]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blob - net/xfrm/xfrm_state.c
projects / mirror_ubuntu-artful-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'lro'
[mirror_ubuntu-artful-kernel.git] / net / xfrm / xfrm_state.c
1 /*
2 * xfrm_state.c
3 *
4 * Changes:
5 * Mitsuru KANDA @USAGI
6 * Kazunori MIYAZAWA @USAGI
7 * Kunihiro Ishiguro <kunihiro@ipinfusion.com>
8 * IPv6 support
9 * YOSHIFUJI Hideaki @USAGI
10 * Split up af-specific functions
11 * Derek Atkins <derek@ihtfp.com>
12 * Add UDP Encapsulation
13 *
14 */
15
16 #include <linux/workqueue.h>
17 #include <net/xfrm.h>
18 #include <linux/pfkeyv2.h>
19 #include <linux/ipsec.h>
20 #include <linux/module.h>
21 #include <asm/uaccess.h>
22
23 /* Each xfrm_state may be linked to two tables:
24
25 1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl)
26 2. Hash table by daddr to find what SAs exist for given
27 destination/tunnel endpoint. (output)
28 */
29
30 static DEFINE_SPINLOCK(xfrm_state_lock);
31
32 /* Hash table to find appropriate SA towards given target (endpoint
33 * of tunnel or destination of transport mode) allowed by selector.
34 *
35 * Main use is finding SA after policy selected tunnel or transport mode.
36 * Also, it can be used by ah/esp icmp error handler to find offending SA.
37 */
38 static struct list_head xfrm_state_bydst[XFRM_DST_HSIZE];
39 static struct list_head xfrm_state_byspi[XFRM_DST_HSIZE];
40
41 DECLARE_WAIT_QUEUE_HEAD(km_waitq);
42 EXPORT_SYMBOL(km_waitq);
43
44 static DEFINE_RWLOCK(xfrm_state_afinfo_lock);
45 static struct xfrm_state_afinfo *xfrm_state_afinfo[NPROTO];
46
47 static struct work_struct xfrm_state_gc_work;
48 static struct list_head xfrm_state_gc_list = LIST_HEAD_INIT(xfrm_state_gc_list);
49 static DEFINE_SPINLOCK(xfrm_state_gc_lock);
50
51 static int xfrm_state_gc_flush_bundles;
52
53 static int __xfrm_state_delete(struct xfrm_state *x);
54
55 static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family);
56 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo);
57
58 static int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol);
59 static void km_state_expired(struct xfrm_state *x, int hard);
60
61 static void xfrm_state_gc_destroy(struct xfrm_state *x)
62 {
63 if (del_timer(&x->timer))
64 BUG();
65 kfree(x->aalg);
66 kfree(x->ealg);
67 kfree(x->calg);
68 kfree(x->encap);
69 if (x->type) {
70 x->type->destructor(x);
71 xfrm_put_type(x->type);
72 }
73 security_xfrm_state_free(x);
74 kfree(x);
75 }
76
77 static void xfrm_state_gc_task(void *data)
78 {
79 struct xfrm_state *x;
80 struct list_head *entry, *tmp;
81 struct list_head gc_list = LIST_HEAD_INIT(gc_list);
82
83 if (xfrm_state_gc_flush_bundles) {
84 xfrm_state_gc_flush_bundles = 0;
85 xfrm_flush_bundles();
86 }
87
88 spin_lock_bh(&xfrm_state_gc_lock);
89 list_splice_init(&xfrm_state_gc_list, &gc_list);
90 spin_unlock_bh(&xfrm_state_gc_lock);
91
92 list_for_each_safe(entry, tmp, &gc_list) {
93 x = list_entry(entry, struct xfrm_state, bydst);
94 xfrm_state_gc_destroy(x);
95 }
96 wake_up(&km_waitq);
97 }
98
99 static inline unsigned long make_jiffies(long secs)
100 {
101 if (secs >= (MAX_SCHEDULE_TIMEOUT-1)/HZ)
102 return MAX_SCHEDULE_TIMEOUT-1;
103 else
104 return secs*HZ;
105 }
106
107 static void xfrm_timer_handler(unsigned long data)
108 {
109 struct xfrm_state *x = (struct xfrm_state*)data;
110 unsigned long now = (unsigned long)xtime.tv_sec;
111 long next = LONG_MAX;
112 int warn = 0;
113
114 spin_lock(&x->lock);
115 if (x->km.state == XFRM_STATE_DEAD)
116 goto out;
117 if (x->km.state == XFRM_STATE_EXPIRED)
118 goto expired;
119 if (x->lft.hard_add_expires_seconds) {
120 long tmo = x->lft.hard_add_expires_seconds +
121 x->curlft.add_time - now;
122 if (tmo <= 0)
123 goto expired;
124 if (tmo < next)
125 next = tmo;
126 }
127 if (x->lft.hard_use_expires_seconds) {
128 long tmo = x->lft.hard_use_expires_seconds +
129 (x->curlft.use_time ? : now) - now;
130 if (tmo <= 0)
131 goto expired;
132 if (tmo < next)
133 next = tmo;
134 }
135 if (x->km.dying)
136 goto resched;
137 if (x->lft.soft_add_expires_seconds) {
138 long tmo = x->lft.soft_add_expires_seconds +
139 x->curlft.add_time - now;
140 if (tmo <= 0)
141 warn = 1;
142 else if (tmo < next)
143 next = tmo;
144 }
145 if (x->lft.soft_use_expires_seconds) {
146 long tmo = x->lft.soft_use_expires_seconds +
147 (x->curlft.use_time ? : now) - now;
148 if (tmo <= 0)
149 warn = 1;
150 else if (tmo < next)
151 next = tmo;
152 }
153
154 x->km.dying = warn;
155 if (warn)
156 km_state_expired(x, 0);
157 resched:
158 if (next != LONG_MAX &&
159 !mod_timer(&x->timer, jiffies + make_jiffies(next)))
160 xfrm_state_hold(x);
161 goto out;
162
163 expired:
164 if (x->km.state == XFRM_STATE_ACQ && x->id.spi == 0) {
165 x->km.state = XFRM_STATE_EXPIRED;
166 wake_up(&km_waitq);
167 next = 2;
168 goto resched;
169 }
170 if (!__xfrm_state_delete(x) && x->id.spi)
171 km_state_expired(x, 1);
172
173 out:
174 spin_unlock(&x->lock);
175 xfrm_state_put(x);
176 }
177
178 struct xfrm_state *xfrm_state_alloc(void)
179 {
180 struct xfrm_state *x;
181
182 x = kmalloc(sizeof(struct xfrm_state), GFP_ATOMIC);
183
184 if (x) {
185 memset(x, 0, sizeof(struct xfrm_state));
186 atomic_set(&x->refcnt, 1);
187 atomic_set(&x->tunnel_users, 0);
188 INIT_LIST_HEAD(&x->bydst);
189 INIT_LIST_HEAD(&x->byspi);
190 init_timer(&x->timer);
191 x->timer.function = xfrm_timer_handler;
192 x->timer.data = (unsigned long)x;
193 x->curlft.add_time = (unsigned long)xtime.tv_sec;
194 x->lft.soft_byte_limit = XFRM_INF;
195 x->lft.soft_packet_limit = XFRM_INF;
196 x->lft.hard_byte_limit = XFRM_INF;
197 x->lft.hard_packet_limit = XFRM_INF;
198 spin_lock_init(&x->lock);
199 }
200 return x;
201 }
202 EXPORT_SYMBOL(xfrm_state_alloc);
203
204 void __xfrm_state_destroy(struct xfrm_state *x)
205 {
206 BUG_TRAP(x->km.state == XFRM_STATE_DEAD);
207
208 spin_lock_bh(&xfrm_state_gc_lock);
209 list_add(&x->bydst, &xfrm_state_gc_list);
210 spin_unlock_bh(&xfrm_state_gc_lock);
211 schedule_work(&xfrm_state_gc_work);
212 }
213 EXPORT_SYMBOL(__xfrm_state_destroy);
214
215 static int __xfrm_state_delete(struct xfrm_state *x)
216 {
217 int err = -ESRCH;
218
219 if (x->km.state != XFRM_STATE_DEAD) {
220 x->km.state = XFRM_STATE_DEAD;
221 spin_lock(&xfrm_state_lock);
222 list_del(&x->bydst);
223 __xfrm_state_put(x);
224 if (x->id.spi) {
225 list_del(&x->byspi);
226 __xfrm_state_put(x);
227 }
228 spin_unlock(&xfrm_state_lock);
229 if (del_timer(&x->timer))
230 __xfrm_state_put(x);
231
232 /* The number two in this test is the reference
233 * mentioned in the comment below plus the reference
234 * our caller holds. A larger value means that
235 * there are DSTs attached to this xfrm_state.
236 */
237 if (atomic_read(&x->refcnt) > 2) {
238 xfrm_state_gc_flush_bundles = 1;
239 schedule_work(&xfrm_state_gc_work);
240 }
241
242 /* All xfrm_state objects are created by xfrm_state_alloc.
243 * The xfrm_state_alloc call gives a reference, and that
244 * is what we are dropping here.
245 */
246 __xfrm_state_put(x);
247 err = 0;
248 }
249
250 return err;
251 }
252
253 int xfrm_state_delete(struct xfrm_state *x)
254 {
255 int err;
256
257 spin_lock_bh(&x->lock);
258 err = __xfrm_state_delete(x);
259 spin_unlock_bh(&x->lock);
260
261 return err;
262 }
263 EXPORT_SYMBOL(xfrm_state_delete);
264
265 void xfrm_state_flush(u8 proto)
266 {
267 int i;
268 struct xfrm_state *x;
269
270 spin_lock_bh(&xfrm_state_lock);
271 for (i = 0; i < XFRM_DST_HSIZE; i++) {
272 restart:
273 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
274 if (!xfrm_state_kern(x) &&
275 (proto == IPSEC_PROTO_ANY || x->id.proto == proto)) {
276 xfrm_state_hold(x);
277 spin_unlock_bh(&xfrm_state_lock);
278
279 xfrm_state_delete(x);
280 xfrm_state_put(x);
281
282 spin_lock_bh(&xfrm_state_lock);
283 goto restart;
284 }
285 }
286 }
287 spin_unlock_bh(&xfrm_state_lock);
288 wake_up(&km_waitq);
289 }
290 EXPORT_SYMBOL(xfrm_state_flush);
291
292 static int
293 xfrm_init_tempsel(struct xfrm_state *x, struct flowi *fl,
294 struct xfrm_tmpl *tmpl,
295 xfrm_address_t *daddr, xfrm_address_t *saddr,
296 unsigned short family)
297 {
298 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
299 if (!afinfo)
300 return -1;
301 afinfo->init_tempsel(x, fl, tmpl, daddr, saddr);
302 xfrm_state_put_afinfo(afinfo);
303 return 0;
304 }
305
306 struct xfrm_state *
307 xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
308 struct flowi *fl, struct xfrm_tmpl *tmpl,
309 struct xfrm_policy *pol, int *err,
310 unsigned short family)
311 {
312 unsigned h = xfrm_dst_hash(daddr, family);
313 struct xfrm_state *x, *x0;
314 int acquire_in_progress = 0;
315 int error = 0;
316 struct xfrm_state *best = NULL;
317 struct xfrm_state_afinfo *afinfo;
318
319 afinfo = xfrm_state_get_afinfo(family);
320 if (afinfo == NULL) {
321 *err = -EAFNOSUPPORT;
322 return NULL;
323 }
324
325 spin_lock_bh(&xfrm_state_lock);
326 list_for_each_entry(x, xfrm_state_bydst+h, bydst) {
327 if (x->props.family == family &&
328 x->props.reqid == tmpl->reqid &&
329 xfrm_state_addr_check(x, daddr, saddr, family) &&
330 tmpl->mode == x->props.mode &&
331 tmpl->id.proto == x->id.proto &&
332 (tmpl->id.spi == x->id.spi || !tmpl->id.spi)) {
333 /* Resolution logic:
334 1. There is a valid state with matching selector.
335 Done.
336 2. Valid state with inappropriate selector. Skip.
337
338 Entering area of "sysdeps".
339
340 3. If state is not valid, selector is temporary,
341 it selects only session which triggered
342 previous resolution. Key manager will do
343 something to install a state with proper
344 selector.
345 */
346 if (x->km.state == XFRM_STATE_VALID) {
347 if (!xfrm_selector_match(&x->sel, fl, family) ||
348 !xfrm_sec_ctx_match(pol->security, x->security))
349 continue;
350 if (!best ||
351 best->km.dying > x->km.dying ||
352 (best->km.dying == x->km.dying &&
353 best->curlft.add_time < x->curlft.add_time))
354 best = x;
355 } else if (x->km.state == XFRM_STATE_ACQ) {
356 acquire_in_progress = 1;
357 } else if (x->km.state == XFRM_STATE_ERROR ||
358 x->km.state == XFRM_STATE_EXPIRED) {
359 if (xfrm_selector_match(&x->sel, fl, family) &&
360 xfrm_sec_ctx_match(pol->security, x->security))
361 error = -ESRCH;
362 }
363 }
364 }
365
366 x = best;
367 if (!x && !error && !acquire_in_progress) {
368 if (tmpl->id.spi &&
369 (x0 = afinfo->state_lookup(daddr, tmpl->id.spi,
370 tmpl->id.proto)) != NULL) {
371 xfrm_state_put(x0);
372 error = -EEXIST;
373 goto out;
374 }
375 x = xfrm_state_alloc();
376 if (x == NULL) {
377 error = -ENOMEM;
378 goto out;
379 }
380 /* Initialize temporary selector matching only
381 * to current session. */
382 xfrm_init_tempsel(x, fl, tmpl, daddr, saddr, family);
383
384 if (km_query(x, tmpl, pol) == 0) {
385 x->km.state = XFRM_STATE_ACQ;
386 list_add_tail(&x->bydst, xfrm_state_bydst+h);
387 xfrm_state_hold(x);
388 if (x->id.spi) {
389 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, family);
390 list_add(&x->byspi, xfrm_state_byspi+h);
391 xfrm_state_hold(x);
392 }
393 x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES;
394 xfrm_state_hold(x);
395 x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ;
396 add_timer(&x->timer);
397 } else {
398 x->km.state = XFRM_STATE_DEAD;
399 xfrm_state_put(x);
400 x = NULL;
401 error = -ESRCH;
402 }
403 }
404 out:
405 if (x)
406 xfrm_state_hold(x);
407 else
408 *err = acquire_in_progress ? -EAGAIN : error;
409 spin_unlock_bh(&xfrm_state_lock);
410 xfrm_state_put_afinfo(afinfo);
411 return x;
412 }
413
414 static void __xfrm_state_insert(struct xfrm_state *x)
415 {
416 unsigned h = xfrm_dst_hash(&x->id.daddr, x->props.family);
417
418 list_add(&x->bydst, xfrm_state_bydst+h);
419 xfrm_state_hold(x);
420
421 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, x->props.family);
422
423 list_add(&x->byspi, xfrm_state_byspi+h);
424 xfrm_state_hold(x);
425
426 if (!mod_timer(&x->timer, jiffies + HZ))
427 xfrm_state_hold(x);
428
429 wake_up(&km_waitq);
430 }
431
432 void xfrm_state_insert(struct xfrm_state *x)
433 {
434 spin_lock_bh(&xfrm_state_lock);
435 __xfrm_state_insert(x);
436 spin_unlock_bh(&xfrm_state_lock);
437
438 xfrm_flush_all_bundles();
439 }
440 EXPORT_SYMBOL(xfrm_state_insert);
441
442 static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq);
443
444 int xfrm_state_add(struct xfrm_state *x)
445 {
446 struct xfrm_state_afinfo *afinfo;
447 struct xfrm_state *x1;
448 int family;
449 int err;
450
451 family = x->props.family;
452 afinfo = xfrm_state_get_afinfo(family);
453 if (unlikely(afinfo == NULL))
454 return -EAFNOSUPPORT;
455
456 spin_lock_bh(&xfrm_state_lock);
457
458 x1 = afinfo->state_lookup(&x->id.daddr, x->id.spi, x->id.proto);
459 if (x1) {
460 xfrm_state_put(x1);
461 x1 = NULL;
462 err = -EEXIST;
463 goto out;
464 }
465
466 if (x->km.seq) {
467 x1 = __xfrm_find_acq_byseq(x->km.seq);
468 if (x1 && xfrm_addr_cmp(&x1->id.daddr, &x->id.daddr, family)) {
469 xfrm_state_put(x1);
470 x1 = NULL;
471 }
472 }
473
474 if (!x1)
475 x1 = afinfo->find_acq(
476 x->props.mode, x->props.reqid, x->id.proto,
477 &x->id.daddr, &x->props.saddr, 0);
478
479 __xfrm_state_insert(x);
480 err = 0;
481
482 out:
483 spin_unlock_bh(&xfrm_state_lock);
484 xfrm_state_put_afinfo(afinfo);
485
486 if (!err)
487 xfrm_flush_all_bundles();
488
489 if (x1) {
490 xfrm_state_delete(x1);
491 xfrm_state_put(x1);
492 }
493
494 return err;
495 }
496 EXPORT_SYMBOL(xfrm_state_add);
497
498 int xfrm_state_update(struct xfrm_state *x)
499 {
500 struct xfrm_state_afinfo *afinfo;
501 struct xfrm_state *x1;
502 int err;
503
504 afinfo = xfrm_state_get_afinfo(x->props.family);
505 if (unlikely(afinfo == NULL))
506 return -EAFNOSUPPORT;
507
508 spin_lock_bh(&xfrm_state_lock);
509 x1 = afinfo->state_lookup(&x->id.daddr, x->id.spi, x->id.proto);
510
511 err = -ESRCH;
512 if (!x1)
513 goto out;
514
515 if (xfrm_state_kern(x1)) {
516 xfrm_state_put(x1);
517 err = -EEXIST;
518 goto out;
519 }
520
521 if (x1->km.state == XFRM_STATE_ACQ) {
522 __xfrm_state_insert(x);
523 x = NULL;
524 }
525 err = 0;
526
527 out:
528 spin_unlock_bh(&xfrm_state_lock);
529 xfrm_state_put_afinfo(afinfo);
530
531 if (err)
532 return err;
533
534 if (!x) {
535 xfrm_state_delete(x1);
536 xfrm_state_put(x1);
537 return 0;
538 }
539
540 err = -EINVAL;
541 spin_lock_bh(&x1->lock);
542 if (likely(x1->km.state == XFRM_STATE_VALID)) {
543 if (x->encap && x1->encap)
544 memcpy(x1->encap, x->encap, sizeof(*x1->encap));
545 memcpy(&x1->lft, &x->lft, sizeof(x1->lft));
546 x1->km.dying = 0;
547
548 if (!mod_timer(&x1->timer, jiffies + HZ))
549 xfrm_state_hold(x1);
550 if (x1->curlft.use_time)
551 xfrm_state_check_expire(x1);
552
553 err = 0;
554 }
555 spin_unlock_bh(&x1->lock);
556
557 xfrm_state_put(x1);
558
559 return err;
560 }
561 EXPORT_SYMBOL(xfrm_state_update);
562
563 int xfrm_state_check_expire(struct xfrm_state *x)
564 {
565 if (!x->curlft.use_time)
566 x->curlft.use_time = (unsigned long)xtime.tv_sec;
567
568 if (x->km.state != XFRM_STATE_VALID)
569 return -EINVAL;
570
571 if (x->curlft.bytes >= x->lft.hard_byte_limit ||
572 x->curlft.packets >= x->lft.hard_packet_limit) {
573 x->km.state = XFRM_STATE_EXPIRED;
574 if (!mod_timer(&x->timer, jiffies))
575 xfrm_state_hold(x);
576 return -EINVAL;
577 }
578
579 if (!x->km.dying &&
580 (x->curlft.bytes >= x->lft.soft_byte_limit ||
581 x->curlft.packets >= x->lft.soft_packet_limit)) {
582 x->km.dying = 1;
583 km_state_expired(x, 0);
584 }
585 return 0;
586 }
587 EXPORT_SYMBOL(xfrm_state_check_expire);
588
589 static int xfrm_state_check_space(struct xfrm_state *x, struct sk_buff *skb)
590 {
591 int nhead = x->props.header_len + LL_RESERVED_SPACE(skb->dst->dev)
592 - skb_headroom(skb);
593
594 if (nhead > 0)
595 return pskb_expand_head(skb, nhead, 0, GFP_ATOMIC);
596
597 /* Check tail too... */
598 return 0;
599 }
600
601 int xfrm_state_check(struct xfrm_state *x, struct sk_buff *skb)
602 {
603 int err = xfrm_state_check_expire(x);
604 if (err < 0)
605 goto err;
606 err = xfrm_state_check_space(x, skb);
607 err:
608 return err;
609 }
610 EXPORT_SYMBOL(xfrm_state_check);
611
612 struct xfrm_state *
613 xfrm_state_lookup(xfrm_address_t *daddr, u32 spi, u8 proto,
614 unsigned short family)
615 {
616 struct xfrm_state *x;
617 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
618 if (!afinfo)
619 return NULL;
620
621 spin_lock_bh(&xfrm_state_lock);
622 x = afinfo->state_lookup(daddr, spi, proto);
623 spin_unlock_bh(&xfrm_state_lock);
624 xfrm_state_put_afinfo(afinfo);
625 return x;
626 }
627 EXPORT_SYMBOL(xfrm_state_lookup);
628
629 struct xfrm_state *
630 xfrm_find_acq(u8 mode, u32 reqid, u8 proto,
631 xfrm_address_t *daddr, xfrm_address_t *saddr,
632 int create, unsigned short family)
633 {
634 struct xfrm_state *x;
635 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
636 if (!afinfo)
637 return NULL;
638
639 spin_lock_bh(&xfrm_state_lock);
640 x = afinfo->find_acq(mode, reqid, proto, daddr, saddr, create);
641 spin_unlock_bh(&xfrm_state_lock);
642 xfrm_state_put_afinfo(afinfo);
643 return x;
644 }
645 EXPORT_SYMBOL(xfrm_find_acq);
646
647 /* Silly enough, but I'm lazy to build resolution list */
648
649 static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq)
650 {
651 int i;
652 struct xfrm_state *x;
653
654 for (i = 0; i < XFRM_DST_HSIZE; i++) {
655 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
656 if (x->km.seq == seq && x->km.state == XFRM_STATE_ACQ) {
657 xfrm_state_hold(x);
658 return x;
659 }
660 }
661 }
662 return NULL;
663 }
664
665 struct xfrm_state *xfrm_find_acq_byseq(u32 seq)
666 {
667 struct xfrm_state *x;
668
669 spin_lock_bh(&xfrm_state_lock);
670 x = __xfrm_find_acq_byseq(seq);
671 spin_unlock_bh(&xfrm_state_lock);
672 return x;
673 }
674 EXPORT_SYMBOL(xfrm_find_acq_byseq);
675
676 u32 xfrm_get_acqseq(void)
677 {
678 u32 res;
679 static u32 acqseq;
680 static DEFINE_SPINLOCK(acqseq_lock);
681
682 spin_lock_bh(&acqseq_lock);
683 res = (++acqseq ? : ++acqseq);
684 spin_unlock_bh(&acqseq_lock);
685 return res;
686 }
687 EXPORT_SYMBOL(xfrm_get_acqseq);
688
689 void
690 xfrm_alloc_spi(struct xfrm_state *x, u32 minspi, u32 maxspi)
691 {
692 u32 h;
693 struct xfrm_state *x0;
694
695 if (x->id.spi)
696 return;
697
698 if (minspi == maxspi) {
699 x0 = xfrm_state_lookup(&x->id.daddr, minspi, x->id.proto, x->props.family);
700 if (x0) {
701 xfrm_state_put(x0);
702 return;
703 }
704 x->id.spi = minspi;
705 } else {
706 u32 spi = 0;
707 minspi = ntohl(minspi);
708 maxspi = ntohl(maxspi);
709 for (h=0; h<maxspi-minspi+1; h++) {
710 spi = minspi + net_random()%(maxspi-minspi+1);
711 x0 = xfrm_state_lookup(&x->id.daddr, htonl(spi), x->id.proto, x->props.family);
712 if (x0 == NULL) {
713 x->id.spi = htonl(spi);
714 break;
715 }
716 xfrm_state_put(x0);
717 }
718 }
719 if (x->id.spi) {
720 spin_lock_bh(&xfrm_state_lock);
721 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, x->props.family);
722 list_add(&x->byspi, xfrm_state_byspi+h);
723 xfrm_state_hold(x);
724 spin_unlock_bh(&xfrm_state_lock);
725 wake_up(&km_waitq);
726 }
727 }
728 EXPORT_SYMBOL(xfrm_alloc_spi);
729
730 int xfrm_state_walk(u8 proto, int (*func)(struct xfrm_state *, int, void*),
731 void *data)
732 {
733 int i;
734 struct xfrm_state *x;
735 int count = 0;
736 int err = 0;
737
738 spin_lock_bh(&xfrm_state_lock);
739 for (i = 0; i < XFRM_DST_HSIZE; i++) {
740 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
741 if (proto == IPSEC_PROTO_ANY || x->id.proto == proto)
742 count++;
743 }
744 }
745 if (count == 0) {
746 err = -ENOENT;
747 goto out;
748 }
749
750 for (i = 0; i < XFRM_DST_HSIZE; i++) {
751 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
752 if (proto != IPSEC_PROTO_ANY && x->id.proto != proto)
753 continue;
754 err = func(x, --count, data);
755 if (err)
756 goto out;
757 }
758 }
759 out:
760 spin_unlock_bh(&xfrm_state_lock);
761 return err;
762 }
763 EXPORT_SYMBOL(xfrm_state_walk);
764
765 int xfrm_replay_check(struct xfrm_state *x, u32 seq)
766 {
767 u32 diff;
768
769 seq = ntohl(seq);
770
771 if (unlikely(seq == 0))
772 return -EINVAL;
773
774 if (likely(seq > x->replay.seq))
775 return 0;
776
777 diff = x->replay.seq - seq;
778 if (diff >= x->props.replay_window) {
779 x->stats.replay_window++;
780 return -EINVAL;
781 }
782
783 if (x->replay.bitmap & (1U << diff)) {
784 x->stats.replay++;
785 return -EINVAL;
786 }
787 return 0;
788 }
789 EXPORT_SYMBOL(xfrm_replay_check);
790
791 void xfrm_replay_advance(struct xfrm_state *x, u32 seq)
792 {
793 u32 diff;
794
795 seq = ntohl(seq);
796
797 if (seq > x->replay.seq) {
798 diff = seq - x->replay.seq;
799 if (diff < x->props.replay_window)
800 x->replay.bitmap = ((x->replay.bitmap) << diff) | 1;
801 else
802 x->replay.bitmap = 1;
803 x->replay.seq = seq;
804 } else {
805 diff = x->replay.seq - seq;
806 x->replay.bitmap |= (1U << diff);
807 }
808 }
809 EXPORT_SYMBOL(xfrm_replay_advance);
810
811 static struct list_head xfrm_km_list = LIST_HEAD_INIT(xfrm_km_list);
812 static DEFINE_RWLOCK(xfrm_km_lock);
813
814 void km_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c)
815 {
816 struct xfrm_mgr *km;
817
818 read_lock(&xfrm_km_lock);
819 list_for_each_entry(km, &xfrm_km_list, list)
820 if (km->notify_policy)
821 km->notify_policy(xp, dir, c);
822 read_unlock(&xfrm_km_lock);
823 }
824
825 void km_state_notify(struct xfrm_state *x, struct km_event *c)
826 {
827 struct xfrm_mgr *km;
828 read_lock(&xfrm_km_lock);
829 list_for_each_entry(km, &xfrm_km_list, list)
830 if (km->notify)
831 km->notify(x, c);
832 read_unlock(&xfrm_km_lock);
833 }
834
835 EXPORT_SYMBOL(km_policy_notify);
836 EXPORT_SYMBOL(km_state_notify);
837
838 static void km_state_expired(struct xfrm_state *x, int hard)
839 {
840 struct km_event c;
841
842 c.data.hard = hard;
843 c.event = XFRM_MSG_EXPIRE;
844 km_state_notify(x, &c);
845
846 if (hard)
847 wake_up(&km_waitq);
848 }
849
850 /*
851 * We send to all registered managers regardless of failure
852 * We are happy with one success
853 */
854 static int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol)
855 {
856 int err = -EINVAL, acqret;
857 struct xfrm_mgr *km;
858
859 read_lock(&xfrm_km_lock);
860 list_for_each_entry(km, &xfrm_km_list, list) {
861 acqret = km->acquire(x, t, pol, XFRM_POLICY_OUT);
862 if (!acqret)
863 err = acqret;
864 }
865 read_unlock(&xfrm_km_lock);
866 return err;
867 }
868
869 int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport)
870 {
871 int err = -EINVAL;
872 struct xfrm_mgr *km;
873
874 read_lock(&xfrm_km_lock);
875 list_for_each_entry(km, &xfrm_km_list, list) {
876 if (km->new_mapping)
877 err = km->new_mapping(x, ipaddr, sport);
878 if (!err)
879 break;
880 }
881 read_unlock(&xfrm_km_lock);
882 return err;
883 }
884 EXPORT_SYMBOL(km_new_mapping);
885
886 void km_policy_expired(struct xfrm_policy *pol, int dir, int hard)
887 {
888 struct km_event c;
889
890 c.data.hard = hard;
891 c.event = XFRM_MSG_POLEXPIRE;
892 km_policy_notify(pol, dir, &c);
893
894 if (hard)
895 wake_up(&km_waitq);
896 }
897
898 int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optval, int optlen)
899 {
900 int err;
901 u8 *data;
902 struct xfrm_mgr *km;
903 struct xfrm_policy *pol = NULL;
904
905 if (optlen <= 0 || optlen > PAGE_SIZE)
906 return -EMSGSIZE;
907
908 data = kmalloc(optlen, GFP_KERNEL);
909 if (!data)
910 return -ENOMEM;
911
912 err = -EFAULT;
913 if (copy_from_user(data, optval, optlen))
914 goto out;
915
916 err = -EINVAL;
917 read_lock(&xfrm_km_lock);
918 list_for_each_entry(km, &xfrm_km_list, list) {
919 pol = km->compile_policy(sk->sk_family, optname, data,
920 optlen, &err);
921 if (err >= 0)
922 break;
923 }
924 read_unlock(&xfrm_km_lock);
925
926 if (err >= 0) {
927 xfrm_sk_policy_insert(sk, err, pol);
928 xfrm_pol_put(pol);
929 err = 0;
930 }
931
932 out:
933 kfree(data);
934 return err;
935 }
936 EXPORT_SYMBOL(xfrm_user_policy);
937
938 int xfrm_register_km(struct xfrm_mgr *km)
939 {
940 write_lock_bh(&xfrm_km_lock);
941 list_add_tail(&km->list, &xfrm_km_list);
942 write_unlock_bh(&xfrm_km_lock);
943 return 0;
944 }
945 EXPORT_SYMBOL(xfrm_register_km);
946
947 int xfrm_unregister_km(struct xfrm_mgr *km)
948 {
949 write_lock_bh(&xfrm_km_lock);
950 list_del(&km->list);
951 write_unlock_bh(&xfrm_km_lock);
952 return 0;
953 }
954 EXPORT_SYMBOL(xfrm_unregister_km);
955
956 int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo)
957 {
958 int err = 0;
959 if (unlikely(afinfo == NULL))
960 return -EINVAL;
961 if (unlikely(afinfo->family >= NPROTO))
962 return -EAFNOSUPPORT;
963 write_lock(&xfrm_state_afinfo_lock);
964 if (unlikely(xfrm_state_afinfo[afinfo->family] != NULL))
965 err = -ENOBUFS;
966 else {
967 afinfo->state_bydst = xfrm_state_bydst;
968 afinfo->state_byspi = xfrm_state_byspi;
969 xfrm_state_afinfo[afinfo->family] = afinfo;
970 }
971 write_unlock(&xfrm_state_afinfo_lock);
972 return err;
973 }
974 EXPORT_SYMBOL(xfrm_state_register_afinfo);
975
976 int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo *afinfo)
977 {
978 int err = 0;
979 if (unlikely(afinfo == NULL))
980 return -EINVAL;
981 if (unlikely(afinfo->family >= NPROTO))
982 return -EAFNOSUPPORT;
983 write_lock(&xfrm_state_afinfo_lock);
984 if (likely(xfrm_state_afinfo[afinfo->family] != NULL)) {
985 if (unlikely(xfrm_state_afinfo[afinfo->family] != afinfo))
986 err = -EINVAL;
987 else {
988 xfrm_state_afinfo[afinfo->family] = NULL;
989 afinfo->state_byspi = NULL;
990 afinfo->state_bydst = NULL;
991 }
992 }
993 write_unlock(&xfrm_state_afinfo_lock);
994 return err;
995 }
996 EXPORT_SYMBOL(xfrm_state_unregister_afinfo);
997
998 static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family)
999 {
1000 struct xfrm_state_afinfo *afinfo;
1001 if (unlikely(family >= NPROTO))
1002 return NULL;
1003 read_lock(&xfrm_state_afinfo_lock);
1004 afinfo = xfrm_state_afinfo[family];
1005 if (likely(afinfo != NULL))
1006 read_lock(&afinfo->lock);
1007 read_unlock(&xfrm_state_afinfo_lock);
1008 return afinfo;
1009 }
1010
1011 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo)
1012 {
1013 if (unlikely(afinfo == NULL))
1014 return;
1015 read_unlock(&afinfo->lock);
1016 }
1017
1018 /* Temporarily located here until net/xfrm/xfrm_tunnel.c is created */
1019 void xfrm_state_delete_tunnel(struct xfrm_state *x)
1020 {
1021 if (x->tunnel) {
1022 struct xfrm_state *t = x->tunnel;
1023
1024 if (atomic_read(&t->tunnel_users) == 2)
1025 xfrm_state_delete(t);
1026 atomic_dec(&t->tunnel_users);
1027 xfrm_state_put(t);
1028 x->tunnel = NULL;
1029 }
1030 }
1031 EXPORT_SYMBOL(xfrm_state_delete_tunnel);
1032
1033 /*
1034 * This function is NOT optimal. For example, with ESP it will give an
1035 * MTU that's usually two bytes short of being optimal. However, it will
1036 * usually give an answer that's a multiple of 4 provided the input is
1037 * also a multiple of 4.
1038 */
1039 int xfrm_state_mtu(struct xfrm_state *x, int mtu)
1040 {
1041 int res = mtu;
1042
1043 res -= x->props.header_len;
1044
1045 for (;;) {
1046 int m = res;
1047
1048 if (m < 68)
1049 return 68;
1050
1051 spin_lock_bh(&x->lock);
1052 if (x->km.state == XFRM_STATE_VALID &&
1053 x->type && x->type->get_max_size)
1054 m = x->type->get_max_size(x, m);
1055 else
1056 m += x->props.header_len;
1057 spin_unlock_bh(&x->lock);
1058
1059 if (m <= mtu)
1060 break;
1061 res -= (m - mtu);
1062 }
1063
1064 return res;
1065 }
1066
1067 EXPORT_SYMBOL(xfrm_state_mtu);
1068
1069 int xfrm_init_state(struct xfrm_state *x)
1070 {
1071 struct xfrm_state_afinfo *afinfo;
1072 int family = x->props.family;
1073 int err;
1074
1075 err = -EAFNOSUPPORT;
1076 afinfo = xfrm_state_get_afinfo(family);
1077 if (!afinfo)
1078 goto error;
1079
1080 err = 0;
1081 if (afinfo->init_flags)
1082 err = afinfo->init_flags(x);
1083
1084 xfrm_state_put_afinfo(afinfo);
1085
1086 if (err)
1087 goto error;
1088
1089 err = -EPROTONOSUPPORT;
1090 x->type = xfrm_get_type(x->id.proto, family);
1091 if (x->type == NULL)
1092 goto error;
1093
1094 err = x->type->init_state(x);
1095 if (err)
1096 goto error;
1097
1098 x->km.state = XFRM_STATE_VALID;
1099
1100 error:
1101 return err;
1102 }
1103
1104 EXPORT_SYMBOL(xfrm_init_state);
1105
1106 void __init xfrm_state_init(void)
1107 {
1108 int i;
1109
1110 for (i=0; i<XFRM_DST_HSIZE; i++) {
1111 INIT_LIST_HEAD(&xfrm_state_bydst[i]);
1112 INIT_LIST_HEAD(&xfrm_state_byspi[i]);
1113 }
1114 INIT_WORK(&xfrm_state_gc_work, xfrm_state_gc_task, NULL);
1115 }
1116
Ubuntu Artful kernel mirror