1 /* 2 * Copyright (C)2003,2004 USAGI/WIDE Project 3 * 4 * This program is free software; you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License as published by 6 * the Free Software Foundation; either version 2 of the License, or 7 * (at your option) any later version. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write to the Free Software 16 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 17 * 18 * Authors Mitsuru KANDA <mk@linux-ipv6.org> 19 * YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> 20 * 21 * Based on net/ipv4/xfrm4_tunnel.c 22 * 23 */ 24 #include <linux/module.h> 25 #include <linux/xfrm.h> 26 #include <linux/rculist.h> 27 #include <net/ip.h> 28 #include <net/xfrm.h> 29 #include <net/ipv6.h> 30 #include <linux/ipv6.h> 31 #include <linux/icmpv6.h> 32 #include <linux/mutex.h> 33 34 /* 35 * xfrm_tunnel_spi things are for allocating unique id ("spi") 36 * per xfrm_address_t. 37 */ 38 struct xfrm6_tunnel_spi { 39 struct hlist_node list_byaddr; 40 struct hlist_node list_byspi; 41 xfrm_address_t addr; 42 u32 spi; 43 atomic_t refcnt; 44 struct rcu_head rcu_head; 45 }; 46 47 static DEFINE_SPINLOCK(xfrm6_tunnel_spi_lock); 48 49 static u32 xfrm6_tunnel_spi; 50 51 #define XFRM6_TUNNEL_SPI_MIN 1 52 #define XFRM6_TUNNEL_SPI_MAX 0xffffffff 53 54 static struct kmem_cache *xfrm6_tunnel_spi_kmem __read_mostly; 55 56 #define XFRM6_TUNNEL_SPI_BYADDR_HSIZE 256 57 #define XFRM6_TUNNEL_SPI_BYSPI_HSIZE 256 58 59 static struct hlist_head xfrm6_tunnel_spi_byaddr[XFRM6_TUNNEL_SPI_BYADDR_HSIZE]; 60 static struct hlist_head xfrm6_tunnel_spi_byspi[XFRM6_TUNNEL_SPI_BYSPI_HSIZE]; 61 62 static inline unsigned xfrm6_tunnel_spi_hash_byaddr(xfrm_address_t *addr) 63 { 64 unsigned h; 65 66 h = (__force u32)(addr->a6[0] ^ addr->a6[1] ^ addr->a6[2] ^ addr->a6[3]); 67 h ^= h >> 16; 68 h ^= h >> 8; 69 h &= XFRM6_TUNNEL_SPI_BYADDR_HSIZE - 1; 70 71 return h; 72 } 73 74 static inline unsigned xfrm6_tunnel_spi_hash_byspi(u32 spi) 75 { 76 return spi % XFRM6_TUNNEL_SPI_BYSPI_HSIZE; 77 } 78 79 80 static int xfrm6_tunnel_spi_init(void) 81 { 82 int i; 83 84 xfrm6_tunnel_spi = 0; 85 xfrm6_tunnel_spi_kmem = kmem_cache_create("xfrm6_tunnel_spi", 86 sizeof(struct xfrm6_tunnel_spi), 87 0, SLAB_HWCACHE_ALIGN, 88 NULL); 89 if (!xfrm6_tunnel_spi_kmem) 90 return -ENOMEM; 91 92 for (i = 0; i < XFRM6_TUNNEL_SPI_BYADDR_HSIZE; i++) 93 INIT_HLIST_HEAD(&xfrm6_tunnel_spi_byaddr[i]); 94 for (i = 0; i < XFRM6_TUNNEL_SPI_BYSPI_HSIZE; i++) 95 INIT_HLIST_HEAD(&xfrm6_tunnel_spi_byspi[i]); 96 return 0; 97 } 98 99 static void xfrm6_tunnel_spi_fini(void) 100 { 101 int i; 102 103 for (i = 0; i < XFRM6_TUNNEL_SPI_BYADDR_HSIZE; i++) { 104 if (!hlist_empty(&xfrm6_tunnel_spi_byaddr[i])) 105 return; 106 } 107 for (i = 0; i < XFRM6_TUNNEL_SPI_BYSPI_HSIZE; i++) { 108 if (!hlist_empty(&xfrm6_tunnel_spi_byspi[i])) 109 return; 110 } 111 rcu_barrier(); 112 kmem_cache_destroy(xfrm6_tunnel_spi_kmem); 113 xfrm6_tunnel_spi_kmem = NULL; 114 } 115 116 static struct xfrm6_tunnel_spi *__xfrm6_tunnel_spi_lookup(xfrm_address_t *saddr) 117 { 118 struct xfrm6_tunnel_spi *x6spi; 119 struct hlist_node *pos; 120 121 hlist_for_each_entry_rcu(x6spi, pos, 122 &xfrm6_tunnel_spi_byaddr[xfrm6_tunnel_spi_hash_byaddr(saddr)], 123 list_byaddr) { 124 if (memcmp(&x6spi->addr, saddr, sizeof(x6spi->addr)) == 0) 125 return x6spi; 126 } 127 128 return NULL; 129 } 130 131 __be32 xfrm6_tunnel_spi_lookup(xfrm_address_t *saddr) 132 { 133 struct xfrm6_tunnel_spi *x6spi; 134 u32 spi; 135 136 rcu_read_lock_bh(); 137 x6spi = __xfrm6_tunnel_spi_lookup(saddr); 138 spi = x6spi ? x6spi->spi : 0; 139 rcu_read_unlock_bh(); 140 return htonl(spi); 141 } 142 143 EXPORT_SYMBOL(xfrm6_tunnel_spi_lookup); 144 145 static int __xfrm6_tunnel_spi_check(u32 spi) 146 { 147 struct xfrm6_tunnel_spi *x6spi; 148 int index = xfrm6_tunnel_spi_hash_byspi(spi); 149 struct hlist_node *pos; 150 151 hlist_for_each_entry(x6spi, pos, 152 &xfrm6_tunnel_spi_byspi[index], 153 list_byspi) { 154 if (x6spi->spi == spi) 155 return -1; 156 } 157 return index; 158 } 159 160 static u32 __xfrm6_tunnel_alloc_spi(xfrm_address_t *saddr) 161 { 162 u32 spi; 163 struct xfrm6_tunnel_spi *x6spi; 164 int index; 165 166 if (xfrm6_tunnel_spi < XFRM6_TUNNEL_SPI_MIN || 167 xfrm6_tunnel_spi >= XFRM6_TUNNEL_SPI_MAX) 168 xfrm6_tunnel_spi = XFRM6_TUNNEL_SPI_MIN; 169 else 170 xfrm6_tunnel_spi++; 171 172 for (spi = xfrm6_tunnel_spi; spi <= XFRM6_TUNNEL_SPI_MAX; spi++) { 173 index = __xfrm6_tunnel_spi_check(spi); 174 if (index >= 0) 175 goto alloc_spi; 176 } 177 for (spi = XFRM6_TUNNEL_SPI_MIN; spi < xfrm6_tunnel_spi; spi++) { 178 index = __xfrm6_tunnel_spi_check(spi); 179 if (index >= 0) 180 goto alloc_spi; 181 } 182 spi = 0; 183 goto out; 184 alloc_spi: 185 xfrm6_tunnel_spi = spi; 186 x6spi = kmem_cache_alloc(xfrm6_tunnel_spi_kmem, GFP_ATOMIC); 187 if (!x6spi) 188 goto out; 189 190 INIT_RCU_HEAD(&x6spi->rcu_head); 191 memcpy(&x6spi->addr, saddr, sizeof(x6spi->addr)); 192 x6spi->spi = spi; 193 atomic_set(&x6spi->refcnt, 1); 194 195 hlist_add_head_rcu(&x6spi->list_byspi, &xfrm6_tunnel_spi_byspi[index]); 196 197 index = xfrm6_tunnel_spi_hash_byaddr(saddr); 198 hlist_add_head_rcu(&x6spi->list_byaddr, &xfrm6_tunnel_spi_byaddr[index]); 199 out: 200 return spi; 201 } 202 203 __be32 xfrm6_tunnel_alloc_spi(xfrm_address_t *saddr) 204 { 205 struct xfrm6_tunnel_spi *x6spi; 206 u32 spi; 207 208 spin_lock_bh(&xfrm6_tunnel_spi_lock); 209 x6spi = __xfrm6_tunnel_spi_lookup(saddr); 210 if (x6spi) { 211 atomic_inc(&x6spi->refcnt); 212 spi = x6spi->spi; 213 } else 214 spi = __xfrm6_tunnel_alloc_spi(saddr); 215 spin_unlock_bh(&xfrm6_tunnel_spi_lock); 216 217 return htonl(spi); 218 } 219 220 EXPORT_SYMBOL(xfrm6_tunnel_alloc_spi); 221 222 static void x6spi_destroy_rcu(struct rcu_head *head) 223 { 224 kmem_cache_free(xfrm6_tunnel_spi_kmem, 225 container_of(head, struct xfrm6_tunnel_spi, rcu_head)); 226 } 227 228 void xfrm6_tunnel_free_spi(xfrm_address_t *saddr) 229 { 230 struct xfrm6_tunnel_spi *x6spi; 231 struct hlist_node *pos, *n; 232 233 spin_lock_bh(&xfrm6_tunnel_spi_lock); 234 235 hlist_for_each_entry_safe(x6spi, pos, n, 236 &xfrm6_tunnel_spi_byaddr[xfrm6_tunnel_spi_hash_byaddr(saddr)], 237 list_byaddr) 238 { 239 if (memcmp(&x6spi->addr, saddr, sizeof(x6spi->addr)) == 0) { 240 if (atomic_dec_and_test(&x6spi->refcnt)) { 241 hlist_del_rcu(&x6spi->list_byaddr); 242 hlist_del_rcu(&x6spi->list_byspi); 243 call_rcu(&x6spi->rcu_head, x6spi_destroy_rcu); 244 break; 245 } 246 } 247 } 248 spin_unlock_bh(&xfrm6_tunnel_spi_lock); 249 } 250 251 EXPORT_SYMBOL(xfrm6_tunnel_free_spi); 252 253 static int xfrm6_tunnel_output(struct xfrm_state *x, struct sk_buff *skb) 254 { 255 skb_push(skb, -skb_network_offset(skb)); 256 return 0; 257 } 258 259 static int xfrm6_tunnel_input(struct xfrm_state *x, struct sk_buff *skb) 260 { 261 return skb_network_header(skb)[IP6CB(skb)->nhoff]; 262 } 263 264 static int xfrm6_tunnel_rcv(struct sk_buff *skb) 265 { 266 struct ipv6hdr *iph = ipv6_hdr(skb); 267 __be32 spi; 268 269 spi = xfrm6_tunnel_spi_lookup((xfrm_address_t *)&iph->saddr); 270 return xfrm6_rcv_spi(skb, IPPROTO_IPV6, spi) > 0 ? : 0; 271 } 272 273 static int xfrm6_tunnel_err(struct sk_buff *skb, struct inet6_skb_parm *opt, 274 u8 type, u8 code, int offset, __be32 info) 275 { 276 /* xfrm6_tunnel native err handling */ 277 switch (type) { 278 case ICMPV6_DEST_UNREACH: 279 switch (code) { 280 case ICMPV6_NOROUTE: 281 case ICMPV6_ADM_PROHIBITED: 282 case ICMPV6_NOT_NEIGHBOUR: 283 case ICMPV6_ADDR_UNREACH: 284 case ICMPV6_PORT_UNREACH: 285 default: 286 break; 287 } 288 break; 289 case ICMPV6_PKT_TOOBIG: 290 break; 291 case ICMPV6_TIME_EXCEED: 292 switch (code) { 293 case ICMPV6_EXC_HOPLIMIT: 294 break; 295 case ICMPV6_EXC_FRAGTIME: 296 default: 297 break; 298 } 299 break; 300 case ICMPV6_PARAMPROB: 301 switch (code) { 302 case ICMPV6_HDR_FIELD: break; 303 case ICMPV6_UNK_NEXTHDR: break; 304 case ICMPV6_UNK_OPTION: break; 305 } 306 break; 307 default: 308 break; 309 } 310 311 return 0; 312 } 313 314 static int xfrm6_tunnel_init_state(struct xfrm_state *x) 315 { 316 if (x->props.mode != XFRM_MODE_TUNNEL) 317 return -EINVAL; 318 319 if (x->encap) 320 return -EINVAL; 321 322 x->props.header_len = sizeof(struct ipv6hdr); 323 324 return 0; 325 } 326 327 static void xfrm6_tunnel_destroy(struct xfrm_state *x) 328 { 329 xfrm6_tunnel_free_spi((xfrm_address_t *)&x->props.saddr); 330 } 331 332 static const struct xfrm_type xfrm6_tunnel_type = { 333 .description = "IP6IP6", 334 .owner = THIS_MODULE, 335 .proto = IPPROTO_IPV6, 336 .init_state = xfrm6_tunnel_init_state, 337 .destructor = xfrm6_tunnel_destroy, 338 .input = xfrm6_tunnel_input, 339 .output = xfrm6_tunnel_output, 340 }; 341 342 static struct xfrm6_tunnel xfrm6_tunnel_handler = { 343 .handler = xfrm6_tunnel_rcv, 344 .err_handler = xfrm6_tunnel_err, 345 .priority = 2, 346 }; 347 348 static struct xfrm6_tunnel xfrm46_tunnel_handler = { 349 .handler = xfrm6_tunnel_rcv, 350 .err_handler = xfrm6_tunnel_err, 351 .priority = 2, 352 }; 353 354 static int __init xfrm6_tunnel_init(void) 355 { 356 if (xfrm_register_type(&xfrm6_tunnel_type, AF_INET6) < 0) 357 goto err; 358 if (xfrm6_tunnel_register(&xfrm6_tunnel_handler, AF_INET6)) 359 goto unreg; 360 if (xfrm6_tunnel_register(&xfrm46_tunnel_handler, AF_INET)) 361 goto dereg6; 362 if (xfrm6_tunnel_spi_init() < 0) 363 goto dereg46; 364 return 0; 365 366 dereg46: 367 xfrm6_tunnel_deregister(&xfrm46_tunnel_handler, AF_INET); 368 dereg6: 369 xfrm6_tunnel_deregister(&xfrm6_tunnel_handler, AF_INET6); 370 unreg: 371 xfrm_unregister_type(&xfrm6_tunnel_type, AF_INET6); 372 err: 373 return -EAGAIN; 374 } 375 376 static void __exit xfrm6_tunnel_fini(void) 377 { 378 xfrm6_tunnel_spi_fini(); 379 xfrm6_tunnel_deregister(&xfrm46_tunnel_handler, AF_INET); 380 xfrm6_tunnel_deregister(&xfrm6_tunnel_handler, AF_INET6); 381 xfrm_unregister_type(&xfrm6_tunnel_type, AF_INET6); 382 } 383 384 module_init(xfrm6_tunnel_init); 385 module_exit(xfrm6_tunnel_fini); 386 MODULE_LICENSE("GPL"); 387 MODULE_ALIAS_XFRM_TYPE(AF_INET6, XFRM_PROTO_IPV6); 388