From e175abaf894e3e2fea47406e2268d7eecb810df6 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Wed, 14 May 2025 10:16:55 +0200
Subject: [PATCH] include: Add XFRM mode and attributes for IP-TFS

---
 src/include/linux/xfrm.h                                 | 9 ++++++++-
 .../plugins/kernel_netlink/kernel_netlink_ipsec.c        | 6 ++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/include/linux/xfrm.h b/src/include/linux/xfrm.h
index 3a9865bd6d..09c1a54a5c 100644
--- a/src/include/linux/xfrm.h
+++ b/src/include/linux/xfrm.h
@@ -154,7 +154,8 @@ enum {
 #define XFRM_MODE_ROUTEOPTIMIZATION 2
 #define XFRM_MODE_IN_TRIGGER 3
 #define XFRM_MODE_BEET 4
-#define XFRM_MODE_MAX 5
+#define XFRM_MODE_IPTFS 5
+#define XFRM_MODE_MAX 6
 
 /* Netlink configuration messages.  */
 enum {
@@ -319,6 +320,12 @@ enum xfrm_attr_type_t {
 	XFRMA_SA_DIR,		/* __u8 */
 	XFRMA_NAT_KEEPALIVE_INTERVAL,	/* __u32 in seconds for NAT keepalive */
 	XFRMA_SA_PCPU,		/* __u32 */
+	XFRMA_IPTFS_DROP_TIME,	/* __u32 in: usec to wait for next seq */
+	XFRMA_IPTFS_REORDER_WINDOW, /* __u16 in: reorder window size (pkts) */
+	XFRMA_IPTFS_DONT_FRAG,	/* out: don't use fragmentation */
+	XFRMA_IPTFS_INIT_DELAY,	/* __u32 out: initial packet wait delay (usec) */
+	XFRMA_IPTFS_MAX_QSIZE,	/* __u32 out: max ingress queue size (octets) */
+	XFRMA_IPTFS_PKT_SIZE,	/* __u32 out: size of outer packet, 0 for PMTU */
 	__XFRMA_MAX
 
 #define XFRMA_OUTPUT_MARK XFRMA_SET_MARK	/* Compatibility */
diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
index 01d8736462..0ee7cfa238 100644
--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
@@ -205,6 +205,12 @@ ENUM(xfrm_attr_type_names, XFRMA_UNSPEC, __XFRMA_MAX,
 	"XFRMA_SA_DIR",
 	"XFRMA_NAT_KEEPALIVE_INTERVAL",
 	"XFRMA_SA_PCPU",
+	"XFRMA_IPTFS_DROP_TIME",
+	"XFRMA_IPTFS_REORDER_WINDOW",
+	"XFRMA_IPTFS_DONT_FRAG",
+	"XFRMA_IPTFS_INIT_DELAY",
+	"XFRMA_IPTFS_MAX_QSIZE",
+	"XFRMA_IPTFS_PKT_SIZE",
 	"XFRMA_MAX",
 );
 
-- 
2.47.2