[PFKEYV2]: CONFIG_NET_KEY_MIGRATE option
Add CONFIG_NET_KEY_MIGRATE option which makes it possible for user application to send or receive MIGRATE message to/from PF_KEY socket. Signed-off-by: Shinta Sugimoto <shinta.sugimoto@ericsson.com> Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
08de61beab
commit
f6ed0ec0ee
|
@ -45,4 +45,19 @@ config NET_KEY
|
||||||
|
|
||||||
Say Y unless you know what you are doing.
|
Say Y unless you know what you are doing.
|
||||||
|
|
||||||
|
config NET_KEY_MIGRATE
|
||||||
|
bool "PF_KEY MIGRATE (EXPERIMENTAL)"
|
||||||
|
depends on NET_KEY && EXPERIMENTAL
|
||||||
|
select XFRM_MIGRATE
|
||||||
|
---help---
|
||||||
|
Add a PF_KEY MIGRATE message to PF_KEYv2 socket family.
|
||||||
|
The PF_KEY MIGRATE message is used to dynamically update
|
||||||
|
locator(s) of a given IPsec security association.
|
||||||
|
This feature is required, for instance, in a Mobile IPv6
|
||||||
|
environment with IPsec configuration where mobile nodes
|
||||||
|
change their attachment point to the Internet. Detail
|
||||||
|
information can be found in the internet-draft
|
||||||
|
<draft-sugimoto-mip6-pfkey-migrate>.
|
||||||
|
|
||||||
|
If unsure, say N.
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue