6 * Kazunori MIYAZAWA @USAGI
7 * Kunihiro Ishiguro <kunihiro@ipinfusion.com>
9 * YOSHIFUJI Hideaki @USAGI
10 * Split up af-specific functions
11 * Derek Atkins <derek@ihtfp.com>
12 * Add UDP Encapsulation
16 #include <linux/workqueue.h>
18 #include <linux/pfkeyv2.h>
19 #include <linux/ipsec.h>
20 #include <linux/module.h>
21 #include <linux/cache.h>
22 #include <asm/uaccess.h>
24 #include "xfrm_hash.h"
27 EXPORT_SYMBOL(xfrm_nl
);
29 u32 sysctl_xfrm_aevent_etime
= XFRM_AE_ETIME
;
30 EXPORT_SYMBOL(sysctl_xfrm_aevent_etime
);
32 u32 sysctl_xfrm_aevent_rseqth
= XFRM_AE_SEQT_SIZE
;
33 EXPORT_SYMBOL(sysctl_xfrm_aevent_rseqth
);
35 /* Each xfrm_state may be linked to two tables:
37 1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl)
38 2. Hash table by (daddr,family,reqid) to find what SAs exist for given
39 destination/tunnel endpoint. (output)
42 static DEFINE_SPINLOCK(xfrm_state_lock
);
44 /* Hash table to find appropriate SA towards given target (endpoint
45 * of tunnel or destination of transport mode) allowed by selector.
47 * Main use is finding SA after policy selected tunnel or transport mode.
48 * Also, it can be used by ah/esp icmp error handler to find offending SA.
50 static struct hlist_head
*xfrm_state_bydst __read_mostly
;
51 static struct hlist_head
*xfrm_state_bysrc __read_mostly
;
52 static struct hlist_head
*xfrm_state_byspi __read_mostly
;
53 static unsigned int xfrm_state_hmask __read_mostly
;
54 static unsigned int xfrm_state_hashmax __read_mostly
= 1 * 1024 * 1024;
55 static unsigned int xfrm_state_num
;
56 static unsigned int xfrm_state_genid
;
58 static inline unsigned int xfrm_dst_hash(xfrm_address_t
*daddr
,
59 xfrm_address_t
*saddr
,
61 unsigned short family
)
63 return __xfrm_dst_hash(daddr
, saddr
, reqid
, family
, xfrm_state_hmask
);
66 static inline unsigned int xfrm_src_hash(xfrm_address_t
*addr
,
67 unsigned short family
)
69 return __xfrm_src_hash(addr
, family
, xfrm_state_hmask
);
72 static inline unsigned int
73 xfrm_spi_hash(xfrm_address_t
*daddr
, u32 spi
, u8 proto
, unsigned short family
)
75 return __xfrm_spi_hash(daddr
, spi
, proto
, family
, xfrm_state_hmask
);
78 static void xfrm_hash_transfer(struct hlist_head
*list
,
79 struct hlist_head
*ndsttable
,
80 struct hlist_head
*nsrctable
,
81 struct hlist_head
*nspitable
,
82 unsigned int nhashmask
)
84 struct hlist_node
*entry
, *tmp
;
87 hlist_for_each_entry_safe(x
, entry
, tmp
, list
, bydst
) {
90 h
= __xfrm_dst_hash(&x
->id
.daddr
, &x
->props
.saddr
,
91 x
->props
.reqid
, x
->props
.family
,
93 hlist_add_head(&x
->bydst
, ndsttable
+h
);
95 h
= __xfrm_src_hash(&x
->props
.saddr
, x
->props
.family
,
97 hlist_add_head(&x
->bysrc
, nsrctable
+h
);
99 h
= __xfrm_spi_hash(&x
->id
.daddr
, x
->id
.spi
, x
->id
.proto
,
100 x
->props
.family
, nhashmask
);
101 hlist_add_head(&x
->byspi
, nspitable
+h
);
105 static unsigned long xfrm_hash_new_size(void)
107 return ((xfrm_state_hmask
+ 1) << 1) *
108 sizeof(struct hlist_head
);
111 static DEFINE_MUTEX(hash_resize_mutex
);
113 static void xfrm_hash_resize(void *__unused
)
115 struct hlist_head
*ndst
, *nsrc
, *nspi
, *odst
, *osrc
, *ospi
;
116 unsigned long nsize
, osize
;
117 unsigned int nhashmask
, ohashmask
;
120 mutex_lock(&hash_resize_mutex
);
122 nsize
= xfrm_hash_new_size();
123 ndst
= xfrm_hash_alloc(nsize
);
126 nsrc
= xfrm_hash_alloc(nsize
);
128 xfrm_hash_free(ndst
, nsize
);
131 nspi
= xfrm_hash_alloc(nsize
);
133 xfrm_hash_free(ndst
, nsize
);
134 xfrm_hash_free(nsrc
, nsize
);
138 spin_lock_bh(&xfrm_state_lock
);
140 nhashmask
= (nsize
/ sizeof(struct hlist_head
)) - 1U;
141 for (i
= xfrm_state_hmask
; i
>= 0; i
--)
142 xfrm_hash_transfer(xfrm_state_bydst
+i
, ndst
, nsrc
, nspi
,
145 odst
= xfrm_state_bydst
;
146 osrc
= xfrm_state_bysrc
;
147 ospi
= xfrm_state_byspi
;
148 ohashmask
= xfrm_state_hmask
;
150 xfrm_state_bydst
= ndst
;
151 xfrm_state_bysrc
= nsrc
;
152 xfrm_state_byspi
= nspi
;
153 xfrm_state_hmask
= nhashmask
;
155 spin_unlock_bh(&xfrm_state_lock
);
157 osize
= (ohashmask
+ 1) * sizeof(struct hlist_head
);
158 xfrm_hash_free(odst
, osize
);
159 xfrm_hash_free(osrc
, osize
);
160 xfrm_hash_free(ospi
, osize
);
163 mutex_unlock(&hash_resize_mutex
);
166 static DECLARE_WORK(xfrm_hash_work
, xfrm_hash_resize
, NULL
);
168 DECLARE_WAIT_QUEUE_HEAD(km_waitq
);
169 EXPORT_SYMBOL(km_waitq
);
171 static DEFINE_RWLOCK(xfrm_state_afinfo_lock
);
172 static struct xfrm_state_afinfo
*xfrm_state_afinfo
[NPROTO
];
174 static struct work_struct xfrm_state_gc_work
;
175 static HLIST_HEAD(xfrm_state_gc_list
);
176 static DEFINE_SPINLOCK(xfrm_state_gc_lock
);
178 int __xfrm_state_delete(struct xfrm_state
*x
);
180 static struct xfrm_state_afinfo
*xfrm_state_get_afinfo(unsigned short family
);
181 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo
*afinfo
);
183 int km_query(struct xfrm_state
*x
, struct xfrm_tmpl
*t
, struct xfrm_policy
*pol
);
184 void km_state_expired(struct xfrm_state
*x
, int hard
, u32 pid
);
186 static void xfrm_state_gc_destroy(struct xfrm_state
*x
)
188 del_timer_sync(&x
->timer
);
189 del_timer_sync(&x
->rtimer
);
196 xfrm_put_mode(x
->mode
);
198 x
->type
->destructor(x
);
199 xfrm_put_type(x
->type
);
201 security_xfrm_state_free(x
);
205 static void xfrm_state_gc_task(void *data
)
207 struct xfrm_state
*x
;
208 struct hlist_node
*entry
, *tmp
;
209 struct hlist_head gc_list
;
211 spin_lock_bh(&xfrm_state_gc_lock
);
212 gc_list
.first
= xfrm_state_gc_list
.first
;
213 INIT_HLIST_HEAD(&xfrm_state_gc_list
);
214 spin_unlock_bh(&xfrm_state_gc_lock
);
216 hlist_for_each_entry_safe(x
, entry
, tmp
, &gc_list
, bydst
)
217 xfrm_state_gc_destroy(x
);
222 static inline unsigned long make_jiffies(long secs
)
224 if (secs
>= (MAX_SCHEDULE_TIMEOUT
-1)/HZ
)
225 return MAX_SCHEDULE_TIMEOUT
-1;
230 static void xfrm_timer_handler(unsigned long data
)
232 struct xfrm_state
*x
= (struct xfrm_state
*)data
;
233 unsigned long now
= (unsigned long)xtime
.tv_sec
;
234 long next
= LONG_MAX
;
238 if (x
->km
.state
== XFRM_STATE_DEAD
)
240 if (x
->km
.state
== XFRM_STATE_EXPIRED
)
242 if (x
->lft
.hard_add_expires_seconds
) {
243 long tmo
= x
->lft
.hard_add_expires_seconds
+
244 x
->curlft
.add_time
- now
;
250 if (x
->lft
.hard_use_expires_seconds
) {
251 long tmo
= x
->lft
.hard_use_expires_seconds
+
252 (x
->curlft
.use_time
? : now
) - now
;
260 if (x
->lft
.soft_add_expires_seconds
) {
261 long tmo
= x
->lft
.soft_add_expires_seconds
+
262 x
->curlft
.add_time
- now
;
268 if (x
->lft
.soft_use_expires_seconds
) {
269 long tmo
= x
->lft
.soft_use_expires_seconds
+
270 (x
->curlft
.use_time
? : now
) - now
;
279 km_state_expired(x
, 0, 0);
281 if (next
!= LONG_MAX
)
282 mod_timer(&x
->timer
, jiffies
+ make_jiffies(next
));
287 if (x
->km
.state
== XFRM_STATE_ACQ
&& x
->id
.spi
== 0) {
288 x
->km
.state
= XFRM_STATE_EXPIRED
;
293 if (!__xfrm_state_delete(x
) && x
->id
.spi
)
294 km_state_expired(x
, 1, 0);
297 spin_unlock(&x
->lock
);
300 static void xfrm_replay_timer_handler(unsigned long data
);
302 struct xfrm_state
*xfrm_state_alloc(void)
304 struct xfrm_state
*x
;
306 x
= kzalloc(sizeof(struct xfrm_state
), GFP_ATOMIC
);
309 atomic_set(&x
->refcnt
, 1);
310 atomic_set(&x
->tunnel_users
, 0);
311 INIT_HLIST_NODE(&x
->bydst
);
312 INIT_HLIST_NODE(&x
->bysrc
);
313 INIT_HLIST_NODE(&x
->byspi
);
314 init_timer(&x
->timer
);
315 x
->timer
.function
= xfrm_timer_handler
;
316 x
->timer
.data
= (unsigned long)x
;
317 init_timer(&x
->rtimer
);
318 x
->rtimer
.function
= xfrm_replay_timer_handler
;
319 x
->rtimer
.data
= (unsigned long)x
;
320 x
->curlft
.add_time
= (unsigned long)xtime
.tv_sec
;
321 x
->lft
.soft_byte_limit
= XFRM_INF
;
322 x
->lft
.soft_packet_limit
= XFRM_INF
;
323 x
->lft
.hard_byte_limit
= XFRM_INF
;
324 x
->lft
.hard_packet_limit
= XFRM_INF
;
325 x
->replay_maxage
= 0;
326 x
->replay_maxdiff
= 0;
327 spin_lock_init(&x
->lock
);
331 EXPORT_SYMBOL(xfrm_state_alloc
);
333 void __xfrm_state_destroy(struct xfrm_state
*x
)
335 BUG_TRAP(x
->km
.state
== XFRM_STATE_DEAD
);
337 spin_lock_bh(&xfrm_state_gc_lock
);
338 hlist_add_head(&x
->bydst
, &xfrm_state_gc_list
);
339 spin_unlock_bh(&xfrm_state_gc_lock
);
340 schedule_work(&xfrm_state_gc_work
);
342 EXPORT_SYMBOL(__xfrm_state_destroy
);
344 int __xfrm_state_delete(struct xfrm_state
*x
)
348 if (x
->km
.state
!= XFRM_STATE_DEAD
) {
349 x
->km
.state
= XFRM_STATE_DEAD
;
350 spin_lock(&xfrm_state_lock
);
351 hlist_del(&x
->bydst
);
352 hlist_del(&x
->bysrc
);
354 hlist_del(&x
->byspi
);
356 spin_unlock(&xfrm_state_lock
);
358 /* All xfrm_state objects are created by xfrm_state_alloc.
359 * The xfrm_state_alloc call gives a reference, and that
360 * is what we are dropping here.
368 EXPORT_SYMBOL(__xfrm_state_delete
);
370 int xfrm_state_delete(struct xfrm_state
*x
)
374 spin_lock_bh(&x
->lock
);
375 err
= __xfrm_state_delete(x
);
376 spin_unlock_bh(&x
->lock
);
380 EXPORT_SYMBOL(xfrm_state_delete
);
382 void xfrm_state_flush(u8 proto
)
386 spin_lock_bh(&xfrm_state_lock
);
387 for (i
= 0; i
<= xfrm_state_hmask
; i
++) {
388 struct hlist_node
*entry
;
389 struct xfrm_state
*x
;
391 hlist_for_each_entry(x
, entry
, xfrm_state_bydst
+i
, bydst
) {
392 if (!xfrm_state_kern(x
) &&
393 xfrm_id_proto_match(x
->id
.proto
, proto
)) {
395 spin_unlock_bh(&xfrm_state_lock
);
397 xfrm_state_delete(x
);
400 spin_lock_bh(&xfrm_state_lock
);
405 spin_unlock_bh(&xfrm_state_lock
);
408 EXPORT_SYMBOL(xfrm_state_flush
);
411 xfrm_init_tempsel(struct xfrm_state
*x
, struct flowi
*fl
,
412 struct xfrm_tmpl
*tmpl
,
413 xfrm_address_t
*daddr
, xfrm_address_t
*saddr
,
414 unsigned short family
)
416 struct xfrm_state_afinfo
*afinfo
= xfrm_state_get_afinfo(family
);
419 afinfo
->init_tempsel(x
, fl
, tmpl
, daddr
, saddr
);
420 xfrm_state_put_afinfo(afinfo
);
424 static struct xfrm_state
*__xfrm_state_lookup(xfrm_address_t
*daddr
, u32 spi
, u8 proto
, unsigned short family
)
426 unsigned int h
= xfrm_spi_hash(daddr
, spi
, proto
, family
);
427 struct xfrm_state
*x
;
428 struct hlist_node
*entry
;
430 hlist_for_each_entry(x
, entry
, xfrm_state_byspi
+h
, byspi
) {
431 if (x
->props
.family
!= family
||
433 x
->id
.proto
!= proto
)
438 if (x
->id
.daddr
.a4
!= daddr
->a4
)
442 if (!ipv6_addr_equal((struct in6_addr
*)daddr
,
456 static struct xfrm_state
*__xfrm_state_lookup_byaddr(xfrm_address_t
*daddr
, xfrm_address_t
*saddr
, u8 proto
, unsigned short family
)
458 unsigned int h
= xfrm_src_hash(saddr
, family
);
459 struct xfrm_state
*x
;
460 struct hlist_node
*entry
;
462 hlist_for_each_entry(x
, entry
, xfrm_state_bysrc
+h
, bysrc
) {
463 if (x
->props
.family
!= family
||
464 x
->id
.proto
!= proto
)
469 if (x
->id
.daddr
.a4
!= daddr
->a4
||
470 x
->props
.saddr
.a4
!= saddr
->a4
)
474 if (!ipv6_addr_equal((struct in6_addr
*)daddr
,
477 !ipv6_addr_equal((struct in6_addr
*)saddr
,
491 static inline struct xfrm_state
*
492 __xfrm_state_locate(struct xfrm_state
*x
, int use_spi
, int family
)
495 return __xfrm_state_lookup(&x
->id
.daddr
, x
->id
.spi
,
496 x
->id
.proto
, family
);
498 return __xfrm_state_lookup_byaddr(&x
->id
.daddr
,
500 x
->id
.proto
, family
);
504 xfrm_state_find(xfrm_address_t
*daddr
, xfrm_address_t
*saddr
,
505 struct flowi
*fl
, struct xfrm_tmpl
*tmpl
,
506 struct xfrm_policy
*pol
, int *err
,
507 unsigned short family
)
509 unsigned int h
= xfrm_dst_hash(daddr
, saddr
, tmpl
->reqid
, family
);
510 struct hlist_node
*entry
;
511 struct xfrm_state
*x
, *x0
;
512 int acquire_in_progress
= 0;
514 struct xfrm_state
*best
= NULL
;
516 spin_lock_bh(&xfrm_state_lock
);
517 hlist_for_each_entry(x
, entry
, xfrm_state_bydst
+h
, bydst
) {
518 if (x
->props
.family
== family
&&
519 x
->props
.reqid
== tmpl
->reqid
&&
520 !(x
->props
.flags
& XFRM_STATE_WILDRECV
) &&
521 xfrm_state_addr_check(x
, daddr
, saddr
, family
) &&
522 tmpl
->mode
== x
->props
.mode
&&
523 tmpl
->id
.proto
== x
->id
.proto
&&
524 (tmpl
->id
.spi
== x
->id
.spi
|| !tmpl
->id
.spi
)) {
526 1. There is a valid state with matching selector.
528 2. Valid state with inappropriate selector. Skip.
530 Entering area of "sysdeps".
532 3. If state is not valid, selector is temporary,
533 it selects only session which triggered
534 previous resolution. Key manager will do
535 something to install a state with proper
538 if (x
->km
.state
== XFRM_STATE_VALID
) {
539 if (!xfrm_selector_match(&x
->sel
, fl
, family
) ||
540 !security_xfrm_state_pol_flow_match(x
, pol
, fl
))
543 best
->km
.dying
> x
->km
.dying
||
544 (best
->km
.dying
== x
->km
.dying
&&
545 best
->curlft
.add_time
< x
->curlft
.add_time
))
547 } else if (x
->km
.state
== XFRM_STATE_ACQ
) {
548 acquire_in_progress
= 1;
549 } else if (x
->km
.state
== XFRM_STATE_ERROR
||
550 x
->km
.state
== XFRM_STATE_EXPIRED
) {
551 if (xfrm_selector_match(&x
->sel
, fl
, family
) &&
552 security_xfrm_state_pol_flow_match(x
, pol
, fl
))
559 if (!x
&& !error
&& !acquire_in_progress
) {
561 (x0
= __xfrm_state_lookup(daddr
, tmpl
->id
.spi
,
562 tmpl
->id
.proto
, family
)) != NULL
) {
567 x
= xfrm_state_alloc();
572 /* Initialize temporary selector matching only
573 * to current session. */
574 xfrm_init_tempsel(x
, fl
, tmpl
, daddr
, saddr
, family
);
576 error
= security_xfrm_state_alloc_acquire(x
, pol
->security
, fl
->secid
);
578 x
->km
.state
= XFRM_STATE_DEAD
;
584 if (km_query(x
, tmpl
, pol
) == 0) {
585 x
->km
.state
= XFRM_STATE_ACQ
;
586 hlist_add_head(&x
->bydst
, xfrm_state_bydst
+h
);
587 h
= xfrm_src_hash(saddr
, family
);
588 hlist_add_head(&x
->bysrc
, xfrm_state_bysrc
+h
);
590 h
= xfrm_spi_hash(&x
->id
.daddr
, x
->id
.spi
, x
->id
.proto
, family
);
591 hlist_add_head(&x
->byspi
, xfrm_state_byspi
+h
);
593 x
->lft
.hard_add_expires_seconds
= XFRM_ACQ_EXPIRES
;
594 x
->timer
.expires
= jiffies
+ XFRM_ACQ_EXPIRES
*HZ
;
595 add_timer(&x
->timer
);
597 x
->km
.state
= XFRM_STATE_DEAD
;
607 *err
= acquire_in_progress
? -EAGAIN
: error
;
608 spin_unlock_bh(&xfrm_state_lock
);
612 static void __xfrm_state_insert(struct xfrm_state
*x
)
616 x
->genid
= ++xfrm_state_genid
;
618 h
= xfrm_dst_hash(&x
->id
.daddr
, &x
->props
.saddr
,
619 x
->props
.reqid
, x
->props
.family
);
620 hlist_add_head(&x
->bydst
, xfrm_state_bydst
+h
);
622 h
= xfrm_src_hash(&x
->props
.saddr
, x
->props
.family
);
623 hlist_add_head(&x
->bysrc
, xfrm_state_bysrc
+h
);
625 if (xfrm_id_proto_match(x
->id
.proto
, IPSEC_PROTO_ANY
)) {
626 h
= xfrm_spi_hash(&x
->id
.daddr
, x
->id
.spi
, x
->id
.proto
,
629 hlist_add_head(&x
->byspi
, xfrm_state_byspi
+h
);
632 mod_timer(&x
->timer
, jiffies
+ HZ
);
633 if (x
->replay_maxage
)
634 mod_timer(&x
->rtimer
, jiffies
+ x
->replay_maxage
);
640 if (x
->bydst
.next
!= NULL
&&
641 (xfrm_state_hmask
+ 1) < xfrm_state_hashmax
&&
642 xfrm_state_num
> xfrm_state_hmask
)
643 schedule_work(&xfrm_hash_work
);
646 /* xfrm_state_lock is held */
647 static void __xfrm_state_bump_genids(struct xfrm_state
*xnew
)
649 unsigned short family
= xnew
->props
.family
;
650 u32 reqid
= xnew
->props
.reqid
;
651 struct xfrm_state
*x
;
652 struct hlist_node
*entry
;
655 h
= xfrm_dst_hash(&xnew
->id
.daddr
, &xnew
->props
.saddr
, reqid
, family
);
656 hlist_for_each_entry(x
, entry
, xfrm_state_bydst
+h
, bydst
) {
657 if (x
->props
.family
== family
&&
658 x
->props
.reqid
== reqid
&&
659 !xfrm_addr_cmp(&x
->id
.daddr
, &xnew
->id
.daddr
, family
) &&
660 !xfrm_addr_cmp(&x
->props
.saddr
, &xnew
->props
.saddr
, family
))
661 x
->genid
= xfrm_state_genid
;
665 void xfrm_state_insert(struct xfrm_state
*x
)
667 spin_lock_bh(&xfrm_state_lock
);
668 __xfrm_state_bump_genids(x
);
669 __xfrm_state_insert(x
);
670 spin_unlock_bh(&xfrm_state_lock
);
672 EXPORT_SYMBOL(xfrm_state_insert
);
674 /* xfrm_state_lock is held */
675 static struct xfrm_state
*__find_acq_core(unsigned short family
, u8 mode
, u32 reqid
, u8 proto
, xfrm_address_t
*daddr
, xfrm_address_t
*saddr
, int create
)
677 unsigned int h
= xfrm_dst_hash(daddr
, saddr
, reqid
, family
);
678 struct hlist_node
*entry
;
679 struct xfrm_state
*x
;
681 hlist_for_each_entry(x
, entry
, xfrm_state_bydst
+h
, bydst
) {
682 if (x
->props
.reqid
!= reqid
||
683 x
->props
.mode
!= mode
||
684 x
->props
.family
!= family
||
685 x
->km
.state
!= XFRM_STATE_ACQ
||
691 if (x
->id
.daddr
.a4
!= daddr
->a4
||
692 x
->props
.saddr
.a4
!= saddr
->a4
)
696 if (!ipv6_addr_equal((struct in6_addr
*)x
->id
.daddr
.a6
,
697 (struct in6_addr
*)daddr
) ||
698 !ipv6_addr_equal((struct in6_addr
*)
700 (struct in6_addr
*)saddr
))
712 x
= xfrm_state_alloc();
716 x
->sel
.daddr
.a4
= daddr
->a4
;
717 x
->sel
.saddr
.a4
= saddr
->a4
;
718 x
->sel
.prefixlen_d
= 32;
719 x
->sel
.prefixlen_s
= 32;
720 x
->props
.saddr
.a4
= saddr
->a4
;
721 x
->id
.daddr
.a4
= daddr
->a4
;
725 ipv6_addr_copy((struct in6_addr
*)x
->sel
.daddr
.a6
,
726 (struct in6_addr
*)daddr
);
727 ipv6_addr_copy((struct in6_addr
*)x
->sel
.saddr
.a6
,
728 (struct in6_addr
*)saddr
);
729 x
->sel
.prefixlen_d
= 128;
730 x
->sel
.prefixlen_s
= 128;
731 ipv6_addr_copy((struct in6_addr
*)x
->props
.saddr
.a6
,
732 (struct in6_addr
*)saddr
);
733 ipv6_addr_copy((struct in6_addr
*)x
->id
.daddr
.a6
,
734 (struct in6_addr
*)daddr
);
738 x
->km
.state
= XFRM_STATE_ACQ
;
740 x
->props
.family
= family
;
741 x
->props
.mode
= mode
;
742 x
->props
.reqid
= reqid
;
743 x
->lft
.hard_add_expires_seconds
= XFRM_ACQ_EXPIRES
;
745 x
->timer
.expires
= jiffies
+ XFRM_ACQ_EXPIRES
*HZ
;
746 add_timer(&x
->timer
);
747 hlist_add_head(&x
->bydst
, xfrm_state_bydst
+h
);
748 h
= xfrm_src_hash(saddr
, family
);
749 hlist_add_head(&x
->bysrc
, xfrm_state_bysrc
+h
);
756 static struct xfrm_state
*__xfrm_find_acq_byseq(u32 seq
);
758 int xfrm_state_add(struct xfrm_state
*x
)
760 struct xfrm_state
*x1
;
763 int use_spi
= xfrm_id_proto_match(x
->id
.proto
, IPSEC_PROTO_ANY
);
765 family
= x
->props
.family
;
767 spin_lock_bh(&xfrm_state_lock
);
769 x1
= __xfrm_state_locate(x
, use_spi
, family
);
777 if (use_spi
&& x
->km
.seq
) {
778 x1
= __xfrm_find_acq_byseq(x
->km
.seq
);
779 if (x1
&& xfrm_addr_cmp(&x1
->id
.daddr
, &x
->id
.daddr
, family
)) {
786 x1
= __find_acq_core(family
, x
->props
.mode
, x
->props
.reqid
,
788 &x
->id
.daddr
, &x
->props
.saddr
, 0);
790 __xfrm_state_bump_genids(x
);
791 __xfrm_state_insert(x
);
795 spin_unlock_bh(&xfrm_state_lock
);
798 xfrm_state_delete(x1
);
804 EXPORT_SYMBOL(xfrm_state_add
);
806 int xfrm_state_update(struct xfrm_state
*x
)
808 struct xfrm_state
*x1
;
810 int use_spi
= xfrm_id_proto_match(x
->id
.proto
, IPSEC_PROTO_ANY
);
812 spin_lock_bh(&xfrm_state_lock
);
813 x1
= __xfrm_state_locate(x
, use_spi
, x
->props
.family
);
819 if (xfrm_state_kern(x1
)) {
825 if (x1
->km
.state
== XFRM_STATE_ACQ
) {
826 __xfrm_state_insert(x
);
832 spin_unlock_bh(&xfrm_state_lock
);
838 xfrm_state_delete(x1
);
844 spin_lock_bh(&x1
->lock
);
845 if (likely(x1
->km
.state
== XFRM_STATE_VALID
)) {
846 if (x
->encap
&& x1
->encap
)
847 memcpy(x1
->encap
, x
->encap
, sizeof(*x1
->encap
));
848 if (x
->coaddr
&& x1
->coaddr
) {
849 memcpy(x1
->coaddr
, x
->coaddr
, sizeof(*x1
->coaddr
));
851 if (!use_spi
&& memcmp(&x1
->sel
, &x
->sel
, sizeof(x1
->sel
)))
852 memcpy(&x1
->sel
, &x
->sel
, sizeof(x1
->sel
));
853 memcpy(&x1
->lft
, &x
->lft
, sizeof(x1
->lft
));
856 mod_timer(&x1
->timer
, jiffies
+ HZ
);
857 if (x1
->curlft
.use_time
)
858 xfrm_state_check_expire(x1
);
862 spin_unlock_bh(&x1
->lock
);
868 EXPORT_SYMBOL(xfrm_state_update
);
870 int xfrm_state_check_expire(struct xfrm_state
*x
)
872 if (!x
->curlft
.use_time
)
873 x
->curlft
.use_time
= (unsigned long)xtime
.tv_sec
;
875 if (x
->km
.state
!= XFRM_STATE_VALID
)
878 if (x
->curlft
.bytes
>= x
->lft
.hard_byte_limit
||
879 x
->curlft
.packets
>= x
->lft
.hard_packet_limit
) {
880 x
->km
.state
= XFRM_STATE_EXPIRED
;
881 mod_timer(&x
->timer
, jiffies
);
886 (x
->curlft
.bytes
>= x
->lft
.soft_byte_limit
||
887 x
->curlft
.packets
>= x
->lft
.soft_packet_limit
)) {
889 km_state_expired(x
, 0, 0);
893 EXPORT_SYMBOL(xfrm_state_check_expire
);
895 static int xfrm_state_check_space(struct xfrm_state
*x
, struct sk_buff
*skb
)
897 int nhead
= x
->props
.header_len
+ LL_RESERVED_SPACE(skb
->dst
->dev
)
901 return pskb_expand_head(skb
, nhead
, 0, GFP_ATOMIC
);
903 /* Check tail too... */
907 int xfrm_state_check(struct xfrm_state
*x
, struct sk_buff
*skb
)
909 int err
= xfrm_state_check_expire(x
);
912 err
= xfrm_state_check_space(x
, skb
);
916 EXPORT_SYMBOL(xfrm_state_check
);
919 xfrm_state_lookup(xfrm_address_t
*daddr
, u32 spi
, u8 proto
,
920 unsigned short family
)
922 struct xfrm_state
*x
;
924 spin_lock_bh(&xfrm_state_lock
);
925 x
= __xfrm_state_lookup(daddr
, spi
, proto
, family
);
926 spin_unlock_bh(&xfrm_state_lock
);
929 EXPORT_SYMBOL(xfrm_state_lookup
);
932 xfrm_state_lookup_byaddr(xfrm_address_t
*daddr
, xfrm_address_t
*saddr
,
933 u8 proto
, unsigned short family
)
935 struct xfrm_state
*x
;
937 spin_lock_bh(&xfrm_state_lock
);
938 x
= __xfrm_state_lookup_byaddr(daddr
, saddr
, proto
, family
);
939 spin_unlock_bh(&xfrm_state_lock
);
942 EXPORT_SYMBOL(xfrm_state_lookup_byaddr
);
945 xfrm_find_acq(u8 mode
, u32 reqid
, u8 proto
,
946 xfrm_address_t
*daddr
, xfrm_address_t
*saddr
,
947 int create
, unsigned short family
)
949 struct xfrm_state
*x
;
951 spin_lock_bh(&xfrm_state_lock
);
952 x
= __find_acq_core(family
, mode
, reqid
, proto
, daddr
, saddr
, create
);
953 spin_unlock_bh(&xfrm_state_lock
);
957 EXPORT_SYMBOL(xfrm_find_acq
);
959 #ifdef CONFIG_XFRM_SUB_POLICY
961 xfrm_tmpl_sort(struct xfrm_tmpl
**dst
, struct xfrm_tmpl
**src
, int n
,
962 unsigned short family
)
965 struct xfrm_state_afinfo
*afinfo
= xfrm_state_get_afinfo(family
);
967 return -EAFNOSUPPORT
;
969 spin_lock_bh(&xfrm_state_lock
);
970 if (afinfo
->tmpl_sort
)
971 err
= afinfo
->tmpl_sort(dst
, src
, n
);
972 spin_unlock_bh(&xfrm_state_lock
);
973 xfrm_state_put_afinfo(afinfo
);
976 EXPORT_SYMBOL(xfrm_tmpl_sort
);
979 xfrm_state_sort(struct xfrm_state
**dst
, struct xfrm_state
**src
, int n
,
980 unsigned short family
)
983 struct xfrm_state_afinfo
*afinfo
= xfrm_state_get_afinfo(family
);
985 return -EAFNOSUPPORT
;
987 spin_lock_bh(&xfrm_state_lock
);
988 if (afinfo
->state_sort
)
989 err
= afinfo
->state_sort(dst
, src
, n
);
990 spin_unlock_bh(&xfrm_state_lock
);
991 xfrm_state_put_afinfo(afinfo
);
994 EXPORT_SYMBOL(xfrm_state_sort
);
997 /* Silly enough, but I'm lazy to build resolution list */
999 static struct xfrm_state
*__xfrm_find_acq_byseq(u32 seq
)
1003 for (i
= 0; i
<= xfrm_state_hmask
; i
++) {
1004 struct hlist_node
*entry
;
1005 struct xfrm_state
*x
;
1007 hlist_for_each_entry(x
, entry
, xfrm_state_bydst
+i
, bydst
) {
1008 if (x
->km
.seq
== seq
&&
1009 x
->km
.state
== XFRM_STATE_ACQ
) {
1018 struct xfrm_state
*xfrm_find_acq_byseq(u32 seq
)
1020 struct xfrm_state
*x
;
1022 spin_lock_bh(&xfrm_state_lock
);
1023 x
= __xfrm_find_acq_byseq(seq
);
1024 spin_unlock_bh(&xfrm_state_lock
);
1027 EXPORT_SYMBOL(xfrm_find_acq_byseq
);
1029 u32
xfrm_get_acqseq(void)
1033 static DEFINE_SPINLOCK(acqseq_lock
);
1035 spin_lock_bh(&acqseq_lock
);
1036 res
= (++acqseq
? : ++acqseq
);
1037 spin_unlock_bh(&acqseq_lock
);
1040 EXPORT_SYMBOL(xfrm_get_acqseq
);
1043 xfrm_alloc_spi(struct xfrm_state
*x
, u32 minspi
, u32 maxspi
)
1046 struct xfrm_state
*x0
;
1051 if (minspi
== maxspi
) {
1052 x0
= xfrm_state_lookup(&x
->id
.daddr
, minspi
, x
->id
.proto
, x
->props
.family
);
1060 minspi
= ntohl(minspi
);
1061 maxspi
= ntohl(maxspi
);
1062 for (h
=0; h
<maxspi
-minspi
+1; h
++) {
1063 spi
= minspi
+ net_random()%(maxspi
-minspi
+1);
1064 x0
= xfrm_state_lookup(&x
->id
.daddr
, htonl(spi
), x
->id
.proto
, x
->props
.family
);
1066 x
->id
.spi
= htonl(spi
);
1073 spin_lock_bh(&xfrm_state_lock
);
1074 h
= xfrm_spi_hash(&x
->id
.daddr
, x
->id
.spi
, x
->id
.proto
, x
->props
.family
);
1075 hlist_add_head(&x
->byspi
, xfrm_state_byspi
+h
);
1076 spin_unlock_bh(&xfrm_state_lock
);
1080 EXPORT_SYMBOL(xfrm_alloc_spi
);
1082 int xfrm_state_walk(u8 proto
, int (*func
)(struct xfrm_state
*, int, void*),
1086 struct xfrm_state
*x
;
1087 struct hlist_node
*entry
;
1091 spin_lock_bh(&xfrm_state_lock
);
1092 for (i
= 0; i
<= xfrm_state_hmask
; i
++) {
1093 hlist_for_each_entry(x
, entry
, xfrm_state_bydst
+i
, bydst
) {
1094 if (xfrm_id_proto_match(x
->id
.proto
, proto
))
1103 for (i
= 0; i
<= xfrm_state_hmask
; i
++) {
1104 hlist_for_each_entry(x
, entry
, xfrm_state_bydst
+i
, bydst
) {
1105 if (!xfrm_id_proto_match(x
->id
.proto
, proto
))
1107 err
= func(x
, --count
, data
);
1113 spin_unlock_bh(&xfrm_state_lock
);
1116 EXPORT_SYMBOL(xfrm_state_walk
);
1119 void xfrm_replay_notify(struct xfrm_state
*x
, int event
)
1122 /* we send notify messages in case
1123 * 1. we updated on of the sequence numbers, and the seqno difference
1124 * is at least x->replay_maxdiff, in this case we also update the
1125 * timeout of our timer function
1126 * 2. if x->replay_maxage has elapsed since last update,
1127 * and there were changes
1129 * The state structure must be locked!
1133 case XFRM_REPLAY_UPDATE
:
1134 if (x
->replay_maxdiff
&&
1135 (x
->replay
.seq
- x
->preplay
.seq
< x
->replay_maxdiff
) &&
1136 (x
->replay
.oseq
- x
->preplay
.oseq
< x
->replay_maxdiff
)) {
1137 if (x
->xflags
& XFRM_TIME_DEFER
)
1138 event
= XFRM_REPLAY_TIMEOUT
;
1145 case XFRM_REPLAY_TIMEOUT
:
1146 if ((x
->replay
.seq
== x
->preplay
.seq
) &&
1147 (x
->replay
.bitmap
== x
->preplay
.bitmap
) &&
1148 (x
->replay
.oseq
== x
->preplay
.oseq
)) {
1149 x
->xflags
|= XFRM_TIME_DEFER
;
1156 memcpy(&x
->preplay
, &x
->replay
, sizeof(struct xfrm_replay_state
));
1157 c
.event
= XFRM_MSG_NEWAE
;
1158 c
.data
.aevent
= event
;
1159 km_state_notify(x
, &c
);
1161 if (x
->replay_maxage
&&
1162 !mod_timer(&x
->rtimer
, jiffies
+ x
->replay_maxage
))
1163 x
->xflags
&= ~XFRM_TIME_DEFER
;
1165 EXPORT_SYMBOL(xfrm_replay_notify
);
1167 static void xfrm_replay_timer_handler(unsigned long data
)
1169 struct xfrm_state
*x
= (struct xfrm_state
*)data
;
1171 spin_lock(&x
->lock
);
1173 if (x
->km
.state
== XFRM_STATE_VALID
) {
1174 if (xfrm_aevent_is_on())
1175 xfrm_replay_notify(x
, XFRM_REPLAY_TIMEOUT
);
1177 x
->xflags
|= XFRM_TIME_DEFER
;
1180 spin_unlock(&x
->lock
);
1183 int xfrm_replay_check(struct xfrm_state
*x
, u32 seq
)
1189 if (unlikely(seq
== 0))
1192 if (likely(seq
> x
->replay
.seq
))
1195 diff
= x
->replay
.seq
- seq
;
1196 if (diff
>= x
->props
.replay_window
) {
1197 x
->stats
.replay_window
++;
1201 if (x
->replay
.bitmap
& (1U << diff
)) {
1207 EXPORT_SYMBOL(xfrm_replay_check
);
1209 void xfrm_replay_advance(struct xfrm_state
*x
, u32 seq
)
1215 if (seq
> x
->replay
.seq
) {
1216 diff
= seq
- x
->replay
.seq
;
1217 if (diff
< x
->props
.replay_window
)
1218 x
->replay
.bitmap
= ((x
->replay
.bitmap
) << diff
) | 1;
1220 x
->replay
.bitmap
= 1;
1221 x
->replay
.seq
= seq
;
1223 diff
= x
->replay
.seq
- seq
;
1224 x
->replay
.bitmap
|= (1U << diff
);
1227 if (xfrm_aevent_is_on())
1228 xfrm_replay_notify(x
, XFRM_REPLAY_UPDATE
);
1230 EXPORT_SYMBOL(xfrm_replay_advance
);
1232 static struct list_head xfrm_km_list
= LIST_HEAD_INIT(xfrm_km_list
);
1233 static DEFINE_RWLOCK(xfrm_km_lock
);
1235 void km_policy_notify(struct xfrm_policy
*xp
, int dir
, struct km_event
*c
)
1237 struct xfrm_mgr
*km
;
1239 read_lock(&xfrm_km_lock
);
1240 list_for_each_entry(km
, &xfrm_km_list
, list
)
1241 if (km
->notify_policy
)
1242 km
->notify_policy(xp
, dir
, c
);
1243 read_unlock(&xfrm_km_lock
);
1246 void km_state_notify(struct xfrm_state
*x
, struct km_event
*c
)
1248 struct xfrm_mgr
*km
;
1249 read_lock(&xfrm_km_lock
);
1250 list_for_each_entry(km
, &xfrm_km_list
, list
)
1253 read_unlock(&xfrm_km_lock
);
1256 EXPORT_SYMBOL(km_policy_notify
);
1257 EXPORT_SYMBOL(km_state_notify
);
1259 void km_state_expired(struct xfrm_state
*x
, int hard
, u32 pid
)
1265 c
.event
= XFRM_MSG_EXPIRE
;
1266 km_state_notify(x
, &c
);
1272 EXPORT_SYMBOL(km_state_expired
);
1274 * We send to all registered managers regardless of failure
1275 * We are happy with one success
1277 int km_query(struct xfrm_state
*x
, struct xfrm_tmpl
*t
, struct xfrm_policy
*pol
)
1279 int err
= -EINVAL
, acqret
;
1280 struct xfrm_mgr
*km
;
1282 read_lock(&xfrm_km_lock
);
1283 list_for_each_entry(km
, &xfrm_km_list
, list
) {
1284 acqret
= km
->acquire(x
, t
, pol
, XFRM_POLICY_OUT
);
1288 read_unlock(&xfrm_km_lock
);
1291 EXPORT_SYMBOL(km_query
);
1293 int km_new_mapping(struct xfrm_state
*x
, xfrm_address_t
*ipaddr
, u16 sport
)
1296 struct xfrm_mgr
*km
;
1298 read_lock(&xfrm_km_lock
);
1299 list_for_each_entry(km
, &xfrm_km_list
, list
) {
1300 if (km
->new_mapping
)
1301 err
= km
->new_mapping(x
, ipaddr
, sport
);
1305 read_unlock(&xfrm_km_lock
);
1308 EXPORT_SYMBOL(km_new_mapping
);
1310 void km_policy_expired(struct xfrm_policy
*pol
, int dir
, int hard
, u32 pid
)
1316 c
.event
= XFRM_MSG_POLEXPIRE
;
1317 km_policy_notify(pol
, dir
, &c
);
1322 EXPORT_SYMBOL(km_policy_expired
);
1324 int km_report(u8 proto
, struct xfrm_selector
*sel
, xfrm_address_t
*addr
)
1328 struct xfrm_mgr
*km
;
1330 read_lock(&xfrm_km_lock
);
1331 list_for_each_entry(km
, &xfrm_km_list
, list
) {
1333 ret
= km
->report(proto
, sel
, addr
);
1338 read_unlock(&xfrm_km_lock
);
1341 EXPORT_SYMBOL(km_report
);
1343 int xfrm_user_policy(struct sock
*sk
, int optname
, u8 __user
*optval
, int optlen
)
1347 struct xfrm_mgr
*km
;
1348 struct xfrm_policy
*pol
= NULL
;
1350 if (optlen
<= 0 || optlen
> PAGE_SIZE
)
1353 data
= kmalloc(optlen
, GFP_KERNEL
);
1358 if (copy_from_user(data
, optval
, optlen
))
1362 read_lock(&xfrm_km_lock
);
1363 list_for_each_entry(km
, &xfrm_km_list
, list
) {
1364 pol
= km
->compile_policy(sk
, optname
, data
,
1369 read_unlock(&xfrm_km_lock
);
1372 xfrm_sk_policy_insert(sk
, err
, pol
);
1381 EXPORT_SYMBOL(xfrm_user_policy
);
1383 int xfrm_register_km(struct xfrm_mgr
*km
)
1385 write_lock_bh(&xfrm_km_lock
);
1386 list_add_tail(&km
->list
, &xfrm_km_list
);
1387 write_unlock_bh(&xfrm_km_lock
);
1390 EXPORT_SYMBOL(xfrm_register_km
);
1392 int xfrm_unregister_km(struct xfrm_mgr
*km
)
1394 write_lock_bh(&xfrm_km_lock
);
1395 list_del(&km
->list
);
1396 write_unlock_bh(&xfrm_km_lock
);
1399 EXPORT_SYMBOL(xfrm_unregister_km
);
1401 int xfrm_state_register_afinfo(struct xfrm_state_afinfo
*afinfo
)
1404 if (unlikely(afinfo
== NULL
))
1406 if (unlikely(afinfo
->family
>= NPROTO
))
1407 return -EAFNOSUPPORT
;
1408 write_lock_bh(&xfrm_state_afinfo_lock
);
1409 if (unlikely(xfrm_state_afinfo
[afinfo
->family
] != NULL
))
1412 xfrm_state_afinfo
[afinfo
->family
] = afinfo
;
1413 write_unlock_bh(&xfrm_state_afinfo_lock
);
1416 EXPORT_SYMBOL(xfrm_state_register_afinfo
);
1418 int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo
*afinfo
)
1421 if (unlikely(afinfo
== NULL
))
1423 if (unlikely(afinfo
->family
>= NPROTO
))
1424 return -EAFNOSUPPORT
;
1425 write_lock_bh(&xfrm_state_afinfo_lock
);
1426 if (likely(xfrm_state_afinfo
[afinfo
->family
] != NULL
)) {
1427 if (unlikely(xfrm_state_afinfo
[afinfo
->family
] != afinfo
))
1430 xfrm_state_afinfo
[afinfo
->family
] = NULL
;
1432 write_unlock_bh(&xfrm_state_afinfo_lock
);
1435 EXPORT_SYMBOL(xfrm_state_unregister_afinfo
);
1437 static struct xfrm_state_afinfo
*xfrm_state_get_afinfo(unsigned short family
)
1439 struct xfrm_state_afinfo
*afinfo
;
1440 if (unlikely(family
>= NPROTO
))
1442 read_lock(&xfrm_state_afinfo_lock
);
1443 afinfo
= xfrm_state_afinfo
[family
];
1444 if (unlikely(!afinfo
))
1445 read_unlock(&xfrm_state_afinfo_lock
);
1449 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo
*afinfo
)
1451 read_unlock(&xfrm_state_afinfo_lock
);
1454 /* Temporarily located here until net/xfrm/xfrm_tunnel.c is created */
1455 void xfrm_state_delete_tunnel(struct xfrm_state
*x
)
1458 struct xfrm_state
*t
= x
->tunnel
;
1460 if (atomic_read(&t
->tunnel_users
) == 2)
1461 xfrm_state_delete(t
);
1462 atomic_dec(&t
->tunnel_users
);
1467 EXPORT_SYMBOL(xfrm_state_delete_tunnel
);
1470 * This function is NOT optimal. For example, with ESP it will give an
1471 * MTU that's usually two bytes short of being optimal. However, it will
1472 * usually give an answer that's a multiple of 4 provided the input is
1473 * also a multiple of 4.
1475 int xfrm_state_mtu(struct xfrm_state
*x
, int mtu
)
1479 res
-= x
->props
.header_len
;
1487 spin_lock_bh(&x
->lock
);
1488 if (x
->km
.state
== XFRM_STATE_VALID
&&
1489 x
->type
&& x
->type
->get_max_size
)
1490 m
= x
->type
->get_max_size(x
, m
);
1492 m
+= x
->props
.header_len
;
1493 spin_unlock_bh(&x
->lock
);
1503 int xfrm_init_state(struct xfrm_state
*x
)
1505 struct xfrm_state_afinfo
*afinfo
;
1506 int family
= x
->props
.family
;
1509 err
= -EAFNOSUPPORT
;
1510 afinfo
= xfrm_state_get_afinfo(family
);
1515 if (afinfo
->init_flags
)
1516 err
= afinfo
->init_flags(x
);
1518 xfrm_state_put_afinfo(afinfo
);
1523 err
= -EPROTONOSUPPORT
;
1524 x
->type
= xfrm_get_type(x
->id
.proto
, family
);
1525 if (x
->type
== NULL
)
1528 err
= x
->type
->init_state(x
);
1532 x
->mode
= xfrm_get_mode(x
->props
.mode
, family
);
1533 if (x
->mode
== NULL
)
1536 x
->km
.state
= XFRM_STATE_VALID
;
1542 EXPORT_SYMBOL(xfrm_init_state
);
1544 void __init
xfrm_state_init(void)
1548 sz
= sizeof(struct hlist_head
) * 8;
1550 xfrm_state_bydst
= xfrm_hash_alloc(sz
);
1551 xfrm_state_bysrc
= xfrm_hash_alloc(sz
);
1552 xfrm_state_byspi
= xfrm_hash_alloc(sz
);
1553 if (!xfrm_state_bydst
|| !xfrm_state_bysrc
|| !xfrm_state_byspi
)
1554 panic("XFRM: Cannot allocate bydst/bysrc/byspi hashes.");
1555 xfrm_state_hmask
= ((sz
/ sizeof(struct hlist_head
)) - 1);
1557 INIT_WORK(&xfrm_state_gc_work
, xfrm_state_gc_task
, NULL
);