executor: fix setup of xfrm device

XFRM device creation will fail w/o IFLA_XFRM_IF_ID attribute:
https://elixir.bootlin.com/linux/v6.0-rc4/source/net/xfrm/xfrm_interface.c#L648
Add this attribute.

This ID is also present in descriptions in at least 2 places.
In one we got it wrong, it's not ifindex (easy to confuse because of the name).
Fix it as well.

2 files changed, 5 insertions, 2 deletions

diff --git a/sys/linux/socket_netlink_route.txt b/sys/linux/socket_netlink_route.txt
index 6d2ad5c8b..a254880f1 100644
--- a/sys/linux/socket_netlink_route.txt
+++ b/sys/linux/socket_netlink_route.txt
@@ -407,7 +407,7 @@ ifla_vlan_qos_mapping {
 
 xfrmi_policy [
 	IFLA_XFRM_LINK	nlattr[IFLA_XFRM_LINK, int32[0:4]]
-	IFLA_XFRM_IF_ID	nlattr[IFLA_XFRM_IF_ID, int32[0:4]]
+	IFLA_XFRM_IF_ID	nlattr[IFLA_XFRM_IF_ID, xfrm_if_id]
 ] [varlen]
 
 hsr_policy [
diff --git a/sys/linux/socket_netlink_xfrm.txt b/sys/linux/socket_netlink_xfrm.txt
index 5f34f9797..d5552c735 100644
--- a/sys/linux/socket_netlink_xfrm.txt
+++ b/sys/linux/socket_netlink_xfrm.txt
@@ -14,6 +14,9 @@ type xfrm_req_id int32[13567:13575, opt]
 type xfrm_policy_index int32[7236528:7236544, opt]
 type xfrm_spi int32be[1234:1238]
 
+# Note: executor sets up xfrm0 device with XFRM_IF_ID=1.
+type xfrm_if_id int32[1:4]
+
 socket$nl_xfrm(domain const[AF_NETLINK], type const[SOCK_RAW], proto const[NETLINK_XFRM]) sock_nl_xfrm
 
 sendmsg$nl_xfrm(fd sock_nl_xfrm, msg ptr[in, msghdr_nl_xfrm], f flags[send_flags])
@@ -145,7 +148,7 @@ xfrma_policy [
 	address_filter		nlattr[XFRMA_ADDRESS_FILTER, xfrm_address_filter]
 	XFRMA_SET_MARK		nlattr[XFRMA_SET_MARK, int32]
 	XFRMA_SET_MARK_MASK	nlattr[XFRMA_SET_MARK_MASK, int32]
-	XFRMA_IF_ID		nlattr[XFRMA_IF_ID, ifindex]
+	XFRMA_IF_ID		nlattr[XFRMA_IF_ID, xfrm_if_id]
 ] [varlen]
 
 define XFRM_MAX_DEPTH	6