aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv6/xfrm6_mode_tunnel.c
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2007-10-09 13:25:59 -0700
committerDavid S. Miller <davem@sunset.davemloft.net>2007-10-10 16:55:00 -0700
commit007f0211a8872f32381f5d44becf8eb2f27f3c30 (patch)
tree9f6879726b6f016379368ebbde6ce3ec13faaa39 /net/ipv6/xfrm6_mode_tunnel.c
parent[IPSEC]: Remove bogus ref count in xfrm_secpath_reject (diff)
downloadlinux-dev-007f0211a8872f32381f5d44becf8eb2f27f3c30.tar.xz
linux-dev-007f0211a8872f32381f5d44becf8eb2f27f3c30.zip
[IPSEC]: Store IPv6 nh pointer in mac_header on output
Current the x->mode->output functions store the IPv6 nh pointer in the skb network header. This is inconvenient because the network header then has to be fixed up before the packet can leave the IPsec stack. The mac header field is unused on output so we can use that to store this instead. This patch does that and removes the network header fix-up in xfrm_output. It also uses ipv6_hdr where appropriate in the x->type->output functions. There is also a minor clean-up in esp4 to make it use the same code as esp6 to help any subsequent effort to merge the two. Lastly it kills two redundant skb_set_* statements in BEET that were simply copied over from transport mode. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6/xfrm6_mode_tunnel.c')
-rw-r--r--net/ipv6/xfrm6_mode_tunnel.c13
1 files changed, 7 insertions, 6 deletions
diff --git a/net/ipv6/xfrm6_mode_tunnel.c b/net/ipv6/xfrm6_mode_tunnel.c
index 9fc95bc6509f..3dd40af75e81 100644
--- a/net/ipv6/xfrm6_mode_tunnel.c
+++ b/net/ipv6/xfrm6_mode_tunnel.c
@@ -38,10 +38,11 @@ static inline void ip6ip_ecn_decapsulate(struct sk_buff *skb)
* payload_len
*
* On exit, skb->h will be set to the start of the encapsulation header to be
- * filled in by x->type->output and skb->nh will be set to the nextheader field
- * of the extension header directly preceding the encapsulation header, or in
- * its absence, that of the top IP header. The value of skb->data will always
- * point to the top IP header.
+ * filled in by x->type->output and the mac header will be set to the
+ * nextheader field of the extension header directly preceding the
+ * encapsulation header, or in its absence, that of the top IP header.
+ * The value of skb->data and the network header will always point to the
+ * top IP header.
*/
static int xfrm6_tunnel_output(struct xfrm_state *x, struct sk_buff *skb)
{
@@ -53,10 +54,10 @@ static int xfrm6_tunnel_output(struct xfrm_state *x, struct sk_buff *skb)
skb_push(skb, x->props.header_len);
iph = ipv6_hdr(skb);
+ skb_set_mac_header(skb, offsetof(struct ipv6hdr, nexthdr));
skb_reset_network_header(skb);
+ skb_set_transport_header(skb, sizeof(struct ipv6hdr));
top_iph = ipv6_hdr(skb);
- skb->transport_header = skb->network_header + sizeof(struct ipv6hdr);
- skb->network_header += offsetof(struct ipv6hdr, nexthdr);
top_iph->version = 6;
if (xdst->route->ops->family == AF_INET6) {