~hc/RK356X_SDK_RELEASE.git

..	..	@@ -17,11 +17,6 @@
17	17	#include <net/ipv6.h>
18	18	#include <net/xfrm.h>
19	19
20		-int xfrm6_extract_input(struct xfrm_state x, struct sk_buff skb)
21		-{
22		- return xfrm6_extract_header(skb);
23		-}
24		-
25	20	int xfrm6_rcv_spi(struct sk_buff *skb, int nexthdr, __be32 spi,
26	21	struct ip6_tnl *t)
27	22	{
..	..	@@ -35,9 +30,12 @@
35	30	static int xfrm6_transport_finish2(struct net net, struct sock sk,
36	31	struct sk_buff *skb)
37	32	{
38		- if (xfrm_trans_queue(skb, ip6_rcv_finish))
39		- __kfree_skb(skb);
40		- return -1;
	33	+ if (xfrm_trans_queue(skb, ip6_rcv_finish)) {
	34	+ kfree_skb(skb);
	35	+ return NET_RX_DROP;
	36	+ }
	37	+
	38	+ return 0;
41	39	}
42	40
43	41	int xfrm6_transport_finish(struct sk_buff *skb, int async)
..	..	@@ -60,13 +58,106 @@
60	58	if (xo && (xo->flags & XFRM_GRO)) {
61	59	skb_mac_header_rebuild(skb);
62	60	skb_reset_transport_header(skb);
63		- return -1;
	61	+ return 0;
64	62	}
65	63
66	64	NF_HOOK(NFPROTO_IPV6, NF_INET_PRE_ROUTING,
67	65	dev_net(skb->dev), NULL, skb, skb->dev, NULL,
68	66	xfrm6_transport_finish2);
69		- return -1;
	67	+ return 0;
	68	+}
	69	+
	70	+/* If it's a keepalive packet, then just eat it.
	71	+ * If it's an encapsulated packet, then pass it to the
	72	+ * IPsec xfrm input.
	73	+ * Returns 0 if skb passed to xfrm or was dropped.
	74	+ * Returns >0 if skb should be passed to UDP.
	75	+ * Returns <0 if skb should be resubmitted (-ret is protocol)
	76	+ */
	77	+int xfrm6_udp_encap_rcv(struct sock sk, struct sk_buff skb)
	78	+{
	79	+ struct udp_sock *up = udp_sk(sk);
	80	+ struct udphdr *uh;
	81	+ struct ipv6hdr *ip6h;
	82	+ int len;
	83	+ int ip6hlen = sizeof(struct ipv6hdr);
	84	+
	85	+ __u8 *udpdata;
	86	+ __be32 *udpdata32;
	87	+ __u16 encap_type = up->encap_type;
	88	+
	89	+ /* if this is not encapsulated socket, then just return now */
	90	+ if (!encap_type)
	91	+ return 1;
	92	+
	93	+ /* If this is a paged skb, make sure we pull up
	94	+ * whatever data we need to look at. */
	95	+ len = skb->len - sizeof(struct udphdr);
	96	+ if (!pskb_may_pull(skb, sizeof(struct udphdr) + min(len, 8)))
	97	+ return 1;
	98	+
	99	+ /* Now we can get the pointers */
	100	+ uh = udp_hdr(skb);
	101	+ udpdata = (__u8 *)uh + sizeof(struct udphdr);
	102	+ udpdata32 = (__be32 *)udpdata;
	103	+
	104	+ switch (encap_type) {
	105	+ default:
	106	+ case UDP_ENCAP_ESPINUDP:
	107	+ /* Check if this is a keepalive packet. If so, eat it. */
	108	+ if (len == 1 && udpdata[0] == 0xff) {
	109	+ goto drop;
	110	+ } else if (len > sizeof(struct ip_esp_hdr) && udpdata32[0] != 0) {
	111	+ /* ESP Packet without Non-ESP header */
	112	+ len = sizeof(struct udphdr);
	113	+ } else
	114	+ /* Must be an IKE packet.. pass it through */
	115	+ return 1;
	116	+ break;
	117	+ case UDP_ENCAP_ESPINUDP_NON_IKE:
	118	+ /* Check if this is a keepalive packet. If so, eat it. */
	119	+ if (len == 1 && udpdata[0] == 0xff) {
	120	+ goto drop;
	121	+ } else if (len > 2 * sizeof(u32) + sizeof(struct ip_esp_hdr) &&
	122	+ udpdata32[0] == 0 && udpdata32[1] == 0) {
	123	+
	124	+ /* ESP Packet with Non-IKE marker */
	125	+ len = sizeof(struct udphdr) + 2 * sizeof(u32);
	126	+ } else
	127	+ /* Must be an IKE packet.. pass it through */
	128	+ return 1;
	129	+ break;
	130	+ }
	131	+
	132	+ /* At this point we are sure that this is an ESPinUDP packet,
	133	+ * so we need to remove 'len' bytes from the packet (the UDP
	134	+ * header and optional ESP marker bytes) and then modify the
	135	+ * protocol to ESP, and then call into the transform receiver.
	136	+ */
	137	+ if (skb_unclone(skb, GFP_ATOMIC))
	138	+ goto drop;
	139	+
	140	+ /* Now we can update and verify the packet length... */
	141	+ ip6h = ipv6_hdr(skb);
	142	+ ip6h->payload_len = htons(ntohs(ip6h->payload_len) - len);
	143	+ if (skb->len < ip6hlen + len) {
	144	+ /* packet is too small!?! */
	145	+ goto drop;
	146	+ }
	147	+
	148	+ /* pull the data buffer up to the ESP header and set the
	149	+ * transport header to point to ESP. Keep UDP on the stack
	150	+ * for later.
	151	+ */
	152	+ __skb_pull(skb, len);
	153	+ skb_reset_transport_header(skb);
	154	+
	155	+ /* process ESP */
	156	+ return xfrm6_rcv_encap(skb, IPPROTO_ESP, 0, encap_type);
	157	+
	158	+drop:
	159	+ kfree_skb(skb);
	160	+ return 0;
70	161	}
71	162
72	163	int xfrm6_rcv_tnl(struct sk_buff skb, struct ip6_tnl t)
..	..	@@ -86,14 +177,16 @@
86	177	{
87	178	struct net *net = dev_net(skb->dev);
88	179	struct xfrm_state *x = NULL;
	180	+ struct sec_path *sp;
89	181	int i = 0;
90	182
91		- if (secpath_set(skb)) {
	183	+ sp = secpath_set(skb);
	184	+ if (!sp) {
92	185	XFRM_INC_STATS(net, LINUX_MIB_XFRMINERROR);
93	186	goto drop;
94	187	}
95	188
96		- if (1 + skb->sp->len == XFRM_MAX_DEPTH) {
	189	+ if (1 + sp->len == XFRM_MAX_DEPTH) {
97	190	XFRM_INC_STATS(net, LINUX_MIB_XFRMINBUFFERERROR);
98	191	goto drop;
99	192	}
..	..	@@ -145,7 +238,7 @@
145	238	goto drop;
146	239	}
147	240
148		- skb->sp->xvec[skb->sp->len++] = x;
	241	+ sp->xvec[sp->len++] = x;
149	242
150	243	spin_lock(&x->lock);
151	244