~hc/RK356X_SDK_RELEASE.git

..	..	@@ -1,11 +1,7 @@
	1	+// SPDX-License-Identifier: GPL-2.0-or-later
1	2	/*
2	3	* xfrm4_output.c - Common IPsec encapsulation code for IPv4.
3	4	* Copyright (c) 2004 Herbert Xu <herbert@gondor.apana.org.au>
4		- *
5		- * This program is free software; you can redistribute it and/or
6		- * modify it under the terms of the GNU General Public License
7		- * as published by the Free Software Foundation; either version
8		- * 2 of the License, or (at your option) any later version.
9	5	*/
10	6
11	7	#include <linux/if_ether.h>
..	..	@@ -18,88 +14,24 @@
18	14	#include <net/xfrm.h>
19	15	#include <net/icmp.h>
20	16
21		-static int xfrm4_tunnel_check_size(struct sk_buff *skb)
22		-{
23		- int mtu, ret = 0;
24		-
25		- if (IPCB(skb)->flags & IPSKB_XFRM_TUNNEL_SIZE)
26		- goto out;
27		-
28		- if (!(ip_hdr(skb)->frag_off & htons(IP_DF)) \|\| skb->ignore_df)
29		- goto out;
30		-
31		- mtu = dst_mtu(skb_dst(skb));
32		- if ((!skb_is_gso(skb) && skb->len > mtu) \|\|
33		- (skb_is_gso(skb) &&
34		- !skb_gso_validate_network_len(skb, ip_skb_dst_mtu(skb->sk, skb)))) {
35		- skb->protocol = htons(ETH_P_IP);
36		-
37		- if (skb->sk)
38		- xfrm_local_error(skb, mtu);
39		- else
40		- icmp_send(skb, ICMP_DEST_UNREACH,
41		- ICMP_FRAG_NEEDED, htonl(mtu));
42		- ret = -EMSGSIZE;
43		- }
44		-out:
45		- return ret;
46		-}
47		-
48		-int xfrm4_extract_output(struct xfrm_state x, struct sk_buff skb)
49		-{
50		- int err;
51		-
52		- err = xfrm4_tunnel_check_size(skb);
53		- if (err)
54		- return err;
55		-
56		- XFRM_MODE_SKB_CB(skb)->protocol = ip_hdr(skb)->protocol;
57		-
58		- return xfrm4_extract_header(skb);
59		-}
60		-
61		-int xfrm4_prepare_output(struct xfrm_state x, struct sk_buff skb)
62		-{
63		- int err;
64		-
65		- err = xfrm_inner_extract_output(x, skb);
66		- if (err)
67		- return err;
68		-
69		- IPCB(skb)->flags \|= IPSKB_XFRM_TUNNEL_SIZE;
70		- skb->protocol = htons(ETH_P_IP);
71		-
72		- return x->outer_mode->output2(x, skb);
73		-}
74		-EXPORT_SYMBOL(xfrm4_prepare_output);
75		-
76		-int xfrm4_output_finish(struct sock sk, struct sk_buff skb)
77		-{
78		- memset(IPCB(skb), 0, sizeof(*IPCB(skb)));
79		-
80		- IPCB(skb)->flags \|= IPSKB_XFRM_TRANSFORMED;
81		-
82		- return xfrm_output(sk, skb);
83		-}
84		-
85	17	static int __xfrm4_output(struct net net, struct sock sk, struct sk_buff *skb)
86	18	{
	19	+#ifdef CONFIG_NETFILTER
87	20	struct xfrm_state *x = skb_dst(skb)->xfrm;
88	21
89		-#ifdef CONFIG_NETFILTER
90	22	if (!x) {
91	23	IPCB(skb)->flags \|= IPSKB_REROUTED;
92	24	return dst_output(net, sk, skb);
93	25	}
94	26	#endif
95	27
96		- return x->outer_mode->afinfo->output_finish(sk, skb);
	28	+ return xfrm_output(sk, skb);
97	29	}
98	30
99	31	int xfrm4_output(struct net net, struct sock sk, struct sk_buff *skb)
100	32	{
101	33	return NF_HOOK_COND(NFPROTO_IPV4, NF_INET_POST_ROUTING,
102		- net, sk, skb, NULL, skb_dst(skb)->dev,
	34	+ net, sk, skb, skb->dev, skb_dst(skb)->dev,
103	35	__xfrm4_output,
104	36	!(IPCB(skb)->flags & IPSKB_REROUTED));
105	37	}