[ALSA] Workaround for invalid signature read of CS8427
[linux-2.6/linux-acpi-2.6/ibm-acpi-2.6.git] / net / ipv6 / esp6.c
blob9eb92859835171ec22709c04148ce9860ea2acbe
1 /*
2 * Copyright (C)2002 USAGI/WIDE Project
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 * Authors
20 * Mitsuru KANDA @USAGI : IPv6 Support
21 * Kazunori MIYAZAWA @USAGI :
22 * Kunihiro Ishiguro <kunihiro@ipinfusion.com>
24 * This file is derived from net/ipv4/esp.c
27 #include <linux/err.h>
28 #include <linux/module.h>
29 #include <net/ip.h>
30 #include <net/xfrm.h>
31 #include <net/esp.h>
32 #include <asm/scatterlist.h>
33 #include <linux/crypto.h>
34 #include <linux/kernel.h>
35 #include <linux/pfkeyv2.h>
36 #include <linux/random.h>
37 #include <linux/spinlock.h>
38 #include <net/icmp.h>
39 #include <net/ipv6.h>
40 #include <net/protocol.h>
41 #include <linux/icmpv6.h>
43 static int esp6_output(struct xfrm_state *x, struct sk_buff *skb)
45 int err;
46 struct ip_esp_hdr *esph;
47 struct crypto_blkcipher *tfm;
48 struct blkcipher_desc desc;
49 struct sk_buff *trailer;
50 int blksize;
51 int clen;
52 int alen;
53 int nfrags;
54 u8 *tail;
55 struct esp_data *esp = x->data;
57 /* skb is pure payload to encrypt */
58 err = -ENOMEM;
60 /* Round to block size */
61 clen = skb->len;
63 alen = esp->auth.icv_trunc_len;
64 tfm = esp->conf.tfm;
65 desc.tfm = tfm;
66 desc.flags = 0;
67 blksize = ALIGN(crypto_blkcipher_blocksize(tfm), 4);
68 clen = ALIGN(clen + 2, blksize);
69 if (esp->conf.padlen)
70 clen = ALIGN(clen, esp->conf.padlen);
72 if ((nfrags = skb_cow_data(skb, clen-skb->len+alen, &trailer)) < 0) {
73 goto error;
76 /* Fill padding... */
77 tail = skb_tail_pointer(trailer);
78 do {
79 int i;
80 for (i=0; i<clen-skb->len - 2; i++)
81 tail[i] = i + 1;
82 } while (0);
83 tail[clen-skb->len - 2] = (clen - skb->len) - 2;
84 pskb_put(skb, trailer, clen - skb->len);
86 skb_push(skb, -skb_network_offset(skb));
87 esph = ip_esp_hdr(skb);
88 *(skb_tail_pointer(trailer) - 1) = *skb_mac_header(skb);
89 *skb_mac_header(skb) = IPPROTO_ESP;
91 esph->spi = x->id.spi;
92 esph->seq_no = htonl(XFRM_SKB_CB(skb)->seq);
94 spin_lock_bh(&x->lock);
96 if (esp->conf.ivlen) {
97 if (unlikely(!esp->conf.ivinitted)) {
98 get_random_bytes(esp->conf.ivec, esp->conf.ivlen);
99 esp->conf.ivinitted = 1;
101 crypto_blkcipher_set_iv(tfm, esp->conf.ivec, esp->conf.ivlen);
104 do {
105 struct scatterlist *sg = &esp->sgbuf[0];
107 if (unlikely(nfrags > ESP_NUM_FAST_SG)) {
108 sg = kmalloc(sizeof(struct scatterlist)*nfrags, GFP_ATOMIC);
109 if (!sg)
110 goto unlock;
112 skb_to_sgvec(skb, sg, esph->enc_data+esp->conf.ivlen-skb->data, clen);
113 err = crypto_blkcipher_encrypt(&desc, sg, sg, clen);
114 if (unlikely(sg != &esp->sgbuf[0]))
115 kfree(sg);
116 } while (0);
118 if (unlikely(err))
119 goto unlock;
121 if (esp->conf.ivlen) {
122 memcpy(esph->enc_data, esp->conf.ivec, esp->conf.ivlen);
123 crypto_blkcipher_get_iv(tfm, esp->conf.ivec, esp->conf.ivlen);
126 if (esp->auth.icv_full_len) {
127 err = esp_mac_digest(esp, skb, (u8 *)esph - skb->data,
128 sizeof(*esph) + esp->conf.ivlen + clen);
129 memcpy(pskb_put(skb, trailer, alen), esp->auth.work_icv, alen);
132 unlock:
133 spin_unlock_bh(&x->lock);
135 error:
136 return err;
139 static int esp6_input(struct xfrm_state *x, struct sk_buff *skb)
141 struct ipv6hdr *iph;
142 struct ip_esp_hdr *esph;
143 struct esp_data *esp = x->data;
144 struct crypto_blkcipher *tfm = esp->conf.tfm;
145 struct blkcipher_desc desc = { .tfm = tfm };
146 struct sk_buff *trailer;
147 int blksize = ALIGN(crypto_blkcipher_blocksize(tfm), 4);
148 int alen = esp->auth.icv_trunc_len;
149 int elen = skb->len - sizeof(*esph) - esp->conf.ivlen - alen;
150 int hdr_len = skb_network_header_len(skb);
151 int nfrags;
152 int ret = 0;
154 if (!pskb_may_pull(skb, sizeof(*esph))) {
155 ret = -EINVAL;
156 goto out;
159 if (elen <= 0 || (elen & (blksize-1))) {
160 ret = -EINVAL;
161 goto out;
164 /* If integrity check is required, do this. */
165 if (esp->auth.icv_full_len) {
166 u8 sum[alen];
168 ret = esp_mac_digest(esp, skb, 0, skb->len - alen);
169 if (ret)
170 goto out;
172 if (skb_copy_bits(skb, skb->len - alen, sum, alen))
173 BUG();
175 if (unlikely(memcmp(esp->auth.work_icv, sum, alen))) {
176 x->stats.integrity_failed++;
177 ret = -EINVAL;
178 goto out;
182 if ((nfrags = skb_cow_data(skb, 0, &trailer)) < 0) {
183 ret = -EINVAL;
184 goto out;
187 skb->ip_summed = CHECKSUM_NONE;
189 esph = (struct ip_esp_hdr *)skb->data;
190 iph = ipv6_hdr(skb);
192 /* Get ivec. This can be wrong, check against another impls. */
193 if (esp->conf.ivlen)
194 crypto_blkcipher_set_iv(tfm, esph->enc_data, esp->conf.ivlen);
197 u8 nexthdr[2];
198 struct scatterlist *sg = &esp->sgbuf[0];
199 u8 padlen;
201 if (unlikely(nfrags > ESP_NUM_FAST_SG)) {
202 sg = kmalloc(sizeof(struct scatterlist)*nfrags, GFP_ATOMIC);
203 if (!sg) {
204 ret = -ENOMEM;
205 goto out;
208 skb_to_sgvec(skb, sg, sizeof(*esph) + esp->conf.ivlen, elen);
209 ret = crypto_blkcipher_decrypt(&desc, sg, sg, elen);
210 if (unlikely(sg != &esp->sgbuf[0]))
211 kfree(sg);
212 if (unlikely(ret))
213 goto out;
215 if (skb_copy_bits(skb, skb->len-alen-2, nexthdr, 2))
216 BUG();
218 padlen = nexthdr[0];
219 if (padlen+2 >= elen) {
220 LIMIT_NETDEBUG(KERN_WARNING "ipsec esp packet is garbage padlen=%d, elen=%d\n", padlen+2, elen);
221 ret = -EINVAL;
222 goto out;
224 /* ... check padding bits here. Silly. :-) */
226 pskb_trim(skb, skb->len - alen - padlen - 2);
227 ret = nexthdr[1];
230 __skb_pull(skb, sizeof(*esph) + esp->conf.ivlen);
231 skb_set_transport_header(skb, -hdr_len);
232 out:
233 return ret;
236 static u32 esp6_get_mtu(struct xfrm_state *x, int mtu)
238 struct esp_data *esp = x->data;
239 u32 blksize = ALIGN(crypto_blkcipher_blocksize(esp->conf.tfm), 4);
240 u32 align = max_t(u32, blksize, esp->conf.padlen);
241 u32 rem;
243 mtu -= x->props.header_len + esp->auth.icv_trunc_len;
244 rem = mtu & (align - 1);
245 mtu &= ~(align - 1);
247 if (x->props.mode != XFRM_MODE_TUNNEL) {
248 u32 padsize = ((blksize - 1) & 7) + 1;
249 mtu -= blksize - padsize;
250 mtu += min_t(u32, blksize - padsize, rem);
253 return mtu - 2;
256 static void esp6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
257 int type, int code, int offset, __be32 info)
259 struct ipv6hdr *iph = (struct ipv6hdr*)skb->data;
260 struct ip_esp_hdr *esph = (struct ip_esp_hdr *)(skb->data + offset);
261 struct xfrm_state *x;
263 if (type != ICMPV6_DEST_UNREACH &&
264 type != ICMPV6_PKT_TOOBIG)
265 return;
267 x = xfrm_state_lookup((xfrm_address_t *)&iph->daddr, esph->spi, IPPROTO_ESP, AF_INET6);
268 if (!x)
269 return;
270 printk(KERN_DEBUG "pmtu discovery on SA ESP/%08x/" NIP6_FMT "\n",
271 ntohl(esph->spi), NIP6(iph->daddr));
272 xfrm_state_put(x);
275 static void esp6_destroy(struct xfrm_state *x)
277 struct esp_data *esp = x->data;
279 if (!esp)
280 return;
282 crypto_free_blkcipher(esp->conf.tfm);
283 esp->conf.tfm = NULL;
284 kfree(esp->conf.ivec);
285 esp->conf.ivec = NULL;
286 crypto_free_hash(esp->auth.tfm);
287 esp->auth.tfm = NULL;
288 kfree(esp->auth.work_icv);
289 esp->auth.work_icv = NULL;
290 kfree(esp);
293 static int esp6_init_state(struct xfrm_state *x)
295 struct esp_data *esp = NULL;
296 struct crypto_blkcipher *tfm;
298 if (x->ealg == NULL)
299 goto error;
301 if (x->encap)
302 goto error;
304 esp = kzalloc(sizeof(*esp), GFP_KERNEL);
305 if (esp == NULL)
306 return -ENOMEM;
308 if (x->aalg) {
309 struct xfrm_algo_desc *aalg_desc;
310 struct crypto_hash *hash;
312 hash = crypto_alloc_hash(x->aalg->alg_name, 0,
313 CRYPTO_ALG_ASYNC);
314 if (IS_ERR(hash))
315 goto error;
317 esp->auth.tfm = hash;
318 if (crypto_hash_setkey(hash, x->aalg->alg_key,
319 (x->aalg->alg_key_len + 7) / 8))
320 goto error;
322 aalg_desc = xfrm_aalg_get_byname(x->aalg->alg_name, 0);
323 BUG_ON(!aalg_desc);
325 if (aalg_desc->uinfo.auth.icv_fullbits/8 !=
326 crypto_hash_digestsize(hash)) {
327 NETDEBUG(KERN_INFO "ESP: %s digestsize %u != %hu\n",
328 x->aalg->alg_name,
329 crypto_hash_digestsize(hash),
330 aalg_desc->uinfo.auth.icv_fullbits/8);
331 goto error;
334 esp->auth.icv_full_len = aalg_desc->uinfo.auth.icv_fullbits/8;
335 esp->auth.icv_trunc_len = aalg_desc->uinfo.auth.icv_truncbits/8;
337 esp->auth.work_icv = kmalloc(esp->auth.icv_full_len, GFP_KERNEL);
338 if (!esp->auth.work_icv)
339 goto error;
341 tfm = crypto_alloc_blkcipher(x->ealg->alg_name, 0, CRYPTO_ALG_ASYNC);
342 if (IS_ERR(tfm))
343 goto error;
344 esp->conf.tfm = tfm;
345 esp->conf.ivlen = crypto_blkcipher_ivsize(tfm);
346 esp->conf.padlen = 0;
347 if (esp->conf.ivlen) {
348 esp->conf.ivec = kmalloc(esp->conf.ivlen, GFP_KERNEL);
349 if (unlikely(esp->conf.ivec == NULL))
350 goto error;
351 esp->conf.ivinitted = 0;
353 if (crypto_blkcipher_setkey(tfm, x->ealg->alg_key,
354 (x->ealg->alg_key_len + 7) / 8))
355 goto error;
356 x->props.header_len = sizeof(struct ip_esp_hdr) + esp->conf.ivlen;
357 if (x->props.mode == XFRM_MODE_TUNNEL)
358 x->props.header_len += sizeof(struct ipv6hdr);
359 x->data = esp;
360 return 0;
362 error:
363 x->data = esp;
364 esp6_destroy(x);
365 x->data = NULL;
366 return -EINVAL;
369 static struct xfrm_type esp6_type =
371 .description = "ESP6",
372 .owner = THIS_MODULE,
373 .proto = IPPROTO_ESP,
374 .flags = XFRM_TYPE_REPLAY_PROT,
375 .init_state = esp6_init_state,
376 .destructor = esp6_destroy,
377 .get_mtu = esp6_get_mtu,
378 .input = esp6_input,
379 .output = esp6_output,
380 .hdr_offset = xfrm6_find_1stfragopt,
383 static struct inet6_protocol esp6_protocol = {
384 .handler = xfrm6_rcv,
385 .err_handler = esp6_err,
386 .flags = INET6_PROTO_NOPOLICY,
389 static int __init esp6_init(void)
391 if (xfrm_register_type(&esp6_type, AF_INET6) < 0) {
392 printk(KERN_INFO "ipv6 esp init: can't add xfrm type\n");
393 return -EAGAIN;
395 if (inet6_add_protocol(&esp6_protocol, IPPROTO_ESP) < 0) {
396 printk(KERN_INFO "ipv6 esp init: can't add protocol\n");
397 xfrm_unregister_type(&esp6_type, AF_INET6);
398 return -EAGAIN;
401 return 0;
404 static void __exit esp6_fini(void)
406 if (inet6_del_protocol(&esp6_protocol, IPPROTO_ESP) < 0)
407 printk(KERN_INFO "ipv6 esp close: can't remove protocol\n");
408 if (xfrm_unregister_type(&esp6_type, AF_INET6) < 0)
409 printk(KERN_INFO "ipv6 esp close: can't remove xfrm type\n");
412 module_init(esp6_init);
413 module_exit(esp6_fini);
415 MODULE_LICENSE("GPL");
416 MODULE_ALIAS_XFRM_TYPE(AF_INET6, XFRM_PROTO_ESP);