11da177e4SLinus Torvalds /* 21da177e4SLinus Torvalds * xfrm_state.c 31da177e4SLinus Torvalds * 41da177e4SLinus Torvalds * Changes: 51da177e4SLinus Torvalds * Mitsuru KANDA @USAGI 61da177e4SLinus Torvalds * Kazunori MIYAZAWA @USAGI 71da177e4SLinus Torvalds * Kunihiro Ishiguro <kunihiro@ipinfusion.com> 81da177e4SLinus Torvalds * IPv6 support 91da177e4SLinus Torvalds * YOSHIFUJI Hideaki @USAGI 101da177e4SLinus Torvalds * Split up af-specific functions 111da177e4SLinus Torvalds * Derek Atkins <derek@ihtfp.com> 121da177e4SLinus Torvalds * Add UDP Encapsulation 131da177e4SLinus Torvalds * 141da177e4SLinus Torvalds */ 151da177e4SLinus Torvalds 161da177e4SLinus Torvalds #include <linux/workqueue.h> 171da177e4SLinus Torvalds #include <net/xfrm.h> 181da177e4SLinus Torvalds #include <linux/pfkeyv2.h> 191da177e4SLinus Torvalds #include <linux/ipsec.h> 201da177e4SLinus Torvalds #include <linux/module.h> 211da177e4SLinus Torvalds #include <asm/uaccess.h> 221da177e4SLinus Torvalds 231da177e4SLinus Torvalds /* Each xfrm_state may be linked to two tables: 241da177e4SLinus Torvalds 251da177e4SLinus Torvalds 1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl) 261da177e4SLinus Torvalds 2. Hash table by daddr to find what SAs exist for given 271da177e4SLinus Torvalds destination/tunnel endpoint. (output) 281da177e4SLinus Torvalds */ 291da177e4SLinus Torvalds 301da177e4SLinus Torvalds static DEFINE_SPINLOCK(xfrm_state_lock); 311da177e4SLinus Torvalds 321da177e4SLinus Torvalds /* Hash table to find appropriate SA towards given target (endpoint 331da177e4SLinus Torvalds * of tunnel or destination of transport mode) allowed by selector. 341da177e4SLinus Torvalds * 351da177e4SLinus Torvalds * Main use is finding SA after policy selected tunnel or transport mode. 361da177e4SLinus Torvalds * Also, it can be used by ah/esp icmp error handler to find offending SA. 371da177e4SLinus Torvalds */ 381da177e4SLinus Torvalds static struct list_head xfrm_state_bydst[XFRM_DST_HSIZE]; 391da177e4SLinus Torvalds static struct list_head xfrm_state_byspi[XFRM_DST_HSIZE]; 401da177e4SLinus Torvalds 411da177e4SLinus Torvalds DECLARE_WAIT_QUEUE_HEAD(km_waitq); 421da177e4SLinus Torvalds EXPORT_SYMBOL(km_waitq); 431da177e4SLinus Torvalds 441da177e4SLinus Torvalds static DEFINE_RWLOCK(xfrm_state_afinfo_lock); 451da177e4SLinus Torvalds static struct xfrm_state_afinfo *xfrm_state_afinfo[NPROTO]; 461da177e4SLinus Torvalds 471da177e4SLinus Torvalds static struct work_struct xfrm_state_gc_work; 481da177e4SLinus Torvalds static struct list_head xfrm_state_gc_list = LIST_HEAD_INIT(xfrm_state_gc_list); 491da177e4SLinus Torvalds static DEFINE_SPINLOCK(xfrm_state_gc_lock); 501da177e4SLinus Torvalds 511da177e4SLinus Torvalds static int xfrm_state_gc_flush_bundles; 521da177e4SLinus Torvalds 5326b15dadSJamal Hadi Salim static int __xfrm_state_delete(struct xfrm_state *x); 541da177e4SLinus Torvalds 551da177e4SLinus Torvalds static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family); 561da177e4SLinus Torvalds static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo); 571da177e4SLinus Torvalds 581da177e4SLinus Torvalds static int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol); 591da177e4SLinus Torvalds static void km_state_expired(struct xfrm_state *x, int hard); 601da177e4SLinus Torvalds 611da177e4SLinus Torvalds static void xfrm_state_gc_destroy(struct xfrm_state *x) 621da177e4SLinus Torvalds { 631da177e4SLinus Torvalds if (del_timer(&x->timer)) 641da177e4SLinus Torvalds BUG(); 651da177e4SLinus Torvalds if (x->aalg) 661da177e4SLinus Torvalds kfree(x->aalg); 671da177e4SLinus Torvalds if (x->ealg) 681da177e4SLinus Torvalds kfree(x->ealg); 691da177e4SLinus Torvalds if (x->calg) 701da177e4SLinus Torvalds kfree(x->calg); 711da177e4SLinus Torvalds if (x->encap) 721da177e4SLinus Torvalds kfree(x->encap); 731da177e4SLinus Torvalds if (x->type) { 741da177e4SLinus Torvalds x->type->destructor(x); 751da177e4SLinus Torvalds xfrm_put_type(x->type); 761da177e4SLinus Torvalds } 771da177e4SLinus Torvalds kfree(x); 781da177e4SLinus Torvalds } 791da177e4SLinus Torvalds 801da177e4SLinus Torvalds static void xfrm_state_gc_task(void *data) 811da177e4SLinus Torvalds { 821da177e4SLinus Torvalds struct xfrm_state *x; 831da177e4SLinus Torvalds struct list_head *entry, *tmp; 841da177e4SLinus Torvalds struct list_head gc_list = LIST_HEAD_INIT(gc_list); 851da177e4SLinus Torvalds 861da177e4SLinus Torvalds if (xfrm_state_gc_flush_bundles) { 871da177e4SLinus Torvalds xfrm_state_gc_flush_bundles = 0; 881da177e4SLinus Torvalds xfrm_flush_bundles(); 891da177e4SLinus Torvalds } 901da177e4SLinus Torvalds 911da177e4SLinus Torvalds spin_lock_bh(&xfrm_state_gc_lock); 921da177e4SLinus Torvalds list_splice_init(&xfrm_state_gc_list, &gc_list); 931da177e4SLinus Torvalds spin_unlock_bh(&xfrm_state_gc_lock); 941da177e4SLinus Torvalds 951da177e4SLinus Torvalds list_for_each_safe(entry, tmp, &gc_list) { 961da177e4SLinus Torvalds x = list_entry(entry, struct xfrm_state, bydst); 971da177e4SLinus Torvalds xfrm_state_gc_destroy(x); 981da177e4SLinus Torvalds } 991da177e4SLinus Torvalds wake_up(&km_waitq); 1001da177e4SLinus Torvalds } 1011da177e4SLinus Torvalds 1021da177e4SLinus Torvalds static inline unsigned long make_jiffies(long secs) 1031da177e4SLinus Torvalds { 1041da177e4SLinus Torvalds if (secs >= (MAX_SCHEDULE_TIMEOUT-1)/HZ) 1051da177e4SLinus Torvalds return MAX_SCHEDULE_TIMEOUT-1; 1061da177e4SLinus Torvalds else 1071da177e4SLinus Torvalds return secs*HZ; 1081da177e4SLinus Torvalds } 1091da177e4SLinus Torvalds 1101da177e4SLinus Torvalds static void xfrm_timer_handler(unsigned long data) 1111da177e4SLinus Torvalds { 1121da177e4SLinus Torvalds struct xfrm_state *x = (struct xfrm_state*)data; 1131da177e4SLinus Torvalds unsigned long now = (unsigned long)xtime.tv_sec; 1141da177e4SLinus Torvalds long next = LONG_MAX; 1151da177e4SLinus Torvalds int warn = 0; 1161da177e4SLinus Torvalds 1171da177e4SLinus Torvalds spin_lock(&x->lock); 1181da177e4SLinus Torvalds if (x->km.state == XFRM_STATE_DEAD) 1191da177e4SLinus Torvalds goto out; 1201da177e4SLinus Torvalds if (x->km.state == XFRM_STATE_EXPIRED) 1211da177e4SLinus Torvalds goto expired; 1221da177e4SLinus Torvalds if (x->lft.hard_add_expires_seconds) { 1231da177e4SLinus Torvalds long tmo = x->lft.hard_add_expires_seconds + 1241da177e4SLinus Torvalds x->curlft.add_time - now; 1251da177e4SLinus Torvalds if (tmo <= 0) 1261da177e4SLinus Torvalds goto expired; 1271da177e4SLinus Torvalds if (tmo < next) 1281da177e4SLinus Torvalds next = tmo; 1291da177e4SLinus Torvalds } 1301da177e4SLinus Torvalds if (x->lft.hard_use_expires_seconds) { 1311da177e4SLinus Torvalds long tmo = x->lft.hard_use_expires_seconds + 1321da177e4SLinus Torvalds (x->curlft.use_time ? : now) - now; 1331da177e4SLinus Torvalds if (tmo <= 0) 1341da177e4SLinus Torvalds goto expired; 1351da177e4SLinus Torvalds if (tmo < next) 1361da177e4SLinus Torvalds next = tmo; 1371da177e4SLinus Torvalds } 1381da177e4SLinus Torvalds if (x->km.dying) 1391da177e4SLinus Torvalds goto resched; 1401da177e4SLinus Torvalds if (x->lft.soft_add_expires_seconds) { 1411da177e4SLinus Torvalds long tmo = x->lft.soft_add_expires_seconds + 1421da177e4SLinus Torvalds x->curlft.add_time - now; 1431da177e4SLinus Torvalds if (tmo <= 0) 1441da177e4SLinus Torvalds warn = 1; 1451da177e4SLinus Torvalds else if (tmo < next) 1461da177e4SLinus Torvalds next = tmo; 1471da177e4SLinus Torvalds } 1481da177e4SLinus Torvalds if (x->lft.soft_use_expires_seconds) { 1491da177e4SLinus Torvalds long tmo = x->lft.soft_use_expires_seconds + 1501da177e4SLinus Torvalds (x->curlft.use_time ? : now) - now; 1511da177e4SLinus Torvalds if (tmo <= 0) 1521da177e4SLinus Torvalds warn = 1; 1531da177e4SLinus Torvalds else if (tmo < next) 1541da177e4SLinus Torvalds next = tmo; 1551da177e4SLinus Torvalds } 1561da177e4SLinus Torvalds 1574666faabSHerbert Xu x->km.dying = warn; 1581da177e4SLinus Torvalds if (warn) 1591da177e4SLinus Torvalds km_state_expired(x, 0); 1601da177e4SLinus Torvalds resched: 1611da177e4SLinus Torvalds if (next != LONG_MAX && 1621da177e4SLinus Torvalds !mod_timer(&x->timer, jiffies + make_jiffies(next))) 1631da177e4SLinus Torvalds xfrm_state_hold(x); 1641da177e4SLinus Torvalds goto out; 1651da177e4SLinus Torvalds 1661da177e4SLinus Torvalds expired: 1671da177e4SLinus Torvalds if (x->km.state == XFRM_STATE_ACQ && x->id.spi == 0) { 1681da177e4SLinus Torvalds x->km.state = XFRM_STATE_EXPIRED; 1691da177e4SLinus Torvalds wake_up(&km_waitq); 1701da177e4SLinus Torvalds next = 2; 1711da177e4SLinus Torvalds goto resched; 1721da177e4SLinus Torvalds } 1734666faabSHerbert Xu if (!__xfrm_state_delete(x) && x->id.spi) 1741da177e4SLinus Torvalds km_state_expired(x, 1); 1751da177e4SLinus Torvalds 1761da177e4SLinus Torvalds out: 1771da177e4SLinus Torvalds spin_unlock(&x->lock); 1781da177e4SLinus Torvalds xfrm_state_put(x); 1791da177e4SLinus Torvalds } 1801da177e4SLinus Torvalds 1811da177e4SLinus Torvalds struct xfrm_state *xfrm_state_alloc(void) 1821da177e4SLinus Torvalds { 1831da177e4SLinus Torvalds struct xfrm_state *x; 1841da177e4SLinus Torvalds 1851da177e4SLinus Torvalds x = kmalloc(sizeof(struct xfrm_state), GFP_ATOMIC); 1861da177e4SLinus Torvalds 1871da177e4SLinus Torvalds if (x) { 1881da177e4SLinus Torvalds memset(x, 0, sizeof(struct xfrm_state)); 1891da177e4SLinus Torvalds atomic_set(&x->refcnt, 1); 1901da177e4SLinus Torvalds atomic_set(&x->tunnel_users, 0); 1911da177e4SLinus Torvalds INIT_LIST_HEAD(&x->bydst); 1921da177e4SLinus Torvalds INIT_LIST_HEAD(&x->byspi); 1931da177e4SLinus Torvalds init_timer(&x->timer); 1941da177e4SLinus Torvalds x->timer.function = xfrm_timer_handler; 1951da177e4SLinus Torvalds x->timer.data = (unsigned long)x; 1961da177e4SLinus Torvalds x->curlft.add_time = (unsigned long)xtime.tv_sec; 1971da177e4SLinus Torvalds x->lft.soft_byte_limit = XFRM_INF; 1981da177e4SLinus Torvalds x->lft.soft_packet_limit = XFRM_INF; 1991da177e4SLinus Torvalds x->lft.hard_byte_limit = XFRM_INF; 2001da177e4SLinus Torvalds x->lft.hard_packet_limit = XFRM_INF; 2011da177e4SLinus Torvalds spin_lock_init(&x->lock); 2021da177e4SLinus Torvalds } 2031da177e4SLinus Torvalds return x; 2041da177e4SLinus Torvalds } 2051da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_state_alloc); 2061da177e4SLinus Torvalds 2071da177e4SLinus Torvalds void __xfrm_state_destroy(struct xfrm_state *x) 2081da177e4SLinus Torvalds { 2091da177e4SLinus Torvalds BUG_TRAP(x->km.state == XFRM_STATE_DEAD); 2101da177e4SLinus Torvalds 2111da177e4SLinus Torvalds spin_lock_bh(&xfrm_state_gc_lock); 2121da177e4SLinus Torvalds list_add(&x->bydst, &xfrm_state_gc_list); 2131da177e4SLinus Torvalds spin_unlock_bh(&xfrm_state_gc_lock); 2141da177e4SLinus Torvalds schedule_work(&xfrm_state_gc_work); 2151da177e4SLinus Torvalds } 2161da177e4SLinus Torvalds EXPORT_SYMBOL(__xfrm_state_destroy); 2171da177e4SLinus Torvalds 21826b15dadSJamal Hadi Salim static int __xfrm_state_delete(struct xfrm_state *x) 2191da177e4SLinus Torvalds { 22026b15dadSJamal Hadi Salim int err = -ESRCH; 22126b15dadSJamal Hadi Salim 2221da177e4SLinus Torvalds if (x->km.state != XFRM_STATE_DEAD) { 2231da177e4SLinus Torvalds x->km.state = XFRM_STATE_DEAD; 2241da177e4SLinus Torvalds spin_lock(&xfrm_state_lock); 2251da177e4SLinus Torvalds list_del(&x->bydst); 2261da177e4SLinus Torvalds atomic_dec(&x->refcnt); 2271da177e4SLinus Torvalds if (x->id.spi) { 2281da177e4SLinus Torvalds list_del(&x->byspi); 2291da177e4SLinus Torvalds atomic_dec(&x->refcnt); 2301da177e4SLinus Torvalds } 2311da177e4SLinus Torvalds spin_unlock(&xfrm_state_lock); 2321da177e4SLinus Torvalds if (del_timer(&x->timer)) 2331da177e4SLinus Torvalds atomic_dec(&x->refcnt); 2341da177e4SLinus Torvalds 2351da177e4SLinus Torvalds /* The number two in this test is the reference 2361da177e4SLinus Torvalds * mentioned in the comment below plus the reference 2371da177e4SLinus Torvalds * our caller holds. A larger value means that 2381da177e4SLinus Torvalds * there are DSTs attached to this xfrm_state. 2391da177e4SLinus Torvalds */ 2401da177e4SLinus Torvalds if (atomic_read(&x->refcnt) > 2) { 2411da177e4SLinus Torvalds xfrm_state_gc_flush_bundles = 1; 2421da177e4SLinus Torvalds schedule_work(&xfrm_state_gc_work); 2431da177e4SLinus Torvalds } 2441da177e4SLinus Torvalds 2451da177e4SLinus Torvalds /* All xfrm_state objects are created by xfrm_state_alloc. 2461da177e4SLinus Torvalds * The xfrm_state_alloc call gives a reference, and that 2471da177e4SLinus Torvalds * is what we are dropping here. 2481da177e4SLinus Torvalds */ 2491da177e4SLinus Torvalds atomic_dec(&x->refcnt); 25026b15dadSJamal Hadi Salim err = 0; 2511da177e4SLinus Torvalds } 2521da177e4SLinus Torvalds 25326b15dadSJamal Hadi Salim return err; 25426b15dadSJamal Hadi Salim } 25526b15dadSJamal Hadi Salim 25626b15dadSJamal Hadi Salim int xfrm_state_delete(struct xfrm_state *x) 2571da177e4SLinus Torvalds { 25826b15dadSJamal Hadi Salim int err; 25926b15dadSJamal Hadi Salim 2601da177e4SLinus Torvalds spin_lock_bh(&x->lock); 26126b15dadSJamal Hadi Salim err = __xfrm_state_delete(x); 2621da177e4SLinus Torvalds spin_unlock_bh(&x->lock); 26326b15dadSJamal Hadi Salim 26426b15dadSJamal Hadi Salim return err; 2651da177e4SLinus Torvalds } 2661da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_state_delete); 2671da177e4SLinus Torvalds 2681da177e4SLinus Torvalds void xfrm_state_flush(u8 proto) 2691da177e4SLinus Torvalds { 2701da177e4SLinus Torvalds int i; 2711da177e4SLinus Torvalds struct xfrm_state *x; 2721da177e4SLinus Torvalds 2731da177e4SLinus Torvalds spin_lock_bh(&xfrm_state_lock); 2741da177e4SLinus Torvalds for (i = 0; i < XFRM_DST_HSIZE; i++) { 2751da177e4SLinus Torvalds restart: 2761da177e4SLinus Torvalds list_for_each_entry(x, xfrm_state_bydst+i, bydst) { 2771da177e4SLinus Torvalds if (!xfrm_state_kern(x) && 2781da177e4SLinus Torvalds (proto == IPSEC_PROTO_ANY || x->id.proto == proto)) { 2791da177e4SLinus Torvalds xfrm_state_hold(x); 2801da177e4SLinus Torvalds spin_unlock_bh(&xfrm_state_lock); 2811da177e4SLinus Torvalds 2821da177e4SLinus Torvalds xfrm_state_delete(x); 2831da177e4SLinus Torvalds xfrm_state_put(x); 2841da177e4SLinus Torvalds 2851da177e4SLinus Torvalds spin_lock_bh(&xfrm_state_lock); 2861da177e4SLinus Torvalds goto restart; 2871da177e4SLinus Torvalds } 2881da177e4SLinus Torvalds } 2891da177e4SLinus Torvalds } 2901da177e4SLinus Torvalds spin_unlock_bh(&xfrm_state_lock); 2911da177e4SLinus Torvalds wake_up(&km_waitq); 2921da177e4SLinus Torvalds } 2931da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_state_flush); 2941da177e4SLinus Torvalds 2951da177e4SLinus Torvalds static int 2961da177e4SLinus Torvalds xfrm_init_tempsel(struct xfrm_state *x, struct flowi *fl, 2971da177e4SLinus Torvalds struct xfrm_tmpl *tmpl, 2981da177e4SLinus Torvalds xfrm_address_t *daddr, xfrm_address_t *saddr, 2991da177e4SLinus Torvalds unsigned short family) 3001da177e4SLinus Torvalds { 3011da177e4SLinus Torvalds struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family); 3021da177e4SLinus Torvalds if (!afinfo) 3031da177e4SLinus Torvalds return -1; 3041da177e4SLinus Torvalds afinfo->init_tempsel(x, fl, tmpl, daddr, saddr); 3051da177e4SLinus Torvalds xfrm_state_put_afinfo(afinfo); 3061da177e4SLinus Torvalds return 0; 3071da177e4SLinus Torvalds } 3081da177e4SLinus Torvalds 3091da177e4SLinus Torvalds struct xfrm_state * 3101da177e4SLinus Torvalds xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr, 3111da177e4SLinus Torvalds struct flowi *fl, struct xfrm_tmpl *tmpl, 3121da177e4SLinus Torvalds struct xfrm_policy *pol, int *err, 3131da177e4SLinus Torvalds unsigned short family) 3141da177e4SLinus Torvalds { 3151da177e4SLinus Torvalds unsigned h = xfrm_dst_hash(daddr, family); 3161da177e4SLinus Torvalds struct xfrm_state *x, *x0; 3171da177e4SLinus Torvalds int acquire_in_progress = 0; 3181da177e4SLinus Torvalds int error = 0; 3191da177e4SLinus Torvalds struct xfrm_state *best = NULL; 3201da177e4SLinus Torvalds struct xfrm_state_afinfo *afinfo; 3211da177e4SLinus Torvalds 3221da177e4SLinus Torvalds afinfo = xfrm_state_get_afinfo(family); 3231da177e4SLinus Torvalds if (afinfo == NULL) { 3241da177e4SLinus Torvalds *err = -EAFNOSUPPORT; 3251da177e4SLinus Torvalds return NULL; 3261da177e4SLinus Torvalds } 3271da177e4SLinus Torvalds 3281da177e4SLinus Torvalds spin_lock_bh(&xfrm_state_lock); 3291da177e4SLinus Torvalds list_for_each_entry(x, xfrm_state_bydst+h, bydst) { 3301da177e4SLinus Torvalds if (x->props.family == family && 3311da177e4SLinus Torvalds x->props.reqid == tmpl->reqid && 3321da177e4SLinus Torvalds xfrm_state_addr_check(x, daddr, saddr, family) && 3331da177e4SLinus Torvalds tmpl->mode == x->props.mode && 3341da177e4SLinus Torvalds tmpl->id.proto == x->id.proto && 3351da177e4SLinus Torvalds (tmpl->id.spi == x->id.spi || !tmpl->id.spi)) { 3361da177e4SLinus Torvalds /* Resolution logic: 3371da177e4SLinus Torvalds 1. There is a valid state with matching selector. 3381da177e4SLinus Torvalds Done. 3391da177e4SLinus Torvalds 2. Valid state with inappropriate selector. Skip. 3401da177e4SLinus Torvalds 3411da177e4SLinus Torvalds Entering area of "sysdeps". 3421da177e4SLinus Torvalds 3431da177e4SLinus Torvalds 3. If state is not valid, selector is temporary, 3441da177e4SLinus Torvalds it selects only session which triggered 3451da177e4SLinus Torvalds previous resolution. Key manager will do 3461da177e4SLinus Torvalds something to install a state with proper 3471da177e4SLinus Torvalds selector. 3481da177e4SLinus Torvalds */ 3491da177e4SLinus Torvalds if (x->km.state == XFRM_STATE_VALID) { 3501da177e4SLinus Torvalds if (!xfrm_selector_match(&x->sel, fl, family)) 3511da177e4SLinus Torvalds continue; 3521da177e4SLinus Torvalds if (!best || 3531da177e4SLinus Torvalds best->km.dying > x->km.dying || 3541da177e4SLinus Torvalds (best->km.dying == x->km.dying && 3551da177e4SLinus Torvalds best->curlft.add_time < x->curlft.add_time)) 3561da177e4SLinus Torvalds best = x; 3571da177e4SLinus Torvalds } else if (x->km.state == XFRM_STATE_ACQ) { 3581da177e4SLinus Torvalds acquire_in_progress = 1; 3591da177e4SLinus Torvalds } else if (x->km.state == XFRM_STATE_ERROR || 3601da177e4SLinus Torvalds x->km.state == XFRM_STATE_EXPIRED) { 3611da177e4SLinus Torvalds if (xfrm_selector_match(&x->sel, fl, family)) 3621da177e4SLinus Torvalds error = -ESRCH; 3631da177e4SLinus Torvalds } 3641da177e4SLinus Torvalds } 3651da177e4SLinus Torvalds } 3661da177e4SLinus Torvalds 3671da177e4SLinus Torvalds x = best; 3681da177e4SLinus Torvalds if (!x && !error && !acquire_in_progress) { 3695c5d281aSPatrick McHardy if (tmpl->id.spi && 3705c5d281aSPatrick McHardy (x0 = afinfo->state_lookup(daddr, tmpl->id.spi, 3715c5d281aSPatrick McHardy tmpl->id.proto)) != NULL) { 3721da177e4SLinus Torvalds xfrm_state_put(x0); 3731da177e4SLinus Torvalds error = -EEXIST; 3741da177e4SLinus Torvalds goto out; 3751da177e4SLinus Torvalds } 3761da177e4SLinus Torvalds x = xfrm_state_alloc(); 3771da177e4SLinus Torvalds if (x == NULL) { 3781da177e4SLinus Torvalds error = -ENOMEM; 3791da177e4SLinus Torvalds goto out; 3801da177e4SLinus Torvalds } 3811da177e4SLinus Torvalds /* Initialize temporary selector matching only 3821da177e4SLinus Torvalds * to current session. */ 3831da177e4SLinus Torvalds xfrm_init_tempsel(x, fl, tmpl, daddr, saddr, family); 3841da177e4SLinus Torvalds 3851da177e4SLinus Torvalds if (km_query(x, tmpl, pol) == 0) { 3861da177e4SLinus Torvalds x->km.state = XFRM_STATE_ACQ; 3871da177e4SLinus Torvalds list_add_tail(&x->bydst, xfrm_state_bydst+h); 3881da177e4SLinus Torvalds xfrm_state_hold(x); 3891da177e4SLinus Torvalds if (x->id.spi) { 3901da177e4SLinus Torvalds h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, family); 3911da177e4SLinus Torvalds list_add(&x->byspi, xfrm_state_byspi+h); 3921da177e4SLinus Torvalds xfrm_state_hold(x); 3931da177e4SLinus Torvalds } 3941da177e4SLinus Torvalds x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES; 3951da177e4SLinus Torvalds xfrm_state_hold(x); 3961da177e4SLinus Torvalds x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ; 3971da177e4SLinus Torvalds add_timer(&x->timer); 3981da177e4SLinus Torvalds } else { 3991da177e4SLinus Torvalds x->km.state = XFRM_STATE_DEAD; 4001da177e4SLinus Torvalds xfrm_state_put(x); 4011da177e4SLinus Torvalds x = NULL; 4021da177e4SLinus Torvalds error = -ESRCH; 4031da177e4SLinus Torvalds } 4041da177e4SLinus Torvalds } 4051da177e4SLinus Torvalds out: 4061da177e4SLinus Torvalds if (x) 4071da177e4SLinus Torvalds xfrm_state_hold(x); 4081da177e4SLinus Torvalds else 4091da177e4SLinus Torvalds *err = acquire_in_progress ? -EAGAIN : error; 4101da177e4SLinus Torvalds spin_unlock_bh(&xfrm_state_lock); 4111da177e4SLinus Torvalds xfrm_state_put_afinfo(afinfo); 4121da177e4SLinus Torvalds return x; 4131da177e4SLinus Torvalds } 4141da177e4SLinus Torvalds 4151da177e4SLinus Torvalds static void __xfrm_state_insert(struct xfrm_state *x) 4161da177e4SLinus Torvalds { 4171da177e4SLinus Torvalds unsigned h = xfrm_dst_hash(&x->id.daddr, x->props.family); 4181da177e4SLinus Torvalds 4191da177e4SLinus Torvalds list_add(&x->bydst, xfrm_state_bydst+h); 4201da177e4SLinus Torvalds xfrm_state_hold(x); 4211da177e4SLinus Torvalds 4221da177e4SLinus Torvalds h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, x->props.family); 4231da177e4SLinus Torvalds 4241da177e4SLinus Torvalds list_add(&x->byspi, xfrm_state_byspi+h); 4251da177e4SLinus Torvalds xfrm_state_hold(x); 4261da177e4SLinus Torvalds 4271da177e4SLinus Torvalds if (!mod_timer(&x->timer, jiffies + HZ)) 4281da177e4SLinus Torvalds xfrm_state_hold(x); 4291da177e4SLinus Torvalds 4301da177e4SLinus Torvalds wake_up(&km_waitq); 4311da177e4SLinus Torvalds } 4321da177e4SLinus Torvalds 4331da177e4SLinus Torvalds void xfrm_state_insert(struct xfrm_state *x) 4341da177e4SLinus Torvalds { 4351da177e4SLinus Torvalds spin_lock_bh(&xfrm_state_lock); 4361da177e4SLinus Torvalds __xfrm_state_insert(x); 4371da177e4SLinus Torvalds spin_unlock_bh(&xfrm_state_lock); 4381da177e4SLinus Torvalds } 4391da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_state_insert); 4401da177e4SLinus Torvalds 4411da177e4SLinus Torvalds static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq); 4421da177e4SLinus Torvalds 4431da177e4SLinus Torvalds int xfrm_state_add(struct xfrm_state *x) 4441da177e4SLinus Torvalds { 4451da177e4SLinus Torvalds struct xfrm_state_afinfo *afinfo; 4461da177e4SLinus Torvalds struct xfrm_state *x1; 4471da177e4SLinus Torvalds int family; 4481da177e4SLinus Torvalds int err; 4491da177e4SLinus Torvalds 4501da177e4SLinus Torvalds family = x->props.family; 4511da177e4SLinus Torvalds afinfo = xfrm_state_get_afinfo(family); 4521da177e4SLinus Torvalds if (unlikely(afinfo == NULL)) 4531da177e4SLinus Torvalds return -EAFNOSUPPORT; 4541da177e4SLinus Torvalds 4551da177e4SLinus Torvalds spin_lock_bh(&xfrm_state_lock); 4561da177e4SLinus Torvalds 4571da177e4SLinus Torvalds x1 = afinfo->state_lookup(&x->id.daddr, x->id.spi, x->id.proto); 4581da177e4SLinus Torvalds if (x1) { 4591da177e4SLinus Torvalds xfrm_state_put(x1); 4601da177e4SLinus Torvalds x1 = NULL; 4611da177e4SLinus Torvalds err = -EEXIST; 4621da177e4SLinus Torvalds goto out; 4631da177e4SLinus Torvalds } 4641da177e4SLinus Torvalds 4651da177e4SLinus Torvalds if (x->km.seq) { 4661da177e4SLinus Torvalds x1 = __xfrm_find_acq_byseq(x->km.seq); 4671da177e4SLinus Torvalds if (x1 && xfrm_addr_cmp(&x1->id.daddr, &x->id.daddr, family)) { 4681da177e4SLinus Torvalds xfrm_state_put(x1); 4691da177e4SLinus Torvalds x1 = NULL; 4701da177e4SLinus Torvalds } 4711da177e4SLinus Torvalds } 4721da177e4SLinus Torvalds 4731da177e4SLinus Torvalds if (!x1) 4741da177e4SLinus Torvalds x1 = afinfo->find_acq( 4751da177e4SLinus Torvalds x->props.mode, x->props.reqid, x->id.proto, 4761da177e4SLinus Torvalds &x->id.daddr, &x->props.saddr, 0); 4771da177e4SLinus Torvalds 4781da177e4SLinus Torvalds __xfrm_state_insert(x); 4791da177e4SLinus Torvalds err = 0; 4801da177e4SLinus Torvalds 4811da177e4SLinus Torvalds out: 4821da177e4SLinus Torvalds spin_unlock_bh(&xfrm_state_lock); 4831da177e4SLinus Torvalds xfrm_state_put_afinfo(afinfo); 4841da177e4SLinus Torvalds 4851da177e4SLinus Torvalds if (x1) { 4861da177e4SLinus Torvalds xfrm_state_delete(x1); 4871da177e4SLinus Torvalds xfrm_state_put(x1); 4881da177e4SLinus Torvalds } 4891da177e4SLinus Torvalds 4901da177e4SLinus Torvalds return err; 4911da177e4SLinus Torvalds } 4921da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_state_add); 4931da177e4SLinus Torvalds 4941da177e4SLinus Torvalds int xfrm_state_update(struct xfrm_state *x) 4951da177e4SLinus Torvalds { 4961da177e4SLinus Torvalds struct xfrm_state_afinfo *afinfo; 4971da177e4SLinus Torvalds struct xfrm_state *x1; 4981da177e4SLinus Torvalds int err; 4991da177e4SLinus Torvalds 5001da177e4SLinus Torvalds afinfo = xfrm_state_get_afinfo(x->props.family); 5011da177e4SLinus Torvalds if (unlikely(afinfo == NULL)) 5021da177e4SLinus Torvalds return -EAFNOSUPPORT; 5031da177e4SLinus Torvalds 5041da177e4SLinus Torvalds spin_lock_bh(&xfrm_state_lock); 5051da177e4SLinus Torvalds x1 = afinfo->state_lookup(&x->id.daddr, x->id.spi, x->id.proto); 5061da177e4SLinus Torvalds 5071da177e4SLinus Torvalds err = -ESRCH; 5081da177e4SLinus Torvalds if (!x1) 5091da177e4SLinus Torvalds goto out; 5101da177e4SLinus Torvalds 5111da177e4SLinus Torvalds if (xfrm_state_kern(x1)) { 5121da177e4SLinus Torvalds xfrm_state_put(x1); 5131da177e4SLinus Torvalds err = -EEXIST; 5141da177e4SLinus Torvalds goto out; 5151da177e4SLinus Torvalds } 5161da177e4SLinus Torvalds 5171da177e4SLinus Torvalds if (x1->km.state == XFRM_STATE_ACQ) { 5181da177e4SLinus Torvalds __xfrm_state_insert(x); 5191da177e4SLinus Torvalds x = NULL; 5201da177e4SLinus Torvalds } 5211da177e4SLinus Torvalds err = 0; 5221da177e4SLinus Torvalds 5231da177e4SLinus Torvalds out: 5241da177e4SLinus Torvalds spin_unlock_bh(&xfrm_state_lock); 5251da177e4SLinus Torvalds xfrm_state_put_afinfo(afinfo); 5261da177e4SLinus Torvalds 5271da177e4SLinus Torvalds if (err) 5281da177e4SLinus Torvalds return err; 5291da177e4SLinus Torvalds 5301da177e4SLinus Torvalds if (!x) { 5311da177e4SLinus Torvalds xfrm_state_delete(x1); 5321da177e4SLinus Torvalds xfrm_state_put(x1); 5331da177e4SLinus Torvalds return 0; 5341da177e4SLinus Torvalds } 5351da177e4SLinus Torvalds 5361da177e4SLinus Torvalds err = -EINVAL; 5371da177e4SLinus Torvalds spin_lock_bh(&x1->lock); 5381da177e4SLinus Torvalds if (likely(x1->km.state == XFRM_STATE_VALID)) { 5391da177e4SLinus Torvalds if (x->encap && x1->encap) 5401da177e4SLinus Torvalds memcpy(x1->encap, x->encap, sizeof(*x1->encap)); 5411da177e4SLinus Torvalds memcpy(&x1->lft, &x->lft, sizeof(x1->lft)); 5421da177e4SLinus Torvalds x1->km.dying = 0; 5431da177e4SLinus Torvalds 5441da177e4SLinus Torvalds if (!mod_timer(&x1->timer, jiffies + HZ)) 5451da177e4SLinus Torvalds xfrm_state_hold(x1); 5461da177e4SLinus Torvalds if (x1->curlft.use_time) 5471da177e4SLinus Torvalds xfrm_state_check_expire(x1); 5481da177e4SLinus Torvalds 5491da177e4SLinus Torvalds err = 0; 5501da177e4SLinus Torvalds } 5511da177e4SLinus Torvalds spin_unlock_bh(&x1->lock); 5521da177e4SLinus Torvalds 5531da177e4SLinus Torvalds xfrm_state_put(x1); 5541da177e4SLinus Torvalds 5551da177e4SLinus Torvalds return err; 5561da177e4SLinus Torvalds } 5571da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_state_update); 5581da177e4SLinus Torvalds 5591da177e4SLinus Torvalds int xfrm_state_check_expire(struct xfrm_state *x) 5601da177e4SLinus Torvalds { 5611da177e4SLinus Torvalds if (!x->curlft.use_time) 5621da177e4SLinus Torvalds x->curlft.use_time = (unsigned long)xtime.tv_sec; 5631da177e4SLinus Torvalds 5641da177e4SLinus Torvalds if (x->km.state != XFRM_STATE_VALID) 5651da177e4SLinus Torvalds return -EINVAL; 5661da177e4SLinus Torvalds 5671da177e4SLinus Torvalds if (x->curlft.bytes >= x->lft.hard_byte_limit || 5681da177e4SLinus Torvalds x->curlft.packets >= x->lft.hard_packet_limit) { 5694666faabSHerbert Xu x->km.state = XFRM_STATE_EXPIRED; 5704666faabSHerbert Xu if (!mod_timer(&x->timer, jiffies)) 5711da177e4SLinus Torvalds xfrm_state_hold(x); 5721da177e4SLinus Torvalds return -EINVAL; 5731da177e4SLinus Torvalds } 5741da177e4SLinus Torvalds 5751da177e4SLinus Torvalds if (!x->km.dying && 5761da177e4SLinus Torvalds (x->curlft.bytes >= x->lft.soft_byte_limit || 5774666faabSHerbert Xu x->curlft.packets >= x->lft.soft_packet_limit)) { 5784666faabSHerbert Xu x->km.dying = 1; 5791da177e4SLinus Torvalds km_state_expired(x, 0); 5804666faabSHerbert Xu } 5811da177e4SLinus Torvalds return 0; 5821da177e4SLinus Torvalds } 5831da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_state_check_expire); 5841da177e4SLinus Torvalds 5851da177e4SLinus Torvalds static int xfrm_state_check_space(struct xfrm_state *x, struct sk_buff *skb) 5861da177e4SLinus Torvalds { 5871da177e4SLinus Torvalds int nhead = x->props.header_len + LL_RESERVED_SPACE(skb->dst->dev) 5881da177e4SLinus Torvalds - skb_headroom(skb); 5891da177e4SLinus Torvalds 5901da177e4SLinus Torvalds if (nhead > 0) 5911da177e4SLinus Torvalds return pskb_expand_head(skb, nhead, 0, GFP_ATOMIC); 5921da177e4SLinus Torvalds 5931da177e4SLinus Torvalds /* Check tail too... */ 5941da177e4SLinus Torvalds return 0; 5951da177e4SLinus Torvalds } 5961da177e4SLinus Torvalds 5971da177e4SLinus Torvalds int xfrm_state_check(struct xfrm_state *x, struct sk_buff *skb) 5981da177e4SLinus Torvalds { 5991da177e4SLinus Torvalds int err = xfrm_state_check_expire(x); 6001da177e4SLinus Torvalds if (err < 0) 6011da177e4SLinus Torvalds goto err; 6021da177e4SLinus Torvalds err = xfrm_state_check_space(x, skb); 6031da177e4SLinus Torvalds err: 6041da177e4SLinus Torvalds return err; 6051da177e4SLinus Torvalds } 6061da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_state_check); 6071da177e4SLinus Torvalds 6081da177e4SLinus Torvalds struct xfrm_state * 6091da177e4SLinus Torvalds xfrm_state_lookup(xfrm_address_t *daddr, u32 spi, u8 proto, 6101da177e4SLinus Torvalds unsigned short family) 6111da177e4SLinus Torvalds { 6121da177e4SLinus Torvalds struct xfrm_state *x; 6131da177e4SLinus Torvalds struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family); 6141da177e4SLinus Torvalds if (!afinfo) 6151da177e4SLinus Torvalds return NULL; 6161da177e4SLinus Torvalds 6171da177e4SLinus Torvalds spin_lock_bh(&xfrm_state_lock); 6181da177e4SLinus Torvalds x = afinfo->state_lookup(daddr, spi, proto); 6191da177e4SLinus Torvalds spin_unlock_bh(&xfrm_state_lock); 6201da177e4SLinus Torvalds xfrm_state_put_afinfo(afinfo); 6211da177e4SLinus Torvalds return x; 6221da177e4SLinus Torvalds } 6231da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_state_lookup); 6241da177e4SLinus Torvalds 6251da177e4SLinus Torvalds struct xfrm_state * 6261da177e4SLinus Torvalds xfrm_find_acq(u8 mode, u32 reqid, u8 proto, 6271da177e4SLinus Torvalds xfrm_address_t *daddr, xfrm_address_t *saddr, 6281da177e4SLinus Torvalds int create, unsigned short family) 6291da177e4SLinus Torvalds { 6301da177e4SLinus Torvalds struct xfrm_state *x; 6311da177e4SLinus Torvalds struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family); 6321da177e4SLinus Torvalds if (!afinfo) 6331da177e4SLinus Torvalds return NULL; 6341da177e4SLinus Torvalds 6351da177e4SLinus Torvalds spin_lock_bh(&xfrm_state_lock); 6361da177e4SLinus Torvalds x = afinfo->find_acq(mode, reqid, proto, daddr, saddr, create); 6371da177e4SLinus Torvalds spin_unlock_bh(&xfrm_state_lock); 6381da177e4SLinus Torvalds xfrm_state_put_afinfo(afinfo); 6391da177e4SLinus Torvalds return x; 6401da177e4SLinus Torvalds } 6411da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_find_acq); 6421da177e4SLinus Torvalds 6431da177e4SLinus Torvalds /* Silly enough, but I'm lazy to build resolution list */ 6441da177e4SLinus Torvalds 6451da177e4SLinus Torvalds static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq) 6461da177e4SLinus Torvalds { 6471da177e4SLinus Torvalds int i; 6481da177e4SLinus Torvalds struct xfrm_state *x; 6491da177e4SLinus Torvalds 6501da177e4SLinus Torvalds for (i = 0; i < XFRM_DST_HSIZE; i++) { 6511da177e4SLinus Torvalds list_for_each_entry(x, xfrm_state_bydst+i, bydst) { 6521da177e4SLinus Torvalds if (x->km.seq == seq && x->km.state == XFRM_STATE_ACQ) { 6531da177e4SLinus Torvalds xfrm_state_hold(x); 6541da177e4SLinus Torvalds return x; 6551da177e4SLinus Torvalds } 6561da177e4SLinus Torvalds } 6571da177e4SLinus Torvalds } 6581da177e4SLinus Torvalds return NULL; 6591da177e4SLinus Torvalds } 6601da177e4SLinus Torvalds 6611da177e4SLinus Torvalds struct xfrm_state *xfrm_find_acq_byseq(u32 seq) 6621da177e4SLinus Torvalds { 6631da177e4SLinus Torvalds struct xfrm_state *x; 6641da177e4SLinus Torvalds 6651da177e4SLinus Torvalds spin_lock_bh(&xfrm_state_lock); 6661da177e4SLinus Torvalds x = __xfrm_find_acq_byseq(seq); 6671da177e4SLinus Torvalds spin_unlock_bh(&xfrm_state_lock); 6681da177e4SLinus Torvalds return x; 6691da177e4SLinus Torvalds } 6701da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_find_acq_byseq); 6711da177e4SLinus Torvalds 6721da177e4SLinus Torvalds u32 xfrm_get_acqseq(void) 6731da177e4SLinus Torvalds { 6741da177e4SLinus Torvalds u32 res; 6751da177e4SLinus Torvalds static u32 acqseq; 6761da177e4SLinus Torvalds static DEFINE_SPINLOCK(acqseq_lock); 6771da177e4SLinus Torvalds 6781da177e4SLinus Torvalds spin_lock_bh(&acqseq_lock); 6791da177e4SLinus Torvalds res = (++acqseq ? : ++acqseq); 6801da177e4SLinus Torvalds spin_unlock_bh(&acqseq_lock); 6811da177e4SLinus Torvalds return res; 6821da177e4SLinus Torvalds } 6831da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_get_acqseq); 6841da177e4SLinus Torvalds 6851da177e4SLinus Torvalds void 6861da177e4SLinus Torvalds xfrm_alloc_spi(struct xfrm_state *x, u32 minspi, u32 maxspi) 6871da177e4SLinus Torvalds { 6881da177e4SLinus Torvalds u32 h; 6891da177e4SLinus Torvalds struct xfrm_state *x0; 6901da177e4SLinus Torvalds 6911da177e4SLinus Torvalds if (x->id.spi) 6921da177e4SLinus Torvalds return; 6931da177e4SLinus Torvalds 6941da177e4SLinus Torvalds if (minspi == maxspi) { 6951da177e4SLinus Torvalds x0 = xfrm_state_lookup(&x->id.daddr, minspi, x->id.proto, x->props.family); 6961da177e4SLinus Torvalds if (x0) { 6971da177e4SLinus Torvalds xfrm_state_put(x0); 6981da177e4SLinus Torvalds return; 6991da177e4SLinus Torvalds } 7001da177e4SLinus Torvalds x->id.spi = minspi; 7011da177e4SLinus Torvalds } else { 7021da177e4SLinus Torvalds u32 spi = 0; 7031da177e4SLinus Torvalds minspi = ntohl(minspi); 7041da177e4SLinus Torvalds maxspi = ntohl(maxspi); 7051da177e4SLinus Torvalds for (h=0; h<maxspi-minspi+1; h++) { 7061da177e4SLinus Torvalds spi = minspi + net_random()%(maxspi-minspi+1); 7071da177e4SLinus Torvalds x0 = xfrm_state_lookup(&x->id.daddr, htonl(spi), x->id.proto, x->props.family); 7081da177e4SLinus Torvalds if (x0 == NULL) { 7091da177e4SLinus Torvalds x->id.spi = htonl(spi); 7101da177e4SLinus Torvalds break; 7111da177e4SLinus Torvalds } 7121da177e4SLinus Torvalds xfrm_state_put(x0); 7131da177e4SLinus Torvalds } 7141da177e4SLinus Torvalds } 7151da177e4SLinus Torvalds if (x->id.spi) { 7161da177e4SLinus Torvalds spin_lock_bh(&xfrm_state_lock); 7171da177e4SLinus Torvalds h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, x->props.family); 7181da177e4SLinus Torvalds list_add(&x->byspi, xfrm_state_byspi+h); 7191da177e4SLinus Torvalds xfrm_state_hold(x); 7201da177e4SLinus Torvalds spin_unlock_bh(&xfrm_state_lock); 7211da177e4SLinus Torvalds wake_up(&km_waitq); 7221da177e4SLinus Torvalds } 7231da177e4SLinus Torvalds } 7241da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_alloc_spi); 7251da177e4SLinus Torvalds 7261da177e4SLinus Torvalds int xfrm_state_walk(u8 proto, int (*func)(struct xfrm_state *, int, void*), 7271da177e4SLinus Torvalds void *data) 7281da177e4SLinus Torvalds { 7291da177e4SLinus Torvalds int i; 7301da177e4SLinus Torvalds struct xfrm_state *x; 7311da177e4SLinus Torvalds int count = 0; 7321da177e4SLinus Torvalds int err = 0; 7331da177e4SLinus Torvalds 7341da177e4SLinus Torvalds spin_lock_bh(&xfrm_state_lock); 7351da177e4SLinus Torvalds for (i = 0; i < XFRM_DST_HSIZE; i++) { 7361da177e4SLinus Torvalds list_for_each_entry(x, xfrm_state_bydst+i, bydst) { 7371da177e4SLinus Torvalds if (proto == IPSEC_PROTO_ANY || x->id.proto == proto) 7381da177e4SLinus Torvalds count++; 7391da177e4SLinus Torvalds } 7401da177e4SLinus Torvalds } 7411da177e4SLinus Torvalds if (count == 0) { 7421da177e4SLinus Torvalds err = -ENOENT; 7431da177e4SLinus Torvalds goto out; 7441da177e4SLinus Torvalds } 7451da177e4SLinus Torvalds 7461da177e4SLinus Torvalds for (i = 0; i < XFRM_DST_HSIZE; i++) { 7471da177e4SLinus Torvalds list_for_each_entry(x, xfrm_state_bydst+i, bydst) { 7481da177e4SLinus Torvalds if (proto != IPSEC_PROTO_ANY && x->id.proto != proto) 7491da177e4SLinus Torvalds continue; 7501da177e4SLinus Torvalds err = func(x, --count, data); 7511da177e4SLinus Torvalds if (err) 7521da177e4SLinus Torvalds goto out; 7531da177e4SLinus Torvalds } 7541da177e4SLinus Torvalds } 7551da177e4SLinus Torvalds out: 7561da177e4SLinus Torvalds spin_unlock_bh(&xfrm_state_lock); 7571da177e4SLinus Torvalds return err; 7581da177e4SLinus Torvalds } 7591da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_state_walk); 7601da177e4SLinus Torvalds 7611da177e4SLinus Torvalds int xfrm_replay_check(struct xfrm_state *x, u32 seq) 7621da177e4SLinus Torvalds { 7631da177e4SLinus Torvalds u32 diff; 7641da177e4SLinus Torvalds 7651da177e4SLinus Torvalds seq = ntohl(seq); 7661da177e4SLinus Torvalds 7671da177e4SLinus Torvalds if (unlikely(seq == 0)) 7681da177e4SLinus Torvalds return -EINVAL; 7691da177e4SLinus Torvalds 7701da177e4SLinus Torvalds if (likely(seq > x->replay.seq)) 7711da177e4SLinus Torvalds return 0; 7721da177e4SLinus Torvalds 7731da177e4SLinus Torvalds diff = x->replay.seq - seq; 7741da177e4SLinus Torvalds if (diff >= x->props.replay_window) { 7751da177e4SLinus Torvalds x->stats.replay_window++; 7761da177e4SLinus Torvalds return -EINVAL; 7771da177e4SLinus Torvalds } 7781da177e4SLinus Torvalds 7791da177e4SLinus Torvalds if (x->replay.bitmap & (1U << diff)) { 7801da177e4SLinus Torvalds x->stats.replay++; 7811da177e4SLinus Torvalds return -EINVAL; 7821da177e4SLinus Torvalds } 7831da177e4SLinus Torvalds return 0; 7841da177e4SLinus Torvalds } 7851da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_replay_check); 7861da177e4SLinus Torvalds 7871da177e4SLinus Torvalds void xfrm_replay_advance(struct xfrm_state *x, u32 seq) 7881da177e4SLinus Torvalds { 7891da177e4SLinus Torvalds u32 diff; 7901da177e4SLinus Torvalds 7911da177e4SLinus Torvalds seq = ntohl(seq); 7921da177e4SLinus Torvalds 7931da177e4SLinus Torvalds if (seq > x->replay.seq) { 7941da177e4SLinus Torvalds diff = seq - x->replay.seq; 7951da177e4SLinus Torvalds if (diff < x->props.replay_window) 7961da177e4SLinus Torvalds x->replay.bitmap = ((x->replay.bitmap) << diff) | 1; 7971da177e4SLinus Torvalds else 7981da177e4SLinus Torvalds x->replay.bitmap = 1; 7991da177e4SLinus Torvalds x->replay.seq = seq; 8001da177e4SLinus Torvalds } else { 8011da177e4SLinus Torvalds diff = x->replay.seq - seq; 8021da177e4SLinus Torvalds x->replay.bitmap |= (1U << diff); 8031da177e4SLinus Torvalds } 8041da177e4SLinus Torvalds } 8051da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_replay_advance); 8061da177e4SLinus Torvalds 8071da177e4SLinus Torvalds static struct list_head xfrm_km_list = LIST_HEAD_INIT(xfrm_km_list); 8081da177e4SLinus Torvalds static DEFINE_RWLOCK(xfrm_km_lock); 8091da177e4SLinus Torvalds 81026b15dadSJamal Hadi Salim void km_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c) 8111da177e4SLinus Torvalds { 8121da177e4SLinus Torvalds struct xfrm_mgr *km; 8131da177e4SLinus Torvalds 81426b15dadSJamal Hadi Salim read_lock(&xfrm_km_lock); 81526b15dadSJamal Hadi Salim list_for_each_entry(km, &xfrm_km_list, list) 81626b15dadSJamal Hadi Salim if (km->notify_policy) 81726b15dadSJamal Hadi Salim km->notify_policy(xp, dir, c); 81826b15dadSJamal Hadi Salim read_unlock(&xfrm_km_lock); 81926b15dadSJamal Hadi Salim } 82026b15dadSJamal Hadi Salim 82126b15dadSJamal Hadi Salim void km_state_notify(struct xfrm_state *x, struct km_event *c) 82226b15dadSJamal Hadi Salim { 82326b15dadSJamal Hadi Salim struct xfrm_mgr *km; 82426b15dadSJamal Hadi Salim read_lock(&xfrm_km_lock); 82526b15dadSJamal Hadi Salim list_for_each_entry(km, &xfrm_km_list, list) 82626b15dadSJamal Hadi Salim if (km->notify) 82726b15dadSJamal Hadi Salim km->notify(x, c); 82826b15dadSJamal Hadi Salim read_unlock(&xfrm_km_lock); 82926b15dadSJamal Hadi Salim } 83026b15dadSJamal Hadi Salim 83126b15dadSJamal Hadi Salim EXPORT_SYMBOL(km_policy_notify); 83226b15dadSJamal Hadi Salim EXPORT_SYMBOL(km_state_notify); 83326b15dadSJamal Hadi Salim 83426b15dadSJamal Hadi Salim static void km_state_expired(struct xfrm_state *x, int hard) 83526b15dadSJamal Hadi Salim { 83626b15dadSJamal Hadi Salim struct km_event c; 83726b15dadSJamal Hadi Salim 838bf08867fSHerbert Xu c.data.hard = hard; 839f60f6b8fSHerbert Xu c.event = XFRM_MSG_EXPIRE; 84026b15dadSJamal Hadi Salim km_state_notify(x, &c); 8411da177e4SLinus Torvalds 8421da177e4SLinus Torvalds if (hard) 8431da177e4SLinus Torvalds wake_up(&km_waitq); 8441da177e4SLinus Torvalds } 8451da177e4SLinus Torvalds 84626b15dadSJamal Hadi Salim /* 84726b15dadSJamal Hadi Salim * We send to all registered managers regardless of failure 84826b15dadSJamal Hadi Salim * We are happy with one success 84926b15dadSJamal Hadi Salim */ 8501da177e4SLinus Torvalds static int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol) 8511da177e4SLinus Torvalds { 85226b15dadSJamal Hadi Salim int err = -EINVAL, acqret; 8531da177e4SLinus Torvalds struct xfrm_mgr *km; 8541da177e4SLinus Torvalds 8551da177e4SLinus Torvalds read_lock(&xfrm_km_lock); 8561da177e4SLinus Torvalds list_for_each_entry(km, &xfrm_km_list, list) { 85726b15dadSJamal Hadi Salim acqret = km->acquire(x, t, pol, XFRM_POLICY_OUT); 85826b15dadSJamal Hadi Salim if (!acqret) 85926b15dadSJamal Hadi Salim err = acqret; 8601da177e4SLinus Torvalds } 8611da177e4SLinus Torvalds read_unlock(&xfrm_km_lock); 8621da177e4SLinus Torvalds return err; 8631da177e4SLinus Torvalds } 8641da177e4SLinus Torvalds 8651da177e4SLinus Torvalds int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport) 8661da177e4SLinus Torvalds { 8671da177e4SLinus Torvalds int err = -EINVAL; 8681da177e4SLinus Torvalds struct xfrm_mgr *km; 8691da177e4SLinus Torvalds 8701da177e4SLinus Torvalds read_lock(&xfrm_km_lock); 8711da177e4SLinus Torvalds list_for_each_entry(km, &xfrm_km_list, list) { 8721da177e4SLinus Torvalds if (km->new_mapping) 8731da177e4SLinus Torvalds err = km->new_mapping(x, ipaddr, sport); 8741da177e4SLinus Torvalds if (!err) 8751da177e4SLinus Torvalds break; 8761da177e4SLinus Torvalds } 8771da177e4SLinus Torvalds read_unlock(&xfrm_km_lock); 8781da177e4SLinus Torvalds return err; 8791da177e4SLinus Torvalds } 8801da177e4SLinus Torvalds EXPORT_SYMBOL(km_new_mapping); 8811da177e4SLinus Torvalds 8821da177e4SLinus Torvalds void km_policy_expired(struct xfrm_policy *pol, int dir, int hard) 8831da177e4SLinus Torvalds { 88426b15dadSJamal Hadi Salim struct km_event c; 8851da177e4SLinus Torvalds 886bf08867fSHerbert Xu c.data.hard = hard; 887f60f6b8fSHerbert Xu c.event = XFRM_MSG_POLEXPIRE; 88826b15dadSJamal Hadi Salim km_policy_notify(pol, dir, &c); 8891da177e4SLinus Torvalds 8901da177e4SLinus Torvalds if (hard) 8911da177e4SLinus Torvalds wake_up(&km_waitq); 8921da177e4SLinus Torvalds } 8931da177e4SLinus Torvalds 8941da177e4SLinus Torvalds int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optval, int optlen) 8951da177e4SLinus Torvalds { 8961da177e4SLinus Torvalds int err; 8971da177e4SLinus Torvalds u8 *data; 8981da177e4SLinus Torvalds struct xfrm_mgr *km; 8991da177e4SLinus Torvalds struct xfrm_policy *pol = NULL; 9001da177e4SLinus Torvalds 9011da177e4SLinus Torvalds if (optlen <= 0 || optlen > PAGE_SIZE) 9021da177e4SLinus Torvalds return -EMSGSIZE; 9031da177e4SLinus Torvalds 9041da177e4SLinus Torvalds data = kmalloc(optlen, GFP_KERNEL); 9051da177e4SLinus Torvalds if (!data) 9061da177e4SLinus Torvalds return -ENOMEM; 9071da177e4SLinus Torvalds 9081da177e4SLinus Torvalds err = -EFAULT; 9091da177e4SLinus Torvalds if (copy_from_user(data, optval, optlen)) 9101da177e4SLinus Torvalds goto out; 9111da177e4SLinus Torvalds 9121da177e4SLinus Torvalds err = -EINVAL; 9131da177e4SLinus Torvalds read_lock(&xfrm_km_lock); 9141da177e4SLinus Torvalds list_for_each_entry(km, &xfrm_km_list, list) { 9151da177e4SLinus Torvalds pol = km->compile_policy(sk->sk_family, optname, data, 9161da177e4SLinus Torvalds optlen, &err); 9171da177e4SLinus Torvalds if (err >= 0) 9181da177e4SLinus Torvalds break; 9191da177e4SLinus Torvalds } 9201da177e4SLinus Torvalds read_unlock(&xfrm_km_lock); 9211da177e4SLinus Torvalds 9221da177e4SLinus Torvalds if (err >= 0) { 9231da177e4SLinus Torvalds xfrm_sk_policy_insert(sk, err, pol); 9241da177e4SLinus Torvalds xfrm_pol_put(pol); 9251da177e4SLinus Torvalds err = 0; 9261da177e4SLinus Torvalds } 9271da177e4SLinus Torvalds 9281da177e4SLinus Torvalds out: 9291da177e4SLinus Torvalds kfree(data); 9301da177e4SLinus Torvalds return err; 9311da177e4SLinus Torvalds } 9321da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_user_policy); 9331da177e4SLinus Torvalds 9341da177e4SLinus Torvalds int xfrm_register_km(struct xfrm_mgr *km) 9351da177e4SLinus Torvalds { 9361da177e4SLinus Torvalds write_lock_bh(&xfrm_km_lock); 9371da177e4SLinus Torvalds list_add_tail(&km->list, &xfrm_km_list); 9381da177e4SLinus Torvalds write_unlock_bh(&xfrm_km_lock); 9391da177e4SLinus Torvalds return 0; 9401da177e4SLinus Torvalds } 9411da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_register_km); 9421da177e4SLinus Torvalds 9431da177e4SLinus Torvalds int xfrm_unregister_km(struct xfrm_mgr *km) 9441da177e4SLinus Torvalds { 9451da177e4SLinus Torvalds write_lock_bh(&xfrm_km_lock); 9461da177e4SLinus Torvalds list_del(&km->list); 9471da177e4SLinus Torvalds write_unlock_bh(&xfrm_km_lock); 9481da177e4SLinus Torvalds return 0; 9491da177e4SLinus Torvalds } 9501da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_unregister_km); 9511da177e4SLinus Torvalds 9521da177e4SLinus Torvalds int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo) 9531da177e4SLinus Torvalds { 9541da177e4SLinus Torvalds int err = 0; 9551da177e4SLinus Torvalds if (unlikely(afinfo == NULL)) 9561da177e4SLinus Torvalds return -EINVAL; 9571da177e4SLinus Torvalds if (unlikely(afinfo->family >= NPROTO)) 9581da177e4SLinus Torvalds return -EAFNOSUPPORT; 9591da177e4SLinus Torvalds write_lock(&xfrm_state_afinfo_lock); 9601da177e4SLinus Torvalds if (unlikely(xfrm_state_afinfo[afinfo->family] != NULL)) 9611da177e4SLinus Torvalds err = -ENOBUFS; 9621da177e4SLinus Torvalds else { 9631da177e4SLinus Torvalds afinfo->state_bydst = xfrm_state_bydst; 9641da177e4SLinus Torvalds afinfo->state_byspi = xfrm_state_byspi; 9651da177e4SLinus Torvalds xfrm_state_afinfo[afinfo->family] = afinfo; 9661da177e4SLinus Torvalds } 9671da177e4SLinus Torvalds write_unlock(&xfrm_state_afinfo_lock); 9681da177e4SLinus Torvalds return err; 9691da177e4SLinus Torvalds } 9701da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_state_register_afinfo); 9711da177e4SLinus Torvalds 9721da177e4SLinus Torvalds int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo *afinfo) 9731da177e4SLinus Torvalds { 9741da177e4SLinus Torvalds int err = 0; 9751da177e4SLinus Torvalds if (unlikely(afinfo == NULL)) 9761da177e4SLinus Torvalds return -EINVAL; 9771da177e4SLinus Torvalds if (unlikely(afinfo->family >= NPROTO)) 9781da177e4SLinus Torvalds return -EAFNOSUPPORT; 9791da177e4SLinus Torvalds write_lock(&xfrm_state_afinfo_lock); 9801da177e4SLinus Torvalds if (likely(xfrm_state_afinfo[afinfo->family] != NULL)) { 9811da177e4SLinus Torvalds if (unlikely(xfrm_state_afinfo[afinfo->family] != afinfo)) 9821da177e4SLinus Torvalds err = -EINVAL; 9831da177e4SLinus Torvalds else { 9841da177e4SLinus Torvalds xfrm_state_afinfo[afinfo->family] = NULL; 9851da177e4SLinus Torvalds afinfo->state_byspi = NULL; 9861da177e4SLinus Torvalds afinfo->state_bydst = NULL; 9871da177e4SLinus Torvalds } 9881da177e4SLinus Torvalds } 9891da177e4SLinus Torvalds write_unlock(&xfrm_state_afinfo_lock); 9901da177e4SLinus Torvalds return err; 9911da177e4SLinus Torvalds } 9921da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_state_unregister_afinfo); 9931da177e4SLinus Torvalds 9941da177e4SLinus Torvalds static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family) 9951da177e4SLinus Torvalds { 9961da177e4SLinus Torvalds struct xfrm_state_afinfo *afinfo; 9971da177e4SLinus Torvalds if (unlikely(family >= NPROTO)) 9981da177e4SLinus Torvalds return NULL; 9991da177e4SLinus Torvalds read_lock(&xfrm_state_afinfo_lock); 10001da177e4SLinus Torvalds afinfo = xfrm_state_afinfo[family]; 10011da177e4SLinus Torvalds if (likely(afinfo != NULL)) 10021da177e4SLinus Torvalds read_lock(&afinfo->lock); 10031da177e4SLinus Torvalds read_unlock(&xfrm_state_afinfo_lock); 10041da177e4SLinus Torvalds return afinfo; 10051da177e4SLinus Torvalds } 10061da177e4SLinus Torvalds 10071da177e4SLinus Torvalds static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo) 10081da177e4SLinus Torvalds { 10091da177e4SLinus Torvalds if (unlikely(afinfo == NULL)) 10101da177e4SLinus Torvalds return; 10111da177e4SLinus Torvalds read_unlock(&afinfo->lock); 10121da177e4SLinus Torvalds } 10131da177e4SLinus Torvalds 10141da177e4SLinus Torvalds /* Temporarily located here until net/xfrm/xfrm_tunnel.c is created */ 10151da177e4SLinus Torvalds void xfrm_state_delete_tunnel(struct xfrm_state *x) 10161da177e4SLinus Torvalds { 10171da177e4SLinus Torvalds if (x->tunnel) { 10181da177e4SLinus Torvalds struct xfrm_state *t = x->tunnel; 10191da177e4SLinus Torvalds 10201da177e4SLinus Torvalds if (atomic_read(&t->tunnel_users) == 2) 10211da177e4SLinus Torvalds xfrm_state_delete(t); 10221da177e4SLinus Torvalds atomic_dec(&t->tunnel_users); 10231da177e4SLinus Torvalds xfrm_state_put(t); 10241da177e4SLinus Torvalds x->tunnel = NULL; 10251da177e4SLinus Torvalds } 10261da177e4SLinus Torvalds } 10271da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_state_delete_tunnel); 10281da177e4SLinus Torvalds 102980b30c10SHerbert Xu /* 103080b30c10SHerbert Xu * This function is NOT optimal. For example, with ESP it will give an 103180b30c10SHerbert Xu * MTU that's usually two bytes short of being optimal. However, it will 103280b30c10SHerbert Xu * usually give an answer that's a multiple of 4 provided the input is 103380b30c10SHerbert Xu * also a multiple of 4. 103480b30c10SHerbert Xu */ 10351da177e4SLinus Torvalds int xfrm_state_mtu(struct xfrm_state *x, int mtu) 10361da177e4SLinus Torvalds { 10371da177e4SLinus Torvalds int res = mtu; 10381da177e4SLinus Torvalds 10391da177e4SLinus Torvalds res -= x->props.header_len; 10401da177e4SLinus Torvalds 10411da177e4SLinus Torvalds for (;;) { 10421da177e4SLinus Torvalds int m = res; 10431da177e4SLinus Torvalds 10441da177e4SLinus Torvalds if (m < 68) 10451da177e4SLinus Torvalds return 68; 10461da177e4SLinus Torvalds 10471da177e4SLinus Torvalds spin_lock_bh(&x->lock); 10481da177e4SLinus Torvalds if (x->km.state == XFRM_STATE_VALID && 10491da177e4SLinus Torvalds x->type && x->type->get_max_size) 10501da177e4SLinus Torvalds m = x->type->get_max_size(x, m); 10511da177e4SLinus Torvalds else 10521da177e4SLinus Torvalds m += x->props.header_len; 10531da177e4SLinus Torvalds spin_unlock_bh(&x->lock); 10541da177e4SLinus Torvalds 10551da177e4SLinus Torvalds if (m <= mtu) 10561da177e4SLinus Torvalds break; 10571da177e4SLinus Torvalds res -= (m - mtu); 10581da177e4SLinus Torvalds } 10591da177e4SLinus Torvalds 10601da177e4SLinus Torvalds return res; 10611da177e4SLinus Torvalds } 10621da177e4SLinus Torvalds 10631da177e4SLinus Torvalds EXPORT_SYMBOL(xfrm_state_mtu); 106472cb6962SHerbert Xu 106572cb6962SHerbert Xu int xfrm_init_state(struct xfrm_state *x) 106672cb6962SHerbert Xu { 1067d094cd83SHerbert Xu struct xfrm_state_afinfo *afinfo; 1068d094cd83SHerbert Xu int family = x->props.family; 106972cb6962SHerbert Xu int err; 107072cb6962SHerbert Xu 1071d094cd83SHerbert Xu err = -EAFNOSUPPORT; 1072d094cd83SHerbert Xu afinfo = xfrm_state_get_afinfo(family); 1073d094cd83SHerbert Xu if (!afinfo) 1074d094cd83SHerbert Xu goto error; 1075d094cd83SHerbert Xu 1076d094cd83SHerbert Xu err = 0; 1077d094cd83SHerbert Xu if (afinfo->init_flags) 1078d094cd83SHerbert Xu err = afinfo->init_flags(x); 1079d094cd83SHerbert Xu 1080d094cd83SHerbert Xu xfrm_state_put_afinfo(afinfo); 1081d094cd83SHerbert Xu 1082d094cd83SHerbert Xu if (err) 1083d094cd83SHerbert Xu goto error; 1084d094cd83SHerbert Xu 1085d094cd83SHerbert Xu err = -EPROTONOSUPPORT; 1086d094cd83SHerbert Xu x->type = xfrm_get_type(x->id.proto, family); 108772cb6962SHerbert Xu if (x->type == NULL) 108872cb6962SHerbert Xu goto error; 108972cb6962SHerbert Xu 109072cb6962SHerbert Xu err = x->type->init_state(x); 109172cb6962SHerbert Xu if (err) 109272cb6962SHerbert Xu goto error; 109372cb6962SHerbert Xu 109472cb6962SHerbert Xu x->km.state = XFRM_STATE_VALID; 109572cb6962SHerbert Xu 109672cb6962SHerbert Xu error: 109772cb6962SHerbert Xu return err; 109872cb6962SHerbert Xu } 109972cb6962SHerbert Xu 110072cb6962SHerbert Xu EXPORT_SYMBOL(xfrm_init_state); 11011da177e4SLinus Torvalds 11021da177e4SLinus Torvalds void __init xfrm_state_init(void) 11031da177e4SLinus Torvalds { 11041da177e4SLinus Torvalds int i; 11051da177e4SLinus Torvalds 11061da177e4SLinus Torvalds for (i=0; i<XFRM_DST_HSIZE; i++) { 11071da177e4SLinus Torvalds INIT_LIST_HEAD(&xfrm_state_bydst[i]); 11081da177e4SLinus Torvalds INIT_LIST_HEAD(&xfrm_state_byspi[i]); 11091da177e4SLinus Torvalds } 11101da177e4SLinus Torvalds INIT_WORK(&xfrm_state_gc_work, xfrm_state_gc_task, NULL); 11111da177e4SLinus Torvalds } 11121da177e4SLinus Torvalds 1113