git.baikalelectronics.ru Git - kernel.git/commit

xfrm: Add virtual xfrm interfaces

This patch adds support for virtual xfrm interfaces.
Packets that are routed through such an interface
are guaranteed to be IPsec transformed or dropped.
It is a generic virtual interface that ensures IPsec
transformation, no need to know what happens behind
the interface. This means that we can tunnel IPv4 and
IPv6 through the same interface and support all xfrm
modes (tunnel, transport and beet) on it.

Co-developed-by: Lorenzo Colitti <lorenzo@google.com>
Co-developed-by: Benedict Wong <benedictwong@google.com>
Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
Signed-off-by: Benedict Wong <benedictwong@google.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Acked-by: Shannon Nelson <shannon.nelson@oracle.com>
Tested-by: Benedict Wong <benedictwong@google.com>
Tested-by: Antony Antony <antony@phenome.org>
Reviewed-by: Eyal Birger <eyal.birger@gmail.com>

author	Steffen Klassert <steffen.klassert@secunet.com>
	Tue, 12 Jun 2018 12:07:12 +0000 (14:07 +0200)
committer	Steffen Klassert <steffen.klassert@secunet.com>
	Sat, 23 Jun 2018 14:07:25 +0000 (16:07 +0200)
commit	6b26f4d419320f139934cb35ba4def6f853eea2f
tree	108d48fe7d28b6096f1bc209bc497c36406c12f5	tree \| snapshot
parent	9cb1e8a6f9c6c46d9f32521f05e288c66546fea4	commit \| diff

include/net/xfrm.h		diff \| blob \| history
include/uapi/linux/if_link.h		diff \| blob \| history
net/xfrm/Kconfig		diff \| blob \| history
net/xfrm/Makefile		diff \| blob \| history
net/xfrm/xfrm_input.c		diff \| blob \| history
net/xfrm/xfrm_interface.c	[new file with mode: 0644]	blob
net/xfrm/xfrm_policy.c		diff \| blob \| history