diff --git a/include/linux/xfrm.h b/include/linux/xfrm.h index b93d6f5980851e5c7fe4ea1cfe11235ebada4fd3..22e61fdf75a2bd46a656e164e046a006acd43343 100644 --- a/include/linux/xfrm.h +++ b/include/linux/xfrm.h @@ -84,6 +84,16 @@ struct xfrm_replay_state { __u32 bitmap; }; +struct xfrm_replay_state_esn { + unsigned int bmp_len; + __u32 oseq; + __u32 seq; + __u32 oseq_hi; + __u32 seq_hi; + __u32 replay_window; + __u32 bmp[0]; +}; + struct xfrm_algo { char alg_name[64]; unsigned int alg_key_len; /* in bits */ @@ -284,6 +294,7 @@ enum xfrm_attr_type_t { XFRMA_ALG_AUTH_TRUNC, /* struct xfrm_algo_auth */ XFRMA_MARK, /* struct xfrm_mark */ XFRMA_TFCPAD, /* __u32 */ + XFRMA_REPLAY_ESN_VAL, /* struct xfrm_replay_esn */ __XFRMA_MAX #define XFRMA_MAX (__XFRMA_MAX - 1) @@ -351,6 +362,7 @@ struct xfrm_usersa_info { #define XFRM_STATE_ICMP 16 #define XFRM_STATE_AF_UNSPEC 32 #define XFRM_STATE_ALIGN4 64 +#define XFRM_STATE_ESN 128 }; struct xfrm_usersa_id { diff --git a/include/net/xfrm.h b/include/net/xfrm.h index 8f8bd82606bff3f23f55f27e02f3e2f64731be0e..7640822bc5154c9e15b6339ae3fe5893b9e4d9bf 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h @@ -186,9 +186,11 @@ struct xfrm_state { /* State for replay detection */ struct xfrm_replay_state replay; + struct xfrm_replay_state_esn *replay_esn; /* Replay detection state at the time we sent the last notification */ struct xfrm_replay_state preplay; + struct xfrm_replay_state_esn *preplay_esn; /* internal flag that only holds state for delayed aevent at the * moment @@ -1569,6 +1571,11 @@ static inline int xfrm_alg_auth_len(const struct xfrm_algo_auth *alg) return sizeof(*alg) + ((alg->alg_key_len + 7) / 8); } +static inline int xfrm_replay_state_esn_len(struct xfrm_replay_state_esn *replay_esn) +{ + return sizeof(*replay_esn) + replay_esn->bmp_len * sizeof(__u32); +} + #ifdef CONFIG_XFRM_MIGRATE static inline struct xfrm_algo *xfrm_algo_clone(struct xfrm_algo *orig) {