cipso_ipv4.c - OpenGrok cross reference for /openbmc/linux/net/ipv4/cipso

Deleted Added

sdiffudifftextold (36452b8b..)new (c92e8c02..)

cipso_ipv4.c (36452b8ba02a62445847a29779dc581eb4cfeddd)	cipso_ipv4.c (c92e8c02fe664155ac4234516e32544bec0f113d)
1/* 2 * CIPSO - Commercial IP Security Option 3 * 4 * This is an implementation of the CIPSO 2.2 protocol as specified in 5 * draft-ietf-cipso-ipsecurity-01.txt with additional tag types as found in 6 * FIPS-188. While CIPSO never became a full IETF RFC standard many vendors 7 * have chosen to adopt the protocol and over the years it has become a 8 * de-facto standard for labeled networking. --- 1937 unchanged lines hidden (view full) --- 1946 } 1947 memcpy(opt->opt.__data, buf, buf_len); 1948 opt->opt.optlen = opt_len; 1949 opt->opt.cipso = sizeof(struct iphdr); 1950 kfree(buf); 1951 buf = NULL; 1952 1953 req_inet = inet_rsk(req);	1/* 2 * CIPSO - Commercial IP Security Option 3 * 4 * This is an implementation of the CIPSO 2.2 protocol as specified in 5 * draft-ietf-cipso-ipsecurity-01.txt with additional tag types as found in 6 * FIPS-188. While CIPSO never became a full IETF RFC standard many vendors 7 * have chosen to adopt the protocol and over the years it has become a 8 * de-facto standard for labeled networking. --- 1937 unchanged lines hidden (view full) --- 1946 } 1947 memcpy(opt->opt.__data, buf, buf_len); 1948 opt->opt.optlen = opt_len; 1949 opt->opt.cipso = sizeof(struct iphdr); 1950 kfree(buf); 1951 buf = NULL; 1952 1953 req_inet = inet_rsk(req);
1954 opt = xchg(&req_inet->opt, opt);	1954 opt = xchg((__force struct ip_options_rcu **)&req_inet->ireq_opt, opt);
1955 if (opt) 1956 kfree_rcu(opt, rcu); 1957 1958 return 0; 1959 1960req_setattr_failure: 1961 kfree(buf); 1962 kfree(opt); --- 5 unchanged lines hidden (view full) --- 1968 * @opt_ptr: IP option pointer 1969 * 1970 * Description: 1971 * Deletes the CIPSO IP option from a set of IP options and makes the necessary 1972 * adjustments to the IP option structure. Returns zero on success, negative 1973 * values on failure. 1974 * 1975 */	1955 if (opt) 1956 kfree_rcu(opt, rcu); 1957 1958 return 0; 1959 1960req_setattr_failure: 1961 kfree(buf); 1962 kfree(opt); --- 5 unchanged lines hidden (view full) --- 1968 * @opt_ptr: IP option pointer 1969 * 1970 * Description: 1971 * Deletes the CIPSO IP option from a set of IP options and makes the necessary 1972 * adjustments to the IP option structure. Returns zero on success, negative 1973 * values on failure. 1974 * 1975 */
1976static int cipso_v4_delopt(struct ip_options_rcu **opt_ptr)	1976static int cipso_v4_delopt(struct ip_options_rcu __rcu **opt_ptr)
1977{	1977{
	1978 struct ip_options_rcu opt = rcu_dereference_protected(opt_ptr, 1);
1978 int hdr_delta = 0;	1979 int hdr_delta = 0;
1979 struct ip_options_rcu opt = opt_ptr;
1980	1980
	1981 if (!opt \|\| opt->opt.cipso == 0) 1982 return 0;
1981 if (opt->opt.srr \|\| opt->opt.rr \|\| opt->opt.ts \|\| opt->opt.router_alert) { 1982 u8 cipso_len; 1983 u8 cipso_off; 1984 unsigned char cipso_ptr; 1985 int iter; 1986 int optlen_new; 1987 1988 cipso_off = opt->opt.cipso - sizeof(struct iphdr); --- 45 unchanged lines hidden* (view full) --- 2034 * @sk: the socket 2035 * 2036 * Description: 2037 * Removes the CIPSO option from a socket, if present. 2038 * 2039 / 2040void cipso_v4_sock_delattr(struct sock sk) 2041{	1983 if (opt->opt.srr \|\| opt->opt.rr \|\| opt->opt.ts \|\| opt->opt.router_alert) { 1984 u8 cipso_len; 1985 u8 cipso_off; 1986 unsigned char cipso_ptr; 1987 int iter; 1988 int optlen_new; 1989 1990 cipso_off = opt->opt.cipso - sizeof(struct iphdr); --- 45 unchanged lines hidden* (view full) --- 2036 * @sk: the socket 2037 * 2038 * Description: 2039 * Removes the CIPSO option from a socket, if present. 2040 * 2041 / 2042void cipso_v4_sock_delattr(struct sock sk) 2043{
2042 int hdr_delta; 2043 struct ip_options_rcu *opt;
2044 struct inet_sock *sk_inet;	2044 struct inet_sock *sk_inet;
	2045 int hdr_delta;
2045 2046 sk_inet = inet_sk(sk);	2046 2047 sk_inet = inet_sk(sk);
2047 opt = rcu_dereference_protected(sk_inet->inet_opt, 1); 2048 if (!opt \|\| opt->opt.cipso == 0) 2049 return;
2050 2051 hdr_delta = cipso_v4_delopt(&sk_inet->inet_opt); 2052 if (sk_inet->is_icsk && hdr_delta > 0) { 2053 struct inet_connection_sock sk_conn = inet_csk(sk); 2054 sk_conn->icsk_ext_hdr_len -= hdr_delta; 2055 sk_conn->icsk_sync_mss(sk, sk_conn->icsk_pmtu_cookie); 2056 } 2057} 2058 2059/* 2060 * cipso_v4_req_delattr - Delete the CIPSO option from a request socket 2061 * @reg: the request socket 2062 * 2063 * Description: 2064 * Removes the CIPSO option from a request socket, if present. 2065 * 2066 / 2067void cipso_v4_req_delattr(struct request_sock req) 2068{	2048 2049 hdr_delta = cipso_v4_delopt(&sk_inet->inet_opt); 2050 if (sk_inet->is_icsk && hdr_delta > 0) { 2051 struct inet_connection_sock sk_conn = inet_csk(sk); 2052 sk_conn->icsk_ext_hdr_len -= hdr_delta; 2053 sk_conn->icsk_sync_mss(sk, sk_conn->icsk_pmtu_cookie); 2054 } 2055} 2056 2057/* 2058 * cipso_v4_req_delattr - Delete the CIPSO option from a request socket 2059 * @reg: the request socket 2060 * 2061 * Description: 2062 * Removes the CIPSO option from a request socket, if present. 2063 * 2064 / 2065void cipso_v4_req_delattr(struct request_sock req) 2066{
2069 struct ip_options_rcu opt; 2070 struct inet_request_sock req_inet; 2071 2072 req_inet = inet_rsk(req); 2073 opt = req_inet->opt; 2074 if (!opt \|\| opt->opt.cipso == 0) 2075 return; 2076 2077 cipso_v4_delopt(&req_inet->opt);	2067 cipso_v4_delopt(&inet_rsk(req)->ireq_opt);
2078} 2079 2080/** 2081 * cipso_v4_getattr - Helper function for the cipso_v4__getattr functions 2082 @cipso: the CIPSO v4 option 2083 * @secattr: the security attributes 2084 * 2085 * Description: --- 215 unchanged lines hidden ---	2068} 2069 2070/** 2071 * cipso_v4_getattr - Helper function for the cipso_v4__getattr functions 2072 @cipso: the CIPSO v4 option 2073 * @secattr: the security attributes 2074 * 2075 * Description: --- 215 unchanged lines hidden ---