6 * Kazunori MIYAZAWA @USAGI
7 * Kunihiro Ishiguro <kunihiro@ipinfusion.com>
9 * YOSHIFUJI Hideaki @USAGI
10 * Split up af-specific functions
11 * Derek Atkins <derek@ihtfp.com>
12 * Add UDP Encapsulation
16 #include <linux/workqueue.h>
18 #include <linux/pfkeyv2.h>
19 #include <linux/ipsec.h>
20 #include <linux/module.h>
21 #include <linux/cache.h>
22 #include <asm/uaccess.h>
23 #include <linux/audit.h>
25 #include "xfrm_hash.h"
28 EXPORT_SYMBOL(xfrm_nl);
30 u32 sysctl_xfrm_aevent_etime = XFRM_AE_ETIME;
31 EXPORT_SYMBOL(sysctl_xfrm_aevent_etime);
33 u32 sysctl_xfrm_aevent_rseqth = XFRM_AE_SEQT_SIZE;
34 EXPORT_SYMBOL(sysctl_xfrm_aevent_rseqth);
36 /* Each xfrm_state may be linked to two tables:
38 1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl)
39 2. Hash table by (daddr,family,reqid) to find what SAs exist for given
40 destination/tunnel endpoint. (output)
43 static DEFINE_SPINLOCK(xfrm_state_lock);
45 /* Hash table to find appropriate SA towards given target (endpoint
46 * of tunnel or destination of transport mode) allowed by selector.
48 * Main use is finding SA after policy selected tunnel or transport mode.
49 * Also, it can be used by ah/esp icmp error handler to find offending SA.
51 static struct hlist_head *xfrm_state_bydst __read_mostly;
52 static struct hlist_head *xfrm_state_bysrc __read_mostly;
53 static struct hlist_head *xfrm_state_byspi __read_mostly;
54 static unsigned int xfrm_state_hmask __read_mostly;
55 static unsigned int xfrm_state_hashmax __read_mostly = 1 * 1024 * 1024;
56 static unsigned int xfrm_state_num;
57 static unsigned int xfrm_state_genid;
59 static inline unsigned int xfrm_dst_hash(xfrm_address_t *daddr,
60 xfrm_address_t *saddr,
62 unsigned short family)
64 return __xfrm_dst_hash(daddr, saddr, reqid, family, xfrm_state_hmask);
67 static inline unsigned int xfrm_src_hash(xfrm_address_t *daddr,
68 xfrm_address_t *saddr,
69 unsigned short family)
71 return __xfrm_src_hash(daddr, saddr, family, xfrm_state_hmask);
74 static inline unsigned int
75 xfrm_spi_hash(xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family)
77 return __xfrm_spi_hash(daddr, spi, proto, family, xfrm_state_hmask);
80 static void xfrm_hash_transfer(struct hlist_head *list,
81 struct hlist_head *ndsttable,
82 struct hlist_head *nsrctable,
83 struct hlist_head *nspitable,
84 unsigned int nhashmask)
86 struct hlist_node *entry, *tmp;
89 hlist_for_each_entry_safe(x, entry, tmp, list, bydst) {
92 h = __xfrm_dst_hash(&x->id.daddr, &x->props.saddr,
93 x->props.reqid, x->props.family,
95 hlist_add_head(&x->bydst, ndsttable+h);
97 h = __xfrm_src_hash(&x->id.daddr, &x->props.saddr,
100 hlist_add_head(&x->bysrc, nsrctable+h);
103 h = __xfrm_spi_hash(&x->id.daddr, x->id.spi,
104 x->id.proto, x->props.family,
106 hlist_add_head(&x->byspi, nspitable+h);
111 static unsigned long xfrm_hash_new_size(void)
113 return ((xfrm_state_hmask + 1) << 1) *
114 sizeof(struct hlist_head);
117 static DEFINE_MUTEX(hash_resize_mutex);
119 static void xfrm_hash_resize(struct work_struct *__unused)
121 struct hlist_head *ndst, *nsrc, *nspi, *odst, *osrc, *ospi;
122 unsigned long nsize, osize;
123 unsigned int nhashmask, ohashmask;
126 mutex_lock(&hash_resize_mutex);
128 nsize = xfrm_hash_new_size();
129 ndst = xfrm_hash_alloc(nsize);
132 nsrc = xfrm_hash_alloc(nsize);
134 xfrm_hash_free(ndst, nsize);
137 nspi = xfrm_hash_alloc(nsize);
139 xfrm_hash_free(ndst, nsize);
140 xfrm_hash_free(nsrc, nsize);
144 spin_lock_bh(&xfrm_state_lock);
146 nhashmask = (nsize / sizeof(struct hlist_head)) - 1U;
147 for (i = xfrm_state_hmask; i >= 0; i--)
148 xfrm_hash_transfer(xfrm_state_bydst+i, ndst, nsrc, nspi,
151 odst = xfrm_state_bydst;
152 osrc = xfrm_state_bysrc;
153 ospi = xfrm_state_byspi;
154 ohashmask = xfrm_state_hmask;
156 xfrm_state_bydst = ndst;
157 xfrm_state_bysrc = nsrc;
158 xfrm_state_byspi = nspi;
159 xfrm_state_hmask = nhashmask;
161 spin_unlock_bh(&xfrm_state_lock);
163 osize = (ohashmask + 1) * sizeof(struct hlist_head);
164 xfrm_hash_free(odst, osize);
165 xfrm_hash_free(osrc, osize);
166 xfrm_hash_free(ospi, osize);
169 mutex_unlock(&hash_resize_mutex);
172 static DECLARE_WORK(xfrm_hash_work, xfrm_hash_resize);
174 DECLARE_WAIT_QUEUE_HEAD(km_waitq);
175 EXPORT_SYMBOL(km_waitq);
177 static DEFINE_RWLOCK(xfrm_state_afinfo_lock);
178 static struct xfrm_state_afinfo *xfrm_state_afinfo[NPROTO];
180 static struct work_struct xfrm_state_gc_work;
181 static HLIST_HEAD(xfrm_state_gc_list);
182 static DEFINE_SPINLOCK(xfrm_state_gc_lock);
184 int __xfrm_state_delete(struct xfrm_state *x);
186 int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol);
187 void km_state_expired(struct xfrm_state *x, int hard, u32 pid);
189 static void xfrm_state_gc_destroy(struct xfrm_state *x)
191 del_timer_sync(&x->timer);
192 del_timer_sync(&x->rtimer);
199 xfrm_put_mode(x->mode);
201 x->type->destructor(x);
202 xfrm_put_type(x->type);
204 security_xfrm_state_free(x);
208 static void xfrm_state_gc_task(struct work_struct *data)
210 struct xfrm_state *x;
211 struct hlist_node *entry, *tmp;
212 struct hlist_head gc_list;
214 spin_lock_bh(&xfrm_state_gc_lock);
215 gc_list.first = xfrm_state_gc_list.first;
216 INIT_HLIST_HEAD(&xfrm_state_gc_list);
217 spin_unlock_bh(&xfrm_state_gc_lock);
219 hlist_for_each_entry_safe(x, entry, tmp, &gc_list, bydst)
220 xfrm_state_gc_destroy(x);
225 static inline unsigned long make_jiffies(long secs)
227 if (secs >= (MAX_SCHEDULE_TIMEOUT-1)/HZ)
228 return MAX_SCHEDULE_TIMEOUT-1;
233 static void xfrm_timer_handler(unsigned long data)
235 struct xfrm_state *x = (struct xfrm_state*)data;
236 unsigned long now = (unsigned long)xtime.tv_sec;
237 long next = LONG_MAX;
242 if (x->km.state == XFRM_STATE_DEAD)
244 if (x->km.state == XFRM_STATE_EXPIRED)
246 if (x->lft.hard_add_expires_seconds) {
247 long tmo = x->lft.hard_add_expires_seconds +
248 x->curlft.add_time - now;
254 if (x->lft.hard_use_expires_seconds) {
255 long tmo = x->lft.hard_use_expires_seconds +
256 (x->curlft.use_time ? : now) - now;
264 if (x->lft.soft_add_expires_seconds) {
265 long tmo = x->lft.soft_add_expires_seconds +
266 x->curlft.add_time - now;
272 if (x->lft.soft_use_expires_seconds) {
273 long tmo = x->lft.soft_use_expires_seconds +
274 (x->curlft.use_time ? : now) - now;
283 km_state_expired(x, 0, 0);
285 if (next != LONG_MAX)
286 mod_timer(&x->timer, jiffies + make_jiffies(next));
291 if (x->km.state == XFRM_STATE_ACQ && x->id.spi == 0) {
292 x->km.state = XFRM_STATE_EXPIRED;
298 err = __xfrm_state_delete(x);
299 if (!err && x->id.spi)
300 km_state_expired(x, 1, 0);
302 xfrm_audit_log(audit_get_loginuid(current->audit_context), 0,
303 AUDIT_MAC_IPSEC_DELSA, err ? 0 : 1, NULL, x);
306 spin_unlock(&x->lock);
309 static void xfrm_replay_timer_handler(unsigned long data);
311 struct xfrm_state *xfrm_state_alloc(void)
313 struct xfrm_state *x;
315 x = kzalloc(sizeof(struct xfrm_state), GFP_ATOMIC);
318 atomic_set(&x->refcnt, 1);
319 atomic_set(&x->tunnel_users, 0);
320 INIT_HLIST_NODE(&x->bydst);
321 INIT_HLIST_NODE(&x->bysrc);
322 INIT_HLIST_NODE(&x->byspi);
323 init_timer(&x->timer);
324 x->timer.function = xfrm_timer_handler;
325 x->timer.data = (unsigned long)x;
326 init_timer(&x->rtimer);
327 x->rtimer.function = xfrm_replay_timer_handler;
328 x->rtimer.data = (unsigned long)x;
329 x->curlft.add_time = (unsigned long)xtime.tv_sec;
330 x->lft.soft_byte_limit = XFRM_INF;
331 x->lft.soft_packet_limit = XFRM_INF;
332 x->lft.hard_byte_limit = XFRM_INF;
333 x->lft.hard_packet_limit = XFRM_INF;
334 x->replay_maxage = 0;
335 x->replay_maxdiff = 0;
336 spin_lock_init(&x->lock);
340 EXPORT_SYMBOL(xfrm_state_alloc);
342 void __xfrm_state_destroy(struct xfrm_state *x)
344 BUG_TRAP(x->km.state == XFRM_STATE_DEAD);
346 spin_lock_bh(&xfrm_state_gc_lock);
347 hlist_add_head(&x->bydst, &xfrm_state_gc_list);
348 spin_unlock_bh(&xfrm_state_gc_lock);
349 schedule_work(&xfrm_state_gc_work);
351 EXPORT_SYMBOL(__xfrm_state_destroy);
353 int __xfrm_state_delete(struct xfrm_state *x)
357 if (x->km.state != XFRM_STATE_DEAD) {
358 x->km.state = XFRM_STATE_DEAD;
359 spin_lock(&xfrm_state_lock);
360 hlist_del(&x->bydst);
361 hlist_del(&x->bysrc);
363 hlist_del(&x->byspi);
365 spin_unlock(&xfrm_state_lock);
367 /* All xfrm_state objects are created by xfrm_state_alloc.
368 * The xfrm_state_alloc call gives a reference, and that
369 * is what we are dropping here.
377 EXPORT_SYMBOL(__xfrm_state_delete);
379 int xfrm_state_delete(struct xfrm_state *x)
383 spin_lock_bh(&x->lock);
384 err = __xfrm_state_delete(x);
385 spin_unlock_bh(&x->lock);
389 EXPORT_SYMBOL(xfrm_state_delete);
391 void xfrm_state_flush(u8 proto, struct xfrm_audit *audit_info)
396 spin_lock_bh(&xfrm_state_lock);
397 for (i = 0; i <= xfrm_state_hmask; i++) {
398 struct hlist_node *entry;
399 struct xfrm_state *x;
401 hlist_for_each_entry(x, entry, xfrm_state_bydst+i, bydst) {
402 if (!xfrm_state_kern(x) &&
403 xfrm_id_proto_match(x->id.proto, proto)) {
405 spin_unlock_bh(&xfrm_state_lock);
407 err = xfrm_state_delete(x);
408 xfrm_audit_log(audit_info->loginuid,
410 AUDIT_MAC_IPSEC_DELSA,
411 err ? 0 : 1, NULL, x);
414 spin_lock_bh(&xfrm_state_lock);
419 spin_unlock_bh(&xfrm_state_lock);
422 EXPORT_SYMBOL(xfrm_state_flush);
425 xfrm_init_tempsel(struct xfrm_state *x, struct flowi *fl,
426 struct xfrm_tmpl *tmpl,
427 xfrm_address_t *daddr, xfrm_address_t *saddr,
428 unsigned short family)
430 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
433 afinfo->init_tempsel(x, fl, tmpl, daddr, saddr);
434 xfrm_state_put_afinfo(afinfo);
438 static struct xfrm_state *__xfrm_state_lookup(xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family)
440 unsigned int h = xfrm_spi_hash(daddr, spi, proto, family);
441 struct xfrm_state *x;
442 struct hlist_node *entry;
444 hlist_for_each_entry(x, entry, xfrm_state_byspi+h, byspi) {
445 if (x->props.family != family ||
447 x->id.proto != proto)
452 if (x->id.daddr.a4 != daddr->a4)
456 if (!ipv6_addr_equal((struct in6_addr *)daddr,
470 static struct xfrm_state *__xfrm_state_lookup_byaddr(xfrm_address_t *daddr, xfrm_address_t *saddr, u8 proto, unsigned short family)
472 unsigned int h = xfrm_src_hash(daddr, saddr, family);
473 struct xfrm_state *x;
474 struct hlist_node *entry;
476 hlist_for_each_entry(x, entry, xfrm_state_bysrc+h, bysrc) {
477 if (x->props.family != family ||
478 x->id.proto != proto)
483 if (x->id.daddr.a4 != daddr->a4 ||
484 x->props.saddr.a4 != saddr->a4)
488 if (!ipv6_addr_equal((struct in6_addr *)daddr,
491 !ipv6_addr_equal((struct in6_addr *)saddr,
505 static inline struct xfrm_state *
506 __xfrm_state_locate(struct xfrm_state *x, int use_spi, int family)
509 return __xfrm_state_lookup(&x->id.daddr, x->id.spi,
510 x->id.proto, family);
512 return __xfrm_state_lookup_byaddr(&x->id.daddr,
514 x->id.proto, family);
517 static void xfrm_hash_grow_check(int have_hash_collision)
519 if (have_hash_collision &&
520 (xfrm_state_hmask + 1) < xfrm_state_hashmax &&
521 xfrm_state_num > xfrm_state_hmask)
522 schedule_work(&xfrm_hash_work);
526 xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
527 struct flowi *fl, struct xfrm_tmpl *tmpl,
528 struct xfrm_policy *pol, int *err,
529 unsigned short family)
531 unsigned int h = xfrm_dst_hash(daddr, saddr, tmpl->reqid, family);
532 struct hlist_node *entry;
533 struct xfrm_state *x, *x0;
534 int acquire_in_progress = 0;
536 struct xfrm_state *best = NULL;
538 spin_lock_bh(&xfrm_state_lock);
539 hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) {
540 if (x->props.family == family &&
541 x->props.reqid == tmpl->reqid &&
542 !(x->props.flags & XFRM_STATE_WILDRECV) &&
543 xfrm_state_addr_check(x, daddr, saddr, family) &&
544 tmpl->mode == x->props.mode &&
545 tmpl->id.proto == x->id.proto &&
546 (tmpl->id.spi == x->id.spi || !tmpl->id.spi)) {
548 1. There is a valid state with matching selector.
550 2. Valid state with inappropriate selector. Skip.
552 Entering area of "sysdeps".
554 3. If state is not valid, selector is temporary,
555 it selects only session which triggered
556 previous resolution. Key manager will do
557 something to install a state with proper
560 if (x->km.state == XFRM_STATE_VALID) {
561 if (!xfrm_selector_match(&x->sel, fl, family) ||
562 !security_xfrm_state_pol_flow_match(x, pol, fl))
565 best->km.dying > x->km.dying ||
566 (best->km.dying == x->km.dying &&
567 best->curlft.add_time < x->curlft.add_time))
569 } else if (x->km.state == XFRM_STATE_ACQ) {
570 acquire_in_progress = 1;
571 } else if (x->km.state == XFRM_STATE_ERROR ||
572 x->km.state == XFRM_STATE_EXPIRED) {
573 if (xfrm_selector_match(&x->sel, fl, family) &&
574 security_xfrm_state_pol_flow_match(x, pol, fl))
581 if (!x && !error && !acquire_in_progress) {
583 (x0 = __xfrm_state_lookup(daddr, tmpl->id.spi,
584 tmpl->id.proto, family)) != NULL) {
589 x = xfrm_state_alloc();
594 /* Initialize temporary selector matching only
595 * to current session. */
596 xfrm_init_tempsel(x, fl, tmpl, daddr, saddr, family);
598 error = security_xfrm_state_alloc_acquire(x, pol->security, fl->secid);
600 x->km.state = XFRM_STATE_DEAD;
606 if (km_query(x, tmpl, pol) == 0) {
607 x->km.state = XFRM_STATE_ACQ;
608 hlist_add_head(&x->bydst, xfrm_state_bydst+h);
609 h = xfrm_src_hash(daddr, saddr, family);
610 hlist_add_head(&x->bysrc, xfrm_state_bysrc+h);
612 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, family);
613 hlist_add_head(&x->byspi, xfrm_state_byspi+h);
615 x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES;
616 x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ;
617 add_timer(&x->timer);
619 xfrm_hash_grow_check(x->bydst.next != NULL);
621 x->km.state = XFRM_STATE_DEAD;
631 *err = acquire_in_progress ? -EAGAIN : error;
632 spin_unlock_bh(&xfrm_state_lock);
636 static void __xfrm_state_insert(struct xfrm_state *x)
640 x->genid = ++xfrm_state_genid;
642 h = xfrm_dst_hash(&x->id.daddr, &x->props.saddr,
643 x->props.reqid, x->props.family);
644 hlist_add_head(&x->bydst, xfrm_state_bydst+h);
646 h = xfrm_src_hash(&x->id.daddr, &x->props.saddr, x->props.family);
647 hlist_add_head(&x->bysrc, xfrm_state_bysrc+h);
650 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto,
653 hlist_add_head(&x->byspi, xfrm_state_byspi+h);
656 mod_timer(&x->timer, jiffies + HZ);
657 if (x->replay_maxage)
658 mod_timer(&x->rtimer, jiffies + x->replay_maxage);
664 xfrm_hash_grow_check(x->bydst.next != NULL);
667 /* xfrm_state_lock is held */
668 static void __xfrm_state_bump_genids(struct xfrm_state *xnew)
670 unsigned short family = xnew->props.family;
671 u32 reqid = xnew->props.reqid;
672 struct xfrm_state *x;
673 struct hlist_node *entry;
676 h = xfrm_dst_hash(&xnew->id.daddr, &xnew->props.saddr, reqid, family);
677 hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) {
678 if (x->props.family == family &&
679 x->props.reqid == reqid &&
680 !xfrm_addr_cmp(&x->id.daddr, &xnew->id.daddr, family) &&
681 !xfrm_addr_cmp(&x->props.saddr, &xnew->props.saddr, family))
682 x->genid = xfrm_state_genid;
686 void xfrm_state_insert(struct xfrm_state *x)
688 spin_lock_bh(&xfrm_state_lock);
689 __xfrm_state_bump_genids(x);
690 __xfrm_state_insert(x);
691 spin_unlock_bh(&xfrm_state_lock);
693 EXPORT_SYMBOL(xfrm_state_insert);
695 /* xfrm_state_lock is held */
696 static struct xfrm_state *__find_acq_core(unsigned short family, u8 mode, u32 reqid, u8 proto, xfrm_address_t *daddr, xfrm_address_t *saddr, int create)
698 unsigned int h = xfrm_dst_hash(daddr, saddr, reqid, family);
699 struct hlist_node *entry;
700 struct xfrm_state *x;
702 hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) {
703 if (x->props.reqid != reqid ||
704 x->props.mode != mode ||
705 x->props.family != family ||
706 x->km.state != XFRM_STATE_ACQ ||
712 if (x->id.daddr.a4 != daddr->a4 ||
713 x->props.saddr.a4 != saddr->a4)
717 if (!ipv6_addr_equal((struct in6_addr *)x->id.daddr.a6,
718 (struct in6_addr *)daddr) ||
719 !ipv6_addr_equal((struct in6_addr *)
721 (struct in6_addr *)saddr))
733 x = xfrm_state_alloc();
737 x->sel.daddr.a4 = daddr->a4;
738 x->sel.saddr.a4 = saddr->a4;
739 x->sel.prefixlen_d = 32;
740 x->sel.prefixlen_s = 32;
741 x->props.saddr.a4 = saddr->a4;
742 x->id.daddr.a4 = daddr->a4;
746 ipv6_addr_copy((struct in6_addr *)x->sel.daddr.a6,
747 (struct in6_addr *)daddr);
748 ipv6_addr_copy((struct in6_addr *)x->sel.saddr.a6,
749 (struct in6_addr *)saddr);
750 x->sel.prefixlen_d = 128;
751 x->sel.prefixlen_s = 128;
752 ipv6_addr_copy((struct in6_addr *)x->props.saddr.a6,
753 (struct in6_addr *)saddr);
754 ipv6_addr_copy((struct in6_addr *)x->id.daddr.a6,
755 (struct in6_addr *)daddr);
759 x->km.state = XFRM_STATE_ACQ;
761 x->props.family = family;
762 x->props.mode = mode;
763 x->props.reqid = reqid;
764 x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES;
766 x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ;
767 add_timer(&x->timer);
768 hlist_add_head(&x->bydst, xfrm_state_bydst+h);
769 h = xfrm_src_hash(daddr, saddr, family);
770 hlist_add_head(&x->bysrc, xfrm_state_bysrc+h);
775 xfrm_hash_grow_check(x->bydst.next != NULL);
781 static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq);
783 int xfrm_state_add(struct xfrm_state *x)
785 struct xfrm_state *x1;
788 int use_spi = xfrm_id_proto_match(x->id.proto, IPSEC_PROTO_ANY);
790 family = x->props.family;
792 spin_lock_bh(&xfrm_state_lock);
794 x1 = __xfrm_state_locate(x, use_spi, family);
802 if (use_spi && x->km.seq) {
803 x1 = __xfrm_find_acq_byseq(x->km.seq);
804 if (x1 && xfrm_addr_cmp(&x1->id.daddr, &x->id.daddr, family)) {
811 x1 = __find_acq_core(family, x->props.mode, x->props.reqid,
813 &x->id.daddr, &x->props.saddr, 0);
815 __xfrm_state_bump_genids(x);
816 __xfrm_state_insert(x);
820 spin_unlock_bh(&xfrm_state_lock);
823 xfrm_state_delete(x1);
829 EXPORT_SYMBOL(xfrm_state_add);
831 #ifdef CONFIG_XFRM_MIGRATE
832 struct xfrm_state *xfrm_state_clone(struct xfrm_state *orig, int *errp)
835 struct xfrm_state *x = xfrm_state_alloc();
839 memcpy(&x->id, &orig->id, sizeof(x->id));
840 memcpy(&x->sel, &orig->sel, sizeof(x->sel));
841 memcpy(&x->lft, &orig->lft, sizeof(x->lft));
842 x->props.mode = orig->props.mode;
843 x->props.replay_window = orig->props.replay_window;
844 x->props.reqid = orig->props.reqid;
845 x->props.family = orig->props.family;
846 x->props.saddr = orig->props.saddr;
849 x->aalg = xfrm_algo_clone(orig->aalg);
853 x->props.aalgo = orig->props.aalgo;
856 x->ealg = xfrm_algo_clone(orig->ealg);
860 x->props.ealgo = orig->props.ealgo;
863 x->calg = xfrm_algo_clone(orig->calg);
867 x->props.calgo = orig->props.calgo;
870 x->encap = kmemdup(orig->encap, sizeof(*x->encap), GFP_KERNEL);
876 x->coaddr = kmemdup(orig->coaddr, sizeof(*x->coaddr),
882 err = xfrm_init_state(x);
886 x->props.flags = orig->props.flags;
888 x->curlft.add_time = orig->curlft.add_time;
889 x->km.state = orig->km.state;
890 x->km.seq = orig->km.seq;
907 EXPORT_SYMBOL(xfrm_state_clone);
909 /* xfrm_state_lock is held */
910 struct xfrm_state * xfrm_migrate_state_find(struct xfrm_migrate *m)
913 struct xfrm_state *x;
914 struct hlist_node *entry;
917 h = xfrm_dst_hash(&m->old_daddr, &m->old_saddr,
918 m->reqid, m->old_family);
919 hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) {
920 if (x->props.mode != m->mode ||
921 x->id.proto != m->proto)
923 if (m->reqid && x->props.reqid != m->reqid)
925 if (xfrm_addr_cmp(&x->id.daddr, &m->old_daddr,
927 xfrm_addr_cmp(&x->props.saddr, &m->old_saddr,
934 h = xfrm_src_hash(&m->old_daddr, &m->old_saddr,
936 hlist_for_each_entry(x, entry, xfrm_state_bysrc+h, bysrc) {
937 if (x->props.mode != m->mode ||
938 x->id.proto != m->proto)
940 if (xfrm_addr_cmp(&x->id.daddr, &m->old_daddr,
942 xfrm_addr_cmp(&x->props.saddr, &m->old_saddr,
952 EXPORT_SYMBOL(xfrm_migrate_state_find);
954 struct xfrm_state * xfrm_state_migrate(struct xfrm_state *x,
955 struct xfrm_migrate *m)
957 struct xfrm_state *xc;
960 xc = xfrm_state_clone(x, &err);
964 memcpy(&xc->id.daddr, &m->new_daddr, sizeof(xc->id.daddr));
965 memcpy(&xc->props.saddr, &m->new_saddr, sizeof(xc->props.saddr));
968 if (!xfrm_addr_cmp(&x->id.daddr, &m->new_daddr, m->new_family)) {
969 /* a care is needed when the destination address of the
970 state is to be updated as it is a part of triplet */
971 xfrm_state_insert(xc);
973 if ((err = xfrm_state_add(xc)) < 0)
982 EXPORT_SYMBOL(xfrm_state_migrate);
985 int xfrm_state_update(struct xfrm_state *x)
987 struct xfrm_state *x1;
989 int use_spi = xfrm_id_proto_match(x->id.proto, IPSEC_PROTO_ANY);
991 spin_lock_bh(&xfrm_state_lock);
992 x1 = __xfrm_state_locate(x, use_spi, x->props.family);
998 if (xfrm_state_kern(x1)) {
1004 if (x1->km.state == XFRM_STATE_ACQ) {
1005 __xfrm_state_insert(x);
1011 spin_unlock_bh(&xfrm_state_lock);
1017 xfrm_state_delete(x1);
1023 spin_lock_bh(&x1->lock);
1024 if (likely(x1->km.state == XFRM_STATE_VALID)) {
1025 if (x->encap && x1->encap)
1026 memcpy(x1->encap, x->encap, sizeof(*x1->encap));
1027 if (x->coaddr && x1->coaddr) {
1028 memcpy(x1->coaddr, x->coaddr, sizeof(*x1->coaddr));
1030 if (!use_spi && memcmp(&x1->sel, &x->sel, sizeof(x1->sel)))
1031 memcpy(&x1->sel, &x->sel, sizeof(x1->sel));
1032 memcpy(&x1->lft, &x->lft, sizeof(x1->lft));
1035 mod_timer(&x1->timer, jiffies + HZ);
1036 if (x1->curlft.use_time)
1037 xfrm_state_check_expire(x1);
1041 spin_unlock_bh(&x1->lock);
1047 EXPORT_SYMBOL(xfrm_state_update);
1049 int xfrm_state_check_expire(struct xfrm_state *x)
1051 if (!x->curlft.use_time)
1052 x->curlft.use_time = (unsigned long)xtime.tv_sec;
1054 if (x->km.state != XFRM_STATE_VALID)
1057 if (x->curlft.bytes >= x->lft.hard_byte_limit ||
1058 x->curlft.packets >= x->lft.hard_packet_limit) {
1059 x->km.state = XFRM_STATE_EXPIRED;
1060 mod_timer(&x->timer, jiffies);
1065 (x->curlft.bytes >= x->lft.soft_byte_limit ||
1066 x->curlft.packets >= x->lft.soft_packet_limit)) {
1068 km_state_expired(x, 0, 0);
1072 EXPORT_SYMBOL(xfrm_state_check_expire);
1074 static int xfrm_state_check_space(struct xfrm_state *x, struct sk_buff *skb)
1076 int nhead = x->props.header_len + LL_RESERVED_SPACE(skb->dst->dev)
1077 - skb_headroom(skb);
1080 return pskb_expand_head(skb, nhead, 0, GFP_ATOMIC);
1082 /* Check tail too... */
1086 int xfrm_state_check(struct xfrm_state *x, struct sk_buff *skb)
1088 int err = xfrm_state_check_expire(x);
1091 err = xfrm_state_check_space(x, skb);
1095 EXPORT_SYMBOL(xfrm_state_check);
1098 xfrm_state_lookup(xfrm_address_t *daddr, __be32 spi, u8 proto,
1099 unsigned short family)
1101 struct xfrm_state *x;
1103 spin_lock_bh(&xfrm_state_lock);
1104 x = __xfrm_state_lookup(daddr, spi, proto, family);
1105 spin_unlock_bh(&xfrm_state_lock);
1108 EXPORT_SYMBOL(xfrm_state_lookup);
1111 xfrm_state_lookup_byaddr(xfrm_address_t *daddr, xfrm_address_t *saddr,
1112 u8 proto, unsigned short family)
1114 struct xfrm_state *x;
1116 spin_lock_bh(&xfrm_state_lock);
1117 x = __xfrm_state_lookup_byaddr(daddr, saddr, proto, family);
1118 spin_unlock_bh(&xfrm_state_lock);
1121 EXPORT_SYMBOL(xfrm_state_lookup_byaddr);
1124 xfrm_find_acq(u8 mode, u32 reqid, u8 proto,
1125 xfrm_address_t *daddr, xfrm_address_t *saddr,
1126 int create, unsigned short family)
1128 struct xfrm_state *x;
1130 spin_lock_bh(&xfrm_state_lock);
1131 x = __find_acq_core(family, mode, reqid, proto, daddr, saddr, create);
1132 spin_unlock_bh(&xfrm_state_lock);
1136 EXPORT_SYMBOL(xfrm_find_acq);
1138 #ifdef CONFIG_XFRM_SUB_POLICY
1140 xfrm_tmpl_sort(struct xfrm_tmpl **dst, struct xfrm_tmpl **src, int n,
1141 unsigned short family)
1144 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
1146 return -EAFNOSUPPORT;
1148 spin_lock_bh(&xfrm_state_lock);
1149 if (afinfo->tmpl_sort)
1150 err = afinfo->tmpl_sort(dst, src, n);
1151 spin_unlock_bh(&xfrm_state_lock);
1152 xfrm_state_put_afinfo(afinfo);
1155 EXPORT_SYMBOL(xfrm_tmpl_sort);
1158 xfrm_state_sort(struct xfrm_state **dst, struct xfrm_state **src, int n,
1159 unsigned short family)
1162 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
1164 return -EAFNOSUPPORT;
1166 spin_lock_bh(&xfrm_state_lock);
1167 if (afinfo->state_sort)
1168 err = afinfo->state_sort(dst, src, n);
1169 spin_unlock_bh(&xfrm_state_lock);
1170 xfrm_state_put_afinfo(afinfo);
1173 EXPORT_SYMBOL(xfrm_state_sort);
1176 /* Silly enough, but I'm lazy to build resolution list */
1178 static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq)
1182 for (i = 0; i <= xfrm_state_hmask; i++) {
1183 struct hlist_node *entry;
1184 struct xfrm_state *x;
1186 hlist_for_each_entry(x, entry, xfrm_state_bydst+i, bydst) {
1187 if (x->km.seq == seq &&
1188 x->km.state == XFRM_STATE_ACQ) {
1197 struct xfrm_state *xfrm_find_acq_byseq(u32 seq)
1199 struct xfrm_state *x;
1201 spin_lock_bh(&xfrm_state_lock);
1202 x = __xfrm_find_acq_byseq(seq);
1203 spin_unlock_bh(&xfrm_state_lock);
1206 EXPORT_SYMBOL(xfrm_find_acq_byseq);
1208 u32 xfrm_get_acqseq(void)
1212 static DEFINE_SPINLOCK(acqseq_lock);
1214 spin_lock_bh(&acqseq_lock);
1215 res = (++acqseq ? : ++acqseq);
1216 spin_unlock_bh(&acqseq_lock);
1219 EXPORT_SYMBOL(xfrm_get_acqseq);
1222 xfrm_alloc_spi(struct xfrm_state *x, __be32 minspi, __be32 maxspi)
1225 struct xfrm_state *x0;
1230 if (minspi == maxspi) {
1231 x0 = xfrm_state_lookup(&x->id.daddr, minspi, x->id.proto, x->props.family);
1239 u32 low = ntohl(minspi);
1240 u32 high = ntohl(maxspi);
1241 for (h=0; h<high-low+1; h++) {
1242 spi = low + net_random()%(high-low+1);
1243 x0 = xfrm_state_lookup(&x->id.daddr, htonl(spi), x->id.proto, x->props.family);
1245 x->id.spi = htonl(spi);
1252 spin_lock_bh(&xfrm_state_lock);
1253 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, x->props.family);
1254 hlist_add_head(&x->byspi, xfrm_state_byspi+h);
1255 spin_unlock_bh(&xfrm_state_lock);
1259 EXPORT_SYMBOL(xfrm_alloc_spi);
1261 int xfrm_state_walk(u8 proto, int (*func)(struct xfrm_state *, int, void*),
1265 struct xfrm_state *x, *last = NULL;
1266 struct hlist_node *entry;
1270 spin_lock_bh(&xfrm_state_lock);
1271 for (i = 0; i <= xfrm_state_hmask; i++) {
1272 hlist_for_each_entry(x, entry, xfrm_state_bydst+i, bydst) {
1273 if (!xfrm_id_proto_match(x->id.proto, proto))
1276 err = func(last, count, data);
1288 err = func(last, 0, data);
1290 spin_unlock_bh(&xfrm_state_lock);
1293 EXPORT_SYMBOL(xfrm_state_walk);
1296 void xfrm_replay_notify(struct xfrm_state *x, int event)
1299 /* we send notify messages in case
1300 * 1. we updated on of the sequence numbers, and the seqno difference
1301 * is at least x->replay_maxdiff, in this case we also update the
1302 * timeout of our timer function
1303 * 2. if x->replay_maxage has elapsed since last update,
1304 * and there were changes
1306 * The state structure must be locked!
1310 case XFRM_REPLAY_UPDATE:
1311 if (x->replay_maxdiff &&
1312 (x->replay.seq - x->preplay.seq < x->replay_maxdiff) &&
1313 (x->replay.oseq - x->preplay.oseq < x->replay_maxdiff)) {
1314 if (x->xflags & XFRM_TIME_DEFER)
1315 event = XFRM_REPLAY_TIMEOUT;
1322 case XFRM_REPLAY_TIMEOUT:
1323 if ((x->replay.seq == x->preplay.seq) &&
1324 (x->replay.bitmap == x->preplay.bitmap) &&
1325 (x->replay.oseq == x->preplay.oseq)) {
1326 x->xflags |= XFRM_TIME_DEFER;
1333 memcpy(&x->preplay, &x->replay, sizeof(struct xfrm_replay_state));
1334 c.event = XFRM_MSG_NEWAE;
1335 c.data.aevent = event;
1336 km_state_notify(x, &c);
1338 if (x->replay_maxage &&
1339 !mod_timer(&x->rtimer, jiffies + x->replay_maxage))
1340 x->xflags &= ~XFRM_TIME_DEFER;
1342 EXPORT_SYMBOL(xfrm_replay_notify);
1344 static void xfrm_replay_timer_handler(unsigned long data)
1346 struct xfrm_state *x = (struct xfrm_state*)data;
1348 spin_lock(&x->lock);
1350 if (x->km.state == XFRM_STATE_VALID) {
1351 if (xfrm_aevent_is_on())
1352 xfrm_replay_notify(x, XFRM_REPLAY_TIMEOUT);
1354 x->xflags |= XFRM_TIME_DEFER;
1357 spin_unlock(&x->lock);
1360 int xfrm_replay_check(struct xfrm_state *x, __be32 net_seq)
1363 u32 seq = ntohl(net_seq);
1365 if (unlikely(seq == 0))
1368 if (likely(seq > x->replay.seq))
1371 diff = x->replay.seq - seq;
1372 if (diff >= x->props.replay_window) {
1373 x->stats.replay_window++;
1377 if (x->replay.bitmap & (1U << diff)) {
1383 EXPORT_SYMBOL(xfrm_replay_check);
1385 void xfrm_replay_advance(struct xfrm_state *x, __be32 net_seq)
1388 u32 seq = ntohl(net_seq);
1390 if (seq > x->replay.seq) {
1391 diff = seq - x->replay.seq;
1392 if (diff < x->props.replay_window)
1393 x->replay.bitmap = ((x->replay.bitmap) << diff) | 1;
1395 x->replay.bitmap = 1;
1396 x->replay.seq = seq;
1398 diff = x->replay.seq - seq;
1399 x->replay.bitmap |= (1U << diff);
1402 if (xfrm_aevent_is_on())
1403 xfrm_replay_notify(x, XFRM_REPLAY_UPDATE);
1405 EXPORT_SYMBOL(xfrm_replay_advance);
1407 static struct list_head xfrm_km_list = LIST_HEAD_INIT(xfrm_km_list);
1408 static DEFINE_RWLOCK(xfrm_km_lock);
1410 void km_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c)
1412 struct xfrm_mgr *km;
1414 read_lock(&xfrm_km_lock);
1415 list_for_each_entry(km, &xfrm_km_list, list)
1416 if (km->notify_policy)
1417 km->notify_policy(xp, dir, c);
1418 read_unlock(&xfrm_km_lock);
1421 void km_state_notify(struct xfrm_state *x, struct km_event *c)
1423 struct xfrm_mgr *km;
1424 read_lock(&xfrm_km_lock);
1425 list_for_each_entry(km, &xfrm_km_list, list)
1428 read_unlock(&xfrm_km_lock);
1431 EXPORT_SYMBOL(km_policy_notify);
1432 EXPORT_SYMBOL(km_state_notify);
1434 void km_state_expired(struct xfrm_state *x, int hard, u32 pid)
1440 c.event = XFRM_MSG_EXPIRE;
1441 km_state_notify(x, &c);
1447 EXPORT_SYMBOL(km_state_expired);
1449 * We send to all registered managers regardless of failure
1450 * We are happy with one success
1452 int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol)
1454 int err = -EINVAL, acqret;
1455 struct xfrm_mgr *km;
1457 read_lock(&xfrm_km_lock);
1458 list_for_each_entry(km, &xfrm_km_list, list) {
1459 acqret = km->acquire(x, t, pol, XFRM_POLICY_OUT);
1463 read_unlock(&xfrm_km_lock);
1466 EXPORT_SYMBOL(km_query);
1468 int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, __be16 sport)
1471 struct xfrm_mgr *km;
1473 read_lock(&xfrm_km_lock);
1474 list_for_each_entry(km, &xfrm_km_list, list) {
1475 if (km->new_mapping)
1476 err = km->new_mapping(x, ipaddr, sport);
1480 read_unlock(&xfrm_km_lock);
1483 EXPORT_SYMBOL(km_new_mapping);
1485 void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 pid)
1491 c.event = XFRM_MSG_POLEXPIRE;
1492 km_policy_notify(pol, dir, &c);
1497 EXPORT_SYMBOL(km_policy_expired);
1499 int km_migrate(struct xfrm_selector *sel, u8 dir, u8 type,
1500 struct xfrm_migrate *m, int num_migrate)
1504 struct xfrm_mgr *km;
1506 read_lock(&xfrm_km_lock);
1507 list_for_each_entry(km, &xfrm_km_list, list) {
1509 ret = km->migrate(sel, dir, type, m, num_migrate);
1514 read_unlock(&xfrm_km_lock);
1517 EXPORT_SYMBOL(km_migrate);
1519 int km_report(u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr)
1523 struct xfrm_mgr *km;
1525 read_lock(&xfrm_km_lock);
1526 list_for_each_entry(km, &xfrm_km_list, list) {
1528 ret = km->report(proto, sel, addr);
1533 read_unlock(&xfrm_km_lock);
1536 EXPORT_SYMBOL(km_report);
1538 int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optval, int optlen)
1542 struct xfrm_mgr *km;
1543 struct xfrm_policy *pol = NULL;
1545 if (optlen <= 0 || optlen > PAGE_SIZE)
1548 data = kmalloc(optlen, GFP_KERNEL);
1553 if (copy_from_user(data, optval, optlen))
1557 read_lock(&xfrm_km_lock);
1558 list_for_each_entry(km, &xfrm_km_list, list) {
1559 pol = km->compile_policy(sk, optname, data,
1564 read_unlock(&xfrm_km_lock);
1567 xfrm_sk_policy_insert(sk, err, pol);
1576 EXPORT_SYMBOL(xfrm_user_policy);
1578 int xfrm_register_km(struct xfrm_mgr *km)
1580 write_lock_bh(&xfrm_km_lock);
1581 list_add_tail(&km->list, &xfrm_km_list);
1582 write_unlock_bh(&xfrm_km_lock);
1585 EXPORT_SYMBOL(xfrm_register_km);
1587 int xfrm_unregister_km(struct xfrm_mgr *km)
1589 write_lock_bh(&xfrm_km_lock);
1590 list_del(&km->list);
1591 write_unlock_bh(&xfrm_km_lock);
1594 EXPORT_SYMBOL(xfrm_unregister_km);
1596 int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo)
1599 if (unlikely(afinfo == NULL))
1601 if (unlikely(afinfo->family >= NPROTO))
1602 return -EAFNOSUPPORT;
1603 write_lock_bh(&xfrm_state_afinfo_lock);
1604 if (unlikely(xfrm_state_afinfo[afinfo->family] != NULL))
1607 xfrm_state_afinfo[afinfo->family] = afinfo;
1608 write_unlock_bh(&xfrm_state_afinfo_lock);
1611 EXPORT_SYMBOL(xfrm_state_register_afinfo);
1613 int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo *afinfo)
1616 if (unlikely(afinfo == NULL))
1618 if (unlikely(afinfo->family >= NPROTO))
1619 return -EAFNOSUPPORT;
1620 write_lock_bh(&xfrm_state_afinfo_lock);
1621 if (likely(xfrm_state_afinfo[afinfo->family] != NULL)) {
1622 if (unlikely(xfrm_state_afinfo[afinfo->family] != afinfo))
1625 xfrm_state_afinfo[afinfo->family] = NULL;
1627 write_unlock_bh(&xfrm_state_afinfo_lock);
1630 EXPORT_SYMBOL(xfrm_state_unregister_afinfo);
1632 struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family)
1634 struct xfrm_state_afinfo *afinfo;
1635 if (unlikely(family >= NPROTO))
1637 read_lock(&xfrm_state_afinfo_lock);
1638 afinfo = xfrm_state_afinfo[family];
1639 if (unlikely(!afinfo))
1640 read_unlock(&xfrm_state_afinfo_lock);
1644 void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo)
1646 read_unlock(&xfrm_state_afinfo_lock);
1649 EXPORT_SYMBOL(xfrm_state_get_afinfo);
1650 EXPORT_SYMBOL(xfrm_state_put_afinfo);
1652 /* Temporarily located here until net/xfrm/xfrm_tunnel.c is created */
1653 void xfrm_state_delete_tunnel(struct xfrm_state *x)
1656 struct xfrm_state *t = x->tunnel;
1658 if (atomic_read(&t->tunnel_users) == 2)
1659 xfrm_state_delete(t);
1660 atomic_dec(&t->tunnel_users);
1665 EXPORT_SYMBOL(xfrm_state_delete_tunnel);
1668 * This function is NOT optimal. For example, with ESP it will give an
1669 * MTU that's usually two bytes short of being optimal. However, it will
1670 * usually give an answer that's a multiple of 4 provided the input is
1671 * also a multiple of 4.
1673 int xfrm_state_mtu(struct xfrm_state *x, int mtu)
1677 res -= x->props.header_len;
1685 spin_lock_bh(&x->lock);
1686 if (x->km.state == XFRM_STATE_VALID &&
1687 x->type && x->type->get_max_size)
1688 m = x->type->get_max_size(x, m);
1690 m += x->props.header_len;
1691 spin_unlock_bh(&x->lock);
1701 int xfrm_init_state(struct xfrm_state *x)
1703 struct xfrm_state_afinfo *afinfo;
1704 int family = x->props.family;
1707 err = -EAFNOSUPPORT;
1708 afinfo = xfrm_state_get_afinfo(family);
1713 if (afinfo->init_flags)
1714 err = afinfo->init_flags(x);
1716 xfrm_state_put_afinfo(afinfo);
1721 err = -EPROTONOSUPPORT;
1722 x->type = xfrm_get_type(x->id.proto, family);
1723 if (x->type == NULL)
1726 err = x->type->init_state(x);
1730 x->mode = xfrm_get_mode(x->props.mode, family);
1731 if (x->mode == NULL)
1734 x->km.state = XFRM_STATE_VALID;
1740 EXPORT_SYMBOL(xfrm_init_state);
1742 void __init xfrm_state_init(void)
1746 sz = sizeof(struct hlist_head) * 8;
1748 xfrm_state_bydst = xfrm_hash_alloc(sz);
1749 xfrm_state_bysrc = xfrm_hash_alloc(sz);
1750 xfrm_state_byspi = xfrm_hash_alloc(sz);
1751 if (!xfrm_state_bydst || !xfrm_state_bysrc || !xfrm_state_byspi)
1752 panic("XFRM: Cannot allocate bydst/bysrc/byspi hashes.");
1753 xfrm_state_hmask = ((sz / sizeof(struct hlist_head)) - 1);
1755 INIT_WORK(&xfrm_state_gc_work, xfrm_state_gc_task);
projects / linux-drm-fsl-dcu.git / blob