xref: /OK3568_Linux_fs/kernel/net/ipv4/xfrm4_output.c (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1*4882a593Smuzhiyun // SPDX-License-Identifier: GPL-2.0-or-later
2*4882a593Smuzhiyun /*
3*4882a593Smuzhiyun  * xfrm4_output.c - Common IPsec encapsulation code for IPv4.
4*4882a593Smuzhiyun  * Copyright (c) 2004 Herbert Xu <herbert@gondor.apana.org.au>
5*4882a593Smuzhiyun  */
6*4882a593Smuzhiyun 
7*4882a593Smuzhiyun #include <linux/if_ether.h>
8*4882a593Smuzhiyun #include <linux/kernel.h>
9*4882a593Smuzhiyun #include <linux/module.h>
10*4882a593Smuzhiyun #include <linux/skbuff.h>
11*4882a593Smuzhiyun #include <linux/netfilter_ipv4.h>
12*4882a593Smuzhiyun #include <net/dst.h>
13*4882a593Smuzhiyun #include <net/ip.h>
14*4882a593Smuzhiyun #include <net/xfrm.h>
15*4882a593Smuzhiyun #include <net/icmp.h>
16*4882a593Smuzhiyun 
__xfrm4_output(struct net * net,struct sock * sk,struct sk_buff * skb)17*4882a593Smuzhiyun static int __xfrm4_output(struct net *net, struct sock *sk, struct sk_buff *skb)
18*4882a593Smuzhiyun {
19*4882a593Smuzhiyun #ifdef CONFIG_NETFILTER
20*4882a593Smuzhiyun 	struct xfrm_state *x = skb_dst(skb)->xfrm;
21*4882a593Smuzhiyun 
22*4882a593Smuzhiyun 	if (!x) {
23*4882a593Smuzhiyun 		IPCB(skb)->flags |= IPSKB_REROUTED;
24*4882a593Smuzhiyun 		return dst_output(net, sk, skb);
25*4882a593Smuzhiyun 	}
26*4882a593Smuzhiyun #endif
27*4882a593Smuzhiyun 
28*4882a593Smuzhiyun 	return xfrm_output(sk, skb);
29*4882a593Smuzhiyun }
30*4882a593Smuzhiyun 
xfrm4_output(struct net * net,struct sock * sk,struct sk_buff * skb)31*4882a593Smuzhiyun int xfrm4_output(struct net *net, struct sock *sk, struct sk_buff *skb)
32*4882a593Smuzhiyun {
33*4882a593Smuzhiyun 	return NF_HOOK_COND(NFPROTO_IPV4, NF_INET_POST_ROUTING,
34*4882a593Smuzhiyun 			    net, sk, skb, skb->dev, skb_dst(skb)->dev,
35*4882a593Smuzhiyun 			    __xfrm4_output,
36*4882a593Smuzhiyun 			    !(IPCB(skb)->flags & IPSKB_REROUTED));
37*4882a593Smuzhiyun }
38*4882a593Smuzhiyun 
xfrm4_local_error(struct sk_buff * skb,u32 mtu)39*4882a593Smuzhiyun void xfrm4_local_error(struct sk_buff *skb, u32 mtu)
40*4882a593Smuzhiyun {
41*4882a593Smuzhiyun 	struct iphdr *hdr;
42*4882a593Smuzhiyun 
43*4882a593Smuzhiyun 	hdr = skb->encapsulation ? inner_ip_hdr(skb) : ip_hdr(skb);
44*4882a593Smuzhiyun 	ip_local_error(skb->sk, EMSGSIZE, hdr->daddr,
45*4882a593Smuzhiyun 		       inet_sk(skb->sk)->inet_dport, mtu);
46*4882a593Smuzhiyun }
47