search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[NETFILTER]: nf_conntrack: naming unification
[linux-2.6/libata-dev.git] / net / xfrm / xfrm_state.c
blob4463eeb8d1de86016737ff2802adb21eaac18343
1 /*
2 * xfrm_state.c
3 *
4 * Changes:
5 * Mitsuru KANDA @USAGI
6 * Kazunori MIYAZAWA @USAGI
7 * Kunihiro Ishiguro <kunihiro@ipinfusion.com>
8 * IPv6 support
9 * YOSHIFUJI Hideaki @USAGI
10 * Split up af-specific functions
11 * Derek Atkins <derek@ihtfp.com>
12 * Add UDP Encapsulation
13 *
14 */
15
16 #include <linux/workqueue.h>
17 #include <net/xfrm.h>
18 #include <linux/pfkeyv2.h>
19 #include <linux/ipsec.h>
20 #include <linux/module.h>
21 #include <linux/cache.h>
22 #include <linux/audit.h>
23 #include <asm/uaccess.h>
24
25 #include "xfrm_hash.h"
26
27 struct sock *xfrm_nl;
28 EXPORT_SYMBOL(xfrm_nl);
29
30 u32 sysctl_xfrm_aevent_etime __read_mostly = XFRM_AE_ETIME;
31 EXPORT_SYMBOL(sysctl_xfrm_aevent_etime);
32
33 u32 sysctl_xfrm_aevent_rseqth __read_mostly = XFRM_AE_SEQT_SIZE;
34 EXPORT_SYMBOL(sysctl_xfrm_aevent_rseqth);
35
36 u32 sysctl_xfrm_acq_expires __read_mostly = 30;
37
38 /* Each xfrm_state may be linked to two tables:
39
40 1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl)
41 2. Hash table by (daddr,family,reqid) to find what SAs exist for given
42 destination/tunnel endpoint. (output)
43 */
44
45 static DEFINE_SPINLOCK(xfrm_state_lock);
46
47 /* Hash table to find appropriate SA towards given target (endpoint
48 * of tunnel or destination of transport mode) allowed by selector.
49 *
50 * Main use is finding SA after policy selected tunnel or transport mode.
51 * Also, it can be used by ah/esp icmp error handler to find offending SA.
52 */
53 static struct hlist_head *xfrm_state_bydst __read_mostly;
54 static struct hlist_head *xfrm_state_bysrc __read_mostly;
55 static struct hlist_head *xfrm_state_byspi __read_mostly;
56 static unsigned int xfrm_state_hmask __read_mostly;
57 static unsigned int xfrm_state_hashmax __read_mostly = 1 * 1024 * 1024;
58 static unsigned int xfrm_state_num;
59 static unsigned int xfrm_state_genid;
60
61 static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned int family);
62 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo);
63
64 #ifdef CONFIG_AUDITSYSCALL
65 static void xfrm_audit_state_replay(struct xfrm_state *x,
66 struct sk_buff *skb, __be32 net_seq);
67 #else
68 #define xfrm_audit_state_replay(x, s, sq) do { ; } while (0)
69 #endif /* CONFIG_AUDITSYSCALL */
70
71 static inline unsigned int xfrm_dst_hash(xfrm_address_t *daddr,
72 xfrm_address_t *saddr,
73 u32 reqid,
74 unsigned short family)
75 {
76 return __xfrm_dst_hash(daddr, saddr, reqid, family, xfrm_state_hmask);
77 }
78
79 static inline unsigned int xfrm_src_hash(xfrm_address_t *daddr,
80 xfrm_address_t *saddr,
81 unsigned short family)
82 {
83 return __xfrm_src_hash(daddr, saddr, family, xfrm_state_hmask);
84 }
85
86 static inline unsigned int
87 xfrm_spi_hash(xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family)
88 {
89 return __xfrm_spi_hash(daddr, spi, proto, family, xfrm_state_hmask);
90 }
91
92 static void xfrm_hash_transfer(struct hlist_head *list,
93 struct hlist_head *ndsttable,
94 struct hlist_head *nsrctable,
95 struct hlist_head *nspitable,
96 unsigned int nhashmask)
97 {
98 struct hlist_node *entry, *tmp;
99 struct xfrm_state *x;
100
101 hlist_for_each_entry_safe(x, entry, tmp, list, bydst) {
102 unsigned int h;
103
104 h = __xfrm_dst_hash(&x->id.daddr, &x->props.saddr,
105 x->props.reqid, x->props.family,
106 nhashmask);
107 hlist_add_head(&x->bydst, ndsttable+h);
108
109 h = __xfrm_src_hash(&x->id.daddr, &x->props.saddr,
110 x->props.family,
111 nhashmask);
112 hlist_add_head(&x->bysrc, nsrctable+h);
113
114 if (x->id.spi) {
115 h = __xfrm_spi_hash(&x->id.daddr, x->id.spi,
116 x->id.proto, x->props.family,
117 nhashmask);
118 hlist_add_head(&x->byspi, nspitable+h);
119 }
120 }
121 }
122
123 static unsigned long xfrm_hash_new_size(void)
124 {
125 return ((xfrm_state_hmask + 1) << 1) *
126 sizeof(struct hlist_head);
127 }
128
129 static DEFINE_MUTEX(hash_resize_mutex);
130
131 static void xfrm_hash_resize(struct work_struct *__unused)
132 {
133 struct hlist_head *ndst, *nsrc, *nspi, *odst, *osrc, *ospi;
134 unsigned long nsize, osize;
135 unsigned int nhashmask, ohashmask;
136 int i;
137
138 mutex_lock(&hash_resize_mutex);
139
140 nsize = xfrm_hash_new_size();
141 ndst = xfrm_hash_alloc(nsize);
142 if (!ndst)
143 goto out_unlock;
144 nsrc = xfrm_hash_alloc(nsize);
145 if (!nsrc) {
146 xfrm_hash_free(ndst, nsize);
147 goto out_unlock;
148 }
149 nspi = xfrm_hash_alloc(nsize);
150 if (!nspi) {
151 xfrm_hash_free(ndst, nsize);
152 xfrm_hash_free(nsrc, nsize);
153 goto out_unlock;
154 }
155
156 spin_lock_bh(&xfrm_state_lock);
157
158 nhashmask = (nsize / sizeof(struct hlist_head)) - 1U;
159 for (i = xfrm_state_hmask; i >= 0; i--)
160 xfrm_hash_transfer(xfrm_state_bydst+i, ndst, nsrc, nspi,
161 nhashmask);
162
163 odst = xfrm_state_bydst;
164 osrc = xfrm_state_bysrc;
165 ospi = xfrm_state_byspi;
166 ohashmask = xfrm_state_hmask;
167
168 xfrm_state_bydst = ndst;
169 xfrm_state_bysrc = nsrc;
170 xfrm_state_byspi = nspi;
171 xfrm_state_hmask = nhashmask;
172
173 spin_unlock_bh(&xfrm_state_lock);
174
175 osize = (ohashmask + 1) * sizeof(struct hlist_head);
176 xfrm_hash_free(odst, osize);
177 xfrm_hash_free(osrc, osize);
178 xfrm_hash_free(ospi, osize);
179
180 out_unlock:
181 mutex_unlock(&hash_resize_mutex);
182 }
183
184 static DECLARE_WORK(xfrm_hash_work, xfrm_hash_resize);
185
186 DECLARE_WAIT_QUEUE_HEAD(km_waitq);
187 EXPORT_SYMBOL(km_waitq);
188
189 static DEFINE_RWLOCK(xfrm_state_afinfo_lock);
190 static struct xfrm_state_afinfo *xfrm_state_afinfo[NPROTO];
191
192 static struct work_struct xfrm_state_gc_work;
193 static HLIST_HEAD(xfrm_state_gc_list);
194 static DEFINE_SPINLOCK(xfrm_state_gc_lock);
195
196 int __xfrm_state_delete(struct xfrm_state *x);
197
198 int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol);
199 void km_state_expired(struct xfrm_state *x, int hard, u32 pid);
200
201 static struct xfrm_state_afinfo *xfrm_state_lock_afinfo(unsigned int family)
202 {
203 struct xfrm_state_afinfo *afinfo;
204 if (unlikely(family >= NPROTO))
205 return NULL;
206 write_lock_bh(&xfrm_state_afinfo_lock);
207 afinfo = xfrm_state_afinfo[family];
208 if (unlikely(!afinfo))
209 write_unlock_bh(&xfrm_state_afinfo_lock);
210 return afinfo;
211 }
212
213 static void xfrm_state_unlock_afinfo(struct xfrm_state_afinfo *afinfo)
214 __releases(xfrm_state_afinfo_lock)
215 {
216 write_unlock_bh(&xfrm_state_afinfo_lock);
217 }
218
219 int xfrm_register_type(const struct xfrm_type *type, unsigned short family)
220 {
221 struct xfrm_state_afinfo *afinfo = xfrm_state_lock_afinfo(family);
222 const struct xfrm_type **typemap;
223 int err = 0;
224
225 if (unlikely(afinfo == NULL))
226 return -EAFNOSUPPORT;
227 typemap = afinfo->type_map;
228
229 if (likely(typemap[type->proto] == NULL))
230 typemap[type->proto] = type;
231 else
232 err = -EEXIST;
233 xfrm_state_unlock_afinfo(afinfo);
234 return err;
235 }
236 EXPORT_SYMBOL(xfrm_register_type);
237
238 int xfrm_unregister_type(const struct xfrm_type *type, unsigned short family)
239 {
240 struct xfrm_state_afinfo *afinfo = xfrm_state_lock_afinfo(family);
241 const struct xfrm_type **typemap;
242 int err = 0;
243
244 if (unlikely(afinfo == NULL))
245 return -EAFNOSUPPORT;
246 typemap = afinfo->type_map;
247
248 if (unlikely(typemap[type->proto] != type))
249 err = -ENOENT;
250 else
251 typemap[type->proto] = NULL;
252 xfrm_state_unlock_afinfo(afinfo);
253 return err;
254 }
255 EXPORT_SYMBOL(xfrm_unregister_type);
256
257 static const struct xfrm_type *xfrm_get_type(u8 proto, unsigned short family)
258 {
259 struct xfrm_state_afinfo *afinfo;
260 const struct xfrm_type **typemap;
261 const struct xfrm_type *type;
262 int modload_attempted = 0;
263
264 retry:
265 afinfo = xfrm_state_get_afinfo(family);
266 if (unlikely(afinfo == NULL))
267 return NULL;
268 typemap = afinfo->type_map;
269
270 type = typemap[proto];
271 if (unlikely(type && !try_module_get(type->owner)))
272 type = NULL;
273 if (!type && !modload_attempted) {
274 xfrm_state_put_afinfo(afinfo);
275 request_module("xfrm-type-%d-%d", family, proto);
276 modload_attempted = 1;
277 goto retry;
278 }
279
280 xfrm_state_put_afinfo(afinfo);
281 return type;
282 }
283
284 static void xfrm_put_type(const struct xfrm_type *type)
285 {
286 module_put(type->owner);
287 }
288
289 int xfrm_register_mode(struct xfrm_mode *mode, int family)
290 {
291 struct xfrm_state_afinfo *afinfo;
292 struct xfrm_mode **modemap;
293 int err;
294
295 if (unlikely(mode->encap >= XFRM_MODE_MAX))
296 return -EINVAL;
297
298 afinfo = xfrm_state_lock_afinfo(family);
299 if (unlikely(afinfo == NULL))
300 return -EAFNOSUPPORT;
301
302 err = -EEXIST;
303 modemap = afinfo->mode_map;
304 if (modemap[mode->encap])
305 goto out;
306
307 err = -ENOENT;
308 if (!try_module_get(afinfo->owner))
309 goto out;
310
311 mode->afinfo = afinfo;
312 modemap[mode->encap] = mode;
313 err = 0;
314
315 out:
316 xfrm_state_unlock_afinfo(afinfo);
317 return err;
318 }
319 EXPORT_SYMBOL(xfrm_register_mode);
320
321 int xfrm_unregister_mode(struct xfrm_mode *mode, int family)
322 {
323 struct xfrm_state_afinfo *afinfo;
324 struct xfrm_mode **modemap;
325 int err;
326
327 if (unlikely(mode->encap >= XFRM_MODE_MAX))
328 return -EINVAL;
329
330 afinfo = xfrm_state_lock_afinfo(family);
331 if (unlikely(afinfo == NULL))
332 return -EAFNOSUPPORT;
333
334 err = -ENOENT;
335 modemap = afinfo->mode_map;
336 if (likely(modemap[mode->encap] == mode)) {
337 modemap[mode->encap] = NULL;
338 module_put(mode->afinfo->owner);
339 err = 0;
340 }
341
342 xfrm_state_unlock_afinfo(afinfo);
343 return err;
344 }
345 EXPORT_SYMBOL(xfrm_unregister_mode);
346
347 static struct xfrm_mode *xfrm_get_mode(unsigned int encap, int family)
348 {
349 struct xfrm_state_afinfo *afinfo;
350 struct xfrm_mode *mode;
351 int modload_attempted = 0;
352
353 if (unlikely(encap >= XFRM_MODE_MAX))
354 return NULL;
355
356 retry:
357 afinfo = xfrm_state_get_afinfo(family);
358 if (unlikely(afinfo == NULL))
359 return NULL;
360
361 mode = afinfo->mode_map[encap];
362 if (unlikely(mode && !try_module_get(mode->owner)))
363 mode = NULL;
364 if (!mode && !modload_attempted) {
365 xfrm_state_put_afinfo(afinfo);
366 request_module("xfrm-mode-%d-%d", family, encap);
367 modload_attempted = 1;
368 goto retry;
369 }
370
371 xfrm_state_put_afinfo(afinfo);
372 return mode;
373 }
374
375 static void xfrm_put_mode(struct xfrm_mode *mode)
376 {
377 module_put(mode->owner);
378 }
379
380 static void xfrm_state_gc_destroy(struct xfrm_state *x)
381 {
382 del_timer_sync(&x->timer);
383 del_timer_sync(&x->rtimer);
384 kfree(x->aalg);
385 kfree(x->ealg);
386 kfree(x->calg);
387 kfree(x->encap);
388 kfree(x->coaddr);
389 if (x->inner_mode)
390 xfrm_put_mode(x->inner_mode);
391 if (x->outer_mode)
392 xfrm_put_mode(x->outer_mode);
393 if (x->type) {
394 x->type->destructor(x);
395 xfrm_put_type(x->type);
396 }
397 security_xfrm_state_free(x);
398 kfree(x);
399 }
400
401 static void xfrm_state_gc_task(struct work_struct *data)
402 {
403 struct xfrm_state *x;
404 struct hlist_node *entry, *tmp;
405 struct hlist_head gc_list;
406
407 spin_lock_bh(&xfrm_state_gc_lock);
408 gc_list.first = xfrm_state_gc_list.first;
409 INIT_HLIST_HEAD(&xfrm_state_gc_list);
410 spin_unlock_bh(&xfrm_state_gc_lock);
411
412 hlist_for_each_entry_safe(x, entry, tmp, &gc_list, bydst)
413 xfrm_state_gc_destroy(x);
414
415 wake_up(&km_waitq);
416 }
417
418 static inline unsigned long make_jiffies(long secs)
419 {
420 if (secs >= (MAX_SCHEDULE_TIMEOUT-1)/HZ)
421 return MAX_SCHEDULE_TIMEOUT-1;
422 else
423 return secs*HZ;
424 }
425
426 static void xfrm_timer_handler(unsigned long data)
427 {
428 struct xfrm_state *x = (struct xfrm_state*)data;
429 unsigned long now = get_seconds();
430 long next = LONG_MAX;
431 int warn = 0;
432 int err = 0;
433
434 spin_lock(&x->lock);
435 if (x->km.state == XFRM_STATE_DEAD)
436 goto out;
437 if (x->km.state == XFRM_STATE_EXPIRED)
438 goto expired;
439 if (x->lft.hard_add_expires_seconds) {
440 long tmo = x->lft.hard_add_expires_seconds +
441 x->curlft.add_time - now;
442 if (tmo <= 0)
443 goto expired;
444 if (tmo < next)
445 next = tmo;
446 }
447 if (x->lft.hard_use_expires_seconds) {
448 long tmo = x->lft.hard_use_expires_seconds +
449 (x->curlft.use_time ? : now) - now;
450 if (tmo <= 0)
451 goto expired;
452 if (tmo < next)
453 next = tmo;
454 }
455 if (x->km.dying)
456 goto resched;
457 if (x->lft.soft_add_expires_seconds) {
458 long tmo = x->lft.soft_add_expires_seconds +
459 x->curlft.add_time - now;
460 if (tmo <= 0)
461 warn = 1;
462 else if (tmo < next)
463 next = tmo;
464 }
465 if (x->lft.soft_use_expires_seconds) {
466 long tmo = x->lft.soft_use_expires_seconds +
467 (x->curlft.use_time ? : now) - now;
468 if (tmo <= 0)
469 warn = 1;
470 else if (tmo < next)
471 next = tmo;
472 }
473
474 x->km.dying = warn;
475 if (warn)
476 km_state_expired(x, 0, 0);
477 resched:
478 if (next != LONG_MAX)
479 mod_timer(&x->timer, jiffies + make_jiffies(next));
480
481 goto out;
482
483 expired:
484 if (x->km.state == XFRM_STATE_ACQ && x->id.spi == 0) {
485 x->km.state = XFRM_STATE_EXPIRED;
486 wake_up(&km_waitq);
487 next = 2;
488 goto resched;
489 }
490
491 err = __xfrm_state_delete(x);
492 if (!err && x->id.spi)
493 km_state_expired(x, 1, 0);
494
495 xfrm_audit_state_delete(x, err ? 0 : 1,
496 audit_get_loginuid(current->audit_context), 0);
497
498 out:
499 spin_unlock(&x->lock);
500 }
501
502 static void xfrm_replay_timer_handler(unsigned long data);
503
504 struct xfrm_state *xfrm_state_alloc(void)
505 {
506 struct xfrm_state *x;
507
508 x = kzalloc(sizeof(struct xfrm_state), GFP_ATOMIC);
509
510 if (x) {
511 atomic_set(&x->refcnt, 1);
512 atomic_set(&x->tunnel_users, 0);
513 INIT_HLIST_NODE(&x->bydst);
514 INIT_HLIST_NODE(&x->bysrc);
515 INIT_HLIST_NODE(&x->byspi);
516 setup_timer(&x->timer, xfrm_timer_handler, (unsigned long)x);
517 setup_timer(&x->rtimer, xfrm_replay_timer_handler,
518 (unsigned long)x);
519 x->curlft.add_time = get_seconds();
520 x->lft.soft_byte_limit = XFRM_INF;
521 x->lft.soft_packet_limit = XFRM_INF;
522 x->lft.hard_byte_limit = XFRM_INF;
523 x->lft.hard_packet_limit = XFRM_INF;
524 x->replay_maxage = 0;
525 x->replay_maxdiff = 0;
526 spin_lock_init(&x->lock);
527 }
528 return x;
529 }
530 EXPORT_SYMBOL(xfrm_state_alloc);
531
532 void __xfrm_state_destroy(struct xfrm_state *x)
533 {
534 BUG_TRAP(x->km.state == XFRM_STATE_DEAD);
535
536 spin_lock_bh(&xfrm_state_gc_lock);
537 hlist_add_head(&x->bydst, &xfrm_state_gc_list);
538 spin_unlock_bh(&xfrm_state_gc_lock);
539 schedule_work(&xfrm_state_gc_work);
540 }
541 EXPORT_SYMBOL(__xfrm_state_destroy);
542
543 int __xfrm_state_delete(struct xfrm_state *x)
544 {
545 int err = -ESRCH;
546
547 if (x->km.state != XFRM_STATE_DEAD) {
548 x->km.state = XFRM_STATE_DEAD;
549 spin_lock(&xfrm_state_lock);
550 hlist_del(&x->bydst);
551 hlist_del(&x->bysrc);
552 if (x->id.spi)
553 hlist_del(&x->byspi);
554 xfrm_state_num--;
555 spin_unlock(&xfrm_state_lock);
556
557 /* All xfrm_state objects are created by xfrm_state_alloc.
558 * The xfrm_state_alloc call gives a reference, and that
559 * is what we are dropping here.
560 */
561 xfrm_state_put(x);
562 err = 0;
563 }
564
565 return err;
566 }
567 EXPORT_SYMBOL(__xfrm_state_delete);
568
569 int xfrm_state_delete(struct xfrm_state *x)
570 {
571 int err;
572
573 spin_lock_bh(&x->lock);
574 err = __xfrm_state_delete(x);
575 spin_unlock_bh(&x->lock);
576
577 return err;
578 }
579 EXPORT_SYMBOL(xfrm_state_delete);
580
581 #ifdef CONFIG_SECURITY_NETWORK_XFRM
582 static inline int
583 xfrm_state_flush_secctx_check(u8 proto, struct xfrm_audit *audit_info)
584 {
585 int i, err = 0;
586
587 for (i = 0; i <= xfrm_state_hmask; i++) {
588 struct hlist_node *entry;
589 struct xfrm_state *x;
590
591 hlist_for_each_entry(x, entry, xfrm_state_bydst+i, bydst) {
592 if (xfrm_id_proto_match(x->id.proto, proto) &&
593 (err = security_xfrm_state_delete(x)) != 0) {
594 xfrm_audit_state_delete(x, 0,
595 audit_info->loginuid,
596 audit_info->secid);
597 return err;
598 }
599 }
600 }
601
602 return err;
603 }
604 #else
605 static inline int
606 xfrm_state_flush_secctx_check(u8 proto, struct xfrm_audit *audit_info)
607 {
608 return 0;
609 }
610 #endif
611
612 int xfrm_state_flush(u8 proto, struct xfrm_audit *audit_info)
613 {
614 int i, err = 0;
615
616 spin_lock_bh(&xfrm_state_lock);
617 err = xfrm_state_flush_secctx_check(proto, audit_info);
618 if (err)
619 goto out;
620
621 for (i = 0; i <= xfrm_state_hmask; i++) {
622 struct hlist_node *entry;
623 struct xfrm_state *x;
624 restart:
625 hlist_for_each_entry(x, entry, xfrm_state_bydst+i, bydst) {
626 if (!xfrm_state_kern(x) &&
627 xfrm_id_proto_match(x->id.proto, proto)) {
628 xfrm_state_hold(x);
629 spin_unlock_bh(&xfrm_state_lock);
630
631 err = xfrm_state_delete(x);
632 xfrm_audit_state_delete(x, err ? 0 : 1,
633 audit_info->loginuid,
634 audit_info->secid);
635 xfrm_state_put(x);
636
637 spin_lock_bh(&xfrm_state_lock);
638 goto restart;
639 }
640 }
641 }
642 err = 0;
643
644 out:
645 spin_unlock_bh(&xfrm_state_lock);
646 wake_up(&km_waitq);
647 return err;
648 }
649 EXPORT_SYMBOL(xfrm_state_flush);
650
651 void xfrm_sad_getinfo(struct xfrmk_sadinfo *si)
652 {
653 spin_lock_bh(&xfrm_state_lock);
654 si->sadcnt = xfrm_state_num;
655 si->sadhcnt = xfrm_state_hmask;
656 si->sadhmcnt = xfrm_state_hashmax;
657 spin_unlock_bh(&xfrm_state_lock);
658 }
659 EXPORT_SYMBOL(xfrm_sad_getinfo);
660
661 static int
662 xfrm_init_tempsel(struct xfrm_state *x, struct flowi *fl,
663 struct xfrm_tmpl *tmpl,
664 xfrm_address_t *daddr, xfrm_address_t *saddr,
665 unsigned short family)
666 {
667 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
668 if (!afinfo)
669 return -1;
670 afinfo->init_tempsel(x, fl, tmpl, daddr, saddr);
671 xfrm_state_put_afinfo(afinfo);
672 return 0;
673 }
674
675 static struct xfrm_state *__xfrm_state_lookup(xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family)
676 {
677 unsigned int h = xfrm_spi_hash(daddr, spi, proto, family);
678 struct xfrm_state *x;
679 struct hlist_node *entry;
680
681 hlist_for_each_entry(x, entry, xfrm_state_byspi+h, byspi) {
682 if (x->props.family != family ||
683 x->id.spi != spi ||
684 x->id.proto != proto)
685 continue;
686
687 switch (family) {
688 case AF_INET:
689 if (x->id.daddr.a4 != daddr->a4)
690 continue;
691 break;
692 case AF_INET6:
693 if (!ipv6_addr_equal((struct in6_addr *)daddr,
694 (struct in6_addr *)
695 x->id.daddr.a6))
696 continue;
697 break;
698 }
699
700 xfrm_state_hold(x);
701 return x;
702 }
703
704 return NULL;
705 }
706
707 static struct xfrm_state *__xfrm_state_lookup_byaddr(xfrm_address_t *daddr, xfrm_address_t *saddr, u8 proto, unsigned short family)
708 {
709 unsigned int h = xfrm_src_hash(daddr, saddr, family);
710 struct xfrm_state *x;
711 struct hlist_node *entry;
712
713 hlist_for_each_entry(x, entry, xfrm_state_bysrc+h, bysrc) {
714 if (x->props.family != family ||
715 x->id.proto != proto)
716 continue;
717
718 switch (family) {
719 case AF_INET:
720 if (x->id.daddr.a4 != daddr->a4 ||
721 x->props.saddr.a4 != saddr->a4)
722 continue;
723 break;
724 case AF_INET6:
725 if (!ipv6_addr_equal((struct in6_addr *)daddr,
726 (struct in6_addr *)
727 x->id.daddr.a6) ||
728 !ipv6_addr_equal((struct in6_addr *)saddr,
729 (struct in6_addr *)
730 x->props.saddr.a6))
731 continue;
732 break;
733 }
734
735 xfrm_state_hold(x);
736 return x;
737 }
738
739 return NULL;
740 }
741
742 static inline struct xfrm_state *
743 __xfrm_state_locate(struct xfrm_state *x, int use_spi, int family)
744 {
745 if (use_spi)
746 return __xfrm_state_lookup(&x->id.daddr, x->id.spi,
747 x->id.proto, family);
748 else
749 return __xfrm_state_lookup_byaddr(&x->id.daddr,
750 &x->props.saddr,
751 x->id.proto, family);
752 }
753
754 static void xfrm_hash_grow_check(int have_hash_collision)
755 {
756 if (have_hash_collision &&
757 (xfrm_state_hmask + 1) < xfrm_state_hashmax &&
758 xfrm_state_num > xfrm_state_hmask)
759 schedule_work(&xfrm_hash_work);
760 }
761
762 struct xfrm_state *
763 xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
764 struct flowi *fl, struct xfrm_tmpl *tmpl,
765 struct xfrm_policy *pol, int *err,
766 unsigned short family)
767 {
768 unsigned int h;
769 struct hlist_node *entry;
770 struct xfrm_state *x, *x0;
771 int acquire_in_progress = 0;
772 int error = 0;
773 struct xfrm_state *best = NULL;
774
775 spin_lock_bh(&xfrm_state_lock);
776 h = xfrm_dst_hash(daddr, saddr, tmpl->reqid, family);
777 hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) {
778 if (x->props.family == family &&
779 x->props.reqid == tmpl->reqid &&
780 !(x->props.flags & XFRM_STATE_WILDRECV) &&
781 xfrm_state_addr_check(x, daddr, saddr, family) &&
782 tmpl->mode == x->props.mode &&
783 tmpl->id.proto == x->id.proto &&
784 (tmpl->id.spi == x->id.spi || !tmpl->id.spi)) {
785 /* Resolution logic:
786 1. There is a valid state with matching selector.
787 Done.
788 2. Valid state with inappropriate selector. Skip.
789
790 Entering area of "sysdeps".
791
792 3. If state is not valid, selector is temporary,
793 it selects only session which triggered
794 previous resolution. Key manager will do
795 something to install a state with proper
796 selector.
797 */
798 if (x->km.state == XFRM_STATE_VALID) {
799 if (!xfrm_selector_match(&x->sel, fl, x->sel.family) ||
800 !security_xfrm_state_pol_flow_match(x, pol, fl))
801 continue;
802 if (!best ||
803 best->km.dying > x->km.dying ||
804 (best->km.dying == x->km.dying &&
805 best->curlft.add_time < x->curlft.add_time))
806 best = x;
807 } else if (x->km.state == XFRM_STATE_ACQ) {
808 acquire_in_progress = 1;
809 } else if (x->km.state == XFRM_STATE_ERROR ||
810 x->km.state == XFRM_STATE_EXPIRED) {
811 if (xfrm_selector_match(&x->sel, fl, x->sel.family) &&
812 security_xfrm_state_pol_flow_match(x, pol, fl))
813 error = -ESRCH;
814 }
815 }
816 }
817
818 x = best;
819 if (!x && !error && !acquire_in_progress) {
820 if (tmpl->id.spi &&
821 (x0 = __xfrm_state_lookup(daddr, tmpl->id.spi,
822 tmpl->id.proto, family)) != NULL) {
823 xfrm_state_put(x0);
824 error = -EEXIST;
825 goto out;
826 }
827 x = xfrm_state_alloc();
828 if (x == NULL) {
829 error = -ENOMEM;
830 goto out;
831 }
832 /* Initialize temporary selector matching only
833 * to current session. */
834 xfrm_init_tempsel(x, fl, tmpl, daddr, saddr, family);
835
836 error = security_xfrm_state_alloc_acquire(x, pol->security, fl->secid);
837 if (error) {
838 x->km.state = XFRM_STATE_DEAD;
839 xfrm_state_put(x);
840 x = NULL;
841 goto out;
842 }
843
844 if (km_query(x, tmpl, pol) == 0) {
845 x->km.state = XFRM_STATE_ACQ;
846 hlist_add_head(&x->bydst, xfrm_state_bydst+h);
847 h = xfrm_src_hash(daddr, saddr, family);
848 hlist_add_head(&x->bysrc, xfrm_state_bysrc+h);
849 if (x->id.spi) {
850 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, family);
851 hlist_add_head(&x->byspi, xfrm_state_byspi+h);
852 }
853 x->lft.hard_add_expires_seconds = sysctl_xfrm_acq_expires;
854 x->timer.expires = jiffies + sysctl_xfrm_acq_expires*HZ;
855 add_timer(&x->timer);
856 xfrm_state_num++;
857 xfrm_hash_grow_check(x->bydst.next != NULL);
858 } else {
859 x->km.state = XFRM_STATE_DEAD;
860 xfrm_state_put(x);
861 x = NULL;
862 error = -ESRCH;
863 }
864 }
865 out:
866 if (x)
867 xfrm_state_hold(x);
868 else
869 *err = acquire_in_progress ? -EAGAIN : error;
870 spin_unlock_bh(&xfrm_state_lock);
871 return x;
872 }
873
874 struct xfrm_state *
875 xfrm_stateonly_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
876 unsigned short family, u8 mode, u8 proto, u32 reqid)
877 {
878 unsigned int h;
879 struct xfrm_state *rx = NULL, *x = NULL;
880 struct hlist_node *entry;
881
882 spin_lock(&xfrm_state_lock);
883 h = xfrm_dst_hash(daddr, saddr, reqid, family);
884 hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) {
885 if (x->props.family == family &&
886 x->props.reqid == reqid &&
887 !(x->props.flags & XFRM_STATE_WILDRECV) &&
888 xfrm_state_addr_check(x, daddr, saddr, family) &&
889 mode == x->props.mode &&
890 proto == x->id.proto &&
891 x->km.state == XFRM_STATE_VALID) {
892 rx = x;
893 break;
894 }
895 }
896
897 if (rx)
898 xfrm_state_hold(rx);
899 spin_unlock(&xfrm_state_lock);
900
901
902 return rx;
903 }
904 EXPORT_SYMBOL(xfrm_stateonly_find);
905
906 static void __xfrm_state_insert(struct xfrm_state *x)
907 {
908 unsigned int h;
909
910 x->genid = ++xfrm_state_genid;
911
912 h = xfrm_dst_hash(&x->id.daddr, &x->props.saddr,
913 x->props.reqid, x->props.family);
914 hlist_add_head(&x->bydst, xfrm_state_bydst+h);
915
916 h = xfrm_src_hash(&x->id.daddr, &x->props.saddr, x->props.family);
917 hlist_add_head(&x->bysrc, xfrm_state_bysrc+h);
918
919 if (x->id.spi) {
920 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto,
921 x->props.family);
922
923 hlist_add_head(&x->byspi, xfrm_state_byspi+h);
924 }
925
926 mod_timer(&x->timer, jiffies + HZ);
927 if (x->replay_maxage)
928 mod_timer(&x->rtimer, jiffies + x->replay_maxage);
929
930 wake_up(&km_waitq);
931
932 xfrm_state_num++;
933
934 xfrm_hash_grow_check(x->bydst.next != NULL);
935 }
936
937 /* xfrm_state_lock is held */
938 static void __xfrm_state_bump_genids(struct xfrm_state *xnew)
939 {
940 unsigned short family = xnew->props.family;
941 u32 reqid = xnew->props.reqid;
942 struct xfrm_state *x;
943 struct hlist_node *entry;
944 unsigned int h;
945
946 h = xfrm_dst_hash(&xnew->id.daddr, &xnew->props.saddr, reqid, family);
947 hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) {
948 if (x->props.family == family &&
949 x->props.reqid == reqid &&
950 !xfrm_addr_cmp(&x->id.daddr, &xnew->id.daddr, family) &&
951 !xfrm_addr_cmp(&x->props.saddr, &xnew->props.saddr, family))
952 x->genid = xfrm_state_genid;
953 }
954 }
955
956 void xfrm_state_insert(struct xfrm_state *x)
957 {
958 spin_lock_bh(&xfrm_state_lock);
959 __xfrm_state_bump_genids(x);
960 __xfrm_state_insert(x);
961 spin_unlock_bh(&xfrm_state_lock);
962 }
963 EXPORT_SYMBOL(xfrm_state_insert);
964
965 /* xfrm_state_lock is held */
966 static struct xfrm_state *__find_acq_core(unsigned short family, u8 mode, u32 reqid, u8 proto, xfrm_address_t *daddr, xfrm_address_t *saddr, int create)
967 {
968 unsigned int h = xfrm_dst_hash(daddr, saddr, reqid, family);
969 struct hlist_node *entry;
970 struct xfrm_state *x;
971
972 hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) {
973 if (x->props.reqid != reqid ||
974 x->props.mode != mode ||
975 x->props.family != family ||
976 x->km.state != XFRM_STATE_ACQ ||
977 x->id.spi != 0 ||
978 x->id.proto != proto)
979 continue;
980
981 switch (family) {
982 case AF_INET:
983 if (x->id.daddr.a4 != daddr->a4 ||
984 x->props.saddr.a4 != saddr->a4)
985 continue;
986 break;
987 case AF_INET6:
988 if (!ipv6_addr_equal((struct in6_addr *)x->id.daddr.a6,
989 (struct in6_addr *)daddr) ||
990 !ipv6_addr_equal((struct in6_addr *)
991 x->props.saddr.a6,
992 (struct in6_addr *)saddr))
993 continue;
994 break;
995 }
996
997 xfrm_state_hold(x);
998 return x;
999 }
1000
1001 if (!create)
1002 return NULL;
1003
1004 x = xfrm_state_alloc();
1005 if (likely(x)) {
1006 switch (family) {
1007 case AF_INET:
1008 x->sel.daddr.a4 = daddr->a4;
1009 x->sel.saddr.a4 = saddr->a4;
1010 x->sel.prefixlen_d = 32;
1011 x->sel.prefixlen_s = 32;
1012 x->props.saddr.a4 = saddr->a4;
1013 x->id.daddr.a4 = daddr->a4;
1014 break;
1015
1016 case AF_INET6:
1017 ipv6_addr_copy((struct in6_addr *)x->sel.daddr.a6,
1018 (struct in6_addr *)daddr);
1019 ipv6_addr_copy((struct in6_addr *)x->sel.saddr.a6,
1020 (struct in6_addr *)saddr);
1021 x->sel.prefixlen_d = 128;
1022 x->sel.prefixlen_s = 128;
1023 ipv6_addr_copy((struct in6_addr *)x->props.saddr.a6,
1024 (struct in6_addr *)saddr);
1025 ipv6_addr_copy((struct in6_addr *)x->id.daddr.a6,
1026 (struct in6_addr *)daddr);
1027 break;
1028 }
1029
1030 x->km.state = XFRM_STATE_ACQ;
1031 x->id.proto = proto;
1032 x->props.family = family;
1033 x->props.mode = mode;
1034 x->props.reqid = reqid;
1035 x->lft.hard_add_expires_seconds = sysctl_xfrm_acq_expires;
1036 xfrm_state_hold(x);
1037 x->timer.expires = jiffies + sysctl_xfrm_acq_expires*HZ;
1038 add_timer(&x->timer);
1039 hlist_add_head(&x->bydst, xfrm_state_bydst+h);
1040 h = xfrm_src_hash(daddr, saddr, family);
1041 hlist_add_head(&x->bysrc, xfrm_state_bysrc+h);
1042
1043 xfrm_state_num++;
1044
1045 xfrm_hash_grow_check(x->bydst.next != NULL);
1046 }
1047
1048 return x;
1049 }
1050
1051 static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq);
1052
1053 int xfrm_state_add(struct xfrm_state *x)
1054 {
1055 struct xfrm_state *x1;
1056 int family;
1057 int err;
1058 int use_spi = xfrm_id_proto_match(x->id.proto, IPSEC_PROTO_ANY);
1059
1060 family = x->props.family;
1061
1062 spin_lock_bh(&xfrm_state_lock);
1063
1064 x1 = __xfrm_state_locate(x, use_spi, family);
1065 if (x1) {
1066 xfrm_state_put(x1);
1067 x1 = NULL;
1068 err = -EEXIST;
1069 goto out;
1070 }
1071
1072 if (use_spi && x->km.seq) {
1073 x1 = __xfrm_find_acq_byseq(x->km.seq);
1074 if (x1 && ((x1->id.proto != x->id.proto) ||
1075 xfrm_addr_cmp(&x1->id.daddr, &x->id.daddr, family))) {
1076 xfrm_state_put(x1);
1077 x1 = NULL;
1078 }
1079 }
1080
1081 if (use_spi && !x1)
1082 x1 = __find_acq_core(family, x->props.mode, x->props.reqid,
1083 x->id.proto,
1084 &x->id.daddr, &x->props.saddr, 0);
1085
1086 __xfrm_state_bump_genids(x);
1087 __xfrm_state_insert(x);
1088 err = 0;
1089
1090 out:
1091 spin_unlock_bh(&xfrm_state_lock);
1092
1093 if (x1) {
1094 xfrm_state_delete(x1);
1095 xfrm_state_put(x1);
1096 }
1097
1098 return err;
1099 }
1100 EXPORT_SYMBOL(xfrm_state_add);
1101
1102 #ifdef CONFIG_XFRM_MIGRATE
1103 static struct xfrm_state *xfrm_state_clone(struct xfrm_state *orig, int *errp)
1104 {
1105 int err = -ENOMEM;
1106 struct xfrm_state *x = xfrm_state_alloc();
1107 if (!x)
1108 goto error;
1109
1110 memcpy(&x->id, &orig->id, sizeof(x->id));
1111 memcpy(&x->sel, &orig->sel, sizeof(x->sel));
1112 memcpy(&x->lft, &orig->lft, sizeof(x->lft));
1113 x->props.mode = orig->props.mode;
1114 x->props.replay_window = orig->props.replay_window;
1115 x->props.reqid = orig->props.reqid;
1116 x->props.family = orig->props.family;
1117 x->props.saddr = orig->props.saddr;
1118
1119 if (orig->aalg) {
1120 x->aalg = xfrm_algo_clone(orig->aalg);
1121 if (!x->aalg)
1122 goto error;
1123 }
1124 x->props.aalgo = orig->props.aalgo;
1125
1126 if (orig->ealg) {
1127 x->ealg = xfrm_algo_clone(orig->ealg);
1128 if (!x->ealg)
1129 goto error;
1130 }
1131 x->props.ealgo = orig->props.ealgo;
1132
1133 if (orig->calg) {
1134 x->calg = xfrm_algo_clone(orig->calg);
1135 if (!x->calg)
1136 goto error;
1137 }
1138 x->props.calgo = orig->props.calgo;
1139
1140 if (orig->encap) {
1141 x->encap = kmemdup(orig->encap, sizeof(*x->encap), GFP_KERNEL);
1142 if (!x->encap)
1143 goto error;
1144 }
1145
1146 if (orig->coaddr) {
1147 x->coaddr = kmemdup(orig->coaddr, sizeof(*x->coaddr),
1148 GFP_KERNEL);
1149 if (!x->coaddr)
1150 goto error;
1151 }
1152
1153 err = xfrm_init_state(x);
1154 if (err)
1155 goto error;
1156
1157 x->props.flags = orig->props.flags;
1158
1159 x->curlft.add_time = orig->curlft.add_time;
1160 x->km.state = orig->km.state;
1161 x->km.seq = orig->km.seq;
1162
1163 return x;
1164
1165 error:
1166 if (errp)
1167 *errp = err;
1168 if (x) {
1169 kfree(x->aalg);
1170 kfree(x->ealg);
1171 kfree(x->calg);
1172 kfree(x->encap);
1173 kfree(x->coaddr);
1174 }
1175 kfree(x);
1176 return NULL;
1177 }
1178
1179 /* xfrm_state_lock is held */
1180 struct xfrm_state * xfrm_migrate_state_find(struct xfrm_migrate *m)
1181 {
1182 unsigned int h;
1183 struct xfrm_state *x;
1184 struct hlist_node *entry;
1185
1186 if (m->reqid) {
1187 h = xfrm_dst_hash(&m->old_daddr, &m->old_saddr,
1188 m->reqid, m->old_family);
1189 hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) {
1190 if (x->props.mode != m->mode ||
1191 x->id.proto != m->proto)
1192 continue;
1193 if (m->reqid && x->props.reqid != m->reqid)
1194 continue;
1195 if (xfrm_addr_cmp(&x->id.daddr, &m->old_daddr,
1196 m->old_family) ||
1197 xfrm_addr_cmp(&x->props.saddr, &m->old_saddr,
1198 m->old_family))
1199 continue;
1200 xfrm_state_hold(x);
1201 return x;
1202 }
1203 } else {
1204 h = xfrm_src_hash(&m->old_daddr, &m->old_saddr,
1205 m->old_family);
1206 hlist_for_each_entry(x, entry, xfrm_state_bysrc+h, bysrc) {
1207 if (x->props.mode != m->mode ||
1208 x->id.proto != m->proto)
1209 continue;
1210 if (xfrm_addr_cmp(&x->id.daddr, &m->old_daddr,
1211 m->old_family) ||
1212 xfrm_addr_cmp(&x->props.saddr, &m->old_saddr,
1213 m->old_family))
1214 continue;
1215 xfrm_state_hold(x);
1216 return x;
1217 }
1218 }
1219
1220 return NULL;
1221 }
1222 EXPORT_SYMBOL(xfrm_migrate_state_find);
1223
1224 struct xfrm_state * xfrm_state_migrate(struct xfrm_state *x,
1225 struct xfrm_migrate *m)
1226 {
1227 struct xfrm_state *xc;
1228 int err;
1229
1230 xc = xfrm_state_clone(x, &err);
1231 if (!xc)
1232 return NULL;
1233
1234 memcpy(&xc->id.daddr, &m->new_daddr, sizeof(xc->id.daddr));
1235 memcpy(&xc->props.saddr, &m->new_saddr, sizeof(xc->props.saddr));
1236
1237 /* add state */
1238 if (!xfrm_addr_cmp(&x->id.daddr, &m->new_daddr, m->new_family)) {
1239 /* a care is needed when the destination address of the
1240 state is to be updated as it is a part of triplet */
1241 xfrm_state_insert(xc);
1242 } else {
1243 if ((err = xfrm_state_add(xc)) < 0)
1244 goto error;
1245 }
1246
1247 return xc;
1248 error:
1249 kfree(xc);
1250 return NULL;
1251 }
1252 EXPORT_SYMBOL(xfrm_state_migrate);
1253 #endif
1254
1255 int xfrm_state_update(struct xfrm_state *x)
1256 {
1257 struct xfrm_state *x1;
1258 int err;
1259 int use_spi = xfrm_id_proto_match(x->id.proto, IPSEC_PROTO_ANY);
1260
1261 spin_lock_bh(&xfrm_state_lock);
1262 x1 = __xfrm_state_locate(x, use_spi, x->props.family);
1263
1264 err = -ESRCH;
1265 if (!x1)
1266 goto out;
1267
1268 if (xfrm_state_kern(x1)) {
1269 xfrm_state_put(x1);
1270 err = -EEXIST;
1271 goto out;
1272 }
1273
1274 if (x1->km.state == XFRM_STATE_ACQ) {
1275 __xfrm_state_insert(x);
1276 x = NULL;
1277 }
1278 err = 0;
1279
1280 out:
1281 spin_unlock_bh(&xfrm_state_lock);
1282
1283 if (err)
1284 return err;
1285
1286 if (!x) {
1287 xfrm_state_delete(x1);
1288 xfrm_state_put(x1);
1289 return 0;
1290 }
1291
1292 err = -EINVAL;
1293 spin_lock_bh(&x1->lock);
1294 if (likely(x1->km.state == XFRM_STATE_VALID)) {
1295 if (x->encap && x1->encap)
1296 memcpy(x1->encap, x->encap, sizeof(*x1->encap));
1297 if (x->coaddr && x1->coaddr) {
1298 memcpy(x1->coaddr, x->coaddr, sizeof(*x1->coaddr));
1299 }
1300 if (!use_spi && memcmp(&x1->sel, &x->sel, sizeof(x1->sel)))
1301 memcpy(&x1->sel, &x->sel, sizeof(x1->sel));
1302 memcpy(&x1->lft, &x->lft, sizeof(x1->lft));
1303 x1->km.dying = 0;
1304
1305 mod_timer(&x1->timer, jiffies + HZ);
1306 if (x1->curlft.use_time)
1307 xfrm_state_check_expire(x1);
1308
1309 err = 0;
1310 }
1311 spin_unlock_bh(&x1->lock);
1312
1313 xfrm_state_put(x1);
1314
1315 return err;
1316 }
1317 EXPORT_SYMBOL(xfrm_state_update);
1318
1319 int xfrm_state_check_expire(struct xfrm_state *x)
1320 {
1321 if (!x->curlft.use_time)
1322 x->curlft.use_time = get_seconds();
1323
1324 if (x->km.state != XFRM_STATE_VALID)
1325 return -EINVAL;
1326
1327 if (x->curlft.bytes >= x->lft.hard_byte_limit ||
1328 x->curlft.packets >= x->lft.hard_packet_limit) {
1329 x->km.state = XFRM_STATE_EXPIRED;
1330 mod_timer(&x->timer, jiffies);
1331 return -EINVAL;
1332 }
1333
1334 if (!x->km.dying &&
1335 (x->curlft.bytes >= x->lft.soft_byte_limit ||
1336 x->curlft.packets >= x->lft.soft_packet_limit)) {
1337 x->km.dying = 1;
1338 km_state_expired(x, 0, 0);
1339 }
1340 return 0;
1341 }
1342 EXPORT_SYMBOL(xfrm_state_check_expire);
1343
1344 struct xfrm_state *
1345 xfrm_state_lookup(xfrm_address_t *daddr, __be32 spi, u8 proto,
1346 unsigned short family)
1347 {
1348 struct xfrm_state *x;
1349
1350 spin_lock_bh(&xfrm_state_lock);
1351 x = __xfrm_state_lookup(daddr, spi, proto, family);
1352 spin_unlock_bh(&xfrm_state_lock);
1353 return x;
1354 }
1355 EXPORT_SYMBOL(xfrm_state_lookup);
1356
1357 struct xfrm_state *
1358 xfrm_state_lookup_byaddr(xfrm_address_t *daddr, xfrm_address_t *saddr,
1359 u8 proto, unsigned short family)
1360 {
1361 struct xfrm_state *x;
1362
1363 spin_lock_bh(&xfrm_state_lock);
1364 x = __xfrm_state_lookup_byaddr(daddr, saddr, proto, family);
1365 spin_unlock_bh(&xfrm_state_lock);
1366 return x;
1367 }
1368 EXPORT_SYMBOL(xfrm_state_lookup_byaddr);
1369
1370 struct xfrm_state *
1371 xfrm_find_acq(u8 mode, u32 reqid, u8 proto,
1372 xfrm_address_t *daddr, xfrm_address_t *saddr,
1373 int create, unsigned short family)
1374 {
1375 struct xfrm_state *x;
1376
1377 spin_lock_bh(&xfrm_state_lock);
1378 x = __find_acq_core(family, mode, reqid, proto, daddr, saddr, create);
1379 spin_unlock_bh(&xfrm_state_lock);
1380
1381 return x;
1382 }
1383 EXPORT_SYMBOL(xfrm_find_acq);
1384
1385 #ifdef CONFIG_XFRM_SUB_POLICY
1386 int
1387 xfrm_tmpl_sort(struct xfrm_tmpl **dst, struct xfrm_tmpl **src, int n,
1388 unsigned short family)
1389 {
1390 int err = 0;
1391 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
1392 if (!afinfo)
1393 return -EAFNOSUPPORT;
1394
1395 spin_lock_bh(&xfrm_state_lock);
1396 if (afinfo->tmpl_sort)
1397 err = afinfo->tmpl_sort(dst, src, n);
1398 spin_unlock_bh(&xfrm_state_lock);
1399 xfrm_state_put_afinfo(afinfo);
1400 return err;
1401 }
1402 EXPORT_SYMBOL(xfrm_tmpl_sort);
1403
1404 int
1405 xfrm_state_sort(struct xfrm_state **dst, struct xfrm_state **src, int n,
1406 unsigned short family)
1407 {
1408 int err = 0;
1409 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
1410 if (!afinfo)
1411 return -EAFNOSUPPORT;
1412
1413 spin_lock_bh(&xfrm_state_lock);
1414 if (afinfo->state_sort)
1415 err = afinfo->state_sort(dst, src, n);
1416 spin_unlock_bh(&xfrm_state_lock);
1417 xfrm_state_put_afinfo(afinfo);
1418 return err;
1419 }
1420 EXPORT_SYMBOL(xfrm_state_sort);
1421 #endif
1422
1423 /* Silly enough, but I'm lazy to build resolution list */
1424
1425 static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq)
1426 {
1427 int i;
1428
1429 for (i = 0; i <= xfrm_state_hmask; i++) {
1430 struct hlist_node *entry;
1431 struct xfrm_state *x;
1432
1433 hlist_for_each_entry(x, entry, xfrm_state_bydst+i, bydst) {
1434 if (x->km.seq == seq &&
1435 x->km.state == XFRM_STATE_ACQ) {
1436 xfrm_state_hold(x);
1437 return x;
1438 }
1439 }
1440 }
1441 return NULL;
1442 }
1443
1444 struct xfrm_state *xfrm_find_acq_byseq(u32 seq)
1445 {
1446 struct xfrm_state *x;
1447
1448 spin_lock_bh(&xfrm_state_lock);
1449 x = __xfrm_find_acq_byseq(seq);
1450 spin_unlock_bh(&xfrm_state_lock);
1451 return x;
1452 }
1453 EXPORT_SYMBOL(xfrm_find_acq_byseq);
1454
1455 u32 xfrm_get_acqseq(void)
1456 {
1457 u32 res;
1458 static u32 acqseq;
1459 static DEFINE_SPINLOCK(acqseq_lock);
1460
1461 spin_lock_bh(&acqseq_lock);
1462 res = (++acqseq ? : ++acqseq);
1463 spin_unlock_bh(&acqseq_lock);
1464 return res;
1465 }
1466 EXPORT_SYMBOL(xfrm_get_acqseq);
1467
1468 int xfrm_alloc_spi(struct xfrm_state *x, u32 low, u32 high)
1469 {
1470 unsigned int h;
1471 struct xfrm_state *x0;
1472 int err = -ENOENT;
1473 __be32 minspi = htonl(low);
1474 __be32 maxspi = htonl(high);
1475
1476 spin_lock_bh(&x->lock);
1477 if (x->km.state == XFRM_STATE_DEAD)
1478 goto unlock;
1479
1480 err = 0;
1481 if (x->id.spi)
1482 goto unlock;
1483
1484 err = -ENOENT;
1485
1486 if (minspi == maxspi) {
1487 x0 = xfrm_state_lookup(&x->id.daddr, minspi, x->id.proto, x->props.family);
1488 if (x0) {
1489 xfrm_state_put(x0);
1490 goto unlock;
1491 }
1492 x->id.spi = minspi;
1493 } else {
1494 u32 spi = 0;
1495 for (h=0; h<high-low+1; h++) {
1496 spi = low + net_random()%(high-low+1);
1497 x0 = xfrm_state_lookup(&x->id.daddr, htonl(spi), x->id.proto, x->props.family);
1498 if (x0 == NULL) {
1499 x->id.spi = htonl(spi);
1500 break;
1501 }
1502 xfrm_state_put(x0);
1503 }
1504 }
1505 if (x->id.spi) {
1506 spin_lock_bh(&xfrm_state_lock);
1507 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, x->props.family);
1508 hlist_add_head(&x->byspi, xfrm_state_byspi+h);
1509 spin_unlock_bh(&xfrm_state_lock);
1510
1511 err = 0;
1512 }
1513
1514 unlock:
1515 spin_unlock_bh(&x->lock);
1516
1517 return err;
1518 }
1519 EXPORT_SYMBOL(xfrm_alloc_spi);
1520
1521 int xfrm_state_walk(u8 proto, int (*func)(struct xfrm_state *, int, void*),
1522 void *data)
1523 {
1524 int i;
1525 struct xfrm_state *x, *last = NULL;
1526 struct hlist_node *entry;
1527 int count = 0;
1528 int err = 0;
1529
1530 spin_lock_bh(&xfrm_state_lock);
1531 for (i = 0; i <= xfrm_state_hmask; i++) {
1532 hlist_for_each_entry(x, entry, xfrm_state_bydst+i, bydst) {
1533 if (!xfrm_id_proto_match(x->id.proto, proto))
1534 continue;
1535 if (last) {
1536 err = func(last, count, data);
1537 if (err)
1538 goto out;
1539 }
1540 last = x;
1541 count++;
1542 }
1543 }
1544 if (count == 0) {
1545 err = -ENOENT;
1546 goto out;
1547 }
1548 err = func(last, 0, data);
1549 out:
1550 spin_unlock_bh(&xfrm_state_lock);
1551 return err;
1552 }
1553 EXPORT_SYMBOL(xfrm_state_walk);
1554
1555
1556 void xfrm_replay_notify(struct xfrm_state *x, int event)
1557 {
1558 struct km_event c;
1559 /* we send notify messages in case
1560 * 1. we updated on of the sequence numbers, and the seqno difference
1561 * is at least x->replay_maxdiff, in this case we also update the
1562 * timeout of our timer function
1563 * 2. if x->replay_maxage has elapsed since last update,
1564 * and there were changes
1565 *
1566 * The state structure must be locked!
1567 */
1568
1569 switch (event) {
1570 case XFRM_REPLAY_UPDATE:
1571 if (x->replay_maxdiff &&
1572 (x->replay.seq - x->preplay.seq < x->replay_maxdiff) &&
1573 (x->replay.oseq - x->preplay.oseq < x->replay_maxdiff)) {
1574 if (x->xflags & XFRM_TIME_DEFER)
1575 event = XFRM_REPLAY_TIMEOUT;
1576 else
1577 return;
1578 }
1579
1580 break;
1581
1582 case XFRM_REPLAY_TIMEOUT:
1583 if ((x->replay.seq == x->preplay.seq) &&
1584 (x->replay.bitmap == x->preplay.bitmap) &&
1585 (x->replay.oseq == x->preplay.oseq)) {
1586 x->xflags |= XFRM_TIME_DEFER;
1587 return;
1588 }
1589
1590 break;
1591 }
1592
1593 memcpy(&x->preplay, &x->replay, sizeof(struct xfrm_replay_state));
1594 c.event = XFRM_MSG_NEWAE;
1595 c.data.aevent = event;
1596 km_state_notify(x, &c);
1597
1598 if (x->replay_maxage &&
1599 !mod_timer(&x->rtimer, jiffies + x->replay_maxage))
1600 x->xflags &= ~XFRM_TIME_DEFER;
1601 }
1602
1603 static void xfrm_replay_timer_handler(unsigned long data)
1604 {
1605 struct xfrm_state *x = (struct xfrm_state*)data;
1606
1607 spin_lock(&x->lock);
1608
1609 if (x->km.state == XFRM_STATE_VALID) {
1610 if (xfrm_aevent_is_on())
1611 xfrm_replay_notify(x, XFRM_REPLAY_TIMEOUT);
1612 else
1613 x->xflags |= XFRM_TIME_DEFER;
1614 }
1615
1616 spin_unlock(&x->lock);
1617 }
1618
1619 int xfrm_replay_check(struct xfrm_state *x,
1620 struct sk_buff *skb, __be32 net_seq)
1621 {
1622 u32 diff;
1623 u32 seq = ntohl(net_seq);
1624
1625 if (unlikely(seq == 0))
1626 goto err;
1627
1628 if (likely(seq > x->replay.seq))
1629 return 0;
1630
1631 diff = x->replay.seq - seq;
1632 if (diff >= min_t(unsigned int, x->props.replay_window,
1633 sizeof(x->replay.bitmap) * 8)) {
1634 x->stats.replay_window++;
1635 goto err;
1636 }
1637
1638 if (x->replay.bitmap & (1U << diff)) {
1639 x->stats.replay++;
1640 goto err;
1641 }
1642 return 0;
1643
1644 err:
1645 xfrm_audit_state_replay(x, skb, net_seq);
1646 return -EINVAL;
1647 }
1648 EXPORT_SYMBOL(xfrm_replay_check);
1649
1650 void xfrm_replay_advance(struct xfrm_state *x, __be32 net_seq)
1651 {
1652 u32 diff;
1653 u32 seq = ntohl(net_seq);
1654
1655 if (seq > x->replay.seq) {
1656 diff = seq - x->replay.seq;
1657 if (diff < x->props.replay_window)
1658 x->replay.bitmap = ((x->replay.bitmap) << diff) | 1;
1659 else
1660 x->replay.bitmap = 1;
1661 x->replay.seq = seq;
1662 } else {
1663 diff = x->replay.seq - seq;
1664 x->replay.bitmap |= (1U << diff);
1665 }
1666
1667 if (xfrm_aevent_is_on())
1668 xfrm_replay_notify(x, XFRM_REPLAY_UPDATE);
1669 }
1670 EXPORT_SYMBOL(xfrm_replay_advance);
1671
1672 static LIST_HEAD(xfrm_km_list);
1673 static DEFINE_RWLOCK(xfrm_km_lock);
1674
1675 void km_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c)
1676 {
1677 struct xfrm_mgr *km;
1678
1679 read_lock(&xfrm_km_lock);
1680 list_for_each_entry(km, &xfrm_km_list, list)
1681 if (km->notify_policy)
1682 km->notify_policy(xp, dir, c);
1683 read_unlock(&xfrm_km_lock);
1684 }
1685
1686 void km_state_notify(struct xfrm_state *x, struct km_event *c)
1687 {
1688 struct xfrm_mgr *km;
1689 read_lock(&xfrm_km_lock);
1690 list_for_each_entry(km, &xfrm_km_list, list)
1691 if (km->notify)
1692 km->notify(x, c);
1693 read_unlock(&xfrm_km_lock);
1694 }
1695
1696 EXPORT_SYMBOL(km_policy_notify);
1697 EXPORT_SYMBOL(km_state_notify);
1698
1699 void km_state_expired(struct xfrm_state *x, int hard, u32 pid)
1700 {
1701 struct km_event c;
1702
1703 c.data.hard = hard;
1704 c.pid = pid;
1705 c.event = XFRM_MSG_EXPIRE;
1706 km_state_notify(x, &c);
1707
1708 if (hard)
1709 wake_up(&km_waitq);
1710 }
1711
1712 EXPORT_SYMBOL(km_state_expired);
1713 /*
1714 * We send to all registered managers regardless of failure
1715 * We are happy with one success
1716 */
1717 int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol)
1718 {
1719 int err = -EINVAL, acqret;
1720 struct xfrm_mgr *km;
1721
1722 read_lock(&xfrm_km_lock);
1723 list_for_each_entry(km, &xfrm_km_list, list) {
1724 acqret = km->acquire(x, t, pol, XFRM_POLICY_OUT);
1725 if (!acqret)
1726 err = acqret;
1727 }
1728 read_unlock(&xfrm_km_lock);
1729 return err;
1730 }
1731 EXPORT_SYMBOL(km_query);
1732
1733 int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, __be16 sport)
1734 {
1735 int err = -EINVAL;
1736 struct xfrm_mgr *km;
1737
1738 read_lock(&xfrm_km_lock);
1739 list_for_each_entry(km, &xfrm_km_list, list) {
1740 if (km->new_mapping)
1741 err = km->new_mapping(x, ipaddr, sport);
1742 if (!err)
1743 break;
1744 }
1745 read_unlock(&xfrm_km_lock);
1746 return err;
1747 }
1748 EXPORT_SYMBOL(km_new_mapping);
1749
1750 void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 pid)
1751 {
1752 struct km_event c;
1753
1754 c.data.hard = hard;
1755 c.pid = pid;
1756 c.event = XFRM_MSG_POLEXPIRE;
1757 km_policy_notify(pol, dir, &c);
1758
1759 if (hard)
1760 wake_up(&km_waitq);
1761 }
1762 EXPORT_SYMBOL(km_policy_expired);
1763
1764 #ifdef CONFIG_XFRM_MIGRATE
1765 int km_migrate(struct xfrm_selector *sel, u8 dir, u8 type,
1766 struct xfrm_migrate *m, int num_migrate)
1767 {
1768 int err = -EINVAL;
1769 int ret;
1770 struct xfrm_mgr *km;
1771
1772 read_lock(&xfrm_km_lock);
1773 list_for_each_entry(km, &xfrm_km_list, list) {
1774 if (km->migrate) {
1775 ret = km->migrate(sel, dir, type, m, num_migrate);
1776 if (!ret)
1777 err = ret;
1778 }
1779 }
1780 read_unlock(&xfrm_km_lock);
1781 return err;
1782 }
1783 EXPORT_SYMBOL(km_migrate);
1784 #endif
1785
1786 int km_report(u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr)
1787 {
1788 int err = -EINVAL;
1789 int ret;
1790 struct xfrm_mgr *km;
1791
1792 read_lock(&xfrm_km_lock);
1793 list_for_each_entry(km, &xfrm_km_list, list) {
1794 if (km->report) {
1795 ret = km->report(proto, sel, addr);
1796 if (!ret)
1797 err = ret;
1798 }
1799 }
1800 read_unlock(&xfrm_km_lock);
1801 return err;
1802 }
1803 EXPORT_SYMBOL(km_report);
1804
1805 int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optval, int optlen)
1806 {
1807 int err;
1808 u8 *data;
1809 struct xfrm_mgr *km;
1810 struct xfrm_policy *pol = NULL;
1811
1812 if (optlen <= 0 || optlen > PAGE_SIZE)
1813 return -EMSGSIZE;
1814
1815 data = kmalloc(optlen, GFP_KERNEL);
1816 if (!data)
1817 return -ENOMEM;
1818
1819 err = -EFAULT;
1820 if (copy_from_user(data, optval, optlen))
1821 goto out;
1822
1823 err = -EINVAL;
1824 read_lock(&xfrm_km_lock);
1825 list_for_each_entry(km, &xfrm_km_list, list) {
1826 pol = km->compile_policy(sk, optname, data,
1827 optlen, &err);
1828 if (err >= 0)
1829 break;
1830 }
1831 read_unlock(&xfrm_km_lock);
1832
1833 if (err >= 0) {
1834 xfrm_sk_policy_insert(sk, err, pol);
1835 xfrm_pol_put(pol);
1836 err = 0;
1837 }
1838
1839 out:
1840 kfree(data);
1841 return err;
1842 }
1843 EXPORT_SYMBOL(xfrm_user_policy);
1844
1845 int xfrm_register_km(struct xfrm_mgr *km)
1846 {
1847 write_lock_bh(&xfrm_km_lock);
1848 list_add_tail(&km->list, &xfrm_km_list);
1849 write_unlock_bh(&xfrm_km_lock);
1850 return 0;
1851 }
1852 EXPORT_SYMBOL(xfrm_register_km);
1853
1854 int xfrm_unregister_km(struct xfrm_mgr *km)
1855 {
1856 write_lock_bh(&xfrm_km_lock);
1857 list_del(&km->list);
1858 write_unlock_bh(&xfrm_km_lock);
1859 return 0;
1860 }
1861 EXPORT_SYMBOL(xfrm_unregister_km);
1862
1863 int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo)
1864 {
1865 int err = 0;
1866 if (unlikely(afinfo == NULL))
1867 return -EINVAL;
1868 if (unlikely(afinfo->family >= NPROTO))
1869 return -EAFNOSUPPORT;
1870 write_lock_bh(&xfrm_state_afinfo_lock);
1871 if (unlikely(xfrm_state_afinfo[afinfo->family] != NULL))
1872 err = -ENOBUFS;
1873 else
1874 xfrm_state_afinfo[afinfo->family] = afinfo;
1875 write_unlock_bh(&xfrm_state_afinfo_lock);
1876 return err;
1877 }
1878 EXPORT_SYMBOL(xfrm_state_register_afinfo);
1879
1880 int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo *afinfo)
1881 {
1882 int err = 0;
1883 if (unlikely(afinfo == NULL))
1884 return -EINVAL;
1885 if (unlikely(afinfo->family >= NPROTO))
1886 return -EAFNOSUPPORT;
1887 write_lock_bh(&xfrm_state_afinfo_lock);
1888 if (likely(xfrm_state_afinfo[afinfo->family] != NULL)) {
1889 if (unlikely(xfrm_state_afinfo[afinfo->family] != afinfo))
1890 err = -EINVAL;
1891 else
1892 xfrm_state_afinfo[afinfo->family] = NULL;
1893 }
1894 write_unlock_bh(&xfrm_state_afinfo_lock);
1895 return err;
1896 }
1897 EXPORT_SYMBOL(xfrm_state_unregister_afinfo);
1898
1899 static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned int family)
1900 {
1901 struct xfrm_state_afinfo *afinfo;
1902 if (unlikely(family >= NPROTO))
1903 return NULL;
1904 read_lock(&xfrm_state_afinfo_lock);
1905 afinfo = xfrm_state_afinfo[family];
1906 if (unlikely(!afinfo))
1907 read_unlock(&xfrm_state_afinfo_lock);
1908 return afinfo;
1909 }
1910
1911 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo)
1912 __releases(xfrm_state_afinfo_lock)
1913 {
1914 read_unlock(&xfrm_state_afinfo_lock);
1915 }
1916
1917 /* Temporarily located here until net/xfrm/xfrm_tunnel.c is created */
1918 void xfrm_state_delete_tunnel(struct xfrm_state *x)
1919 {
1920 if (x->tunnel) {
1921 struct xfrm_state *t = x->tunnel;
1922
1923 if (atomic_read(&t->tunnel_users) == 2)
1924 xfrm_state_delete(t);
1925 atomic_dec(&t->tunnel_users);
1926 xfrm_state_put(t);
1927 x->tunnel = NULL;
1928 }
1929 }
1930 EXPORT_SYMBOL(xfrm_state_delete_tunnel);
1931
1932 int xfrm_state_mtu(struct xfrm_state *x, int mtu)
1933 {
1934 int res;
1935
1936 spin_lock_bh(&x->lock);
1937 if (x->km.state == XFRM_STATE_VALID &&
1938 x->type && x->type->get_mtu)
1939 res = x->type->get_mtu(x, mtu);
1940 else
1941 res = mtu - x->props.header_len;
1942 spin_unlock_bh(&x->lock);
1943 return res;
1944 }
1945
1946 int xfrm_init_state(struct xfrm_state *x)
1947 {
1948 struct xfrm_state_afinfo *afinfo;
1949 int family = x->props.family;
1950 int err;
1951
1952 err = -EAFNOSUPPORT;
1953 afinfo = xfrm_state_get_afinfo(family);
1954 if (!afinfo)
1955 goto error;
1956
1957 err = 0;
1958 if (afinfo->init_flags)
1959 err = afinfo->init_flags(x);
1960
1961 xfrm_state_put_afinfo(afinfo);
1962
1963 if (err)
1964 goto error;
1965
1966 err = -EPROTONOSUPPORT;
1967 x->inner_mode = xfrm_get_mode(x->props.mode, x->sel.family);
1968 if (x->inner_mode == NULL)
1969 goto error;
1970
1971 if (!(x->inner_mode->flags & XFRM_MODE_FLAG_TUNNEL) &&
1972 family != x->sel.family)
1973 goto error;
1974
1975 x->type = xfrm_get_type(x->id.proto, family);
1976 if (x->type == NULL)
1977 goto error;
1978
1979 err = x->type->init_state(x);
1980 if (err)
1981 goto error;
1982
1983 x->outer_mode = xfrm_get_mode(x->props.mode, family);
1984 if (x->outer_mode == NULL)
1985 goto error;
1986
1987 x->km.state = XFRM_STATE_VALID;
1988
1989 error:
1990 return err;
1991 }
1992
1993 EXPORT_SYMBOL(xfrm_init_state);
1994
1995 void __init xfrm_state_init(void)
1996 {
1997 unsigned int sz;
1998
1999 sz = sizeof(struct hlist_head) * 8;
2000
2001 xfrm_state_bydst = xfrm_hash_alloc(sz);
2002 xfrm_state_bysrc = xfrm_hash_alloc(sz);
2003 xfrm_state_byspi = xfrm_hash_alloc(sz);
2004 if (!xfrm_state_bydst || !xfrm_state_bysrc || !xfrm_state_byspi)
2005 panic("XFRM: Cannot allocate bydst/bysrc/byspi hashes.");
2006 xfrm_state_hmask = ((sz / sizeof(struct hlist_head)) - 1);
2007
2008 INIT_WORK(&xfrm_state_gc_work, xfrm_state_gc_task);
2009 }
2010
2011 #ifdef CONFIG_AUDITSYSCALL
2012 static void xfrm_audit_helper_sainfo(struct xfrm_state *x,
2013 struct audit_buffer *audit_buf)
2014 {
2015 struct xfrm_sec_ctx *ctx = x->security;
2016 u32 spi = ntohl(x->id.spi);
2017
2018 if (ctx)
2019 audit_log_format(audit_buf, " sec_alg=%u sec_doi=%u sec_obj=%s",
2020 ctx->ctx_alg, ctx->ctx_doi, ctx->ctx_str);
2021
2022 switch(x->props.family) {
2023 case AF_INET:
2024 audit_log_format(audit_buf,
2025 " src=" NIPQUAD_FMT " dst=" NIPQUAD_FMT,
2026 NIPQUAD(x->props.saddr.a4),
2027 NIPQUAD(x->id.daddr.a4));
2028 break;
2029 case AF_INET6:
2030 audit_log_format(audit_buf,
2031 " src=" NIP6_FMT " dst=" NIP6_FMT,
2032 NIP6(*(struct in6_addr *)x->props.saddr.a6),
2033 NIP6(*(struct in6_addr *)x->id.daddr.a6));
2034 break;
2035 }
2036
2037 audit_log_format(audit_buf, " spi=%u(0x%x)", spi, spi);
2038 }
2039
2040 static void xfrm_audit_helper_pktinfo(struct sk_buff *skb, u16 family,
2041 struct audit_buffer *audit_buf)
2042 {
2043 struct iphdr *iph4;
2044 struct ipv6hdr *iph6;
2045
2046 switch (family) {
2047 case AF_INET:
2048 iph4 = ip_hdr(skb);
2049 audit_log_format(audit_buf,
2050 " src=" NIPQUAD_FMT " dst=" NIPQUAD_FMT,
2051 NIPQUAD(iph4->saddr),
2052 NIPQUAD(iph4->daddr));
2053 break;
2054 case AF_INET6:
2055 iph6 = ipv6_hdr(skb);
2056 audit_log_format(audit_buf,
2057 " src=" NIP6_FMT " dst=" NIP6_FMT
2058 " flowlbl=0x%x%x%x",
2059 NIP6(iph6->saddr),
2060 NIP6(iph6->daddr),
2061 iph6->flow_lbl[0] & 0x0f,
2062 iph6->flow_lbl[1],
2063 iph6->flow_lbl[2]);
2064 break;
2065 }
2066 }
2067
2068 void xfrm_audit_state_add(struct xfrm_state *x, int result,
2069 u32 auid, u32 secid)
2070 {
2071 struct audit_buffer *audit_buf;
2072
2073 audit_buf = xfrm_audit_start("SAD-add");
2074 if (audit_buf == NULL)
2075 return;
2076 xfrm_audit_helper_usrinfo(auid, secid, audit_buf);
2077 xfrm_audit_helper_sainfo(x, audit_buf);
2078 audit_log_format(audit_buf, " res=%u", result);
2079 audit_log_end(audit_buf);
2080 }
2081 EXPORT_SYMBOL_GPL(xfrm_audit_state_add);
2082
2083 void xfrm_audit_state_delete(struct xfrm_state *x, int result,
2084 u32 auid, u32 secid)
2085 {
2086 struct audit_buffer *audit_buf;
2087
2088 audit_buf = xfrm_audit_start("SAD-delete");
2089 if (audit_buf == NULL)
2090 return;
2091 xfrm_audit_helper_usrinfo(auid, secid, audit_buf);
2092 xfrm_audit_helper_sainfo(x, audit_buf);
2093 audit_log_format(audit_buf, " res=%u", result);
2094 audit_log_end(audit_buf);
2095 }
2096 EXPORT_SYMBOL_GPL(xfrm_audit_state_delete);
2097
2098 void xfrm_audit_state_replay_overflow(struct xfrm_state *x,
2099 struct sk_buff *skb)
2100 {
2101 struct audit_buffer *audit_buf;
2102 u32 spi;
2103
2104 audit_buf = xfrm_audit_start("SA-replay-overflow");
2105 if (audit_buf == NULL)
2106 return;
2107 xfrm_audit_helper_pktinfo(skb, x->props.family, audit_buf);
2108 /* don't record the sequence number because it's inherent in this kind
2109 * of audit message */
2110 spi = ntohl(x->id.spi);
2111 audit_log_format(audit_buf, " spi=%u(0x%x)", spi, spi);
2112 audit_log_end(audit_buf);
2113 }
2114 EXPORT_SYMBOL_GPL(xfrm_audit_state_replay_overflow);
2115
2116 static void xfrm_audit_state_replay(struct xfrm_state *x,
2117 struct sk_buff *skb, __be32 net_seq)
2118 {
2119 struct audit_buffer *audit_buf;
2120 u32 spi;
2121
2122 audit_buf = xfrm_audit_start("SA-replayed-pkt");
2123 if (audit_buf == NULL)
2124 return;
2125 xfrm_audit_helper_pktinfo(skb, x->props.family, audit_buf);
2126 spi = ntohl(x->id.spi);
2127 audit_log_format(audit_buf, " spi=%u(0x%x) seqno=%u",
2128 spi, spi, ntohl(net_seq));
2129 audit_log_end(audit_buf);
2130 }
2131
2132 void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family)
2133 {
2134 struct audit_buffer *audit_buf;
2135
2136 audit_buf = xfrm_audit_start("SA-notfound");
2137 if (audit_buf == NULL)
2138 return;
2139 xfrm_audit_helper_pktinfo(skb, family, audit_buf);
2140 audit_log_end(audit_buf);
2141 }
2142 EXPORT_SYMBOL_GPL(xfrm_audit_state_notfound_simple);
2143
2144 void xfrm_audit_state_notfound(struct sk_buff *skb, u16 family,
2145 __be32 net_spi, __be32 net_seq)
2146 {
2147 struct audit_buffer *audit_buf;
2148 u32 spi;
2149
2150 audit_buf = xfrm_audit_start("SA-notfound");
2151 if (audit_buf == NULL)
2152 return;
2153 xfrm_audit_helper_pktinfo(skb, family, audit_buf);
2154 spi = ntohl(net_spi);
2155 audit_log_format(audit_buf, " spi=%u(0x%x) seqno=%u",
2156 spi, spi, ntohl(net_seq));
2157 audit_log_end(audit_buf);
2158 }
2159 EXPORT_SYMBOL_GPL(xfrm_audit_state_notfound);
2160
2161 void xfrm_audit_state_icvfail(struct xfrm_state *x,
2162 struct sk_buff *skb, u8 proto)
2163 {
2164 struct audit_buffer *audit_buf;
2165 __be32 net_spi;
2166 __be32 net_seq;
2167
2168 audit_buf = xfrm_audit_start("SA-icv-failure");
2169 if (audit_buf == NULL)
2170 return;
2171 xfrm_audit_helper_pktinfo(skb, x->props.family, audit_buf);
2172 if (xfrm_parse_spi(skb, proto, &net_spi, &net_seq) == 0) {
2173 u32 spi = ntohl(net_spi);
2174 audit_log_format(audit_buf, " spi=%u(0x%x) seqno=%u",
2175 spi, spi, ntohl(net_seq));
2176 }
2177 audit_log_end(audit_buf);
2178 }
2179 EXPORT_SYMBOL_GPL(xfrm_audit_state_icvfail);
2180 #endif /* CONFIG_AUDITSYSCALL */
Linux 2.6 libata-dev (mirror)