Lines Matching refs:xp
1903 static int check_reqid(struct xfrm_policy *xp, int dir, int count, void *ptr) in check_reqid() argument
1908 for (i=0; i<xp->xfrm_nr; i++) { in check_reqid()
1909 if (xp->xfrm_vec[i].reqid == reqid) in check_reqid()
1937 parse_ipsecrequest(struct xfrm_policy *xp, struct sadb_x_ipsecrequest *rq) in parse_ipsecrequest() argument
1939 struct net *net = xp_net(xp); in parse_ipsecrequest()
1940 struct xfrm_tmpl *t = xp->xfrm_vec + xp->xfrm_nr; in parse_ipsecrequest()
1943 if (xp->xfrm_nr >= XFRM_MAX_DEPTH) in parse_ipsecrequest()
1976 t->encap_family = xp->family; in parse_ipsecrequest()
1980 xp->xfrm_nr++; in parse_ipsecrequest()
1985 parse_ipsecrequests(struct xfrm_policy *xp, struct sadb_x_policy *pol) in parse_ipsecrequests() argument
1999 if ((err = parse_ipsecrequest(xp, rq)) < 0) in parse_ipsecrequests()
2007 static inline int pfkey_xfrm_policy2sec_ctx_size(const struct xfrm_policy *xp) in pfkey_xfrm_policy2sec_ctx_size() argument
2009 struct xfrm_sec_ctx *xfrm_ctx = xp->security; in pfkey_xfrm_policy2sec_ctx_size()
2019 static int pfkey_xfrm_policy2msg_size(const struct xfrm_policy *xp) in pfkey_xfrm_policy2msg_size() argument
2022 int sockaddr_size = pfkey_sockaddr_size(xp->family); in pfkey_xfrm_policy2msg_size()
2026 for (i=0; i<xp->xfrm_nr; i++) { in pfkey_xfrm_policy2msg_size()
2027 t = xp->xfrm_vec + i; in pfkey_xfrm_policy2msg_size()
2036 (xp->xfrm_nr * sizeof(struct sadb_x_ipsecrequest)) + in pfkey_xfrm_policy2msg_size()
2038 pfkey_xfrm_policy2sec_ctx_size(xp); in pfkey_xfrm_policy2msg_size()
2041 static struct sk_buff * pfkey_xfrm_policy2msg_prep(const struct xfrm_policy *xp) in pfkey_xfrm_policy2msg_prep() argument
2046 size = pfkey_xfrm_policy2msg_size(xp); in pfkey_xfrm_policy2msg_prep()
2055 static int pfkey_xfrm_policy2msg(struct sk_buff *skb, const struct xfrm_policy *xp, int dir) in pfkey_xfrm_policy2msg() argument
2065 int sockaddr_size = pfkey_sockaddr_size(xp->family); in pfkey_xfrm_policy2msg()
2066 int socklen = pfkey_sockaddr_len(xp->family); in pfkey_xfrm_policy2msg()
2068 size = pfkey_xfrm_policy2msg_size(xp); in pfkey_xfrm_policy2msg()
2080 addr->sadb_address_proto = pfkey_proto_from_xfrm(xp->selector.proto); in pfkey_xfrm_policy2msg()
2081 addr->sadb_address_prefixlen = xp->selector.prefixlen_s; in pfkey_xfrm_policy2msg()
2083 if (!pfkey_sockaddr_fill(&xp->selector.saddr, in pfkey_xfrm_policy2msg()
2084 xp->selector.sport, in pfkey_xfrm_policy2msg()
2086 xp->family)) in pfkey_xfrm_policy2msg()
2095 addr->sadb_address_proto = pfkey_proto_from_xfrm(xp->selector.proto); in pfkey_xfrm_policy2msg()
2096 addr->sadb_address_prefixlen = xp->selector.prefixlen_d; in pfkey_xfrm_policy2msg()
2099 pfkey_sockaddr_fill(&xp->selector.daddr, xp->selector.dport, in pfkey_xfrm_policy2msg()
2101 xp->family); in pfkey_xfrm_policy2msg()
2108 lifetime->sadb_lifetime_allocations = _X2KEY(xp->lft.hard_packet_limit); in pfkey_xfrm_policy2msg()
2109 lifetime->sadb_lifetime_bytes = _X2KEY(xp->lft.hard_byte_limit); in pfkey_xfrm_policy2msg()
2110 lifetime->sadb_lifetime_addtime = xp->lft.hard_add_expires_seconds; in pfkey_xfrm_policy2msg()
2111 lifetime->sadb_lifetime_usetime = xp->lft.hard_use_expires_seconds; in pfkey_xfrm_policy2msg()
2117 lifetime->sadb_lifetime_allocations = _X2KEY(xp->lft.soft_packet_limit); in pfkey_xfrm_policy2msg()
2118 lifetime->sadb_lifetime_bytes = _X2KEY(xp->lft.soft_byte_limit); in pfkey_xfrm_policy2msg()
2119 lifetime->sadb_lifetime_addtime = xp->lft.soft_add_expires_seconds; in pfkey_xfrm_policy2msg()
2120 lifetime->sadb_lifetime_usetime = xp->lft.soft_use_expires_seconds; in pfkey_xfrm_policy2msg()
2126 lifetime->sadb_lifetime_allocations = xp->curlft.packets; in pfkey_xfrm_policy2msg()
2127 lifetime->sadb_lifetime_bytes = xp->curlft.bytes; in pfkey_xfrm_policy2msg()
2128 lifetime->sadb_lifetime_addtime = xp->curlft.add_time; in pfkey_xfrm_policy2msg()
2129 lifetime->sadb_lifetime_usetime = xp->curlft.use_time; in pfkey_xfrm_policy2msg()
2135 if (xp->action == XFRM_POLICY_ALLOW) { in pfkey_xfrm_policy2msg()
2136 if (xp->xfrm_nr) in pfkey_xfrm_policy2msg()
2143 pol->sadb_x_policy_id = xp->index; in pfkey_xfrm_policy2msg()
2144 pol->sadb_x_policy_priority = xp->priority; in pfkey_xfrm_policy2msg()
2146 for (i=0; i<xp->xfrm_nr; i++) { in pfkey_xfrm_policy2msg()
2147 const struct xfrm_tmpl *t = xp->xfrm_vec + i; in pfkey_xfrm_policy2msg()
2186 if ((xfrm_ctx = xp->security)) { in pfkey_xfrm_policy2msg()
2187 int ctx_size = pfkey_xfrm_policy2sec_ctx_size(xp); in pfkey_xfrm_policy2msg()
2200 hdr->sadb_msg_reserved = refcount_read(&xp->refcnt); in pfkey_xfrm_policy2msg()
2205 static int key_notify_policy(struct xfrm_policy *xp, int dir, const struct km_event *c) in key_notify_policy() argument
2211 out_skb = pfkey_xfrm_policy2msg_prep(xp); in key_notify_policy()
2215 err = pfkey_xfrm_policy2msg(out_skb, xp, dir); in key_notify_policy()
2231 pfkey_broadcast(out_skb, GFP_ATOMIC, BROADCAST_ALL, NULL, xp_net(xp)); in key_notify_policy()
2243 struct xfrm_policy *xp; in pfkey_spdadd() local
2258 xp = xfrm_policy_alloc(net, GFP_KERNEL); in pfkey_spdadd()
2259 if (xp == NULL) in pfkey_spdadd()
2262 xp->action = (pol->sadb_x_policy_type == IPSEC_POLICY_DISCARD ? in pfkey_spdadd()
2264 xp->priority = pol->sadb_x_policy_priority; in pfkey_spdadd()
2267 xp->family = pfkey_sadb_addr2xfrm_addr(sa, &xp->selector.saddr); in pfkey_spdadd()
2268 xp->selector.family = xp->family; in pfkey_spdadd()
2269 xp->selector.prefixlen_s = sa->sadb_address_prefixlen; in pfkey_spdadd()
2270 xp->selector.proto = pfkey_proto_to_xfrm(sa->sadb_address_proto); in pfkey_spdadd()
2271 xp->selector.sport = ((struct sockaddr_in *)(sa+1))->sin_port; in pfkey_spdadd()
2272 if (xp->selector.sport) in pfkey_spdadd()
2273 xp->selector.sport_mask = htons(0xffff); in pfkey_spdadd()
2276 pfkey_sadb_addr2xfrm_addr(sa, &xp->selector.daddr); in pfkey_spdadd()
2277 xp->selector.prefixlen_d = sa->sadb_address_prefixlen; in pfkey_spdadd()
2282 xp->selector.proto = pfkey_proto_to_xfrm(sa->sadb_address_proto); in pfkey_spdadd()
2284 xp->selector.dport = ((struct sockaddr_in *)(sa+1))->sin_port; in pfkey_spdadd()
2285 if (xp->selector.dport) in pfkey_spdadd()
2286 xp->selector.dport_mask = htons(0xffff); in pfkey_spdadd()
2297 err = security_xfrm_policy_alloc(&xp->security, uctx, GFP_KERNEL); in pfkey_spdadd()
2304 xp->lft.soft_byte_limit = XFRM_INF; in pfkey_spdadd()
2305 xp->lft.hard_byte_limit = XFRM_INF; in pfkey_spdadd()
2306 xp->lft.soft_packet_limit = XFRM_INF; in pfkey_spdadd()
2307 xp->lft.hard_packet_limit = XFRM_INF; in pfkey_spdadd()
2309 xp->lft.hard_packet_limit = _KEY2X(lifetime->sadb_lifetime_allocations); in pfkey_spdadd()
2310 xp->lft.hard_byte_limit = _KEY2X(lifetime->sadb_lifetime_bytes); in pfkey_spdadd()
2311 xp->lft.hard_add_expires_seconds = lifetime->sadb_lifetime_addtime; in pfkey_spdadd()
2312 xp->lft.hard_use_expires_seconds = lifetime->sadb_lifetime_usetime; in pfkey_spdadd()
2315 xp->lft.soft_packet_limit = _KEY2X(lifetime->sadb_lifetime_allocations); in pfkey_spdadd()
2316 xp->lft.soft_byte_limit = _KEY2X(lifetime->sadb_lifetime_bytes); in pfkey_spdadd()
2317 xp->lft.soft_add_expires_seconds = lifetime->sadb_lifetime_addtime; in pfkey_spdadd()
2318 xp->lft.soft_use_expires_seconds = lifetime->sadb_lifetime_usetime; in pfkey_spdadd()
2320 xp->xfrm_nr = 0; in pfkey_spdadd()
2322 (err = parse_ipsecrequests(xp, pol)) < 0) in pfkey_spdadd()
2325 err = xfrm_policy_insert(pol->sadb_x_policy_dir-1, xp, in pfkey_spdadd()
2328 xfrm_audit_policy_add(xp, err ? 0 : 1, true); in pfkey_spdadd()
2341 km_policy_notify(xp, pol->sadb_x_policy_dir-1, &c); in pfkey_spdadd()
2342 xfrm_pol_put(xp); in pfkey_spdadd()
2346 xp->walk.dead = 1; in pfkey_spdadd()
2347 xfrm_policy_destroy(xp); in pfkey_spdadd()
2357 struct xfrm_policy *xp; in pfkey_spddelete() local
2403 xp = xfrm_policy_bysel_ctx(net, DUMMY_MARK, 0, XFRM_POLICY_TYPE_MAIN, in pfkey_spddelete()
2407 if (xp == NULL) in pfkey_spddelete()
2410 xfrm_audit_policy_delete(xp, err ? 0 : 1, true); in pfkey_spddelete()
2419 km_policy_notify(xp, pol->sadb_x_policy_dir-1, &c); in pfkey_spddelete()
2422 xfrm_pol_put(xp); in pfkey_spddelete()
2426 static int key_pol_get_resp(struct sock *sk, struct xfrm_policy *xp, const struct sadb_msg *hdr, in… in key_pol_get_resp() argument
2433 out_skb = pfkey_xfrm_policy2msg_prep(xp); in key_pol_get_resp()
2438 err = pfkey_xfrm_policy2msg(out_skb, xp, dir); in key_pol_get_resp()
2451 pfkey_broadcast(out_skb, GFP_ATOMIC, BROADCAST_ONE, sk, xp_net(xp)); in key_pol_get_resp()
2643 struct xfrm_policy *xp; in pfkey_spdget() local
2654 xp = xfrm_policy_byid(net, DUMMY_MARK, 0, XFRM_POLICY_TYPE_MAIN, in pfkey_spdget()
2656 if (xp == NULL) in pfkey_spdget()
2660 xfrm_audit_policy_delete(xp, err ? 0 : 1, true); in pfkey_spdget()
2668 km_policy_notify(xp, dir, &c); in pfkey_spdget()
2670 err = key_pol_get_resp(sk, xp, hdr, dir); in pfkey_spdget()
2674 xfrm_pol_put(xp); in pfkey_spdget()
2678 static int dump_sp(struct xfrm_policy *xp, int dir, int count, void *ptr) in dump_sp() argument
2688 out_skb = pfkey_xfrm_policy2msg_prep(xp); in dump_sp()
2692 err = pfkey_xfrm_policy2msg(out_skb, xp, dir); in dump_sp()
3016 static int key_notify_policy_expire(struct xfrm_policy *xp, const struct km_event *c) in key_notify_policy_expire() argument
3079 static int pfkey_send_policy_notify(struct xfrm_policy *xp, int dir, const struct km_event *c) in pfkey_send_policy_notify() argument
3081 if (xp && xp->type != XFRM_POLICY_TYPE_MAIN) in pfkey_send_policy_notify()
3086 return key_notify_policy_expire(xp, c); in pfkey_send_policy_notify()
3090 return key_notify_policy(xp, dir, c); in pfkey_send_policy_notify()
3132 static int pfkey_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *xp) in pfkey_send_acquire() argument
3213 pol->sadb_x_policy_id = xp->index; in pfkey_send_acquire()
3214 pol->sadb_x_policy_priority = xp->priority; in pfkey_send_acquire()
3244 struct xfrm_policy *xp; in pfkey_compile_policy() local
3276 xp = xfrm_policy_alloc(net, GFP_ATOMIC); in pfkey_compile_policy()
3277 if (xp == NULL) { in pfkey_compile_policy()
3282 xp->action = (pol->sadb_x_policy_type == IPSEC_POLICY_DISCARD ? in pfkey_compile_policy()
3285 xp->lft.soft_byte_limit = XFRM_INF; in pfkey_compile_policy()
3286 xp->lft.hard_byte_limit = XFRM_INF; in pfkey_compile_policy()
3287 xp->lft.soft_packet_limit = XFRM_INF; in pfkey_compile_policy()
3288 xp->lft.hard_packet_limit = XFRM_INF; in pfkey_compile_policy()
3289 xp->family = sk->sk_family; in pfkey_compile_policy()
3291 xp->xfrm_nr = 0; in pfkey_compile_policy()
3293 (*dir = parse_ipsecrequests(xp, pol)) < 0) in pfkey_compile_policy()
3312 *dir = security_xfrm_policy_alloc(&xp->security, uctx, GFP_ATOMIC); in pfkey_compile_policy()
3320 return xp; in pfkey_compile_policy()
3323 xp->walk.dead = 1; in pfkey_compile_policy()
3324 xfrm_policy_destroy(xp); in pfkey_compile_policy()