6 * Kazunori MIYAZAWA @USAGI
7 * Kunihiro Ishiguro <kunihiro@ipinfusion.com>
9 * YOSHIFUJI Hideaki @USAGI
10 * Split up af-specific functions
11 * Derek Atkins <derek@ihtfp.com>
12 * Add UDP Encapsulation
16 #include <linux/workqueue.h>
18 #include <linux/pfkeyv2.h>
19 #include <linux/ipsec.h>
20 #include <linux/module.h>
21 #include <asm/uaccess.h>
24 EXPORT_SYMBOL(xfrm_nl
);
26 u32 sysctl_xfrm_aevent_etime
= XFRM_AE_ETIME
;
27 EXPORT_SYMBOL(sysctl_xfrm_aevent_etime
);
29 u32 sysctl_xfrm_aevent_rseqth
= XFRM_AE_SEQT_SIZE
;
30 EXPORT_SYMBOL(sysctl_xfrm_aevent_rseqth
);
32 /* Each xfrm_state may be linked to two tables:
34 1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl)
35 2. Hash table by daddr to find what SAs exist for given
36 destination/tunnel endpoint. (output)
39 static DEFINE_SPINLOCK(xfrm_state_lock
);
41 /* Hash table to find appropriate SA towards given target (endpoint
42 * of tunnel or destination of transport mode) allowed by selector.
44 * Main use is finding SA after policy selected tunnel or transport mode.
45 * Also, it can be used by ah/esp icmp error handler to find offending SA.
47 static struct list_head xfrm_state_bydst
[XFRM_DST_HSIZE
];
48 static struct list_head xfrm_state_bysrc
[XFRM_DST_HSIZE
];
49 static struct list_head xfrm_state_byspi
[XFRM_DST_HSIZE
];
51 DECLARE_WAIT_QUEUE_HEAD(km_waitq
);
52 EXPORT_SYMBOL(km_waitq
);
54 static DEFINE_RWLOCK(xfrm_state_afinfo_lock
);
55 static struct xfrm_state_afinfo
*xfrm_state_afinfo
[NPROTO
];
57 static struct work_struct xfrm_state_gc_work
;
58 static struct list_head xfrm_state_gc_list
= LIST_HEAD_INIT(xfrm_state_gc_list
);
59 static DEFINE_SPINLOCK(xfrm_state_gc_lock
);
61 static int xfrm_state_gc_flush_bundles
;
63 int __xfrm_state_delete(struct xfrm_state
*x
);
65 static struct xfrm_state_afinfo
*xfrm_state_get_afinfo(unsigned short family
);
66 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo
*afinfo
);
68 int km_query(struct xfrm_state
*x
, struct xfrm_tmpl
*t
, struct xfrm_policy
*pol
);
69 void km_state_expired(struct xfrm_state
*x
, int hard
, u32 pid
);
71 static void xfrm_state_gc_destroy(struct xfrm_state
*x
)
73 if (del_timer(&x
->timer
))
75 if (del_timer(&x
->rtimer
))
82 xfrm_put_mode(x
->mode
);
84 x
->type
->destructor(x
);
85 xfrm_put_type(x
->type
);
87 security_xfrm_state_free(x
);
91 static void xfrm_state_gc_task(void *data
)
94 struct list_head
*entry
, *tmp
;
95 struct list_head gc_list
= LIST_HEAD_INIT(gc_list
);
97 if (xfrm_state_gc_flush_bundles
) {
98 xfrm_state_gc_flush_bundles
= 0;
102 spin_lock_bh(&xfrm_state_gc_lock
);
103 list_splice_init(&xfrm_state_gc_list
, &gc_list
);
104 spin_unlock_bh(&xfrm_state_gc_lock
);
106 list_for_each_safe(entry
, tmp
, &gc_list
) {
107 x
= list_entry(entry
, struct xfrm_state
, bydst
);
108 xfrm_state_gc_destroy(x
);
113 static inline unsigned long make_jiffies(long secs
)
115 if (secs
>= (MAX_SCHEDULE_TIMEOUT
-1)/HZ
)
116 return MAX_SCHEDULE_TIMEOUT
-1;
121 static void xfrm_timer_handler(unsigned long data
)
123 struct xfrm_state
*x
= (struct xfrm_state
*)data
;
124 unsigned long now
= (unsigned long)xtime
.tv_sec
;
125 long next
= LONG_MAX
;
129 if (x
->km
.state
== XFRM_STATE_DEAD
)
131 if (x
->km
.state
== XFRM_STATE_EXPIRED
)
133 if (x
->lft
.hard_add_expires_seconds
) {
134 long tmo
= x
->lft
.hard_add_expires_seconds
+
135 x
->curlft
.add_time
- now
;
141 if (x
->lft
.hard_use_expires_seconds
) {
142 long tmo
= x
->lft
.hard_use_expires_seconds
+
143 (x
->curlft
.use_time
? : now
) - now
;
151 if (x
->lft
.soft_add_expires_seconds
) {
152 long tmo
= x
->lft
.soft_add_expires_seconds
+
153 x
->curlft
.add_time
- now
;
159 if (x
->lft
.soft_use_expires_seconds
) {
160 long tmo
= x
->lft
.soft_use_expires_seconds
+
161 (x
->curlft
.use_time
? : now
) - now
;
170 km_state_expired(x
, 0, 0);
172 if (next
!= LONG_MAX
&&
173 !mod_timer(&x
->timer
, jiffies
+ make_jiffies(next
)))
178 if (x
->km
.state
== XFRM_STATE_ACQ
&& x
->id
.spi
== 0) {
179 x
->km
.state
= XFRM_STATE_EXPIRED
;
184 if (!__xfrm_state_delete(x
) && x
->id
.spi
)
185 km_state_expired(x
, 1, 0);
188 spin_unlock(&x
->lock
);
192 static void xfrm_replay_timer_handler(unsigned long data
);
194 struct xfrm_state
*xfrm_state_alloc(void)
196 struct xfrm_state
*x
;
198 x
= kzalloc(sizeof(struct xfrm_state
), GFP_ATOMIC
);
201 atomic_set(&x
->refcnt
, 1);
202 atomic_set(&x
->tunnel_users
, 0);
203 INIT_LIST_HEAD(&x
->bydst
);
204 INIT_LIST_HEAD(&x
->bysrc
);
205 INIT_LIST_HEAD(&x
->byspi
);
206 init_timer(&x
->timer
);
207 x
->timer
.function
= xfrm_timer_handler
;
208 x
->timer
.data
= (unsigned long)x
;
209 init_timer(&x
->rtimer
);
210 x
->rtimer
.function
= xfrm_replay_timer_handler
;
211 x
->rtimer
.data
= (unsigned long)x
;
212 x
->curlft
.add_time
= (unsigned long)xtime
.tv_sec
;
213 x
->lft
.soft_byte_limit
= XFRM_INF
;
214 x
->lft
.soft_packet_limit
= XFRM_INF
;
215 x
->lft
.hard_byte_limit
= XFRM_INF
;
216 x
->lft
.hard_packet_limit
= XFRM_INF
;
217 x
->replay_maxage
= 0;
218 x
->replay_maxdiff
= 0;
219 spin_lock_init(&x
->lock
);
223 EXPORT_SYMBOL(xfrm_state_alloc
);
225 void __xfrm_state_destroy(struct xfrm_state
*x
)
227 BUG_TRAP(x
->km
.state
== XFRM_STATE_DEAD
);
229 spin_lock_bh(&xfrm_state_gc_lock
);
230 list_add(&x
->bydst
, &xfrm_state_gc_list
);
231 spin_unlock_bh(&xfrm_state_gc_lock
);
232 schedule_work(&xfrm_state_gc_work
);
234 EXPORT_SYMBOL(__xfrm_state_destroy
);
236 int __xfrm_state_delete(struct xfrm_state
*x
)
240 if (x
->km
.state
!= XFRM_STATE_DEAD
) {
241 x
->km
.state
= XFRM_STATE_DEAD
;
242 spin_lock(&xfrm_state_lock
);
251 spin_unlock(&xfrm_state_lock
);
252 if (del_timer(&x
->timer
))
254 if (del_timer(&x
->rtimer
))
257 /* The number two in this test is the reference
258 * mentioned in the comment below plus the reference
259 * our caller holds. A larger value means that
260 * there are DSTs attached to this xfrm_state.
262 if (atomic_read(&x
->refcnt
) > 2) {
263 xfrm_state_gc_flush_bundles
= 1;
264 schedule_work(&xfrm_state_gc_work
);
267 /* All xfrm_state objects are created by xfrm_state_alloc.
268 * The xfrm_state_alloc call gives a reference, and that
269 * is what we are dropping here.
277 EXPORT_SYMBOL(__xfrm_state_delete
);
279 int xfrm_state_delete(struct xfrm_state
*x
)
283 spin_lock_bh(&x
->lock
);
284 err
= __xfrm_state_delete(x
);
285 spin_unlock_bh(&x
->lock
);
289 EXPORT_SYMBOL(xfrm_state_delete
);
291 void xfrm_state_flush(u8 proto
)
294 struct xfrm_state
*x
;
296 spin_lock_bh(&xfrm_state_lock
);
297 for (i
= 0; i
< XFRM_DST_HSIZE
; i
++) {
299 list_for_each_entry(x
, xfrm_state_bydst
+i
, bydst
) {
300 if (!xfrm_state_kern(x
) &&
301 xfrm_id_proto_match(x
->id
.proto
, proto
)) {
303 spin_unlock_bh(&xfrm_state_lock
);
305 xfrm_state_delete(x
);
308 spin_lock_bh(&xfrm_state_lock
);
313 spin_unlock_bh(&xfrm_state_lock
);
316 EXPORT_SYMBOL(xfrm_state_flush
);
319 xfrm_init_tempsel(struct xfrm_state
*x
, struct flowi
*fl
,
320 struct xfrm_tmpl
*tmpl
,
321 xfrm_address_t
*daddr
, xfrm_address_t
*saddr
,
322 unsigned short family
)
324 struct xfrm_state_afinfo
*afinfo
= xfrm_state_get_afinfo(family
);
327 afinfo
->init_tempsel(x
, fl
, tmpl
, daddr
, saddr
);
328 xfrm_state_put_afinfo(afinfo
);
333 xfrm_state_find(xfrm_address_t
*daddr
, xfrm_address_t
*saddr
,
334 struct flowi
*fl
, struct xfrm_tmpl
*tmpl
,
335 struct xfrm_policy
*pol
, int *err
,
336 unsigned short family
)
338 unsigned h
= xfrm_dst_hash(daddr
, family
);
339 struct xfrm_state
*x
, *x0
;
340 int acquire_in_progress
= 0;
342 struct xfrm_state
*best
= NULL
;
343 struct xfrm_state_afinfo
*afinfo
;
345 afinfo
= xfrm_state_get_afinfo(family
);
346 if (afinfo
== NULL
) {
347 *err
= -EAFNOSUPPORT
;
351 spin_lock_bh(&xfrm_state_lock
);
352 list_for_each_entry(x
, xfrm_state_bydst
+h
, bydst
) {
353 if (x
->props
.family
== family
&&
354 x
->props
.reqid
== tmpl
->reqid
&&
355 !(x
->props
.flags
& XFRM_STATE_WILDRECV
) &&
356 xfrm_state_addr_check(x
, daddr
, saddr
, family
) &&
357 tmpl
->mode
== x
->props
.mode
&&
358 tmpl
->id
.proto
== x
->id
.proto
&&
359 (tmpl
->id
.spi
== x
->id
.spi
|| !tmpl
->id
.spi
)) {
361 1. There is a valid state with matching selector.
363 2. Valid state with inappropriate selector. Skip.
365 Entering area of "sysdeps".
367 3. If state is not valid, selector is temporary,
368 it selects only session which triggered
369 previous resolution. Key manager will do
370 something to install a state with proper
373 if (x
->km
.state
== XFRM_STATE_VALID
) {
374 if (!xfrm_selector_match(&x
->sel
, fl
, family
) ||
375 !security_xfrm_state_pol_flow_match(x
, pol
, fl
))
378 best
->km
.dying
> x
->km
.dying
||
379 (best
->km
.dying
== x
->km
.dying
&&
380 best
->curlft
.add_time
< x
->curlft
.add_time
))
382 } else if (x
->km
.state
== XFRM_STATE_ACQ
) {
383 acquire_in_progress
= 1;
384 } else if (x
->km
.state
== XFRM_STATE_ERROR
||
385 x
->km
.state
== XFRM_STATE_EXPIRED
) {
386 if (xfrm_selector_match(&x
->sel
, fl
, family
) &&
387 security_xfrm_state_pol_flow_match(x
, pol
, fl
))
394 if (!x
&& !error
&& !acquire_in_progress
) {
396 (x0
= afinfo
->state_lookup(daddr
, tmpl
->id
.spi
,
397 tmpl
->id
.proto
)) != NULL
) {
402 x
= xfrm_state_alloc();
407 /* Initialize temporary selector matching only
408 * to current session. */
409 xfrm_init_tempsel(x
, fl
, tmpl
, daddr
, saddr
, family
);
411 error
= security_xfrm_state_alloc_acquire(x
, pol
->security
, fl
->secid
);
413 x
->km
.state
= XFRM_STATE_DEAD
;
419 if (km_query(x
, tmpl
, pol
) == 0) {
420 x
->km
.state
= XFRM_STATE_ACQ
;
421 list_add_tail(&x
->bydst
, xfrm_state_bydst
+h
);
423 list_add_tail(&x
->bysrc
, xfrm_state_bysrc
+h
);
426 h
= xfrm_spi_hash(&x
->id
.daddr
, x
->id
.spi
, x
->id
.proto
, family
);
427 list_add(&x
->byspi
, xfrm_state_byspi
+h
);
430 x
->lft
.hard_add_expires_seconds
= XFRM_ACQ_EXPIRES
;
432 x
->timer
.expires
= jiffies
+ XFRM_ACQ_EXPIRES
*HZ
;
433 add_timer(&x
->timer
);
435 x
->km
.state
= XFRM_STATE_DEAD
;
445 *err
= acquire_in_progress
? -EAGAIN
: error
;
446 spin_unlock_bh(&xfrm_state_lock
);
447 xfrm_state_put_afinfo(afinfo
);
451 static void __xfrm_state_insert(struct xfrm_state
*x
)
453 unsigned h
= xfrm_dst_hash(&x
->id
.daddr
, x
->props
.family
);
455 list_add(&x
->bydst
, xfrm_state_bydst
+h
);
458 h
= xfrm_src_hash(&x
->props
.saddr
, x
->props
.family
);
460 list_add(&x
->bysrc
, xfrm_state_bysrc
+h
);
463 if (xfrm_id_proto_match(x
->id
.proto
, IPSEC_PROTO_ANY
)) {
464 h
= xfrm_spi_hash(&x
->id
.daddr
, x
->id
.spi
, x
->id
.proto
,
467 list_add(&x
->byspi
, xfrm_state_byspi
+h
);
471 if (!mod_timer(&x
->timer
, jiffies
+ HZ
))
474 if (x
->replay_maxage
&&
475 !mod_timer(&x
->rtimer
, jiffies
+ x
->replay_maxage
))
481 void xfrm_state_insert(struct xfrm_state
*x
)
483 spin_lock_bh(&xfrm_state_lock
);
484 __xfrm_state_insert(x
);
485 spin_unlock_bh(&xfrm_state_lock
);
487 xfrm_flush_all_bundles();
489 EXPORT_SYMBOL(xfrm_state_insert
);
491 static inline struct xfrm_state
*
492 __xfrm_state_locate(struct xfrm_state_afinfo
*afinfo
, struct xfrm_state
*x
,
496 return afinfo
->state_lookup(&x
->id
.daddr
, x
->id
.spi
, x
->id
.proto
);
498 return afinfo
->state_lookup_byaddr(&x
->id
.daddr
, &x
->props
.saddr
, x
->id
.proto
);
501 static struct xfrm_state
*__xfrm_find_acq_byseq(u32 seq
);
503 int xfrm_state_add(struct xfrm_state
*x
)
505 struct xfrm_state_afinfo
*afinfo
;
506 struct xfrm_state
*x1
;
509 int use_spi
= xfrm_id_proto_match(x
->id
.proto
, IPSEC_PROTO_ANY
);
511 family
= x
->props
.family
;
512 afinfo
= xfrm_state_get_afinfo(family
);
513 if (unlikely(afinfo
== NULL
))
514 return -EAFNOSUPPORT
;
516 spin_lock_bh(&xfrm_state_lock
);
518 x1
= __xfrm_state_locate(afinfo
, x
, use_spi
);
526 if (use_spi
&& x
->km
.seq
) {
527 x1
= __xfrm_find_acq_byseq(x
->km
.seq
);
528 if (x1
&& xfrm_addr_cmp(&x1
->id
.daddr
, &x
->id
.daddr
, family
)) {
535 x1
= afinfo
->find_acq(
536 x
->props
.mode
, x
->props
.reqid
, x
->id
.proto
,
537 &x
->id
.daddr
, &x
->props
.saddr
, 0);
539 __xfrm_state_insert(x
);
543 spin_unlock_bh(&xfrm_state_lock
);
544 xfrm_state_put_afinfo(afinfo
);
547 xfrm_flush_all_bundles();
550 xfrm_state_delete(x1
);
556 EXPORT_SYMBOL(xfrm_state_add
);
558 int xfrm_state_update(struct xfrm_state
*x
)
560 struct xfrm_state_afinfo
*afinfo
;
561 struct xfrm_state
*x1
;
563 int use_spi
= xfrm_id_proto_match(x
->id
.proto
, IPSEC_PROTO_ANY
);
565 afinfo
= xfrm_state_get_afinfo(x
->props
.family
);
566 if (unlikely(afinfo
== NULL
))
567 return -EAFNOSUPPORT
;
569 spin_lock_bh(&xfrm_state_lock
);
570 x1
= __xfrm_state_locate(afinfo
, x
, use_spi
);
576 if (xfrm_state_kern(x1
)) {
582 if (x1
->km
.state
== XFRM_STATE_ACQ
) {
583 __xfrm_state_insert(x
);
589 spin_unlock_bh(&xfrm_state_lock
);
590 xfrm_state_put_afinfo(afinfo
);
596 xfrm_state_delete(x1
);
602 spin_lock_bh(&x1
->lock
);
603 if (likely(x1
->km
.state
== XFRM_STATE_VALID
)) {
604 if (x
->encap
&& x1
->encap
)
605 memcpy(x1
->encap
, x
->encap
, sizeof(*x1
->encap
));
606 memcpy(&x1
->lft
, &x
->lft
, sizeof(x1
->lft
));
609 if (!mod_timer(&x1
->timer
, jiffies
+ HZ
))
611 if (x1
->curlft
.use_time
)
612 xfrm_state_check_expire(x1
);
616 spin_unlock_bh(&x1
->lock
);
622 EXPORT_SYMBOL(xfrm_state_update
);
624 int xfrm_state_check_expire(struct xfrm_state
*x
)
626 if (!x
->curlft
.use_time
)
627 x
->curlft
.use_time
= (unsigned long)xtime
.tv_sec
;
629 if (x
->km
.state
!= XFRM_STATE_VALID
)
632 if (x
->curlft
.bytes
>= x
->lft
.hard_byte_limit
||
633 x
->curlft
.packets
>= x
->lft
.hard_packet_limit
) {
634 x
->km
.state
= XFRM_STATE_EXPIRED
;
635 if (!mod_timer(&x
->timer
, jiffies
))
641 (x
->curlft
.bytes
>= x
->lft
.soft_byte_limit
||
642 x
->curlft
.packets
>= x
->lft
.soft_packet_limit
)) {
644 km_state_expired(x
, 0, 0);
648 EXPORT_SYMBOL(xfrm_state_check_expire
);
650 static int xfrm_state_check_space(struct xfrm_state
*x
, struct sk_buff
*skb
)
652 int nhead
= x
->props
.header_len
+ LL_RESERVED_SPACE(skb
->dst
->dev
)
656 return pskb_expand_head(skb
, nhead
, 0, GFP_ATOMIC
);
658 /* Check tail too... */
662 int xfrm_state_check(struct xfrm_state
*x
, struct sk_buff
*skb
)
664 int err
= xfrm_state_check_expire(x
);
667 err
= xfrm_state_check_space(x
, skb
);
671 EXPORT_SYMBOL(xfrm_state_check
);
674 xfrm_state_lookup(xfrm_address_t
*daddr
, u32 spi
, u8 proto
,
675 unsigned short family
)
677 struct xfrm_state
*x
;
678 struct xfrm_state_afinfo
*afinfo
= xfrm_state_get_afinfo(family
);
682 spin_lock_bh(&xfrm_state_lock
);
683 x
= afinfo
->state_lookup(daddr
, spi
, proto
);
684 spin_unlock_bh(&xfrm_state_lock
);
685 xfrm_state_put_afinfo(afinfo
);
688 EXPORT_SYMBOL(xfrm_state_lookup
);
691 xfrm_state_lookup_byaddr(xfrm_address_t
*daddr
, xfrm_address_t
*saddr
,
692 u8 proto
, unsigned short family
)
694 struct xfrm_state
*x
;
695 struct xfrm_state_afinfo
*afinfo
= xfrm_state_get_afinfo(family
);
699 spin_lock_bh(&xfrm_state_lock
);
700 x
= afinfo
->state_lookup_byaddr(daddr
, saddr
, proto
);
701 spin_unlock_bh(&xfrm_state_lock
);
702 xfrm_state_put_afinfo(afinfo
);
705 EXPORT_SYMBOL(xfrm_state_lookup_byaddr
);
708 xfrm_find_acq(u8 mode
, u32 reqid
, u8 proto
,
709 xfrm_address_t
*daddr
, xfrm_address_t
*saddr
,
710 int create
, unsigned short family
)
712 struct xfrm_state
*x
;
713 struct xfrm_state_afinfo
*afinfo
= xfrm_state_get_afinfo(family
);
717 spin_lock_bh(&xfrm_state_lock
);
718 x
= afinfo
->find_acq(mode
, reqid
, proto
, daddr
, saddr
, create
);
719 spin_unlock_bh(&xfrm_state_lock
);
720 xfrm_state_put_afinfo(afinfo
);
723 EXPORT_SYMBOL(xfrm_find_acq
);
725 /* Silly enough, but I'm lazy to build resolution list */
727 static struct xfrm_state
*__xfrm_find_acq_byseq(u32 seq
)
730 struct xfrm_state
*x
;
732 for (i
= 0; i
< XFRM_DST_HSIZE
; i
++) {
733 list_for_each_entry(x
, xfrm_state_bydst
+i
, bydst
) {
734 if (x
->km
.seq
== seq
&& x
->km
.state
== XFRM_STATE_ACQ
) {
743 struct xfrm_state
*xfrm_find_acq_byseq(u32 seq
)
745 struct xfrm_state
*x
;
747 spin_lock_bh(&xfrm_state_lock
);
748 x
= __xfrm_find_acq_byseq(seq
);
749 spin_unlock_bh(&xfrm_state_lock
);
752 EXPORT_SYMBOL(xfrm_find_acq_byseq
);
754 u32
xfrm_get_acqseq(void)
758 static DEFINE_SPINLOCK(acqseq_lock
);
760 spin_lock_bh(&acqseq_lock
);
761 res
= (++acqseq
? : ++acqseq
);
762 spin_unlock_bh(&acqseq_lock
);
765 EXPORT_SYMBOL(xfrm_get_acqseq
);
768 xfrm_alloc_spi(struct xfrm_state
*x
, u32 minspi
, u32 maxspi
)
771 struct xfrm_state
*x0
;
776 if (minspi
== maxspi
) {
777 x0
= xfrm_state_lookup(&x
->id
.daddr
, minspi
, x
->id
.proto
, x
->props
.family
);
785 minspi
= ntohl(minspi
);
786 maxspi
= ntohl(maxspi
);
787 for (h
=0; h
<maxspi
-minspi
+1; h
++) {
788 spi
= minspi
+ net_random()%(maxspi
-minspi
+1);
789 x0
= xfrm_state_lookup(&x
->id
.daddr
, htonl(spi
), x
->id
.proto
, x
->props
.family
);
791 x
->id
.spi
= htonl(spi
);
798 spin_lock_bh(&xfrm_state_lock
);
799 h
= xfrm_spi_hash(&x
->id
.daddr
, x
->id
.spi
, x
->id
.proto
, x
->props
.family
);
800 list_add(&x
->byspi
, xfrm_state_byspi
+h
);
802 spin_unlock_bh(&xfrm_state_lock
);
806 EXPORT_SYMBOL(xfrm_alloc_spi
);
808 int xfrm_state_walk(u8 proto
, int (*func
)(struct xfrm_state
*, int, void*),
812 struct xfrm_state
*x
;
816 spin_lock_bh(&xfrm_state_lock
);
817 for (i
= 0; i
< XFRM_DST_HSIZE
; i
++) {
818 list_for_each_entry(x
, xfrm_state_bydst
+i
, bydst
) {
819 if (xfrm_id_proto_match(x
->id
.proto
, proto
))
828 for (i
= 0; i
< XFRM_DST_HSIZE
; i
++) {
829 list_for_each_entry(x
, xfrm_state_bydst
+i
, bydst
) {
830 if (!xfrm_id_proto_match(x
->id
.proto
, proto
))
832 err
= func(x
, --count
, data
);
838 spin_unlock_bh(&xfrm_state_lock
);
841 EXPORT_SYMBOL(xfrm_state_walk
);
844 void xfrm_replay_notify(struct xfrm_state
*x
, int event
)
847 /* we send notify messages in case
848 * 1. we updated on of the sequence numbers, and the seqno difference
849 * is at least x->replay_maxdiff, in this case we also update the
850 * timeout of our timer function
851 * 2. if x->replay_maxage has elapsed since last update,
852 * and there were changes
854 * The state structure must be locked!
858 case XFRM_REPLAY_UPDATE
:
859 if (x
->replay_maxdiff
&&
860 (x
->replay
.seq
- x
->preplay
.seq
< x
->replay_maxdiff
) &&
861 (x
->replay
.oseq
- x
->preplay
.oseq
< x
->replay_maxdiff
)) {
862 if (x
->xflags
& XFRM_TIME_DEFER
)
863 event
= XFRM_REPLAY_TIMEOUT
;
870 case XFRM_REPLAY_TIMEOUT
:
871 if ((x
->replay
.seq
== x
->preplay
.seq
) &&
872 (x
->replay
.bitmap
== x
->preplay
.bitmap
) &&
873 (x
->replay
.oseq
== x
->preplay
.oseq
)) {
874 x
->xflags
|= XFRM_TIME_DEFER
;
881 memcpy(&x
->preplay
, &x
->replay
, sizeof(struct xfrm_replay_state
));
882 c
.event
= XFRM_MSG_NEWAE
;
883 c
.data
.aevent
= event
;
884 km_state_notify(x
, &c
);
886 if (x
->replay_maxage
&&
887 !mod_timer(&x
->rtimer
, jiffies
+ x
->replay_maxage
)) {
889 x
->xflags
&= ~XFRM_TIME_DEFER
;
892 EXPORT_SYMBOL(xfrm_replay_notify
);
894 static void xfrm_replay_timer_handler(unsigned long data
)
896 struct xfrm_state
*x
= (struct xfrm_state
*)data
;
900 if (x
->km
.state
== XFRM_STATE_VALID
) {
901 if (xfrm_aevent_is_on())
902 xfrm_replay_notify(x
, XFRM_REPLAY_TIMEOUT
);
904 x
->xflags
|= XFRM_TIME_DEFER
;
907 spin_unlock(&x
->lock
);
911 int xfrm_replay_check(struct xfrm_state
*x
, u32 seq
)
917 if (unlikely(seq
== 0))
920 if (likely(seq
> x
->replay
.seq
))
923 diff
= x
->replay
.seq
- seq
;
924 if (diff
>= x
->props
.replay_window
) {
925 x
->stats
.replay_window
++;
929 if (x
->replay
.bitmap
& (1U << diff
)) {
935 EXPORT_SYMBOL(xfrm_replay_check
);
937 void xfrm_replay_advance(struct xfrm_state
*x
, u32 seq
)
943 if (seq
> x
->replay
.seq
) {
944 diff
= seq
- x
->replay
.seq
;
945 if (diff
< x
->props
.replay_window
)
946 x
->replay
.bitmap
= ((x
->replay
.bitmap
) << diff
) | 1;
948 x
->replay
.bitmap
= 1;
951 diff
= x
->replay
.seq
- seq
;
952 x
->replay
.bitmap
|= (1U << diff
);
955 if (xfrm_aevent_is_on())
956 xfrm_replay_notify(x
, XFRM_REPLAY_UPDATE
);
958 EXPORT_SYMBOL(xfrm_replay_advance
);
960 static struct list_head xfrm_km_list
= LIST_HEAD_INIT(xfrm_km_list
);
961 static DEFINE_RWLOCK(xfrm_km_lock
);
963 void km_policy_notify(struct xfrm_policy
*xp
, int dir
, struct km_event
*c
)
967 read_lock(&xfrm_km_lock
);
968 list_for_each_entry(km
, &xfrm_km_list
, list
)
969 if (km
->notify_policy
)
970 km
->notify_policy(xp
, dir
, c
);
971 read_unlock(&xfrm_km_lock
);
974 void km_state_notify(struct xfrm_state
*x
, struct km_event
*c
)
977 read_lock(&xfrm_km_lock
);
978 list_for_each_entry(km
, &xfrm_km_list
, list
)
981 read_unlock(&xfrm_km_lock
);
984 EXPORT_SYMBOL(km_policy_notify
);
985 EXPORT_SYMBOL(km_state_notify
);
987 void km_state_expired(struct xfrm_state
*x
, int hard
, u32 pid
)
993 c
.event
= XFRM_MSG_EXPIRE
;
994 km_state_notify(x
, &c
);
1000 EXPORT_SYMBOL(km_state_expired
);
1002 * We send to all registered managers regardless of failure
1003 * We are happy with one success
1005 int km_query(struct xfrm_state
*x
, struct xfrm_tmpl
*t
, struct xfrm_policy
*pol
)
1007 int err
= -EINVAL
, acqret
;
1008 struct xfrm_mgr
*km
;
1010 read_lock(&xfrm_km_lock
);
1011 list_for_each_entry(km
, &xfrm_km_list
, list
) {
1012 acqret
= km
->acquire(x
, t
, pol
, XFRM_POLICY_OUT
);
1016 read_unlock(&xfrm_km_lock
);
1019 EXPORT_SYMBOL(km_query
);
1021 int km_new_mapping(struct xfrm_state
*x
, xfrm_address_t
*ipaddr
, u16 sport
)
1024 struct xfrm_mgr
*km
;
1026 read_lock(&xfrm_km_lock
);
1027 list_for_each_entry(km
, &xfrm_km_list
, list
) {
1028 if (km
->new_mapping
)
1029 err
= km
->new_mapping(x
, ipaddr
, sport
);
1033 read_unlock(&xfrm_km_lock
);
1036 EXPORT_SYMBOL(km_new_mapping
);
1038 void km_policy_expired(struct xfrm_policy
*pol
, int dir
, int hard
, u32 pid
)
1044 c
.event
= XFRM_MSG_POLEXPIRE
;
1045 km_policy_notify(pol
, dir
, &c
);
1050 EXPORT_SYMBOL(km_policy_expired
);
1052 int xfrm_user_policy(struct sock
*sk
, int optname
, u8 __user
*optval
, int optlen
)
1056 struct xfrm_mgr
*km
;
1057 struct xfrm_policy
*pol
= NULL
;
1059 if (optlen
<= 0 || optlen
> PAGE_SIZE
)
1062 data
= kmalloc(optlen
, GFP_KERNEL
);
1067 if (copy_from_user(data
, optval
, optlen
))
1071 read_lock(&xfrm_km_lock
);
1072 list_for_each_entry(km
, &xfrm_km_list
, list
) {
1073 pol
= km
->compile_policy(sk
, optname
, data
,
1078 read_unlock(&xfrm_km_lock
);
1081 xfrm_sk_policy_insert(sk
, err
, pol
);
1090 EXPORT_SYMBOL(xfrm_user_policy
);
1092 int xfrm_register_km(struct xfrm_mgr
*km
)
1094 write_lock_bh(&xfrm_km_lock
);
1095 list_add_tail(&km
->list
, &xfrm_km_list
);
1096 write_unlock_bh(&xfrm_km_lock
);
1099 EXPORT_SYMBOL(xfrm_register_km
);
1101 int xfrm_unregister_km(struct xfrm_mgr
*km
)
1103 write_lock_bh(&xfrm_km_lock
);
1104 list_del(&km
->list
);
1105 write_unlock_bh(&xfrm_km_lock
);
1108 EXPORT_SYMBOL(xfrm_unregister_km
);
1110 int xfrm_state_register_afinfo(struct xfrm_state_afinfo
*afinfo
)
1113 if (unlikely(afinfo
== NULL
))
1115 if (unlikely(afinfo
->family
>= NPROTO
))
1116 return -EAFNOSUPPORT
;
1117 write_lock_bh(&xfrm_state_afinfo_lock
);
1118 if (unlikely(xfrm_state_afinfo
[afinfo
->family
] != NULL
))
1121 afinfo
->state_bydst
= xfrm_state_bydst
;
1122 afinfo
->state_bysrc
= xfrm_state_bysrc
;
1123 afinfo
->state_byspi
= xfrm_state_byspi
;
1124 xfrm_state_afinfo
[afinfo
->family
] = afinfo
;
1126 write_unlock_bh(&xfrm_state_afinfo_lock
);
1129 EXPORT_SYMBOL(xfrm_state_register_afinfo
);
1131 int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo
*afinfo
)
1134 if (unlikely(afinfo
== NULL
))
1136 if (unlikely(afinfo
->family
>= NPROTO
))
1137 return -EAFNOSUPPORT
;
1138 write_lock_bh(&xfrm_state_afinfo_lock
);
1139 if (likely(xfrm_state_afinfo
[afinfo
->family
] != NULL
)) {
1140 if (unlikely(xfrm_state_afinfo
[afinfo
->family
] != afinfo
))
1143 xfrm_state_afinfo
[afinfo
->family
] = NULL
;
1144 afinfo
->state_byspi
= NULL
;
1145 afinfo
->state_bysrc
= NULL
;
1146 afinfo
->state_bydst
= NULL
;
1149 write_unlock_bh(&xfrm_state_afinfo_lock
);
1152 EXPORT_SYMBOL(xfrm_state_unregister_afinfo
);
1154 static struct xfrm_state_afinfo
*xfrm_state_get_afinfo(unsigned short family
)
1156 struct xfrm_state_afinfo
*afinfo
;
1157 if (unlikely(family
>= NPROTO
))
1159 read_lock(&xfrm_state_afinfo_lock
);
1160 afinfo
= xfrm_state_afinfo
[family
];
1161 if (unlikely(!afinfo
))
1162 read_unlock(&xfrm_state_afinfo_lock
);
1166 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo
*afinfo
)
1168 read_unlock(&xfrm_state_afinfo_lock
);
1171 /* Temporarily located here until net/xfrm/xfrm_tunnel.c is created */
1172 void xfrm_state_delete_tunnel(struct xfrm_state
*x
)
1175 struct xfrm_state
*t
= x
->tunnel
;
1177 if (atomic_read(&t
->tunnel_users
) == 2)
1178 xfrm_state_delete(t
);
1179 atomic_dec(&t
->tunnel_users
);
1184 EXPORT_SYMBOL(xfrm_state_delete_tunnel
);
1187 * This function is NOT optimal. For example, with ESP it will give an
1188 * MTU that's usually two bytes short of being optimal. However, it will
1189 * usually give an answer that's a multiple of 4 provided the input is
1190 * also a multiple of 4.
1192 int xfrm_state_mtu(struct xfrm_state
*x
, int mtu
)
1196 res
-= x
->props
.header_len
;
1204 spin_lock_bh(&x
->lock
);
1205 if (x
->km
.state
== XFRM_STATE_VALID
&&
1206 x
->type
&& x
->type
->get_max_size
)
1207 m
= x
->type
->get_max_size(x
, m
);
1209 m
+= x
->props
.header_len
;
1210 spin_unlock_bh(&x
->lock
);
1220 int xfrm_init_state(struct xfrm_state
*x
)
1222 struct xfrm_state_afinfo
*afinfo
;
1223 int family
= x
->props
.family
;
1226 err
= -EAFNOSUPPORT
;
1227 afinfo
= xfrm_state_get_afinfo(family
);
1232 if (afinfo
->init_flags
)
1233 err
= afinfo
->init_flags(x
);
1235 xfrm_state_put_afinfo(afinfo
);
1240 err
= -EPROTONOSUPPORT
;
1241 x
->type
= xfrm_get_type(x
->id
.proto
, family
);
1242 if (x
->type
== NULL
)
1245 err
= x
->type
->init_state(x
);
1249 x
->mode
= xfrm_get_mode(x
->props
.mode
, family
);
1250 if (x
->mode
== NULL
)
1253 x
->km
.state
= XFRM_STATE_VALID
;
1259 EXPORT_SYMBOL(xfrm_init_state
);
1261 void __init
xfrm_state_init(void)
1265 for (i
=0; i
<XFRM_DST_HSIZE
; i
++) {
1266 INIT_LIST_HEAD(&xfrm_state_bydst
[i
]);
1267 INIT_LIST_HEAD(&xfrm_state_bysrc
[i
]);
1268 INIT_LIST_HEAD(&xfrm_state_byspi
[i
]);
1270 INIT_WORK(&xfrm_state_gc_work
, xfrm_state_gc_task
, NULL
);