[LSM-IPSec]: Security association restriction.
[linux-2.6.git] / net / xfrm / xfrm_state.c
1 /*
2  * xfrm_state.c
3  *
4  * Changes:
5  *      Mitsuru KANDA @USAGI
6  *      Kazunori MIYAZAWA @USAGI
7  *      Kunihiro Ishiguro <kunihiro@ipinfusion.com>
8  *              IPv6 support
9  *      YOSHIFUJI Hideaki @USAGI
10  *              Split up af-specific functions
11  *      Derek Atkins <derek@ihtfp.com>
12  *              Add UDP Encapsulation
13  *
14  */
15
16 #include <linux/workqueue.h>
17 #include <net/xfrm.h>
18 #include <linux/pfkeyv2.h>
19 #include <linux/ipsec.h>
20 #include <linux/module.h>
21 #include <asm/uaccess.h>
22
23 /* Each xfrm_state may be linked to two tables:
24
25    1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl)
26    2. Hash table by daddr to find what SAs exist for given
27       destination/tunnel endpoint. (output)
28  */
29
30 static DEFINE_SPINLOCK(xfrm_state_lock);
31
32 /* Hash table to find appropriate SA towards given target (endpoint
33  * of tunnel or destination of transport mode) allowed by selector.
34  *
35  * Main use is finding SA after policy selected tunnel or transport mode.
36  * Also, it can be used by ah/esp icmp error handler to find offending SA.
37  */
38 static struct list_head xfrm_state_bydst[XFRM_DST_HSIZE];
39 static struct list_head xfrm_state_byspi[XFRM_DST_HSIZE];
40
41 DECLARE_WAIT_QUEUE_HEAD(km_waitq);
42 EXPORT_SYMBOL(km_waitq);
43
44 static DEFINE_RWLOCK(xfrm_state_afinfo_lock);
45 static struct xfrm_state_afinfo *xfrm_state_afinfo[NPROTO];
46
47 static struct work_struct xfrm_state_gc_work;
48 static struct list_head xfrm_state_gc_list = LIST_HEAD_INIT(xfrm_state_gc_list);
49 static DEFINE_SPINLOCK(xfrm_state_gc_lock);
50
51 static int xfrm_state_gc_flush_bundles;
52
53 static int __xfrm_state_delete(struct xfrm_state *x);
54
55 static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family);
56 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo);
57
58 static int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol);
59 static void km_state_expired(struct xfrm_state *x, int hard);
60
61 static void xfrm_state_gc_destroy(struct xfrm_state *x)
62 {
63         if (del_timer(&x->timer))
64                 BUG();
65         kfree(x->aalg);
66         kfree(x->ealg);
67         kfree(x->calg);
68         kfree(x->encap);
69         if (x->type) {
70                 x->type->destructor(x);
71                 xfrm_put_type(x->type);
72         }
73         security_xfrm_state_free(x);
74         kfree(x);
75 }
76
77 static void xfrm_state_gc_task(void *data)
78 {
79         struct xfrm_state *x;
80         struct list_head *entry, *tmp;
81         struct list_head gc_list = LIST_HEAD_INIT(gc_list);
82
83         if (xfrm_state_gc_flush_bundles) {
84                 xfrm_state_gc_flush_bundles = 0;
85                 xfrm_flush_bundles();
86         }
87
88         spin_lock_bh(&xfrm_state_gc_lock);
89         list_splice_init(&xfrm_state_gc_list, &gc_list);
90         spin_unlock_bh(&xfrm_state_gc_lock);
91
92         list_for_each_safe(entry, tmp, &gc_list) {
93                 x = list_entry(entry, struct xfrm_state, bydst);
94                 xfrm_state_gc_destroy(x);
95         }
96         wake_up(&km_waitq);
97 }
98
99 static inline unsigned long make_jiffies(long secs)
100 {
101         if (secs >= (MAX_SCHEDULE_TIMEOUT-1)/HZ)
102                 return MAX_SCHEDULE_TIMEOUT-1;
103         else
104                 return secs*HZ;
105 }
106
107 static void xfrm_timer_handler(unsigned long data)
108 {
109         struct xfrm_state *x = (struct xfrm_state*)data;
110         unsigned long now = (unsigned long)xtime.tv_sec;
111         long next = LONG_MAX;
112         int warn = 0;
113
114         spin_lock(&x->lock);
115         if (x->km.state == XFRM_STATE_DEAD)
116                 goto out;
117         if (x->km.state == XFRM_STATE_EXPIRED)
118                 goto expired;
119         if (x->lft.hard_add_expires_seconds) {
120                 long tmo = x->lft.hard_add_expires_seconds +
121                         x->curlft.add_time - now;
122                 if (tmo <= 0)
123                         goto expired;
124                 if (tmo < next)
125                         next = tmo;
126         }
127         if (x->lft.hard_use_expires_seconds) {
128                 long tmo = x->lft.hard_use_expires_seconds +
129                         (x->curlft.use_time ? : now) - now;
130                 if (tmo <= 0)
131                         goto expired;
132                 if (tmo < next)
133                         next = tmo;
134         }
135         if (x->km.dying)
136                 goto resched;
137         if (x->lft.soft_add_expires_seconds) {
138                 long tmo = x->lft.soft_add_expires_seconds +
139                         x->curlft.add_time - now;
140                 if (tmo <= 0)
141                         warn = 1;
142                 else if (tmo < next)
143                         next = tmo;
144         }
145         if (x->lft.soft_use_expires_seconds) {
146                 long tmo = x->lft.soft_use_expires_seconds +
147                         (x->curlft.use_time ? : now) - now;
148                 if (tmo <= 0)
149                         warn = 1;
150                 else if (tmo < next)
151                         next = tmo;
152         }
153
154         x->km.dying = warn;
155         if (warn)
156                 km_state_expired(x, 0);
157 resched:
158         if (next != LONG_MAX &&
159             !mod_timer(&x->timer, jiffies + make_jiffies(next)))
160                 xfrm_state_hold(x);
161         goto out;
162
163 expired:
164         if (x->km.state == XFRM_STATE_ACQ && x->id.spi == 0) {
165                 x->km.state = XFRM_STATE_EXPIRED;
166                 wake_up(&km_waitq);
167                 next = 2;
168                 goto resched;
169         }
170         if (!__xfrm_state_delete(x) && x->id.spi)
171                 km_state_expired(x, 1);
172
173 out:
174         spin_unlock(&x->lock);
175         xfrm_state_put(x);
176 }
177
178 struct xfrm_state *xfrm_state_alloc(void)
179 {
180         struct xfrm_state *x;
181
182         x = kmalloc(sizeof(struct xfrm_state), GFP_ATOMIC);
183
184         if (x) {
185                 memset(x, 0, sizeof(struct xfrm_state));
186                 atomic_set(&x->refcnt, 1);
187                 atomic_set(&x->tunnel_users, 0);
188                 INIT_LIST_HEAD(&x->bydst);
189                 INIT_LIST_HEAD(&x->byspi);
190                 init_timer(&x->timer);
191                 x->timer.function = xfrm_timer_handler;
192                 x->timer.data     = (unsigned long)x;
193                 x->curlft.add_time = (unsigned long)xtime.tv_sec;
194                 x->lft.soft_byte_limit = XFRM_INF;
195                 x->lft.soft_packet_limit = XFRM_INF;
196                 x->lft.hard_byte_limit = XFRM_INF;
197                 x->lft.hard_packet_limit = XFRM_INF;
198                 spin_lock_init(&x->lock);
199         }
200         return x;
201 }
202 EXPORT_SYMBOL(xfrm_state_alloc);
203
204 void __xfrm_state_destroy(struct xfrm_state *x)
205 {
206         BUG_TRAP(x->km.state == XFRM_STATE_DEAD);
207
208         spin_lock_bh(&xfrm_state_gc_lock);
209         list_add(&x->bydst, &xfrm_state_gc_list);
210         spin_unlock_bh(&xfrm_state_gc_lock);
211         schedule_work(&xfrm_state_gc_work);
212 }
213 EXPORT_SYMBOL(__xfrm_state_destroy);
214
215 static int __xfrm_state_delete(struct xfrm_state *x)
216 {
217         int err = -ESRCH;
218
219         if (x->km.state != XFRM_STATE_DEAD) {
220                 x->km.state = XFRM_STATE_DEAD;
221                 spin_lock(&xfrm_state_lock);
222                 list_del(&x->bydst);
223                 atomic_dec(&x->refcnt);
224                 if (x->id.spi) {
225                         list_del(&x->byspi);
226                         atomic_dec(&x->refcnt);
227                 }
228                 spin_unlock(&xfrm_state_lock);
229                 if (del_timer(&x->timer))
230                         atomic_dec(&x->refcnt);
231
232                 /* The number two in this test is the reference
233                  * mentioned in the comment below plus the reference
234                  * our caller holds.  A larger value means that
235                  * there are DSTs attached to this xfrm_state.
236                  */
237                 if (atomic_read(&x->refcnt) > 2) {
238                         xfrm_state_gc_flush_bundles = 1;
239                         schedule_work(&xfrm_state_gc_work);
240                 }
241
242                 /* All xfrm_state objects are created by xfrm_state_alloc.
243                  * The xfrm_state_alloc call gives a reference, and that
244                  * is what we are dropping here.
245                  */
246                 atomic_dec(&x->refcnt);
247                 err = 0;
248         }
249
250         return err;
251 }
252
253 int xfrm_state_delete(struct xfrm_state *x)
254 {
255         int err;
256
257         spin_lock_bh(&x->lock);
258         err = __xfrm_state_delete(x);
259         spin_unlock_bh(&x->lock);
260
261         return err;
262 }
263 EXPORT_SYMBOL(xfrm_state_delete);
264
265 void xfrm_state_flush(u8 proto)
266 {
267         int i;
268         struct xfrm_state *x;
269
270         spin_lock_bh(&xfrm_state_lock);
271         for (i = 0; i < XFRM_DST_HSIZE; i++) {
272 restart:
273                 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
274                         if (!xfrm_state_kern(x) &&
275                             (proto == IPSEC_PROTO_ANY || x->id.proto == proto)) {
276                                 xfrm_state_hold(x);
277                                 spin_unlock_bh(&xfrm_state_lock);
278
279                                 xfrm_state_delete(x);
280                                 xfrm_state_put(x);
281
282                                 spin_lock_bh(&xfrm_state_lock);
283                                 goto restart;
284                         }
285                 }
286         }
287         spin_unlock_bh(&xfrm_state_lock);
288         wake_up(&km_waitq);
289 }
290 EXPORT_SYMBOL(xfrm_state_flush);
291
292 static int
293 xfrm_init_tempsel(struct xfrm_state *x, struct flowi *fl,
294                   struct xfrm_tmpl *tmpl,
295                   xfrm_address_t *daddr, xfrm_address_t *saddr,
296                   unsigned short family)
297 {
298         struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
299         if (!afinfo)
300                 return -1;
301         afinfo->init_tempsel(x, fl, tmpl, daddr, saddr);
302         xfrm_state_put_afinfo(afinfo);
303         return 0;
304 }
305
306 struct xfrm_state *
307 xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr, 
308                 struct flowi *fl, struct xfrm_tmpl *tmpl,
309                 struct xfrm_policy *pol, int *err,
310                 unsigned short family)
311 {
312         unsigned h = xfrm_dst_hash(daddr, family);
313         struct xfrm_state *x, *x0;
314         int acquire_in_progress = 0;
315         int error = 0;
316         struct xfrm_state *best = NULL;
317         struct xfrm_state_afinfo *afinfo;
318         
319         afinfo = xfrm_state_get_afinfo(family);
320         if (afinfo == NULL) {
321                 *err = -EAFNOSUPPORT;
322                 return NULL;
323         }
324
325         spin_lock_bh(&xfrm_state_lock);
326         list_for_each_entry(x, xfrm_state_bydst+h, bydst) {
327                 if (x->props.family == family &&
328                     x->props.reqid == tmpl->reqid &&
329                     xfrm_state_addr_check(x, daddr, saddr, family) &&
330                     tmpl->mode == x->props.mode &&
331                     tmpl->id.proto == x->id.proto &&
332                     (tmpl->id.spi == x->id.spi || !tmpl->id.spi)) {
333                         /* Resolution logic:
334                            1. There is a valid state with matching selector.
335                               Done.
336                            2. Valid state with inappropriate selector. Skip.
337
338                            Entering area of "sysdeps".
339
340                            3. If state is not valid, selector is temporary,
341                               it selects only session which triggered
342                               previous resolution. Key manager will do
343                               something to install a state with proper
344                               selector.
345                          */
346                         if (x->km.state == XFRM_STATE_VALID) {
347                                 if (!xfrm_selector_match(&x->sel, fl, family) ||
348                                     !xfrm_sec_ctx_match(pol->security, x->security))
349                                         continue;
350                                 if (!best ||
351                                     best->km.dying > x->km.dying ||
352                                     (best->km.dying == x->km.dying &&
353                                      best->curlft.add_time < x->curlft.add_time))
354                                         best = x;
355                         } else if (x->km.state == XFRM_STATE_ACQ) {
356                                 acquire_in_progress = 1;
357                         } else if (x->km.state == XFRM_STATE_ERROR ||
358                                    x->km.state == XFRM_STATE_EXPIRED) {
359                                 if (xfrm_selector_match(&x->sel, fl, family) &&
360                                     xfrm_sec_ctx_match(pol->security, x->security))
361                                         error = -ESRCH;
362                         }
363                 }
364         }
365
366         x = best;
367         if (!x && !error && !acquire_in_progress) {
368                 if (tmpl->id.spi &&
369                     (x0 = afinfo->state_lookup(daddr, tmpl->id.spi,
370                                                tmpl->id.proto)) != NULL) {
371                         xfrm_state_put(x0);
372                         error = -EEXIST;
373                         goto out;
374                 }
375                 x = xfrm_state_alloc();
376                 if (x == NULL) {
377                         error = -ENOMEM;
378                         goto out;
379                 }
380                 /* Initialize temporary selector matching only
381                  * to current session. */
382                 xfrm_init_tempsel(x, fl, tmpl, daddr, saddr, family);
383
384                 if (km_query(x, tmpl, pol) == 0) {
385                         x->km.state = XFRM_STATE_ACQ;
386                         list_add_tail(&x->bydst, xfrm_state_bydst+h);
387                         xfrm_state_hold(x);
388                         if (x->id.spi) {
389                                 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, family);
390                                 list_add(&x->byspi, xfrm_state_byspi+h);
391                                 xfrm_state_hold(x);
392                         }
393                         x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES;
394                         xfrm_state_hold(x);
395                         x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ;
396                         add_timer(&x->timer);
397                 } else {
398                         x->km.state = XFRM_STATE_DEAD;
399                         xfrm_state_put(x);
400                         x = NULL;
401                         error = -ESRCH;
402                 }
403         }
404 out:
405         if (x)
406                 xfrm_state_hold(x);
407         else
408                 *err = acquire_in_progress ? -EAGAIN : error;
409         spin_unlock_bh(&xfrm_state_lock);
410         xfrm_state_put_afinfo(afinfo);
411         return x;
412 }
413
414 static void __xfrm_state_insert(struct xfrm_state *x)
415 {
416         unsigned h = xfrm_dst_hash(&x->id.daddr, x->props.family);
417
418         list_add(&x->bydst, xfrm_state_bydst+h);
419         xfrm_state_hold(x);
420
421         h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, x->props.family);
422
423         list_add(&x->byspi, xfrm_state_byspi+h);
424         xfrm_state_hold(x);
425
426         if (!mod_timer(&x->timer, jiffies + HZ))
427                 xfrm_state_hold(x);
428
429         wake_up(&km_waitq);
430 }
431
432 void xfrm_state_insert(struct xfrm_state *x)
433 {
434         spin_lock_bh(&xfrm_state_lock);
435         __xfrm_state_insert(x);
436         spin_unlock_bh(&xfrm_state_lock);
437
438         xfrm_flush_all_bundles();
439 }
440 EXPORT_SYMBOL(xfrm_state_insert);
441
442 static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq);
443
444 int xfrm_state_add(struct xfrm_state *x)
445 {
446         struct xfrm_state_afinfo *afinfo;
447         struct xfrm_state *x1;
448         int family;
449         int err;
450
451         family = x->props.family;
452         afinfo = xfrm_state_get_afinfo(family);
453         if (unlikely(afinfo == NULL))
454                 return -EAFNOSUPPORT;
455
456         spin_lock_bh(&xfrm_state_lock);
457
458         x1 = afinfo->state_lookup(&x->id.daddr, x->id.spi, x->id.proto);
459         if (x1) {
460                 xfrm_state_put(x1);
461                 x1 = NULL;
462                 err = -EEXIST;
463                 goto out;
464         }
465
466         if (x->km.seq) {
467                 x1 = __xfrm_find_acq_byseq(x->km.seq);
468                 if (x1 && xfrm_addr_cmp(&x1->id.daddr, &x->id.daddr, family)) {
469                         xfrm_state_put(x1);
470                         x1 = NULL;
471                 }
472         }
473
474         if (!x1)
475                 x1 = afinfo->find_acq(
476                         x->props.mode, x->props.reqid, x->id.proto,
477                         &x->id.daddr, &x->props.saddr, 0);
478
479         __xfrm_state_insert(x);
480         err = 0;
481
482 out:
483         spin_unlock_bh(&xfrm_state_lock);
484         xfrm_state_put_afinfo(afinfo);
485
486         if (!err)
487                 xfrm_flush_all_bundles();
488
489         if (x1) {
490                 xfrm_state_delete(x1);
491                 xfrm_state_put(x1);
492         }
493
494         return err;
495 }
496 EXPORT_SYMBOL(xfrm_state_add);
497
498 int xfrm_state_update(struct xfrm_state *x)
499 {
500         struct xfrm_state_afinfo *afinfo;
501         struct xfrm_state *x1;
502         int err;
503
504         afinfo = xfrm_state_get_afinfo(x->props.family);
505         if (unlikely(afinfo == NULL))
506                 return -EAFNOSUPPORT;
507
508         spin_lock_bh(&xfrm_state_lock);
509         x1 = afinfo->state_lookup(&x->id.daddr, x->id.spi, x->id.proto);
510
511         err = -ESRCH;
512         if (!x1)
513                 goto out;
514
515         if (xfrm_state_kern(x1)) {
516                 xfrm_state_put(x1);
517                 err = -EEXIST;
518                 goto out;
519         }
520
521         if (x1->km.state == XFRM_STATE_ACQ) {
522                 __xfrm_state_insert(x);
523                 x = NULL;
524         }
525         err = 0;
526
527 out:
528         spin_unlock_bh(&xfrm_state_lock);
529         xfrm_state_put_afinfo(afinfo);
530
531         if (err)
532                 return err;
533
534         if (!x) {
535                 xfrm_state_delete(x1);
536                 xfrm_state_put(x1);
537                 return 0;
538         }
539
540         err = -EINVAL;
541         spin_lock_bh(&x1->lock);
542         if (likely(x1->km.state == XFRM_STATE_VALID)) {
543                 if (x->encap && x1->encap)
544                         memcpy(x1->encap, x->encap, sizeof(*x1->encap));
545                 memcpy(&x1->lft, &x->lft, sizeof(x1->lft));
546                 x1->km.dying = 0;
547
548                 if (!mod_timer(&x1->timer, jiffies + HZ))
549                         xfrm_state_hold(x1);
550                 if (x1->curlft.use_time)
551                         xfrm_state_check_expire(x1);
552
553                 err = 0;
554         }
555         spin_unlock_bh(&x1->lock);
556
557         xfrm_state_put(x1);
558
559         return err;
560 }
561 EXPORT_SYMBOL(xfrm_state_update);
562
563 int xfrm_state_check_expire(struct xfrm_state *x)
564 {
565         if (!x->curlft.use_time)
566                 x->curlft.use_time = (unsigned long)xtime.tv_sec;
567
568         if (x->km.state != XFRM_STATE_VALID)
569                 return -EINVAL;
570
571         if (x->curlft.bytes >= x->lft.hard_byte_limit ||
572             x->curlft.packets >= x->lft.hard_packet_limit) {
573                 x->km.state = XFRM_STATE_EXPIRED;
574                 if (!mod_timer(&x->timer, jiffies))
575                         xfrm_state_hold(x);
576                 return -EINVAL;
577         }
578
579         if (!x->km.dying &&
580             (x->curlft.bytes >= x->lft.soft_byte_limit ||
581              x->curlft.packets >= x->lft.soft_packet_limit)) {
582                 x->km.dying = 1;
583                 km_state_expired(x, 0);
584         }
585         return 0;
586 }
587 EXPORT_SYMBOL(xfrm_state_check_expire);
588
589 static int xfrm_state_check_space(struct xfrm_state *x, struct sk_buff *skb)
590 {
591         int nhead = x->props.header_len + LL_RESERVED_SPACE(skb->dst->dev)
592                 - skb_headroom(skb);
593
594         if (nhead > 0)
595                 return pskb_expand_head(skb, nhead, 0, GFP_ATOMIC);
596
597         /* Check tail too... */
598         return 0;
599 }
600
601 int xfrm_state_check(struct xfrm_state *x, struct sk_buff *skb)
602 {
603         int err = xfrm_state_check_expire(x);
604         if (err < 0)
605                 goto err;
606         err = xfrm_state_check_space(x, skb);
607 err:
608         return err;
609 }
610 EXPORT_SYMBOL(xfrm_state_check);
611
612 struct xfrm_state *
613 xfrm_state_lookup(xfrm_address_t *daddr, u32 spi, u8 proto,
614                   unsigned short family)
615 {
616         struct xfrm_state *x;
617         struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
618         if (!afinfo)
619                 return NULL;
620
621         spin_lock_bh(&xfrm_state_lock);
622         x = afinfo->state_lookup(daddr, spi, proto);
623         spin_unlock_bh(&xfrm_state_lock);
624         xfrm_state_put_afinfo(afinfo);
625         return x;
626 }
627 EXPORT_SYMBOL(xfrm_state_lookup);
628
629 struct xfrm_state *
630 xfrm_find_acq(u8 mode, u32 reqid, u8 proto, 
631               xfrm_address_t *daddr, xfrm_address_t *saddr, 
632               int create, unsigned short family)
633 {
634         struct xfrm_state *x;
635         struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family);
636         if (!afinfo)
637                 return NULL;
638
639         spin_lock_bh(&xfrm_state_lock);
640         x = afinfo->find_acq(mode, reqid, proto, daddr, saddr, create);
641         spin_unlock_bh(&xfrm_state_lock);
642         xfrm_state_put_afinfo(afinfo);
643         return x;
644 }
645 EXPORT_SYMBOL(xfrm_find_acq);
646
647 /* Silly enough, but I'm lazy to build resolution list */
648
649 static struct xfrm_state *__xfrm_find_acq_byseq(u32 seq)
650 {
651         int i;
652         struct xfrm_state *x;
653
654         for (i = 0; i < XFRM_DST_HSIZE; i++) {
655                 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
656                         if (x->km.seq == seq && x->km.state == XFRM_STATE_ACQ) {
657                                 xfrm_state_hold(x);
658                                 return x;
659                         }
660                 }
661         }
662         return NULL;
663 }
664
665 struct xfrm_state *xfrm_find_acq_byseq(u32 seq)
666 {
667         struct xfrm_state *x;
668
669         spin_lock_bh(&xfrm_state_lock);
670         x = __xfrm_find_acq_byseq(seq);
671         spin_unlock_bh(&xfrm_state_lock);
672         return x;
673 }
674 EXPORT_SYMBOL(xfrm_find_acq_byseq);
675
676 u32 xfrm_get_acqseq(void)
677 {
678         u32 res;
679         static u32 acqseq;
680         static DEFINE_SPINLOCK(acqseq_lock);
681
682         spin_lock_bh(&acqseq_lock);
683         res = (++acqseq ? : ++acqseq);
684         spin_unlock_bh(&acqseq_lock);
685         return res;
686 }
687 EXPORT_SYMBOL(xfrm_get_acqseq);
688
689 void
690 xfrm_alloc_spi(struct xfrm_state *x, u32 minspi, u32 maxspi)
691 {
692         u32 h;
693         struct xfrm_state *x0;
694
695         if (x->id.spi)
696                 return;
697
698         if (minspi == maxspi) {
699                 x0 = xfrm_state_lookup(&x->id.daddr, minspi, x->id.proto, x->props.family);
700                 if (x0) {
701                         xfrm_state_put(x0);
702                         return;
703                 }
704                 x->id.spi = minspi;
705         } else {
706                 u32 spi = 0;
707                 minspi = ntohl(minspi);
708                 maxspi = ntohl(maxspi);
709                 for (h=0; h<maxspi-minspi+1; h++) {
710                         spi = minspi + net_random()%(maxspi-minspi+1);
711                         x0 = xfrm_state_lookup(&x->id.daddr, htonl(spi), x->id.proto, x->props.family);
712                         if (x0 == NULL) {
713                                 x->id.spi = htonl(spi);
714                                 break;
715                         }
716                         xfrm_state_put(x0);
717                 }
718         }
719         if (x->id.spi) {
720                 spin_lock_bh(&xfrm_state_lock);
721                 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, x->props.family);
722                 list_add(&x->byspi, xfrm_state_byspi+h);
723                 xfrm_state_hold(x);
724                 spin_unlock_bh(&xfrm_state_lock);
725                 wake_up(&km_waitq);
726         }
727 }
728 EXPORT_SYMBOL(xfrm_alloc_spi);
729
730 int xfrm_state_walk(u8 proto, int (*func)(struct xfrm_state *, int, void*),
731                     void *data)
732 {
733         int i;
734         struct xfrm_state *x;
735         int count = 0;
736         int err = 0;
737
738         spin_lock_bh(&xfrm_state_lock);
739         for (i = 0; i < XFRM_DST_HSIZE; i++) {
740                 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
741                         if (proto == IPSEC_PROTO_ANY || x->id.proto == proto)
742                                 count++;
743                 }
744         }
745         if (count == 0) {
746                 err = -ENOENT;
747                 goto out;
748         }
749
750         for (i = 0; i < XFRM_DST_HSIZE; i++) {
751                 list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
752                         if (proto != IPSEC_PROTO_ANY && x->id.proto != proto)
753                                 continue;
754                         err = func(x, --count, data);
755                         if (err)
756                                 goto out;
757                 }
758         }
759 out:
760         spin_unlock_bh(&xfrm_state_lock);
761         return err;
762 }
763 EXPORT_SYMBOL(xfrm_state_walk);
764
765 int xfrm_replay_check(struct xfrm_state *x, u32 seq)
766 {
767         u32 diff;
768
769         seq = ntohl(seq);
770
771         if (unlikely(seq == 0))
772                 return -EINVAL;
773
774         if (likely(seq > x->replay.seq))
775                 return 0;
776
777         diff = x->replay.seq - seq;
778         if (diff >= x->props.replay_window) {
779                 x->stats.replay_window++;
780                 return -EINVAL;
781         }
782
783         if (x->replay.bitmap & (1U << diff)) {
784                 x->stats.replay++;
785                 return -EINVAL;
786         }
787         return 0;
788 }
789 EXPORT_SYMBOL(xfrm_replay_check);
790
791 void xfrm_replay_advance(struct xfrm_state *x, u32 seq)
792 {
793         u32 diff;
794
795         seq = ntohl(seq);
796
797         if (seq > x->replay.seq) {
798                 diff = seq - x->replay.seq;
799                 if (diff < x->props.replay_window)
800                         x->replay.bitmap = ((x->replay.bitmap) << diff) | 1;
801                 else
802                         x->replay.bitmap = 1;
803                 x->replay.seq = seq;
804         } else {
805                 diff = x->replay.seq - seq;
806                 x->replay.bitmap |= (1U << diff);
807         }
808 }
809 EXPORT_SYMBOL(xfrm_replay_advance);
810
811 static struct list_head xfrm_km_list = LIST_HEAD_INIT(xfrm_km_list);
812 static DEFINE_RWLOCK(xfrm_km_lock);
813
814 void km_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c)
815 {
816         struct xfrm_mgr *km;
817
818         read_lock(&xfrm_km_lock);
819         list_for_each_entry(km, &xfrm_km_list, list)
820                 if (km->notify_policy)
821                         km->notify_policy(xp, dir, c);
822         read_unlock(&xfrm_km_lock);
823 }
824
825 void km_state_notify(struct xfrm_state *x, struct km_event *c)
826 {
827         struct xfrm_mgr *km;
828         read_lock(&xfrm_km_lock);
829         list_for_each_entry(km, &xfrm_km_list, list)
830                 if (km->notify)
831                         km->notify(x, c);
832         read_unlock(&xfrm_km_lock);
833 }
834
835 EXPORT_SYMBOL(km_policy_notify);
836 EXPORT_SYMBOL(km_state_notify);
837
838 static void km_state_expired(struct xfrm_state *x, int hard)
839 {
840         struct km_event c;
841
842         c.data.hard = hard;
843         c.event = XFRM_MSG_EXPIRE;
844         km_state_notify(x, &c);
845
846         if (hard)
847                 wake_up(&km_waitq);
848 }
849
850 /*
851  * We send to all registered managers regardless of failure
852  * We are happy with one success
853 */
854 static int km_query(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *pol)
855 {
856         int err = -EINVAL, acqret;
857         struct xfrm_mgr *km;
858
859         read_lock(&xfrm_km_lock);
860         list_for_each_entry(km, &xfrm_km_list, list) {
861                 acqret = km->acquire(x, t, pol, XFRM_POLICY_OUT);
862                 if (!acqret)
863                         err = acqret;
864         }
865         read_unlock(&xfrm_km_lock);
866         return err;
867 }
868
869 int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 sport)
870 {
871         int err = -EINVAL;
872         struct xfrm_mgr *km;
873
874         read_lock(&xfrm_km_lock);
875         list_for_each_entry(km, &xfrm_km_list, list) {
876                 if (km->new_mapping)
877                         err = km->new_mapping(x, ipaddr, sport);
878                 if (!err)
879                         break;
880         }
881         read_unlock(&xfrm_km_lock);
882         return err;
883 }
884 EXPORT_SYMBOL(km_new_mapping);
885
886 void km_policy_expired(struct xfrm_policy *pol, int dir, int hard)
887 {
888         struct km_event c;
889
890         c.data.hard = hard;
891         c.event = XFRM_MSG_POLEXPIRE;
892         km_policy_notify(pol, dir, &c);
893
894         if (hard)
895                 wake_up(&km_waitq);
896 }
897
898 int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optval, int optlen)
899 {
900         int err;
901         u8 *data;
902         struct xfrm_mgr *km;
903         struct xfrm_policy *pol = NULL;
904
905         if (optlen <= 0 || optlen > PAGE_SIZE)
906                 return -EMSGSIZE;
907
908         data = kmalloc(optlen, GFP_KERNEL);
909         if (!data)
910                 return -ENOMEM;
911
912         err = -EFAULT;
913         if (copy_from_user(data, optval, optlen))
914                 goto out;
915
916         err = -EINVAL;
917         read_lock(&xfrm_km_lock);
918         list_for_each_entry(km, &xfrm_km_list, list) {
919                 pol = km->compile_policy(sk->sk_family, optname, data,
920                                          optlen, &err);
921                 if (err >= 0)
922                         break;
923         }
924         read_unlock(&xfrm_km_lock);
925
926         if (err >= 0) {
927                 xfrm_sk_policy_insert(sk, err, pol);
928                 xfrm_pol_put(pol);
929                 err = 0;
930         }
931
932 out:
933         kfree(data);
934         return err;
935 }
936 EXPORT_SYMBOL(xfrm_user_policy);
937
938 int xfrm_register_km(struct xfrm_mgr *km)
939 {
940         write_lock_bh(&xfrm_km_lock);
941         list_add_tail(&km->list, &xfrm_km_list);
942         write_unlock_bh(&xfrm_km_lock);
943         return 0;
944 }
945 EXPORT_SYMBOL(xfrm_register_km);
946
947 int xfrm_unregister_km(struct xfrm_mgr *km)
948 {
949         write_lock_bh(&xfrm_km_lock);
950         list_del(&km->list);
951         write_unlock_bh(&xfrm_km_lock);
952         return 0;
953 }
954 EXPORT_SYMBOL(xfrm_unregister_km);
955
956 int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo)
957 {
958         int err = 0;
959         if (unlikely(afinfo == NULL))
960                 return -EINVAL;
961         if (unlikely(afinfo->family >= NPROTO))
962                 return -EAFNOSUPPORT;
963         write_lock(&xfrm_state_afinfo_lock);
964         if (unlikely(xfrm_state_afinfo[afinfo->family] != NULL))
965                 err = -ENOBUFS;
966         else {
967                 afinfo->state_bydst = xfrm_state_bydst;
968                 afinfo->state_byspi = xfrm_state_byspi;
969                 xfrm_state_afinfo[afinfo->family] = afinfo;
970         }
971         write_unlock(&xfrm_state_afinfo_lock);
972         return err;
973 }
974 EXPORT_SYMBOL(xfrm_state_register_afinfo);
975
976 int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo *afinfo)
977 {
978         int err = 0;
979         if (unlikely(afinfo == NULL))
980                 return -EINVAL;
981         if (unlikely(afinfo->family >= NPROTO))
982                 return -EAFNOSUPPORT;
983         write_lock(&xfrm_state_afinfo_lock);
984         if (likely(xfrm_state_afinfo[afinfo->family] != NULL)) {
985                 if (unlikely(xfrm_state_afinfo[afinfo->family] != afinfo))
986                         err = -EINVAL;
987                 else {
988                         xfrm_state_afinfo[afinfo->family] = NULL;
989                         afinfo->state_byspi = NULL;
990                         afinfo->state_bydst = NULL;
991                 }
992         }
993         write_unlock(&xfrm_state_afinfo_lock);
994         return err;
995 }
996 EXPORT_SYMBOL(xfrm_state_unregister_afinfo);
997
998 static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family)
999 {
1000         struct xfrm_state_afinfo *afinfo;
1001         if (unlikely(family >= NPROTO))
1002                 return NULL;
1003         read_lock(&xfrm_state_afinfo_lock);
1004         afinfo = xfrm_state_afinfo[family];
1005         if (likely(afinfo != NULL))
1006                 read_lock(&afinfo->lock);
1007         read_unlock(&xfrm_state_afinfo_lock);
1008         return afinfo;
1009 }
1010
1011 static void xfrm_state_put_afinfo(struct xfrm_state_afinfo *afinfo)
1012 {
1013         if (unlikely(afinfo == NULL))
1014                 return;
1015         read_unlock(&afinfo->lock);
1016 }
1017
1018 /* Temporarily located here until net/xfrm/xfrm_tunnel.c is created */
1019 void xfrm_state_delete_tunnel(struct xfrm_state *x)
1020 {
1021         if (x->tunnel) {
1022                 struct xfrm_state *t = x->tunnel;
1023
1024                 if (atomic_read(&t->tunnel_users) == 2)
1025                         xfrm_state_delete(t);
1026                 atomic_dec(&t->tunnel_users);
1027                 xfrm_state_put(t);
1028                 x->tunnel = NULL;
1029         }
1030 }
1031 EXPORT_SYMBOL(xfrm_state_delete_tunnel);
1032
1033 /*
1034  * This function is NOT optimal.  For example, with ESP it will give an
1035  * MTU that's usually two bytes short of being optimal.  However, it will
1036  * usually give an answer that's a multiple of 4 provided the input is
1037  * also a multiple of 4.
1038  */
1039 int xfrm_state_mtu(struct xfrm_state *x, int mtu)
1040 {
1041         int res = mtu;
1042
1043         res -= x->props.header_len;
1044
1045         for (;;) {
1046                 int m = res;
1047
1048                 if (m < 68)
1049                         return 68;
1050
1051                 spin_lock_bh(&x->lock);
1052                 if (x->km.state == XFRM_STATE_VALID &&
1053                     x->type && x->type->get_max_size)
1054                         m = x->type->get_max_size(x, m);
1055                 else
1056                         m += x->props.header_len;
1057                 spin_unlock_bh(&x->lock);
1058
1059                 if (m <= mtu)
1060                         break;
1061                 res -= (m - mtu);
1062         }
1063
1064         return res;
1065 }
1066
1067 EXPORT_SYMBOL(xfrm_state_mtu);
1068
1069 int xfrm_init_state(struct xfrm_state *x)
1070 {
1071         struct xfrm_state_afinfo *afinfo;
1072         int family = x->props.family;
1073         int err;
1074
1075         err = -EAFNOSUPPORT;
1076         afinfo = xfrm_state_get_afinfo(family);
1077         if (!afinfo)
1078                 goto error;
1079
1080         err = 0;
1081         if (afinfo->init_flags)
1082                 err = afinfo->init_flags(x);
1083
1084         xfrm_state_put_afinfo(afinfo);
1085
1086         if (err)
1087                 goto error;
1088
1089         err = -EPROTONOSUPPORT;
1090         x->type = xfrm_get_type(x->id.proto, family);
1091         if (x->type == NULL)
1092                 goto error;
1093
1094         err = x->type->init_state(x);
1095         if (err)
1096                 goto error;
1097
1098         x->km.state = XFRM_STATE_VALID;
1099
1100 error:
1101         return err;
1102 }
1103
1104 EXPORT_SYMBOL(xfrm_init_state);
1105  
1106 void __init xfrm_state_init(void)
1107 {
1108         int i;
1109
1110         for (i=0; i<XFRM_DST_HSIZE; i++) {
1111                 INIT_LIST_HEAD(&xfrm_state_bydst[i]);
1112                 INIT_LIST_HEAD(&xfrm_state_byspi[i]);
1113         }
1114         INIT_WORK(&xfrm_state_gc_work, xfrm_state_gc_task, NULL);
1115 }
1116