make tcf_hash_destroy() static 2015-08-26 11:01:44 -07:00
addrconf.h Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android 2017-05-15 17:32:20 +08:00
af_ieee802154.h ieee802154: af_ieee802154: fix typo in comment. 2015-09-17 13:20:05 +02:00
af_rxrpc.h af_rxrpc.h: Remove extern from function prototypes 2013-07-31 17:50:01 -07:00
af_unix.h af_unix: split 'u->readlock' into two: 'iolock' and 'bindlock' 2016-09-30 10:18:36 +02:00
af_vsock.h VSOCK: define VSOCK_SS_LISTEN once only 2015-11-01 12:14:47 -05:00
ah.h ipsec: Remove obsolete MAX_AH_AUTH_LEN 2014-09-18 10:54:36 +02:00
arp.h neigh: Factor out ___neigh_lookup_noref 2015-03-04 00:23:23 -05:00
atmclip.h
ax25.h ax25: Stop using sock->sk_protinfo. 2015-06-28 16:55:44 -07:00
ax88796.h
bond_3ad.h bonding: simplify / unify event handling code for 3ad mode. 2015-11-02 22:52:24 -05:00
bond_alb.h net: Move bonding headers under include/net 2014-11-10 13:27:49 -05:00
bond_options.h bonding: convert num_grat_arp to the new bonding option API 2015-07-27 01:05:24 -07:00
bonding.h bonding: fix bond_get_stats() 2016-04-20 15:42:04 +09:00
busy_poll.h sched, net: Fixup busy_loop_us_clock() 2014-01-13 17:39:11 +01:00
cfg80211-wext.h
cfg80211.h cfg80211/mac80211: fix BSS leaks when abandoning assoc attempts 2017-01-09 08:07:42 +01:00
cfg802154.h nl802154: add support for security layer 2015-09-30 13:16:44 +02:00
checksum.h net: Add inet_proto_csum_replace_by_diff utility function 2015-08-17 21:33:06 -07:00
cipso_ipv4.h netlabel: out of bound access in cipso_v4_validate() 2017-02-18 16:39:26 +01:00
cls_cgroup.h cls_cgroup: factor out classid retrieval 2015-07-20 12:41:30 -07:00
codel.h net_sched: update hierarchical backlog too 2016-05-18 17:06:39 -07:00
compat.h net: switch importing msghdr from userland to {compat_,}import_iovec() 2015-04-09 00:02:26 -04:00
datalink.h net: Move prototype declaration to header file include/net/datalink.h from net/ipx/af_ipx.c 2014-02-09 17:32:50 -08:00
dcbevent.h include/net/: Fix FSF address in file headers 2013-12-06 12:37:56 -05:00
dcbnl.h net/dcb: Add IEEE QCN attribute 2015-03-06 21:50:02 -05:00
dn.h net: Move prototype declaration to header file include/net/dn.h from net/decnet/af_decnet.c 2014-02-09 17:32:49 -08:00
dn_dev.h dn_dev: add support for IFA_FLAGS nl attribute 2013-12-10 21:50:00 -05:00
dn_fib.h decnet (dn*.h): Remove extern from function prototypes 2013-09-20 14:49:32 -04:00
dn_neigh.h netfilter: Pass net into okfn 2015-09-17 17:18:37 -07:00
dn_nsp.h decnet (dn*.h): Remove extern from function prototypes 2013-09-20 14:49:32 -04:00
dn_route.h net: Move prototype declaration to appropriate header file from decnet/af_decnet.c 2014-02-09 17:32:49 -08:00
dsa.h net: dsa: use switchdev obj for VLAN add/del ops 2015-11-01 15:56:11 -05:00
dsfield.h
dst.h ipv4: add reference counting to metrics 2017-06-07 12:05:59 +02:00
dst_metadata.h gro: Make GRO aware of lightweight tunnels. 2016-03-03 15:07:04 -08:00
dst_ops.h ipv4, ipv6: Pass net into __ip_local_out and __ip6_local_out 2015-10-08 04:27:02 -07:00
esp.h net: move pskb_put() to core code 2013-11-07 19:28:58 -05:00
ethoc.h net/ethoc: support big-endian register layout 2015-09-23 15:33:15 -07:00
fib_rules.h net: core: add UID to flows, rules, and routes 2017-01-02 14:06:47 +05:30
firewire.h
flow.h net: inet: Support UID-based routing in IP protocols. 2017-01-02 14:44:15 +05:30
flow_dissector.h flow_dissector: Don't use bit fields. 2015-09-01 16:46:08 -07:00
flowcache.h flowcache: Make flow cache name space aware 2014-02-12 07:02:11 +01:00
fou.h ip_tunnel: Ops registration for secondary encap (fou, gue) 2014-11-12 15:01:35 -05:00
garp.h garp.h: Remove extern from function prototypes 2013-09-20 14:49:33 -04:00
gen_stats.h net: sched: enable per cpu qstats 2014-09-30 01:02:26 -04:00
genetlink.h genetlink: simplify genl_notify 2015-09-24 12:25:23 -07:00
geneve.h geneve: Consolidate Geneve functionality in single module. 2015-08-27 15:42:48 -07:00
gre.h gre: Remove support for sharing GRE protocol hook. 2015-08-10 14:03:54 -07:00
gro_cells.h gro_cells: remove spinlock protecting receive queues 2015-08-31 15:17:17 -07:00
gue.h gue: Protocol constants for remote checksum offload 2014-11-05 16:30:03 -05:00
icmp.h icmp.h: Remove extern from function prototypes 2013-09-20 14:49:33 -04:00
ieee80211_radiotap.h mac80211: propagate STBC / LDPC flags to radiotap 2014-02-06 09:34:58 +01:00
ieee802154_netdev.h nl802154: add support for security layer 2015-09-30 13:16:44 +02:00
if_inet6.h UPSTREAM: ipv6 addrconf: implement RFC7559 router solicitation backoff 2017-04-10 13:29:27 +05:30
inet6_connection_sock.h ipv6: remove obsolete inet6 functions 2015-10-03 04:32:42 -07:00
inet6_hashtables.h ipv6: get rid of __inet6_hash() 2015-03-18 22:00:35 -04:00
inet_common.h net: avoid NULL deref in inet_ctl_sock_destroy() 2015-11-02 22:46:09 -05:00
inet_connection_sock.h tcp/dccp: fix another race at listener dismantle 2016-03-03 15:07:07 -08:00
inet_ecn.h ipv6: update skb->csum when CE mark is propagated 2016-01-31 11:29:01 -08:00
inet_frag.h Revert "net: fix percpu memory leaks" 2017-09-27 11:00:11 +02:00
inet_hashtables.h tcp/dccp: fix hashdance race for passive sessions 2015-10-23 05:42:21 -07:00
inet_sock.h xfrm: take care of request sockets 2015-12-07 17:07:33 -05:00
inet_timewait_sock.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-10-20 06:08:27 -07:00
inetpeer.h inet: tcp: fix inetpeer_set_addr_v4() 2015-12-16 00:14:12 -05:00
ip.h Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android 2017-09-01 13:59:45 +05:30
ip6_checksum.h net: add gro_compute_pseudo functions 2014-08-24 18:09:23 -07:00
ip6_fib.h ipv6: fix sparse warning on rt6i_node 2017-09-27 11:00:10 +02:00
ip6_route.h Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android 2017-07-22 12:02:06 +08:00
ip6_tunnel.h ip6_tunnel: Clear IP6CB in ip6tunnel_xmit() 2016-11-21 10:06:39 +01:00
ip_fib.h ipv4: add reference counting to metrics 2017-06-07 12:05:59 +02:00
ip_tunnels.h tunnels: Remove encapsulation offloads on decap. 2016-10-31 04:13:59 -06:00
ip_vs.h ipvs: drop first packet to redirect conntrack 2016-05-11 11:21:09 +02:00
ipcomp.h
ipconfig.h
ipv6.h ipv6: fix flow labels when the traffic class is non-0 2017-06-17 06:39:37 +02:00
ipx.h switch ipxrtr_route_packet() from iovec to msghdr 2014-11-24 04:28:49 -05:00
iw_handler.h wext: handle NULL extra data in iwe_stream_add_point better 2017-08-11 09:08:56 -07:00
l3mdev.h UPSTREAM: net: l3mdev: Add master device lookup by index 2017-10-15 23:54:09 +05:30
lapb.h lapb.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
lib80211.h lib80211: remove unused print_ssid() 2014-10-14 02:18:27 +02:00
llc.h llc: make lock static 2014-01-03 20:56:48 -05:00
llc_c_ac.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
llc_c_ev.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
llc_c_st.h llc: Make llc_conn_ev_qfyr_t function pointer arrays const 2014-12-10 15:21:24 -05:00
llc_conn.h net: Pass kern from net_proto_family.create to sk_alloc 2015-05-11 10:50:17 -04:00
llc_if.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
llc_pdu.h net: llc: fix order of evaluation in llc_conn_ac_inc_vr_by_1 2014-01-01 22:22:43 -05:00
llc_s_ac.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
llc_s_ev.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
llc_s_st.h llc: Make llc_sap_action_t function pointer arrays const 2014-12-10 15:21:24 -05:00
llc_sap.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
lwtunnel.h dst: Pass net into dst->output 2015-10-08 04:27:03 -07:00
mac80211.h mac80211: RX BA support for sta max_rx_aggregation_subframes 2017-05-20 14:27:03 +02:00
mac802154.h 6lowpan: cleanup lowpan_header_decompress 2015-10-21 00:49:24 +02:00
mip6.h include/net/: Fix FSF address in file headers 2013-12-06 12:37:56 -05:00
mld.h ipv6: mld: answer mldv2 queries with mldv1 reports in mldv1 fallback 2014-09-22 16:23:15 -04:00
mpls.h openvswitch: Add basic MPLS support to kernel 2014-11-05 23:52:33 -08:00
mpls_iptunnel.h mpls: multipath route support 2015-10-23 06:26:42 -07:00
mrp.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-10-01 17:06:14 -04:00
ndisc.h Revert "ipv6: ndisc: inherit metadata dst when creating ndisc requests" 2015-12-01 15:07:59 -05:00
neighbour.h net: add explicit logging and stat for neighbour table overflow 2015-08-10 13:46:21 -07:00
net_namespace.h netfilter: nfacct: per network namespace support 2015-08-07 11:50:56 +02:00
net_ratelimit.h
netevent.h netevent/netlink.h: Remove extern from function prototypes 2013-09-21 14:01:39 -04:00
netlabel.h netlabel: fix the netlbl_catmap_setlong() dummy function 2014-08-07 20:55:21 -04:00
netlink.h netlink: add nla_get for le32 and le64 2015-09-30 13:16:44 +02:00
netprio_cgroup.h cgroup: clean up cgroup_subsys names and initialization 2014-02-08 10:36:58 -05:00
netrom.h netrom.h: Remove extern from function prototypes 2013-09-21 14:01:39 -04:00
nexthop.h
nl802154.h nl802154: add support for security layer 2015-09-30 13:16:44 +02:00
p8022.h p8022.h: Remove extern from function prototypes 2013-09-21 14:01:39 -04:00
ping.h net: Remove iocb argument from sendmsg and recvmsg 2015-03-02 13:06:31 -05:00
pkt_cls.h net: sched: remove tcf_proto from ematch calls 2014-10-06 18:02:32 -04:00
pkt_sched.h net: sched: consolidate tc_classify{,_compat} 2015-08-27 14:18:48 -07:00
protocol.h net: Eliminate no_check from protosw 2014-05-23 16:28:53 -04:00
psnap.h psnap.h: Remove extern from function prototypes 2013-09-23 01:51:08 -04:00
raw.h raw/rawv6.h: Remove extern from function prototypes 2013-09-23 01:51:08 -04:00
rawv6.h raw/rawv6.h: Remove extern from function prototypes 2013-09-23 01:51:08 -04:00
red.h reciprocal_divide: update/correction of the algorithm 2014-01-21 23:17:20 -08:00
regulatory.h cfg80211: allow wiphy specific regdomain management 2014-12-17 11:49:55 +01:00
request_sock.h tcp/dccp: fix race at listener dismantle phase 2015-10-16 00:52:19 -07:00
rose.h rose.h: Remove extern from function prototypes 2013-09-23 01:51:08 -04:00
route.h net: inet: Support UID-based routing in IP protocols. 2017-01-02 14:44:15 +05:30
rtnetlink.h netlink: Rightsize IFLA_AF_SPEC size calculation 2015-10-21 19:15:20 -07:00
sch_generic.h net_sched: fix order of queue length updates in qdisc_replace() 2017-08-30 10:19:21 +02:00
scm.h unix: correctly track in-flight fds in sending process user_struct 2016-03-03 15:07:05 -08:00
secure_seq.h inetpeer: get rid of ip_id_count 2014-06-02 11:00:41 -07:00
slhc_vj.h
snmp.h Merge branch 'for-3.18-consistent-ops' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu 2014-10-15 07:48:18 +02:00
sock.h net: core: Add a UID field to struct sock. 2017-01-02 14:06:41 +05:30
Space.h drivers: net: Include new header file in sbni.c 2013-12-19 18:51:20 -05:00
stp.h stp.h: Remove extern from function prototypes 2013-09-23 01:51:09 -04:00
switchdev.h switchdev: pass pointer to fib_info instead of copy 2016-06-24 10:18:16 -07:00
tcp.h Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android 2016-11-25 12:55:17 +08:00
tcp_memcontrol.h tcp_memcontrol: Kill struct tcp_memcontrol 2013-10-21 18:43:02 -04:00
tcp_states.h inet: add TCP_NEW_SYN_RECV state 2015-03-12 22:58:12 -04:00
timewait_sock.h inet: remove BUG_ON() in twsk_destructor() 2015-07-09 15:12:20 -07:00
transp_v6.h ipv6: make IPV6_RECVPKTINFO work for ipv4 datagrams 2014-01-19 19:53:18 -08:00
tso.h net: tso: add support for IPv6 2015-10-26 22:24:22 -07:00
udp.h net: diag: support SOCK_DESTROY for UDP sockets 2016-10-12 17:34:22 +05:30
udp_tunnel.h vxlan: do not receive IPv4 packets on IPv6 socket 2015-08-29 13:07:54 -07:00
udplite.h net: switch memcpy_fromiovec()/memcpy_fromiovecend() users to copy_from_iter() 2015-02-04 01:34:15 -05:00
vsock_addr.h VSOCK: Move af_vsock.h and vsock_addr.h to include/net 2013-07-27 22:14:06 -07:00
vxlan.h vxlan: fix incorrect RCO bit in VXLAN header 2015-12-05 18:15:29 -05:00
wext.h wext.h: Remove extern from function prototypes 2013-09-23 16:29:40 -04:00
wimax.h net: treewide: Fix typo found in DocBook/networking.xml 2014-09-05 17:35:28 -07:00
x25.h x25.h: Remove extern from function prototypes 2013-09-23 16:29:41 -04:00
x25device.h
xfrm.h BACKPORT: net: xfrm: support setting an output mark. 2017-10-15 23:54:33 +05:30