diff options
| author |   David S. Miller <davem@davemloft.net> | 2021-08-27 11:16:29 +0100 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2021-08-27 11:16:29 +0100 |
| commit | fe50893aa86eb9f1c6ccf2ceef274193b6313aad (patch) | |
| tree | fac6e4190b44253974e894133d7590e4d9341e5d /include/net/netns | |
| parent | Merge tag 'mlx5-updates-2021-08-26' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux (diff) | |
| parent | net: xfrm: fix shift-out-of-bounce (diff) | |
| download | linux-dev-fe50893aa86eb9f1c6ccf2ceef274193b6313aad.tar.xz linux-dev-fe50893aa86eb9f1c6ccf2ceef274193b6313aad.zip | |
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/
ipsec-next
Steffen Klassert says:
====================
pull request (net-next): ipsec-next 2021-08-27
1) Remove an unneeded extra variable in esp4 esp_ssg_unref.
From Corey Minyard.
2) Add a configuration option to change the default behaviour
to block traffic if there is no matching policy.
Joint work with Christian Langrock and Antony Antony.
3) Fix a shift-out-of-bounce bug reported from syzbot.
From Pavel Skripkin.
Please pull or let me know if there are problems.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net/netns')
| -rw-r--r-- | include/net/netns/xfrm.h | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/include/net/netns/xfrm.h b/include/net/netns/xfrm.h index 1f4e1816fd36..947733a639a6 100644 --- a/include/net/netns/xfrm.h +++ b/include/net/netns/xfrm.h @@ -65,6 +65,13 @@ struct netns_xfrm { u32 sysctl_aevent_rseqth; int sysctl_larval_drop; u32 sysctl_acq_expires; + + u8 policy_default; +#define XFRM_POL_DEFAULT_IN 1 +#define XFRM_POL_DEFAULT_OUT 2 +#define XFRM_POL_DEFAULT_FWD 4 +#define XFRM_POL_DEFAULT_MASK 7 + #ifdef CONFIG_SYSCTL struct ctl_table_header *sysctl_hdr; #endif |