[IPSEC]: Add support for combined mode algorithms
This patch adds support for combined mode algorithms with GCM being the first algorithm supported. Combined mode algorithms can be added through the xfrm_user interface using the new algorithm payload type XFRMA_ALG_AEAD. Each algorithms is identified by its name and the ICV length. For the purposes of matching algorithms in xfrm_tmpl structures, combined mode algorithms occupy the same name space as encryption algorithms. This is in line with how they are negotiated using IKE. Signed-off-by:Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by:
David S. Miller <davem@davemloft.net>
Showing
- include/linux/pfkeyv2.h 6 additions, 0 deletionsinclude/linux/pfkeyv2.h
- include/linux/xfrm.h 8 additions, 0 deletionsinclude/linux/xfrm.h
- include/net/xfrm.h 8 additions, 0 deletionsinclude/net/xfrm.h
- net/ipv4/esp4.c 58 additions, 13 deletionsnet/ipv4/esp4.c
- net/ipv6/esp6.c 61 additions, 16 deletionsnet/ipv6/esp6.c
- net/xfrm/xfrm_algo.c 138 additions, 0 deletionsnet/xfrm/xfrm_algo.c
- net/xfrm/xfrm_user.c 68 additions, 3 deletionsnet/xfrm/xfrm_user.c
Loading