xfrm: netlink: add config (netlink) options

#define XFRM_MODE_ROUTEOPTIMIZATION 2

#define XFRM_MODE_IN_TRIGGER 3

#define XFRM_MODE_BEET 4

#define XFRM_MODE_MAX 5

#define XFRM_MODE_IPTFS 5

#define XFRM_MODE_MAX 6

/* Netlink configuration messages.  */

enum {

	XFRMA_SA_DIR,		/* __u8 */

	XFRMA_NAT_KEEPALIVE_INTERVAL,	/* __u32 in seconds for NAT keepalive */

	XFRMA_SA_PCPU,		/* __u32 */

	XFRMA_IPTFS_DROP_TIME,	/* __u32 in: usec to wait for next seq */

	XFRMA_IPTFS_REORDER_WINDOW, /* __u16 in: reorder window size (pkts) */

	XFRMA_IPTFS_DONT_FRAG,	/* out: don't use fragmentation */

	XFRMA_IPTFS_INIT_DELAY,	/* __u32 out: initial packet wait delay (usec) */

	XFRMA_IPTFS_MAX_QSIZE,	/* __u32 out: max ingress queue size (octets) */

	XFRMA_IPTFS_PKT_SIZE,	/* __u32 out: size of outer packet, 0 for PMTU */

	__XFRMA_MAX

#define XFRMA_OUTPUT_MARK XFRMA_SET_MARK	/* Compatibility */

	case XFRMA_SA_DIR:

	case XFRMA_NAT_KEEPALIVE_INTERVAL:

	case XFRMA_SA_PCPU:

	case XFRMA_IPTFS_DROP_TIME:

	case XFRMA_IPTFS_REORDER_WINDOW:

	case XFRMA_IPTFS_DONT_FRAG:

	case XFRMA_IPTFS_INIT_DELAY:

	case XFRMA_IPTFS_MAX_QSIZE:

	case XFRMA_IPTFS_PKT_SIZE:

		return xfrm_nla_cpy(dst, src, nla_len(src));

	default:

		BUILD_BUG_ON(XFRMA_MAX != XFRMA_SA_PCPU);

		BUILD_BUG_ON(XFRMA_MAX != XFRMA_IPTFS_PKT_SIZE);

		pr_warn_once("unsupported nla_type %d\n", src->nla_type);

		return -EOPNOTSUPP;

	}

	int err;

	if (type > XFRMA_MAX) {

		BUILD_BUG_ON(XFRMA_MAX != XFRMA_SA_PCPU);

		BUILD_BUG_ON(XFRMA_MAX != XFRMA_IPTFS_PKT_SIZE);

		NL_SET_ERR_MSG(extack, "Bad attribute");

		return -EOPNOTSUPP;

	}

			NL_SET_ERR_MSG(extack, "TFC padding can only be used in tunnel mode");

			goto out;

		}

		if ((attrs[XFRMA_IPTFS_DROP_TIME] ||

		     attrs[XFRMA_IPTFS_REORDER_WINDOW] ||

		     attrs[XFRMA_IPTFS_DONT_FRAG] ||

		     attrs[XFRMA_IPTFS_INIT_DELAY] ||

		     attrs[XFRMA_IPTFS_MAX_QSIZE] ||

		     attrs[XFRMA_IPTFS_PKT_SIZE]) &&

		    p->mode != XFRM_MODE_IPTFS) {

			NL_SET_ERR_MSG(extack, "IP-TFS options can only be used in IP-TFS mode");

			goto out;

		}

		break;

	case IPPROTO_COMP:

			goto out;

		}

		if (attrs[XFRMA_IPTFS_DROP_TIME]) {

			NL_SET_ERR_MSG(extack, "IP-TFS drop time should not be set for output SA");

			err = -EINVAL;

			goto out;

		}

		if (attrs[XFRMA_IPTFS_REORDER_WINDOW]) {

			NL_SET_ERR_MSG(extack, "IP-TFS reorder window should not be set for output SA");

			err = -EINVAL;

			goto out;

		}

		if (attrs[XFRMA_REPLAY_VAL]) {

			struct xfrm_replay_state *replay;

			}

		}

		if (attrs[XFRMA_IPTFS_DONT_FRAG]) {

			NL_SET_ERR_MSG(extack, "IP-TFS don't fragment should not be set for input SA");

			err = -EINVAL;

			goto out;

		}

		if (attrs[XFRMA_IPTFS_INIT_DELAY]) {

			NL_SET_ERR_MSG(extack, "IP-TFS initial delay should not be set for input SA");

			err = -EINVAL;

			goto out;

		}

		if (attrs[XFRMA_IPTFS_MAX_QSIZE]) {

			NL_SET_ERR_MSG(extack, "IP-TFS max queue size should not be set for input SA");

			err = -EINVAL;

			goto out;

		}

		if (attrs[XFRMA_IPTFS_PKT_SIZE]) {

			NL_SET_ERR_MSG(extack, "IP-TFS packet size should not be set for input SA");

			err = -EINVAL;

			goto out;

		}

	}

	if (!sa_dir && attrs[XFRMA_SA_PCPU]) {

	[XFRMA_SA_DIR]          = NLA_POLICY_RANGE(NLA_U8, XFRM_SA_DIR_IN, XFRM_SA_DIR_OUT),

	[XFRMA_NAT_KEEPALIVE_INTERVAL] = { .type = NLA_U32 },

	[XFRMA_SA_PCPU]		= { .type = NLA_U32 },

	[XFRMA_IPTFS_DROP_TIME]		= { .type = NLA_U32 },

	[XFRMA_IPTFS_REORDER_WINDOW]	= { .type = NLA_U16 },

	[XFRMA_IPTFS_DONT_FRAG]		= { .type = NLA_FLAG },

	[XFRMA_IPTFS_INIT_DELAY]	= { .type = NLA_U32 },

	[XFRMA_IPTFS_MAX_QSIZE]		= { .type = NLA_U32 },

	[XFRMA_IPTFS_PKT_SIZE]	= { .type = NLA_U32 },

};

EXPORT_SYMBOL_GPL(xfrma_policy);