]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blob - net/xfrm/xfrm_state.c
projects / mirror_ubuntu-artful-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
[XFRM] STATE: Add source address list.
[mirror_ubuntu-artful-kernel.git] / net / xfrm / xfrm_state.c
1 /*
2 * xfrm_state.c
3 *
4 * Changes:
5 * Mitsuru KANDA @USAGI
6 * Kazunori MIYAZAWA @USAGI
7 * Kunihiro Ishiguro <kunihiro@ipinfusion.com>
8 * IPv6 support
9 * YOSHIFUJI Hideaki @USAGI
10 * Split up af-specific functions
11 * Derek Atkins <derek@ihtfp.com>
12 * Add UDP Encapsulation
13 *
14 */
15
16 #include <linux/workqueue.h>
17 #include <net/xfrm.h>
18 #include <linux/pfkeyv2.h>
19 #include <linux/ipsec.h>
20 #include <linux/module.h>
21 #include <asm/uaccess.h>
22
23 struct sock *xfrm_nl;
24 EXPORT_SYMBOL(xfrm_nl);
25
26 u32 sysctl_xfrm_aevent_etime = XFRM_AE_ETIME;
27 EXPORT_SYMBOL(sysctl_xfrm_aevent_etime);
28
29 u32 sysctl_xfrm_aevent_rseqth = XFRM_AE_SEQT_SIZE;
30 EXPORT_SYMBOL(sysctl_xfrm_aevent_rseqth);
31
32 /* Each xfrm_state may be linked to two tables:
33
34 1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl)
35 2. Hash table by daddr to find what SAs exist for given
36 destination/tunnel endpoint. (output)
37 */
38
39 static DEFINE_SPINLOCK(xfrm_state_lock);
40
41 /* Hash table to find appropriate SA towards given target (endpoint
42 * of tunnel or destination of transport mode) allowed by selector.
43 *
44 * Main use is finding SA after policy selected tunnel or transport mode.
45 * Also, it can be used by ah/esp icmp error handler to find offending SA.
46 */
47 static struct list_head xfrm_state_bydst[XFRM_DST_HSIZE];
48 static struct list_head xfrm_state_bysrc[XFRM_DST_HSIZE];
49 static struct list_head xfrm_state_byspi[XFRM_DST_HSIZE];
50
51 DECLARE_WAIT_QUEUE_HEAD(km_waitq);
52 EXPORT_SYMBOL(km_waitq);
53
54 static DEFINE_RWLOCK(xfrm_state_afinfo_lock);
55 static struct xfrm_state_afinfo *xfrm_state_afinfo[NPROTO];
56
57 static struct work_struct xfrm_state_gc_work;
58 static struct list_head xfrm_state_gc_list = LIST_HEAD_INIT(xfrm_state_gc_list);
59 static DEFINE_SPINLOCK(xfrm_state_gc_lock);
60
61 static int xfrm_state_gc_flush_bundles;
62
63 int __xfrm_state_delete(struct xfrm_state *x);
64
65 static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family);
66 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo);
67
68 int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol);
69 void km_state_expired(struct xfrm_state *x, int hard, u32 pid);
70
71 static void xfrm_state_gc_destroy(struct xfrm_state *x)
72 {
73 if (del_timer(&x->timer))
74 BUG();
75 if (del_timer(&x->rtimer))
76 BUG();
77 kfree(x->aalg);
78 kfree(x->ealg);
79 kfree(x->calg);
80 kfree(x->encap);
81 if (x->mode)
82 xfrm_put_mode(x->mode);
83 if (x->type) {
84 x->type->destructor(x);
85 xfrm_put_type(x->type);
86 }
87 security_xfrm_state_free(x);
88 kfree(x);
89 }
90
91 static void xfrm_state_gc_task(void *data)
92 {
93 struct xfrm_state *x;
94 struct list_head *entry, *tmp;
95 struct list_head gc_list = LIST_HEAD_INIT(gc_list);
96
97 if (xfrm_state_gc_flush_bundles) {
98 xfrm_state_gc_flush_bundles = 0;
99 xfrm_flush_bundles();
100 }
101
102 spin_lock_bh(&xfrm_state_gc_lock);
103 list_splice_init(&xfrm_state_gc_list, &gc_list);
104 spin_unlock_bh(&xfrm_state_gc_lock);
105
106 list_for_each_safe(entry, tmp, &gc_list) {
107 x = list_entry(entry, struct xfrm_state, bydst);
108 xfrm_state_gc_destroy(x);
109 }
110 wake_up(&km_waitq);
111 }
112
113 static inline unsigned long make_jiffies(long secs)
114 {
115 if (secs >= (MAX_SCHEDULE_TIMEOUT-1)/HZ)
116 return MAX_SCHEDULE_TIMEOUT-1;
117 else
118 return secs*HZ;
119 }
120
121 static void xfrm_timer_handler(unsigned long data)
122 {
123 struct xfrm_state *x = (struct xfrm_state*)data;
124 unsigned long now = (unsigned long)xtime.tv_sec;
125 long next = LONG_MAX;
126 int warn = 0;
127
128 spin_lock(&x->lock);
129 if (x->km.state == XFRM_STATE_DEAD)
130 goto out;
131 if (x->km.state == XFRM_STATE_EXPIRED)
132 goto expired;
133 if (x->lft.hard_add_expires_seconds) {
134 long tmo = x->lft.hard_add_expires_seconds +
135 x->curlft.add_time - now;
136 if (tmo <= 0)
137 goto expired;
138 if (tmo < next)
139 next = tmo;
140 }
141 if (x->lft.hard_use_expires_seconds) {
142 long tmo = x->lft.hard_use_expires_seconds +
143 (x->curlft.use_time ? : now) - now;
144 if (tmo <= 0)
145 goto expired;
146 if (tmo < next)
147 next = tmo;
148 }
149 if (x->km.dying)
150 goto resched;
151 if (x->lft.soft_add_expires_seconds) {
152 long tmo = x->lft.soft_add_expires_seconds +
153 x->curlft.add_time - now;
154 if (tmo <= 0)
155 warn = 1;
156 else if (tmo < next)
157 next = tmo;
158 }
159 if (x->lft.soft_use_expires_seconds) {
160 long tmo = x->lft.soft_use_expires_seconds +
161 (x->curlft.use_time ? : now) - now;
162 if (tmo <= 0)
163 warn = 1;
164 else if (tmo < next)
165 next = tmo;
166 }
167
168 x->km.dying = warn;
169 if (warn)
170 km_state_expired(x, 0, 0);
171 resched:
172 if (next != LONG_MAX &&
173 !mod_timer(&x->timer, jiffies + make_jiffies(next)))
174 xfrm_state_hold(x);
175 goto out;
176
177 expired:
178 if (x->km.state == XFRM_STATE_ACQ && x->id.spi == 0) {
179 x->km.state = XFRM_STATE_EXPIRED;
180 wake_up(&km_waitq);
181 next = 2;
182 goto resched;
183 }
184 if (!__xfrm_state_delete(x) && x->id.spi)
185 km_state_expired(x, 1, 0);
186
187 out:
188 spin_unlock(&x->lock);
189 xfrm_state_put(x);
190 }
191
192 static void xfrm_replay_timer_handler(unsigned long data);
193
194 struct xfrm_state *xfrm_state_alloc(void)
195 {
196 struct xfrm_state *x;
197
198 x = kzalloc(sizeof(struct xfrm_state), GFP_ATOMIC);
199
200 if (x) {
201 atomic_set(&x->refcnt, 1);
202 atomic_set(&x->tunnel_users, 0);
203 INIT_LIST_HEAD(&x->bydst);
204 INIT_LIST_HEAD(&x->bysrc);
205 INIT_LIST_HEAD(&x->byspi);
206 init_timer(&x->timer);
207 x->timer.function = xfrm_timer_handler;
208 x->timer.data = (unsigned long)x;
209 init_timer(&x->rtimer);
210 x->rtimer.function = xfrm_replay_timer_handler;
211 x->rtimer.data = (unsigned long)x;
212 x->curlft.add_time = (unsigned long)xtime.tv_sec;
213 x->lft.soft_byte_limit = XFRM_INF;
214 x->lft.soft_packet_limit = XFRM_INF;
215 x->lft.hard_byte_limit = XFRM_INF;
216 x->lft.hard_packet_limit = XFRM_INF;
217 x->replay_maxage = 0;
218 x->replay_maxdiff = 0;
219 spin_lock_init(&x->lock);
220 }
221 return x;
222 }
223 EXPORT_SYMBOL(xfrm_state_alloc);
224
225 void __xfrm_state_destroy(struct xfrm_state *x)
226 {
227 BUG_TRAP(x->km.state == XFRM_STATE_DEAD);
228
229 spin_lock_bh(&xfrm_state_gc_lock);
230 list_add(&x->bydst, &xfrm_state_gc_list);
231 spin_unlock_bh(&xfrm_state_gc_lock);
232 schedule_work(&xfrm_state_gc_work);
233 }
234 EXPORT_SYMBOL(__xfrm_state_destroy);
235
236 int __xfrm_state_delete(struct xfrm_state *x)
237 {
238 int err = -ESRCH;
239
240 if (x->km.state != XFRM_STATE_DEAD) {
241 x->km.state = XFRM_STATE_DEAD;
242 spin_lock(&xfrm_state_lock);
243 list_del(&x->bydst);
244 __xfrm_state_put(x);
245 list_del(&x->bysrc);
246 __xfrm_state_put(x);
247 if (x->id.spi) {
248 list_del(&x->byspi);
249 __xfrm_state_put(x);
250 }
251 spin_unlock(&xfrm_state_lock);
252 if (del_timer(&x->timer))
253 __xfrm_state_put(x);
254 if (del_timer(&x->rtimer))
255 __xfrm_state_put(x);
256
257 /* The number two in this test is the reference
258 * mentioned in the comment below plus the reference
259 * our caller holds. A larger value means that
260 * there are DSTs attached to this xfrm_state.
261 */
262 if (atomic_read(&x->refcnt) > 2) {
263 xfrm_state_gc_flush_bundles = 1;
264 schedule_work(&xfrm_state_gc_work);
265 }
266
267 /* All xfrm_state objects are created by xfrm_state_alloc.
268 * The xfrm_state_alloc call gives a reference, and that
269 * is what we are dropping here.
270 */
271 __xfrm_state_put(x);
272 err = 0;
273 }
274
275 return err;
276 }
277 EXPORT_SYMBOL(__xfrm_state_delete);
278
279 int xfrm_state_delete(struct xfrm_state *x)
280 {
281 int err;
282
283 spin_lock_bh(&x->lock);
284 err = __xfrm_state_delete(x);
285 spin_unlock_bh(&x->lock);
286
287 return err;
288 }
289 EXPORT_SYMBOL(xfrm_state_delete);
290
291 void xfrm_state_flush(u8 proto)
292 {
293 int i;
294 struct xfrm_state *x;
295
296 spin_lock_bh(&xfrm_state_lock);
297 for (i = 0; i < XFRM_DST_HSIZE; i++) {
298 restart:
299 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
300 if (!xfrm_state_kern(x) &&
301 xfrm_id_proto_match(x->id.proto, proto)) {
302 xfrm_state_hold(x);
303 spin_unlock_bh(&xfrm_state_lock);
304
305 xfrm_state_delete(x);
306 xfrm_state_put(x);
307
308 spin_lock_bh(&xfrm_state_lock);
309 goto restart;
310 }
311 }
312 }
313 spin_unlock_bh(&xfrm_state_lock);
314 wake_up(&km_waitq);
315 }
316 EXPORT_SYMBOL(xfrm_state_flush);
317
318 static int
319 xfrm_init_tempsel(struct xfrm_state *x, struct flowi *fl,
320 struct xfrm_tmpl *tmpl,
321 xfrm_address_t *daddr, xfrm_address_t *saddr,
322 unsigned short family)
323 {
324 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
325 if (!afinfo)
326 return -1;
327 afinfo->init_tempsel(x, fl, tmpl, daddr, saddr);
328 xfrm_state_put_afinfo(afinfo);
329 return 0;
330 }
331
332 struct xfrm_state *
333 xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
334 struct flowi *fl, struct xfrm_tmpl *tmpl,
335 struct xfrm_policy *pol, int *err,
336 unsigned short family)
337 {
338 unsigned h = xfrm_dst_hash(daddr, family);
339 struct xfrm_state *x, *x0;
340 int acquire_in_progress = 0;
341 int error = 0;
342 struct xfrm_state *best = NULL;
343 struct xfrm_state_afinfo *afinfo;
344
345 afinfo = xfrm_state_get_afinfo(family);
346 if (afinfo == NULL) {
347 *err = -EAFNOSUPPORT;
348 return NULL;
349 }
350
351 spin_lock_bh(&xfrm_state_lock);
352 list_for_each_entry(x, xfrm_state_bydst+h, bydst) {
353 if (x->props.family == family &&
354 x->props.reqid == tmpl->reqid &&
355 xfrm_state_addr_check(x, daddr, saddr, family) &&
356 tmpl->mode == x->props.mode &&
357 tmpl->id.proto == x->id.proto &&
358 (tmpl->id.spi == x->id.spi || !tmpl->id.spi)) {
359 /* Resolution logic:
360 1. There is a valid state with matching selector.
361 Done.
362 2. Valid state with inappropriate selector. Skip.
363
364 Entering area of "sysdeps".
365
366 3. If state is not valid, selector is temporary,
367 it selects only session which triggered
368 previous resolution. Key manager will do
369 something to install a state with proper
370 selector.
371 */
372 if (x->km.state == XFRM_STATE_VALID) {
373 if (!xfrm_selector_match(&x->sel, fl, family) ||
374 !security_xfrm_state_pol_flow_match(x, pol, fl))
375 continue;
376 if (!best ||
377 best->km.dying > x->km.dying ||
378 (best->km.dying == x->km.dying &&
379 best->curlft.add_time < x->curlft.add_time))
380 best = x;
381 } else if (x->km.state == XFRM_STATE_ACQ) {
382 acquire_in_progress = 1;
383 } else if (x->km.state == XFRM_STATE_ERROR ||
384 x->km.state == XFRM_STATE_EXPIRED) {
385 if (xfrm_selector_match(&x->sel, fl, family) &&
386 security_xfrm_state_pol_flow_match(x, pol, fl))
387 error = -ESRCH;
388 }
389 }
390 }
391
392 x = best;
393 if (!x && !error && !acquire_in_progress) {
394 if (tmpl->id.spi &&
395 (x0 = afinfo->state_lookup(daddr, tmpl->id.spi,
396 tmpl->id.proto)) != NULL) {
397 xfrm_state_put(x0);
398 error = -EEXIST;
399 goto out;
400 }
401 x = xfrm_state_alloc();
402 if (x == NULL) {
403 error = -ENOMEM;
404 goto out;
405 }
406 /* Initialize temporary selector matching only
407 * to current session. */
408 xfrm_init_tempsel(x, fl, tmpl, daddr, saddr, family);
409
410 error = security_xfrm_state_alloc_acquire(x, pol->security, fl->secid);
411 if (error) {
412 x->km.state = XFRM_STATE_DEAD;
413 xfrm_state_put(x);
414 x = NULL;
415 goto out;
416 }
417
418 if (km_query(x, tmpl, pol) == 0) {
419 x->km.state = XFRM_STATE_ACQ;
420 list_add_tail(&x->bydst, xfrm_state_bydst+h);
421 xfrm_state_hold(x);
422 list_add_tail(&x->bysrc, xfrm_state_bysrc+h);
423 xfrm_state_hold(x);
424 if (x->id.spi) {
425 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, family);
426 list_add(&x->byspi, xfrm_state_byspi+h);
427 xfrm_state_hold(x);
428 }
429 x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES;
430 xfrm_state_hold(x);
431 x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ;
432 add_timer(&x->timer);
433 } else {
434 x->km.state = XFRM_STATE_DEAD;
435 xfrm_state_put(x);
436 x = NULL;
437 error = -ESRCH;
438 }
439 }
440 out:
441 if (x)
442 xfrm_state_hold(x);
443 else
444 *err = acquire_in_progress ? -EAGAIN : error;
445 spin_unlock_bh(&xfrm_state_lock);
446 xfrm_state_put_afinfo(afinfo);
447 return x;
448 }
449
450 static void __xfrm_state_insert(struct xfrm_state *x)
451 {
452 unsigned h = xfrm_dst_hash(&x->id.daddr, x->props.family);
453
454 list_add(&x->bydst, xfrm_state_bydst+h);
455 xfrm_state_hold(x);
456
457 h = xfrm_src_hash(&x->props.saddr, x->props.family);
458
459 list_add(&x->bysrc, xfrm_state_bysrc+h);
460 xfrm_state_hold(x);
461
462 if (xfrm_id_proto_match(x->id.proto, IPSEC_PROTO_ANY)) {
463 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto,
464 x->props.family);
465
466 list_add(&x->byspi, xfrm_state_byspi+h);
467 xfrm_state_hold(x);
468 }
469
470 if (!mod_timer(&x->timer, jiffies + HZ))
471 xfrm_state_hold(x);
472
473 if (x->replay_maxage &&
474 !mod_timer(&x->rtimer, jiffies + x->replay_maxage))
475 xfrm_state_hold(x);
476
477 wake_up(&km_waitq);
478 }
479
480 void xfrm_state_insert(struct xfrm_state *x)
481 {
482 spin_lock_bh(&xfrm_state_lock);
483 __xfrm_state_insert(x);
484 spin_unlock_bh(&xfrm_state_lock);
485
486 xfrm_flush_all_bundles();
487 }
488 EXPORT_SYMBOL(xfrm_state_insert);
489
490 static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq);
491
492 int xfrm_state_add(struct xfrm_state *x)
493 {
494 struct xfrm_state_afinfo *afinfo;
495 struct xfrm_state *x1;
496 int family;
497 int err;
498
499 family = x->props.family;
500 afinfo = xfrm_state_get_afinfo(family);
501 if (unlikely(afinfo == NULL))
502 return -EAFNOSUPPORT;
503
504 spin_lock_bh(&xfrm_state_lock);
505
506 x1 = afinfo->state_lookup(&x->id.daddr, x->id.spi, x->id.proto);
507 if (x1) {
508 xfrm_state_put(x1);
509 x1 = NULL;
510 err = -EEXIST;
511 goto out;
512 }
513
514 if (x->km.seq) {
515 x1 = __xfrm_find_acq_byseq(x->km.seq);
516 if (x1 && xfrm_addr_cmp(&x1->id.daddr, &x->id.daddr, family)) {
517 xfrm_state_put(x1);
518 x1 = NULL;
519 }
520 }
521
522 if (!x1)
523 x1 = afinfo->find_acq(
524 x->props.mode, x->props.reqid, x->id.proto,
525 &x->id.daddr, &x->props.saddr, 0);
526
527 __xfrm_state_insert(x);
528 err = 0;
529
530 out:
531 spin_unlock_bh(&xfrm_state_lock);
532 xfrm_state_put_afinfo(afinfo);
533
534 if (!err)
535 xfrm_flush_all_bundles();
536
537 if (x1) {
538 xfrm_state_delete(x1);
539 xfrm_state_put(x1);
540 }
541
542 return err;
543 }
544 EXPORT_SYMBOL(xfrm_state_add);
545
546 int xfrm_state_update(struct xfrm_state *x)
547 {
548 struct xfrm_state_afinfo *afinfo;
549 struct xfrm_state *x1;
550 int err;
551
552 afinfo = xfrm_state_get_afinfo(x->props.family);
553 if (unlikely(afinfo == NULL))
554 return -EAFNOSUPPORT;
555
556 spin_lock_bh(&xfrm_state_lock);
557 x1 = afinfo->state_lookup(&x->id.daddr, x->id.spi, x->id.proto);
558
559 err = -ESRCH;
560 if (!x1)
561 goto out;
562
563 if (xfrm_state_kern(x1)) {
564 xfrm_state_put(x1);
565 err = -EEXIST;
566 goto out;
567 }
568
569 if (x1->km.state == XFRM_STATE_ACQ) {
570 __xfrm_state_insert(x);
571 x = NULL;
572 }
573 err = 0;
574
575 out:
576 spin_unlock_bh(&xfrm_state_lock);
577 xfrm_state_put_afinfo(afinfo);
578
579 if (err)
580 return err;
581
582 if (!x) {
583 xfrm_state_delete(x1);
584 xfrm_state_put(x1);
585 return 0;
586 }
587
588 err = -EINVAL;
589 spin_lock_bh(&x1->lock);
590 if (likely(x1->km.state == XFRM_STATE_VALID)) {
591 if (x->encap && x1->encap)
592 memcpy(x1->encap, x->encap, sizeof(*x1->encap));
593 memcpy(&x1->lft, &x->lft, sizeof(x1->lft));
594 x1->km.dying = 0;
595
596 if (!mod_timer(&x1->timer, jiffies + HZ))
597 xfrm_state_hold(x1);
598 if (x1->curlft.use_time)
599 xfrm_state_check_expire(x1);
600
601 err = 0;
602 }
603 spin_unlock_bh(&x1->lock);
604
605 xfrm_state_put(x1);
606
607 return err;
608 }
609 EXPORT_SYMBOL(xfrm_state_update);
610
611 int xfrm_state_check_expire(struct xfrm_state *x)
612 {
613 if (!x->curlft.use_time)
614 x->curlft.use_time = (unsigned long)xtime.tv_sec;
615
616 if (x->km.state != XFRM_STATE_VALID)
617 return -EINVAL;
618
619 if (x->curlft.bytes >= x->lft.hard_byte_limit ||
620 x->curlft.packets >= x->lft.hard_packet_limit) {
621 x->km.state = XFRM_STATE_EXPIRED;
622 if (!mod_timer(&x->timer, jiffies))
623 xfrm_state_hold(x);
624 return -EINVAL;
625 }
626
627 if (!x->km.dying &&
628 (x->curlft.bytes >= x->lft.soft_byte_limit ||
629 x->curlft.packets >= x->lft.soft_packet_limit)) {
630 x->km.dying = 1;
631 km_state_expired(x, 0, 0);
632 }
633 return 0;
634 }
635 EXPORT_SYMBOL(xfrm_state_check_expire);
636
637 static int xfrm_state_check_space(struct xfrm_state *x, struct sk_buff *skb)
638 {
639 int nhead = x->props.header_len + LL_RESERVED_SPACE(skb->dst->dev)
640 - skb_headroom(skb);
641
642 if (nhead > 0)
643 return pskb_expand_head(skb, nhead, 0, GFP_ATOMIC);
644
645 /* Check tail too... */
646 return 0;
647 }
648
649 int xfrm_state_check(struct xfrm_state *x, struct sk_buff *skb)
650 {
651 int err = xfrm_state_check_expire(x);
652 if (err < 0)
653 goto err;
654 err = xfrm_state_check_space(x, skb);
655 err:
656 return err;
657 }
658 EXPORT_SYMBOL(xfrm_state_check);
659
660 struct xfrm_state *
661 xfrm_state_lookup(xfrm_address_t *daddr, u32 spi, u8 proto,
662 unsigned short family)
663 {
664 struct xfrm_state *x;
665 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
666 if (!afinfo)
667 return NULL;
668
669 spin_lock_bh(&xfrm_state_lock);
670 x = afinfo->state_lookup(daddr, spi, proto);
671 spin_unlock_bh(&xfrm_state_lock);
672 xfrm_state_put_afinfo(afinfo);
673 return x;
674 }
675 EXPORT_SYMBOL(xfrm_state_lookup);
676
677 struct xfrm_state *
678 xfrm_find_acq(u8 mode, u32 reqid, u8 proto,
679 xfrm_address_t *daddr, xfrm_address_t *saddr,
680 int create, unsigned short family)
681 {
682 struct xfrm_state *x;
683 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
684 if (!afinfo)
685 return NULL;
686
687 spin_lock_bh(&xfrm_state_lock);
688 x = afinfo->find_acq(mode, reqid, proto, daddr, saddr, create);
689 spin_unlock_bh(&xfrm_state_lock);
690 xfrm_state_put_afinfo(afinfo);
691 return x;
692 }
693 EXPORT_SYMBOL(xfrm_find_acq);
694
695 /* Silly enough, but I'm lazy to build resolution list */
696
697 static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq)
698 {
699 int i;
700 struct xfrm_state *x;
701
702 for (i = 0; i < XFRM_DST_HSIZE; i++) {
703 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
704 if (x->km.seq == seq && x->km.state == XFRM_STATE_ACQ) {
705 xfrm_state_hold(x);
706 return x;
707 }
708 }
709 }
710 return NULL;
711 }
712
713 struct xfrm_state *xfrm_find_acq_byseq(u32 seq)
714 {
715 struct xfrm_state *x;
716
717 spin_lock_bh(&xfrm_state_lock);
718 x = __xfrm_find_acq_byseq(seq);
719 spin_unlock_bh(&xfrm_state_lock);
720 return x;
721 }
722 EXPORT_SYMBOL(xfrm_find_acq_byseq);
723
724 u32 xfrm_get_acqseq(void)
725 {
726 u32 res;
727 static u32 acqseq;
728 static DEFINE_SPINLOCK(acqseq_lock);
729
730 spin_lock_bh(&acqseq_lock);
731 res = (++acqseq ? : ++acqseq);
732 spin_unlock_bh(&acqseq_lock);
733 return res;
734 }
735 EXPORT_SYMBOL(xfrm_get_acqseq);
736
737 void
738 xfrm_alloc_spi(struct xfrm_state *x, u32 minspi, u32 maxspi)
739 {
740 u32 h;
741 struct xfrm_state *x0;
742
743 if (x->id.spi)
744 return;
745
746 if (minspi == maxspi) {
747 x0 = xfrm_state_lookup(&x->id.daddr, minspi, x->id.proto, x->props.family);
748 if (x0) {
749 xfrm_state_put(x0);
750 return;
751 }
752 x->id.spi = minspi;
753 } else {
754 u32 spi = 0;
755 minspi = ntohl(minspi);
756 maxspi = ntohl(maxspi);
757 for (h=0; h<maxspi-minspi+1; h++) {
758 spi = minspi + net_random()%(maxspi-minspi+1);
759 x0 = xfrm_state_lookup(&x->id.daddr, htonl(spi), x->id.proto, x->props.family);
760 if (x0 == NULL) {
761 x->id.spi = htonl(spi);
762 break;
763 }
764 xfrm_state_put(x0);
765 }
766 }
767 if (x->id.spi) {
768 spin_lock_bh(&xfrm_state_lock);
769 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, x->props.family);
770 list_add(&x->byspi, xfrm_state_byspi+h);
771 xfrm_state_hold(x);
772 spin_unlock_bh(&xfrm_state_lock);
773 wake_up(&km_waitq);
774 }
775 }
776 EXPORT_SYMBOL(xfrm_alloc_spi);
777
778 int xfrm_state_walk(u8 proto, int (*func)(struct xfrm_state *, int, void*),
779 void *data)
780 {
781 int i;
782 struct xfrm_state *x;
783 int count = 0;
784 int err = 0;
785
786 spin_lock_bh(&xfrm_state_lock);
787 for (i = 0; i < XFRM_DST_HSIZE; i++) {
788 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
789 if (xfrm_id_proto_match(x->id.proto, proto))
790 count++;
791 }
792 }
793 if (count == 0) {
794 err = -ENOENT;
795 goto out;
796 }
797
798 for (i = 0; i < XFRM_DST_HSIZE; i++) {
799 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
800 if (!xfrm_id_proto_match(x->id.proto, proto))
801 continue;
802 err = func(x, --count, data);
803 if (err)
804 goto out;
805 }
806 }
807 out:
808 spin_unlock_bh(&xfrm_state_lock);
809 return err;
810 }
811 EXPORT_SYMBOL(xfrm_state_walk);
812
813
814 void xfrm_replay_notify(struct xfrm_state *x, int event)
815 {
816 struct km_event c;
817 /* we send notify messages in case
818 * 1. we updated on of the sequence numbers, and the seqno difference
819 * is at least x->replay_maxdiff, in this case we also update the
820 * timeout of our timer function
821 * 2. if x->replay_maxage has elapsed since last update,
822 * and there were changes
823 *
824 * The state structure must be locked!
825 */
826
827 switch (event) {
828 case XFRM_REPLAY_UPDATE:
829 if (x->replay_maxdiff &&
830 (x->replay.seq - x->preplay.seq < x->replay_maxdiff) &&
831 (x->replay.oseq - x->preplay.oseq < x->replay_maxdiff)) {
832 if (x->xflags & XFRM_TIME_DEFER)
833 event = XFRM_REPLAY_TIMEOUT;
834 else
835 return;
836 }
837
838 break;
839
840 case XFRM_REPLAY_TIMEOUT:
841 if ((x->replay.seq == x->preplay.seq) &&
842 (x->replay.bitmap == x->preplay.bitmap) &&
843 (x->replay.oseq == x->preplay.oseq)) {
844 x->xflags |= XFRM_TIME_DEFER;
845 return;
846 }
847
848 break;
849 }
850
851 memcpy(&x->preplay, &x->replay, sizeof(struct xfrm_replay_state));
852 c.event = XFRM_MSG_NEWAE;
853 c.data.aevent = event;
854 km_state_notify(x, &c);
855
856 if (x->replay_maxage &&
857 !mod_timer(&x->rtimer, jiffies + x->replay_maxage)) {
858 xfrm_state_hold(x);
859 x->xflags &= ~XFRM_TIME_DEFER;
860 }
861 }
862 EXPORT_SYMBOL(xfrm_replay_notify);
863
864 static void xfrm_replay_timer_handler(unsigned long data)
865 {
866 struct xfrm_state *x = (struct xfrm_state*)data;
867
868 spin_lock(&x->lock);
869
870 if (x->km.state == XFRM_STATE_VALID) {
871 if (xfrm_aevent_is_on())
872 xfrm_replay_notify(x, XFRM_REPLAY_TIMEOUT);
873 else
874 x->xflags |= XFRM_TIME_DEFER;
875 }
876
877 spin_unlock(&x->lock);
878 xfrm_state_put(x);
879 }
880
881 int xfrm_replay_check(struct xfrm_state *x, u32 seq)
882 {
883 u32 diff;
884
885 seq = ntohl(seq);
886
887 if (unlikely(seq == 0))
888 return -EINVAL;
889
890 if (likely(seq > x->replay.seq))
891 return 0;
892
893 diff = x->replay.seq - seq;
894 if (diff >= x->props.replay_window) {
895 x->stats.replay_window++;
896 return -EINVAL;
897 }
898
899 if (x->replay.bitmap & (1U << diff)) {
900 x->stats.replay++;
901 return -EINVAL;
902 }
903 return 0;
904 }
905 EXPORT_SYMBOL(xfrm_replay_check);
906
907 void xfrm_replay_advance(struct xfrm_state *x, u32 seq)
908 {
909 u32 diff;
910
911 seq = ntohl(seq);
912
913 if (seq > x->replay.seq) {
914 diff = seq - x->replay.seq;
915 if (diff < x->props.replay_window)
916 x->replay.bitmap = ((x->replay.bitmap) << diff) | 1;
917 else
918 x->replay.bitmap = 1;
919 x->replay.seq = seq;
920 } else {
921 diff = x->replay.seq - seq;
922 x->replay.bitmap |= (1U << diff);
923 }
924
925 if (xfrm_aevent_is_on())
926 xfrm_replay_notify(x, XFRM_REPLAY_UPDATE);
927 }
928 EXPORT_SYMBOL(xfrm_replay_advance);
929
930 static struct list_head xfrm_km_list = LIST_HEAD_INIT(xfrm_km_list);
931 static DEFINE_RWLOCK(xfrm_km_lock);
932
933 void km_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c)
934 {
935 struct xfrm_mgr *km;
936
937 read_lock(&xfrm_km_lock);
938 list_for_each_entry(km, &xfrm_km_list, list)
939 if (km->notify_policy)
940 km->notify_policy(xp, dir, c);
941 read_unlock(&xfrm_km_lock);
942 }
943
944 void km_state_notify(struct xfrm_state *x, struct km_event *c)
945 {
946 struct xfrm_mgr *km;
947 read_lock(&xfrm_km_lock);
948 list_for_each_entry(km, &xfrm_km_list, list)
949 if (km->notify)
950 km->notify(x, c);
951 read_unlock(&xfrm_km_lock);
952 }
953
954 EXPORT_SYMBOL(km_policy_notify);
955 EXPORT_SYMBOL(km_state_notify);
956
957 void km_state_expired(struct xfrm_state *x, int hard, u32 pid)
958 {
959 struct km_event c;
960
961 c.data.hard = hard;
962 c.pid = pid;
963 c.event = XFRM_MSG_EXPIRE;
964 km_state_notify(x, &c);
965
966 if (hard)
967 wake_up(&km_waitq);
968 }
969
970 EXPORT_SYMBOL(km_state_expired);
971 /*
972 * We send to all registered managers regardless of failure
973 * We are happy with one success
974 */
975 int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol)
976 {
977 int err = -EINVAL, acqret;
978 struct xfrm_mgr *km;
979
980 read_lock(&xfrm_km_lock);
981 list_for_each_entry(km, &xfrm_km_list, list) {
982 acqret = km->acquire(x, t, pol, XFRM_POLICY_OUT);
983 if (!acqret)
984 err = acqret;
985 }
986 read_unlock(&xfrm_km_lock);
987 return err;
988 }
989 EXPORT_SYMBOL(km_query);
990
991 int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport)
992 {
993 int err = -EINVAL;
994 struct xfrm_mgr *km;
995
996 read_lock(&xfrm_km_lock);
997 list_for_each_entry(km, &xfrm_km_list, list) {
998 if (km->new_mapping)
999 err = km->new_mapping(x, ipaddr, sport);
1000 if (!err)
1001 break;
1002 }
1003 read_unlock(&xfrm_km_lock);
1004 return err;
1005 }
1006 EXPORT_SYMBOL(km_new_mapping);
1007
1008 void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 pid)
1009 {
1010 struct km_event c;
1011
1012 c.data.hard = hard;
1013 c.pid = pid;
1014 c.event = XFRM_MSG_POLEXPIRE;
1015 km_policy_notify(pol, dir, &c);
1016
1017 if (hard)
1018 wake_up(&km_waitq);
1019 }
1020 EXPORT_SYMBOL(km_policy_expired);
1021
1022 int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optval, int optlen)
1023 {
1024 int err;
1025 u8 *data;
1026 struct xfrm_mgr *km;
1027 struct xfrm_policy *pol = NULL;
1028
1029 if (optlen <= 0 || optlen > PAGE_SIZE)
1030 return -EMSGSIZE;
1031
1032 data = kmalloc(optlen, GFP_KERNEL);
1033 if (!data)
1034 return -ENOMEM;
1035
1036 err = -EFAULT;
1037 if (copy_from_user(data, optval, optlen))
1038 goto out;
1039
1040 err = -EINVAL;
1041 read_lock(&xfrm_km_lock);
1042 list_for_each_entry(km, &xfrm_km_list, list) {
1043 pol = km->compile_policy(sk, optname, data,
1044 optlen, &err);
1045 if (err >= 0)
1046 break;
1047 }
1048 read_unlock(&xfrm_km_lock);
1049
1050 if (err >= 0) {
1051 xfrm_sk_policy_insert(sk, err, pol);
1052 xfrm_pol_put(pol);
1053 err = 0;
1054 }
1055
1056 out:
1057 kfree(data);
1058 return err;
1059 }
1060 EXPORT_SYMBOL(xfrm_user_policy);
1061
1062 int xfrm_register_km(struct xfrm_mgr *km)
1063 {
1064 write_lock_bh(&xfrm_km_lock);
1065 list_add_tail(&km->list, &xfrm_km_list);
1066 write_unlock_bh(&xfrm_km_lock);
1067 return 0;
1068 }
1069 EXPORT_SYMBOL(xfrm_register_km);
1070
1071 int xfrm_unregister_km(struct xfrm_mgr *km)
1072 {
1073 write_lock_bh(&xfrm_km_lock);
1074 list_del(&km->list);
1075 write_unlock_bh(&xfrm_km_lock);
1076 return 0;
1077 }
1078 EXPORT_SYMBOL(xfrm_unregister_km);
1079
1080 int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo)
1081 {
1082 int err = 0;
1083 if (unlikely(afinfo == NULL))
1084 return -EINVAL;
1085 if (unlikely(afinfo->family >= NPROTO))
1086 return -EAFNOSUPPORT;
1087 write_lock_bh(&xfrm_state_afinfo_lock);
1088 if (unlikely(xfrm_state_afinfo[afinfo->family] != NULL))
1089 err = -ENOBUFS;
1090 else {
1091 afinfo->state_bydst = xfrm_state_bydst;
1092 afinfo->state_bysrc = xfrm_state_bysrc;
1093 afinfo->state_byspi = xfrm_state_byspi;
1094 xfrm_state_afinfo[afinfo->family] = afinfo;
1095 }
1096 write_unlock_bh(&xfrm_state_afinfo_lock);
1097 return err;
1098 }
1099 EXPORT_SYMBOL(xfrm_state_register_afinfo);
1100
1101 int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo *afinfo)
1102 {
1103 int err = 0;
1104 if (unlikely(afinfo == NULL))
1105 return -EINVAL;
1106 if (unlikely(afinfo->family >= NPROTO))
1107 return -EAFNOSUPPORT;
1108 write_lock_bh(&xfrm_state_afinfo_lock);
1109 if (likely(xfrm_state_afinfo[afinfo->family] != NULL)) {
1110 if (unlikely(xfrm_state_afinfo[afinfo->family] != afinfo))
1111 err = -EINVAL;
1112 else {
1113 xfrm_state_afinfo[afinfo->family] = NULL;
1114 afinfo->state_byspi = NULL;
1115 afinfo->state_bysrc = NULL;
1116 afinfo->state_bydst = NULL;
1117 }
1118 }
1119 write_unlock_bh(&xfrm_state_afinfo_lock);
1120 return err;
1121 }
1122 EXPORT_SYMBOL(xfrm_state_unregister_afinfo);
1123
1124 static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family)
1125 {
1126 struct xfrm_state_afinfo *afinfo;
1127 if (unlikely(family >= NPROTO))
1128 return NULL;
1129 read_lock(&xfrm_state_afinfo_lock);
1130 afinfo = xfrm_state_afinfo[family];
1131 if (unlikely(!afinfo))
1132 read_unlock(&xfrm_state_afinfo_lock);
1133 return afinfo;
1134 }
1135
1136 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo)
1137 {
1138 read_unlock(&xfrm_state_afinfo_lock);
1139 }
1140
1141 /* Temporarily located here until net/xfrm/xfrm_tunnel.c is created */
1142 void xfrm_state_delete_tunnel(struct xfrm_state *x)
1143 {
1144 if (x->tunnel) {
1145 struct xfrm_state *t = x->tunnel;
1146
1147 if (atomic_read(&t->tunnel_users) == 2)
1148 xfrm_state_delete(t);
1149 atomic_dec(&t->tunnel_users);
1150 xfrm_state_put(t);
1151 x->tunnel = NULL;
1152 }
1153 }
1154 EXPORT_SYMBOL(xfrm_state_delete_tunnel);
1155
1156 /*
1157 * This function is NOT optimal. For example, with ESP it will give an
1158 * MTU that's usually two bytes short of being optimal. However, it will
1159 * usually give an answer that's a multiple of 4 provided the input is
1160 * also a multiple of 4.
1161 */
1162 int xfrm_state_mtu(struct xfrm_state *x, int mtu)
1163 {
1164 int res = mtu;
1165
1166 res -= x->props.header_len;
1167
1168 for (;;) {
1169 int m = res;
1170
1171 if (m < 68)
1172 return 68;
1173
1174 spin_lock_bh(&x->lock);
1175 if (x->km.state == XFRM_STATE_VALID &&
1176 x->type && x->type->get_max_size)
1177 m = x->type->get_max_size(x, m);
1178 else
1179 m += x->props.header_len;
1180 spin_unlock_bh(&x->lock);
1181
1182 if (m <= mtu)
1183 break;
1184 res -= (m - mtu);
1185 }
1186
1187 return res;
1188 }
1189
1190 int xfrm_init_state(struct xfrm_state *x)
1191 {
1192 struct xfrm_state_afinfo *afinfo;
1193 int family = x->props.family;
1194 int err;
1195
1196 err = -EAFNOSUPPORT;
1197 afinfo = xfrm_state_get_afinfo(family);
1198 if (!afinfo)
1199 goto error;
1200
1201 err = 0;
1202 if (afinfo->init_flags)
1203 err = afinfo->init_flags(x);
1204
1205 xfrm_state_put_afinfo(afinfo);
1206
1207 if (err)
1208 goto error;
1209
1210 err = -EPROTONOSUPPORT;
1211 x->type = xfrm_get_type(x->id.proto, family);
1212 if (x->type == NULL)
1213 goto error;
1214
1215 err = x->type->init_state(x);
1216 if (err)
1217 goto error;
1218
1219 x->mode = xfrm_get_mode(x->props.mode, family);
1220 if (x->mode == NULL)
1221 goto error;
1222
1223 x->km.state = XFRM_STATE_VALID;
1224
1225 error:
1226 return err;
1227 }
1228
1229 EXPORT_SYMBOL(xfrm_init_state);
1230
1231 void __init xfrm_state_init(void)
1232 {
1233 int i;
1234
1235 for (i=0; i<XFRM_DST_HSIZE; i++) {
1236 INIT_LIST_HEAD(&xfrm_state_bydst[i]);
1237 INIT_LIST_HEAD(&xfrm_state_bysrc[i]);
1238 INIT_LIST_HEAD(&xfrm_state_byspi[i]);
1239 }
1240 INIT_WORK(&xfrm_state_gc_work, xfrm_state_gc_task, NULL);
1241 }
1242
Ubuntu Artful kernel mirror