]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blob - net/xfrm/xfrm_state.c
projects / mirror_ubuntu-artful-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge git://git.infradead.org/mtd-2.6
[mirror_ubuntu-artful-kernel.git] / net / xfrm / xfrm_state.c
1 /*
2 * xfrm_state.c
3 *
4 * Changes:
5 * Mitsuru KANDA @USAGI
6 * Kazunori MIYAZAWA @USAGI
7 * Kunihiro Ishiguro <kunihiro@ipinfusion.com>
8 * IPv6 support
9 * YOSHIFUJI Hideaki @USAGI
10 * Split up af-specific functions
11 * Derek Atkins <derek@ihtfp.com>
12 * Add UDP Encapsulation
13 *
14 */
15
16 #include <linux/workqueue.h>
17 #include <net/xfrm.h>
18 #include <linux/pfkeyv2.h>
19 #include <linux/ipsec.h>
20 #include <linux/module.h>
21 #include <asm/uaccess.h>
22
23 struct sock *xfrm_nl;
24 EXPORT_SYMBOL(xfrm_nl);
25
26 u32 sysctl_xfrm_aevent_etime = XFRM_AE_ETIME;
27 EXPORT_SYMBOL(sysctl_xfrm_aevent_etime);
28
29 u32 sysctl_xfrm_aevent_rseqth = XFRM_AE_SEQT_SIZE;
30 EXPORT_SYMBOL(sysctl_xfrm_aevent_rseqth);
31
32 /* Each xfrm_state may be linked to two tables:
33
34 1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl)
35 2. Hash table by daddr to find what SAs exist for given
36 destination/tunnel endpoint. (output)
37 */
38
39 static DEFINE_SPINLOCK(xfrm_state_lock);
40
41 /* Hash table to find appropriate SA towards given target (endpoint
42 * of tunnel or destination of transport mode) allowed by selector.
43 *
44 * Main use is finding SA after policy selected tunnel or transport mode.
45 * Also, it can be used by ah/esp icmp error handler to find offending SA.
46 */
47 static struct list_head xfrm_state_bydst[XFRM_DST_HSIZE];
48 static struct list_head xfrm_state_byspi[XFRM_DST_HSIZE];
49
50 DECLARE_WAIT_QUEUE_HEAD(km_waitq);
51 EXPORT_SYMBOL(km_waitq);
52
53 static DEFINE_RWLOCK(xfrm_state_afinfo_lock);
54 static struct xfrm_state_afinfo *xfrm_state_afinfo[NPROTO];
55
56 static struct work_struct xfrm_state_gc_work;
57 static struct list_head xfrm_state_gc_list = LIST_HEAD_INIT(xfrm_state_gc_list);
58 static DEFINE_SPINLOCK(xfrm_state_gc_lock);
59
60 static int xfrm_state_gc_flush_bundles;
61
62 int __xfrm_state_delete(struct xfrm_state *x);
63
64 static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family);
65 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo);
66
67 int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol);
68 void km_state_expired(struct xfrm_state *x, int hard, u32 pid);
69
70 static void xfrm_state_gc_destroy(struct xfrm_state *x)
71 {
72 if (del_timer(&x->timer))
73 BUG();
74 if (del_timer(&x->rtimer))
75 BUG();
76 kfree(x->aalg);
77 kfree(x->ealg);
78 kfree(x->calg);
79 kfree(x->encap);
80 if (x->mode)
81 xfrm_put_mode(x->mode);
82 if (x->type) {
83 x->type->destructor(x);
84 xfrm_put_type(x->type);
85 }
86 security_xfrm_state_free(x);
87 kfree(x);
88 }
89
90 static void xfrm_state_gc_task(void *data)
91 {
92 struct xfrm_state *x;
93 struct list_head *entry, *tmp;
94 struct list_head gc_list = LIST_HEAD_INIT(gc_list);
95
96 if (xfrm_state_gc_flush_bundles) {
97 xfrm_state_gc_flush_bundles = 0;
98 xfrm_flush_bundles();
99 }
100
101 spin_lock_bh(&xfrm_state_gc_lock);
102 list_splice_init(&xfrm_state_gc_list, &gc_list);
103 spin_unlock_bh(&xfrm_state_gc_lock);
104
105 list_for_each_safe(entry, tmp, &gc_list) {
106 x = list_entry(entry, struct xfrm_state, bydst);
107 xfrm_state_gc_destroy(x);
108 }
109 wake_up(&km_waitq);
110 }
111
112 static inline unsigned long make_jiffies(long secs)
113 {
114 if (secs >= (MAX_SCHEDULE_TIMEOUT-1)/HZ)
115 return MAX_SCHEDULE_TIMEOUT-1;
116 else
117 return secs*HZ;
118 }
119
120 static void xfrm_timer_handler(unsigned long data)
121 {
122 struct xfrm_state *x = (struct xfrm_state*)data;
123 unsigned long now = (unsigned long)xtime.tv_sec;
124 long next = LONG_MAX;
125 int warn = 0;
126
127 spin_lock(&x->lock);
128 if (x->km.state == XFRM_STATE_DEAD)
129 goto out;
130 if (x->km.state == XFRM_STATE_EXPIRED)
131 goto expired;
132 if (x->lft.hard_add_expires_seconds) {
133 long tmo = x->lft.hard_add_expires_seconds +
134 x->curlft.add_time - now;
135 if (tmo <= 0)
136 goto expired;
137 if (tmo < next)
138 next = tmo;
139 }
140 if (x->lft.hard_use_expires_seconds) {
141 long tmo = x->lft.hard_use_expires_seconds +
142 (x->curlft.use_time ? : now) - now;
143 if (tmo <= 0)
144 goto expired;
145 if (tmo < next)
146 next = tmo;
147 }
148 if (x->km.dying)
149 goto resched;
150 if (x->lft.soft_add_expires_seconds) {
151 long tmo = x->lft.soft_add_expires_seconds +
152 x->curlft.add_time - now;
153 if (tmo <= 0)
154 warn = 1;
155 else if (tmo < next)
156 next = tmo;
157 }
158 if (x->lft.soft_use_expires_seconds) {
159 long tmo = x->lft.soft_use_expires_seconds +
160 (x->curlft.use_time ? : now) - now;
161 if (tmo <= 0)
162 warn = 1;
163 else if (tmo < next)
164 next = tmo;
165 }
166
167 x->km.dying = warn;
168 if (warn)
169 km_state_expired(x, 0, 0);
170 resched:
171 if (next != LONG_MAX &&
172 !mod_timer(&x->timer, jiffies + make_jiffies(next)))
173 xfrm_state_hold(x);
174 goto out;
175
176 expired:
177 if (x->km.state == XFRM_STATE_ACQ && x->id.spi == 0) {
178 x->km.state = XFRM_STATE_EXPIRED;
179 wake_up(&km_waitq);
180 next = 2;
181 goto resched;
182 }
183 if (!__xfrm_state_delete(x) && x->id.spi)
184 km_state_expired(x, 1, 0);
185
186 out:
187 spin_unlock(&x->lock);
188 xfrm_state_put(x);
189 }
190
191 static void xfrm_replay_timer_handler(unsigned long data);
192
193 struct xfrm_state *xfrm_state_alloc(void)
194 {
195 struct xfrm_state *x;
196
197 x = kmalloc(sizeof(struct xfrm_state), GFP_ATOMIC);
198
199 if (x) {
200 memset(x, 0, sizeof(struct xfrm_state));
201 atomic_set(&x->refcnt, 1);
202 atomic_set(&x->tunnel_users, 0);
203 INIT_LIST_HEAD(&x->bydst);
204 INIT_LIST_HEAD(&x->byspi);
205 init_timer(&x->timer);
206 x->timer.function = xfrm_timer_handler;
207 x->timer.data = (unsigned long)x;
208 init_timer(&x->rtimer);
209 x->rtimer.function = xfrm_replay_timer_handler;
210 x->rtimer.data = (unsigned long)x;
211 x->curlft.add_time = (unsigned long)xtime.tv_sec;
212 x->lft.soft_byte_limit = XFRM_INF;
213 x->lft.soft_packet_limit = XFRM_INF;
214 x->lft.hard_byte_limit = XFRM_INF;
215 x->lft.hard_packet_limit = XFRM_INF;
216 x->replay_maxage = 0;
217 x->replay_maxdiff = 0;
218 spin_lock_init(&x->lock);
219 }
220 return x;
221 }
222 EXPORT_SYMBOL(xfrm_state_alloc);
223
224 void __xfrm_state_destroy(struct xfrm_state *x)
225 {
226 BUG_TRAP(x->km.state == XFRM_STATE_DEAD);
227
228 spin_lock_bh(&xfrm_state_gc_lock);
229 list_add(&x->bydst, &xfrm_state_gc_list);
230 spin_unlock_bh(&xfrm_state_gc_lock);
231 schedule_work(&xfrm_state_gc_work);
232 }
233 EXPORT_SYMBOL(__xfrm_state_destroy);
234
235 int __xfrm_state_delete(struct xfrm_state *x)
236 {
237 int err = -ESRCH;
238
239 if (x->km.state != XFRM_STATE_DEAD) {
240 x->km.state = XFRM_STATE_DEAD;
241 spin_lock(&xfrm_state_lock);
242 list_del(&x->bydst);
243 __xfrm_state_put(x);
244 if (x->id.spi) {
245 list_del(&x->byspi);
246 __xfrm_state_put(x);
247 }
248 spin_unlock(&xfrm_state_lock);
249 if (del_timer(&x->timer))
250 __xfrm_state_put(x);
251 if (del_timer(&x->rtimer))
252 __xfrm_state_put(x);
253
254 /* The number two in this test is the reference
255 * mentioned in the comment below plus the reference
256 * our caller holds. A larger value means that
257 * there are DSTs attached to this xfrm_state.
258 */
259 if (atomic_read(&x->refcnt) > 2) {
260 xfrm_state_gc_flush_bundles = 1;
261 schedule_work(&xfrm_state_gc_work);
262 }
263
264 /* All xfrm_state objects are created by xfrm_state_alloc.
265 * The xfrm_state_alloc call gives a reference, and that
266 * is what we are dropping here.
267 */
268 __xfrm_state_put(x);
269 err = 0;
270 }
271
272 return err;
273 }
274 EXPORT_SYMBOL(__xfrm_state_delete);
275
276 int xfrm_state_delete(struct xfrm_state *x)
277 {
278 int err;
279
280 spin_lock_bh(&x->lock);
281 err = __xfrm_state_delete(x);
282 spin_unlock_bh(&x->lock);
283
284 return err;
285 }
286 EXPORT_SYMBOL(xfrm_state_delete);
287
288 void xfrm_state_flush(u8 proto)
289 {
290 int i;
291 struct xfrm_state *x;
292
293 spin_lock_bh(&xfrm_state_lock);
294 for (i = 0; i < XFRM_DST_HSIZE; i++) {
295 restart:
296 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
297 if (!xfrm_state_kern(x) &&
298 (proto == IPSEC_PROTO_ANY || x->id.proto == proto)) {
299 xfrm_state_hold(x);
300 spin_unlock_bh(&xfrm_state_lock);
301
302 xfrm_state_delete(x);
303 xfrm_state_put(x);
304
305 spin_lock_bh(&xfrm_state_lock);
306 goto restart;
307 }
308 }
309 }
310 spin_unlock_bh(&xfrm_state_lock);
311 wake_up(&km_waitq);
312 }
313 EXPORT_SYMBOL(xfrm_state_flush);
314
315 static int
316 xfrm_init_tempsel(struct xfrm_state *x, struct flowi *fl,
317 struct xfrm_tmpl *tmpl,
318 xfrm_address_t *daddr, xfrm_address_t *saddr,
319 unsigned short family)
320 {
321 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
322 if (!afinfo)
323 return -1;
324 afinfo->init_tempsel(x, fl, tmpl, daddr, saddr);
325 xfrm_state_put_afinfo(afinfo);
326 return 0;
327 }
328
329 struct xfrm_state *
330 xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
331 struct flowi *fl, struct xfrm_tmpl *tmpl,
332 struct xfrm_policy *pol, int *err,
333 unsigned short family)
334 {
335 unsigned h = xfrm_dst_hash(daddr, family);
336 struct xfrm_state *x, *x0;
337 int acquire_in_progress = 0;
338 int error = 0;
339 struct xfrm_state *best = NULL;
340 struct xfrm_state_afinfo *afinfo;
341
342 afinfo = xfrm_state_get_afinfo(family);
343 if (afinfo == NULL) {
344 *err = -EAFNOSUPPORT;
345 return NULL;
346 }
347
348 spin_lock_bh(&xfrm_state_lock);
349 list_for_each_entry(x, xfrm_state_bydst+h, bydst) {
350 if (x->props.family == family &&
351 x->props.reqid == tmpl->reqid &&
352 xfrm_state_addr_check(x, daddr, saddr, family) &&
353 tmpl->mode == x->props.mode &&
354 tmpl->id.proto == x->id.proto &&
355 (tmpl->id.spi == x->id.spi || !tmpl->id.spi)) {
356 /* Resolution logic:
357 1. There is a valid state with matching selector.
358 Done.
359 2. Valid state with inappropriate selector. Skip.
360
361 Entering area of "sysdeps".
362
363 3. If state is not valid, selector is temporary,
364 it selects only session which triggered
365 previous resolution. Key manager will do
366 something to install a state with proper
367 selector.
368 */
369 if (x->km.state == XFRM_STATE_VALID) {
370 if (!xfrm_selector_match(&x->sel, fl, family) ||
371 !xfrm_sec_ctx_match(pol->security, x->security))
372 continue;
373 if (!best ||
374 best->km.dying > x->km.dying ||
375 (best->km.dying == x->km.dying &&
376 best->curlft.add_time < x->curlft.add_time))
377 best = x;
378 } else if (x->km.state == XFRM_STATE_ACQ) {
379 acquire_in_progress = 1;
380 } else if (x->km.state == XFRM_STATE_ERROR ||
381 x->km.state == XFRM_STATE_EXPIRED) {
382 if (xfrm_selector_match(&x->sel, fl, family) &&
383 xfrm_sec_ctx_match(pol->security, x->security))
384 error = -ESRCH;
385 }
386 }
387 }
388
389 x = best;
390 if (!x && !error && !acquire_in_progress) {
391 if (tmpl->id.spi &&
392 (x0 = afinfo->state_lookup(daddr, tmpl->id.spi,
393 tmpl->id.proto)) != NULL) {
394 xfrm_state_put(x0);
395 error = -EEXIST;
396 goto out;
397 }
398 x = xfrm_state_alloc();
399 if (x == NULL) {
400 error = -ENOMEM;
401 goto out;
402 }
403 /* Initialize temporary selector matching only
404 * to current session. */
405 xfrm_init_tempsel(x, fl, tmpl, daddr, saddr, family);
406
407 if (km_query(x, tmpl, pol) == 0) {
408 x->km.state = XFRM_STATE_ACQ;
409 list_add_tail(&x->bydst, xfrm_state_bydst+h);
410 xfrm_state_hold(x);
411 if (x->id.spi) {
412 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, family);
413 list_add(&x->byspi, xfrm_state_byspi+h);
414 xfrm_state_hold(x);
415 }
416 x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES;
417 xfrm_state_hold(x);
418 x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ;
419 add_timer(&x->timer);
420 } else {
421 x->km.state = XFRM_STATE_DEAD;
422 xfrm_state_put(x);
423 x = NULL;
424 error = -ESRCH;
425 }
426 }
427 out:
428 if (x)
429 xfrm_state_hold(x);
430 else
431 *err = acquire_in_progress ? -EAGAIN : error;
432 spin_unlock_bh(&xfrm_state_lock);
433 xfrm_state_put_afinfo(afinfo);
434 return x;
435 }
436
437 static void __xfrm_state_insert(struct xfrm_state *x)
438 {
439 unsigned h = xfrm_dst_hash(&x->id.daddr, x->props.family);
440
441 list_add(&x->bydst, xfrm_state_bydst+h);
442 xfrm_state_hold(x);
443
444 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, x->props.family);
445
446 list_add(&x->byspi, xfrm_state_byspi+h);
447 xfrm_state_hold(x);
448
449 if (!mod_timer(&x->timer, jiffies + HZ))
450 xfrm_state_hold(x);
451
452 if (x->replay_maxage &&
453 !mod_timer(&x->rtimer, jiffies + x->replay_maxage))
454 xfrm_state_hold(x);
455
456 wake_up(&km_waitq);
457 }
458
459 void xfrm_state_insert(struct xfrm_state *x)
460 {
461 spin_lock_bh(&xfrm_state_lock);
462 __xfrm_state_insert(x);
463 spin_unlock_bh(&xfrm_state_lock);
464
465 xfrm_flush_all_bundles();
466 }
467 EXPORT_SYMBOL(xfrm_state_insert);
468
469 static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq);
470
471 int xfrm_state_add(struct xfrm_state *x)
472 {
473 struct xfrm_state_afinfo *afinfo;
474 struct xfrm_state *x1;
475 int family;
476 int err;
477
478 family = x->props.family;
479 afinfo = xfrm_state_get_afinfo(family);
480 if (unlikely(afinfo == NULL))
481 return -EAFNOSUPPORT;
482
483 spin_lock_bh(&xfrm_state_lock);
484
485 x1 = afinfo->state_lookup(&x->id.daddr, x->id.spi, x->id.proto);
486 if (x1) {
487 xfrm_state_put(x1);
488 x1 = NULL;
489 err = -EEXIST;
490 goto out;
491 }
492
493 if (x->km.seq) {
494 x1 = __xfrm_find_acq_byseq(x->km.seq);
495 if (x1 && xfrm_addr_cmp(&x1->id.daddr, &x->id.daddr, family)) {
496 xfrm_state_put(x1);
497 x1 = NULL;
498 }
499 }
500
501 if (!x1)
502 x1 = afinfo->find_acq(
503 x->props.mode, x->props.reqid, x->id.proto,
504 &x->id.daddr, &x->props.saddr, 0);
505
506 __xfrm_state_insert(x);
507 err = 0;
508
509 out:
510 spin_unlock_bh(&xfrm_state_lock);
511 xfrm_state_put_afinfo(afinfo);
512
513 if (!err)
514 xfrm_flush_all_bundles();
515
516 if (x1) {
517 xfrm_state_delete(x1);
518 xfrm_state_put(x1);
519 }
520
521 return err;
522 }
523 EXPORT_SYMBOL(xfrm_state_add);
524
525 int xfrm_state_update(struct xfrm_state *x)
526 {
527 struct xfrm_state_afinfo *afinfo;
528 struct xfrm_state *x1;
529 int err;
530
531 afinfo = xfrm_state_get_afinfo(x->props.family);
532 if (unlikely(afinfo == NULL))
533 return -EAFNOSUPPORT;
534
535 spin_lock_bh(&xfrm_state_lock);
536 x1 = afinfo->state_lookup(&x->id.daddr, x->id.spi, x->id.proto);
537
538 err = -ESRCH;
539 if (!x1)
540 goto out;
541
542 if (xfrm_state_kern(x1)) {
543 xfrm_state_put(x1);
544 err = -EEXIST;
545 goto out;
546 }
547
548 if (x1->km.state == XFRM_STATE_ACQ) {
549 __xfrm_state_insert(x);
550 x = NULL;
551 }
552 err = 0;
553
554 out:
555 spin_unlock_bh(&xfrm_state_lock);
556 xfrm_state_put_afinfo(afinfo);
557
558 if (err)
559 return err;
560
561 if (!x) {
562 xfrm_state_delete(x1);
563 xfrm_state_put(x1);
564 return 0;
565 }
566
567 err = -EINVAL;
568 spin_lock_bh(&x1->lock);
569 if (likely(x1->km.state == XFRM_STATE_VALID)) {
570 if (x->encap && x1->encap)
571 memcpy(x1->encap, x->encap, sizeof(*x1->encap));
572 memcpy(&x1->lft, &x->lft, sizeof(x1->lft));
573 x1->km.dying = 0;
574
575 if (!mod_timer(&x1->timer, jiffies + HZ))
576 xfrm_state_hold(x1);
577 if (x1->curlft.use_time)
578 xfrm_state_check_expire(x1);
579
580 err = 0;
581 }
582 spin_unlock_bh(&x1->lock);
583
584 xfrm_state_put(x1);
585
586 return err;
587 }
588 EXPORT_SYMBOL(xfrm_state_update);
589
590 int xfrm_state_check_expire(struct xfrm_state *x)
591 {
592 if (!x->curlft.use_time)
593 x->curlft.use_time = (unsigned long)xtime.tv_sec;
594
595 if (x->km.state != XFRM_STATE_VALID)
596 return -EINVAL;
597
598 if (x->curlft.bytes >= x->lft.hard_byte_limit ||
599 x->curlft.packets >= x->lft.hard_packet_limit) {
600 x->km.state = XFRM_STATE_EXPIRED;
601 if (!mod_timer(&x->timer, jiffies))
602 xfrm_state_hold(x);
603 return -EINVAL;
604 }
605
606 if (!x->km.dying &&
607 (x->curlft.bytes >= x->lft.soft_byte_limit ||
608 x->curlft.packets >= x->lft.soft_packet_limit)) {
609 x->km.dying = 1;
610 km_state_expired(x, 0, 0);
611 }
612 return 0;
613 }
614 EXPORT_SYMBOL(xfrm_state_check_expire);
615
616 static int xfrm_state_check_space(struct xfrm_state *x, struct sk_buff *skb)
617 {
618 int nhead = x->props.header_len + LL_RESERVED_SPACE(skb->dst->dev)
619 - skb_headroom(skb);
620
621 if (nhead > 0)
622 return pskb_expand_head(skb, nhead, 0, GFP_ATOMIC);
623
624 /* Check tail too... */
625 return 0;
626 }
627
628 int xfrm_state_check(struct xfrm_state *x, struct sk_buff *skb)
629 {
630 int err = xfrm_state_check_expire(x);
631 if (err < 0)
632 goto err;
633 err = xfrm_state_check_space(x, skb);
634 err:
635 return err;
636 }
637 EXPORT_SYMBOL(xfrm_state_check);
638
639 struct xfrm_state *
640 xfrm_state_lookup(xfrm_address_t *daddr, u32 spi, u8 proto,
641 unsigned short family)
642 {
643 struct xfrm_state *x;
644 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
645 if (!afinfo)
646 return NULL;
647
648 spin_lock_bh(&xfrm_state_lock);
649 x = afinfo->state_lookup(daddr, spi, proto);
650 spin_unlock_bh(&xfrm_state_lock);
651 xfrm_state_put_afinfo(afinfo);
652 return x;
653 }
654 EXPORT_SYMBOL(xfrm_state_lookup);
655
656 struct xfrm_state *
657 xfrm_find_acq(u8 mode, u32 reqid, u8 proto,
658 xfrm_address_t *daddr, xfrm_address_t *saddr,
659 int create, unsigned short family)
660 {
661 struct xfrm_state *x;
662 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
663 if (!afinfo)
664 return NULL;
665
666 spin_lock_bh(&xfrm_state_lock);
667 x = afinfo->find_acq(mode, reqid, proto, daddr, saddr, create);
668 spin_unlock_bh(&xfrm_state_lock);
669 xfrm_state_put_afinfo(afinfo);
670 return x;
671 }
672 EXPORT_SYMBOL(xfrm_find_acq);
673
674 /* Silly enough, but I'm lazy to build resolution list */
675
676 static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq)
677 {
678 int i;
679 struct xfrm_state *x;
680
681 for (i = 0; i < XFRM_DST_HSIZE; i++) {
682 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
683 if (x->km.seq == seq && x->km.state == XFRM_STATE_ACQ) {
684 xfrm_state_hold(x);
685 return x;
686 }
687 }
688 }
689 return NULL;
690 }
691
692 struct xfrm_state *xfrm_find_acq_byseq(u32 seq)
693 {
694 struct xfrm_state *x;
695
696 spin_lock_bh(&xfrm_state_lock);
697 x = __xfrm_find_acq_byseq(seq);
698 spin_unlock_bh(&xfrm_state_lock);
699 return x;
700 }
701 EXPORT_SYMBOL(xfrm_find_acq_byseq);
702
703 u32 xfrm_get_acqseq(void)
704 {
705 u32 res;
706 static u32 acqseq;
707 static DEFINE_SPINLOCK(acqseq_lock);
708
709 spin_lock_bh(&acqseq_lock);
710 res = (++acqseq ? : ++acqseq);
711 spin_unlock_bh(&acqseq_lock);
712 return res;
713 }
714 EXPORT_SYMBOL(xfrm_get_acqseq);
715
716 void
717 xfrm_alloc_spi(struct xfrm_state *x, u32 minspi, u32 maxspi)
718 {
719 u32 h;
720 struct xfrm_state *x0;
721
722 if (x->id.spi)
723 return;
724
725 if (minspi == maxspi) {
726 x0 = xfrm_state_lookup(&x->id.daddr, minspi, x->id.proto, x->props.family);
727 if (x0) {
728 xfrm_state_put(x0);
729 return;
730 }
731 x->id.spi = minspi;
732 } else {
733 u32 spi = 0;
734 minspi = ntohl(minspi);
735 maxspi = ntohl(maxspi);
736 for (h=0; h<maxspi-minspi+1; h++) {
737 spi = minspi + net_random()%(maxspi-minspi+1);
738 x0 = xfrm_state_lookup(&x->id.daddr, htonl(spi), x->id.proto, x->props.family);
739 if (x0 == NULL) {
740 x->id.spi = htonl(spi);
741 break;
742 }
743 xfrm_state_put(x0);
744 }
745 }
746 if (x->id.spi) {
747 spin_lock_bh(&xfrm_state_lock);
748 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, x->props.family);
749 list_add(&x->byspi, xfrm_state_byspi+h);
750 xfrm_state_hold(x);
751 spin_unlock_bh(&xfrm_state_lock);
752 wake_up(&km_waitq);
753 }
754 }
755 EXPORT_SYMBOL(xfrm_alloc_spi);
756
757 int xfrm_state_walk(u8 proto, int (*func)(struct xfrm_state *, int, void*),
758 void *data)
759 {
760 int i;
761 struct xfrm_state *x;
762 int count = 0;
763 int err = 0;
764
765 spin_lock_bh(&xfrm_state_lock);
766 for (i = 0; i < XFRM_DST_HSIZE; i++) {
767 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
768 if (proto == IPSEC_PROTO_ANY || x->id.proto == proto)
769 count++;
770 }
771 }
772 if (count == 0) {
773 err = -ENOENT;
774 goto out;
775 }
776
777 for (i = 0; i < XFRM_DST_HSIZE; i++) {
778 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
779 if (proto != IPSEC_PROTO_ANY && x->id.proto != proto)
780 continue;
781 err = func(x, --count, data);
782 if (err)
783 goto out;
784 }
785 }
786 out:
787 spin_unlock_bh(&xfrm_state_lock);
788 return err;
789 }
790 EXPORT_SYMBOL(xfrm_state_walk);
791
792
793 void xfrm_replay_notify(struct xfrm_state *x, int event)
794 {
795 struct km_event c;
796 /* we send notify messages in case
797 * 1. we updated on of the sequence numbers, and the seqno difference
798 * is at least x->replay_maxdiff, in this case we also update the
799 * timeout of our timer function
800 * 2. if x->replay_maxage has elapsed since last update,
801 * and there were changes
802 *
803 * The state structure must be locked!
804 */
805
806 switch (event) {
807 case XFRM_REPLAY_UPDATE:
808 if (x->replay_maxdiff &&
809 (x->replay.seq - x->preplay.seq < x->replay_maxdiff) &&
810 (x->replay.oseq - x->preplay.oseq < x->replay_maxdiff)) {
811 if (x->xflags & XFRM_TIME_DEFER)
812 event = XFRM_REPLAY_TIMEOUT;
813 else
814 return;
815 }
816
817 break;
818
819 case XFRM_REPLAY_TIMEOUT:
820 if ((x->replay.seq == x->preplay.seq) &&
821 (x->replay.bitmap == x->preplay.bitmap) &&
822 (x->replay.oseq == x->preplay.oseq)) {
823 x->xflags |= XFRM_TIME_DEFER;
824 return;
825 }
826
827 break;
828 }
829
830 memcpy(&x->preplay, &x->replay, sizeof(struct xfrm_replay_state));
831 c.event = XFRM_MSG_NEWAE;
832 c.data.aevent = event;
833 km_state_notify(x, &c);
834
835 if (x->replay_maxage &&
836 !mod_timer(&x->rtimer, jiffies + x->replay_maxage)) {
837 xfrm_state_hold(x);
838 x->xflags &= ~XFRM_TIME_DEFER;
839 }
840 }
841 EXPORT_SYMBOL(xfrm_replay_notify);
842
843 static void xfrm_replay_timer_handler(unsigned long data)
844 {
845 struct xfrm_state *x = (struct xfrm_state*)data;
846
847 spin_lock(&x->lock);
848
849 if (x->km.state == XFRM_STATE_VALID) {
850 if (xfrm_aevent_is_on())
851 xfrm_replay_notify(x, XFRM_REPLAY_TIMEOUT);
852 else
853 x->xflags |= XFRM_TIME_DEFER;
854 }
855
856 spin_unlock(&x->lock);
857 xfrm_state_put(x);
858 }
859
860 int xfrm_replay_check(struct xfrm_state *x, u32 seq)
861 {
862 u32 diff;
863
864 seq = ntohl(seq);
865
866 if (unlikely(seq == 0))
867 return -EINVAL;
868
869 if (likely(seq > x->replay.seq))
870 return 0;
871
872 diff = x->replay.seq - seq;
873 if (diff >= x->props.replay_window) {
874 x->stats.replay_window++;
875 return -EINVAL;
876 }
877
878 if (x->replay.bitmap & (1U << diff)) {
879 x->stats.replay++;
880 return -EINVAL;
881 }
882 return 0;
883 }
884 EXPORT_SYMBOL(xfrm_replay_check);
885
886 void xfrm_replay_advance(struct xfrm_state *x, u32 seq)
887 {
888 u32 diff;
889
890 seq = ntohl(seq);
891
892 if (seq > x->replay.seq) {
893 diff = seq - x->replay.seq;
894 if (diff < x->props.replay_window)
895 x->replay.bitmap = ((x->replay.bitmap) << diff) | 1;
896 else
897 x->replay.bitmap = 1;
898 x->replay.seq = seq;
899 } else {
900 diff = x->replay.seq - seq;
901 x->replay.bitmap |= (1U << diff);
902 }
903
904 if (xfrm_aevent_is_on())
905 xfrm_replay_notify(x, XFRM_REPLAY_UPDATE);
906 }
907 EXPORT_SYMBOL(xfrm_replay_advance);
908
909 static struct list_head xfrm_km_list = LIST_HEAD_INIT(xfrm_km_list);
910 static DEFINE_RWLOCK(xfrm_km_lock);
911
912 void km_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c)
913 {
914 struct xfrm_mgr *km;
915
916 read_lock(&xfrm_km_lock);
917 list_for_each_entry(km, &xfrm_km_list, list)
918 if (km->notify_policy)
919 km->notify_policy(xp, dir, c);
920 read_unlock(&xfrm_km_lock);
921 }
922
923 void km_state_notify(struct xfrm_state *x, struct km_event *c)
924 {
925 struct xfrm_mgr *km;
926 read_lock(&xfrm_km_lock);
927 list_for_each_entry(km, &xfrm_km_list, list)
928 if (km->notify)
929 km->notify(x, c);
930 read_unlock(&xfrm_km_lock);
931 }
932
933 EXPORT_SYMBOL(km_policy_notify);
934 EXPORT_SYMBOL(km_state_notify);
935
936 void km_state_expired(struct xfrm_state *x, int hard, u32 pid)
937 {
938 struct km_event c;
939
940 c.data.hard = hard;
941 c.pid = pid;
942 c.event = XFRM_MSG_EXPIRE;
943 km_state_notify(x, &c);
944
945 if (hard)
946 wake_up(&km_waitq);
947 }
948
949 EXPORT_SYMBOL(km_state_expired);
950 /*
951 * We send to all registered managers regardless of failure
952 * We are happy with one success
953 */
954 int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol)
955 {
956 int err = -EINVAL, acqret;
957 struct xfrm_mgr *km;
958
959 read_lock(&xfrm_km_lock);
960 list_for_each_entry(km, &xfrm_km_list, list) {
961 acqret = km->acquire(x, t, pol, XFRM_POLICY_OUT);
962 if (!acqret)
963 err = acqret;
964 }
965 read_unlock(&xfrm_km_lock);
966 return err;
967 }
968 EXPORT_SYMBOL(km_query);
969
970 int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport)
971 {
972 int err = -EINVAL;
973 struct xfrm_mgr *km;
974
975 read_lock(&xfrm_km_lock);
976 list_for_each_entry(km, &xfrm_km_list, list) {
977 if (km->new_mapping)
978 err = km->new_mapping(x, ipaddr, sport);
979 if (!err)
980 break;
981 }
982 read_unlock(&xfrm_km_lock);
983 return err;
984 }
985 EXPORT_SYMBOL(km_new_mapping);
986
987 void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 pid)
988 {
989 struct km_event c;
990
991 c.data.hard = hard;
992 c.pid = pid;
993 c.event = XFRM_MSG_POLEXPIRE;
994 km_policy_notify(pol, dir, &c);
995
996 if (hard)
997 wake_up(&km_waitq);
998 }
999 EXPORT_SYMBOL(km_policy_expired);
1000
1001 int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optval, int optlen)
1002 {
1003 int err;
1004 u8 *data;
1005 struct xfrm_mgr *km;
1006 struct xfrm_policy *pol = NULL;
1007
1008 if (optlen <= 0 || optlen > PAGE_SIZE)
1009 return -EMSGSIZE;
1010
1011 data = kmalloc(optlen, GFP_KERNEL);
1012 if (!data)
1013 return -ENOMEM;
1014
1015 err = -EFAULT;
1016 if (copy_from_user(data, optval, optlen))
1017 goto out;
1018
1019 err = -EINVAL;
1020 read_lock(&xfrm_km_lock);
1021 list_for_each_entry(km, &xfrm_km_list, list) {
1022 pol = km->compile_policy(sk->sk_family, optname, data,
1023 optlen, &err);
1024 if (err >= 0)
1025 break;
1026 }
1027 read_unlock(&xfrm_km_lock);
1028
1029 if (err >= 0) {
1030 xfrm_sk_policy_insert(sk, err, pol);
1031 xfrm_pol_put(pol);
1032 err = 0;
1033 }
1034
1035 out:
1036 kfree(data);
1037 return err;
1038 }
1039 EXPORT_SYMBOL(xfrm_user_policy);
1040
1041 int xfrm_register_km(struct xfrm_mgr *km)
1042 {
1043 write_lock_bh(&xfrm_km_lock);
1044 list_add_tail(&km->list, &xfrm_km_list);
1045 write_unlock_bh(&xfrm_km_lock);
1046 return 0;
1047 }
1048 EXPORT_SYMBOL(xfrm_register_km);
1049
1050 int xfrm_unregister_km(struct xfrm_mgr *km)
1051 {
1052 write_lock_bh(&xfrm_km_lock);
1053 list_del(&km->list);
1054 write_unlock_bh(&xfrm_km_lock);
1055 return 0;
1056 }
1057 EXPORT_SYMBOL(xfrm_unregister_km);
1058
1059 int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo)
1060 {
1061 int err = 0;
1062 if (unlikely(afinfo == NULL))
1063 return -EINVAL;
1064 if (unlikely(afinfo->family >= NPROTO))
1065 return -EAFNOSUPPORT;
1066 write_lock_bh(&xfrm_state_afinfo_lock);
1067 if (unlikely(xfrm_state_afinfo[afinfo->family] != NULL))
1068 err = -ENOBUFS;
1069 else {
1070 afinfo->state_bydst = xfrm_state_bydst;
1071 afinfo->state_byspi = xfrm_state_byspi;
1072 xfrm_state_afinfo[afinfo->family] = afinfo;
1073 }
1074 write_unlock_bh(&xfrm_state_afinfo_lock);
1075 return err;
1076 }
1077 EXPORT_SYMBOL(xfrm_state_register_afinfo);
1078
1079 int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo *afinfo)
1080 {
1081 int err = 0;
1082 if (unlikely(afinfo == NULL))
1083 return -EINVAL;
1084 if (unlikely(afinfo->family >= NPROTO))
1085 return -EAFNOSUPPORT;
1086 write_lock_bh(&xfrm_state_afinfo_lock);
1087 if (likely(xfrm_state_afinfo[afinfo->family] != NULL)) {
1088 if (unlikely(xfrm_state_afinfo[afinfo->family] != afinfo))
1089 err = -EINVAL;
1090 else {
1091 xfrm_state_afinfo[afinfo->family] = NULL;
1092 afinfo->state_byspi = NULL;
1093 afinfo->state_bydst = NULL;
1094 }
1095 }
1096 write_unlock_bh(&xfrm_state_afinfo_lock);
1097 return err;
1098 }
1099 EXPORT_SYMBOL(xfrm_state_unregister_afinfo);
1100
1101 static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family)
1102 {
1103 struct xfrm_state_afinfo *afinfo;
1104 if (unlikely(family >= NPROTO))
1105 return NULL;
1106 read_lock(&xfrm_state_afinfo_lock);
1107 afinfo = xfrm_state_afinfo[family];
1108 if (unlikely(!afinfo))
1109 read_unlock(&xfrm_state_afinfo_lock);
1110 return afinfo;
1111 }
1112
1113 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo)
1114 {
1115 read_unlock(&xfrm_state_afinfo_lock);
1116 }
1117
1118 /* Temporarily located here until net/xfrm/xfrm_tunnel.c is created */
1119 void xfrm_state_delete_tunnel(struct xfrm_state *x)
1120 {
1121 if (x->tunnel) {
1122 struct xfrm_state *t = x->tunnel;
1123
1124 if (atomic_read(&t->tunnel_users) == 2)
1125 xfrm_state_delete(t);
1126 atomic_dec(&t->tunnel_users);
1127 xfrm_state_put(t);
1128 x->tunnel = NULL;
1129 }
1130 }
1131 EXPORT_SYMBOL(xfrm_state_delete_tunnel);
1132
1133 /*
1134 * This function is NOT optimal. For example, with ESP it will give an
1135 * MTU that's usually two bytes short of being optimal. However, it will
1136 * usually give an answer that's a multiple of 4 provided the input is
1137 * also a multiple of 4.
1138 */
1139 int xfrm_state_mtu(struct xfrm_state *x, int mtu)
1140 {
1141 int res = mtu;
1142
1143 res -= x->props.header_len;
1144
1145 for (;;) {
1146 int m = res;
1147
1148 if (m < 68)
1149 return 68;
1150
1151 spin_lock_bh(&x->lock);
1152 if (x->km.state == XFRM_STATE_VALID &&
1153 x->type && x->type->get_max_size)
1154 m = x->type->get_max_size(x, m);
1155 else
1156 m += x->props.header_len;
1157 spin_unlock_bh(&x->lock);
1158
1159 if (m <= mtu)
1160 break;
1161 res -= (m - mtu);
1162 }
1163
1164 return res;
1165 }
1166
1167 int xfrm_init_state(struct xfrm_state *x)
1168 {
1169 struct xfrm_state_afinfo *afinfo;
1170 int family = x->props.family;
1171 int err;
1172
1173 err = -EAFNOSUPPORT;
1174 afinfo = xfrm_state_get_afinfo(family);
1175 if (!afinfo)
1176 goto error;
1177
1178 err = 0;
1179 if (afinfo->init_flags)
1180 err = afinfo->init_flags(x);
1181
1182 xfrm_state_put_afinfo(afinfo);
1183
1184 if (err)
1185 goto error;
1186
1187 err = -EPROTONOSUPPORT;
1188 x->type = xfrm_get_type(x->id.proto, family);
1189 if (x->type == NULL)
1190 goto error;
1191
1192 err = x->type->init_state(x);
1193 if (err)
1194 goto error;
1195
1196 x->mode = xfrm_get_mode(x->props.mode, family);
1197 if (x->mode == NULL)
1198 goto error;
1199
1200 x->km.state = XFRM_STATE_VALID;
1201
1202 error:
1203 return err;
1204 }
1205
1206 EXPORT_SYMBOL(xfrm_init_state);
1207
1208 void __init xfrm_state_init(void)
1209 {
1210 int i;
1211
1212 for (i=0; i<XFRM_DST_HSIZE; i++) {
1213 INIT_LIST_HEAD(&xfrm_state_bydst[i]);
1214 INIT_LIST_HEAD(&xfrm_state_byspi[i]);
1215 }
1216 INIT_WORK(&xfrm_state_gc_work, xfrm_state_gc_task, NULL);
1217 }
1218
Ubuntu Artful kernel mirror