6 * Kazunori MIYAZAWA @USAGI
7 * Kunihiro Ishiguro <kunihiro@ipinfusion.com>
9 * YOSHIFUJI Hideaki @USAGI
10 * Split up af-specific functions
11 * Derek Atkins <derek@ihtfp.com>
12 * Add UDP Encapsulation
16 #include <linux/workqueue.h>
18 #include <linux/pfkeyv2.h>
19 #include <linux/ipsec.h>
20 #include <linux/module.h>
21 #include <linux/cache.h>
22 #include <asm/uaccess.h>
24 #include "xfrm_hash.h"
27 EXPORT_SYMBOL(xfrm_nl);
29 u32 sysctl_xfrm_aevent_etime = XFRM_AE_ETIME;
30 EXPORT_SYMBOL(sysctl_xfrm_aevent_etime);
32 u32 sysctl_xfrm_aevent_rseqth = XFRM_AE_SEQT_SIZE;
33 EXPORT_SYMBOL(sysctl_xfrm_aevent_rseqth);
35 /* Each xfrm_state may be linked to two tables:
37 1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl)
38 2. Hash table by (daddr,family,reqid) to find what SAs exist for given
39 destination/tunnel endpoint. (output)
42 static DEFINE_SPINLOCK(xfrm_state_lock);
44 /* Hash table to find appropriate SA towards given target (endpoint
45 * of tunnel or destination of transport mode) allowed by selector.
47 * Main use is finding SA after policy selected tunnel or transport mode.
48 * Also, it can be used by ah/esp icmp error handler to find offending SA.
50 static struct hlist_head *xfrm_state_bydst __read_mostly;
51 static struct hlist_head *xfrm_state_bysrc __read_mostly;
52 static struct hlist_head *xfrm_state_byspi __read_mostly;
53 static unsigned int xfrm_state_hmask __read_mostly;
54 static unsigned int xfrm_state_hashmax __read_mostly = 1 * 1024 * 1024;
55 static unsigned int xfrm_state_num;
56 static unsigned int xfrm_state_genid;
58 static inline unsigned int xfrm_dst_hash(xfrm_address_t *daddr,
59 xfrm_address_t *saddr,
61 unsigned short family)
63 return __xfrm_dst_hash(daddr, saddr, reqid, family, xfrm_state_hmask);
66 static inline unsigned int xfrm_src_hash(xfrm_address_t *daddr,
67 xfrm_address_t *saddr,
68 unsigned short family)
70 return __xfrm_src_hash(daddr, saddr, family, xfrm_state_hmask);
73 static inline unsigned int
74 xfrm_spi_hash(xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family)
76 return __xfrm_spi_hash(daddr, spi, proto, family, xfrm_state_hmask);
79 static void xfrm_hash_transfer(struct hlist_head *list,
80 struct hlist_head *ndsttable,
81 struct hlist_head *nsrctable,
82 struct hlist_head *nspitable,
83 unsigned int nhashmask)
85 struct hlist_node *entry, *tmp;
88 hlist_for_each_entry_safe(x, entry, tmp, list, bydst) {
91 h = __xfrm_dst_hash(&x->id.daddr, &x->props.saddr,
92 x->props.reqid, x->props.family,
94 hlist_add_head(&x->bydst, ndsttable+h);
96 h = __xfrm_src_hash(&x->id.daddr, &x->props.saddr,
99 hlist_add_head(&x->bysrc, nsrctable+h);
102 h = __xfrm_spi_hash(&x->id.daddr, x->id.spi,
103 x->id.proto, x->props.family,
105 hlist_add_head(&x->byspi, nspitable+h);
110 static unsigned long xfrm_hash_new_size(void)
112 return ((xfrm_state_hmask + 1) << 1) *
113 sizeof(struct hlist_head);
116 static DEFINE_MUTEX(hash_resize_mutex);
118 static void xfrm_hash_resize(void *__unused)
120 struct hlist_head *ndst, *nsrc, *nspi, *odst, *osrc, *ospi;
121 unsigned long nsize, osize;
122 unsigned int nhashmask, ohashmask;
125 mutex_lock(&hash_resize_mutex);
127 nsize = xfrm_hash_new_size();
128 ndst = xfrm_hash_alloc(nsize);
131 nsrc = xfrm_hash_alloc(nsize);
133 xfrm_hash_free(ndst, nsize);
136 nspi = xfrm_hash_alloc(nsize);
138 xfrm_hash_free(ndst, nsize);
139 xfrm_hash_free(nsrc, nsize);
143 spin_lock_bh(&xfrm_state_lock);
145 nhashmask = (nsize / sizeof(struct hlist_head)) - 1U;
146 for (i = xfrm_state_hmask; i >= 0; i--)
147 xfrm_hash_transfer(xfrm_state_bydst+i, ndst, nsrc, nspi,
150 odst = xfrm_state_bydst;
151 osrc = xfrm_state_bysrc;
152 ospi = xfrm_state_byspi;
153 ohashmask = xfrm_state_hmask;
155 xfrm_state_bydst = ndst;
156 xfrm_state_bysrc = nsrc;
157 xfrm_state_byspi = nspi;
158 xfrm_state_hmask = nhashmask;
160 spin_unlock_bh(&xfrm_state_lock);
162 osize = (ohashmask + 1) * sizeof(struct hlist_head);
163 xfrm_hash_free(odst, osize);
164 xfrm_hash_free(osrc, osize);
165 xfrm_hash_free(ospi, osize);
168 mutex_unlock(&hash_resize_mutex);
171 static DECLARE_WORK(xfrm_hash_work, xfrm_hash_resize, NULL);
173 DECLARE_WAIT_QUEUE_HEAD(km_waitq);
174 EXPORT_SYMBOL(km_waitq);
176 static DEFINE_RWLOCK(xfrm_state_afinfo_lock);
177 static struct xfrm_state_afinfo *xfrm_state_afinfo[NPROTO];
179 static struct work_struct xfrm_state_gc_work;
180 static HLIST_HEAD(xfrm_state_gc_list);
181 static DEFINE_SPINLOCK(xfrm_state_gc_lock);
183 int __xfrm_state_delete(struct xfrm_state *x);
185 static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family);
186 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo);
188 int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol);
189 void km_state_expired(struct xfrm_state *x, int hard, u32 pid);
191 static void xfrm_state_gc_destroy(struct xfrm_state *x)
193 del_timer_sync(&x->timer);
194 del_timer_sync(&x->rtimer);
201 xfrm_put_mode(x->mode);
203 x->type->destructor(x);
204 xfrm_put_type(x->type);
206 security_xfrm_state_free(x);
210 static void xfrm_state_gc_task(void *data)
212 struct xfrm_state *x;
213 struct hlist_node *entry, *tmp;
214 struct hlist_head gc_list;
216 spin_lock_bh(&xfrm_state_gc_lock);
217 gc_list.first = xfrm_state_gc_list.first;
218 INIT_HLIST_HEAD(&xfrm_state_gc_list);
219 spin_unlock_bh(&xfrm_state_gc_lock);
221 hlist_for_each_entry_safe(x, entry, tmp, &gc_list, bydst)
222 xfrm_state_gc_destroy(x);
227 static inline unsigned long make_jiffies(long secs)
229 if (secs >= (MAX_SCHEDULE_TIMEOUT-1)/HZ)
230 return MAX_SCHEDULE_TIMEOUT-1;
235 static void xfrm_timer_handler(unsigned long data)
237 struct xfrm_state *x = (struct xfrm_state*)data;
238 unsigned long now = (unsigned long)xtime.tv_sec;
239 long next = LONG_MAX;
243 if (x->km.state == XFRM_STATE_DEAD)
245 if (x->km.state == XFRM_STATE_EXPIRED)
247 if (x->lft.hard_add_expires_seconds) {
248 long tmo = x->lft.hard_add_expires_seconds +
249 x->curlft.add_time - now;
255 if (x->lft.hard_use_expires_seconds) {
256 long tmo = x->lft.hard_use_expires_seconds +
257 (x->curlft.use_time ? : now) - now;
265 if (x->lft.soft_add_expires_seconds) {
266 long tmo = x->lft.soft_add_expires_seconds +
267 x->curlft.add_time - now;
273 if (x->lft.soft_use_expires_seconds) {
274 long tmo = x->lft.soft_use_expires_seconds +
275 (x->curlft.use_time ? : now) - now;
284 km_state_expired(x, 0, 0);
286 if (next != LONG_MAX)
287 mod_timer(&x->timer, jiffies + make_jiffies(next));
292 if (x->km.state == XFRM_STATE_ACQ && x->id.spi == 0) {
293 x->km.state = XFRM_STATE_EXPIRED;
298 if (!__xfrm_state_delete(x) && x->id.spi)
299 km_state_expired(x, 1, 0);
302 spin_unlock(&x->lock);
305 static void xfrm_replay_timer_handler(unsigned long data);
307 struct xfrm_state *xfrm_state_alloc(void)
309 struct xfrm_state *x;
311 x = kzalloc(sizeof(struct xfrm_state), GFP_ATOMIC);
314 atomic_set(&x->refcnt, 1);
315 atomic_set(&x->tunnel_users, 0);
316 INIT_HLIST_NODE(&x->bydst);
317 INIT_HLIST_NODE(&x->bysrc);
318 INIT_HLIST_NODE(&x->byspi);
319 init_timer(&x->timer);
320 x->timer.function = xfrm_timer_handler;
321 x->timer.data = (unsigned long)x;
322 init_timer(&x->rtimer);
323 x->rtimer.function = xfrm_replay_timer_handler;
324 x->rtimer.data = (unsigned long)x;
325 x->curlft.add_time = (unsigned long)xtime.tv_sec;
326 x->lft.soft_byte_limit = XFRM_INF;
327 x->lft.soft_packet_limit = XFRM_INF;
328 x->lft.hard_byte_limit = XFRM_INF;
329 x->lft.hard_packet_limit = XFRM_INF;
330 x->replay_maxage = 0;
331 x->replay_maxdiff = 0;
332 spin_lock_init(&x->lock);
336 EXPORT_SYMBOL(xfrm_state_alloc);
338 void __xfrm_state_destroy(struct xfrm_state *x)
340 BUG_TRAP(x->km.state == XFRM_STATE_DEAD);
342 spin_lock_bh(&xfrm_state_gc_lock);
343 hlist_add_head(&x->bydst, &xfrm_state_gc_list);
344 spin_unlock_bh(&xfrm_state_gc_lock);
345 schedule_work(&xfrm_state_gc_work);
347 EXPORT_SYMBOL(__xfrm_state_destroy);
349 int __xfrm_state_delete(struct xfrm_state *x)
353 if (x->km.state != XFRM_STATE_DEAD) {
354 x->km.state = XFRM_STATE_DEAD;
355 spin_lock(&xfrm_state_lock);
356 hlist_del(&x->bydst);
357 hlist_del(&x->bysrc);
359 hlist_del(&x->byspi);
361 spin_unlock(&xfrm_state_lock);
363 /* All xfrm_state objects are created by xfrm_state_alloc.
364 * The xfrm_state_alloc call gives a reference, and that
365 * is what we are dropping here.
373 EXPORT_SYMBOL(__xfrm_state_delete);
375 int xfrm_state_delete(struct xfrm_state *x)
379 spin_lock_bh(&x->lock);
380 err = __xfrm_state_delete(x);
381 spin_unlock_bh(&x->lock);
385 EXPORT_SYMBOL(xfrm_state_delete);
387 void xfrm_state_flush(u8 proto)
391 spin_lock_bh(&xfrm_state_lock);
392 for (i = 0; i <= xfrm_state_hmask; i++) {
393 struct hlist_node *entry;
394 struct xfrm_state *x;
396 hlist_for_each_entry(x, entry, xfrm_state_bydst+i, bydst) {
397 if (!xfrm_state_kern(x) &&
398 xfrm_id_proto_match(x->id.proto, proto)) {
400 spin_unlock_bh(&xfrm_state_lock);
402 xfrm_state_delete(x);
405 spin_lock_bh(&xfrm_state_lock);
410 spin_unlock_bh(&xfrm_state_lock);
413 EXPORT_SYMBOL(xfrm_state_flush);
416 xfrm_init_tempsel(struct xfrm_state *x, struct flowi *fl,
417 struct xfrm_tmpl *tmpl,
418 xfrm_address_t *daddr, xfrm_address_t *saddr,
419 unsigned short family)
421 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
424 afinfo->init_tempsel(x, fl, tmpl, daddr, saddr);
425 xfrm_state_put_afinfo(afinfo);
429 static struct xfrm_state *__xfrm_state_lookup(xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family)
431 unsigned int h = xfrm_spi_hash(daddr, spi, proto, family);
432 struct xfrm_state *x;
433 struct hlist_node *entry;
435 hlist_for_each_entry(x, entry, xfrm_state_byspi+h, byspi) {
436 if (x->props.family != family ||
438 x->id.proto != proto)
443 if (x->id.daddr.a4 != daddr->a4)
447 if (!ipv6_addr_equal((struct in6_addr *)daddr,
461 static struct xfrm_state *__xfrm_state_lookup_byaddr(xfrm_address_t *daddr, xfrm_address_t *saddr, u8 proto, unsigned short family)
463 unsigned int h = xfrm_src_hash(daddr, saddr, family);
464 struct xfrm_state *x;
465 struct hlist_node *entry;
467 hlist_for_each_entry(x, entry, xfrm_state_bysrc+h, bysrc) {
468 if (x->props.family != family ||
469 x->id.proto != proto)
474 if (x->id.daddr.a4 != daddr->a4 ||
475 x->props.saddr.a4 != saddr->a4)
479 if (!ipv6_addr_equal((struct in6_addr *)daddr,
482 !ipv6_addr_equal((struct in6_addr *)saddr,
496 static inline struct xfrm_state *
497 __xfrm_state_locate(struct xfrm_state *x, int use_spi, int family)
500 return __xfrm_state_lookup(&x->id.daddr, x->id.spi,
501 x->id.proto, family);
503 return __xfrm_state_lookup_byaddr(&x->id.daddr,
505 x->id.proto, family);
509 xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
510 struct flowi *fl, struct xfrm_tmpl *tmpl,
511 struct xfrm_policy *pol, int *err,
512 unsigned short family)
514 unsigned int h = xfrm_dst_hash(daddr, saddr, tmpl->reqid, family);
515 struct hlist_node *entry;
516 struct xfrm_state *x, *x0;
517 int acquire_in_progress = 0;
519 struct xfrm_state *best = NULL;
521 spin_lock_bh(&xfrm_state_lock);
522 hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) {
523 if (x->props.family == family &&
524 x->props.reqid == tmpl->reqid &&
525 !(x->props.flags & XFRM_STATE_WILDRECV) &&
526 xfrm_state_addr_check(x, daddr, saddr, family) &&
527 tmpl->mode == x->props.mode &&
528 tmpl->id.proto == x->id.proto &&
529 (tmpl->id.spi == x->id.spi || !tmpl->id.spi)) {
531 1. There is a valid state with matching selector.
533 2. Valid state with inappropriate selector. Skip.
535 Entering area of "sysdeps".
537 3. If state is not valid, selector is temporary,
538 it selects only session which triggered
539 previous resolution. Key manager will do
540 something to install a state with proper
543 if (x->km.state == XFRM_STATE_VALID) {
544 if (!xfrm_selector_match(&x->sel, fl, family) ||
545 !security_xfrm_state_pol_flow_match(x, pol, fl))
548 best->km.dying > x->km.dying ||
549 (best->km.dying == x->km.dying &&
550 best->curlft.add_time < x->curlft.add_time))
552 } else if (x->km.state == XFRM_STATE_ACQ) {
553 acquire_in_progress = 1;
554 } else if (x->km.state == XFRM_STATE_ERROR ||
555 x->km.state == XFRM_STATE_EXPIRED) {
556 if (xfrm_selector_match(&x->sel, fl, family) &&
557 security_xfrm_state_pol_flow_match(x, pol, fl))
564 if (!x && !error && !acquire_in_progress) {
566 (x0 = __xfrm_state_lookup(daddr, tmpl->id.spi,
567 tmpl->id.proto, family)) != NULL) {
572 x = xfrm_state_alloc();
577 /* Initialize temporary selector matching only
578 * to current session. */
579 xfrm_init_tempsel(x, fl, tmpl, daddr, saddr, family);
581 error = security_xfrm_state_alloc_acquire(x, pol->security, fl->secid);
583 x->km.state = XFRM_STATE_DEAD;
589 if (km_query(x, tmpl, pol) == 0) {
590 x->km.state = XFRM_STATE_ACQ;
591 hlist_add_head(&x->bydst, xfrm_state_bydst+h);
592 h = xfrm_src_hash(daddr, saddr, family);
593 hlist_add_head(&x->bysrc, xfrm_state_bysrc+h);
595 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, family);
596 hlist_add_head(&x->byspi, xfrm_state_byspi+h);
598 x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES;
599 x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ;
600 add_timer(&x->timer);
602 x->km.state = XFRM_STATE_DEAD;
612 *err = acquire_in_progress ? -EAGAIN : error;
613 spin_unlock_bh(&xfrm_state_lock);
617 static void __xfrm_state_insert(struct xfrm_state *x)
621 x->genid = ++xfrm_state_genid;
623 h = xfrm_dst_hash(&x->id.daddr, &x->props.saddr,
624 x->props.reqid, x->props.family);
625 hlist_add_head(&x->bydst, xfrm_state_bydst+h);
627 h = xfrm_src_hash(&x->id.daddr, &x->props.saddr, x->props.family);
628 hlist_add_head(&x->bysrc, xfrm_state_bysrc+h);
631 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto,
634 hlist_add_head(&x->byspi, xfrm_state_byspi+h);
637 mod_timer(&x->timer, jiffies + HZ);
638 if (x->replay_maxage)
639 mod_timer(&x->rtimer, jiffies + x->replay_maxage);
645 if (x->bydst.next != NULL &&
646 (xfrm_state_hmask + 1) < xfrm_state_hashmax &&
647 xfrm_state_num > xfrm_state_hmask)
648 schedule_work(&xfrm_hash_work);
651 /* xfrm_state_lock is held */
652 static void __xfrm_state_bump_genids(struct xfrm_state *xnew)
654 unsigned short family = xnew->props.family;
655 u32 reqid = xnew->props.reqid;
656 struct xfrm_state *x;
657 struct hlist_node *entry;
660 h = xfrm_dst_hash(&xnew->id.daddr, &xnew->props.saddr, reqid, family);
661 hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) {
662 if (x->props.family == family &&
663 x->props.reqid == reqid &&
664 !xfrm_addr_cmp(&x->id.daddr, &xnew->id.daddr, family) &&
665 !xfrm_addr_cmp(&x->props.saddr, &xnew->props.saddr, family))
666 x->genid = xfrm_state_genid;
670 void xfrm_state_insert(struct xfrm_state *x)
672 spin_lock_bh(&xfrm_state_lock);
673 __xfrm_state_bump_genids(x);
674 __xfrm_state_insert(x);
675 spin_unlock_bh(&xfrm_state_lock);
677 EXPORT_SYMBOL(xfrm_state_insert);
679 /* xfrm_state_lock is held */
680 static struct xfrm_state *__find_acq_core(unsigned short family, u8 mode, u32 reqid, u8 proto, xfrm_address_t *daddr, xfrm_address_t *saddr, int create)
682 unsigned int h = xfrm_dst_hash(daddr, saddr, reqid, family);
683 struct hlist_node *entry;
684 struct xfrm_state *x;
686 hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) {
687 if (x->props.reqid != reqid ||
688 x->props.mode != mode ||
689 x->props.family != family ||
690 x->km.state != XFRM_STATE_ACQ ||
696 if (x->id.daddr.a4 != daddr->a4 ||
697 x->props.saddr.a4 != saddr->a4)
701 if (!ipv6_addr_equal((struct in6_addr *)x->id.daddr.a6,
702 (struct in6_addr *)daddr) ||
703 !ipv6_addr_equal((struct in6_addr *)
705 (struct in6_addr *)saddr))
717 x = xfrm_state_alloc();
721 x->sel.daddr.a4 = daddr->a4;
722 x->sel.saddr.a4 = saddr->a4;
723 x->sel.prefixlen_d = 32;
724 x->sel.prefixlen_s = 32;
725 x->props.saddr.a4 = saddr->a4;
726 x->id.daddr.a4 = daddr->a4;
730 ipv6_addr_copy((struct in6_addr *)x->sel.daddr.a6,
731 (struct in6_addr *)daddr);
732 ipv6_addr_copy((struct in6_addr *)x->sel.saddr.a6,
733 (struct in6_addr *)saddr);
734 x->sel.prefixlen_d = 128;
735 x->sel.prefixlen_s = 128;
736 ipv6_addr_copy((struct in6_addr *)x->props.saddr.a6,
737 (struct in6_addr *)saddr);
738 ipv6_addr_copy((struct in6_addr *)x->id.daddr.a6,
739 (struct in6_addr *)daddr);
743 x->km.state = XFRM_STATE_ACQ;
745 x->props.family = family;
746 x->props.mode = mode;
747 x->props.reqid = reqid;
748 x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES;
750 x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ;
751 add_timer(&x->timer);
752 hlist_add_head(&x->bydst, xfrm_state_bydst+h);
753 h = xfrm_src_hash(daddr, saddr, family);
754 hlist_add_head(&x->bysrc, xfrm_state_bysrc+h);
761 static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq);
763 int xfrm_state_add(struct xfrm_state *x)
765 struct xfrm_state *x1;
768 int use_spi = xfrm_id_proto_match(x->id.proto, IPSEC_PROTO_ANY);
770 family = x->props.family;
772 spin_lock_bh(&xfrm_state_lock);
774 x1 = __xfrm_state_locate(x, use_spi, family);
782 if (use_spi && x->km.seq) {
783 x1 = __xfrm_find_acq_byseq(x->km.seq);
784 if (x1 && xfrm_addr_cmp(&x1->id.daddr, &x->id.daddr, family)) {
791 x1 = __find_acq_core(family, x->props.mode, x->props.reqid,
793 &x->id.daddr, &x->props.saddr, 0);
795 __xfrm_state_bump_genids(x);
796 __xfrm_state_insert(x);
800 spin_unlock_bh(&xfrm_state_lock);
803 xfrm_state_delete(x1);
809 EXPORT_SYMBOL(xfrm_state_add);
811 int xfrm_state_update(struct xfrm_state *x)
813 struct xfrm_state *x1;
815 int use_spi = xfrm_id_proto_match(x->id.proto, IPSEC_PROTO_ANY);
817 spin_lock_bh(&xfrm_state_lock);
818 x1 = __xfrm_state_locate(x, use_spi, x->props.family);
824 if (xfrm_state_kern(x1)) {
830 if (x1->km.state == XFRM_STATE_ACQ) {
831 __xfrm_state_insert(x);
837 spin_unlock_bh(&xfrm_state_lock);
843 xfrm_state_delete(x1);
849 spin_lock_bh(&x1->lock);
850 if (likely(x1->km.state == XFRM_STATE_VALID)) {
851 if (x->encap && x1->encap)
852 memcpy(x1->encap, x->encap, sizeof(*x1->encap));
853 if (x->coaddr && x1->coaddr) {
854 memcpy(x1->coaddr, x->coaddr, sizeof(*x1->coaddr));
856 if (!use_spi && memcmp(&x1->sel, &x->sel, sizeof(x1->sel)))
857 memcpy(&x1->sel, &x->sel, sizeof(x1->sel));
858 memcpy(&x1->lft, &x->lft, sizeof(x1->lft));
861 mod_timer(&x1->timer, jiffies + HZ);
862 if (x1->curlft.use_time)
863 xfrm_state_check_expire(x1);
867 spin_unlock_bh(&x1->lock);
873 EXPORT_SYMBOL(xfrm_state_update);
875 int xfrm_state_check_expire(struct xfrm_state *x)
877 if (!x->curlft.use_time)
878 x->curlft.use_time = (unsigned long)xtime.tv_sec;
880 if (x->km.state != XFRM_STATE_VALID)
883 if (x->curlft.bytes >= x->lft.hard_byte_limit ||
884 x->curlft.packets >= x->lft.hard_packet_limit) {
885 x->km.state = XFRM_STATE_EXPIRED;
886 mod_timer(&x->timer, jiffies);
891 (x->curlft.bytes >= x->lft.soft_byte_limit ||
892 x->curlft.packets >= x->lft.soft_packet_limit)) {
894 km_state_expired(x, 0, 0);
898 EXPORT_SYMBOL(xfrm_state_check_expire);
900 static int xfrm_state_check_space(struct xfrm_state *x, struct sk_buff *skb)
902 int nhead = x->props.header_len + LL_RESERVED_SPACE(skb->dst->dev)
906 return pskb_expand_head(skb, nhead, 0, GFP_ATOMIC);
908 /* Check tail too... */
912 int xfrm_state_check(struct xfrm_state *x, struct sk_buff *skb)
914 int err = xfrm_state_check_expire(x);
917 err = xfrm_state_check_space(x, skb);
921 EXPORT_SYMBOL(xfrm_state_check);
924 xfrm_state_lookup(xfrm_address_t *daddr, __be32 spi, u8 proto,
925 unsigned short family)
927 struct xfrm_state *x;
929 spin_lock_bh(&xfrm_state_lock);
930 x = __xfrm_state_lookup(daddr, spi, proto, family);
931 spin_unlock_bh(&xfrm_state_lock);
934 EXPORT_SYMBOL(xfrm_state_lookup);
937 xfrm_state_lookup_byaddr(xfrm_address_t *daddr, xfrm_address_t *saddr,
938 u8 proto, unsigned short family)
940 struct xfrm_state *x;
942 spin_lock_bh(&xfrm_state_lock);
943 x = __xfrm_state_lookup_byaddr(daddr, saddr, proto, family);
944 spin_unlock_bh(&xfrm_state_lock);
947 EXPORT_SYMBOL(xfrm_state_lookup_byaddr);
950 xfrm_find_acq(u8 mode, u32 reqid, u8 proto,
951 xfrm_address_t *daddr, xfrm_address_t *saddr,
952 int create, unsigned short family)
954 struct xfrm_state *x;
956 spin_lock_bh(&xfrm_state_lock);
957 x = __find_acq_core(family, mode, reqid, proto, daddr, saddr, create);
958 spin_unlock_bh(&xfrm_state_lock);
962 EXPORT_SYMBOL(xfrm_find_acq);
964 #ifdef CONFIG_XFRM_SUB_POLICY
966 xfrm_tmpl_sort(struct xfrm_tmpl **dst, struct xfrm_tmpl **src, int n,
967 unsigned short family)
970 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
972 return -EAFNOSUPPORT;
974 spin_lock_bh(&xfrm_state_lock);
975 if (afinfo->tmpl_sort)
976 err = afinfo->tmpl_sort(dst, src, n);
977 spin_unlock_bh(&xfrm_state_lock);
978 xfrm_state_put_afinfo(afinfo);
981 EXPORT_SYMBOL(xfrm_tmpl_sort);
984 xfrm_state_sort(struct xfrm_state **dst, struct xfrm_state **src, int n,
985 unsigned short family)
988 struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
990 return -EAFNOSUPPORT;
992 spin_lock_bh(&xfrm_state_lock);
993 if (afinfo->state_sort)
994 err = afinfo->state_sort(dst, src, n);
995 spin_unlock_bh(&xfrm_state_lock);
996 xfrm_state_put_afinfo(afinfo);
999 EXPORT_SYMBOL(xfrm_state_sort);
1002 /* Silly enough, but I'm lazy to build resolution list */
1004 static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq)
1008 for (i = 0; i <= xfrm_state_hmask; i++) {
1009 struct hlist_node *entry;
1010 struct xfrm_state *x;
1012 hlist_for_each_entry(x, entry, xfrm_state_bydst+i, bydst) {
1013 if (x->km.seq == seq &&
1014 x->km.state == XFRM_STATE_ACQ) {
1023 struct xfrm_state *xfrm_find_acq_byseq(u32 seq)
1025 struct xfrm_state *x;
1027 spin_lock_bh(&xfrm_state_lock);
1028 x = __xfrm_find_acq_byseq(seq);
1029 spin_unlock_bh(&xfrm_state_lock);
1032 EXPORT_SYMBOL(xfrm_find_acq_byseq);
1034 u32 xfrm_get_acqseq(void)
1038 static DEFINE_SPINLOCK(acqseq_lock);
1040 spin_lock_bh(&acqseq_lock);
1041 res = (++acqseq ? : ++acqseq);
1042 spin_unlock_bh(&acqseq_lock);
1045 EXPORT_SYMBOL(xfrm_get_acqseq);
1048 xfrm_alloc_spi(struct xfrm_state *x, __be32 minspi, __be32 maxspi)
1051 struct xfrm_state *x0;
1056 if (minspi == maxspi) {
1057 x0 = xfrm_state_lookup(&x->id.daddr, minspi, x->id.proto, x->props.family);
1065 u32 low = ntohl(minspi);
1066 u32 high = ntohl(maxspi);
1067 for (h=0; h<high-low+1; h++) {
1068 spi = low + net_random()%(high-low+1);
1069 x0 = xfrm_state_lookup(&x->id.daddr, htonl(spi), x->id.proto, x->props.family);
1071 x->id.spi = htonl(spi);
1078 spin_lock_bh(&xfrm_state_lock);
1079 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, x->props.family);
1080 hlist_add_head(&x->byspi, xfrm_state_byspi+h);
1081 spin_unlock_bh(&xfrm_state_lock);
1085 EXPORT_SYMBOL(xfrm_alloc_spi);
1087 int xfrm_state_walk(u8 proto, int (*func)(struct xfrm_state *, int, void*),
1091 struct xfrm_state *x;
1092 struct hlist_node *entry;
1096 spin_lock_bh(&xfrm_state_lock);
1097 for (i = 0; i <= xfrm_state_hmask; i++) {
1098 hlist_for_each_entry(x, entry, xfrm_state_bydst+i, bydst) {
1099 if (xfrm_id_proto_match(x->id.proto, proto))
1108 for (i = 0; i <= xfrm_state_hmask; i++) {
1109 hlist_for_each_entry(x, entry, xfrm_state_bydst+i, bydst) {
1110 if (!xfrm_id_proto_match(x->id.proto, proto))
1112 err = func(x, --count, data);
1118 spin_unlock_bh(&xfrm_state_lock);
1121 EXPORT_SYMBOL(xfrm_state_walk);
1124 void xfrm_replay_notify(struct xfrm_state *x, int event)
1127 /* we send notify messages in case
1128 * 1. we updated on of the sequence numbers, and the seqno difference
1129 * is at least x->replay_maxdiff, in this case we also update the
1130 * timeout of our timer function
1131 * 2. if x->replay_maxage has elapsed since last update,
1132 * and there were changes
1134 * The state structure must be locked!
1138 case XFRM_REPLAY_UPDATE:
1139 if (x->replay_maxdiff &&
1140 (x->replay.seq - x->preplay.seq < x->replay_maxdiff) &&
1141 (x->replay.oseq - x->preplay.oseq < x->replay_maxdiff)) {
1142 if (x->xflags & XFRM_TIME_DEFER)
1143 event = XFRM_REPLAY_TIMEOUT;
1150 case XFRM_REPLAY_TIMEOUT:
1151 if ((x->replay.seq == x->preplay.seq) &&
1152 (x->replay.bitmap == x->preplay.bitmap) &&
1153 (x->replay.oseq == x->preplay.oseq)) {
1154 x->xflags |= XFRM_TIME_DEFER;
1161 memcpy(&x->preplay, &x->replay, sizeof(struct xfrm_replay_state));
1162 c.event = XFRM_MSG_NEWAE;
1163 c.data.aevent = event;
1164 km_state_notify(x, &c);
1166 if (x->replay_maxage &&
1167 !mod_timer(&x->rtimer, jiffies + x->replay_maxage))
1168 x->xflags &= ~XFRM_TIME_DEFER;
1170 EXPORT_SYMBOL(xfrm_replay_notify);
1172 static void xfrm_replay_timer_handler(unsigned long data)
1174 struct xfrm_state *x = (struct xfrm_state*)data;
1176 spin_lock(&x->lock);
1178 if (x->km.state == XFRM_STATE_VALID) {
1179 if (xfrm_aevent_is_on())
1180 xfrm_replay_notify(x, XFRM_REPLAY_TIMEOUT);
1182 x->xflags |= XFRM_TIME_DEFER;
1185 spin_unlock(&x->lock);
1188 int xfrm_replay_check(struct xfrm_state *x, __be32 net_seq)
1191 u32 seq = ntohl(net_seq);
1193 if (unlikely(seq == 0))
1196 if (likely(seq > x->replay.seq))
1199 diff = x->replay.seq - seq;
1200 if (diff >= x->props.replay_window) {
1201 x->stats.replay_window++;
1205 if (x->replay.bitmap & (1U << diff)) {
1211 EXPORT_SYMBOL(xfrm_replay_check);
1213 void xfrm_replay_advance(struct xfrm_state *x, __be32 net_seq)
1216 u32 seq = ntohl(net_seq);
1218 if (seq > x->replay.seq) {
1219 diff = seq - x->replay.seq;
1220 if (diff < x->props.replay_window)
1221 x->replay.bitmap = ((x->replay.bitmap) << diff) | 1;
1223 x->replay.bitmap = 1;
1224 x->replay.seq = seq;
1226 diff = x->replay.seq - seq;
1227 x->replay.bitmap |= (1U << diff);
1230 if (xfrm_aevent_is_on())
1231 xfrm_replay_notify(x, XFRM_REPLAY_UPDATE);
1233 EXPORT_SYMBOL(xfrm_replay_advance);
1235 static struct list_head xfrm_km_list = LIST_HEAD_INIT(xfrm_km_list);
1236 static DEFINE_RWLOCK(xfrm_km_lock);
1238 void km_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c)
1240 struct xfrm_mgr *km;
1242 read_lock(&xfrm_km_lock);
1243 list_for_each_entry(km, &xfrm_km_list, list)
1244 if (km->notify_policy)
1245 km->notify_policy(xp, dir, c);
1246 read_unlock(&xfrm_km_lock);
1249 void km_state_notify(struct xfrm_state *x, struct km_event *c)
1251 struct xfrm_mgr *km;
1252 read_lock(&xfrm_km_lock);
1253 list_for_each_entry(km, &xfrm_km_list, list)
1256 read_unlock(&xfrm_km_lock);
1259 EXPORT_SYMBOL(km_policy_notify);
1260 EXPORT_SYMBOL(km_state_notify);
1262 void km_state_expired(struct xfrm_state *x, int hard, u32 pid)
1268 c.event = XFRM_MSG_EXPIRE;
1269 km_state_notify(x, &c);
1275 EXPORT_SYMBOL(km_state_expired);
1277 * We send to all registered managers regardless of failure
1278 * We are happy with one success
1280 int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol)
1282 int err = -EINVAL, acqret;
1283 struct xfrm_mgr *km;
1285 read_lock(&xfrm_km_lock);
1286 list_for_each_entry(km, &xfrm_km_list, list) {
1287 acqret = km->acquire(x, t, pol, XFRM_POLICY_OUT);
1291 read_unlock(&xfrm_km_lock);
1294 EXPORT_SYMBOL(km_query);
1296 int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport)
1299 struct xfrm_mgr *km;
1301 read_lock(&xfrm_km_lock);
1302 list_for_each_entry(km, &xfrm_km_list, list) {
1303 if (km->new_mapping)
1304 err = km->new_mapping(x, ipaddr, sport);
1308 read_unlock(&xfrm_km_lock);
1311 EXPORT_SYMBOL(km_new_mapping);
1313 void km_policy_expired(struct xfrm_policy *pol, int dir, int hard, u32 pid)
1319 c.event = XFRM_MSG_POLEXPIRE;
1320 km_policy_notify(pol, dir, &c);
1325 EXPORT_SYMBOL(km_policy_expired);
1327 int km_report(u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr)
1331 struct xfrm_mgr *km;
1333 read_lock(&xfrm_km_lock);
1334 list_for_each_entry(km, &xfrm_km_list, list) {
1336 ret = km->report(proto, sel, addr);
1341 read_unlock(&xfrm_km_lock);
1344 EXPORT_SYMBOL(km_report);
1346 int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optval, int optlen)
1350 struct xfrm_mgr *km;
1351 struct xfrm_policy *pol = NULL;
1353 if (optlen <= 0 || optlen > PAGE_SIZE)
1356 data = kmalloc(optlen, GFP_KERNEL);
1361 if (copy_from_user(data, optval, optlen))
1365 read_lock(&xfrm_km_lock);
1366 list_for_each_entry(km, &xfrm_km_list, list) {
1367 pol = km->compile_policy(sk, optname, data,
1372 read_unlock(&xfrm_km_lock);
1375 xfrm_sk_policy_insert(sk, err, pol);
1384 EXPORT_SYMBOL(xfrm_user_policy);
1386 int xfrm_register_km(struct xfrm_mgr *km)
1388 write_lock_bh(&xfrm_km_lock);
1389 list_add_tail(&km->list, &xfrm_km_list);
1390 write_unlock_bh(&xfrm_km_lock);
1393 EXPORT_SYMBOL(xfrm_register_km);
1395 int xfrm_unregister_km(struct xfrm_mgr *km)
1397 write_lock_bh(&xfrm_km_lock);
1398 list_del(&km->list);
1399 write_unlock_bh(&xfrm_km_lock);
1402 EXPORT_SYMBOL(xfrm_unregister_km);
1404 int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo)
1407 if (unlikely(afinfo == NULL))
1409 if (unlikely(afinfo->family >= NPROTO))
1410 return -EAFNOSUPPORT;
1411 write_lock_bh(&xfrm_state_afinfo_lock);
1412 if (unlikely(xfrm_state_afinfo[afinfo->family] != NULL))
1415 xfrm_state_afinfo[afinfo->family] = afinfo;
1416 write_unlock_bh(&xfrm_state_afinfo_lock);
1419 EXPORT_SYMBOL(xfrm_state_register_afinfo);
1421 int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo *afinfo)
1424 if (unlikely(afinfo == NULL))
1426 if (unlikely(afinfo->family >= NPROTO))
1427 return -EAFNOSUPPORT;
1428 write_lock_bh(&xfrm_state_afinfo_lock);
1429 if (likely(xfrm_state_afinfo[afinfo->family] != NULL)) {
1430 if (unlikely(xfrm_state_afinfo[afinfo->family] != afinfo))
1433 xfrm_state_afinfo[afinfo->family] = NULL;
1435 write_unlock_bh(&xfrm_state_afinfo_lock);
1438 EXPORT_SYMBOL(xfrm_state_unregister_afinfo);
1440 static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family)
1442 struct xfrm_state_afinfo *afinfo;
1443 if (unlikely(family >= NPROTO))
1445 read_lock(&xfrm_state_afinfo_lock);
1446 afinfo = xfrm_state_afinfo[family];
1447 if (unlikely(!afinfo))
1448 read_unlock(&xfrm_state_afinfo_lock);
1452 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo)
1454 read_unlock(&xfrm_state_afinfo_lock);
1457 /* Temporarily located here until net/xfrm/xfrm_tunnel.c is created */
1458 void xfrm_state_delete_tunnel(struct xfrm_state *x)
1461 struct xfrm_state *t = x->tunnel;
1463 if (atomic_read(&t->tunnel_users) == 2)
1464 xfrm_state_delete(t);
1465 atomic_dec(&t->tunnel_users);
1470 EXPORT_SYMBOL(xfrm_state_delete_tunnel);
1473 * This function is NOT optimal. For example, with ESP it will give an
1474 * MTU that's usually two bytes short of being optimal. However, it will
1475 * usually give an answer that's a multiple of 4 provided the input is
1476 * also a multiple of 4.
1478 int xfrm_state_mtu(struct xfrm_state *x, int mtu)
1482 res -= x->props.header_len;
1490 spin_lock_bh(&x->lock);
1491 if (x->km.state == XFRM_STATE_VALID &&
1492 x->type && x->type->get_max_size)
1493 m = x->type->get_max_size(x, m);
1495 m += x->props.header_len;
1496 spin_unlock_bh(&x->lock);
1506 int xfrm_init_state(struct xfrm_state *x)
1508 struct xfrm_state_afinfo *afinfo;
1509 int family = x->props.family;
1512 err = -EAFNOSUPPORT;
1513 afinfo = xfrm_state_get_afinfo(family);
1518 if (afinfo->init_flags)
1519 err = afinfo->init_flags(x);
1521 xfrm_state_put_afinfo(afinfo);
1526 err = -EPROTONOSUPPORT;
1527 x->type = xfrm_get_type(x->id.proto, family);
1528 if (x->type == NULL)
1531 err = x->type->init_state(x);
1535 x->mode = xfrm_get_mode(x->props.mode, family);
1536 if (x->mode == NULL)
1539 x->km.state = XFRM_STATE_VALID;
1545 EXPORT_SYMBOL(xfrm_init_state);
1547 void __init xfrm_state_init(void)
1551 sz = sizeof(struct hlist_head) * 8;
1553 xfrm_state_bydst = xfrm_hash_alloc(sz);
1554 xfrm_state_bysrc = xfrm_hash_alloc(sz);
1555 xfrm_state_byspi = xfrm_hash_alloc(sz);
1556 if (!xfrm_state_bydst || !xfrm_state_bysrc || !xfrm_state_byspi)
1557 panic("XFRM: Cannot allocate bydst/bysrc/byspi hashes.");
1558 xfrm_state_hmask = ((sz / sizeof(struct hlist_head)) - 1);
1560 INIT_WORK(&xfrm_state_gc_work, xfrm_state_gc_task, NULL);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob