6 * Kazunori MIYAZAWA @USAGI
7 * Kunihiro Ishiguro <kunihiro@ipinfusion.com>
9 * YOSHIFUJI Hideaki @USAGI
10 * Split up af-specific functions
11 * Derek Atkins <derek@ihtfp.com>
12 * Add UDP Encapsulation
16 #include <linux/workqueue.h>
18 #include <linux/pfkeyv2.h>
19 #include <linux/ipsec.h>
20 #include <linux/module.h>
21 #include <linux/cache.h>
22 #include <asm/uaccess.h>
24 #include "xfrm_hash.h"
27 EXPORT_SYMBOL(xfrm_nl
);
29 u32 sysctl_xfrm_aevent_etime
= XFRM_AE_ETIME
;
30 EXPORT_SYMBOL(sysctl_xfrm_aevent_etime
);
32 u32 sysctl_xfrm_aevent_rseqth
= XFRM_AE_SEQT_SIZE
;
33 EXPORT_SYMBOL(sysctl_xfrm_aevent_rseqth
);
35 /* Each xfrm_state may be linked to two tables:
37 1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl)
38 2. Hash table by (daddr,family,reqid) to find what SAs exist for given
39 destination/tunnel endpoint. (output)
42 static DEFINE_SPINLOCK(xfrm_state_lock
);
44 /* Hash table to find appropriate SA towards given target (endpoint
45 * of tunnel or destination of transport mode) allowed by selector.
47 * Main use is finding SA after policy selected tunnel or transport mode.
48 * Also, it can be used by ah/esp icmp error handler to find offending SA.
50 static struct hlist_head
*xfrm_state_bydst __read_mostly
;
51 static struct hlist_head
*xfrm_state_bysrc __read_mostly
;
52 static struct hlist_head
*xfrm_state_byspi __read_mostly
;
53 static unsigned int xfrm_state_hmask __read_mostly
;
54 static unsigned int xfrm_state_hashmax __read_mostly
= 1 * 1024 * 1024;
55 static unsigned int xfrm_state_num
;
56 static unsigned int xfrm_state_genid
;
58 static inline unsigned int xfrm_dst_hash(xfrm_address_t
*daddr
,
59 xfrm_address_t
*saddr
,
61 unsigned short family
)
63 return __xfrm_dst_hash(daddr
, saddr
, reqid
, family
, xfrm_state_hmask
);
66 static inline unsigned int xfrm_src_hash(xfrm_address_t
*addr
,
67 unsigned short family
)
69 return __xfrm_src_hash(addr
, family
, xfrm_state_hmask
);
72 static inline unsigned int
73 xfrm_spi_hash(xfrm_address_t
*daddr
, u32 spi
, u8 proto
, unsigned short family
)
75 return __xfrm_spi_hash(daddr
, spi
, proto
, family
, xfrm_state_hmask
);
78 static void xfrm_hash_transfer(struct hlist_head
*list
,
79 struct hlist_head
*ndsttable
,
80 struct hlist_head
*nsrctable
,
81 struct hlist_head
*nspitable
,
82 unsigned int nhashmask
)
84 struct hlist_node
*entry
, *tmp
;
87 hlist_for_each_entry_safe(x
, entry
, tmp
, list
, bydst
) {
90 h
= __xfrm_dst_hash(&x
->id
.daddr
, &x
->props
.saddr
,
91 x
->props
.reqid
, x
->props
.family
,
93 hlist_add_head(&x
->bydst
, ndsttable
+h
);
95 h
= __xfrm_src_hash(&x
->props
.saddr
, x
->props
.family
,
97 hlist_add_head(&x
->bysrc
, nsrctable
+h
);
99 h
= __xfrm_spi_hash(&x
->id
.daddr
, x
->id
.spi
, x
->id
.proto
,
100 x
->props
.family
, nhashmask
);
101 hlist_add_head(&x
->byspi
, nspitable
+h
);
105 static unsigned long xfrm_hash_new_size(void)
107 return ((xfrm_state_hmask
+ 1) << 1) *
108 sizeof(struct hlist_head
);
111 static DEFINE_MUTEX(hash_resize_mutex
);
113 static void xfrm_hash_resize(void *__unused
)
115 struct hlist_head
*ndst
, *nsrc
, *nspi
, *odst
, *osrc
, *ospi
;
116 unsigned long nsize
, osize
;
117 unsigned int nhashmask
, ohashmask
;
120 mutex_lock(&hash_resize_mutex
);
122 nsize
= xfrm_hash_new_size();
123 ndst
= xfrm_hash_alloc(nsize
);
126 nsrc
= xfrm_hash_alloc(nsize
);
128 xfrm_hash_free(ndst
, nsize
);
131 nspi
= xfrm_hash_alloc(nsize
);
133 xfrm_hash_free(ndst
, nsize
);
134 xfrm_hash_free(nsrc
, nsize
);
138 spin_lock_bh(&xfrm_state_lock
);
140 nhashmask
= (nsize
/ sizeof(struct hlist_head
)) - 1U;
141 for (i
= xfrm_state_hmask
; i
>= 0; i
--)
142 xfrm_hash_transfer(xfrm_state_bydst
+i
, ndst
, nsrc
, nspi
,
145 odst
= xfrm_state_bydst
;
146 osrc
= xfrm_state_bysrc
;
147 ospi
= xfrm_state_byspi
;
148 ohashmask
= xfrm_state_hmask
;
150 xfrm_state_bydst
= ndst
;
151 xfrm_state_bysrc
= nsrc
;
152 xfrm_state_byspi
= nspi
;
153 xfrm_state_hmask
= nhashmask
;
155 spin_unlock_bh(&xfrm_state_lock
);
157 osize
= (ohashmask
+ 1) * sizeof(struct hlist_head
);
158 xfrm_hash_free(odst
, osize
);
159 xfrm_hash_free(osrc
, osize
);
160 xfrm_hash_free(ospi
, osize
);
163 mutex_unlock(&hash_resize_mutex
);
166 static DECLARE_WORK(xfrm_hash_work
, xfrm_hash_resize
, NULL
);
168 DECLARE_WAIT_QUEUE_HEAD(km_waitq
);
169 EXPORT_SYMBOL(km_waitq
);
171 static DEFINE_RWLOCK(xfrm_state_afinfo_lock
);
172 static struct xfrm_state_afinfo
*xfrm_state_afinfo
[NPROTO
];
174 static struct work_struct xfrm_state_gc_work
;
175 static HLIST_HEAD(xfrm_state_gc_list
);
176 static DEFINE_SPINLOCK(xfrm_state_gc_lock
);
178 int __xfrm_state_delete(struct xfrm_state
*x
);
180 static struct xfrm_state_afinfo
*xfrm_state_get_afinfo(unsigned short family
);
181 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo
*afinfo
);
183 int km_query(struct xfrm_state
*x
, struct xfrm_tmpl
*t
, struct xfrm_policy
*pol
);
184 void km_state_expired(struct xfrm_state
*x
, int hard
, u32 pid
);
186 static void xfrm_state_gc_destroy(struct xfrm_state
*x
)
188 del_timer_sync(&x
->timer
);
189 del_timer_sync(&x
->rtimer
);
196 xfrm_put_mode(x
->mode
);
198 x
->type
->destructor(x
);
199 xfrm_put_type(x
->type
);
201 security_xfrm_state_free(x
);
205 static void xfrm_state_gc_task(void *data
)
207 struct xfrm_state
*x
;
208 struct hlist_node
*entry
, *tmp
;
209 struct hlist_head gc_list
;
211 spin_lock_bh(&xfrm_state_gc_lock
);
212 gc_list
.first
= xfrm_state_gc_list
.first
;
213 INIT_HLIST_HEAD(&xfrm_state_gc_list
);
214 spin_unlock_bh(&xfrm_state_gc_lock
);
216 hlist_for_each_entry_safe(x
, entry
, tmp
, &gc_list
, bydst
)
217 xfrm_state_gc_destroy(x
);
222 static inline unsigned long make_jiffies(long secs
)
224 if (secs
>= (MAX_SCHEDULE_TIMEOUT
-1)/HZ
)
225 return MAX_SCHEDULE_TIMEOUT
-1;
230 static void xfrm_timer_handler(unsigned long data
)
232 struct xfrm_state
*x
= (struct xfrm_state
*)data
;
233 unsigned long now
= (unsigned long)xtime
.tv_sec
;
234 long next
= LONG_MAX
;
238 if (x
->km
.state
== XFRM_STATE_DEAD
)
240 if (x
->km
.state
== XFRM_STATE_EXPIRED
)
242 if (x
->lft
.hard_add_expires_seconds
) {
243 long tmo
= x
->lft
.hard_add_expires_seconds
+
244 x
->curlft
.add_time
- now
;
250 if (x
->lft
.hard_use_expires_seconds
) {
251 long tmo
= x
->lft
.hard_use_expires_seconds
+
252 (x
->curlft
.use_time
? : now
) - now
;
260 if (x
->lft
.soft_add_expires_seconds
) {
261 long tmo
= x
->lft
.soft_add_expires_seconds
+
262 x
->curlft
.add_time
- now
;
268 if (x
->lft
.soft_use_expires_seconds
) {
269 long tmo
= x
->lft
.soft_use_expires_seconds
+
270 (x
->curlft
.use_time
? : now
) - now
;
279 km_state_expired(x
, 0, 0);
281 if (next
!= LONG_MAX
)
282 mod_timer(&x
->timer
, jiffies
+ make_jiffies(next
));
287 if (x
->km
.state
== XFRM_STATE_ACQ
&& x
->id
.spi
== 0) {
288 x
->km
.state
= XFRM_STATE_EXPIRED
;
293 if (!__xfrm_state_delete(x
) && x
->id
.spi
)
294 km_state_expired(x
, 1, 0);
297 spin_unlock(&x
->lock
);
300 static void xfrm_replay_timer_handler(unsigned long data
);
302 struct xfrm_state
*xfrm_state_alloc(void)
304 struct xfrm_state
*x
;
306 x
= kzalloc(sizeof(struct xfrm_state
), GFP_ATOMIC
);
309 atomic_set(&x
->refcnt
, 1);
310 atomic_set(&x
->tunnel_users
, 0);
311 INIT_HLIST_NODE(&x
->bydst
);
312 INIT_HLIST_NODE(&x
->bysrc
);
313 INIT_HLIST_NODE(&x
->byspi
);
314 init_timer(&x
->timer
);
315 x
->timer
.function
= xfrm_timer_handler
;
316 x
->timer
.data
= (unsigned long)x
;
317 init_timer(&x
->rtimer
);
318 x
->rtimer
.function
= xfrm_replay_timer_handler
;
319 x
->rtimer
.data
= (unsigned long)x
;
320 x
->curlft
.add_time
= (unsigned long)xtime
.tv_sec
;
321 x
->lft
.soft_byte_limit
= XFRM_INF
;
322 x
->lft
.soft_packet_limit
= XFRM_INF
;
323 x
->lft
.hard_byte_limit
= XFRM_INF
;
324 x
->lft
.hard_packet_limit
= XFRM_INF
;
325 x
->replay_maxage
= 0;
326 x
->replay_maxdiff
= 0;
327 spin_lock_init(&x
->lock
);
331 EXPORT_SYMBOL(xfrm_state_alloc
);
333 void __xfrm_state_destroy(struct xfrm_state
*x
)
335 BUG_TRAP(x
->km
.state
== XFRM_STATE_DEAD
);
337 spin_lock_bh(&xfrm_state_gc_lock
);
338 hlist_add_head(&x
->bydst
, &xfrm_state_gc_list
);
339 spin_unlock_bh(&xfrm_state_gc_lock
);
340 schedule_work(&xfrm_state_gc_work
);
342 EXPORT_SYMBOL(__xfrm_state_destroy
);
344 int __xfrm_state_delete(struct xfrm_state
*x
)
348 if (x
->km
.state
!= XFRM_STATE_DEAD
) {
349 x
->km
.state
= XFRM_STATE_DEAD
;
350 spin_lock(&xfrm_state_lock
);
351 hlist_del(&x
->bydst
);
352 hlist_del(&x
->bysrc
);
354 hlist_del(&x
->byspi
);
356 spin_unlock(&xfrm_state_lock
);
358 /* All xfrm_state objects are created by xfrm_state_alloc.
359 * The xfrm_state_alloc call gives a reference, and that
360 * is what we are dropping here.
368 EXPORT_SYMBOL(__xfrm_state_delete
);
370 int xfrm_state_delete(struct xfrm_state
*x
)
374 spin_lock_bh(&x
->lock
);
375 err
= __xfrm_state_delete(x
);
376 spin_unlock_bh(&x
->lock
);
380 EXPORT_SYMBOL(xfrm_state_delete
);
382 void xfrm_state_flush(u8 proto
)
386 spin_lock_bh(&xfrm_state_lock
);
387 for (i
= 0; i
<= xfrm_state_hmask
; i
++) {
388 struct hlist_node
*entry
;
389 struct xfrm_state
*x
;
391 hlist_for_each_entry(x
, entry
, xfrm_state_bydst
+i
, bydst
) {
392 if (!xfrm_state_kern(x
) &&
393 xfrm_id_proto_match(x
->id
.proto
, proto
)) {
395 spin_unlock_bh(&xfrm_state_lock
);
397 xfrm_state_delete(x
);
400 spin_lock_bh(&xfrm_state_lock
);
405 spin_unlock_bh(&xfrm_state_lock
);
408 EXPORT_SYMBOL(xfrm_state_flush
);
411 xfrm_init_tempsel(struct xfrm_state
*x
, struct flowi
*fl
,
412 struct xfrm_tmpl
*tmpl
,
413 xfrm_address_t
*daddr
, xfrm_address_t
*saddr
,
414 unsigned short family
)
416 struct xfrm_state_afinfo
*afinfo
= xfrm_state_get_afinfo(family
);
419 afinfo
->init_tempsel(x
, fl
, tmpl
, daddr
, saddr
);
420 xfrm_state_put_afinfo(afinfo
);
424 static struct xfrm_state
*__xfrm_state_lookup(xfrm_address_t
*daddr
, __be32 spi
, u8 proto
, unsigned short family
)
426 unsigned int h
= xfrm_spi_hash(daddr
, spi
, proto
, family
);
427 struct xfrm_state
*x
;
428 struct hlist_node
*entry
;
430 hlist_for_each_entry(x
, entry
, xfrm_state_byspi
+h
, byspi
) {
431 if (x
->props
.family
!= family
||
433 x
->id
.proto
!= proto
)
438 if (x
->id
.daddr
.a4
!= daddr
->a4
)
442 if (!ipv6_addr_equal((struct in6_addr
*)daddr
,
456 static struct xfrm_state
*__xfrm_state_lookup_byaddr(xfrm_address_t
*daddr
, xfrm_address_t
*saddr
, u8 proto
, unsigned short family
)
458 unsigned int h
= xfrm_src_hash(saddr
, family
);
459 struct xfrm_state
*x
;
460 struct hlist_node
*entry
;
462 hlist_for_each_entry(x
, entry
, xfrm_state_bysrc
+h
, bysrc
) {
463 if (x
->props
.family
!= family
||
464 x
->id
.proto
!= proto
)
469 if (x
->id
.daddr
.a4
!= daddr
->a4
||
470 x
->props
.saddr
.a4
!= saddr
->a4
)
474 if (!ipv6_addr_equal((struct in6_addr
*)daddr
,
477 !ipv6_addr_equal((struct in6_addr
*)saddr
,
491 static inline struct xfrm_state
*
492 __xfrm_state_locate(struct xfrm_state
*x
, int use_spi
, int family
)
495 return __xfrm_state_lookup(&x
->id
.daddr
, x
->id
.spi
,
496 x
->id
.proto
, family
);
498 return __xfrm_state_lookup_byaddr(&x
->id
.daddr
,
500 x
->id
.proto
, family
);
504 xfrm_state_find(xfrm_address_t
*daddr
, xfrm_address_t
*saddr
,
505 struct flowi
*fl
, struct xfrm_tmpl
*tmpl
,
506 struct xfrm_policy
*pol
, int *err
,
507 unsigned short family
)
509 unsigned int h
= xfrm_dst_hash(daddr
, saddr
, tmpl
->reqid
, family
);
510 struct hlist_node
*entry
;
511 struct xfrm_state
*x
, *x0
;
512 int acquire_in_progress
= 0;
514 struct xfrm_state
*best
= NULL
;
516 spin_lock_bh(&xfrm_state_lock
);
517 hlist_for_each_entry(x
, entry
, xfrm_state_bydst
+h
, bydst
) {
518 if (x
->props
.family
== family
&&
519 x
->props
.reqid
== tmpl
->reqid
&&
520 !(x
->props
.flags
& XFRM_STATE_WILDRECV
) &&
521 xfrm_state_addr_check(x
, daddr
, saddr
, family
) &&
522 tmpl
->mode
== x
->props
.mode
&&
523 tmpl
->id
.proto
== x
->id
.proto
&&
524 (tmpl
->id
.spi
== x
->id
.spi
|| !tmpl
->id
.spi
)) {
526 1. There is a valid state with matching selector.
528 2. Valid state with inappropriate selector. Skip.
530 Entering area of "sysdeps".
532 3. If state is not valid, selector is temporary,
533 it selects only session which triggered
534 previous resolution. Key manager will do
535 something to install a state with proper
538 if (x
->km
.state
== XFRM_STATE_VALID
) {
539 if (!xfrm_selector_match(&x
->sel
, fl
, family
) ||
540 !security_xfrm_state_pol_flow_match(x
, pol
, fl
))
543 best
->km
.dying
> x
->km
.dying
||
544 (best
->km
.dying
== x
->km
.dying
&&
545 best
->curlft
.add_time
< x
->curlft
.add_time
))
547 } else if (x
->km
.state
== XFRM_STATE_ACQ
) {
548 acquire_in_progress
= 1;
549 } else if (x
->km
.state
== XFRM_STATE_ERROR
||
550 x
->km
.state
== XFRM_STATE_EXPIRED
) {
551 if (xfrm_selector_match(&x
->sel
, fl
, family
) &&
552 security_xfrm_state_pol_flow_match(x
, pol
, fl
))
559 if (!x
&& !error
&& !acquire_in_progress
) {
561 (x0
= __xfrm_state_lookup(daddr
, tmpl
->id
.spi
,
562 tmpl
->id
.proto
, family
)) != NULL
) {
567 x
= xfrm_state_alloc();
572 /* Initialize temporary selector matching only
573 * to current session. */
574 xfrm_init_tempsel(x
, fl
, tmpl
, daddr
, saddr
, family
);
576 error
= security_xfrm_state_alloc_acquire(x
, pol
->security
, fl
->secid
);
578 x
->km
.state
= XFRM_STATE_DEAD
;
584 if (km_query(x
, tmpl
, pol
) == 0) {
585 x
->km
.state
= XFRM_STATE_ACQ
;
586 hlist_add_head(&x
->bydst
, xfrm_state_bydst
+h
);
587 h
= xfrm_src_hash(saddr
, family
);
588 hlist_add_head(&x
->bysrc
, xfrm_state_bysrc
+h
);
590 h
= xfrm_spi_hash(&x
->id
.daddr
, x
->id
.spi
, x
->id
.proto
, family
);
591 hlist_add_head(&x
->byspi
, xfrm_state_byspi
+h
);
593 x
->lft
.hard_add_expires_seconds
= XFRM_ACQ_EXPIRES
;
594 x
->timer
.expires
= jiffies
+ XFRM_ACQ_EXPIRES
*HZ
;
595 add_timer(&x
->timer
);
597 x
->km
.state
= XFRM_STATE_DEAD
;
607 *err
= acquire_in_progress
? -EAGAIN
: error
;
608 spin_unlock_bh(&xfrm_state_lock
);
612 static void __xfrm_state_insert(struct xfrm_state
*x
)
616 x
->genid
= ++xfrm_state_genid
;
618 h
= xfrm_dst_hash(&x
->id
.daddr
, &x
->props
.saddr
,
619 x
->props
.reqid
, x
->props
.family
);
620 hlist_add_head(&x
->bydst
, xfrm_state_bydst
+h
);
622 h
= xfrm_src_hash(&x
->props
.saddr
, x
->props
.family
);
623 hlist_add_head(&x
->bysrc
, xfrm_state_bysrc
+h
);
625 if (xfrm_id_proto_match(x
->id
.proto
, IPSEC_PROTO_ANY
)) {
626 h
= xfrm_spi_hash(&x
->id
.daddr
, x
->id
.spi
, x
->id
.proto
,
629 hlist_add_head(&x
->byspi
, xfrm_state_byspi
+h
);
632 mod_timer(&x
->timer
, jiffies
+ HZ
);
633 if (x
->replay_maxage
)
634 mod_timer(&x
->rtimer
, jiffies
+ x
->replay_maxage
);
640 if (x
->bydst
.next
!= NULL
&&
641 (xfrm_state_hmask
+ 1) < xfrm_state_hashmax
&&
642 xfrm_state_num
> xfrm_state_hmask
)
643 schedule_work(&xfrm_hash_work
);
646 /* xfrm_state_lock is held */
647 static void __xfrm_state_bump_genids(struct xfrm_state
*xnew
)
649 unsigned short family
= xnew
->props
.family
;
650 u32 reqid
= xnew
->props
.reqid
;
651 struct xfrm_state
*x
;
652 struct hlist_node
*entry
;
655 h
= xfrm_dst_hash(&xnew
->id
.daddr
, &xnew
->props
.saddr
, reqid
, family
);
656 hlist_for_each_entry(x
, entry
, xfrm_state_bydst
+h
, bydst
) {
657 if (x
->props
.family
== family
&&
658 x
->props
.reqid
== reqid
&&
659 !xfrm_addr_cmp(&x
->id
.daddr
, &xnew
->id
.daddr
, family
) &&
660 !xfrm_addr_cmp(&x
->props
.saddr
, &xnew
->props
.saddr
, family
))
661 x
->genid
= xfrm_state_genid
;
665 void xfrm_state_insert(struct xfrm_state
*x
)
667 spin_lock_bh(&xfrm_state_lock
);
668 __xfrm_state_bump_genids(x
);
669 __xfrm_state_insert(x
);
670 spin_unlock_bh(&xfrm_state_lock
);
672 EXPORT_SYMBOL(xfrm_state_insert
);
674 /* xfrm_state_lock is held */
675 static struct xfrm_state
*__find_acq_core(unsigned short family
, u8 mode
, u32 reqid
, u8 proto
, xfrm_address_t
*daddr
, xfrm_address_t
*saddr
, int create
)
677 unsigned int h
= xfrm_dst_hash(daddr
, saddr
, reqid
, family
);
678 struct hlist_node
*entry
;
679 struct xfrm_state
*x
;
681 hlist_for_each_entry(x
, entry
, xfrm_state_bydst
+h
, bydst
) {
682 if (x
->props
.reqid
!= reqid
||
683 x
->props
.mode
!= mode
||
684 x
->props
.family
!= family
||
685 x
->km
.state
!= XFRM_STATE_ACQ
||
691 if (x
->id
.daddr
.a4
!= daddr
->a4
||
692 x
->props
.saddr
.a4
!= saddr
->a4
)
696 if (!ipv6_addr_equal((struct in6_addr
*)x
->id
.daddr
.a6
,
697 (struct in6_addr
*)daddr
) ||
698 !ipv6_addr_equal((struct in6_addr
*)
700 (struct in6_addr
*)saddr
))
712 x
= xfrm_state_alloc();
716 x
->sel
.daddr
.a4
= daddr
->a4
;
717 x
->sel
.saddr
.a4
= saddr
->a4
;
718 x
->sel
.prefixlen_d
= 32;
719 x
->sel
.prefixlen_s
= 32;
720 x
->props
.saddr
.a4
= saddr
->a4
;
721 x
->id
.daddr
.a4
= daddr
->a4
;
725 ipv6_addr_copy((struct in6_addr
*)x
->sel
.daddr
.a6
,
726 (struct in6_addr
*)daddr
);
727 ipv6_addr_copy((struct in6_addr
*)x
->sel
.saddr
.a6
,
728 (struct in6_addr
*)saddr
);
729 x
->sel
.prefixlen_d
= 128;
730 x
->sel
.prefixlen_s
= 128;
731 ipv6_addr_copy((struct in6_addr
*)x
->props
.saddr
.a6
,
732 (struct in6_addr
*)saddr
);
733 ipv6_addr_copy((struct in6_addr
*)x
->id
.daddr
.a6
,
734 (struct in6_addr
*)daddr
);
738 x
->km
.state
= XFRM_STATE_ACQ
;
740 x
->props
.family
= family
;
741 x
->props
.mode
= mode
;
742 x
->props
.reqid
= reqid
;
743 x
->lft
.hard_add_expires_seconds
= XFRM_ACQ_EXPIRES
;
745 x
->timer
.expires
= jiffies
+ XFRM_ACQ_EXPIRES
*HZ
;
746 add_timer(&x
->timer
);
747 hlist_add_head(&x
->bydst
, xfrm_state_bydst
+h
);
748 h
= xfrm_src_hash(saddr
, family
);
749 hlist_add_head(&x
->bysrc
, xfrm_state_bysrc
+h
);
756 static struct xfrm_state
*__xfrm_find_acq_byseq(u32 seq
);
758 int xfrm_state_add(struct xfrm_state
*x
)
760 struct xfrm_state
*x1
;
763 int use_spi
= xfrm_id_proto_match(x
->id
.proto
, IPSEC_PROTO_ANY
);
765 family
= x
->props
.family
;
767 spin_lock_bh(&xfrm_state_lock
);
769 x1
= __xfrm_state_locate(x
, use_spi
, family
);
777 if (use_spi
&& x
->km
.seq
) {
778 x1
= __xfrm_find_acq_byseq(x
->km
.seq
);
779 if (x1
&& xfrm_addr_cmp(&x1
->id
.daddr
, &x
->id
.daddr
, family
)) {
786 x1
= __find_acq_core(family
, x
->props
.mode
, x
->props
.reqid
,
788 &x
->id
.daddr
, &x
->props
.saddr
, 0);
790 __xfrm_state_bump_genids(x
);
791 __xfrm_state_insert(x
);
795 spin_unlock_bh(&xfrm_state_lock
);
798 xfrm_state_delete(x1
);
804 EXPORT_SYMBOL(xfrm_state_add
);
806 int xfrm_state_update(struct xfrm_state
*x
)
808 struct xfrm_state
*x1
;
810 int use_spi
= xfrm_id_proto_match(x
->id
.proto
, IPSEC_PROTO_ANY
);
812 spin_lock_bh(&xfrm_state_lock
);
813 x1
= __xfrm_state_locate(x
, use_spi
, x
->props
.family
);
819 if (xfrm_state_kern(x1
)) {
825 if (x1
->km
.state
== XFRM_STATE_ACQ
) {
826 __xfrm_state_insert(x
);
832 spin_unlock_bh(&xfrm_state_lock
);
838 xfrm_state_delete(x1
);
844 spin_lock_bh(&x1
->lock
);
845 if (likely(x1
->km
.state
== XFRM_STATE_VALID
)) {
846 if (x
->encap
&& x1
->encap
)
847 memcpy(x1
->encap
, x
->encap
, sizeof(*x1
->encap
));
848 if (x
->coaddr
&& x1
->coaddr
) {
849 memcpy(x1
->coaddr
, x
->coaddr
, sizeof(*x1
->coaddr
));
851 if (!use_spi
&& memcmp(&x1
->sel
, &x
->sel
, sizeof(x1
->sel
)))
852 memcpy(&x1
->sel
, &x
->sel
, sizeof(x1
->sel
));
853 memcpy(&x1
->lft
, &x
->lft
, sizeof(x1
->lft
));
856 mod_timer(&x1
->timer
, jiffies
+ HZ
);
857 if (x1
->curlft
.use_time
)
858 xfrm_state_check_expire(x1
);
862 spin_unlock_bh(&x1
->lock
);
868 EXPORT_SYMBOL(xfrm_state_update
);
870 int xfrm_state_check_expire(struct xfrm_state
*x
)
872 if (!x
->curlft
.use_time
)
873 x
->curlft
.use_time
= (unsigned long)xtime
.tv_sec
;
875 if (x
->km
.state
!= XFRM_STATE_VALID
)
878 if (x
->curlft
.bytes
>= x
->lft
.hard_byte_limit
||
879 x
->curlft
.packets
>= x
->lft
.hard_packet_limit
) {
880 x
->km
.state
= XFRM_STATE_EXPIRED
;
881 mod_timer(&x
->timer
, jiffies
);
886 (x
->curlft
.bytes
>= x
->lft
.soft_byte_limit
||
887 x
->curlft
.packets
>= x
->lft
.soft_packet_limit
)) {
889 km_state_expired(x
, 0, 0);
893 EXPORT_SYMBOL(xfrm_state_check_expire
);
895 static int xfrm_state_check_space(struct xfrm_state
*x
, struct sk_buff
*skb
)
897 int nhead
= x
->props
.header_len
+ LL_RESERVED_SPACE(skb
->dst
->dev
)
901 return pskb_expand_head(skb
, nhead
, 0, GFP_ATOMIC
);
903 /* Check tail too... */
907 int xfrm_state_check(struct xfrm_state
*x
, struct sk_buff
*skb
)
909 int err
= xfrm_state_check_expire(x
);
912 err
= xfrm_state_check_space(x
, skb
);
916 EXPORT_SYMBOL(xfrm_state_check
);
919 xfrm_state_lookup(xfrm_address_t
*daddr
, __be32 spi
, u8 proto
,
920 unsigned short family
)
922 struct xfrm_state
*x
;
924 spin_lock_bh(&xfrm_state_lock
);
925 x
= __xfrm_state_lookup(daddr
, spi
, proto
, family
);
926 spin_unlock_bh(&xfrm_state_lock
);
929 EXPORT_SYMBOL(xfrm_state_lookup
);
932 xfrm_state_lookup_byaddr(xfrm_address_t
*daddr
, xfrm_address_t
*saddr
,
933 u8 proto
, unsigned short family
)
935 struct xfrm_state
*x
;
937 spin_lock_bh(&xfrm_state_lock
);
938 x
= __xfrm_state_lookup_byaddr(daddr
, saddr
, proto
, family
);
939 spin_unlock_bh(&xfrm_state_lock
);
942 EXPORT_SYMBOL(xfrm_state_lookup_byaddr
);
945 xfrm_find_acq(u8 mode
, u32 reqid
, u8 proto
,
946 xfrm_address_t
*daddr
, xfrm_address_t
*saddr
,
947 int create
, unsigned short family
)
949 struct xfrm_state
*x
;
951 spin_lock_bh(&xfrm_state_lock
);
952 x
= __find_acq_core(family
, mode
, reqid
, proto
, daddr
, saddr
, create
);
953 spin_unlock_bh(&xfrm_state_lock
);
957 EXPORT_SYMBOL(xfrm_find_acq
);
959 #ifdef CONFIG_XFRM_SUB_POLICY
961 xfrm_tmpl_sort(struct xfrm_tmpl
**dst
, struct xfrm_tmpl
**src
, int n
,
962 unsigned short family
)
965 struct xfrm_state_afinfo
*afinfo
= xfrm_state_get_afinfo(family
);
967 return -EAFNOSUPPORT
;
969 spin_lock_bh(&xfrm_state_lock
);
970 if (afinfo
->tmpl_sort
)
971 err
= afinfo
->tmpl_sort(dst
, src
, n
);
972 spin_unlock_bh(&xfrm_state_lock
);
973 xfrm_state_put_afinfo(afinfo
);
976 EXPORT_SYMBOL(xfrm_tmpl_sort
);
979 xfrm_state_sort(struct xfrm_state
**dst
, struct xfrm_state
**src
, int n
,
980 unsigned short family
)
983 struct xfrm_state_afinfo
*afinfo
= xfrm_state_get_afinfo(family
);
985 return -EAFNOSUPPORT
;
987 spin_lock_bh(&xfrm_state_lock
);
988 if (afinfo
->state_sort
)
989 err
= afinfo
->state_sort(dst
, src
, n
);
990 spin_unlock_bh(&xfrm_state_lock
);
991 xfrm_state_put_afinfo(afinfo
);
994 EXPORT_SYMBOL(xfrm_state_sort
);
997 /* Silly enough, but I'm lazy to build resolution list */
999 static struct xfrm_state
*__xfrm_find_acq_byseq(u32 seq
)
1003 for (i
= 0; i
<= xfrm_state_hmask
; i
++) {
1004 struct hlist_node
*entry
;
1005 struct xfrm_state
*x
;
1007 hlist_for_each_entry(x
, entry
, xfrm_state_bydst
+i
, bydst
) {
1008 if (x
->km
.seq
== seq
&&
1009 x
->km
.state
== XFRM_STATE_ACQ
) {
1018 struct xfrm_state
*xfrm_find_acq_byseq(u32 seq
)
1020 struct xfrm_state
*x
;
1022 spin_lock_bh(&xfrm_state_lock
);
1023 x
= __xfrm_find_acq_byseq(seq
);
1024 spin_unlock_bh(&xfrm_state_lock
);
1027 EXPORT_SYMBOL(xfrm_find_acq_byseq
);
1029 u32
xfrm_get_acqseq(void)
1033 static DEFINE_SPINLOCK(acqseq_lock
);
1035 spin_lock_bh(&acqseq_lock
);
1036 res
= (++acqseq
? : ++acqseq
);
1037 spin_unlock_bh(&acqseq_lock
);
1040 EXPORT_SYMBOL(xfrm_get_acqseq
);
1043 xfrm_alloc_spi(struct xfrm_state
*x
, __be32 minspi
, __be32 maxspi
)
1046 struct xfrm_state
*x0
;
1051 if (minspi
== maxspi
) {
1052 x0
= xfrm_state_lookup(&x
->id
.daddr
, minspi
, x
->id
.proto
, x
->props
.family
);
1060 u32 low
= ntohl(minspi
);
1061 u32 high
= ntohl(maxspi
);
1062 for (h
=0; h
<high
-low
+1; h
++) {
1063 spi
= low
+ net_random()%(high
-low
+1);
1064 x0
= xfrm_state_lookup(&x
->id
.daddr
, htonl(spi
), x
->id
.proto
, x
->props
.family
);
1066 x
->id
.spi
= htonl(spi
);
1073 spin_lock_bh(&xfrm_state_lock
);
1074 h
= xfrm_spi_hash(&x
->id
.daddr
, x
->id
.spi
, x
->id
.proto
, x
->props
.family
);
1075 hlist_add_head(&x
->byspi
, xfrm_state_byspi
+h
);
1076 spin_unlock_bh(&xfrm_state_lock
);
1080 EXPORT_SYMBOL(xfrm_alloc_spi
);
1082 int xfrm_state_walk(u8 proto
, int (*func
)(struct xfrm_state
*, int, void*),
1086 struct xfrm_state
*x
;
1087 struct hlist_node
*entry
;
1091 spin_lock_bh(&xfrm_state_lock
);
1092 for (i
= 0; i
<= xfrm_state_hmask
; i
++) {
1093 hlist_for_each_entry(x
, entry
, xfrm_state_bydst
+i
, bydst
) {
1094 if (xfrm_id_proto_match(x
->id
.proto
, proto
))
1103 for (i
= 0; i
<= xfrm_state_hmask
; i
++) {
1104 hlist_for_each_entry(x
, entry
, xfrm_state_bydst
+i
, bydst
) {
1105 if (!xfrm_id_proto_match(x
->id
.proto
, proto
))
1107 err
= func(x
, --count
, data
);
1113 spin_unlock_bh(&xfrm_state_lock
);
1116 EXPORT_SYMBOL(xfrm_state_walk
);
1119 void xfrm_replay_notify(struct xfrm_state
*x
, int event
)
1122 /* we send notify messages in case
1123 * 1. we updated on of the sequence numbers, and the seqno difference
1124 * is at least x->replay_maxdiff, in this case we also update the
1125 * timeout of our timer function
1126 * 2. if x->replay_maxage has elapsed since last update,
1127 * and there were changes
1129 * The state structure must be locked!
1133 case XFRM_REPLAY_UPDATE
:
1134 if (x
->replay_maxdiff
&&
1135 (x
->replay
.seq
- x
->preplay
.seq
< x
->replay_maxdiff
) &&
1136 (x
->replay
.oseq
- x
->preplay
.oseq
< x
->replay_maxdiff
)) {
1137 if (x
->xflags
& XFRM_TIME_DEFER
)
1138 event
= XFRM_REPLAY_TIMEOUT
;
1145 case XFRM_REPLAY_TIMEOUT
:
1146 if ((x
->replay
.seq
== x
->preplay
.seq
) &&
1147 (x
->replay
.bitmap
== x
->preplay
.bitmap
) &&
1148 (x
->replay
.oseq
== x
->preplay
.oseq
)) {
1149 x
->xflags
|= XFRM_TIME_DEFER
;
1156 memcpy(&x
->preplay
, &x
->replay
, sizeof(struct xfrm_replay_state
));
1157 c
.event
= XFRM_MSG_NEWAE
;
1158 c
.data
.aevent
= event
;
1159 km_state_notify(x
, &c
);
1161 if (x
->replay_maxage
&&
1162 !mod_timer(&x
->rtimer
, jiffies
+ x
->replay_maxage
))
1163 x
->xflags
&= ~XFRM_TIME_DEFER
;
1165 EXPORT_SYMBOL(xfrm_replay_notify
);
1167 static void xfrm_replay_timer_handler(unsigned long data
)
1169 struct xfrm_state
*x
= (struct xfrm_state
*)data
;
1171 spin_lock(&x
->lock
);
1173 if (x
->km
.state
== XFRM_STATE_VALID
) {
1174 if (xfrm_aevent_is_on())
1175 xfrm_replay_notify(x
, XFRM_REPLAY_TIMEOUT
);
1177 x
->xflags
|= XFRM_TIME_DEFER
;
1180 spin_unlock(&x
->lock
);
1183 int xfrm_replay_check(struct xfrm_state
*x
, __be32 net_seq
)
1186 u32 seq
= ntohl(net_seq
);
1188 if (unlikely(seq
== 0))
1191 if (likely(seq
> x
->replay
.seq
))
1194 diff
= x
->replay
.seq
- seq
;
1195 if (diff
>= x
->props
.replay_window
) {
1196 x
->stats
.replay_window
++;
1200 if (x
->replay
.bitmap
& (1U << diff
)) {
1206 EXPORT_SYMBOL(xfrm_replay_check
);
1208 void xfrm_replay_advance(struct xfrm_state
*x
, __be32 net_seq
)
1211 u32 seq
= ntohl(net_seq
);
1213 if (seq
> x
->replay
.seq
) {
1214 diff
= seq
- x
->replay
.seq
;
1215 if (diff
< x
->props
.replay_window
)
1216 x
->replay
.bitmap
= ((x
->replay
.bitmap
) << diff
) | 1;
1218 x
->replay
.bitmap
= 1;
1219 x
->replay
.seq
= seq
;
1221 diff
= x
->replay
.seq
- seq
;
1222 x
->replay
.bitmap
|= (1U << diff
);
1225 if (xfrm_aevent_is_on())
1226 xfrm_replay_notify(x
, XFRM_REPLAY_UPDATE
);
1228 EXPORT_SYMBOL(xfrm_replay_advance
);
1230 static struct list_head xfrm_km_list
= LIST_HEAD_INIT(xfrm_km_list
);
1231 static DEFINE_RWLOCK(xfrm_km_lock
);
1233 void km_policy_notify(struct xfrm_policy
*xp
, int dir
, struct km_event
*c
)
1235 struct xfrm_mgr
*km
;
1237 read_lock(&xfrm_km_lock
);
1238 list_for_each_entry(km
, &xfrm_km_list
, list
)
1239 if (km
->notify_policy
)
1240 km
->notify_policy(xp
, dir
, c
);
1241 read_unlock(&xfrm_km_lock
);
1244 void km_state_notify(struct xfrm_state
*x
, struct km_event
*c
)
1246 struct xfrm_mgr
*km
;
1247 read_lock(&xfrm_km_lock
);
1248 list_for_each_entry(km
, &xfrm_km_list
, list
)
1251 read_unlock(&xfrm_km_lock
);
1254 EXPORT_SYMBOL(km_policy_notify
);
1255 EXPORT_SYMBOL(km_state_notify
);
1257 void km_state_expired(struct xfrm_state
*x
, int hard
, u32 pid
)
1263 c
.event
= XFRM_MSG_EXPIRE
;
1264 km_state_notify(x
, &c
);
1270 EXPORT_SYMBOL(km_state_expired
);
1272 * We send to all registered managers regardless of failure
1273 * We are happy with one success
1275 int km_query(struct xfrm_state
*x
, struct xfrm_tmpl
*t
, struct xfrm_policy
*pol
)
1277 int err
= -EINVAL
, acqret
;
1278 struct xfrm_mgr
*km
;
1280 read_lock(&xfrm_km_lock
);
1281 list_for_each_entry(km
, &xfrm_km_list
, list
) {
1282 acqret
= km
->acquire(x
, t
, pol
, XFRM_POLICY_OUT
);
1286 read_unlock(&xfrm_km_lock
);
1289 EXPORT_SYMBOL(km_query
);
1291 int km_new_mapping(struct xfrm_state
*x
, xfrm_address_t
*ipaddr
, u16 sport
)
1294 struct xfrm_mgr
*km
;
1296 read_lock(&xfrm_km_lock
);
1297 list_for_each_entry(km
, &xfrm_km_list
, list
) {
1298 if (km
->new_mapping
)
1299 err
= km
->new_mapping(x
, ipaddr
, sport
);
1303 read_unlock(&xfrm_km_lock
);
1306 EXPORT_SYMBOL(km_new_mapping
);
1308 void km_policy_expired(struct xfrm_policy
*pol
, int dir
, int hard
, u32 pid
)
1314 c
.event
= XFRM_MSG_POLEXPIRE
;
1315 km_policy_notify(pol
, dir
, &c
);
1320 EXPORT_SYMBOL(km_policy_expired
);
1322 int km_report(u8 proto
, struct xfrm_selector
*sel
, xfrm_address_t
*addr
)
1326 struct xfrm_mgr
*km
;
1328 read_lock(&xfrm_km_lock
);
1329 list_for_each_entry(km
, &xfrm_km_list
, list
) {
1331 ret
= km
->report(proto
, sel
, addr
);
1336 read_unlock(&xfrm_km_lock
);
1339 EXPORT_SYMBOL(km_report
);
1341 int xfrm_user_policy(struct sock
*sk
, int optname
, u8 __user
*optval
, int optlen
)
1345 struct xfrm_mgr
*km
;
1346 struct xfrm_policy
*pol
= NULL
;
1348 if (optlen
<= 0 || optlen
> PAGE_SIZE
)
1351 data
= kmalloc(optlen
, GFP_KERNEL
);
1356 if (copy_from_user(data
, optval
, optlen
))
1360 read_lock(&xfrm_km_lock
);
1361 list_for_each_entry(km
, &xfrm_km_list
, list
) {
1362 pol
= km
->compile_policy(sk
, optname
, data
,
1367 read_unlock(&xfrm_km_lock
);
1370 xfrm_sk_policy_insert(sk
, err
, pol
);
1379 EXPORT_SYMBOL(xfrm_user_policy
);
1381 int xfrm_register_km(struct xfrm_mgr
*km
)
1383 write_lock_bh(&xfrm_km_lock
);
1384 list_add_tail(&km
->list
, &xfrm_km_list
);
1385 write_unlock_bh(&xfrm_km_lock
);
1388 EXPORT_SYMBOL(xfrm_register_km
);
1390 int xfrm_unregister_km(struct xfrm_mgr
*km
)
1392 write_lock_bh(&xfrm_km_lock
);
1393 list_del(&km
->list
);
1394 write_unlock_bh(&xfrm_km_lock
);
1397 EXPORT_SYMBOL(xfrm_unregister_km
);
1399 int xfrm_state_register_afinfo(struct xfrm_state_afinfo
*afinfo
)
1402 if (unlikely(afinfo
== NULL
))
1404 if (unlikely(afinfo
->family
>= NPROTO
))
1405 return -EAFNOSUPPORT
;
1406 write_lock_bh(&xfrm_state_afinfo_lock
);
1407 if (unlikely(xfrm_state_afinfo
[afinfo
->family
] != NULL
))
1410 xfrm_state_afinfo
[afinfo
->family
] = afinfo
;
1411 write_unlock_bh(&xfrm_state_afinfo_lock
);
1414 EXPORT_SYMBOL(xfrm_state_register_afinfo
);
1416 int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo
*afinfo
)
1419 if (unlikely(afinfo
== NULL
))
1421 if (unlikely(afinfo
->family
>= NPROTO
))
1422 return -EAFNOSUPPORT
;
1423 write_lock_bh(&xfrm_state_afinfo_lock
);
1424 if (likely(xfrm_state_afinfo
[afinfo
->family
] != NULL
)) {
1425 if (unlikely(xfrm_state_afinfo
[afinfo
->family
] != afinfo
))
1428 xfrm_state_afinfo
[afinfo
->family
] = NULL
;
1430 write_unlock_bh(&xfrm_state_afinfo_lock
);
1433 EXPORT_SYMBOL(xfrm_state_unregister_afinfo
);
1435 static struct xfrm_state_afinfo
*xfrm_state_get_afinfo(unsigned short family
)
1437 struct xfrm_state_afinfo
*afinfo
;
1438 if (unlikely(family
>= NPROTO
))
1440 read_lock(&xfrm_state_afinfo_lock
);
1441 afinfo
= xfrm_state_afinfo
[family
];
1442 if (unlikely(!afinfo
))
1443 read_unlock(&xfrm_state_afinfo_lock
);
1447 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo
*afinfo
)
1449 read_unlock(&xfrm_state_afinfo_lock
);
1452 /* Temporarily located here until net/xfrm/xfrm_tunnel.c is created */
1453 void xfrm_state_delete_tunnel(struct xfrm_state
*x
)
1456 struct xfrm_state
*t
= x
->tunnel
;
1458 if (atomic_read(&t
->tunnel_users
) == 2)
1459 xfrm_state_delete(t
);
1460 atomic_dec(&t
->tunnel_users
);
1465 EXPORT_SYMBOL(xfrm_state_delete_tunnel
);
1468 * This function is NOT optimal. For example, with ESP it will give an
1469 * MTU that's usually two bytes short of being optimal. However, it will
1470 * usually give an answer that's a multiple of 4 provided the input is
1471 * also a multiple of 4.
1473 int xfrm_state_mtu(struct xfrm_state
*x
, int mtu
)
1477 res
-= x
->props
.header_len
;
1485 spin_lock_bh(&x
->lock
);
1486 if (x
->km
.state
== XFRM_STATE_VALID
&&
1487 x
->type
&& x
->type
->get_max_size
)
1488 m
= x
->type
->get_max_size(x
, m
);
1490 m
+= x
->props
.header_len
;
1491 spin_unlock_bh(&x
->lock
);
1501 int xfrm_init_state(struct xfrm_state
*x
)
1503 struct xfrm_state_afinfo
*afinfo
;
1504 int family
= x
->props
.family
;
1507 err
= -EAFNOSUPPORT
;
1508 afinfo
= xfrm_state_get_afinfo(family
);
1513 if (afinfo
->init_flags
)
1514 err
= afinfo
->init_flags(x
);
1516 xfrm_state_put_afinfo(afinfo
);
1521 err
= -EPROTONOSUPPORT
;
1522 x
->type
= xfrm_get_type(x
->id
.proto
, family
);
1523 if (x
->type
== NULL
)
1526 err
= x
->type
->init_state(x
);
1530 x
->mode
= xfrm_get_mode(x
->props
.mode
, family
);
1531 if (x
->mode
== NULL
)
1534 x
->km
.state
= XFRM_STATE_VALID
;
1540 EXPORT_SYMBOL(xfrm_init_state
);
1542 void __init
xfrm_state_init(void)
1546 sz
= sizeof(struct hlist_head
) * 8;
1548 xfrm_state_bydst
= xfrm_hash_alloc(sz
);
1549 xfrm_state_bysrc
= xfrm_hash_alloc(sz
);
1550 xfrm_state_byspi
= xfrm_hash_alloc(sz
);
1551 if (!xfrm_state_bydst
|| !xfrm_state_bysrc
|| !xfrm_state_byspi
)
1552 panic("XFRM: Cannot allocate bydst/bysrc/byspi hashes.");
1553 xfrm_state_hmask
= ((sz
/ sizeof(struct hlist_head
)) - 1);
1555 INIT_WORK(&xfrm_state_gc_work
, xfrm_state_gc_task
, NULL
);