~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/ipv6/xfrm6_input.c

Version: ~ [ linux-5.4-rc3 ] ~ [ linux-5.3.6 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.79 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.149 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.196 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.196 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.75 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.102 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2  * xfrm6_input.c: based on net/ipv4/xfrm4_input.c
  3  *
  4  * Authors:
  5  *      Mitsuru KANDA @USAGI
  6  *      Kazunori MIYAZAWA @USAGI
  7  *      Kunihiro Ishiguro <kunihiro@ipinfusion.com>
  8  *      YOSHIFUJI Hideaki @USAGI
  9  *              IPv6 support
 10  */
 11 
 12 #include <linux/module.h>
 13 #include <linux/string.h>
 14 #include <linux/netfilter.h>
 15 #include <linux/netfilter_ipv6.h>
 16 #include <net/ipv6.h>
 17 #include <net/xfrm.h>
 18 
 19 int xfrm6_extract_input(struct xfrm_state *x, struct sk_buff *skb)
 20 {
 21         return xfrm6_extract_header(skb);
 22 }
 23 
 24 int xfrm6_rcv_spi(struct sk_buff *skb, int nexthdr, __be32 spi,
 25                   struct ip6_tnl *t)
 26 {
 27         XFRM_TUNNEL_SKB_CB(skb)->tunnel.ip6 = t;
 28         XFRM_SPI_SKB_CB(skb)->family = AF_INET6;
 29         XFRM_SPI_SKB_CB(skb)->daddroff = offsetof(struct ipv6hdr, daddr);
 30         return xfrm_input(skb, nexthdr, spi, 0);
 31 }
 32 EXPORT_SYMBOL(xfrm6_rcv_spi);
 33 
 34 int xfrm6_transport_finish(struct sk_buff *skb, int async)
 35 {
 36         struct xfrm_offload *xo = xfrm_offload(skb);
 37 
 38         skb_network_header(skb)[IP6CB(skb)->nhoff] =
 39                 XFRM_MODE_SKB_CB(skb)->protocol;
 40 
 41 #ifndef CONFIG_NETFILTER
 42         if (!async)
 43                 return 1;
 44 #endif
 45 
 46         __skb_push(skb, skb->data - skb_network_header(skb));
 47         ipv6_hdr(skb)->payload_len = htons(skb->len - sizeof(struct ipv6hdr));
 48 
 49         if (xo && (xo->flags & XFRM_GRO)) {
 50                 skb_mac_header_rebuild(skb);
 51                 return -1;
 52         }
 53 
 54         NF_HOOK(NFPROTO_IPV6, NF_INET_PRE_ROUTING,
 55                 dev_net(skb->dev), NULL, skb, skb->dev, NULL,
 56                 ip6_rcv_finish);
 57         return -1;
 58 }
 59 
 60 int xfrm6_rcv_tnl(struct sk_buff *skb, struct ip6_tnl *t)
 61 {
 62         return xfrm6_rcv_spi(skb, skb_network_header(skb)[IP6CB(skb)->nhoff],
 63                              0, t);
 64 }
 65 EXPORT_SYMBOL(xfrm6_rcv_tnl);
 66 
 67 int xfrm6_rcv(struct sk_buff *skb)
 68 {
 69         return xfrm6_rcv_tnl(skb, NULL);
 70 }
 71 EXPORT_SYMBOL(xfrm6_rcv);
 72 int xfrm6_input_addr(struct sk_buff *skb, xfrm_address_t *daddr,
 73                      xfrm_address_t *saddr, u8 proto)
 74 {
 75         struct net *net = dev_net(skb->dev);
 76         struct xfrm_state *x = NULL;
 77         int i = 0;
 78 
 79         if (secpath_set(skb)) {
 80                 XFRM_INC_STATS(net, LINUX_MIB_XFRMINERROR);
 81                 goto drop;
 82         }
 83 
 84         if (1 + skb->sp->len == XFRM_MAX_DEPTH) {
 85                 XFRM_INC_STATS(net, LINUX_MIB_XFRMINBUFFERERROR);
 86                 goto drop;
 87         }
 88 
 89         for (i = 0; i < 3; i++) {
 90                 xfrm_address_t *dst, *src;
 91 
 92                 switch (i) {
 93                 case 0:
 94                         dst = daddr;
 95                         src = saddr;
 96                         break;
 97                 case 1:
 98                         /* lookup state with wild-card source address */
 99                         dst = daddr;
100                         src = (xfrm_address_t *)&in6addr_any;
101                         break;
102                 default:
103                         /* lookup state with wild-card addresses */
104                         dst = (xfrm_address_t *)&in6addr_any;
105                         src = (xfrm_address_t *)&in6addr_any;
106                         break;
107                 }
108 
109                 x = xfrm_state_lookup_byaddr(net, skb->mark, dst, src, proto, AF_INET6);
110                 if (!x)
111                         continue;
112 
113                 spin_lock(&x->lock);
114 
115                 if ((!i || (x->props.flags & XFRM_STATE_WILDRECV)) &&
116                     likely(x->km.state == XFRM_STATE_VALID) &&
117                     !xfrm_state_check_expire(x)) {
118                         spin_unlock(&x->lock);
119                         if (x->type->input(x, skb) > 0) {
120                                 /* found a valid state */
121                                 break;
122                         }
123                 } else
124                         spin_unlock(&x->lock);
125 
126                 xfrm_state_put(x);
127                 x = NULL;
128         }
129 
130         if (!x) {
131                 XFRM_INC_STATS(net, LINUX_MIB_XFRMINNOSTATES);
132                 xfrm_audit_state_notfound_simple(skb, AF_INET6);
133                 goto drop;
134         }
135 
136         skb->sp->xvec[skb->sp->len++] = x;
137 
138         spin_lock(&x->lock);
139 
140         x->curlft.bytes += skb->len;
141         x->curlft.packets++;
142 
143         spin_unlock(&x->lock);
144 
145         return 1;
146 
147 drop:
148         return -1;
149 }
150 EXPORT_SYMBOL(xfrm6_input_addr);
151 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp