Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next

#define DST_NOPEER		0x0040

#define DST_FAKE_RTABLE		0x0080

#define DST_XFRM_TUNNEL		0x0100

#define DST_XFRM_QUEUE		0x0200

	unsigned short		pending_confirm;

	struct ctl_table_header	*frags_hdr;

	struct ctl_table_header	*ipv4_hdr;

	struct ctl_table_header *route_hdr;

	struct ctl_table_header *xfrm4_hdr;

#endif

	struct ipv4_devconf	*devconf_all;

	struct ipv4_devconf	*devconf_dflt;

	struct ctl_table_header *route_hdr;

	struct ctl_table_header *icmp_hdr;

	struct ctl_table_header *frags_hdr;

	struct ctl_table_header *xfrm6_hdr;

#endif

	int bindv6only;

	int flush_delay;

	u32 seq;

};

struct xfrm_policy_queue {

	struct sk_buff_head	hold_queue;

	struct timer_list	hold_timer;

	unsigned long		timeout;

};

struct xfrm_policy {

#ifdef CONFIG_NET_NS

	struct net		*xp_net;

	struct xfrm_lifetime_cfg lft;

	struct xfrm_lifetime_cur curlft;

	struct xfrm_policy_walk_entry walk;

	struct xfrm_policy_queue polq;

	u8			type;

	u8			action;

	u8			flags;

	char *name;

	char *compat;

	u8 available:1;

	u8 pfkey_supported:1;

	union {

		struct xfrm_algo_aead_info aead;

		struct xfrm_algo_auth_info auth;

extern int xfrm_parse_spi(struct sk_buff *skb, u8 nexthdr, __be32 *spi, __be32 *seq);

extern void xfrm_probe_algs(void);

extern int xfrm_count_auth_supported(void);

extern int xfrm_count_enc_supported(void);

extern int xfrm_count_pfkey_auth_supported(void);

extern int xfrm_count_pfkey_enc_supported(void);

extern struct xfrm_algo_desc *xfrm_aalg_get_byidx(unsigned int idx);

extern struct xfrm_algo_desc *xfrm_ealg_get_byidx(unsigned int idx);

extern struct xfrm_algo_desc *xfrm_aalg_get_byid(int alg_id);

	{ }

};

static struct ctl_table_header *sysctl_hdr;

#endif

static void __init xfrm4_policy_init(void)

static int __net_init xfrm4_net_init(struct net *net)

{

	xfrm_policy_register_afinfo(&xfrm4_policy_afinfo);

	struct ctl_table *table;

	struct ctl_table_header *hdr;

	table = xfrm4_policy_table;

	if (!net_eq(net, &init_net)) {

		table = kmemdup(table, sizeof(xfrm4_policy_table), GFP_KERNEL);

		if (!table)

			goto err_alloc;

		table[0].data = &net->xfrm.xfrm4_dst_ops.gc_thresh;

	}

	hdr = register_net_sysctl(net, "net/ipv4", table);

	if (!hdr)

		goto err_reg;

	net->ipv4.xfrm4_hdr = hdr;

	return 0;

err_reg:

	if (!net_eq(net, &init_net))

		kfree(table);

err_alloc:

	return -ENOMEM;

}

static void __exit xfrm4_policy_fini(void)

static void __net_exit xfrm4_net_exit(struct net *net)

{

#ifdef CONFIG_SYSCTL

	if (sysctl_hdr)

		unregister_net_sysctl_table(sysctl_hdr);

	struct ctl_table *table;

	if (net->ipv4.xfrm4_hdr == NULL)

		return;

	table = net->ipv4.xfrm4_hdr->ctl_table_arg;

	unregister_net_sysctl_table(net->ipv4.xfrm4_hdr);

	if (!net_eq(net, &init_net))

		kfree(table);

}

static struct pernet_operations __net_initdata xfrm4_net_ops = {

	.init	= xfrm4_net_init,

	.exit	= xfrm4_net_exit,

};

#endif

	xfrm_policy_unregister_afinfo(&xfrm4_policy_afinfo);

static void __init xfrm4_policy_init(void)

{

	xfrm_policy_register_afinfo(&xfrm4_policy_afinfo);

}

void __init xfrm4_init(void)

	xfrm4_state_init();

	xfrm4_policy_init();

#ifdef CONFIG_SYSCTL

	sysctl_hdr = register_net_sysctl(&init_net, "net/ipv4",

					 xfrm4_policy_table);

	register_pernet_subsys(&xfrm4_net_ops);

#endif

}