Lines Matching refs:x
446 static void copy_from_user_state(struct xfrm_state *x, struct xfrm_usersa_info *p) in copy_from_user_state() argument
448 memcpy(&x->id, &p->id, sizeof(x->id)); in copy_from_user_state()
449 memcpy(&x->sel, &p->sel, sizeof(x->sel)); in copy_from_user_state()
450 memcpy(&x->lft, &p->lft, sizeof(x->lft)); in copy_from_user_state()
451 x->props.mode = p->mode; in copy_from_user_state()
452 x->props.replay_window = min_t(unsigned int, p->replay_window, in copy_from_user_state()
453 sizeof(x->replay.bitmap) * 8); in copy_from_user_state()
454 x->props.reqid = p->reqid; in copy_from_user_state()
455 x->props.family = p->family; in copy_from_user_state()
456 memcpy(&x->props.saddr, &p->saddr, sizeof(x->props.saddr)); in copy_from_user_state()
457 x->props.flags = p->flags; in copy_from_user_state()
459 if (!x->sel.family && !(p->flags & XFRM_STATE_AF_UNSPEC)) in copy_from_user_state()
460 x->sel.family = p->family; in copy_from_user_state()
468 static void xfrm_update_ae_params(struct xfrm_state *x, struct nlattr **attrs, in xfrm_update_ae_params() argument
480 memcpy(x->replay_esn, replay_esn, in xfrm_update_ae_params()
482 memcpy(x->preplay_esn, replay_esn, in xfrm_update_ae_params()
489 memcpy(&x->replay, replay, sizeof(*replay)); in xfrm_update_ae_params()
490 memcpy(&x->preplay, replay, sizeof(*replay)); in xfrm_update_ae_params()
496 x->curlft.bytes = ltime->bytes; in xfrm_update_ae_params()
497 x->curlft.packets = ltime->packets; in xfrm_update_ae_params()
498 x->curlft.add_time = ltime->add_time; in xfrm_update_ae_params()
499 x->curlft.use_time = ltime->use_time; in xfrm_update_ae_params()
503 x->replay_maxage = nla_get_u32(et); in xfrm_update_ae_params()
506 x->replay_maxdiff = nla_get_u32(rt); in xfrm_update_ae_params()
514 struct xfrm_state *x = xfrm_state_alloc(net); in xfrm_state_construct() local
517 if (!x) in xfrm_state_construct()
520 copy_from_user_state(x, p); in xfrm_state_construct()
523 x->props.extra_flags = nla_get_u32(attrs[XFRMA_SA_EXTRA_FLAGS]); in xfrm_state_construct()
525 if ((err = attach_aead(&x->aead, &x->props.ealgo, in xfrm_state_construct()
528 if ((err = attach_auth_trunc(&x->aalg, &x->props.aalgo, in xfrm_state_construct()
531 if (!x->props.aalgo) { in xfrm_state_construct()
532 if ((err = attach_auth(&x->aalg, &x->props.aalgo, in xfrm_state_construct()
536 if ((err = attach_one_algo(&x->ealg, &x->props.ealgo, in xfrm_state_construct()
540 if ((err = attach_one_algo(&x->calg, &x->props.calgo, in xfrm_state_construct()
546 x->encap = kmemdup(nla_data(attrs[XFRMA_ENCAP]), in xfrm_state_construct()
547 sizeof(*x->encap), GFP_KERNEL); in xfrm_state_construct()
548 if (x->encap == NULL) in xfrm_state_construct()
553 x->tfcpad = nla_get_u32(attrs[XFRMA_TFCPAD]); in xfrm_state_construct()
556 x->coaddr = kmemdup(nla_data(attrs[XFRMA_COADDR]), in xfrm_state_construct()
557 sizeof(*x->coaddr), GFP_KERNEL); in xfrm_state_construct()
558 if (x->coaddr == NULL) in xfrm_state_construct()
562 xfrm_mark_get(attrs, &x->mark); in xfrm_state_construct()
565 x->props.output_mark = nla_get_u32(attrs[XFRMA_OUTPUT_MARK]); in xfrm_state_construct()
567 err = __xfrm_init_state(x, false); in xfrm_state_construct()
572 security_xfrm_state_alloc(x, nla_data(attrs[XFRMA_SEC_CTX]))) in xfrm_state_construct()
575 if ((err = xfrm_alloc_replay_state_esn(&x->replay_esn, &x->preplay_esn, in xfrm_state_construct()
579 x->km.seq = p->seq; in xfrm_state_construct()
580 x->replay_maxdiff = net->xfrm.sysctl_aevent_rseqth; in xfrm_state_construct()
582 x->replay_maxage = (net->xfrm.sysctl_aevent_etime*HZ)/XFRM_AE_ETH_M; in xfrm_state_construct()
584 if ((err = xfrm_init_replay(x))) in xfrm_state_construct()
588 xfrm_update_ae_params(x, attrs, 0); in xfrm_state_construct()
590 return x; in xfrm_state_construct()
593 x->km.state = XFRM_STATE_DEAD; in xfrm_state_construct()
594 xfrm_state_put(x); in xfrm_state_construct()
605 struct xfrm_state *x; in xfrm_add_sa() local
613 x = xfrm_state_construct(net, p, attrs, &err); in xfrm_add_sa()
614 if (!x) in xfrm_add_sa()
617 xfrm_state_hold(x); in xfrm_add_sa()
619 err = xfrm_state_add(x); in xfrm_add_sa()
621 err = xfrm_state_update(x); in xfrm_add_sa()
623 xfrm_audit_state_add(x, err ? 0 : 1, true); in xfrm_add_sa()
626 x->km.state = XFRM_STATE_DEAD; in xfrm_add_sa()
627 __xfrm_state_put(x); in xfrm_add_sa()
635 km_state_notify(x, &c); in xfrm_add_sa()
637 xfrm_state_put(x); in xfrm_add_sa()
646 struct xfrm_state *x = NULL; in xfrm_user_state_lookup() local
653 x = xfrm_state_lookup(net, mark, &p->daddr, p->spi, p->proto, p->family); in xfrm_user_state_lookup()
664 x = xfrm_state_lookup_byaddr(net, mark, in xfrm_user_state_lookup()
670 if (!x && errp) in xfrm_user_state_lookup()
672 return x; in xfrm_user_state_lookup()
679 struct xfrm_state *x; in xfrm_del_sa() local
684 x = xfrm_user_state_lookup(net, p, attrs, &err); in xfrm_del_sa()
685 if (x == NULL) in xfrm_del_sa()
688 if ((err = security_xfrm_state_delete(x)) != 0) in xfrm_del_sa()
691 if (xfrm_state_kern(x)) { in xfrm_del_sa()
696 err = xfrm_state_delete(x); in xfrm_del_sa()
704 km_state_notify(x, &c); in xfrm_del_sa()
707 xfrm_audit_state_delete(x, err ? 0 : 1, true); in xfrm_del_sa()
708 xfrm_state_put(x); in xfrm_del_sa()
712 static void copy_to_user_state(struct xfrm_state *x, struct xfrm_usersa_info *p) in copy_to_user_state() argument
715 memcpy(&p->id, &x->id, sizeof(p->id)); in copy_to_user_state()
716 memcpy(&p->sel, &x->sel, sizeof(p->sel)); in copy_to_user_state()
717 memcpy(&p->lft, &x->lft, sizeof(p->lft)); in copy_to_user_state()
718 memcpy(&p->curlft, &x->curlft, sizeof(p->curlft)); in copy_to_user_state()
719 memcpy(&p->stats, &x->stats, sizeof(p->stats)); in copy_to_user_state()
720 memcpy(&p->saddr, &x->props.saddr, sizeof(p->saddr)); in copy_to_user_state()
721 p->mode = x->props.mode; in copy_to_user_state()
722 p->replay_window = x->props.replay_window; in copy_to_user_state()
723 p->reqid = x->props.reqid; in copy_to_user_state()
724 p->family = x->props.family; in copy_to_user_state()
725 p->flags = x->props.flags; in copy_to_user_state()
726 p->seq = x->km.seq; in copy_to_user_state()
776 static int copy_to_user_state_extra(struct xfrm_state *x, in copy_to_user_state_extra() argument
782 copy_to_user_state(x, p); in copy_to_user_state_extra()
784 if (x->props.extra_flags) { in copy_to_user_state_extra()
786 x->props.extra_flags); in copy_to_user_state_extra()
791 if (x->coaddr) { in copy_to_user_state_extra()
792 ret = nla_put(skb, XFRMA_COADDR, sizeof(*x->coaddr), x->coaddr); in copy_to_user_state_extra()
796 if (x->lastused) { in copy_to_user_state_extra()
797 ret = nla_put_u64(skb, XFRMA_LASTUSED, x->lastused); in copy_to_user_state_extra()
801 if (x->aead) { in copy_to_user_state_extra()
802 ret = nla_put(skb, XFRMA_ALG_AEAD, aead_len(x->aead), x->aead); in copy_to_user_state_extra()
806 if (x->aalg) { in copy_to_user_state_extra()
807 ret = copy_to_user_auth(x->aalg, skb); in copy_to_user_state_extra()
810 xfrm_alg_auth_len(x->aalg), x->aalg); in copy_to_user_state_extra()
814 if (x->ealg) { in copy_to_user_state_extra()
815 ret = nla_put(skb, XFRMA_ALG_CRYPT, xfrm_alg_len(x->ealg), x->ealg); in copy_to_user_state_extra()
819 if (x->calg) { in copy_to_user_state_extra()
820 ret = nla_put(skb, XFRMA_ALG_COMP, sizeof(*(x->calg)), x->calg); in copy_to_user_state_extra()
824 if (x->encap) { in copy_to_user_state_extra()
825 ret = nla_put(skb, XFRMA_ENCAP, sizeof(*x->encap), x->encap); in copy_to_user_state_extra()
829 if (x->tfcpad) { in copy_to_user_state_extra()
830 ret = nla_put_u32(skb, XFRMA_TFCPAD, x->tfcpad); in copy_to_user_state_extra()
834 ret = xfrm_mark_put(skb, &x->mark); in copy_to_user_state_extra()
837 if (x->replay_esn) { in copy_to_user_state_extra()
839 xfrm_replay_state_esn_len(x->replay_esn), in copy_to_user_state_extra()
840 x->replay_esn); in copy_to_user_state_extra()
844 if (x->security) in copy_to_user_state_extra()
845 ret = copy_sec_ctx(x->security, skb); in copy_to_user_state_extra()
846 if (x->props.output_mark) { in copy_to_user_state_extra()
847 ret = nla_put_u32(skb, XFRMA_OUTPUT_MARK, x->props.output_mark); in copy_to_user_state_extra()
855 static int dump_one_state(struct xfrm_state *x, int count, void *ptr) in dump_one_state() argument
871 err = copy_to_user_state_extra(x, p, skb); in dump_one_state()
939 struct xfrm_state *x, u32 seq) in xfrm_state_netlink() argument
954 err = dump_one_state(x, 0, &info); in xfrm_state_netlink()
1164 struct xfrm_state *x; in xfrm_get_sa() local
1168 x = xfrm_user_state_lookup(net, p, attrs, &err); in xfrm_get_sa()
1169 if (x == NULL) in xfrm_get_sa()
1172 resp_skb = xfrm_state_netlink(skb, x, nlh->nlmsg_seq); in xfrm_get_sa()
1178 xfrm_state_put(x); in xfrm_get_sa()
1187 struct xfrm_state *x; in xfrm_alloc_userspi() local
1204 x = NULL; in xfrm_alloc_userspi()
1208 x = xfrm_find_acq_byseq(net, mark, p->info.seq); in xfrm_alloc_userspi()
1209 if (x && !xfrm_addr_equal(&x->id.daddr, daddr, family)) { in xfrm_alloc_userspi()
1210 xfrm_state_put(x); in xfrm_alloc_userspi()
1211 x = NULL; in xfrm_alloc_userspi()
1215 if (!x) in xfrm_alloc_userspi()
1216 x = xfrm_find_acq(net, &m, p->info.mode, p->info.reqid, in xfrm_alloc_userspi()
1221 if (x == NULL) in xfrm_alloc_userspi()
1224 err = xfrm_alloc_spi(x, p->min, p->max); in xfrm_alloc_userspi()
1228 resp_skb = xfrm_state_netlink(skb, x, nlh->nlmsg_seq); in xfrm_alloc_userspi()
1237 xfrm_state_put(x); in xfrm_alloc_userspi()
1563 static inline int copy_to_user_state_sec_ctx(struct xfrm_state *x, struct sk_buff *skb) in copy_to_user_state_sec_ctx() argument
1565 if (x->security) { in copy_to_user_state_sec_ctx()
1566 return copy_sec_ctx(x->security, skb); in copy_to_user_state_sec_ctx()
1802 static inline size_t xfrm_aevent_msgsize(struct xfrm_state *x) in xfrm_aevent_msgsize() argument
1804 size_t replay_size = x->replay_esn ? in xfrm_aevent_msgsize()
1805 xfrm_replay_state_esn_len(x->replay_esn) : in xfrm_aevent_msgsize()
1816 static int build_aevent(struct sk_buff *skb, struct xfrm_state *x, const struct km_event *c) in build_aevent() argument
1827 memcpy(&id->sa_id.daddr, &x->id.daddr, sizeof(x->id.daddr)); in build_aevent()
1828 id->sa_id.spi = x->id.spi; in build_aevent()
1829 id->sa_id.family = x->props.family; in build_aevent()
1830 id->sa_id.proto = x->id.proto; in build_aevent()
1831 memcpy(&id->saddr, &x->props.saddr, sizeof(x->props.saddr)); in build_aevent()
1832 id->reqid = x->props.reqid; in build_aevent()
1835 if (x->replay_esn) { in build_aevent()
1837 xfrm_replay_state_esn_len(x->replay_esn), in build_aevent()
1838 x->replay_esn); in build_aevent()
1840 err = nla_put(skb, XFRMA_REPLAY_VAL, sizeof(x->replay), in build_aevent()
1841 &x->replay); in build_aevent()
1845 err = nla_put(skb, XFRMA_LTIME_VAL, sizeof(x->curlft), &x->curlft); in build_aevent()
1850 err = nla_put_u32(skb, XFRMA_REPLAY_THRESH, x->replay_maxdiff); in build_aevent()
1856 x->replay_maxage * 10 / HZ); in build_aevent()
1860 err = xfrm_mark_put(skb, &x->mark); in build_aevent()
1875 struct xfrm_state *x; in xfrm_get_ae() local
1886 x = xfrm_state_lookup(net, mark, &id->daddr, id->spi, id->proto, id->family); in xfrm_get_ae()
1887 if (x == NULL) in xfrm_get_ae()
1890 r_skb = nlmsg_new(xfrm_aevent_msgsize(x), GFP_ATOMIC); in xfrm_get_ae()
1892 xfrm_state_put(x); in xfrm_get_ae()
1901 spin_lock_bh(&x->lock); in xfrm_get_ae()
1906 if (build_aevent(r_skb, x, &c) < 0) in xfrm_get_ae()
1909 spin_unlock_bh(&x->lock); in xfrm_get_ae()
1910 xfrm_state_put(x); in xfrm_get_ae()
1918 struct xfrm_state *x; in xfrm_new_ae() local
1937 x = xfrm_state_lookup(net, mark, &p->sa_id.daddr, p->sa_id.spi, p->sa_id.proto, p->sa_id.family); in xfrm_new_ae()
1938 if (x == NULL) in xfrm_new_ae()
1941 if (x->km.state != XFRM_STATE_VALID) in xfrm_new_ae()
1944 err = xfrm_replay_verify_len(x->replay_esn, re); in xfrm_new_ae()
1948 spin_lock_bh(&x->lock); in xfrm_new_ae()
1949 xfrm_update_ae_params(x, attrs, 1); in xfrm_new_ae()
1950 spin_unlock_bh(&x->lock); in xfrm_new_ae()
1956 km_state_notify(x, &c); in xfrm_new_ae()
1959 xfrm_state_put(x); in xfrm_new_ae()
2058 struct xfrm_state *x; in xfrm_add_sa_expire() local
2065 x = xfrm_state_lookup(net, mark, &p->id.daddr, p->id.spi, p->id.proto, p->family); in xfrm_add_sa_expire()
2068 if (x == NULL) in xfrm_add_sa_expire()
2071 spin_lock_bh(&x->lock); in xfrm_add_sa_expire()
2073 if (x->km.state != XFRM_STATE_VALID) in xfrm_add_sa_expire()
2075 km_state_expired(x, ue->hard, nlh->nlmsg_pid); in xfrm_add_sa_expire()
2078 __xfrm_state_delete(x); in xfrm_add_sa_expire()
2079 xfrm_audit_state_delete(x, 1, true); in xfrm_add_sa_expire()
2083 spin_unlock_bh(&x->lock); in xfrm_add_sa_expire()
2084 xfrm_state_put(x); in xfrm_add_sa_expire()
2099 struct xfrm_state *x = xfrm_state_alloc(net); in xfrm_add_acquire() local
2102 if (!x) in xfrm_add_acquire()
2116 memcpy(&x->id, &ua->id, sizeof(ua->id)); in xfrm_add_acquire()
2117 memcpy(&x->props.saddr, &ua->saddr, sizeof(ua->saddr)); in xfrm_add_acquire()
2118 memcpy(&x->sel, &ua->sel, sizeof(ua->sel)); in xfrm_add_acquire()
2119 xp->mark.m = x->mark.m = mark.m; in xfrm_add_acquire()
2120 xp->mark.v = x->mark.v = mark.v; in xfrm_add_acquire()
2125 memcpy(&x->id, &t->id, sizeof(x->id)); in xfrm_add_acquire()
2126 x->props.mode = t->mode; in xfrm_add_acquire()
2127 x->props.reqid = t->reqid; in xfrm_add_acquire()
2128 x->props.family = ut->family; in xfrm_add_acquire()
2132 err = km_query(x, t, xp); in xfrm_add_acquire()
2136 kfree(x); in xfrm_add_acquire()
2144 kfree(x); in xfrm_add_acquire()
2507 static int build_expire(struct sk_buff *skb, struct xfrm_state *x, const struct km_event *c) in build_expire() argument
2518 copy_to_user_state(x, &ue->state); in build_expire()
2521 err = xfrm_mark_put(skb, &x->mark); in build_expire()
2528 static int xfrm_exp_state_notify(struct xfrm_state *x, const struct km_event *c) in xfrm_exp_state_notify() argument
2530 struct net *net = xs_net(x); in xfrm_exp_state_notify()
2537 if (build_expire(skb, x, c) < 0) { in xfrm_exp_state_notify()
2545 static int xfrm_aevent_state_notify(struct xfrm_state *x, const struct km_event *c) in xfrm_aevent_state_notify() argument
2547 struct net *net = xs_net(x); in xfrm_aevent_state_notify()
2550 skb = nlmsg_new(xfrm_aevent_msgsize(x), GFP_ATOMIC); in xfrm_aevent_state_notify()
2554 if (build_aevent(skb, x, c) < 0) in xfrm_aevent_state_notify()
2586 static inline size_t xfrm_sa_len(struct xfrm_state *x) in xfrm_sa_len() argument
2589 if (x->aead) in xfrm_sa_len()
2590 l += nla_total_size(aead_len(x->aead)); in xfrm_sa_len()
2591 if (x->aalg) { in xfrm_sa_len()
2593 (x->aalg->alg_key_len + 7) / 8); in xfrm_sa_len()
2594 l += nla_total_size(xfrm_alg_auth_len(x->aalg)); in xfrm_sa_len()
2596 if (x->ealg) in xfrm_sa_len()
2597 l += nla_total_size(xfrm_alg_len(x->ealg)); in xfrm_sa_len()
2598 if (x->calg) in xfrm_sa_len()
2599 l += nla_total_size(sizeof(*x->calg)); in xfrm_sa_len()
2600 if (x->encap) in xfrm_sa_len()
2601 l += nla_total_size(sizeof(*x->encap)); in xfrm_sa_len()
2602 if (x->tfcpad) in xfrm_sa_len()
2603 l += nla_total_size(sizeof(x->tfcpad)); in xfrm_sa_len()
2604 if (x->replay_esn) in xfrm_sa_len()
2605 l += nla_total_size(xfrm_replay_state_esn_len(x->replay_esn)); in xfrm_sa_len()
2606 if (x->security) in xfrm_sa_len()
2608 x->security->ctx_len); in xfrm_sa_len()
2609 if (x->coaddr) in xfrm_sa_len()
2610 l += nla_total_size(sizeof(*x->coaddr)); in xfrm_sa_len()
2611 if (x->props.extra_flags) in xfrm_sa_len()
2612 l += nla_total_size(sizeof(x->props.extra_flags)); in xfrm_sa_len()
2613 if (x->props.output_mark) in xfrm_sa_len()
2614 l += nla_total_size(sizeof(x->props.output_mark)); in xfrm_sa_len()
2622 static int xfrm_notify_sa(struct xfrm_state *x, const struct km_event *c) in xfrm_notify_sa() argument
2624 struct net *net = xs_net(x); in xfrm_notify_sa()
2629 int len = xfrm_sa_len(x); in xfrm_notify_sa()
2654 memcpy(&id->daddr, &x->id.daddr, sizeof(id->daddr)); in xfrm_notify_sa()
2655 id->spi = x->id.spi; in xfrm_notify_sa()
2656 id->family = x->props.family; in xfrm_notify_sa()
2657 id->proto = x->id.proto; in xfrm_notify_sa()
2666 err = copy_to_user_state_extra(x, p, skb); in xfrm_notify_sa()
2679 static int xfrm_send_state_notify(struct xfrm_state *x, const struct km_event *c) in xfrm_send_state_notify() argument
2684 return xfrm_exp_state_notify(x, c); in xfrm_send_state_notify()
2686 return xfrm_aevent_state_notify(x, c); in xfrm_send_state_notify()
2690 return xfrm_notify_sa(x, c); in xfrm_send_state_notify()
2703 static inline size_t xfrm_acquire_msgsize(struct xfrm_state *x, in xfrm_acquire_msgsize() argument
2709 + nla_total_size(xfrm_user_sec_ctx_size(x->security)) in xfrm_acquire_msgsize()
2713 static int build_acquire(struct sk_buff *skb, struct xfrm_state *x, in build_acquire() argument
2726 memcpy(&ua->id, &x->id, sizeof(ua->id)); in build_acquire()
2727 memcpy(&ua->saddr, &x->props.saddr, sizeof(ua->saddr)); in build_acquire()
2728 memcpy(&ua->sel, &x->sel, sizeof(ua->sel)); in build_acquire()
2733 ua->seq = x->km.seq = seq; in build_acquire()
2737 err = copy_to_user_state_sec_ctx(x, skb); in build_acquire()
2750 static int xfrm_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *xt, in xfrm_send_acquire() argument
2753 struct net *net = xs_net(x); in xfrm_send_acquire()
2756 skb = nlmsg_new(xfrm_acquire_msgsize(x, xp), GFP_ATOMIC); in xfrm_send_acquire()
2760 if (build_acquire(skb, x, xt, xp) < 0) in xfrm_send_acquire()
3049 static int build_mapping(struct sk_buff *skb, struct xfrm_state *x, in build_mapping() argument
3061 memcpy(&um->id.daddr, &x->id.daddr, sizeof(um->id.daddr)); in build_mapping()
3062 um->id.spi = x->id.spi; in build_mapping()
3063 um->id.family = x->props.family; in build_mapping()
3064 um->id.proto = x->id.proto; in build_mapping()
3066 memcpy(&um->old_saddr, &x->props.saddr, sizeof(um->old_saddr)); in build_mapping()
3068 um->old_sport = x->encap->encap_sport; in build_mapping()
3069 um->reqid = x->props.reqid; in build_mapping()
3074 static int xfrm_send_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, in xfrm_send_mapping() argument
3077 struct net *net = xs_net(x); in xfrm_send_mapping()
3080 if (x->id.proto != IPPROTO_ESP) in xfrm_send_mapping()
3083 if (!x->encap) in xfrm_send_mapping()
3090 if (build_mapping(skb, x, ipaddr, sport) < 0) in xfrm_send_mapping()