Piteball/android_kernel_google_msm
1
0
Fork 0
mirror of https://github.com/followmsi/android_kernel_google_msm.git synced 2024-11-06 23:17:41 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_google_msm/net/ipv6
History
Nicolas Dichtel 1b5c151075 xfrm: allow to avoid copying DSCP during encapsulation 
By default, DSCP is copying during encapsulation.
Copying the DSCP in IPsec tunneling may be a bit dangerous because packets with
different DSCP may get reordered relative to each other in the network and then
dropped by the remote IPsec GW if the reordering becomes too big compared to the
replay window.

It is possible to avoid this copy with netfilter rules, but it's very convenient
to be able to configure it for each SA directly.

This patch adds a toogle for this purpose. By default, it's not set to maintain
backward compatibility.

Field flags in struct xfrm_usersa_info is full, hence I add a new attribute.

Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Change-Id: I885117f02790536e2c5002232b3b33be651a568d
2020-11-30 19:39:33 +03:00
..
netfilter netfilter: xt_rpfilter: depend on raw or mangle table 2018-12-07 22:04:24 +04:00
addrconf.c net: Explicitly initialize u64_stats_sync structures for lockdep 2020-11-30 19:26:40 +03:00
addrconf_core.c
addrlabel.c ipv6/addrlabel: fix ip6addrlbl_get() 2016-10-26 23:15:41 +08:00
af_inet6.c net: Explicitly initialize u64_stats_sync structures for lockdep 2020-11-30 19:26:40 +03:00
ah6.c
anycast.c ipv6: clean up anycast when an interface is destroyed 2016-10-29 23:12:33 +08:00
datagram.c Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1 2017-12-27 17:13:15 +03:00
esp6.c
exthdrs.c ipv6: add complete rcu protection around np->opt 2016-06-17 02:54:32 +00:00
exthdrs_core.c
fib6_rules.c
icmp.c Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1 2017-12-27 17:13:15 +03:00
inet6_connection_sock.c Revert "net: core: Support UID-based routing." 2017-08-27 19:09:20 +03:00
inet6_hashtables.c net: do not call sock_put() on TIMEWAIT sockets 2013-11-04 04:23:40 -08:00
ip6_fib.c ipv6: update ip6_rt_last_gc every time GC is run 2016-10-26 23:15:43 +08:00
ip6_flowlabel.c
ip6_input.c ipv6: add option to drop unicast encapsulated in L2 multicast 2018-12-07 21:59:38 +04:00
ip6_output.c netfilter: nf_conntrack_ipv6: improve fragmentation handling 2018-12-07 22:02:09 +04:00
ip6_tunnel.c net: Replace u64_stats_fetch_begin_bh to u64_stats_fetch_begin_irq 2020-11-30 19:26:49 +03:00
ip6mr.c ipv4, fib: pass LOOPBACK_IFINDEX instead of 0 to flowi4_iif 2018-08-27 14:52:49 +00:00
ipcomp6.c
ipv6_sockglue.c Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1 2017-12-27 17:13:15 +03:00
Kconfig
Makefile Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1 2017-12-27 17:13:15 +03:00
mcast.c ipv6: some ipv6 statistic counters failed to disable bh 2014-04-26 17:13:18 -07:00
mip6.c
ndisc.c ipv6: add option to drop unsolicited neighbor advertisements 2018-12-07 21:59:38 +04:00
netfilter.c
output_core.c drivers/net, ipv6: Select IPv6 fragment idents for virtio UFO packets 2015-02-02 17:05:26 +08:00
ping.c Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1 2017-12-27 17:13:15 +03:00
proc.c
protocol.c
raw.c Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1 2017-12-27 17:13:15 +03:00
reassembly.c ipv6: drop packets with multiple fragmentation headers 2013-09-14 06:02:10 -07:00
route.c net: Document dst->obsolete better. 2020-11-30 19:39:24 +03:00
sit.c net: Replace u64_stats_fetch_begin_bh to u64_stats_fetch_begin_irq 2020-11-30 19:26:49 +03:00
syncookies.c Revert "net: core: Support UID-based routing." 2017-08-27 19:09:20 +03:00
sysctl_net_ipv6.c net: add a sysctl to reflect the fwmark on replies 2014-05-12 22:39:57 -07:00
tcp_ipv6.c tcp: TCP Small Queues 2020-11-30 19:35:00 +03:00
tunnel6.c ipv6: fix tunnel error handling 2016-10-26 23:15:24 +08:00
udp.c Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1 2017-12-27 17:13:15 +03:00
udp_impl.h ipv6: do not clear pinet6 field 2017-12-15 22:54:52 +03:00
udplite.c ipv6: do not clear pinet6 field 2017-12-15 22:54:52 +03:00
xfrm6_input.c
xfrm6_mode_beet.c
xfrm6_mode_ro.c
xfrm6_mode_transport.c
xfrm6_mode_tunnel.c xfrm: allow to avoid copying DSCP during encapsulation 2020-11-30 19:39:33 +03:00
xfrm6_output.c ipv6: Fix IPsec pre-encap fragmentation check 2016-04-27 18:55:20 +08:00
xfrm6_policy.c xfrm6: release dev before returning error 2013-05-19 10:54:47 -07:00
xfrm6_state.c
xfrm6_tunnel.c