diff options
author | Huw Davies <huw@codeweavers.com> | 2016-06-27 21:06:17 +0200 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2016-06-27 21:06:17 +0200 |
commit | 2e532b702834c07f614caf4489feb691e713232a (patch) | |
tree | 6214ab300ca11aaa1fe4ff47ee4b551a35794432 /include/net | |
parent | netlabel: Pass a family parameter to netlbl_skbuff_err(). (diff) | |
download | linux-2e532b702834c07f614caf4489feb691e713232a.tar.xz linux-2e532b702834c07f614caf4489feb691e713232a.zip |
calipso: Add validation of CALIPSO option.
Lengths, checksum and the DOI are checked. Checking of the
level and categories are left for the socket layer.
CRC validation is performed in the calipso module to avoid
unconditionally linking crc_ccitt() into ipv6.
Signed-off-by: Huw Davies <huw@codeweavers.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'include/net')
-rw-r--r-- | include/net/calipso.h | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/include/net/calipso.h b/include/net/calipso.h index 38dbb4707150..85404e2375d8 100644 --- a/include/net/calipso.h +++ b/include/net/calipso.h @@ -65,6 +65,7 @@ struct calipso_doi { #ifdef CONFIG_NETLABEL int __init calipso_init(void); void calipso_exit(void); +bool calipso_validate(const struct sk_buff *skb, const unsigned char *option); #else static inline int __init calipso_init(void) { @@ -74,6 +75,11 @@ static inline int __init calipso_init(void) static inline void calipso_exit(void) { } +static inline bool calipso_validate(const struct sk_buff *skb, + const unsigned char *option) +{ + return true; +} #endif /* CONFIG_NETLABEL */ #endif /* _CALIPSO_H */ |