[IPSEC]: Add compatibility algorithm name support

[linux-2.6] / include / net / xfrm.h

diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index afa508d92c93fdf6b3a4a96946a223c440514750..e9114e41affce0e56b544483035c7845f8e46738 100644 (file)
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -8,7 +8,6 @@
 #include <linux/list.h>
 #include <linux/skbuff.h>
 #include <linux/socket.h>
-#include <linux/crypto.h>
 #include <linux/pfkeyv2.h>
 #include <linux/in6.h>
 #include <linux/mutex.h>
@@ -20,6 +19,8 @@
 #include <net/ip6_fib.h>
 
 #define XFRM_ALIGN8(len)       (((len) + 7) & ~7)
+#define MODULE_ALIAS_XFRM_MODE(family, encap) \
+       MODULE_ALIAS("xfrm-mode-" __stringify(family) "-" __stringify(encap))
 
 extern struct sock *xfrm_nl;
 extern u32 sysctl_xfrm_aevent_etime;
@@ -164,6 +165,7 @@ struct xfrm_state
        /* Reference to data common to all the instances of this
         * transformer. */
        struct xfrm_type        *type;
+       struct xfrm_mode        *mode;
 
        /* Security context */
        struct xfrm_sec_ctx     *security;
@@ -204,8 +206,8 @@ struct xfrm_type;
 struct xfrm_dst;
 struct xfrm_policy_afinfo {
        unsigned short          family;
-       rwlock_t                lock;
-       struct xfrm_type_map    *type_map;
+       struct xfrm_type        *type_map[IPPROTO_MAX];
+       struct xfrm_mode        *mode_map[XFRM_MODE_MAX];
        struct dst_ops          *dst_ops;
        void                    (*garbage_collect)(void);
        int                     (*dst_lookup)(struct xfrm_dst **dst, struct flowi *fl);
@@ -232,7 +234,6 @@ extern int __xfrm_state_delete(struct xfrm_state *x);
 
 struct xfrm_state_afinfo {
        unsigned short          family;
-       rwlock_t                lock;
        struct list_head        *state_bydst;
        struct list_head        *state_byspi;
        int                     (*init_flags)(struct xfrm_state *x);
@@ -264,16 +265,24 @@ struct xfrm_type
        u32                     (*get_max_size)(struct xfrm_state *, int size);
 };
 
-struct xfrm_type_map {
-       rwlock_t                lock;
-       struct xfrm_type        *map[256];
-};
-
 extern int xfrm_register_type(struct xfrm_type *type, unsigned short family);
 extern int xfrm_unregister_type(struct xfrm_type *type, unsigned short family);
 extern struct xfrm_type *xfrm_get_type(u8 proto, unsigned short family);
 extern void xfrm_put_type(struct xfrm_type *type);
 
+struct xfrm_mode {
+       int (*input)(struct xfrm_state *x, struct sk_buff *skb);
+       int (*output)(struct sk_buff *skb);
+
+       struct module *owner;
+       unsigned int encap;
+};
+
+extern int xfrm_register_mode(struct xfrm_mode *mode, int family);
+extern int xfrm_unregister_mode(struct xfrm_mode *mode, int family);
+extern struct xfrm_mode *xfrm_get_mode(unsigned int encap, int family);
+extern void xfrm_put_mode(struct xfrm_mode *mode);
+
 struct xfrm_tmpl
 {
 /* id in template is interpreted as:
@@ -845,6 +854,7 @@ struct xfrm_algo_comp_info {
 
 struct xfrm_algo_desc {
        char *name;
+       char *compat;
        u8 available:1;
        union {
                struct xfrm_algo_auth_info auth;
@@ -975,6 +985,7 @@ extern struct xfrm_algo_desc *xfrm_ealg_get_byname(char *name, int probe);
 extern struct xfrm_algo_desc *xfrm_calg_get_byname(char *name, int probe);
 
 struct crypto_tfm;
+struct scatterlist;
 typedef void (icv_update_fn_t)(struct crypto_tfm *, struct scatterlist *, unsigned int);
 
 extern void skb_icv_walk(const struct sk_buff *skb, struct crypto_tfm *tfm,