XFRM overview

At the begining of my analysis, I split IPsec into two parts:xfrm and sadb engine. Now i 'd like to focus on the xfrm and use netlink to commucate with sadb engine. (some guy use pf-key insead of netlink, it's okay).

The following diagram describes the relationship between xfrm and sadb engine:

sadb engine
-----------------------------↑　user space
netlink sys-call
-----------------------------↓　kernel space
xfrm

Let's go into a little detail:

sk1---------sk2 --------sk3
↓
===== system call =====
sys_sendmsg
↓
===== netlink layer =====
netlink_sendmsg
↓
netlink_broadcast--->sk2 /sk3 rcv queue
↓
netlink_unitcast
↓
===== xfrm layer =====
do xfrm callback: xfrm_netlink_rcv-->xfrm_user_rcv_msg

xfrmsk1-->xxx_notify/acq
===== xfrm layer mirror =====
↓
netlink_broadcast--->sk1/sk2 /sk3 rcv queue
===== netlink layer mirror =====
After calling netlink_broadcast every receive_queue in each sk(1,2,3) has data, and if *sadb engine* calls recvmsg, it will get what he needs.
+recvmsg
..+sys_recvmsg
....-netlink_recvmsg-->skb_recv_datagram-->skb_dequeue
Also xfrm will fetch his data through xfrm_user_rcv_msg.

As the description of the above, we just know how xfrm and sadb communicate with each other, what's more, we should understand that each message between the xfrm and sadb are strict-formated(if you wanna learn more , pls search *xfrm_dispatch* in net/xfrm/xfrm_user.c)

(to be continue ...)