~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/ipv4/esp4.c

Version: ~ [ linux-5.4-rc7 ] ~ [ linux-5.3.11 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.84 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.154 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.201 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.201 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.77 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.102 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 #define pr_fmt(fmt) "IPsec: " fmt
  2 
  3 #include <crypto/aead.h>
  4 #include <crypto/authenc.h>
  5 #include <linux/err.h>
  6 #include <linux/module.h>
  7 #include <net/ip.h>
  8 #include <net/xfrm.h>
  9 #include <net/esp.h>
 10 #include <linux/scatterlist.h>
 11 #include <linux/kernel.h>
 12 #include <linux/pfkeyv2.h>
 13 #include <linux/rtnetlink.h>
 14 #include <linux/slab.h>
 15 #include <linux/spinlock.h>
 16 #include <linux/in6.h>
 17 #include <net/icmp.h>
 18 #include <net/protocol.h>
 19 #include <net/udp.h>
 20 
 21 struct esp_skb_cb {
 22         struct xfrm_skb_cb xfrm;
 23         void *tmp;
 24 };
 25 
 26 struct esp_output_extra {
 27         __be32 seqhi;
 28         u32 esphoff;
 29 };
 30 
 31 #define ESP_SKB_CB(__skb) ((struct esp_skb_cb *)&((__skb)->cb[0]))
 32 
 33 static u32 esp4_get_mtu(struct xfrm_state *x, int mtu);
 34 
 35 /*
 36  * Allocate an AEAD request structure with extra space for SG and IV.
 37  *
 38  * For alignment considerations the IV is placed at the front, followed
 39  * by the request and finally the SG list.
 40  *
 41  * TODO: Use spare space in skb for this where possible.
 42  */
 43 static void *esp_alloc_tmp(struct crypto_aead *aead, int nfrags, int extralen)
 44 {
 45         unsigned int len;
 46 
 47         len = extralen;
 48 
 49         len += crypto_aead_ivsize(aead);
 50 
 51         if (len) {
 52                 len += crypto_aead_alignmask(aead) &
 53                        ~(crypto_tfm_ctx_alignment() - 1);
 54                 len = ALIGN(len, crypto_tfm_ctx_alignment());
 55         }
 56 
 57         len += sizeof(struct aead_request) + crypto_aead_reqsize(aead);
 58         len = ALIGN(len, __alignof__(struct scatterlist));
 59 
 60         len += sizeof(struct scatterlist) * nfrags;
 61 
 62         return kmalloc(len, GFP_ATOMIC);
 63 }
 64 
 65 static inline void *esp_tmp_extra(void *tmp)
 66 {
 67         return PTR_ALIGN(tmp, __alignof__(struct esp_output_extra));
 68 }
 69 
 70 static inline u8 *esp_tmp_iv(struct crypto_aead *aead, void *tmp, int extralen)
 71 {
 72         return crypto_aead_ivsize(aead) ?
 73                PTR_ALIGN((u8 *)tmp + extralen,
 74                          crypto_aead_alignmask(aead) + 1) : tmp + extralen;
 75 }
 76 
 77 static inline struct aead_request *esp_tmp_req(struct crypto_aead *aead, u8 *iv)
 78 {
 79         struct aead_request *req;
 80 
 81         req = (void *)PTR_ALIGN(iv + crypto_aead_ivsize(aead),
 82                                 crypto_tfm_ctx_alignment());
 83         aead_request_set_tfm(req, aead);
 84         return req;
 85 }
 86 
 87 static inline struct scatterlist *esp_req_sg(struct crypto_aead *aead,
 88                                              struct aead_request *req)
 89 {
 90         return (void *)ALIGN((unsigned long)(req + 1) +
 91                              crypto_aead_reqsize(aead),
 92                              __alignof__(struct scatterlist));
 93 }
 94 
 95 static void esp_output_done(struct crypto_async_request *base, int err)
 96 {
 97         struct sk_buff *skb = base->data;
 98 
 99         kfree(ESP_SKB_CB(skb)->tmp);
100         xfrm_output_resume(skb, err);
101 }
102 
103 /* Move ESP header back into place. */
104 static void esp_restore_header(struct sk_buff *skb, unsigned int offset)
105 {
106         struct ip_esp_hdr *esph = (void *)(skb->data + offset);
107         void *tmp = ESP_SKB_CB(skb)->tmp;
108         __be32 *seqhi = esp_tmp_extra(tmp);
109 
110         esph->seq_no = esph->spi;
111         esph->spi = *seqhi;
112 }
113 
114 static void esp_output_restore_header(struct sk_buff *skb)
115 {
116         void *tmp = ESP_SKB_CB(skb)->tmp;
117         struct esp_output_extra *extra = esp_tmp_extra(tmp);
118 
119         esp_restore_header(skb, skb_transport_offset(skb) + extra->esphoff -
120                                 sizeof(__be32));
121 }
122 
123 static void esp_output_done_esn(struct crypto_async_request *base, int err)
124 {
125         struct sk_buff *skb = base->data;
126 
127         esp_output_restore_header(skb);
128         esp_output_done(base, err);
129 }
130 
131 static int esp_output(struct xfrm_state *x, struct sk_buff *skb)
132 {
133         int err;
134         struct esp_output_extra *extra;
135         struct ip_esp_hdr *esph;
136         struct crypto_aead *aead;
137         struct aead_request *req;
138         struct scatterlist *sg;
139         struct sk_buff *trailer;
140         void *tmp;
141         u8 *iv;
142         u8 *tail;
143         int blksize;
144         int clen;
145         int alen;
146         int plen;
147         int ivlen;
148         int tfclen;
149         int nfrags;
150         int assoclen;
151         int extralen;
152         __be64 seqno;
153 
154         /* skb is pure payload to encrypt */
155 
156         aead = x->data;
157         alen = crypto_aead_authsize(aead);
158         ivlen = crypto_aead_ivsize(aead);
159 
160         tfclen = 0;
161         if (x->tfcpad) {
162                 struct xfrm_dst *dst = (struct xfrm_dst *)skb_dst(skb);
163                 u32 padto;
164 
165                 padto = min(x->tfcpad, esp4_get_mtu(x, dst->child_mtu_cached));
166                 if (skb->len < padto)
167                         tfclen = padto - skb->len;
168         }
169         blksize = ALIGN(crypto_aead_blocksize(aead), 4);
170         clen = ALIGN(skb->len + 2 + tfclen, blksize);
171         plen = clen - skb->len - tfclen;
172 
173         err = skb_cow_data(skb, tfclen + plen + alen, &trailer);
174         if (err < 0)
175                 goto error;
176         nfrags = err;
177 
178         assoclen = sizeof(*esph);
179         extralen = 0;
180 
181         if (x->props.flags & XFRM_STATE_ESN) {
182                 extralen += sizeof(*extra);
183                 assoclen += sizeof(__be32);
184         }
185 
186         tmp = esp_alloc_tmp(aead, nfrags, extralen);
187         if (!tmp) {
188                 err = -ENOMEM;
189                 goto error;
190         }
191 
192         extra = esp_tmp_extra(tmp);
193         iv = esp_tmp_iv(aead, tmp, extralen);
194         req = esp_tmp_req(aead, iv);
195         sg = esp_req_sg(aead, req);
196 
197         /* Fill padding... */
198         tail = skb_tail_pointer(trailer);
199         if (tfclen) {
200                 memset(tail, 0, tfclen);
201                 tail += tfclen;
202         }
203         do {
204                 int i;
205                 for (i = 0; i < plen - 2; i++)
206                         tail[i] = i + 1;
207         } while (0);
208         tail[plen - 2] = plen - 2;
209         tail[plen - 1] = *skb_mac_header(skb);
210         pskb_put(skb, trailer, clen - skb->len + alen);
211 
212         skb_push(skb, -skb_network_offset(skb));
213         esph = ip_esp_hdr(skb);
214         *skb_mac_header(skb) = IPPROTO_ESP;
215 
216         /* this is non-NULL only with UDP Encapsulation */
217         if (x->encap) {
218                 struct xfrm_encap_tmpl *encap = x->encap;
219                 struct udphdr *uh;
220                 __be32 *udpdata32;
221                 __be16 sport, dport;
222                 int encap_type;
223 
224                 spin_lock_bh(&x->lock);
225                 sport = encap->encap_sport;
226                 dport = encap->encap_dport;
227                 encap_type = encap->encap_type;
228                 spin_unlock_bh(&x->lock);
229 
230                 uh = (struct udphdr *)esph;
231                 uh->source = sport;
232                 uh->dest = dport;
233                 uh->len = htons(skb->len - skb_transport_offset(skb));
234                 uh->check = 0;
235 
236                 switch (encap_type) {
237                 default:
238                 case UDP_ENCAP_ESPINUDP:
239                         esph = (struct ip_esp_hdr *)(uh + 1);
240                         break;
241                 case UDP_ENCAP_ESPINUDP_NON_IKE:
242                         udpdata32 = (__be32 *)(uh + 1);
243                         udpdata32[0] = udpdata32[1] = 0;
244                         esph = (struct ip_esp_hdr *)(udpdata32 + 2);
245                         break;
246                 }
247 
248                 *skb_mac_header(skb) = IPPROTO_UDP;
249         }
250 
251         esph->seq_no = htonl(XFRM_SKB_CB(skb)->seq.output.low);
252 
253         aead_request_set_callback(req, 0, esp_output_done, skb);
254 
255         /* For ESN we move the header forward by 4 bytes to
256          * accomodate the high bits.  We will move it back after
257          * encryption.
258          */
259         if ((x->props.flags & XFRM_STATE_ESN)) {
260                 extra->esphoff = (unsigned char *)esph -
261                                  skb_transport_header(skb);
262                 esph = (struct ip_esp_hdr *)((unsigned char *)esph - 4);
263                 extra->seqhi = esph->spi;
264                 esph->seq_no = htonl(XFRM_SKB_CB(skb)->seq.output.hi);
265                 aead_request_set_callback(req, 0, esp_output_done_esn, skb);
266         }
267 
268         esph->spi = x->id.spi;
269 
270         sg_init_table(sg, nfrags);
271         skb_to_sgvec(skb, sg,
272                      (unsigned char *)esph - skb->data,
273                      assoclen + ivlen + clen + alen);
274 
275         aead_request_set_crypt(req, sg, sg, ivlen + clen, iv);
276         aead_request_set_ad(req, assoclen);
277 
278         seqno = cpu_to_be64(XFRM_SKB_CB(skb)->seq.output.low +
279                             ((u64)XFRM_SKB_CB(skb)->seq.output.hi << 32));
280 
281         memset(iv, 0, ivlen);
282         memcpy(iv + ivlen - min(ivlen, 8), (u8 *)&seqno + 8 - min(ivlen, 8),
283                min(ivlen, 8));
284 
285         ESP_SKB_CB(skb)->tmp = tmp;
286         err = crypto_aead_encrypt(req);
287 
288         switch (err) {
289         case -EINPROGRESS:
290                 goto error;
291 
292         case -EBUSY:
293                 err = NET_XMIT_DROP;
294                 break;
295 
296         case 0:
297                 if ((x->props.flags & XFRM_STATE_ESN))
298                         esp_output_restore_header(skb);
299         }
300 
301         kfree(tmp);
302 
303 error:
304         return err;
305 }
306 
307 static int esp_input_done2(struct sk_buff *skb, int err)
308 {
309         const struct iphdr *iph;
310         struct xfrm_state *x = xfrm_input_state(skb);
311         struct crypto_aead *aead = x->data;
312         int alen = crypto_aead_authsize(aead);
313         int hlen = sizeof(struct ip_esp_hdr) + crypto_aead_ivsize(aead);
314         int elen = skb->len - hlen;
315         int ihl;
316         u8 nexthdr[2];
317         int padlen;
318 
319         kfree(ESP_SKB_CB(skb)->tmp);
320 
321         if (unlikely(err))
322                 goto out;
323 
324         if (skb_copy_bits(skb, skb->len-alen-2, nexthdr, 2))
325                 BUG();
326 
327         err = -EINVAL;
328         padlen = nexthdr[0];
329         if (padlen + 2 + alen >= elen)
330                 goto out;
331 
332         /* ... check padding bits here. Silly. :-) */
333 
334         iph = ip_hdr(skb);
335         ihl = iph->ihl * 4;
336 
337         if (x->encap) {
338                 struct xfrm_encap_tmpl *encap = x->encap;
339                 struct udphdr *uh = (void *)(skb_network_header(skb) + ihl);
340 
341                 /*
342                  * 1) if the NAT-T peer's IP or port changed then
343                  *    advertize the change to the keying daemon.
344                  *    This is an inbound SA, so just compare
345                  *    SRC ports.
346                  */
347                 if (iph->saddr != x->props.saddr.a4 ||
348                     uh->source != encap->encap_sport) {
349                         xfrm_address_t ipaddr;
350 
351                         ipaddr.a4 = iph->saddr;
352                         km_new_mapping(x, &ipaddr, uh->source);
353 
354                         /* XXX: perhaps add an extra
355                          * policy check here, to see
356                          * if we should allow or
357                          * reject a packet from a
358                          * different source
359                          * address/port.
360                          */
361                 }
362 
363                 /*
364                  * 2) ignore UDP/TCP checksums in case
365                  *    of NAT-T in Transport Mode, or
366                  *    perform other post-processing fixes
367                  *    as per draft-ietf-ipsec-udp-encaps-06,
368                  *    section 3.1.2
369                  */
370                 if (x->props.mode == XFRM_MODE_TRANSPORT)
371                         skb->ip_summed = CHECKSUM_UNNECESSARY;
372         }
373 
374         pskb_trim(skb, skb->len - alen - padlen - 2);
375         __skb_pull(skb, hlen);
376         if (x->props.mode == XFRM_MODE_TUNNEL)
377                 skb_reset_transport_header(skb);
378         else
379                 skb_set_transport_header(skb, -ihl);
380 
381         err = nexthdr[1];
382 
383         /* RFC4303: Drop dummy packets without any error */
384         if (err == IPPROTO_NONE)
385                 err = -EINVAL;
386 
387 out:
388         return err;
389 }
390 
391 static void esp_input_done(struct crypto_async_request *base, int err)
392 {
393         struct sk_buff *skb = base->data;
394 
395         xfrm_input_resume(skb, esp_input_done2(skb, err));
396 }
397 
398 static void esp_input_restore_header(struct sk_buff *skb)
399 {
400         esp_restore_header(skb, 0);
401         __skb_pull(skb, 4);
402 }
403 
404 static void esp_input_done_esn(struct crypto_async_request *base, int err)
405 {
406         struct sk_buff *skb = base->data;
407 
408         esp_input_restore_header(skb);
409         esp_input_done(base, err);
410 }
411 
412 /*
413  * Note: detecting truncated vs. non-truncated authentication data is very
414  * expensive, so we only support truncated data, which is the recommended
415  * and common case.
416  */
417 static int esp_input(struct xfrm_state *x, struct sk_buff *skb)
418 {
419         struct ip_esp_hdr *esph;
420         struct crypto_aead *aead = x->data;
421         struct aead_request *req;
422         struct sk_buff *trailer;
423         int ivlen = crypto_aead_ivsize(aead);
424         int elen = skb->len - sizeof(*esph) - ivlen;
425         int nfrags;
426         int assoclen;
427         int seqhilen;
428         __be32 *seqhi;
429         void *tmp;
430         u8 *iv;
431         struct scatterlist *sg;
432         int err = -EINVAL;
433 
434         if (!pskb_may_pull(skb, sizeof(*esph) + ivlen))
435                 goto out;
436 
437         if (elen <= 0)
438                 goto out;
439 
440         err = skb_cow_data(skb, 0, &trailer);
441         if (err < 0)
442                 goto out;
443 
444         nfrags = err;
445 
446         assoclen = sizeof(*esph);
447         seqhilen = 0;
448 
449         if (x->props.flags & XFRM_STATE_ESN) {
450                 seqhilen += sizeof(__be32);
451                 assoclen += seqhilen;
452         }
453 
454         err = -ENOMEM;
455         tmp = esp_alloc_tmp(aead, nfrags, seqhilen);
456         if (!tmp)
457                 goto out;
458 
459         ESP_SKB_CB(skb)->tmp = tmp;
460         seqhi = esp_tmp_extra(tmp);
461         iv = esp_tmp_iv(aead, tmp, seqhilen);
462         req = esp_tmp_req(aead, iv);
463         sg = esp_req_sg(aead, req);
464 
465         skb->ip_summed = CHECKSUM_NONE;
466 
467         esph = (struct ip_esp_hdr *)skb->data;
468 
469         aead_request_set_callback(req, 0, esp_input_done, skb);
470 
471         /* For ESN we move the header forward by 4 bytes to
472          * accomodate the high bits.  We will move it back after
473          * decryption.
474          */
475         if ((x->props.flags & XFRM_STATE_ESN)) {
476                 esph = (void *)skb_push(skb, 4);
477                 *seqhi = esph->spi;
478                 esph->spi = esph->seq_no;
479                 esph->seq_no = XFRM_SKB_CB(skb)->seq.input.hi;
480                 aead_request_set_callback(req, 0, esp_input_done_esn, skb);
481         }
482 
483         sg_init_table(sg, nfrags);
484         skb_to_sgvec(skb, sg, 0, skb->len);
485 
486         aead_request_set_crypt(req, sg, sg, elen + ivlen, iv);
487         aead_request_set_ad(req, assoclen);
488 
489         err = crypto_aead_decrypt(req);
490         if (err == -EINPROGRESS)
491                 goto out;
492 
493         if ((x->props.flags & XFRM_STATE_ESN))
494                 esp_input_restore_header(skb);
495 
496         err = esp_input_done2(skb, err);
497 
498 out:
499         return err;
500 }
501 
502 static u32 esp4_get_mtu(struct xfrm_state *x, int mtu)
503 {
504         struct crypto_aead *aead = x->data;
505         u32 blksize = ALIGN(crypto_aead_blocksize(aead), 4);
506         unsigned int net_adj;
507 
508         switch (x->props.mode) {
509         case XFRM_MODE_TRANSPORT:
510         case XFRM_MODE_BEET:
511                 net_adj = sizeof(struct iphdr);
512                 break;
513         case XFRM_MODE_TUNNEL:
514                 net_adj = 0;
515                 break;
516         default:
517                 BUG();
518         }
519 
520         return ((mtu - x->props.header_len - crypto_aead_authsize(aead) -
521                  net_adj) & ~(blksize - 1)) + net_adj - 2;
522 }
523 
524 static int esp4_err(struct sk_buff *skb, u32 info)
525 {
526         struct net *net = dev_net(skb->dev);
527         const struct iphdr *iph = (const struct iphdr *)skb->data;
528         struct ip_esp_hdr *esph = (struct ip_esp_hdr *)(skb->data+(iph->ihl<<2));
529         struct xfrm_state *x;
530 
531         switch (icmp_hdr(skb)->type) {
532         case ICMP_DEST_UNREACH:
533                 if (icmp_hdr(skb)->code != ICMP_FRAG_NEEDED)
534                         return 0;
535         case ICMP_REDIRECT:
536                 break;
537         default:
538                 return 0;
539         }
540 
541         x = xfrm_state_lookup(net, skb->mark, (const xfrm_address_t *)&iph->daddr,
542                               esph->spi, IPPROTO_ESP, AF_INET);
543         if (!x)
544                 return 0;
545 
546         if (icmp_hdr(skb)->type == ICMP_DEST_UNREACH)
547                 ipv4_update_pmtu(skb, net, info, 0, 0, IPPROTO_ESP, 0);
548         else
549                 ipv4_redirect(skb, net, 0, 0, IPPROTO_ESP, 0);
550         xfrm_state_put(x);
551 
552         return 0;
553 }
554 
555 static void esp_destroy(struct xfrm_state *x)
556 {
557         struct crypto_aead *aead = x->data;
558 
559         if (!aead)
560                 return;
561 
562         crypto_free_aead(aead);
563 }
564 
565 static int esp_init_aead(struct xfrm_state *x)
566 {
567         char aead_name[CRYPTO_MAX_ALG_NAME];
568         struct crypto_aead *aead;
569         int err;
570 
571         err = -ENAMETOOLONG;
572         if (snprintf(aead_name, CRYPTO_MAX_ALG_NAME, "%s(%s)",
573                      x->geniv, x->aead->alg_name) >= CRYPTO_MAX_ALG_NAME)
574                 goto error;
575 
576         aead = crypto_alloc_aead(aead_name, 0, 0);
577         err = PTR_ERR(aead);
578         if (IS_ERR(aead))
579                 goto error;
580 
581         x->data = aead;
582 
583         err = crypto_aead_setkey(aead, x->aead->alg_key,
584                                  (x->aead->alg_key_len + 7) / 8);
585         if (err)
586                 goto error;
587 
588         err = crypto_aead_setauthsize(aead, x->aead->alg_icv_len / 8);
589         if (err)
590                 goto error;
591 
592 error:
593         return err;
594 }
595 
596 static int esp_init_authenc(struct xfrm_state *x)
597 {
598         struct crypto_aead *aead;
599         struct crypto_authenc_key_param *param;
600         struct rtattr *rta;
601         char *key;
602         char *p;
603         char authenc_name[CRYPTO_MAX_ALG_NAME];
604         unsigned int keylen;
605         int err;
606 
607         err = -EINVAL;
608         if (!x->ealg)
609                 goto error;
610 
611         err = -ENAMETOOLONG;
612 
613         if ((x->props.flags & XFRM_STATE_ESN)) {
614                 if (snprintf(authenc_name, CRYPTO_MAX_ALG_NAME,
615                              "%s%sauthencesn(%s,%s)%s",
616                              x->geniv ?: "", x->geniv ? "(" : "",
617                              x->aalg ? x->aalg->alg_name : "digest_null",
618                              x->ealg->alg_name,
619                              x->geniv ? ")" : "") >= CRYPTO_MAX_ALG_NAME)
620                         goto error;
621         } else {
622                 if (snprintf(authenc_name, CRYPTO_MAX_ALG_NAME,
623                              "%s%sauthenc(%s,%s)%s",
624                              x->geniv ?: "", x->geniv ? "(" : "",
625                              x->aalg ? x->aalg->alg_name : "digest_null",
626                              x->ealg->alg_name,
627                              x->geniv ? ")" : "") >= CRYPTO_MAX_ALG_NAME)
628                         goto error;
629         }
630 
631         aead = crypto_alloc_aead(authenc_name, 0, 0);
632         err = PTR_ERR(aead);
633         if (IS_ERR(aead))
634                 goto error;
635 
636         x->data = aead;
637 
638         keylen = (x->aalg ? (x->aalg->alg_key_len + 7) / 8 : 0) +
639                  (x->ealg->alg_key_len + 7) / 8 + RTA_SPACE(sizeof(*param));
640         err = -ENOMEM;
641         key = kmalloc(keylen, GFP_KERNEL);
642         if (!key)
643                 goto error;
644 
645         p = key;
646         rta = (void *)p;
647         rta->rta_type = CRYPTO_AUTHENC_KEYA_PARAM;
648         rta->rta_len = RTA_LENGTH(sizeof(*param));
649         param = RTA_DATA(rta);
650         p += RTA_SPACE(sizeof(*param));
651 
652         if (x->aalg) {
653                 struct xfrm_algo_desc *aalg_desc;
654 
655                 memcpy(p, x->aalg->alg_key, (x->aalg->alg_key_len + 7) / 8);
656                 p += (x->aalg->alg_key_len + 7) / 8;
657 
658                 aalg_desc = xfrm_aalg_get_byname(x->aalg->alg_name, 0);
659                 BUG_ON(!aalg_desc);
660 
661                 err = -EINVAL;
662                 if (aalg_desc->uinfo.auth.icv_fullbits / 8 !=
663                     crypto_aead_authsize(aead)) {
664                         pr_info("ESP: %s digestsize %u != %hu\n",
665                                 x->aalg->alg_name,
666                                 crypto_aead_authsize(aead),
667                                 aalg_desc->uinfo.auth.icv_fullbits / 8);
668                         goto free_key;
669                 }
670 
671                 err = crypto_aead_setauthsize(
672                         aead, x->aalg->alg_trunc_len / 8);
673                 if (err)
674                         goto free_key;
675         }
676 
677         param->enckeylen = cpu_to_be32((x->ealg->alg_key_len + 7) / 8);
678         memcpy(p, x->ealg->alg_key, (x->ealg->alg_key_len + 7) / 8);
679 
680         err = crypto_aead_setkey(aead, key, keylen);
681 
682 free_key:
683         kfree(key);
684 
685 error:
686         return err;
687 }
688 
689 static int esp_init_state(struct xfrm_state *x)
690 {
691         struct crypto_aead *aead;
692         u32 align;
693         int err;
694 
695         x->data = NULL;
696 
697         if (x->aead)
698                 err = esp_init_aead(x);
699         else
700                 err = esp_init_authenc(x);
701 
702         if (err)
703                 goto error;
704 
705         aead = x->data;
706 
707         x->props.header_len = sizeof(struct ip_esp_hdr) +
708                               crypto_aead_ivsize(aead);
709         if (x->props.mode == XFRM_MODE_TUNNEL)
710                 x->props.header_len += sizeof(struct iphdr);
711         else if (x->props.mode == XFRM_MODE_BEET && x->sel.family != AF_INET6)
712                 x->props.header_len += IPV4_BEET_PHMAXLEN;
713         if (x->encap) {
714                 struct xfrm_encap_tmpl *encap = x->encap;
715 
716                 switch (encap->encap_type) {
717                 default:
718                         goto error;
719                 case UDP_ENCAP_ESPINUDP:
720                         x->props.header_len += sizeof(struct udphdr);
721                         break;
722                 case UDP_ENCAP_ESPINUDP_NON_IKE:
723                         x->props.header_len += sizeof(struct udphdr) + 2 * sizeof(u32);
724                         break;
725                 }
726         }
727 
728         align = ALIGN(crypto_aead_blocksize(aead), 4);
729         x->props.trailer_len = align + 1 + crypto_aead_authsize(aead);
730 
731 error:
732         return err;
733 }
734 
735 static int esp4_rcv_cb(struct sk_buff *skb, int err)
736 {
737         return 0;
738 }
739 
740 static const struct xfrm_type esp_type =
741 {
742         .description    = "ESP4",
743         .owner          = THIS_MODULE,
744         .proto          = IPPROTO_ESP,
745         .flags          = XFRM_TYPE_REPLAY_PROT,
746         .init_state     = esp_init_state,
747         .destructor     = esp_destroy,
748         .get_mtu        = esp4_get_mtu,
749         .input          = esp_input,
750         .output         = esp_output
751 };
752 
753 static struct xfrm4_protocol esp4_protocol = {
754         .handler        =       xfrm4_rcv,
755         .input_handler  =       xfrm_input,
756         .cb_handler     =       esp4_rcv_cb,
757         .err_handler    =       esp4_err,
758         .priority       =       0,
759 };
760 
761 static int __init esp4_init(void)
762 {
763         if (xfrm_register_type(&esp_type, AF_INET) < 0) {
764                 pr_info("%s: can't add xfrm type\n", __func__);
765                 return -EAGAIN;
766         }
767         if (xfrm4_protocol_register(&esp4_protocol, IPPROTO_ESP) < 0) {
768                 pr_info("%s: can't add protocol\n", __func__);
769                 xfrm_unregister_type(&esp_type, AF_INET);
770                 return -EAGAIN;
771         }
772         return 0;
773 }
774 
775 static void __exit esp4_fini(void)
776 {
777         if (xfrm4_protocol_deregister(&esp4_protocol, IPPROTO_ESP) < 0)
778                 pr_info("%s: can't remove protocol\n", __func__);
779         if (xfrm_unregister_type(&esp_type, AF_INET) < 0)
780                 pr_info("%s: can't remove xfrm type\n", __func__);
781 }
782 
783 module_init(esp4_init);
784 module_exit(esp4_fini);
785 MODULE_LICENSE("GPL");
786 MODULE_ALIAS_XFRM_TYPE(AF_INET, XFRM_PROTO_ESP);
787 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp