]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blame - net/xfrm/xfrm_state.c
projects / mirror_ubuntu-artful-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[NET] loopback: minor statistics optimization
[mirror_ubuntu-artful-kernel.git] / net / xfrm / xfrm_state.c
CommitLineData
1da177e4
LT		 1/*
2 * xfrm_state.c
3 *
4 * Changes:
5 * Mitsuru KANDA @USAGI
6 * Kazunori MIYAZAWA @USAGI
7 * Kunihiro Ishiguro <kunihiro@ipinfusion.com>
8 * IPv6 support
9 * YOSHIFUJI Hideaki @USAGI
10 * Split up af-specific functions
11 * Derek Atkins <derek@ihtfp.com>
12 * Add UDP Encapsulation
df71837d 13 *
1da177e4
LT		 14 */
15
16#include <linux/workqueue.h>
17#include <net/xfrm.h>
18#include <linux/pfkeyv2.h>
19#include <linux/ipsec.h>
20#include <linux/module.h>
f034b5d4 21#include <linux/cache.h>
1da177e4
LT		 22#include <asm/uaccess.h>
23
44e36b42
DM		 24#include "xfrm_hash.h"
25
ee857a7d
DM		 26struct sock *xfrm_nl;
27EXPORT_SYMBOL(xfrm_nl);
28
f8cd5488 29u32 sysctl_xfrm_aevent_etime = XFRM_AE_ETIME;
a70fcb0b
DM		 30EXPORT_SYMBOL(sysctl_xfrm_aevent_etime);
31
f8cd5488 32u32 sysctl_xfrm_aevent_rseqth = XFRM_AE_SEQT_SIZE;
a70fcb0b
DM		 33EXPORT_SYMBOL(sysctl_xfrm_aevent_rseqth);
34
1da177e4
LT		 35/* Each xfrm_state may be linked to two tables:
36
37 1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl)
a624c108 38 2. Hash table by (daddr,family,reqid) to find what SAs exist for given
1da177e4
LT		 39 destination/tunnel endpoint. (output)
40 */
41
42static DEFINE_SPINLOCK(xfrm_state_lock);
43
44/* Hash table to find appropriate SA towards given target (endpoint
45 * of tunnel or destination of transport mode) allowed by selector.
46 *
47 * Main use is finding SA after policy selected tunnel or transport mode.
48 * Also, it can be used by ah/esp icmp error handler to find offending SA.
49 */
f034b5d4
DM		 50static struct hlist_head *xfrm_state_bydst __read_mostly;
51static struct hlist_head *xfrm_state_bysrc __read_mostly;
52static struct hlist_head *xfrm_state_byspi __read_mostly;
53static unsigned int xfrm_state_hmask __read_mostly;
54static unsigned int xfrm_state_hashmax __read_mostly = 1 * 1024 * 1024;
55static unsigned int xfrm_state_num;
9d4a706d 56static unsigned int xfrm_state_genid;
f034b5d4 57
c1969f29
DM		 58static inline unsigned int xfrm_dst_hash(xfrm_address_t *daddr,
59 xfrm_address_t *saddr,
60 u32 reqid,
a624c108 61 unsigned short family)
f034b5d4 62{
c1969f29 63 return __xfrm_dst_hash(daddr, saddr, reqid, family, xfrm_state_hmask);
f034b5d4
DM		 64}
65
44e36b42
DM		 66static inline unsigned int xfrm_src_hash(xfrm_address_t *addr,
67 unsigned short family)
f034b5d4 68{
a624c108 69 return __xfrm_src_hash(addr, family, xfrm_state_hmask);
f034b5d4
DM		 70}
71
f034b5d4 72static inline unsigned int
8122adf0 73xfrm_spi_hash(xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family)
f034b5d4 74{
c1969f29 75 return __xfrm_spi_hash(daddr, spi, proto, family, xfrm_state_hmask);
f034b5d4
DM		 76}
77
f034b5d4
DM		 78static void xfrm_hash_transfer(struct hlist_head *list,
79 struct hlist_head *ndsttable,
80 struct hlist_head *nsrctable,
81 struct hlist_head *nspitable,
82 unsigned int nhashmask)
83{
84 struct hlist_node *entry, *tmp;
85 struct xfrm_state *x;
86
87 hlist_for_each_entry_safe(x, entry, tmp, list, bydst) {
88 unsigned int h;
89
c1969f29
DM		 90 h = __xfrm_dst_hash(&x->id.daddr, &x->props.saddr,
91 x->props.reqid, x->props.family,
92 nhashmask);
f034b5d4
DM		 93 hlist_add_head(&x->bydst, ndsttable+h);
94
95 h = __xfrm_src_hash(&x->props.saddr, x->props.family,
96 nhashmask);
97 hlist_add_head(&x->bysrc, nsrctable+h);
98
99 h = __xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto,
100 x->props.family, nhashmask);
101 hlist_add_head(&x->byspi, nspitable+h);
102 }
103}
104
105static unsigned long xfrm_hash_new_size(void)
106{
107 return ((xfrm_state_hmask + 1) << 1) *
108 sizeof(struct hlist_head);
109}
110
111static DEFINE_MUTEX(hash_resize_mutex);
112
113static void xfrm_hash_resize(void *__unused)
114{
115 struct hlist_head *ndst, *nsrc, *nspi, *odst, *osrc, *ospi;
116 unsigned long nsize, osize;
117 unsigned int nhashmask, ohashmask;
118 int i;
119
120 mutex_lock(&hash_resize_mutex);
121
122 nsize = xfrm_hash_new_size();
44e36b42 123 ndst = xfrm_hash_alloc(nsize);
f034b5d4
DM		 124 if (!ndst)
125 goto out_unlock;
44e36b42 126 nsrc = xfrm_hash_alloc(nsize);
f034b5d4 127 if (!nsrc) {
44e36b42 128 xfrm_hash_free(ndst, nsize);
f034b5d4
DM		 129 goto out_unlock;
130 }
44e36b42 131 nspi = xfrm_hash_alloc(nsize);
f034b5d4 132 if (!nspi) {
44e36b42
DM		 133 xfrm_hash_free(ndst, nsize);
134 xfrm_hash_free(nsrc, nsize);
f034b5d4
DM		 135 goto out_unlock;
136 }
137
138 spin_lock_bh(&xfrm_state_lock);
139
140 nhashmask = (nsize / sizeof(struct hlist_head)) - 1U;
141 for (i = xfrm_state_hmask; i >= 0; i--)
142 xfrm_hash_transfer(xfrm_state_bydst+i, ndst, nsrc, nspi,
143 nhashmask);
144
145 odst = xfrm_state_bydst;
146 osrc = xfrm_state_bysrc;
147 ospi = xfrm_state_byspi;
148 ohashmask = xfrm_state_hmask;
149
150 xfrm_state_bydst = ndst;
151 xfrm_state_bysrc = nsrc;
152 xfrm_state_byspi = nspi;
153 xfrm_state_hmask = nhashmask;
154
155 spin_unlock_bh(&xfrm_state_lock);
156
157 osize = (ohashmask + 1) * sizeof(struct hlist_head);
44e36b42
DM		 158 xfrm_hash_free(odst, osize);
159 xfrm_hash_free(osrc, osize);
160 xfrm_hash_free(ospi, osize);
f034b5d4
DM		 161
162out_unlock:
163 mutex_unlock(&hash_resize_mutex);
164}
165
166static DECLARE_WORK(xfrm_hash_work, xfrm_hash_resize, NULL);
167
1da177e4
LT		 168DECLARE_WAIT_QUEUE_HEAD(km_waitq);
169EXPORT_SYMBOL(km_waitq);
170
171static DEFINE_RWLOCK(xfrm_state_afinfo_lock);
172static struct xfrm_state_afinfo *xfrm_state_afinfo[NPROTO];
173
174static struct work_struct xfrm_state_gc_work;
8f126e37 175static HLIST_HEAD(xfrm_state_gc_list);
1da177e4
LT		 176static DEFINE_SPINLOCK(xfrm_state_gc_lock);
177
53bc6b4d 178int __xfrm_state_delete(struct xfrm_state *x);
1da177e4
LT		 179
180static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family);
181static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo);
182
980ebd25 183int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol);
53bc6b4d 184void km_state_expired(struct xfrm_state *x, int hard, u32 pid);
1da177e4
LT		 185
186static void xfrm_state_gc_destroy(struct xfrm_state *x)
187{
a47f0ce0
DM		 188 del_timer_sync(&x->timer);
189 del_timer_sync(&x->rtimer);
a51482bd
JJ		 190 kfree(x->aalg);
191 kfree(x->ealg);
192 kfree(x->calg);
193 kfree(x->encap);
060f02a3 194 kfree(x->coaddr);
b59f45d0
HX		 195 if (x->mode)
196 xfrm_put_mode(x->mode);
1da177e4
LT		 197 if (x->type) {
198 x->type->destructor(x);
199 xfrm_put_type(x->type);
200 }
df71837d 201 security_xfrm_state_free(x);
1da177e4
LT		 202 kfree(x);
203}
204
205static void xfrm_state_gc_task(void *data)
206{
207 struct xfrm_state *x;
8f126e37
DM		 208 struct hlist_node *entry, *tmp;
209 struct hlist_head gc_list;
1da177e4 210
1da177e4 211 spin_lock_bh(&xfrm_state_gc_lock);
8f126e37
DM		 212 gc_list.first = xfrm_state_gc_list.first;
213 INIT_HLIST_HEAD(&xfrm_state_gc_list);
1da177e4
LT		 214 spin_unlock_bh(&xfrm_state_gc_lock);
215
8f126e37 216 hlist_for_each_entry_safe(x, entry, tmp, &gc_list, bydst)
1da177e4 217 xfrm_state_gc_destroy(x);
8f126e37 218
1da177e4
LT		 219 wake_up(&km_waitq);
220}
221
222static inline unsigned long make_jiffies(long secs)
223{
224 if (secs >= (MAX_SCHEDULE_TIMEOUT-1)/HZ)
225 return MAX_SCHEDULE_TIMEOUT-1;
226 else
227 return secs*HZ;
228}
229
230static void xfrm_timer_handler(unsigned long data)
231{
232 struct xfrm_state *x = (struct xfrm_state*)data;
233 unsigned long now = (unsigned long)xtime.tv_sec;
234 long next = LONG_MAX;
235 int warn = 0;
236
237 spin_lock(&x->lock);
238 if (x->km.state == XFRM_STATE_DEAD)
239 goto out;
240 if (x->km.state == XFRM_STATE_EXPIRED)
241 goto expired;
242 if (x->lft.hard_add_expires_seconds) {
243 long tmo = x->lft.hard_add_expires_seconds +
244 x->curlft.add_time - now;
245 if (tmo <= 0)
246 goto expired;
247 if (tmo < next)
248 next = tmo;
249 }
250 if (x->lft.hard_use_expires_seconds) {
251 long tmo = x->lft.hard_use_expires_seconds +
252 (x->curlft.use_time ? : now) - now;
253 if (tmo <= 0)
254 goto expired;
255 if (tmo < next)
256 next = tmo;
257 }
258 if (x->km.dying)
259 goto resched;
260 if (x->lft.soft_add_expires_seconds) {
261 long tmo = x->lft.soft_add_expires_seconds +
262 x->curlft.add_time - now;
263 if (tmo <= 0)
264 warn = 1;
265 else if (tmo < next)
266 next = tmo;
267 }
268 if (x->lft.soft_use_expires_seconds) {
269 long tmo = x->lft.soft_use_expires_seconds +
270 (x->curlft.use_time ? : now) - now;
271 if (tmo <= 0)
272 warn = 1;
273 else if (tmo < next)
274 next = tmo;
275 }
276
4666faab 277 x->km.dying = warn;
1da177e4 278 if (warn)
53bc6b4d 279 km_state_expired(x, 0, 0);
1da177e4 280resched:
a47f0ce0
DM		 281 if (next != LONG_MAX)
282 mod_timer(&x->timer, jiffies + make_jiffies(next));
283
1da177e4
LT		 284 goto out;
285
286expired:
287 if (x->km.state == XFRM_STATE_ACQ && x->id.spi == 0) {
288 x->km.state = XFRM_STATE_EXPIRED;
289 wake_up(&km_waitq);
290 next = 2;
291 goto resched;
292 }
4666faab 293 if (!__xfrm_state_delete(x) && x->id.spi)
53bc6b4d 294 km_state_expired(x, 1, 0);
1da177e4
LT		 295
296out:
297 spin_unlock(&x->lock);
1da177e4
LT		 298}
299
0ac84752
DM		 300static void xfrm_replay_timer_handler(unsigned long data);
301
1da177e4
LT		 302struct xfrm_state *xfrm_state_alloc(void)
303{
304 struct xfrm_state *x;
305
0da974f4 306 x = kzalloc(sizeof(struct xfrm_state), GFP_ATOMIC);
1da177e4
LT		 307
308 if (x) {
1da177e4
LT		 309 atomic_set(&x->refcnt, 1);
310 atomic_set(&x->tunnel_users, 0);
8f126e37
DM		 311 INIT_HLIST_NODE(&x->bydst);
312 INIT_HLIST_NODE(&x->bysrc);
313 INIT_HLIST_NODE(&x->byspi);
1da177e4
LT		 314 init_timer(&x->timer);
315 x->timer.function = xfrm_timer_handler;
316 x->timer.data = (unsigned long)x;
f8cd5488
JHS		 317 init_timer(&x->rtimer);
318 x->rtimer.function = xfrm_replay_timer_handler;
319 x->rtimer.data = (unsigned long)x;
1da177e4
LT		 320 x->curlft.add_time = (unsigned long)xtime.tv_sec;
321 x->lft.soft_byte_limit = XFRM_INF;
322 x->lft.soft_packet_limit = XFRM_INF;
323 x->lft.hard_byte_limit = XFRM_INF;
324 x->lft.hard_packet_limit = XFRM_INF;
f8cd5488
JHS		 325 x->replay_maxage = 0;
326 x->replay_maxdiff = 0;
1da177e4
LT		 327 spin_lock_init(&x->lock);
328 }
329 return x;
330}
331EXPORT_SYMBOL(xfrm_state_alloc);
332
333void __xfrm_state_destroy(struct xfrm_state *x)
334{
335 BUG_TRAP(x->km.state == XFRM_STATE_DEAD);
336
337 spin_lock_bh(&xfrm_state_gc_lock);
8f126e37 338 hlist_add_head(&x->bydst, &xfrm_state_gc_list);
1da177e4
LT		 339 spin_unlock_bh(&xfrm_state_gc_lock);
340 schedule_work(&xfrm_state_gc_work);
341}
342EXPORT_SYMBOL(__xfrm_state_destroy);
343
53bc6b4d 344int __xfrm_state_delete(struct xfrm_state *x)
1da177e4 345{
26b15dad
JHS		 346 int err = -ESRCH;
347
1da177e4
LT		 348 if (x->km.state != XFRM_STATE_DEAD) {
349 x->km.state = XFRM_STATE_DEAD;
350 spin_lock(&xfrm_state_lock);
8f126e37 351 hlist_del(&x->bydst);
8f126e37 352 hlist_del(&x->bysrc);
a47f0ce0 353 if (x->id.spi)
8f126e37 354 hlist_del(&x->byspi);
f034b5d4 355 xfrm_state_num--;
1da177e4 356 spin_unlock(&xfrm_state_lock);
1da177e4 357
1da177e4
LT		 358 /* All xfrm_state objects are created by xfrm_state_alloc.
359 * The xfrm_state_alloc call gives a reference, and that
360 * is what we are dropping here.
361 */
21380b81 362 __xfrm_state_put(x);
26b15dad 363 err = 0;
1da177e4 364 }
26b15dad
JHS		 365
366 return err;
1da177e4 367}
53bc6b4d 368EXPORT_SYMBOL(__xfrm_state_delete);
1da177e4 369
26b15dad 370int xfrm_state_delete(struct xfrm_state *x)
1da177e4 371{
26b15dad
JHS		 372 int err;
373
1da177e4 374 spin_lock_bh(&x->lock);
26b15dad 375 err = __xfrm_state_delete(x);
1da177e4 376 spin_unlock_bh(&x->lock);
26b15dad
JHS		 377
378 return err;
1da177e4
LT		 379}
380EXPORT_SYMBOL(xfrm_state_delete);
381
382void xfrm_state_flush(u8 proto)
383{
384 int i;
1da177e4
LT		 385
386 spin_lock_bh(&xfrm_state_lock);
a9917c06 387 for (i = 0; i <= xfrm_state_hmask; i++) {
8f126e37
DM		 388 struct hlist_node *entry;
389 struct xfrm_state *x;
1da177e4 390restart:
8f126e37 391 hlist_for_each_entry(x, entry, xfrm_state_bydst+i, bydst) {
1da177e4 392 if (!xfrm_state_kern(x) &&
5794708f 393 xfrm_id_proto_match(x->id.proto, proto)) {
1da177e4
LT		 394 xfrm_state_hold(x);
395 spin_unlock_bh(&xfrm_state_lock);
396
397 xfrm_state_delete(x);
398 xfrm_state_put(x);
399
400 spin_lock_bh(&xfrm_state_lock);
401 goto restart;
402 }
403 }
404 }
405 spin_unlock_bh(&xfrm_state_lock);
406 wake_up(&km_waitq);
407}
408EXPORT_SYMBOL(xfrm_state_flush);
409
410static int
411xfrm_init_tempsel(struct xfrm_state *x, struct flowi *fl,
412 struct xfrm_tmpl *tmpl,
413 xfrm_address_t *daddr, xfrm_address_t *saddr,
414 unsigned short family)
415{
416 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
417 if (!afinfo)
418 return -1;
419 afinfo->init_tempsel(x, fl, tmpl, daddr, saddr);
420 xfrm_state_put_afinfo(afinfo);
421 return 0;
422}
423
a94cfd19 424static struct xfrm_state *__xfrm_state_lookup(xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family)
edcd5821
DM		 425{
426 unsigned int h = xfrm_spi_hash(daddr, spi, proto, family);
427 struct xfrm_state *x;
8f126e37 428 struct hlist_node *entry;
edcd5821 429
8f126e37 430 hlist_for_each_entry(x, entry, xfrm_state_byspi+h, byspi) {
edcd5821
DM		 431 if (x->props.family != family ||
432 x->id.spi != spi ||
433 x->id.proto != proto)
434 continue;
435
436 switch (family) {
437 case AF_INET:
438 if (x->id.daddr.a4 != daddr->a4)
439 continue;
440 break;
441 case AF_INET6:
442 if (!ipv6_addr_equal((struct in6_addr *)daddr,
443 (struct in6_addr *)
444 x->id.daddr.a6))
445 continue;
446 break;
447 };
448
449 xfrm_state_hold(x);
450 return x;
451 }
452
453 return NULL;
454}
455
456static struct xfrm_state *__xfrm_state_lookup_byaddr(xfrm_address_t *daddr, xfrm_address_t *saddr, u8 proto, unsigned short family)
457{
458 unsigned int h = xfrm_src_hash(saddr, family);
459 struct xfrm_state *x;
8f126e37 460 struct hlist_node *entry;
edcd5821 461
8f126e37 462 hlist_for_each_entry(x, entry, xfrm_state_bysrc+h, bysrc) {
edcd5821
DM		 463 if (x->props.family != family ||
464 x->id.proto != proto)
465 continue;
466
467 switch (family) {
468 case AF_INET:
469 if (x->id.daddr.a4 != daddr->a4 ||
470 x->props.saddr.a4 != saddr->a4)
471 continue;
472 break;
473 case AF_INET6:
474 if (!ipv6_addr_equal((struct in6_addr *)daddr,
475 (struct in6_addr *)
476 x->id.daddr.a6) ||
477 !ipv6_addr_equal((struct in6_addr *)saddr,
478 (struct in6_addr *)
479 x->props.saddr.a6))
480 continue;
481 break;
482 };
483
484 xfrm_state_hold(x);
485 return x;
486 }
487
488 return NULL;
489}
490
491static inline struct xfrm_state *
492__xfrm_state_locate(struct xfrm_state *x, int use_spi, int family)
493{
494 if (use_spi)
495 return __xfrm_state_lookup(&x->id.daddr, x->id.spi,
496 x->id.proto, family);
497 else
498 return __xfrm_state_lookup_byaddr(&x->id.daddr,
499 &x->props.saddr,
500 x->id.proto, family);
501}
502
1da177e4
LT		 503struct xfrm_state *
504xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
505 struct flowi *fl, struct xfrm_tmpl *tmpl,
506 struct xfrm_policy *pol, int *err,
507 unsigned short family)
508{
c1969f29 509 unsigned int h = xfrm_dst_hash(daddr, saddr, tmpl->reqid, family);
8f126e37 510 struct hlist_node *entry;
1da177e4
LT		 511 struct xfrm_state *x, *x0;
512 int acquire_in_progress = 0;
513 int error = 0;
514 struct xfrm_state *best = NULL;
1da177e4 515
1da177e4 516 spin_lock_bh(&xfrm_state_lock);
8f126e37 517 hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) {
1da177e4
LT		 518 if (x->props.family == family &&
519 x->props.reqid == tmpl->reqid &&
fbd9a5b4 520 !(x->props.flags & XFRM_STATE_WILDRECV) &&
1da177e4
LT		 521 xfrm_state_addr_check(x, daddr, saddr, family) &&
522 tmpl->mode == x->props.mode &&
523 tmpl->id.proto == x->id.proto &&
524 (tmpl->id.spi == x->id.spi || !tmpl->id.spi)) {
525 /* Resolution logic:
526 1. There is a valid state with matching selector.
527 Done.
528 2. Valid state with inappropriate selector. Skip.
529
530 Entering area of "sysdeps".
531
532 3. If state is not valid, selector is temporary,
533 it selects only session which triggered
534 previous resolution. Key manager will do
535 something to install a state with proper
536 selector.
537 */
538 if (x->km.state == XFRM_STATE_VALID) {
df71837d 539 if (!xfrm_selector_match(&x->sel, fl, family) ||
e0d1caa7 540 !security_xfrm_state_pol_flow_match(x, pol, fl))
1da177e4
LT		 541 continue;
542 if (!best ||
543 best->km.dying > x->km.dying ||
544 (best->km.dying == x->km.dying &&
545 best->curlft.add_time < x->curlft.add_time))
546 best = x;
547 } else if (x->km.state == XFRM_STATE_ACQ) {
548 acquire_in_progress = 1;
549 } else if (x->km.state == XFRM_STATE_ERROR ||
550 x->km.state == XFRM_STATE_EXPIRED) {
df71837d 551 if (xfrm_selector_match(&x->sel, fl, family) &&
e0d1caa7 552 security_xfrm_state_pol_flow_match(x, pol, fl))
1da177e4
LT		 553 error = -ESRCH;
554 }
555 }
556 }
557
558 x = best;
559 if (!x && !error && !acquire_in_progress) {
5c5d281a 560 if (tmpl->id.spi &&
edcd5821
DM		 561 (x0 = __xfrm_state_lookup(daddr, tmpl->id.spi,
562 tmpl->id.proto, family)) != NULL) {
1da177e4
LT		 563 xfrm_state_put(x0);
564 error = -EEXIST;
565 goto out;
566 }
567 x = xfrm_state_alloc();
568 if (x == NULL) {
569 error = -ENOMEM;
570 goto out;
571 }
572 /* Initialize temporary selector matching only
573 * to current session. */
574 xfrm_init_tempsel(x, fl, tmpl, daddr, saddr, family);
575
e0d1caa7
VY		 576 error = security_xfrm_state_alloc_acquire(x, pol->security, fl->secid);
577 if (error) {
578 x->km.state = XFRM_STATE_DEAD;
579 xfrm_state_put(x);
580 x = NULL;
581 goto out;
582 }
583
1da177e4
LT		 584 if (km_query(x, tmpl, pol) == 0) {
585 x->km.state = XFRM_STATE_ACQ;
8f126e37 586 hlist_add_head(&x->bydst, xfrm_state_bydst+h);
8f126e37
DM		 587 h = xfrm_src_hash(saddr, family);
588 hlist_add_head(&x->bysrc, xfrm_state_bysrc+h);
1da177e4
LT		 589 if (x->id.spi) {
590 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, family);
8f126e37 591 hlist_add_head(&x->byspi, xfrm_state_byspi+h);
1da177e4
LT		 592 }
593 x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES;
1da177e4
LT		 594 x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ;
595 add_timer(&x->timer);
596 } else {
597 x->km.state = XFRM_STATE_DEAD;
598 xfrm_state_put(x);
599 x = NULL;
600 error = -ESRCH;
601 }
602 }
603out:
604 if (x)
605 xfrm_state_hold(x);
606 else
607 *err = acquire_in_progress ? -EAGAIN : error;
608 spin_unlock_bh(&xfrm_state_lock);
1da177e4
LT		 609 return x;
610}
611
612static void __xfrm_state_insert(struct xfrm_state *x)
613{
a624c108 614 unsigned int h;
1da177e4 615
9d4a706d
DM		 616 x->genid = ++xfrm_state_genid;
617
c1969f29
DM		 618 h = xfrm_dst_hash(&x->id.daddr, &x->props.saddr,
619 x->props.reqid, x->props.family);
8f126e37 620 hlist_add_head(&x->bydst, xfrm_state_bydst+h);
1da177e4 621
6c44e6b7 622 h = xfrm_src_hash(&x->props.saddr, x->props.family);
8f126e37 623 hlist_add_head(&x->bysrc, xfrm_state_bysrc+h);
1da177e4 624
6c44e6b7
MN		 625 if (xfrm_id_proto_match(x->id.proto, IPSEC_PROTO_ANY)) {
626 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto,
627 x->props.family);
628
8f126e37 629 hlist_add_head(&x->byspi, xfrm_state_byspi+h);
6c44e6b7
MN		 630 }
631
a47f0ce0
DM		 632 mod_timer(&x->timer, jiffies + HZ);
633 if (x->replay_maxage)
634 mod_timer(&x->rtimer, jiffies + x->replay_maxage);
f8cd5488 635
1da177e4 636 wake_up(&km_waitq);
f034b5d4
DM		 637
638 xfrm_state_num++;
639
640 if (x->bydst.next != NULL &&
641 (xfrm_state_hmask + 1) < xfrm_state_hashmax &&
642 xfrm_state_num > xfrm_state_hmask)
643 schedule_work(&xfrm_hash_work);
1da177e4
LT		 644}
645
c7f5ea3a
DM		 646/* xfrm_state_lock is held */
647static void __xfrm_state_bump_genids(struct xfrm_state *xnew)
648{
649 unsigned short family = xnew->props.family;
650 u32 reqid = xnew->props.reqid;
651 struct xfrm_state *x;
652 struct hlist_node *entry;
653 unsigned int h;
654
c1969f29 655 h = xfrm_dst_hash(&xnew->id.daddr, &xnew->props.saddr, reqid, family);
c7f5ea3a
DM		 656 hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) {
657 if (x->props.family == family &&
658 x->props.reqid == reqid &&
c1969f29
DM		 659 !xfrm_addr_cmp(&x->id.daddr, &xnew->id.daddr, family) &&
660 !xfrm_addr_cmp(&x->props.saddr, &xnew->props.saddr, family))
c7f5ea3a
DM		 661 x->genid = xfrm_state_genid;
662 }
663}
664
1da177e4
LT		 665void xfrm_state_insert(struct xfrm_state *x)
666{
667 spin_lock_bh(&xfrm_state_lock);
c7f5ea3a 668 __xfrm_state_bump_genids(x);
1da177e4
LT		 669 __xfrm_state_insert(x);
670 spin_unlock_bh(&xfrm_state_lock);
671}
672EXPORT_SYMBOL(xfrm_state_insert);
673
2770834c
DM		 674/* xfrm_state_lock is held */
675static struct xfrm_state *__find_acq_core(unsigned short family, u8 mode, u32 reqid, u8 proto, xfrm_address_t *daddr, xfrm_address_t *saddr, int create)
676{
c1969f29 677 unsigned int h = xfrm_dst_hash(daddr, saddr, reqid, family);
8f126e37 678 struct hlist_node *entry;
2770834c
DM		 679 struct xfrm_state *x;
680
8f126e37 681 hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) {
2770834c
DM		 682 if (x->props.reqid != reqid ||
683 x->props.mode != mode ||
684 x->props.family != family ||
685 x->km.state != XFRM_STATE_ACQ ||
686 x->id.spi != 0)
687 continue;
688
689 switch (family) {
690 case AF_INET:
691 if (x->id.daddr.a4 != daddr->a4 ||
692 x->props.saddr.a4 != saddr->a4)
693 continue;
694 break;
695 case AF_INET6:
696 if (!ipv6_addr_equal((struct in6_addr *)x->id.daddr.a6,
697 (struct in6_addr *)daddr) ||
698 !ipv6_addr_equal((struct in6_addr *)
699 x->props.saddr.a6,
700 (struct in6_addr *)saddr))
701 continue;
702 break;
703 };
704
705 xfrm_state_hold(x);
706 return x;
707 }
708
709 if (!create)
710 return NULL;
711
712 x = xfrm_state_alloc();
713 if (likely(x)) {
714 switch (family) {
715 case AF_INET:
716 x->sel.daddr.a4 = daddr->a4;
717 x->sel.saddr.a4 = saddr->a4;
718 x->sel.prefixlen_d = 32;
719 x->sel.prefixlen_s = 32;
720 x->props.saddr.a4 = saddr->a4;
721 x->id.daddr.a4 = daddr->a4;
722 break;
723
724 case AF_INET6:
725 ipv6_addr_copy((struct in6_addr *)x->sel.daddr.a6,
726 (struct in6_addr *)daddr);
727 ipv6_addr_copy((struct in6_addr *)x->sel.saddr.a6,
728 (struct in6_addr *)saddr);
729 x->sel.prefixlen_d = 128;
730 x->sel.prefixlen_s = 128;
731 ipv6_addr_copy((struct in6_addr *)x->props.saddr.a6,
732 (struct in6_addr *)saddr);
733 ipv6_addr_copy((struct in6_addr *)x->id.daddr.a6,
734 (struct in6_addr *)daddr);
735 break;
736 };
737
738 x->km.state = XFRM_STATE_ACQ;
739 x->id.proto = proto;
740 x->props.family = family;
741 x->props.mode = mode;
742 x->props.reqid = reqid;
743 x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES;
744 xfrm_state_hold(x);
745 x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ;
746 add_timer(&x->timer);
8f126e37 747 hlist_add_head(&x->bydst, xfrm_state_bydst+h);
2770834c 748 h = xfrm_src_hash(saddr, family);
8f126e37 749 hlist_add_head(&x->bysrc, xfrm_state_bysrc+h);
2770834c
DM		 750 wake_up(&km_waitq);
751 }
752
753 return x;
754}
755
1da177e4
LT		 756static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq);
757
758int xfrm_state_add(struct xfrm_state *x)
759{
1da177e4
LT		 760 struct xfrm_state *x1;
761 int family;
762 int err;
eb2971b6 763 int use_spi = xfrm_id_proto_match(x->id.proto, IPSEC_PROTO_ANY);
1da177e4
LT		 764
765 family = x->props.family;
1da177e4
LT		 766
767 spin_lock_bh(&xfrm_state_lock);
768
edcd5821 769 x1 = __xfrm_state_locate(x, use_spi, family);
1da177e4
LT		 770 if (x1) {
771 xfrm_state_put(x1);
772 x1 = NULL;
773 err = -EEXIST;
774 goto out;
775 }
776
eb2971b6 777 if (use_spi && x->km.seq) {
1da177e4
LT		 778 x1 = __xfrm_find_acq_byseq(x->km.seq);
779 if (x1 && xfrm_addr_cmp(&x1->id.daddr, &x->id.daddr, family)) {
780 xfrm_state_put(x1);
781 x1 = NULL;
782 }
783 }
784
eb2971b6 785 if (use_spi && !x1)
2770834c
DM		 786 x1 = __find_acq_core(family, x->props.mode, x->props.reqid,
787 x->id.proto,
788 &x->id.daddr, &x->props.saddr, 0);
1da177e4 789
c7f5ea3a 790 __xfrm_state_bump_genids(x);
1da177e4
LT		 791 __xfrm_state_insert(x);
792 err = 0;
793
794out:
795 spin_unlock_bh(&xfrm_state_lock);
1da177e4
LT		 796
797 if (x1) {
798 xfrm_state_delete(x1);
799 xfrm_state_put(x1);
800 }
801
802 return err;
803}
804EXPORT_SYMBOL(xfrm_state_add);
805
806int xfrm_state_update(struct xfrm_state *x)
807{
1da177e4
LT		 808 struct xfrm_state *x1;
809 int err;
eb2971b6 810 int use_spi = xfrm_id_proto_match(x->id.proto, IPSEC_PROTO_ANY);
1da177e4 811
1da177e4 812 spin_lock_bh(&xfrm_state_lock);
edcd5821 813 x1 = __xfrm_state_locate(x, use_spi, x->props.family);
1da177e4
LT		 814
815 err = -ESRCH;
816 if (!x1)
817 goto out;
818
819 if (xfrm_state_kern(x1)) {
820 xfrm_state_put(x1);
821 err = -EEXIST;
822 goto out;
823 }
824
825 if (x1->km.state == XFRM_STATE_ACQ) {
826 __xfrm_state_insert(x);
827 x = NULL;
828 }
829 err = 0;
830
831out:
832 spin_unlock_bh(&xfrm_state_lock);
1da177e4
LT		 833
834 if (err)
835 return err;
836
837 if (!x) {
838 xfrm_state_delete(x1);
839 xfrm_state_put(x1);
840 return 0;
841 }
842
843 err = -EINVAL;
844 spin_lock_bh(&x1->lock);
845 if (likely(x1->km.state == XFRM_STATE_VALID)) {
846 if (x->encap && x1->encap)
847 memcpy(x1->encap, x->encap, sizeof(*x1->encap));
060f02a3
NT		 848 if (x->coaddr && x1->coaddr) {
849 memcpy(x1->coaddr, x->coaddr, sizeof(*x1->coaddr));
850 }
851 if (!use_spi && memcmp(&x1->sel, &x->sel, sizeof(x1->sel)))
852 memcpy(&x1->sel, &x->sel, sizeof(x1->sel));
1da177e4
LT		 853 memcpy(&x1->lft, &x->lft, sizeof(x1->lft));
854 x1->km.dying = 0;
855
a47f0ce0 856 mod_timer(&x1->timer, jiffies + HZ);
1da177e4
LT		 857 if (x1->curlft.use_time)
858 xfrm_state_check_expire(x1);
859
860 err = 0;
861 }
862 spin_unlock_bh(&x1->lock);
863
864 xfrm_state_put(x1);
865
866 return err;
867}
868EXPORT_SYMBOL(xfrm_state_update);
869
870int xfrm_state_check_expire(struct xfrm_state *x)
871{
872 if (!x->curlft.use_time)
873 x->curlft.use_time = (unsigned long)xtime.tv_sec;
874
875 if (x->km.state != XFRM_STATE_VALID)
876 return -EINVAL;
877
878 if (x->curlft.bytes >= x->lft.hard_byte_limit ||
879 x->curlft.packets >= x->lft.hard_packet_limit) {
4666faab 880 x->km.state = XFRM_STATE_EXPIRED;
a47f0ce0 881 mod_timer(&x->timer, jiffies);
1da177e4
LT		 882 return -EINVAL;
883 }
884
885 if (!x->km.dying &&
886 (x->curlft.bytes >= x->lft.soft_byte_limit ||
4666faab
HX		 887 x->curlft.packets >= x->lft.soft_packet_limit)) {
888 x->km.dying = 1;
53bc6b4d 889 km_state_expired(x, 0, 0);
4666faab 890 }
1da177e4
LT		 891 return 0;
892}
893EXPORT_SYMBOL(xfrm_state_check_expire);
894
895static int xfrm_state_check_space(struct xfrm_state *x, struct sk_buff *skb)
896{
897 int nhead = x->props.header_len + LL_RESERVED_SPACE(skb->dst->dev)
898 - skb_headroom(skb);
899
900 if (nhead > 0)
901 return pskb_expand_head(skb, nhead, 0, GFP_ATOMIC);
902
903 /* Check tail too... */
904 return 0;
905}
906
907int xfrm_state_check(struct xfrm_state *x, struct sk_buff *skb)
908{
909 int err = xfrm_state_check_expire(x);
910 if (err < 0)
911 goto err;
912 err = xfrm_state_check_space(x, skb);
913err:
914 return err;
915}
916EXPORT_SYMBOL(xfrm_state_check);
917
918struct xfrm_state *
a94cfd19 919xfrm_state_lookup(xfrm_address_t *daddr, __be32 spi, u8 proto,
1da177e4
LT		 920 unsigned short family)
921{
922 struct xfrm_state *x;
1da177e4
LT		 923
924 spin_lock_bh(&xfrm_state_lock);
edcd5821 925 x = __xfrm_state_lookup(daddr, spi, proto, family);
1da177e4 926 spin_unlock_bh(&xfrm_state_lock);
1da177e4
LT		 927 return x;
928}
929EXPORT_SYMBOL(xfrm_state_lookup);
930
931struct xfrm_state *
eb2971b6
MN		 932xfrm_state_lookup_byaddr(xfrm_address_t *daddr, xfrm_address_t *saddr,
933 u8 proto, unsigned short family)
934{
935 struct xfrm_state *x;
eb2971b6
MN		 936
937 spin_lock_bh(&xfrm_state_lock);
edcd5821 938 x = __xfrm_state_lookup_byaddr(daddr, saddr, proto, family);
eb2971b6 939 spin_unlock_bh(&xfrm_state_lock);
eb2971b6
MN		 940 return x;
941}
942EXPORT_SYMBOL(xfrm_state_lookup_byaddr);
943
944struct xfrm_state *
1da177e4
LT		 945xfrm_find_acq(u8 mode, u32 reqid, u8 proto,
946 xfrm_address_t *daddr, xfrm_address_t *saddr,
947 int create, unsigned short family)
948{
949 struct xfrm_state *x;
1da177e4
LT		 950
951 spin_lock_bh(&xfrm_state_lock);
2770834c 952 x = __find_acq_core(family, mode, reqid, proto, daddr, saddr, create);
1da177e4 953 spin_unlock_bh(&xfrm_state_lock);
2770834c 954
1da177e4
LT		 955 return x;
956}
957EXPORT_SYMBOL(xfrm_find_acq);
958
41a49cc3
MN		 959#ifdef CONFIG_XFRM_SUB_POLICY
960int
961xfrm_tmpl_sort(struct xfrm_tmpl **dst, struct xfrm_tmpl **src, int n,
962 unsigned short family)
963{
964 int err = 0;
965 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
966 if (!afinfo)
967 return -EAFNOSUPPORT;
968
969 spin_lock_bh(&xfrm_state_lock);
970 if (afinfo->tmpl_sort)
971 err = afinfo->tmpl_sort(dst, src, n);
972 spin_unlock_bh(&xfrm_state_lock);
973 xfrm_state_put_afinfo(afinfo);
974 return err;
975}
976EXPORT_SYMBOL(xfrm_tmpl_sort);
977
978int
979xfrm_state_sort(struct xfrm_state **dst, struct xfrm_state **src, int n,
980 unsigned short family)
981{
982 int err = 0;
983 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
984 if (!afinfo)
985 return -EAFNOSUPPORT;
986
987 spin_lock_bh(&xfrm_state_lock);
988 if (afinfo->state_sort)
989 err = afinfo->state_sort(dst, src, n);
990 spin_unlock_bh(&xfrm_state_lock);
991 xfrm_state_put_afinfo(afinfo);
992 return err;
993}
994EXPORT_SYMBOL(xfrm_state_sort);
995#endif
996
1da177e4
LT		 997/* Silly enough, but I'm lazy to build resolution list */
998
999static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq)
1000{
1001 int i;
1da177e4 1002
f034b5d4 1003 for (i = 0; i <= xfrm_state_hmask; i++) {
8f126e37
DM		 1004 struct hlist_node *entry;
1005 struct xfrm_state *x;
1006
1007 hlist_for_each_entry(x, entry, xfrm_state_bydst+i, bydst) {
1008 if (x->km.seq == seq &&
1009 x->km.state == XFRM_STATE_ACQ) {
1da177e4
LT		 1010 xfrm_state_hold(x);
1011 return x;
1012 }
1013 }
1014 }
1015 return NULL;
1016}
1017
1018struct xfrm_state *xfrm_find_acq_byseq(u32 seq)
1019{
1020 struct xfrm_state *x;
1021
1022 spin_lock_bh(&xfrm_state_lock);
1023 x = __xfrm_find_acq_byseq(seq);
1024 spin_unlock_bh(&xfrm_state_lock);
1025 return x;
1026}
1027EXPORT_SYMBOL(xfrm_find_acq_byseq);
1028
1029u32 xfrm_get_acqseq(void)
1030{
1031 u32 res;
1032 static u32 acqseq;
1033 static DEFINE_SPINLOCK(acqseq_lock);
1034
1035 spin_lock_bh(&acqseq_lock);
1036 res = (++acqseq ? : ++acqseq);
1037 spin_unlock_bh(&acqseq_lock);
1038 return res;
1039}
1040EXPORT_SYMBOL(xfrm_get_acqseq);
1041
1042void
26977b4e 1043xfrm_alloc_spi(struct xfrm_state *x, __be32 minspi, __be32 maxspi)
1da177e4 1044{
f034b5d4 1045 unsigned int h;
1da177e4
LT		 1046 struct xfrm_state *x0;
1047
1048 if (x->id.spi)
1049 return;
1050
1051 if (minspi == maxspi) {
1052 x0 = xfrm_state_lookup(&x->id.daddr, minspi, x->id.proto, x->props.family);
1053 if (x0) {
1054 xfrm_state_put(x0);
1055 return;
1056 }
1057 x->id.spi = minspi;
1058 } else {
1059 u32 spi = 0;
26977b4e
AV		 1060 u32 low = ntohl(minspi);
1061 u32 high = ntohl(maxspi);
1062 for (h=0; h<high-low+1; h++) {
1063 spi = low + net_random()%(high-low+1);
1da177e4
LT		 1064 x0 = xfrm_state_lookup(&x->id.daddr, htonl(spi), x->id.proto, x->props.family);
1065 if (x0 == NULL) {
1066 x->id.spi = htonl(spi);
1067 break;
1068 }
1069 xfrm_state_put(x0);
1070 }
1071 }
1072 if (x->id.spi) {
1073 spin_lock_bh(&xfrm_state_lock);
1074 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, x->props.family);
8f126e37 1075 hlist_add_head(&x->byspi, xfrm_state_byspi+h);
1da177e4
LT		 1076 spin_unlock_bh(&xfrm_state_lock);
1077 wake_up(&km_waitq);
1078 }
1079}
1080EXPORT_SYMBOL(xfrm_alloc_spi);
1081
1082int xfrm_state_walk(u8 proto, int (*func)(struct xfrm_state *, int, void*),
1083 void *data)
1084{
1085 int i;
1086 struct xfrm_state *x;
8f126e37 1087 struct hlist_node *entry;
1da177e4
LT		 1088 int count = 0;
1089 int err = 0;
1090
1091 spin_lock_bh(&xfrm_state_lock);
f034b5d4 1092 for (i = 0; i <= xfrm_state_hmask; i++) {
8f126e37 1093 hlist_for_each_entry(x, entry, xfrm_state_bydst+i, bydst) {
5794708f 1094 if (xfrm_id_proto_match(x->id.proto, proto))
1da177e4
LT		 1095 count++;
1096 }
1097 }
1098 if (count == 0) {
1099 err = -ENOENT;
1100 goto out;
1101 }
1102
f034b5d4 1103 for (i = 0; i <= xfrm_state_hmask; i++) {
8f126e37 1104 hlist_for_each_entry(x, entry, xfrm_state_bydst+i, bydst) {
5794708f 1105 if (!xfrm_id_proto_match(x->id.proto, proto))
1da177e4
LT		 1106 continue;
1107 err = func(x, --count, data);
1108 if (err)
1109 goto out;
1110 }
1111 }
1112out:
1113 spin_unlock_bh(&xfrm_state_lock);
1114 return err;
1115}
1116EXPORT_SYMBOL(xfrm_state_walk);
1117
f8cd5488
JHS		 1118
1119void xfrm_replay_notify(struct xfrm_state *x, int event)
1120{
1121 struct km_event c;
1122 /* we send notify messages in case
1123 * 1. we updated on of the sequence numbers, and the seqno difference
1124 * is at least x->replay_maxdiff, in this case we also update the
1125 * timeout of our timer function
1126 * 2. if x->replay_maxage has elapsed since last update,
1127 * and there were changes
1128 *
1129 * The state structure must be locked!
1130 */
1131
1132 switch (event) {
1133 case XFRM_REPLAY_UPDATE:
1134 if (x->replay_maxdiff &&
1135 (x->replay.seq - x->preplay.seq < x->replay_maxdiff) &&
2717096a
JHS		 1136 (x->replay.oseq - x->preplay.oseq < x->replay_maxdiff)) {
1137 if (x->xflags & XFRM_TIME_DEFER)
1138 event = XFRM_REPLAY_TIMEOUT;
1139 else
1140 return;
1141 }
f8cd5488
JHS		 1142
1143 break;
1144
1145 case XFRM_REPLAY_TIMEOUT:
1146 if ((x->replay.seq == x->preplay.seq) &&
1147 (x->replay.bitmap == x->preplay.bitmap) &&
2717096a
JHS		 1148 (x->replay.oseq == x->preplay.oseq)) {
1149 x->xflags |= XFRM_TIME_DEFER;
f8cd5488 1150 return;
2717096a 1151 }
f8cd5488
JHS		 1152
1153 break;
1154 }
1155
1156 memcpy(&x->preplay, &x->replay, sizeof(struct xfrm_replay_state));
1157 c.event = XFRM_MSG_NEWAE;
1158 c.data.aevent = event;
1159 km_state_notify(x, &c);
1160
f8cd5488 1161 if (x->replay_maxage &&
a47f0ce0 1162 !mod_timer(&x->rtimer, jiffies + x->replay_maxage))
2717096a 1163 x->xflags &= ~XFRM_TIME_DEFER;
f8cd5488 1164}
a70fcb0b 1165EXPORT_SYMBOL(xfrm_replay_notify);
f8cd5488
JHS		 1166
1167static void xfrm_replay_timer_handler(unsigned long data)
1168{
1169 struct xfrm_state *x = (struct xfrm_state*)data;
1170
1171 spin_lock(&x->lock);
1172
2717096a
JHS		 1173 if (x->km.state == XFRM_STATE_VALID) {
1174 if (xfrm_aevent_is_on())
1175 xfrm_replay_notify(x, XFRM_REPLAY_TIMEOUT);
1176 else
1177 x->xflags |= XFRM_TIME_DEFER;
1178 }
f8cd5488
JHS		 1179
1180 spin_unlock(&x->lock);
1181}
1182
a252cc23 1183int xfrm_replay_check(struct xfrm_state *x, __be32 net_seq)
1da177e4
LT		 1184{
1185 u32 diff;
a252cc23 1186 u32 seq = ntohl(net_seq);
1da177e4
LT		 1187
1188 if (unlikely(seq == 0))
1189 return -EINVAL;
1190
1191 if (likely(seq > x->replay.seq))
1192 return 0;
1193
1194 diff = x->replay.seq - seq;
1195 if (diff >= x->props.replay_window) {
1196 x->stats.replay_window++;
1197 return -EINVAL;
1198 }
1199
1200 if (x->replay.bitmap & (1U << diff)) {
1201 x->stats.replay++;
1202 return -EINVAL;
1203 }
1204 return 0;
1205}
1206EXPORT_SYMBOL(xfrm_replay_check);
1207
61f4627b 1208void xfrm_replay_advance(struct xfrm_state *x, __be32 net_seq)
1da177e4
LT		 1209{
1210 u32 diff;
61f4627b 1211 u32 seq = ntohl(net_seq);
1da177e4
LT		 1212
1213 if (seq > x->replay.seq) {
1214 diff = seq - x->replay.seq;
1215 if (diff < x->props.replay_window)
1216 x->replay.bitmap = ((x->replay.bitmap) << diff) | 1;
1217 else
1218 x->replay.bitmap = 1;
1219 x->replay.seq = seq;
1220 } else {
1221 diff = x->replay.seq - seq;
1222 x->replay.bitmap |= (1U << diff);
1223 }
f8cd5488
JHS		 1224
1225 if (xfrm_aevent_is_on())
1226 xfrm_replay_notify(x, XFRM_REPLAY_UPDATE);
1da177e4
LT		 1227}
1228EXPORT_SYMBOL(xfrm_replay_advance);
1229
1230static struct list_head xfrm_km_list = LIST_HEAD_INIT(xfrm_km_list);
1231static DEFINE_RWLOCK(xfrm_km_lock);
1232
26b15dad 1233void km_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c)
1da177e4
LT		 1234{
1235 struct xfrm_mgr *km;
1236
26b15dad
JHS		 1237 read_lock(&xfrm_km_lock);
1238 list_for_each_entry(km, &xfrm_km_list, list)
1239 if (km->notify_policy)
1240 km->notify_policy(xp, dir, c);
1241 read_unlock(&xfrm_km_lock);
1242}
1da177e4 1243
26b15dad
JHS		 1244void km_state_notify(struct xfrm_state *x, struct km_event *c)
1245{
1246 struct xfrm_mgr *km;
1da177e4
LT		 1247 read_lock(&xfrm_km_lock);
1248 list_for_each_entry(km, &xfrm_km_list, list)
26b15dad
JHS		 1249 if (km->notify)
1250 km->notify(x, c);
1da177e4 1251 read_unlock(&xfrm_km_lock);
26b15dad
JHS		 1252}
1253
1254EXPORT_SYMBOL(km_policy_notify);
1255EXPORT_SYMBOL(km_state_notify);
1256
53bc6b4d 1257void km_state_expired(struct xfrm_state *x, int hard, u32 pid)
26b15dad
JHS		 1258{
1259 struct km_event c;
1260
bf08867f 1261 c.data.hard = hard;
53bc6b4d 1262 c.pid = pid;
f60f6b8f 1263 c.event = XFRM_MSG_EXPIRE;
26b15dad 1264 km_state_notify(x, &c);
1da177e4
LT		 1265
1266 if (hard)
1267 wake_up(&km_waitq);
1268}
1269
53bc6b4d 1270EXPORT_SYMBOL(km_state_expired);
26b15dad
JHS		 1271/*
1272 * We send to all registered managers regardless of failure
1273 * We are happy with one success
1274*/
980ebd25 1275int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol)
1da177e4 1276{
26b15dad 1277 int err = -EINVAL, acqret;
1da177e4
LT		 1278 struct xfrm_mgr *km;
1279
1280 read_lock(&xfrm_km_lock);
1281 list_for_each_entry(km, &xfrm_km_list, list) {
26b15dad
JHS		 1282 acqret = km->acquire(x, t, pol, XFRM_POLICY_OUT);
1283 if (!acqret)
1284 err = acqret;
1da177e4
LT		 1285 }
1286 read_unlock(&xfrm_km_lock);
1287 return err;
1288}
980ebd25 1289EXPORT_SYMBOL(km_query);
1da177e4
LT		 1290
1291int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport)
1292{
1293 int err = -EINVAL;
1294 struct xfrm_mgr *km;
1295
1296 read_lock(&xfrm_km_lock);
1297 list_for_each_entry(km, &xfrm_km_list, list) {
1298 if (km->new_mapping)
1299 err = km->new_mapping(x, ipaddr, sport);
1300 if (!err)
1301 break;
1302 }
1303 read_unlock(&xfrm_km_lock);
1304 return err;
1305}
1306EXPORT_SYMBOL(km_new_mapping);
1307
6c5c8ca7 1308void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 pid)
1da177e4 1309{
26b15dad 1310 struct km_event c;
1da177e4 1311
bf08867f 1312 c.data.hard = hard;
6c5c8ca7 1313 c.pid = pid;
f60f6b8f 1314 c.event = XFRM_MSG_POLEXPIRE;
26b15dad 1315 km_policy_notify(pol, dir, &c);
1da177e4
LT		 1316
1317 if (hard)
1318 wake_up(&km_waitq);
1319}
a70fcb0b 1320EXPORT_SYMBOL(km_policy_expired);
1da177e4 1321
97a64b45
MN		 1322int km_report(u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr)
1323{
1324 int err = -EINVAL;
1325 int ret;
1326 struct xfrm_mgr *km;
1327
1328 read_lock(&xfrm_km_lock);
1329 list_for_each_entry(km, &xfrm_km_list, list) {
1330 if (km->report) {
1331 ret = km->report(proto, sel, addr);
1332 if (!ret)
1333 err = ret;
1334 }
1335 }
1336 read_unlock(&xfrm_km_lock);
1337 return err;
1338}
1339EXPORT_SYMBOL(km_report);
1340
1da177e4
LT		 1341int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optval, int optlen)
1342{
1343 int err;
1344 u8 *data;
1345 struct xfrm_mgr *km;
1346 struct xfrm_policy *pol = NULL;
1347
1348 if (optlen <= 0 || optlen > PAGE_SIZE)
1349 return -EMSGSIZE;
1350
1351 data = kmalloc(optlen, GFP_KERNEL);
1352 if (!data)
1353 return -ENOMEM;
1354
1355 err = -EFAULT;
1356 if (copy_from_user(data, optval, optlen))
1357 goto out;
1358
1359 err = -EINVAL;
1360 read_lock(&xfrm_km_lock);
1361 list_for_each_entry(km, &xfrm_km_list, list) {
cb969f07 1362 pol = km->compile_policy(sk, optname, data,
1da177e4
LT		 1363 optlen, &err);
1364 if (err >= 0)
1365 break;
1366 }
1367 read_unlock(&xfrm_km_lock);
1368
1369 if (err >= 0) {
1370 xfrm_sk_policy_insert(sk, err, pol);
1371 xfrm_pol_put(pol);
1372 err = 0;
1373 }
1374
1375out:
1376 kfree(data);
1377 return err;
1378}
1379EXPORT_SYMBOL(xfrm_user_policy);
1380
1381int xfrm_register_km(struct xfrm_mgr *km)
1382{
1383 write_lock_bh(&xfrm_km_lock);
1384 list_add_tail(&km->list, &xfrm_km_list);
1385 write_unlock_bh(&xfrm_km_lock);
1386 return 0;
1387}
1388EXPORT_SYMBOL(xfrm_register_km);
1389
1390int xfrm_unregister_km(struct xfrm_mgr *km)
1391{
1392 write_lock_bh(&xfrm_km_lock);
1393 list_del(&km->list);
1394 write_unlock_bh(&xfrm_km_lock);
1395 return 0;
1396}
1397EXPORT_SYMBOL(xfrm_unregister_km);
1398
1399int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo)
1400{
1401 int err = 0;
1402 if (unlikely(afinfo == NULL))
1403 return -EINVAL;
1404 if (unlikely(afinfo->family >= NPROTO))
1405 return -EAFNOSUPPORT;
f3111502 1406 write_lock_bh(&xfrm_state_afinfo_lock);
1da177e4
LT		 1407 if (unlikely(xfrm_state_afinfo[afinfo->family] != NULL))
1408 err = -ENOBUFS;
edcd5821 1409 else
1da177e4 1410 xfrm_state_afinfo[afinfo->family] = afinfo;
f3111502 1411 write_unlock_bh(&xfrm_state_afinfo_lock);
1da177e4
LT		 1412 return err;
1413}
1414EXPORT_SYMBOL(xfrm_state_register_afinfo);
1415
1416int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo *afinfo)
1417{
1418 int err = 0;
1419 if (unlikely(afinfo == NULL))
1420 return -EINVAL;
1421 if (unlikely(afinfo->family >= NPROTO))
1422 return -EAFNOSUPPORT;
f3111502 1423 write_lock_bh(&xfrm_state_afinfo_lock);
1da177e4
LT		 1424 if (likely(xfrm_state_afinfo[afinfo->family] != NULL)) {
1425 if (unlikely(xfrm_state_afinfo[afinfo->family] != afinfo))
1426 err = -EINVAL;
edcd5821 1427 else
1da177e4 1428 xfrm_state_afinfo[afinfo->family] = NULL;
1da177e4 1429 }
f3111502 1430 write_unlock_bh(&xfrm_state_afinfo_lock);
1da177e4
LT		 1431 return err;
1432}
1433EXPORT_SYMBOL(xfrm_state_unregister_afinfo);
1434
1435static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family)
1436{
1437 struct xfrm_state_afinfo *afinfo;
1438 if (unlikely(family >= NPROTO))
1439 return NULL;
1440 read_lock(&xfrm_state_afinfo_lock);
1441 afinfo = xfrm_state_afinfo[family];
546be240
HX		 1442 if (unlikely(!afinfo))
1443 read_unlock(&xfrm_state_afinfo_lock);
1da177e4
LT		 1444 return afinfo;
1445}
1446
1447static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo)
1448{
546be240 1449 read_unlock(&xfrm_state_afinfo_lock);
1da177e4
LT		 1450}
1451
1452/* Temporarily located here until net/xfrm/xfrm_tunnel.c is created */
1453void xfrm_state_delete_tunnel(struct xfrm_state *x)
1454{
1455 if (x->tunnel) {
1456 struct xfrm_state *t = x->tunnel;
1457
1458 if (atomic_read(&t->tunnel_users) == 2)
1459 xfrm_state_delete(t);
1460 atomic_dec(&t->tunnel_users);
1461 xfrm_state_put(t);
1462 x->tunnel = NULL;
1463 }
1464}
1465EXPORT_SYMBOL(xfrm_state_delete_tunnel);
1466
80b30c10
HX		 1467/*
1468 * This function is NOT optimal. For example, with ESP it will give an
1469 * MTU that's usually two bytes short of being optimal. However, it will
1470 * usually give an answer that's a multiple of 4 provided the input is
1471 * also a multiple of 4.
1472 */
1da177e4
LT		 1473int xfrm_state_mtu(struct xfrm_state *x, int mtu)
1474{
1475 int res = mtu;
1476
1477 res -= x->props.header_len;
1478
1479 for (;;) {
1480 int m = res;
1481
1482 if (m < 68)
1483 return 68;
1484
1485 spin_lock_bh(&x->lock);
1486 if (x->km.state == XFRM_STATE_VALID &&
1487 x->type && x->type->get_max_size)
1488 m = x->type->get_max_size(x, m);
1489 else
1490 m += x->props.header_len;
1491 spin_unlock_bh(&x->lock);
1492
1493 if (m <= mtu)
1494 break;
1495 res -= (m - mtu);
1496 }
1497
1498 return res;
1499}
1500
72cb6962
HX		 1501int xfrm_init_state(struct xfrm_state *x)
1502{
d094cd83
HX		 1503 struct xfrm_state_afinfo *afinfo;
1504 int family = x->props.family;
72cb6962
HX		 1505 int err;
1506
d094cd83
HX		 1507 err = -EAFNOSUPPORT;
1508 afinfo = xfrm_state_get_afinfo(family);
1509 if (!afinfo)
1510 goto error;
1511
1512 err = 0;
1513 if (afinfo->init_flags)
1514 err = afinfo->init_flags(x);
1515
1516 xfrm_state_put_afinfo(afinfo);
1517
1518 if (err)
1519 goto error;
1520
1521 err = -EPROTONOSUPPORT;
1522 x->type = xfrm_get_type(x->id.proto, family);
72cb6962
HX		 1523 if (x->type == NULL)
1524 goto error;
1525
1526 err = x->type->init_state(x);
1527 if (err)
1528 goto error;
1529
b59f45d0
HX		 1530 x->mode = xfrm_get_mode(x->props.mode, family);
1531 if (x->mode == NULL)
1532 goto error;
1533
72cb6962
HX		 1534 x->km.state = XFRM_STATE_VALID;
1535
1536error:
1537 return err;
1538}
1539
1540EXPORT_SYMBOL(xfrm_init_state);
1da177e4
LT		 1541
1542void __init xfrm_state_init(void)
1543{
f034b5d4
DM		 1544 unsigned int sz;
1545
1546 sz = sizeof(struct hlist_head) * 8;
1547
44e36b42
DM		 1548 xfrm_state_bydst = xfrm_hash_alloc(sz);
1549 xfrm_state_bysrc = xfrm_hash_alloc(sz);
1550 xfrm_state_byspi = xfrm_hash_alloc(sz);
f034b5d4
DM		 1551 if (!xfrm_state_bydst || !xfrm_state_bysrc || !xfrm_state_byspi)
1552 panic("XFRM: Cannot allocate bydst/bysrc/byspi hashes.");
1553 xfrm_state_hmask = ((sz / sizeof(struct hlist_head)) - 1);
1da177e4 1554
1da177e4
LT		 1555 INIT_WORK(&xfrm_state_gc_work, xfrm_state_gc_task, NULL);
1556}
1557
Ubuntu Artful kernel mirror