Eric Lee / smarc-fsl-linux-kernel

Blame view

net/xfrm/xfrm_output.c 4.27 KB

406ef77c8 Herbert Xu [IPSEC]: Move com...	1 2 3 4 5 6 7 8 9 10 11 12 13 14	/* * xfrm_output.c - Common IPsec encapsulation code. * * Copyright (c) 2007 Herbert Xu <herbert@gondor.apana.org.au> * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. */ #include <linux/errno.h> #include <linux/module.h> #include <linux/netdevice.h>
862b82c6f Herbert Xu [IPSEC]: Merge mo...	15	#include <linux/netfilter.h>
406ef77c8 Herbert Xu [IPSEC]: Move com...	16 17	#include <linux/skbuff.h> #include <linux/spinlock.h>
406ef77c8 Herbert Xu [IPSEC]: Move com...	18 19	#include <net/dst.h> #include <net/xfrm.h>
c6581a457 Herbert Xu [IPSEC]: Add asyn...	20	static int xfrm_output2(struct sk_buff *skb);
83815dea4 Herbert Xu [IPSEC]: Move xfr...	21 22	static int xfrm_state_check_space(struct xfrm_state x, struct sk_buff skb) {
550ade843 Herbert Xu [IPSEC]: Use dst-...	23 24	struct dst_entry *dst = skb->dst; int nhead = dst->header_len + LL_RESERVED_SPACE(dst->dev)
83815dea4 Herbert Xu [IPSEC]: Move xfr...	25	- skb_headroom(skb);
f5184d267 Johannes Berg net: Allow netdev...	26	int ntail = dst->dev->needed_tailroom - skb_tailroom(skb);
83815dea4 Herbert Xu [IPSEC]: Move xfr...	27
f5184d267 Johannes Berg net: Allow netdev...	28 29	if (nhead > 0 \|\| ntail > 0) return pskb_expand_head(skb, nhead, ntail, GFP_ATOMIC);
83815dea4 Herbert Xu [IPSEC]: Move xfr...	30
83815dea4 Herbert Xu [IPSEC]: Move xfr...	31 32	return 0; }
c6581a457 Herbert Xu [IPSEC]: Add asyn...	33	static int xfrm_output_one(struct sk_buff *skb, int err)
406ef77c8 Herbert Xu [IPSEC]: Move com...	34 35 36	{ struct dst_entry dst = skb->dst; struct xfrm_state x = dst->xfrm;
406ef77c8 Herbert Xu [IPSEC]: Move com...	37
c6581a457 Herbert Xu [IPSEC]: Add asyn...	38 39	if (err <= 0) goto resume;
406ef77c8 Herbert Xu [IPSEC]: Move com...	40 41	do {
910ef70aa Herbert Xu [IPSEC]: Do xfrm_...	42	err = xfrm_state_check_space(x, skb);
b15c4bcd1 Masahide NAKAMURA [XFRM]: Fix outbo...	43 44	if (err) { XFRM_INC_STATS(LINUX_MIB_XFRMOUTERROR);
910ef70aa Herbert Xu [IPSEC]: Do xfrm_...	45	goto error_nolock;
b15c4bcd1 Masahide NAKAMURA [XFRM]: Fix outbo...	46	}
910ef70aa Herbert Xu [IPSEC]: Do xfrm_...	47
a2deb6d26 Herbert Xu [IPSEC]: Move x->...	48	err = x->outer_mode->output(x, skb);
b15c4bcd1 Masahide NAKAMURA [XFRM]: Fix outbo...	49 50	if (err) { XFRM_INC_STATS(LINUX_MIB_XFRMOUTSTATEMODEERROR);
910ef70aa Herbert Xu [IPSEC]: Do xfrm_...	51	goto error_nolock;
b15c4bcd1 Masahide NAKAMURA [XFRM]: Fix outbo...	52	}
a2deb6d26 Herbert Xu [IPSEC]: Move x->...	53
406ef77c8 Herbert Xu [IPSEC]: Move com...	54	spin_lock_bh(&x->lock);
910ef70aa Herbert Xu [IPSEC]: Do xfrm_...	55	err = xfrm_state_check_expire(x);
b15c4bcd1 Masahide NAKAMURA [XFRM]: Fix outbo...	56 57	if (err) { XFRM_INC_STATS(LINUX_MIB_XFRMOUTSTATEEXPIRED);
406ef77c8 Herbert Xu [IPSEC]: Move com...	58	goto error;
b15c4bcd1 Masahide NAKAMURA [XFRM]: Fix outbo...	59	}
406ef77c8 Herbert Xu [IPSEC]: Move com...	60
436a0a402 Herbert Xu [IPSEC]: Move out...	61	if (x->type->flags & XFRM_TYPE_REPLAY_PROT) {
b318e0e4e Herbert Xu [IPSEC]: Fix bogu...	62	XFRM_SKB_CB(skb)->seq.output = ++x->replay.oseq;
e1af9f270 Paul Moore [XFRM]: Drop pack...	63	if (unlikely(x->replay.oseq == 0)) {
9472c9ef6 Masahide NAKAMURA [XFRM]: Fix stati...	64	XFRM_INC_STATS(LINUX_MIB_XFRMOUTSTATESEQERROR);
e1af9f270 Paul Moore [XFRM]: Drop pack...	65	x->replay.oseq--;
afeb14b49 Paul Moore [XFRM]: RFC4303 c...	66	xfrm_audit_state_replay_overflow(x, skb);
dbb1db8b5 Herbert Xu [IPSEC]: Return E...	67	err = -EOVERFLOW;
e1af9f270 Paul Moore [XFRM]: Drop pack...	68 69	goto error; }
cdf7e668d Herbert Xu [IPSEC]: Unexport...	70 71	if (xfrm_aevent_is_on()) xfrm_replay_notify(x, XFRM_REPLAY_UPDATE);
436a0a402 Herbert Xu [IPSEC]: Move out...	72	}
406ef77c8 Herbert Xu [IPSEC]: Move com...	73 74	x->curlft.bytes += skb->len; x->curlft.packets++;
406ef77c8 Herbert Xu [IPSEC]: Move com...	75	spin_unlock_bh(&x->lock);
b7c6538cd Herbert Xu [IPSEC]: Move sta...	76	err = x->type->output(x, skb);
fcb8c156c Herbert Xu [IPSEC]: Fix doub...	77 78	if (err == -EINPROGRESS) goto out_exit;
c6581a457 Herbert Xu [IPSEC]: Add asyn...	79 80	resume:
0aa647746 Masahide NAKAMURA [XFRM]: Support t...	81 82	if (err) { XFRM_INC_STATS(LINUX_MIB_XFRMOUTSTATEPROTOERROR);
b7c6538cd Herbert Xu [IPSEC]: Move sta...	83	goto error_nolock;
0aa647746 Masahide NAKAMURA [XFRM]: Support t...	84	}
b7c6538cd Herbert Xu [IPSEC]: Move sta...	85
406ef77c8 Herbert Xu [IPSEC]: Move com...	86	if (!(skb->dst = dst_pop(dst))) {
0aa647746 Masahide NAKAMURA [XFRM]: Support t...	87	XFRM_INC_STATS(LINUX_MIB_XFRMOUTERROR);
406ef77c8 Herbert Xu [IPSEC]: Move com...	88 89 90 91 92	err = -EHOSTUNREACH; goto error_nolock; } dst = skb->dst; x = dst->xfrm;
13996378e Herbert Xu [IPSEC]: Rename m...	93	} while (x && !(x->outer_mode->flags & XFRM_MODE_FLAG_TUNNEL));
406ef77c8 Herbert Xu [IPSEC]: Move com...	94 95	err = 0;
862b82c6f Herbert Xu [IPSEC]: Merge mo...	96	out_exit:
406ef77c8 Herbert Xu [IPSEC]: Move com...	97 98 99	return err; error: spin_unlock_bh(&x->lock);
862b82c6f Herbert Xu [IPSEC]: Merge mo...	100 101 102 103	error_nolock: kfree_skb(skb); goto out_exit; }
c6581a457 Herbert Xu [IPSEC]: Add asyn...	104	int xfrm_output_resume(struct sk_buff *skb, int err)
862b82c6f Herbert Xu [IPSEC]: Merge mo...	105	{
c6581a457 Herbert Xu [IPSEC]: Add asyn...	106	while (likely((err = xfrm_output_one(skb, err)) == 0)) {
862b82c6f Herbert Xu [IPSEC]: Merge mo...	107 108 109 110	nf_reset(skb); err = skb->dst->ops->local_out(skb); if (unlikely(err != 1))
c6581a457 Herbert Xu [IPSEC]: Add asyn...	111	goto out;
862b82c6f Herbert Xu [IPSEC]: Merge mo...	112
c1e24df27 Jean-Christophe DUBOIS xfrm: remove unne...	113	if (!skb->dst->xfrm)
862b82c6f Herbert Xu [IPSEC]: Merge mo...	114	return dst_output(skb);
df9dcb458 Kazunori MIYAZAWA [IPSEC]: Fix inte...	115	err = nf_hook(skb->dst->ops->family,
294b4baf2 David S. Miller [IPSEC]: Kill afi...	116	NF_INET_POST_ROUTING, skb,
862b82c6f Herbert Xu [IPSEC]: Merge mo...	117 118	NULL, skb->dst->dev, xfrm_output2); if (unlikely(err != 1))
c6581a457 Herbert Xu [IPSEC]: Add asyn...	119	goto out;
862b82c6f Herbert Xu [IPSEC]: Merge mo...	120	}
c6581a457 Herbert Xu [IPSEC]: Add asyn...	121 122 123 124	if (err == -EINPROGRESS) err = 0; out:
862b82c6f Herbert Xu [IPSEC]: Merge mo...	125 126	return err; }
c6581a457 Herbert Xu [IPSEC]: Add asyn...	127	EXPORT_SYMBOL_GPL(xfrm_output_resume);
862b82c6f Herbert Xu [IPSEC]: Merge mo...	128
c6581a457 Herbert Xu [IPSEC]: Add asyn...	129	static int xfrm_output2(struct sk_buff *skb)
862b82c6f Herbert Xu [IPSEC]: Merge mo...	130	{
c6581a457 Herbert Xu [IPSEC]: Add asyn...	131 132	return xfrm_output_resume(skb, 1); }
862b82c6f Herbert Xu [IPSEC]: Merge mo...	133
c6581a457 Herbert Xu [IPSEC]: Add asyn...	134 135 136	static int xfrm_output_gso(struct sk_buff skb) { struct sk_buff segs;
862b82c6f Herbert Xu [IPSEC]: Merge mo...	137 138 139	segs = skb_gso_segment(skb, 0); kfree_skb(skb);
801678c5a Hirofumi Nakagawa Remove duplicated...	140	if (IS_ERR(segs))
862b82c6f Herbert Xu [IPSEC]: Merge mo...	141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162	return PTR_ERR(segs); do { struct sk_buff *nskb = segs->next; int err; segs->next = NULL; err = xfrm_output2(segs); if (unlikely(err)) { while ((segs = nskb)) { nskb = segs->next; segs->next = NULL; kfree_skb(segs); } return err; } segs = nskb; } while (segs); return 0;
406ef77c8 Herbert Xu [IPSEC]: Move com...	163	}
c6581a457 Herbert Xu [IPSEC]: Add asyn...	164 165 166 167 168 169 170 171 172 173 174	int xfrm_output(struct sk_buff *skb) { int err; if (skb_is_gso(skb)) return xfrm_output_gso(skb); if (skb->ip_summed == CHECKSUM_PARTIAL) { err = skb_checksum_help(skb); if (err) {
0aa647746 Masahide NAKAMURA [XFRM]: Support t...	175	XFRM_INC_STATS(LINUX_MIB_XFRMOUTERROR);
c6581a457 Herbert Xu [IPSEC]: Add asyn...	176 177 178 179 180 181 182	kfree_skb(skb); return err; } } return xfrm_output2(skb); }
df9dcb458 Kazunori MIYAZAWA [IPSEC]: Fix inte...	183 184 185 186 187 188 189 190 191 192 193 194 195 196	int xfrm_inner_extract_output(struct xfrm_state x, struct sk_buff skb) { struct xfrm_mode *inner_mode; if (x->sel.family == AF_UNSPEC) inner_mode = xfrm_ip2inner_mode(x, xfrm_af2proto(skb->dst->ops->family)); else inner_mode = x->inner_mode; if (inner_mode == NULL) return -EAFNOSUPPORT; return inner_mode->afinfo->extract_output(x, skb); }
406ef77c8 Herbert Xu [IPSEC]: Move com...	197	EXPORT_SYMBOL_GPL(xfrm_output);
df9dcb458 Kazunori MIYAZAWA [IPSEC]: Fix inte...	198	EXPORT_SYMBOL_GPL(xfrm_inner_extract_output);