Merge branch 'master' into net-next

2025-11-03 20:20:35 +00:00 · 2017-06-15 08:32:53 -07:00 · 2017-06-15 08:32:53 -07:00 · be8b93e3e2
commit be8b93e3e2
parent b68581d43e 3dc98cf2f5
6 changed files with 71 additions and 30 deletions
--- a/include/linux/ipsec.h
+++ b/include/linux/ipsec.h
@ -0,0 +1,47 @@
+#ifndef _LINUX_IPSEC_H
+#define _LINUX_IPSEC_H
+
+/* The definitions, required to talk to KAME racoon IKE. */
+
+#include <linux/pfkeyv2.h>
+
+#define IPSEC_PORT_ANY		0
+#define IPSEC_ULPROTO_ANY	255
+#define IPSEC_PROTO_ANY		255
+
+enum {
+	IPSEC_MODE_ANY		= 0,	/* We do not support this for SA */
+	IPSEC_MODE_TRANSPORT	= 1,
+	IPSEC_MODE_TUNNEL	= 2,
+	IPSEC_MODE_BEET         = 3
+};
+
+enum {
+	IPSEC_DIR_ANY		= 0,
+	IPSEC_DIR_INBOUND	= 1,
+	IPSEC_DIR_OUTBOUND	= 2,
+	IPSEC_DIR_FWD		= 3,	/* It is our own */
+	IPSEC_DIR_MAX		= 4,
+	IPSEC_DIR_INVALID	= 5
+};
+
+enum {
+	IPSEC_POLICY_DISCARD	= 0,
+	IPSEC_POLICY_NONE	= 1,
+	IPSEC_POLICY_IPSEC	= 2,
+	IPSEC_POLICY_ENTRUST	= 3,
+	IPSEC_POLICY_BYPASS	= 4
+};
+
+enum {
+	IPSEC_LEVEL_DEFAULT	= 0,
+	IPSEC_LEVEL_USE		= 1,
+	IPSEC_LEVEL_REQUIRE	= 2,
+	IPSEC_LEVEL_UNIQUE	= 3
+};
+
+#define IPSEC_MANUAL_REQID_MAX	0x3fff
+
+#define IPSEC_REPLAYWSIZE  32
+
+#endif	/* _LINUX_IPSEC_H */
--- a/include/utils.h
+++ b/include/utils.h
@ -27,19 +27,6 @@ extern int max_flush_loops;
 extern int batch_mode;
 extern bool do_all;

-#ifndef IPPROTO_ESP
-#define IPPROTO_ESP	50
-#endif
-#ifndef IPPROTO_AH
-#define IPPROTO_AH	51
-#endif
-#ifndef IPPROTO_COMP
-#define IPPROTO_COMP	108
-#endif
-#ifndef IPSEC_PROTO_ANY
-#define IPSEC_PROTO_ANY	255
-#endif
-
 #ifndef CONFDIR
 #define CONFDIR		"/etc/iproute2"
 #endif
--- a/ip/ipmroute.c
+++ b/ip/ipmroute.c
@ -178,6 +178,11 @@ int print_mroute(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg)
 		fprintf(fp, ", Age %4i.%.2i", (int)tv.tv_sec,
 			(int)tv.tv_usec/10000);
 	}
+
+	if (table && (table != RT_TABLE_MAIN || show_details > 0) && !filter.tb)
+		fprintf(fp, " Table: %s",
+			rtnl_rttable_n2a(table, b1, sizeof(b1)));
+
 	fprintf(fp, "\n");
 	fflush(fp);
 	return 0;
--- a/ip/iproute.c
+++ b/ip/iproute.c
@ -1243,16 +1243,14 @@ static int iproute_modify(int cmd, unsigned int flags, int argc, char **argv)
 	if (!dst_ok)
 		usage();

-	if (d || nhs_ok)  {
+	if (d) {
 		int idx;

-		if (d) {
-			if ((idx = ll_name_to_index(d)) == 0) {
-				fprintf(stderr, "Cannot find device \"%s\"\n", d);
-				return -1;
-			}
-			addattr32(&req.n, sizeof(req), RTA_OIF, idx);
+		if ((idx = ll_name_to_index(d)) == 0) {
+			fprintf(stderr, "Cannot find device \"%s\"\n", d);
+			return -1;
 		}
+		addattr32(&req.n, sizeof(req), RTA_OIF, idx);
 	}

 	if (mxrta->rta_len > RTA_LENGTH(0)) {
--- a/ip/link_gre6.c
+++ b/ip/link_gre6.c
@ -355,6 +355,18 @@ get_failed:
 					invarg("invalid fwmark\n", *argv);
 				flags &= ~IP6_TNL_F_USE_ORIG_FWMARK;
 			}
+		} else if (strcmp(*argv, "encaplimit") == 0) {
+			NEXT_ARG();
+			if (strcmp(*argv, "none") == 0) {
+				flags |= IP6_TNL_F_IGN_ENCAP_LIMIT;
+			} else {
+				__u8 uval;
+
+				if (get_u8(&uval, *argv, 0) < -1)
+					invarg("invalid ELIM", *argv);
+				encap_limit = uval;
+				flags &= ~IP6_TNL_F_IGN_ENCAP_LIMIT;
+			}
 		} else
 			usage();
 		argc--; argv++;
--- a/ip/xfrm.h
+++ b/ip/xfrm.h
@ -26,17 +26,9 @@

 #include <stdio.h>
 #include <sys/socket.h>
+#include <linux/in.h>
 #include <linux/xfrm.h>
-
-#ifndef IPPROTO_SCTP
-# define IPPROTO_SCTP	132
-#endif
-#ifndef IPPROTO_DCCP
-# define IPPROTO_DCCP	33
-#endif
-#ifndef IPPROTO_MH
-# define IPPROTO_MH	135
-#endif
+#include <linux/ipsec.h>

 #define XFRMS_RTA(x)  ((struct rtattr*)(((char*)(x)) + NLMSG_ALIGN(sizeof(struct xfrm_usersa_info))))
 #define XFRMS_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct xfrm_usersa_info))