mirror of
https://github.com/Fishwaldo/Star64_linux.git
synced 2025-07-22 23:04:43 +00:00
net: Add a xfrm validate function to validate_xmit_skb
When we do IPsec offloading, we need a fallback for packets that were targeted to be IPsec offloaded but rerouted to a device that does not support IPsec offload. For that we add a function that checks the offloading features of the sending device and and flags the requirement of a fallback before it calls the IPsec output function. The IPsec output function adds the IPsec trailer and does encryption if needed. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
This commit is contained in:
Steffen Klassert
parent
b3859c8ebf
commit
f6e27114a6
3 changed files with 38 additions and 0 deletions
|
|
@ -2972,6 +2972,9 @@ static struct sk_buff *validate_xmit_skb(struct sk_buff *skb, struct net_device
|
|||
__skb_linearize(skb))
|
||||
goto out_kfree_skb;
|
||||
|
||||
if (validate_xmit_xfrm(skb, features))
|
||||
goto out_kfree_skb;
|
||||
|
||||
/* If packet is not checksummed and device does not
|
||||
* support checksumming for this protocol, complete
|
||||
* checksumming here.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue