ia64/linux-2.6.18-xen.hg

view net/xfrm/xfrm_state.c @ 871:9cbcc9008446

xen/x86: don't initialize cpu_data[]'s apicid field on generic code

Afaict, this is not only redundant with the intialization done in
drivers/xen/core/smpboot.c, but actually results - at least for
secondary CPUs - in the Xen-specific value written to be later
overwritten with whatever the generic code determines (with no
guarantee that the two values are identical).

Signed-off-by: Jan Beulich <jbeulich@novell.com>
author Keir Fraser <keir.fraser@citrix.com>
date Thu May 14 10:09:15 2009 +0100 (2009-05-14)
parents 831230e53067
children
line source
1 /*
2 * xfrm_state.c
3 *
4 * Changes:
5 * Mitsuru KANDA @USAGI
6 * Kazunori MIYAZAWA @USAGI
7 * Kunihiro Ishiguro <kunihiro@ipinfusion.com>
8 * IPv6 support
9 * YOSHIFUJI Hideaki @USAGI
10 * Split up af-specific functions
11 * Derek Atkins <derek@ihtfp.com>
12 * Add UDP Encapsulation
13 *
14 */
16 #include <linux/workqueue.h>
17 #include <net/xfrm.h>
18 #include <linux/pfkeyv2.h>
19 #include <linux/ipsec.h>
20 #include <linux/module.h>
21 #include <asm/uaccess.h>
23 struct sock *xfrm_nl;
24 EXPORT_SYMBOL(xfrm_nl);
26 u32 sysctl_xfrm_aevent_etime = XFRM_AE_ETIME;
27 EXPORT_SYMBOL(sysctl_xfrm_aevent_etime);
29 u32 sysctl_xfrm_aevent_rseqth = XFRM_AE_SEQT_SIZE;
30 EXPORT_SYMBOL(sysctl_xfrm_aevent_rseqth);
32 /* Each xfrm_state may be linked to two tables:
34 1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl)
35 2. Hash table by daddr to find what SAs exist for given
36 destination/tunnel endpoint. (output)
37 */
39 static DEFINE_SPINLOCK(xfrm_state_lock);
41 /* Hash table to find appropriate SA towards given target (endpoint
42 * of tunnel or destination of transport mode) allowed by selector.
43 *
44 * Main use is finding SA after policy selected tunnel or transport mode.
45 * Also, it can be used by ah/esp icmp error handler to find offending SA.
46 */
47 static struct list_head xfrm_state_bydst[XFRM_DST_HSIZE];
48 static struct list_head xfrm_state_byspi[XFRM_DST_HSIZE];
50 DECLARE_WAIT_QUEUE_HEAD(km_waitq);
51 EXPORT_SYMBOL(km_waitq);
53 static DEFINE_RWLOCK(xfrm_state_afinfo_lock);
54 static struct xfrm_state_afinfo *xfrm_state_afinfo[NPROTO];
56 static struct work_struct xfrm_state_gc_work;
57 static struct list_head xfrm_state_gc_list = LIST_HEAD_INIT(xfrm_state_gc_list);
58 static DEFINE_SPINLOCK(xfrm_state_gc_lock);
60 static int xfrm_state_gc_flush_bundles;
62 int __xfrm_state_delete(struct xfrm_state *x);
64 static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family);
65 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo);
67 int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol);
68 void km_state_expired(struct xfrm_state *x, int hard, u32 pid);
70 static void xfrm_state_gc_destroy(struct xfrm_state *x)
71 {
72 if (del_timer(&x->timer))
73 BUG();
74 if (del_timer(&x->rtimer))
75 BUG();
76 kfree(x->aalg);
77 kfree(x->ealg);
78 kfree(x->calg);
79 kfree(x->encap);
80 if (x->mode)
81 xfrm_put_mode(x->mode);
82 if (x->type) {
83 x->type->destructor(x);
84 xfrm_put_type(x->type);
85 }
86 security_xfrm_state_free(x);
87 kfree(x);
88 }
90 static void xfrm_state_gc_task(void *data)
91 {
92 struct xfrm_state *x;
93 struct list_head *entry, *tmp;
94 struct list_head gc_list = LIST_HEAD_INIT(gc_list);
96 if (xfrm_state_gc_flush_bundles) {
97 xfrm_state_gc_flush_bundles = 0;
98 xfrm_flush_bundles();
99 }
101 spin_lock_bh(&xfrm_state_gc_lock);
102 list_splice_init(&xfrm_state_gc_list, &gc_list);
103 spin_unlock_bh(&xfrm_state_gc_lock);
105 list_for_each_safe(entry, tmp, &gc_list) {
106 x = list_entry(entry, struct xfrm_state, bydst);
107 xfrm_state_gc_destroy(x);
108 }
109 wake_up(&km_waitq);
110 }
112 static inline unsigned long make_jiffies(long secs)
113 {
114 if (secs >= (MAX_SCHEDULE_TIMEOUT-1)/HZ)
115 return MAX_SCHEDULE_TIMEOUT-1;
116 else
117 return secs*HZ;
118 }
120 static void xfrm_timer_handler(unsigned long data)
121 {
122 struct xfrm_state *x = (struct xfrm_state*)data;
123 unsigned long now = (unsigned long)xtime.tv_sec;
124 long next = LONG_MAX;
125 int warn = 0;
127 spin_lock(&x->lock);
128 if (x->km.state == XFRM_STATE_DEAD)
129 goto out;
130 if (x->km.state == XFRM_STATE_EXPIRED)
131 goto expired;
132 if (x->lft.hard_add_expires_seconds) {
133 long tmo = x->lft.hard_add_expires_seconds +
134 x->curlft.add_time - now;
135 if (tmo <= 0)
136 goto expired;
137 if (tmo < next)
138 next = tmo;
139 }
140 if (x->lft.hard_use_expires_seconds) {
141 long tmo = x->lft.hard_use_expires_seconds +
142 (x->curlft.use_time ? : now) - now;
143 if (tmo <= 0)
144 goto expired;
145 if (tmo < next)
146 next = tmo;
147 }
148 if (x->km.dying)
149 goto resched;
150 if (x->lft.soft_add_expires_seconds) {
151 long tmo = x->lft.soft_add_expires_seconds +
152 x->curlft.add_time - now;
153 if (tmo <= 0)
154 warn = 1;
155 else if (tmo < next)
156 next = tmo;
157 }
158 if (x->lft.soft_use_expires_seconds) {
159 long tmo = x->lft.soft_use_expires_seconds +
160 (x->curlft.use_time ? : now) - now;
161 if (tmo <= 0)
162 warn = 1;
163 else if (tmo < next)
164 next = tmo;
165 }
167 x->km.dying = warn;
168 if (warn)
169 km_state_expired(x, 0, 0);
170 resched:
171 if (next != LONG_MAX &&
172 !mod_timer(&x->timer, jiffies + make_jiffies(next)))
173 xfrm_state_hold(x);
174 goto out;
176 expired:
177 if (x->km.state == XFRM_STATE_ACQ && x->id.spi == 0) {
178 x->km.state = XFRM_STATE_EXPIRED;
179 wake_up(&km_waitq);
180 next = 2;
181 goto resched;
182 }
183 if (!__xfrm_state_delete(x) && x->id.spi)
184 km_state_expired(x, 1, 0);
186 out:
187 spin_unlock(&x->lock);
188 xfrm_state_put(x);
189 }
191 static void xfrm_replay_timer_handler(unsigned long data);
193 struct xfrm_state *xfrm_state_alloc(void)
194 {
195 struct xfrm_state *x;
197 x = kzalloc(sizeof(struct xfrm_state), GFP_ATOMIC);
199 if (x) {
200 atomic_set(&x->refcnt, 1);
201 atomic_set(&x->tunnel_users, 0);
202 INIT_LIST_HEAD(&x->bydst);
203 INIT_LIST_HEAD(&x->byspi);
204 init_timer(&x->timer);
205 x->timer.function = xfrm_timer_handler;
206 x->timer.data = (unsigned long)x;
207 init_timer(&x->rtimer);
208 x->rtimer.function = xfrm_replay_timer_handler;
209 x->rtimer.data = (unsigned long)x;
210 x->curlft.add_time = (unsigned long)xtime.tv_sec;
211 x->lft.soft_byte_limit = XFRM_INF;
212 x->lft.soft_packet_limit = XFRM_INF;
213 x->lft.hard_byte_limit = XFRM_INF;
214 x->lft.hard_packet_limit = XFRM_INF;
215 x->replay_maxage = 0;
216 x->replay_maxdiff = 0;
217 spin_lock_init(&x->lock);
218 }
219 return x;
220 }
221 EXPORT_SYMBOL(xfrm_state_alloc);
223 void __xfrm_state_destroy(struct xfrm_state *x)
224 {
225 BUG_TRAP(x->km.state == XFRM_STATE_DEAD);
227 spin_lock_bh(&xfrm_state_gc_lock);
228 list_add(&x->bydst, &xfrm_state_gc_list);
229 spin_unlock_bh(&xfrm_state_gc_lock);
230 schedule_work(&xfrm_state_gc_work);
231 }
232 EXPORT_SYMBOL(__xfrm_state_destroy);
234 int __xfrm_state_delete(struct xfrm_state *x)
235 {
236 int err = -ESRCH;
238 if (x->km.state != XFRM_STATE_DEAD) {
239 x->km.state = XFRM_STATE_DEAD;
240 spin_lock(&xfrm_state_lock);
241 list_del(&x->bydst);
242 __xfrm_state_put(x);
243 if (x->id.spi) {
244 list_del(&x->byspi);
245 __xfrm_state_put(x);
246 }
247 spin_unlock(&xfrm_state_lock);
248 if (del_timer(&x->timer))
249 __xfrm_state_put(x);
250 if (del_timer(&x->rtimer))
251 __xfrm_state_put(x);
253 /* The number two in this test is the reference
254 * mentioned in the comment below plus the reference
255 * our caller holds. A larger value means that
256 * there are DSTs attached to this xfrm_state.
257 */
258 if (atomic_read(&x->refcnt) > 2) {
259 xfrm_state_gc_flush_bundles = 1;
260 schedule_work(&xfrm_state_gc_work);
261 }
263 /* All xfrm_state objects are created by xfrm_state_alloc.
264 * The xfrm_state_alloc call gives a reference, and that
265 * is what we are dropping here.
266 */
267 __xfrm_state_put(x);
268 err = 0;
269 }
271 return err;
272 }
273 EXPORT_SYMBOL(__xfrm_state_delete);
275 int xfrm_state_delete(struct xfrm_state *x)
276 {
277 int err;
279 spin_lock_bh(&x->lock);
280 err = __xfrm_state_delete(x);
281 spin_unlock_bh(&x->lock);
283 return err;
284 }
285 EXPORT_SYMBOL(xfrm_state_delete);
287 void xfrm_state_flush(u8 proto)
288 {
289 int i;
290 struct xfrm_state *x;
292 spin_lock_bh(&xfrm_state_lock);
293 for (i = 0; i < XFRM_DST_HSIZE; i++) {
294 restart:
295 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
296 if (!xfrm_state_kern(x) &&
297 (proto == IPSEC_PROTO_ANY || x->id.proto == proto)) {
298 xfrm_state_hold(x);
299 spin_unlock_bh(&xfrm_state_lock);
301 xfrm_state_delete(x);
302 xfrm_state_put(x);
304 spin_lock_bh(&xfrm_state_lock);
305 goto restart;
306 }
307 }
308 }
309 spin_unlock_bh(&xfrm_state_lock);
310 wake_up(&km_waitq);
311 }
312 EXPORT_SYMBOL(xfrm_state_flush);
314 static int
315 xfrm_init_tempsel(struct xfrm_state *x, struct flowi *fl,
316 struct xfrm_tmpl *tmpl,
317 xfrm_address_t *daddr, xfrm_address_t *saddr,
318 unsigned short family)
319 {
320 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
321 if (!afinfo)
322 return -1;
323 afinfo->init_tempsel(x, fl, tmpl, daddr, saddr);
324 xfrm_state_put_afinfo(afinfo);
325 return 0;
326 }
328 struct xfrm_state *
329 xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
330 struct flowi *fl, struct xfrm_tmpl *tmpl,
331 struct xfrm_policy *pol, int *err,
332 unsigned short family)
333 {
334 unsigned h = xfrm_dst_hash(daddr, family);
335 struct xfrm_state *x, *x0;
336 int acquire_in_progress = 0;
337 int error = 0;
338 struct xfrm_state *best = NULL;
339 struct xfrm_state_afinfo *afinfo;
341 afinfo = xfrm_state_get_afinfo(family);
342 if (afinfo == NULL) {
343 *err = -EAFNOSUPPORT;
344 return NULL;
345 }
347 spin_lock_bh(&xfrm_state_lock);
348 list_for_each_entry(x, xfrm_state_bydst+h, bydst) {
349 if (x->props.family == family &&
350 x->props.reqid == tmpl->reqid &&
351 xfrm_state_addr_check(x, daddr, saddr, family) &&
352 tmpl->mode == x->props.mode &&
353 tmpl->id.proto == x->id.proto &&
354 (tmpl->id.spi == x->id.spi || !tmpl->id.spi)) {
355 /* Resolution logic:
356 1. There is a valid state with matching selector.
357 Done.
358 2. Valid state with inappropriate selector. Skip.
360 Entering area of "sysdeps".
362 3. If state is not valid, selector is temporary,
363 it selects only session which triggered
364 previous resolution. Key manager will do
365 something to install a state with proper
366 selector.
367 */
368 if (x->km.state == XFRM_STATE_VALID) {
369 if (!xfrm_selector_match(&x->sel, fl, family) ||
370 !xfrm_sec_ctx_match(pol->security, x->security))
371 continue;
372 if (!best ||
373 best->km.dying > x->km.dying ||
374 (best->km.dying == x->km.dying &&
375 best->curlft.add_time < x->curlft.add_time))
376 best = x;
377 } else if (x->km.state == XFRM_STATE_ACQ) {
378 acquire_in_progress = 1;
379 } else if (x->km.state == XFRM_STATE_ERROR ||
380 x->km.state == XFRM_STATE_EXPIRED) {
381 if (xfrm_selector_match(&x->sel, fl, family) &&
382 xfrm_sec_ctx_match(pol->security, x->security))
383 error = -ESRCH;
384 }
385 }
386 }
388 x = best;
389 if (!x && !error && !acquire_in_progress) {
390 if (tmpl->id.spi &&
391 (x0 = afinfo->state_lookup(daddr, tmpl->id.spi,
392 tmpl->id.proto)) != NULL) {
393 xfrm_state_put(x0);
394 error = -EEXIST;
395 goto out;
396 }
397 x = xfrm_state_alloc();
398 if (x == NULL) {
399 error = -ENOMEM;
400 goto out;
401 }
402 /* Initialize temporary selector matching only
403 * to current session. */
404 xfrm_init_tempsel(x, fl, tmpl, daddr, saddr, family);
406 if (km_query(x, tmpl, pol) == 0) {
407 x->km.state = XFRM_STATE_ACQ;
408 list_add_tail(&x->bydst, xfrm_state_bydst+h);
409 xfrm_state_hold(x);
410 if (x->id.spi) {
411 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, family);
412 list_add(&x->byspi, xfrm_state_byspi+h);
413 xfrm_state_hold(x);
414 }
415 x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES;
416 xfrm_state_hold(x);
417 x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ;
418 add_timer(&x->timer);
419 } else {
420 x->km.state = XFRM_STATE_DEAD;
421 xfrm_state_put(x);
422 x = NULL;
423 error = -ESRCH;
424 }
425 }
426 out:
427 if (x)
428 xfrm_state_hold(x);
429 else
430 *err = acquire_in_progress ? -EAGAIN : error;
431 spin_unlock_bh(&xfrm_state_lock);
432 xfrm_state_put_afinfo(afinfo);
433 return x;
434 }
436 static void __xfrm_state_insert(struct xfrm_state *x)
437 {
438 unsigned h = xfrm_dst_hash(&x->id.daddr, x->props.family);
440 list_add(&x->bydst, xfrm_state_bydst+h);
441 xfrm_state_hold(x);
443 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, x->props.family);
445 list_add(&x->byspi, xfrm_state_byspi+h);
446 xfrm_state_hold(x);
448 if (!mod_timer(&x->timer, jiffies + HZ))
449 xfrm_state_hold(x);
451 if (x->replay_maxage &&
452 !mod_timer(&x->rtimer, jiffies + x->replay_maxage))
453 xfrm_state_hold(x);
455 wake_up(&km_waitq);
456 }
458 void xfrm_state_insert(struct xfrm_state *x)
459 {
460 spin_lock_bh(&xfrm_state_lock);
461 __xfrm_state_insert(x);
462 spin_unlock_bh(&xfrm_state_lock);
464 xfrm_flush_all_bundles();
465 }
466 EXPORT_SYMBOL(xfrm_state_insert);
468 static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq);
470 int xfrm_state_add(struct xfrm_state *x)
471 {
472 struct xfrm_state_afinfo *afinfo;
473 struct xfrm_state *x1;
474 int family;
475 int err;
477 family = x->props.family;
478 afinfo = xfrm_state_get_afinfo(family);
479 if (unlikely(afinfo == NULL))
480 return -EAFNOSUPPORT;
482 spin_lock_bh(&xfrm_state_lock);
484 x1 = afinfo->state_lookup(&x->id.daddr, x->id.spi, x->id.proto);
485 if (x1) {
486 xfrm_state_put(x1);
487 x1 = NULL;
488 err = -EEXIST;
489 goto out;
490 }
492 if (x->km.seq) {
493 x1 = __xfrm_find_acq_byseq(x->km.seq);
494 if (x1 && xfrm_addr_cmp(&x1->id.daddr, &x->id.daddr, family)) {
495 xfrm_state_put(x1);
496 x1 = NULL;
497 }
498 }
500 if (!x1)
501 x1 = afinfo->find_acq(
502 x->props.mode, x->props.reqid, x->id.proto,
503 &x->id.daddr, &x->props.saddr, 0);
505 __xfrm_state_insert(x);
506 err = 0;
508 out:
509 spin_unlock_bh(&xfrm_state_lock);
510 xfrm_state_put_afinfo(afinfo);
512 if (!err)
513 xfrm_flush_all_bundles();
515 if (x1) {
516 xfrm_state_delete(x1);
517 xfrm_state_put(x1);
518 }
520 return err;
521 }
522 EXPORT_SYMBOL(xfrm_state_add);
524 int xfrm_state_update(struct xfrm_state *x)
525 {
526 struct xfrm_state_afinfo *afinfo;
527 struct xfrm_state *x1;
528 int err;
530 afinfo = xfrm_state_get_afinfo(x->props.family);
531 if (unlikely(afinfo == NULL))
532 return -EAFNOSUPPORT;
534 spin_lock_bh(&xfrm_state_lock);
535 x1 = afinfo->state_lookup(&x->id.daddr, x->id.spi, x->id.proto);
537 err = -ESRCH;
538 if (!x1)
539 goto out;
541 if (xfrm_state_kern(x1)) {
542 xfrm_state_put(x1);
543 err = -EEXIST;
544 goto out;
545 }
547 if (x1->km.state == XFRM_STATE_ACQ) {
548 __xfrm_state_insert(x);
549 x = NULL;
550 }
551 err = 0;
553 out:
554 spin_unlock_bh(&xfrm_state_lock);
555 xfrm_state_put_afinfo(afinfo);
557 if (err)
558 return err;
560 if (!x) {
561 xfrm_state_delete(x1);
562 xfrm_state_put(x1);
563 return 0;
564 }
566 err = -EINVAL;
567 spin_lock_bh(&x1->lock);
568 if (likely(x1->km.state == XFRM_STATE_VALID)) {
569 if (x->encap && x1->encap)
570 memcpy(x1->encap, x->encap, sizeof(*x1->encap));
571 memcpy(&x1->lft, &x->lft, sizeof(x1->lft));
572 x1->km.dying = 0;
574 if (!mod_timer(&x1->timer, jiffies + HZ))
575 xfrm_state_hold(x1);
576 if (x1->curlft.use_time)
577 xfrm_state_check_expire(x1);
579 err = 0;
580 }
581 spin_unlock_bh(&x1->lock);
583 xfrm_state_put(x1);
585 return err;
586 }
587 EXPORT_SYMBOL(xfrm_state_update);
589 int xfrm_state_check_expire(struct xfrm_state *x)
590 {
591 if (!x->curlft.use_time)
592 x->curlft.use_time = (unsigned long)xtime.tv_sec;
594 if (x->km.state != XFRM_STATE_VALID)
595 return -EINVAL;
597 if (x->curlft.bytes >= x->lft.hard_byte_limit ||
598 x->curlft.packets >= x->lft.hard_packet_limit) {
599 x->km.state = XFRM_STATE_EXPIRED;
600 if (!mod_timer(&x->timer, jiffies))
601 xfrm_state_hold(x);
602 return -EINVAL;
603 }
605 if (!x->km.dying &&
606 (x->curlft.bytes >= x->lft.soft_byte_limit ||
607 x->curlft.packets >= x->lft.soft_packet_limit)) {
608 x->km.dying = 1;
609 km_state_expired(x, 0, 0);
610 }
611 return 0;
612 }
613 EXPORT_SYMBOL(xfrm_state_check_expire);
615 static int xfrm_state_check_space(struct xfrm_state *x, struct sk_buff *skb)
616 {
617 int nhead = x->props.header_len + LL_RESERVED_SPACE(skb->dst->dev)
618 - skb_headroom(skb);
620 if (nhead > 0)
621 return pskb_expand_head(skb, nhead, 0, GFP_ATOMIC);
623 /* Check tail too... */
624 return 0;
625 }
627 int xfrm_state_check(struct xfrm_state *x, struct sk_buff *skb)
628 {
629 int err = xfrm_state_check_expire(x);
630 if (err < 0)
631 goto err;
632 err = xfrm_state_check_space(x, skb);
633 err:
634 return err;
635 }
636 EXPORT_SYMBOL(xfrm_state_check);
638 struct xfrm_state *
639 xfrm_state_lookup(xfrm_address_t *daddr, u32 spi, u8 proto,
640 unsigned short family)
641 {
642 struct xfrm_state *x;
643 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
644 if (!afinfo)
645 return NULL;
647 spin_lock_bh(&xfrm_state_lock);
648 x = afinfo->state_lookup(daddr, spi, proto);
649 spin_unlock_bh(&xfrm_state_lock);
650 xfrm_state_put_afinfo(afinfo);
651 return x;
652 }
653 EXPORT_SYMBOL(xfrm_state_lookup);
655 struct xfrm_state *
656 xfrm_find_acq(u8 mode, u32 reqid, u8 proto,
657 xfrm_address_t *daddr, xfrm_address_t *saddr,
658 int create, unsigned short family)
659 {
660 struct xfrm_state *x;
661 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
662 if (!afinfo)
663 return NULL;
665 spin_lock_bh(&xfrm_state_lock);
666 x = afinfo->find_acq(mode, reqid, proto, daddr, saddr, create);
667 spin_unlock_bh(&xfrm_state_lock);
668 xfrm_state_put_afinfo(afinfo);
669 return x;
670 }
671 EXPORT_SYMBOL(xfrm_find_acq);
673 /* Silly enough, but I'm lazy to build resolution list */
675 static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq)
676 {
677 int i;
678 struct xfrm_state *x;
680 for (i = 0; i < XFRM_DST_HSIZE; i++) {
681 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
682 if (x->km.seq == seq && x->km.state == XFRM_STATE_ACQ) {
683 xfrm_state_hold(x);
684 return x;
685 }
686 }
687 }
688 return NULL;
689 }
691 struct xfrm_state *xfrm_find_acq_byseq(u32 seq)
692 {
693 struct xfrm_state *x;
695 spin_lock_bh(&xfrm_state_lock);
696 x = __xfrm_find_acq_byseq(seq);
697 spin_unlock_bh(&xfrm_state_lock);
698 return x;
699 }
700 EXPORT_SYMBOL(xfrm_find_acq_byseq);
702 u32 xfrm_get_acqseq(void)
703 {
704 u32 res;
705 static u32 acqseq;
706 static DEFINE_SPINLOCK(acqseq_lock);
708 spin_lock_bh(&acqseq_lock);
709 res = (++acqseq ? : ++acqseq);
710 spin_unlock_bh(&acqseq_lock);
711 return res;
712 }
713 EXPORT_SYMBOL(xfrm_get_acqseq);
715 void
716 xfrm_alloc_spi(struct xfrm_state *x, u32 minspi, u32 maxspi)
717 {
718 u32 h;
719 struct xfrm_state *x0;
721 if (x->id.spi)
722 return;
724 if (minspi == maxspi) {
725 x0 = xfrm_state_lookup(&x->id.daddr, minspi, x->id.proto, x->props.family);
726 if (x0) {
727 xfrm_state_put(x0);
728 return;
729 }
730 x->id.spi = minspi;
731 } else {
732 u32 spi = 0;
733 minspi = ntohl(minspi);
734 maxspi = ntohl(maxspi);
735 for (h=0; h<maxspi-minspi+1; h++) {
736 spi = minspi + net_random()%(maxspi-minspi+1);
737 x0 = xfrm_state_lookup(&x->id.daddr, htonl(spi), x->id.proto, x->props.family);
738 if (x0 == NULL) {
739 x->id.spi = htonl(spi);
740 break;
741 }
742 xfrm_state_put(x0);
743 }
744 }
745 if (x->id.spi) {
746 spin_lock_bh(&xfrm_state_lock);
747 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, x->props.family);
748 list_add(&x->byspi, xfrm_state_byspi+h);
749 xfrm_state_hold(x);
750 spin_unlock_bh(&xfrm_state_lock);
751 wake_up(&km_waitq);
752 }
753 }
754 EXPORT_SYMBOL(xfrm_alloc_spi);
756 int xfrm_state_walk(u8 proto, int (*func)(struct xfrm_state *, int, void*),
757 void *data)
758 {
759 int i;
760 struct xfrm_state *x;
761 int count = 0;
762 int err = 0;
764 spin_lock_bh(&xfrm_state_lock);
765 for (i = 0; i < XFRM_DST_HSIZE; i++) {
766 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
767 if (proto == IPSEC_PROTO_ANY || x->id.proto == proto)
768 count++;
769 }
770 }
771 if (count == 0) {
772 err = -ENOENT;
773 goto out;
774 }
776 for (i = 0; i < XFRM_DST_HSIZE; i++) {
777 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
778 if (proto != IPSEC_PROTO_ANY && x->id.proto != proto)
779 continue;
780 err = func(x, --count, data);
781 if (err)
782 goto out;
783 }
784 }
785 out:
786 spin_unlock_bh(&xfrm_state_lock);
787 return err;
788 }
789 EXPORT_SYMBOL(xfrm_state_walk);
792 void xfrm_replay_notify(struct xfrm_state *x, int event)
793 {
794 struct km_event c;
795 /* we send notify messages in case
796 * 1. we updated on of the sequence numbers, and the seqno difference
797 * is at least x->replay_maxdiff, in this case we also update the
798 * timeout of our timer function
799 * 2. if x->replay_maxage has elapsed since last update,
800 * and there were changes
801 *
802 * The state structure must be locked!
803 */
805 switch (event) {
806 case XFRM_REPLAY_UPDATE:
807 if (x->replay_maxdiff &&
808 (x->replay.seq - x->preplay.seq < x->replay_maxdiff) &&
809 (x->replay.oseq - x->preplay.oseq < x->replay_maxdiff)) {
810 if (x->xflags & XFRM_TIME_DEFER)
811 event = XFRM_REPLAY_TIMEOUT;
812 else
813 return;
814 }
816 break;
818 case XFRM_REPLAY_TIMEOUT:
819 if ((x->replay.seq == x->preplay.seq) &&
820 (x->replay.bitmap == x->preplay.bitmap) &&
821 (x->replay.oseq == x->preplay.oseq)) {
822 x->xflags |= XFRM_TIME_DEFER;
823 return;
824 }
826 break;
827 }
829 memcpy(&x->preplay, &x->replay, sizeof(struct xfrm_replay_state));
830 c.event = XFRM_MSG_NEWAE;
831 c.data.aevent = event;
832 km_state_notify(x, &c);
834 if (x->replay_maxage &&
835 !mod_timer(&x->rtimer, jiffies + x->replay_maxage)) {
836 xfrm_state_hold(x);
837 x->xflags &= ~XFRM_TIME_DEFER;
838 }
839 }
840 EXPORT_SYMBOL(xfrm_replay_notify);
842 static void xfrm_replay_timer_handler(unsigned long data)
843 {
844 struct xfrm_state *x = (struct xfrm_state*)data;
846 spin_lock(&x->lock);
848 if (x->km.state == XFRM_STATE_VALID) {
849 if (xfrm_aevent_is_on())
850 xfrm_replay_notify(x, XFRM_REPLAY_TIMEOUT);
851 else
852 x->xflags |= XFRM_TIME_DEFER;
853 }
855 spin_unlock(&x->lock);
856 xfrm_state_put(x);
857 }
859 int xfrm_replay_check(struct xfrm_state *x, u32 seq)
860 {
861 u32 diff;
863 seq = ntohl(seq);
865 if (unlikely(seq == 0))
866 return -EINVAL;
868 if (likely(seq > x->replay.seq))
869 return 0;
871 diff = x->replay.seq - seq;
872 if (diff >= x->props.replay_window) {
873 x->stats.replay_window++;
874 return -EINVAL;
875 }
877 if (x->replay.bitmap & (1U << diff)) {
878 x->stats.replay++;
879 return -EINVAL;
880 }
881 return 0;
882 }
883 EXPORT_SYMBOL(xfrm_replay_check);
885 void xfrm_replay_advance(struct xfrm_state *x, u32 seq)
886 {
887 u32 diff;
889 seq = ntohl(seq);
891 if (seq > x->replay.seq) {
892 diff = seq - x->replay.seq;
893 if (diff < x->props.replay_window)
894 x->replay.bitmap = ((x->replay.bitmap) << diff) | 1;
895 else
896 x->replay.bitmap = 1;
897 x->replay.seq = seq;
898 } else {
899 diff = x->replay.seq - seq;
900 x->replay.bitmap |= (1U << diff);
901 }
903 if (xfrm_aevent_is_on())
904 xfrm_replay_notify(x, XFRM_REPLAY_UPDATE);
905 }
906 EXPORT_SYMBOL(xfrm_replay_advance);
908 static struct list_head xfrm_km_list = LIST_HEAD_INIT(xfrm_km_list);
909 static DEFINE_RWLOCK(xfrm_km_lock);
911 void km_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c)
912 {
913 struct xfrm_mgr *km;
915 read_lock(&xfrm_km_lock);
916 list_for_each_entry(km, &xfrm_km_list, list)
917 if (km->notify_policy)
918 km->notify_policy(xp, dir, c);
919 read_unlock(&xfrm_km_lock);
920 }
922 void km_state_notify(struct xfrm_state *x, struct km_event *c)
923 {
924 struct xfrm_mgr *km;
925 read_lock(&xfrm_km_lock);
926 list_for_each_entry(km, &xfrm_km_list, list)
927 if (km->notify)
928 km->notify(x, c);
929 read_unlock(&xfrm_km_lock);
930 }
932 EXPORT_SYMBOL(km_policy_notify);
933 EXPORT_SYMBOL(km_state_notify);
935 void km_state_expired(struct xfrm_state *x, int hard, u32 pid)
936 {
937 struct km_event c;
939 c.data.hard = hard;
940 c.pid = pid;
941 c.event = XFRM_MSG_EXPIRE;
942 km_state_notify(x, &c);
944 if (hard)
945 wake_up(&km_waitq);
946 }
948 EXPORT_SYMBOL(km_state_expired);
949 /*
950 * We send to all registered managers regardless of failure
951 * We are happy with one success
952 */
953 int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol)
954 {
955 int err = -EINVAL, acqret;
956 struct xfrm_mgr *km;
958 read_lock(&xfrm_km_lock);
959 list_for_each_entry(km, &xfrm_km_list, list) {
960 acqret = km->acquire(x, t, pol, XFRM_POLICY_OUT);
961 if (!acqret)
962 err = acqret;
963 }
964 read_unlock(&xfrm_km_lock);
965 return err;
966 }
967 EXPORT_SYMBOL(km_query);
969 int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport)
970 {
971 int err = -EINVAL;
972 struct xfrm_mgr *km;
974 read_lock(&xfrm_km_lock);
975 list_for_each_entry(km, &xfrm_km_list, list) {
976 if (km->new_mapping)
977 err = km->new_mapping(x, ipaddr, sport);
978 if (!err)
979 break;
980 }
981 read_unlock(&xfrm_km_lock);
982 return err;
983 }
984 EXPORT_SYMBOL(km_new_mapping);
986 void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 pid)
987 {
988 struct km_event c;
990 c.data.hard = hard;
991 c.pid = pid;
992 c.event = XFRM_MSG_POLEXPIRE;
993 km_policy_notify(pol, dir, &c);
995 if (hard)
996 wake_up(&km_waitq);
997 }
998 EXPORT_SYMBOL(km_policy_expired);
1000 int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optval, int optlen)
1002 int err;
1003 u8 *data;
1004 struct xfrm_mgr *km;
1005 struct xfrm_policy *pol = NULL;
1007 if (optlen <= 0 || optlen > PAGE_SIZE)
1008 return -EMSGSIZE;
1010 data = kmalloc(optlen, GFP_KERNEL);
1011 if (!data)
1012 return -ENOMEM;
1014 err = -EFAULT;
1015 if (copy_from_user(data, optval, optlen))
1016 goto out;
1018 err = -EINVAL;
1019 read_lock(&xfrm_km_lock);
1020 list_for_each_entry(km, &xfrm_km_list, list) {
1021 pol = km->compile_policy(sk->sk_family, optname, data,
1022 optlen, &err);
1023 if (err >= 0)
1024 break;
1026 read_unlock(&xfrm_km_lock);
1028 if (err >= 0) {
1029 xfrm_sk_policy_insert(sk, err, pol);
1030 xfrm_pol_put(pol);
1031 err = 0;
1034 out:
1035 kfree(data);
1036 return err;
1038 EXPORT_SYMBOL(xfrm_user_policy);
1040 int xfrm_register_km(struct xfrm_mgr *km)
1042 write_lock_bh(&xfrm_km_lock);
1043 list_add_tail(&km->list, &xfrm_km_list);
1044 write_unlock_bh(&xfrm_km_lock);
1045 return 0;
1047 EXPORT_SYMBOL(xfrm_register_km);
1049 int xfrm_unregister_km(struct xfrm_mgr *km)
1051 write_lock_bh(&xfrm_km_lock);
1052 list_del(&km->list);
1053 write_unlock_bh(&xfrm_km_lock);
1054 return 0;
1056 EXPORT_SYMBOL(xfrm_unregister_km);
1058 int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo)
1060 int err = 0;
1061 if (unlikely(afinfo == NULL))
1062 return -EINVAL;
1063 if (unlikely(afinfo->family >= NPROTO))
1064 return -EAFNOSUPPORT;
1065 write_lock_bh(&xfrm_state_afinfo_lock);
1066 if (unlikely(xfrm_state_afinfo[afinfo->family] != NULL))
1067 err = -ENOBUFS;
1068 else {
1069 afinfo->state_bydst = xfrm_state_bydst;
1070 afinfo->state_byspi = xfrm_state_byspi;
1071 xfrm_state_afinfo[afinfo->family] = afinfo;
1073 write_unlock_bh(&xfrm_state_afinfo_lock);
1074 return err;
1076 EXPORT_SYMBOL(xfrm_state_register_afinfo);
1078 int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo *afinfo)
1080 int err = 0;
1081 if (unlikely(afinfo == NULL))
1082 return -EINVAL;
1083 if (unlikely(afinfo->family >= NPROTO))
1084 return -EAFNOSUPPORT;
1085 write_lock_bh(&xfrm_state_afinfo_lock);
1086 if (likely(xfrm_state_afinfo[afinfo->family] != NULL)) {
1087 if (unlikely(xfrm_state_afinfo[afinfo->family] != afinfo))
1088 err = -EINVAL;
1089 else {
1090 xfrm_state_afinfo[afinfo->family] = NULL;
1091 afinfo->state_byspi = NULL;
1092 afinfo->state_bydst = NULL;
1095 write_unlock_bh(&xfrm_state_afinfo_lock);
1096 return err;
1098 EXPORT_SYMBOL(xfrm_state_unregister_afinfo);
1100 static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family)
1102 struct xfrm_state_afinfo *afinfo;
1103 if (unlikely(family >= NPROTO))
1104 return NULL;
1105 read_lock(&xfrm_state_afinfo_lock);
1106 afinfo = xfrm_state_afinfo[family];
1107 if (unlikely(!afinfo))
1108 read_unlock(&xfrm_state_afinfo_lock);
1109 return afinfo;
1112 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo)
1114 read_unlock(&xfrm_state_afinfo_lock);
1117 /* Temporarily located here until net/xfrm/xfrm_tunnel.c is created */
1118 void xfrm_state_delete_tunnel(struct xfrm_state *x)
1120 if (x->tunnel) {
1121 struct xfrm_state *t = x->tunnel;
1123 if (atomic_read(&t->tunnel_users) == 2)
1124 xfrm_state_delete(t);
1125 atomic_dec(&t->tunnel_users);
1126 xfrm_state_put(t);
1127 x->tunnel = NULL;
1130 EXPORT_SYMBOL(xfrm_state_delete_tunnel);
1132 /*
1133 * This function is NOT optimal. For example, with ESP it will give an
1134 * MTU that's usually two bytes short of being optimal. However, it will
1135 * usually give an answer that's a multiple of 4 provided the input is
1136 * also a multiple of 4.
1137 */
1138 int xfrm_state_mtu(struct xfrm_state *x, int mtu)
1140 int res = mtu;
1142 res -= x->props.header_len;
1144 for (;;) {
1145 int m = res;
1147 if (m < 68)
1148 return 68;
1150 spin_lock_bh(&x->lock);
1151 if (x->km.state == XFRM_STATE_VALID &&
1152 x->type && x->type->get_max_size)
1153 m = x->type->get_max_size(x, m);
1154 else
1155 m += x->props.header_len;
1156 spin_unlock_bh(&x->lock);
1158 if (m <= mtu)
1159 break;
1160 res -= (m - mtu);
1163 return res;
1166 int xfrm_init_state(struct xfrm_state *x)
1168 struct xfrm_state_afinfo *afinfo;
1169 int family = x->props.family;
1170 int err;
1172 err = -EAFNOSUPPORT;
1173 afinfo = xfrm_state_get_afinfo(family);
1174 if (!afinfo)
1175 goto error;
1177 err = 0;
1178 if (afinfo->init_flags)
1179 err = afinfo->init_flags(x);
1181 xfrm_state_put_afinfo(afinfo);
1183 if (err)
1184 goto error;
1186 err = -EPROTONOSUPPORT;
1187 x->type = xfrm_get_type(x->id.proto, family);
1188 if (x->type == NULL)
1189 goto error;
1191 err = x->type->init_state(x);
1192 if (err)
1193 goto error;
1195 x->mode = xfrm_get_mode(x->props.mode, family);
1196 if (x->mode == NULL)
1197 goto error;
1199 x->km.state = XFRM_STATE_VALID;
1201 error:
1202 return err;
1205 EXPORT_SYMBOL(xfrm_init_state);
1207 void __init xfrm_state_init(void)
1209 int i;
1211 for (i=0; i<XFRM_DST_HSIZE; i++) {
1212 INIT_LIST_HEAD(&xfrm_state_bydst[i]);
1213 INIT_LIST_HEAD(&xfrm_state_byspi[i]);
1215 INIT_WORK(&xfrm_state_gc_work, xfrm_state_gc_task, NULL);