1 /* xfrm_user.c: User interface to configure xfrm engine. 2 * 3 * Copyright (C) 2002 David S. Miller (davem@redhat.com) 4 * 5 * Changes: 6 * Mitsuru KANDA @USAGI 7 * Kazunori MIYAZAWA @USAGI 8 * Kunihiro Ishiguro <kunihiro@ipinfusion.com> 9 * IPv6 support 10 * 11 */ 12 13 #include <linux/module.h> 14 #include <linux/kernel.h> 15 #include <linux/types.h> 16 #include <linux/slab.h> 17 #include <linux/socket.h> 18 #include <linux/string.h> 19 #include <linux/net.h> 20 #include <linux/skbuff.h> 21 #include <linux/rtnetlink.h> 22 #include <linux/pfkeyv2.h> 23 #include <linux/ipsec.h> 24 #include <linux/init.h> 25 #include <linux/security.h> 26 #include <net/sock.h> 27 #include <net/xfrm.h> 28 #include <net/netlink.h> 29 #include <asm/uaccess.h> 30 31 static int verify_one_alg(struct rtattr **xfrma, enum xfrm_attr_type_t type) 32 { 33 struct rtattr *rt = xfrma[type - 1]; 34 struct xfrm_algo *algp; 35 int len; 36 37 if (!rt) 38 return 0; 39 40 len = (rt->rta_len - sizeof(*rt)) - sizeof(*algp); 41 if (len < 0) 42 return -EINVAL; 43 44 algp = RTA_DATA(rt); 45 46 len -= (algp->alg_key_len + 7U) / 8; 47 if (len < 0) 48 return -EINVAL; 49 50 switch (type) { 51 case XFRMA_ALG_AUTH: 52 if (!algp->alg_key_len && 53 strcmp(algp->alg_name, "digest_null") != 0) 54 return -EINVAL; 55 break; 56 57 case XFRMA_ALG_CRYPT: 58 if (!algp->alg_key_len && 59 strcmp(algp->alg_name, "cipher_null") != 0) 60 return -EINVAL; 61 break; 62 63 case XFRMA_ALG_COMP: 64 /* Zero length keys are legal. */ 65 break; 66 67 default: 68 return -EINVAL; 69 }; 70 71 algp->alg_name[CRYPTO_MAX_ALG_NAME - 1] = '\0'; 72 return 0; 73 } 74 75 static int verify_encap_tmpl(struct rtattr **xfrma) 76 { 77 struct rtattr *rt = xfrma[XFRMA_ENCAP - 1]; 78 struct xfrm_encap_tmpl *encap; 79 80 if (!rt) 81 return 0; 82 83 if ((rt->rta_len - sizeof(*rt)) < sizeof(*encap)) 84 return -EINVAL; 85 86 return 0; 87 } 88 89 90 static inline int verify_sec_ctx_len(struct rtattr **xfrma) 91 { 92 struct rtattr *rt = xfrma[XFRMA_SEC_CTX - 1]; 93 struct xfrm_user_sec_ctx *uctx; 94 int len = 0; 95 96 if (!rt) 97 return 0; 98 99 if (rt->rta_len < sizeof(*uctx)) 100 return -EINVAL; 101 102 uctx = RTA_DATA(rt); 103 104 len += sizeof(struct xfrm_user_sec_ctx); 105 len += uctx->ctx_len; 106 107 if (uctx->len != len) 108 return -EINVAL; 109 110 return 0; 111 } 112 113 114 static int verify_newsa_info(struct xfrm_usersa_info *p, 115 struct rtattr **xfrma) 116 { 117 int err; 118 119 err = -EINVAL; 120 switch (p->family) { 121 case AF_INET: 122 break; 123 124 case AF_INET6: 125 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 126 break; 127 #else 128 err = -EAFNOSUPPORT; 129 goto out; 130 #endif 131 132 default: 133 goto out; 134 }; 135 136 err = -EINVAL; 137 switch (p->id.proto) { 138 case IPPROTO_AH: 139 if (!xfrma[XFRMA_ALG_AUTH-1] || 140 xfrma[XFRMA_ALG_CRYPT-1] || 141 xfrma[XFRMA_ALG_COMP-1]) 142 goto out; 143 break; 144 145 case IPPROTO_ESP: 146 if ((!xfrma[XFRMA_ALG_AUTH-1] && 147 !xfrma[XFRMA_ALG_CRYPT-1]) || 148 xfrma[XFRMA_ALG_COMP-1]) 149 goto out; 150 break; 151 152 case IPPROTO_COMP: 153 if (!xfrma[XFRMA_ALG_COMP-1] || 154 xfrma[XFRMA_ALG_AUTH-1] || 155 xfrma[XFRMA_ALG_CRYPT-1]) 156 goto out; 157 break; 158 159 default: 160 goto out; 161 }; 162 163 if ((err = verify_one_alg(xfrma, XFRMA_ALG_AUTH))) 164 goto out; 165 if ((err = verify_one_alg(xfrma, XFRMA_ALG_CRYPT))) 166 goto out; 167 if ((err = verify_one_alg(xfrma, XFRMA_ALG_COMP))) 168 goto out; 169 if ((err = verify_encap_tmpl(xfrma))) 170 goto out; 171 if ((err = verify_sec_ctx_len(xfrma))) 172 goto out; 173 174 err = -EINVAL; 175 switch (p->mode) { 176 case 0: 177 case 1: 178 break; 179 180 default: 181 goto out; 182 }; 183 184 err = 0; 185 186 out: 187 return err; 188 } 189 190 static int attach_one_algo(struct xfrm_algo **algpp, u8 *props, 191 struct xfrm_algo_desc *(*get_byname)(char *, int), 192 struct rtattr *u_arg) 193 { 194 struct rtattr *rta = u_arg; 195 struct xfrm_algo *p, *ualg; 196 struct xfrm_algo_desc *algo; 197 int len; 198 199 if (!rta) 200 return 0; 201 202 ualg = RTA_DATA(rta); 203 204 algo = get_byname(ualg->alg_name, 1); 205 if (!algo) 206 return -ENOSYS; 207 *props = algo->desc.sadb_alg_id; 208 209 len = sizeof(*ualg) + (ualg->alg_key_len + 7U) / 8; 210 p = kmalloc(len, GFP_KERNEL); 211 if (!p) 212 return -ENOMEM; 213 214 memcpy(p, ualg, len); 215 *algpp = p; 216 return 0; 217 } 218 219 static int attach_encap_tmpl(struct xfrm_encap_tmpl **encapp, struct rtattr *u_arg) 220 { 221 struct rtattr *rta = u_arg; 222 struct xfrm_encap_tmpl *p, *uencap; 223 224 if (!rta) 225 return 0; 226 227 uencap = RTA_DATA(rta); 228 p = kmalloc(sizeof(*p), GFP_KERNEL); 229 if (!p) 230 return -ENOMEM; 231 232 memcpy(p, uencap, sizeof(*p)); 233 *encapp = p; 234 return 0; 235 } 236 237 238 static inline int xfrm_user_sec_ctx_size(struct xfrm_policy *xp) 239 { 240 struct xfrm_sec_ctx *xfrm_ctx = xp->security; 241 int len = 0; 242 243 if (xfrm_ctx) { 244 len += sizeof(struct xfrm_user_sec_ctx); 245 len += xfrm_ctx->ctx_len; 246 } 247 return len; 248 } 249 250 static int attach_sec_ctx(struct xfrm_state *x, struct rtattr *u_arg) 251 { 252 struct xfrm_user_sec_ctx *uctx; 253 254 if (!u_arg) 255 return 0; 256 257 uctx = RTA_DATA(u_arg); 258 return security_xfrm_state_alloc(x, uctx); 259 } 260 261 static void copy_from_user_state(struct xfrm_state *x, struct xfrm_usersa_info *p) 262 { 263 memcpy(&x->id, &p->id, sizeof(x->id)); 264 memcpy(&x->sel, &p->sel, sizeof(x->sel)); 265 memcpy(&x->lft, &p->lft, sizeof(x->lft)); 266 x->props.mode = p->mode; 267 x->props.replay_window = p->replay_window; 268 x->props.reqid = p->reqid; 269 x->props.family = p->family; 270 x->props.saddr = p->saddr; 271 x->props.flags = p->flags; 272 } 273 274 /* 275 * someday when pfkey also has support, we could have the code 276 * somehow made shareable and move it to xfrm_state.c - JHS 277 * 278 */ 279 static int xfrm_update_ae_params(struct xfrm_state *x, struct rtattr **xfrma) 280 { 281 int err = - EINVAL; 282 struct rtattr *rp = xfrma[XFRMA_REPLAY_VAL-1]; 283 struct rtattr *lt = xfrma[XFRMA_LTIME_VAL-1]; 284 struct rtattr *et = xfrma[XFRMA_ETIMER_THRESH-1]; 285 struct rtattr *rt = xfrma[XFRMA_REPLAY_THRESH-1]; 286 287 if (rp) { 288 struct xfrm_replay_state *replay; 289 if (RTA_PAYLOAD(rp) < sizeof(*replay)) 290 goto error; 291 replay = RTA_DATA(rp); 292 memcpy(&x->replay, replay, sizeof(*replay)); 293 memcpy(&x->preplay, replay, sizeof(*replay)); 294 } 295 296 if (lt) { 297 struct xfrm_lifetime_cur *ltime; 298 if (RTA_PAYLOAD(lt) < sizeof(*ltime)) 299 goto error; 300 ltime = RTA_DATA(lt); 301 x->curlft.bytes = ltime->bytes; 302 x->curlft.packets = ltime->packets; 303 x->curlft.add_time = ltime->add_time; 304 x->curlft.use_time = ltime->use_time; 305 } 306 307 if (et) { 308 if (RTA_PAYLOAD(et) < sizeof(u32)) 309 goto error; 310 x->replay_maxage = *(u32*)RTA_DATA(et); 311 } 312 313 if (rt) { 314 if (RTA_PAYLOAD(rt) < sizeof(u32)) 315 goto error; 316 x->replay_maxdiff = *(u32*)RTA_DATA(rt); 317 } 318 319 return 0; 320 error: 321 return err; 322 } 323 324 static struct xfrm_state *xfrm_state_construct(struct xfrm_usersa_info *p, 325 struct rtattr **xfrma, 326 int *errp) 327 { 328 struct xfrm_state *x = xfrm_state_alloc(); 329 int err = -ENOMEM; 330 331 if (!x) 332 goto error_no_put; 333 334 copy_from_user_state(x, p); 335 336 if ((err = attach_one_algo(&x->aalg, &x->props.aalgo, 337 xfrm_aalg_get_byname, 338 xfrma[XFRMA_ALG_AUTH-1]))) 339 goto error; 340 if ((err = attach_one_algo(&x->ealg, &x->props.ealgo, 341 xfrm_ealg_get_byname, 342 xfrma[XFRMA_ALG_CRYPT-1]))) 343 goto error; 344 if ((err = attach_one_algo(&x->calg, &x->props.calgo, 345 xfrm_calg_get_byname, 346 xfrma[XFRMA_ALG_COMP-1]))) 347 goto error; 348 if ((err = attach_encap_tmpl(&x->encap, xfrma[XFRMA_ENCAP-1]))) 349 goto error; 350 351 err = xfrm_init_state(x); 352 if (err) 353 goto error; 354 355 if ((err = attach_sec_ctx(x, xfrma[XFRMA_SEC_CTX-1]))) 356 goto error; 357 358 x->km.seq = p->seq; 359 x->replay_maxdiff = sysctl_xfrm_aevent_rseqth; 360 /* sysctl_xfrm_aevent_etime is in 100ms units */ 361 x->replay_maxage = (sysctl_xfrm_aevent_etime*HZ)/XFRM_AE_ETH_M; 362 x->preplay.bitmap = 0; 363 x->preplay.seq = x->replay.seq+x->replay_maxdiff; 364 x->preplay.oseq = x->replay.oseq +x->replay_maxdiff; 365 366 /* override default values from above */ 367 368 err = xfrm_update_ae_params(x, (struct rtattr **)xfrma); 369 if (err < 0) 370 goto error; 371 372 return x; 373 374 error: 375 x->km.state = XFRM_STATE_DEAD; 376 xfrm_state_put(x); 377 error_no_put: 378 *errp = err; 379 return NULL; 380 } 381 382 static int xfrm_add_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 383 { 384 struct xfrm_usersa_info *p = NLMSG_DATA(nlh); 385 struct xfrm_state *x; 386 int err; 387 struct km_event c; 388 389 err = verify_newsa_info(p, (struct rtattr **)xfrma); 390 if (err) 391 return err; 392 393 x = xfrm_state_construct(p, (struct rtattr **)xfrma, &err); 394 if (!x) 395 return err; 396 397 xfrm_state_hold(x); 398 if (nlh->nlmsg_type == XFRM_MSG_NEWSA) 399 err = xfrm_state_add(x); 400 else 401 err = xfrm_state_update(x); 402 403 if (err < 0) { 404 x->km.state = XFRM_STATE_DEAD; 405 __xfrm_state_put(x); 406 goto out; 407 } 408 409 c.seq = nlh->nlmsg_seq; 410 c.pid = nlh->nlmsg_pid; 411 c.event = nlh->nlmsg_type; 412 413 km_state_notify(x, &c); 414 out: 415 xfrm_state_put(x); 416 return err; 417 } 418 419 static int xfrm_del_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 420 { 421 struct xfrm_state *x; 422 int err; 423 struct km_event c; 424 struct xfrm_usersa_id *p = NLMSG_DATA(nlh); 425 426 x = xfrm_state_lookup(&p->daddr, p->spi, p->proto, p->family); 427 if (x == NULL) 428 return -ESRCH; 429 430 if (xfrm_state_kern(x)) { 431 xfrm_state_put(x); 432 return -EPERM; 433 } 434 435 err = xfrm_state_delete(x); 436 if (err < 0) { 437 xfrm_state_put(x); 438 return err; 439 } 440 441 c.seq = nlh->nlmsg_seq; 442 c.pid = nlh->nlmsg_pid; 443 c.event = nlh->nlmsg_type; 444 km_state_notify(x, &c); 445 xfrm_state_put(x); 446 447 return err; 448 } 449 450 static void copy_to_user_state(struct xfrm_state *x, struct xfrm_usersa_info *p) 451 { 452 memcpy(&p->id, &x->id, sizeof(p->id)); 453 memcpy(&p->sel, &x->sel, sizeof(p->sel)); 454 memcpy(&p->lft, &x->lft, sizeof(p->lft)); 455 memcpy(&p->curlft, &x->curlft, sizeof(p->curlft)); 456 memcpy(&p->stats, &x->stats, sizeof(p->stats)); 457 p->saddr = x->props.saddr; 458 p->mode = x->props.mode; 459 p->replay_window = x->props.replay_window; 460 p->reqid = x->props.reqid; 461 p->family = x->props.family; 462 p->flags = x->props.flags; 463 p->seq = x->km.seq; 464 } 465 466 struct xfrm_dump_info { 467 struct sk_buff *in_skb; 468 struct sk_buff *out_skb; 469 u32 nlmsg_seq; 470 u16 nlmsg_flags; 471 int start_idx; 472 int this_idx; 473 }; 474 475 static int dump_one_state(struct xfrm_state *x, int count, void *ptr) 476 { 477 struct xfrm_dump_info *sp = ptr; 478 struct sk_buff *in_skb = sp->in_skb; 479 struct sk_buff *skb = sp->out_skb; 480 struct xfrm_usersa_info *p; 481 struct nlmsghdr *nlh; 482 unsigned char *b = skb->tail; 483 484 if (sp->this_idx < sp->start_idx) 485 goto out; 486 487 nlh = NLMSG_PUT(skb, NETLINK_CB(in_skb).pid, 488 sp->nlmsg_seq, 489 XFRM_MSG_NEWSA, sizeof(*p)); 490 nlh->nlmsg_flags = sp->nlmsg_flags; 491 492 p = NLMSG_DATA(nlh); 493 copy_to_user_state(x, p); 494 495 if (x->aalg) 496 RTA_PUT(skb, XFRMA_ALG_AUTH, 497 sizeof(*(x->aalg))+(x->aalg->alg_key_len+7)/8, x->aalg); 498 if (x->ealg) 499 RTA_PUT(skb, XFRMA_ALG_CRYPT, 500 sizeof(*(x->ealg))+(x->ealg->alg_key_len+7)/8, x->ealg); 501 if (x->calg) 502 RTA_PUT(skb, XFRMA_ALG_COMP, sizeof(*(x->calg)), x->calg); 503 504 if (x->encap) 505 RTA_PUT(skb, XFRMA_ENCAP, sizeof(*x->encap), x->encap); 506 507 if (x->security) { 508 int ctx_size = sizeof(struct xfrm_sec_ctx) + 509 x->security->ctx_len; 510 struct rtattr *rt = __RTA_PUT(skb, XFRMA_SEC_CTX, ctx_size); 511 struct xfrm_user_sec_ctx *uctx = RTA_DATA(rt); 512 513 uctx->exttype = XFRMA_SEC_CTX; 514 uctx->len = ctx_size; 515 uctx->ctx_doi = x->security->ctx_doi; 516 uctx->ctx_alg = x->security->ctx_alg; 517 uctx->ctx_len = x->security->ctx_len; 518 memcpy(uctx + 1, x->security->ctx_str, x->security->ctx_len); 519 } 520 nlh->nlmsg_len = skb->tail - b; 521 out: 522 sp->this_idx++; 523 return 0; 524 525 nlmsg_failure: 526 rtattr_failure: 527 skb_trim(skb, b - skb->data); 528 return -1; 529 } 530 531 static int xfrm_dump_sa(struct sk_buff *skb, struct netlink_callback *cb) 532 { 533 struct xfrm_dump_info info; 534 535 info.in_skb = cb->skb; 536 info.out_skb = skb; 537 info.nlmsg_seq = cb->nlh->nlmsg_seq; 538 info.nlmsg_flags = NLM_F_MULTI; 539 info.this_idx = 0; 540 info.start_idx = cb->args[0]; 541 (void) xfrm_state_walk(IPSEC_PROTO_ANY, dump_one_state, &info); 542 cb->args[0] = info.this_idx; 543 544 return skb->len; 545 } 546 547 static struct sk_buff *xfrm_state_netlink(struct sk_buff *in_skb, 548 struct xfrm_state *x, u32 seq) 549 { 550 struct xfrm_dump_info info; 551 struct sk_buff *skb; 552 553 skb = alloc_skb(NLMSG_GOODSIZE, GFP_ATOMIC); 554 if (!skb) 555 return ERR_PTR(-ENOMEM); 556 557 NETLINK_CB(skb).dst_pid = NETLINK_CB(in_skb).pid; 558 info.in_skb = in_skb; 559 info.out_skb = skb; 560 info.nlmsg_seq = seq; 561 info.nlmsg_flags = 0; 562 info.this_idx = info.start_idx = 0; 563 564 if (dump_one_state(x, 0, &info)) { 565 kfree_skb(skb); 566 return NULL; 567 } 568 569 return skb; 570 } 571 572 static int xfrm_get_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 573 { 574 struct xfrm_usersa_id *p = NLMSG_DATA(nlh); 575 struct xfrm_state *x; 576 struct sk_buff *resp_skb; 577 int err; 578 579 x = xfrm_state_lookup(&p->daddr, p->spi, p->proto, p->family); 580 err = -ESRCH; 581 if (x == NULL) 582 goto out_noput; 583 584 resp_skb = xfrm_state_netlink(skb, x, nlh->nlmsg_seq); 585 if (IS_ERR(resp_skb)) { 586 err = PTR_ERR(resp_skb); 587 } else { 588 err = netlink_unicast(xfrm_nl, resp_skb, 589 NETLINK_CB(skb).pid, MSG_DONTWAIT); 590 } 591 xfrm_state_put(x); 592 out_noput: 593 return err; 594 } 595 596 static int verify_userspi_info(struct xfrm_userspi_info *p) 597 { 598 switch (p->info.id.proto) { 599 case IPPROTO_AH: 600 case IPPROTO_ESP: 601 break; 602 603 case IPPROTO_COMP: 604 /* IPCOMP spi is 16-bits. */ 605 if (p->max >= 0x10000) 606 return -EINVAL; 607 break; 608 609 default: 610 return -EINVAL; 611 }; 612 613 if (p->min > p->max) 614 return -EINVAL; 615 616 return 0; 617 } 618 619 static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 620 { 621 struct xfrm_state *x; 622 struct xfrm_userspi_info *p; 623 struct sk_buff *resp_skb; 624 xfrm_address_t *daddr; 625 int family; 626 int err; 627 628 p = NLMSG_DATA(nlh); 629 err = verify_userspi_info(p); 630 if (err) 631 goto out_noput; 632 633 family = p->info.family; 634 daddr = &p->info.id.daddr; 635 636 x = NULL; 637 if (p->info.seq) { 638 x = xfrm_find_acq_byseq(p->info.seq); 639 if (x && xfrm_addr_cmp(&x->id.daddr, daddr, family)) { 640 xfrm_state_put(x); 641 x = NULL; 642 } 643 } 644 645 if (!x) 646 x = xfrm_find_acq(p->info.mode, p->info.reqid, 647 p->info.id.proto, daddr, 648 &p->info.saddr, 1, 649 family); 650 err = -ENOENT; 651 if (x == NULL) 652 goto out_noput; 653 654 resp_skb = ERR_PTR(-ENOENT); 655 656 spin_lock_bh(&x->lock); 657 if (x->km.state != XFRM_STATE_DEAD) { 658 xfrm_alloc_spi(x, htonl(p->min), htonl(p->max)); 659 if (x->id.spi) 660 resp_skb = xfrm_state_netlink(skb, x, nlh->nlmsg_seq); 661 } 662 spin_unlock_bh(&x->lock); 663 664 if (IS_ERR(resp_skb)) { 665 err = PTR_ERR(resp_skb); 666 goto out; 667 } 668 669 err = netlink_unicast(xfrm_nl, resp_skb, 670 NETLINK_CB(skb).pid, MSG_DONTWAIT); 671 672 out: 673 xfrm_state_put(x); 674 out_noput: 675 return err; 676 } 677 678 static int verify_policy_dir(__u8 dir) 679 { 680 switch (dir) { 681 case XFRM_POLICY_IN: 682 case XFRM_POLICY_OUT: 683 case XFRM_POLICY_FWD: 684 break; 685 686 default: 687 return -EINVAL; 688 }; 689 690 return 0; 691 } 692 693 static int verify_newpolicy_info(struct xfrm_userpolicy_info *p) 694 { 695 switch (p->share) { 696 case XFRM_SHARE_ANY: 697 case XFRM_SHARE_SESSION: 698 case XFRM_SHARE_USER: 699 case XFRM_SHARE_UNIQUE: 700 break; 701 702 default: 703 return -EINVAL; 704 }; 705 706 switch (p->action) { 707 case XFRM_POLICY_ALLOW: 708 case XFRM_POLICY_BLOCK: 709 break; 710 711 default: 712 return -EINVAL; 713 }; 714 715 switch (p->sel.family) { 716 case AF_INET: 717 break; 718 719 case AF_INET6: 720 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 721 break; 722 #else 723 return -EAFNOSUPPORT; 724 #endif 725 726 default: 727 return -EINVAL; 728 }; 729 730 return verify_policy_dir(p->dir); 731 } 732 733 static int copy_from_user_sec_ctx(struct xfrm_policy *pol, struct rtattr **xfrma) 734 { 735 struct rtattr *rt = xfrma[XFRMA_SEC_CTX-1]; 736 struct xfrm_user_sec_ctx *uctx; 737 738 if (!rt) 739 return 0; 740 741 uctx = RTA_DATA(rt); 742 return security_xfrm_policy_alloc(pol, uctx); 743 } 744 745 static void copy_templates(struct xfrm_policy *xp, struct xfrm_user_tmpl *ut, 746 int nr) 747 { 748 int i; 749 750 xp->xfrm_nr = nr; 751 for (i = 0; i < nr; i++, ut++) { 752 struct xfrm_tmpl *t = &xp->xfrm_vec[i]; 753 754 memcpy(&t->id, &ut->id, sizeof(struct xfrm_id)); 755 memcpy(&t->saddr, &ut->saddr, 756 sizeof(xfrm_address_t)); 757 t->reqid = ut->reqid; 758 t->mode = ut->mode; 759 t->share = ut->share; 760 t->optional = ut->optional; 761 t->aalgos = ut->aalgos; 762 t->ealgos = ut->ealgos; 763 t->calgos = ut->calgos; 764 } 765 } 766 767 static int copy_from_user_tmpl(struct xfrm_policy *pol, struct rtattr **xfrma) 768 { 769 struct rtattr *rt = xfrma[XFRMA_TMPL-1]; 770 struct xfrm_user_tmpl *utmpl; 771 int nr; 772 773 if (!rt) { 774 pol->xfrm_nr = 0; 775 } else { 776 nr = (rt->rta_len - sizeof(*rt)) / sizeof(*utmpl); 777 778 if (nr > XFRM_MAX_DEPTH) 779 return -EINVAL; 780 781 copy_templates(pol, RTA_DATA(rt), nr); 782 } 783 return 0; 784 } 785 786 static void copy_from_user_policy(struct xfrm_policy *xp, struct xfrm_userpolicy_info *p) 787 { 788 xp->priority = p->priority; 789 xp->index = p->index; 790 memcpy(&xp->selector, &p->sel, sizeof(xp->selector)); 791 memcpy(&xp->lft, &p->lft, sizeof(xp->lft)); 792 xp->action = p->action; 793 xp->flags = p->flags; 794 xp->family = p->sel.family; 795 /* XXX xp->share = p->share; */ 796 } 797 798 static void copy_to_user_policy(struct xfrm_policy *xp, struct xfrm_userpolicy_info *p, int dir) 799 { 800 memcpy(&p->sel, &xp->selector, sizeof(p->sel)); 801 memcpy(&p->lft, &xp->lft, sizeof(p->lft)); 802 memcpy(&p->curlft, &xp->curlft, sizeof(p->curlft)); 803 p->priority = xp->priority; 804 p->index = xp->index; 805 p->sel.family = xp->family; 806 p->dir = dir; 807 p->action = xp->action; 808 p->flags = xp->flags; 809 p->share = XFRM_SHARE_ANY; /* XXX xp->share */ 810 } 811 812 static struct xfrm_policy *xfrm_policy_construct(struct xfrm_userpolicy_info *p, struct rtattr **xfrma, int *errp) 813 { 814 struct xfrm_policy *xp = xfrm_policy_alloc(GFP_KERNEL); 815 int err; 816 817 if (!xp) { 818 *errp = -ENOMEM; 819 return NULL; 820 } 821 822 copy_from_user_policy(xp, p); 823 824 if (!(err = copy_from_user_tmpl(xp, xfrma))) 825 err = copy_from_user_sec_ctx(xp, xfrma); 826 827 if (err) { 828 *errp = err; 829 kfree(xp); 830 xp = NULL; 831 } 832 833 return xp; 834 } 835 836 static int xfrm_add_policy(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 837 { 838 struct xfrm_userpolicy_info *p = NLMSG_DATA(nlh); 839 struct xfrm_policy *xp; 840 struct km_event c; 841 int err; 842 int excl; 843 844 err = verify_newpolicy_info(p); 845 if (err) 846 return err; 847 err = verify_sec_ctx_len((struct rtattr **)xfrma); 848 if (err) 849 return err; 850 851 xp = xfrm_policy_construct(p, (struct rtattr **)xfrma, &err); 852 if (!xp) 853 return err; 854 855 /* shouldnt excl be based on nlh flags?? 856 * Aha! this is anti-netlink really i.e more pfkey derived 857 * in netlink excl is a flag and you wouldnt need 858 * a type XFRM_MSG_UPDPOLICY - JHS */ 859 excl = nlh->nlmsg_type == XFRM_MSG_NEWPOLICY; 860 err = xfrm_policy_insert(p->dir, xp, excl); 861 if (err) { 862 security_xfrm_policy_free(xp); 863 kfree(xp); 864 return err; 865 } 866 867 c.event = nlh->nlmsg_type; 868 c.seq = nlh->nlmsg_seq; 869 c.pid = nlh->nlmsg_pid; 870 km_policy_notify(xp, p->dir, &c); 871 872 xfrm_pol_put(xp); 873 874 return 0; 875 } 876 877 static int copy_to_user_tmpl(struct xfrm_policy *xp, struct sk_buff *skb) 878 { 879 struct xfrm_user_tmpl vec[XFRM_MAX_DEPTH]; 880 int i; 881 882 if (xp->xfrm_nr == 0) 883 return 0; 884 885 for (i = 0; i < xp->xfrm_nr; i++) { 886 struct xfrm_user_tmpl *up = &vec[i]; 887 struct xfrm_tmpl *kp = &xp->xfrm_vec[i]; 888 889 memcpy(&up->id, &kp->id, sizeof(up->id)); 890 up->family = xp->family; 891 memcpy(&up->saddr, &kp->saddr, sizeof(up->saddr)); 892 up->reqid = kp->reqid; 893 up->mode = kp->mode; 894 up->share = kp->share; 895 up->optional = kp->optional; 896 up->aalgos = kp->aalgos; 897 up->ealgos = kp->ealgos; 898 up->calgos = kp->calgos; 899 } 900 RTA_PUT(skb, XFRMA_TMPL, 901 (sizeof(struct xfrm_user_tmpl) * xp->xfrm_nr), 902 vec); 903 904 return 0; 905 906 rtattr_failure: 907 return -1; 908 } 909 910 static int copy_to_user_sec_ctx(struct xfrm_policy *xp, struct sk_buff *skb) 911 { 912 if (xp->security) { 913 int ctx_size = sizeof(struct xfrm_sec_ctx) + 914 xp->security->ctx_len; 915 struct rtattr *rt = __RTA_PUT(skb, XFRMA_SEC_CTX, ctx_size); 916 struct xfrm_user_sec_ctx *uctx = RTA_DATA(rt); 917 918 uctx->exttype = XFRMA_SEC_CTX; 919 uctx->len = ctx_size; 920 uctx->ctx_doi = xp->security->ctx_doi; 921 uctx->ctx_alg = xp->security->ctx_alg; 922 uctx->ctx_len = xp->security->ctx_len; 923 memcpy(uctx + 1, xp->security->ctx_str, xp->security->ctx_len); 924 } 925 return 0; 926 927 rtattr_failure: 928 return -1; 929 } 930 931 static int dump_one_policy(struct xfrm_policy *xp, int dir, int count, void *ptr) 932 { 933 struct xfrm_dump_info *sp = ptr; 934 struct xfrm_userpolicy_info *p; 935 struct sk_buff *in_skb = sp->in_skb; 936 struct sk_buff *skb = sp->out_skb; 937 struct nlmsghdr *nlh; 938 unsigned char *b = skb->tail; 939 940 if (sp->this_idx < sp->start_idx) 941 goto out; 942 943 nlh = NLMSG_PUT(skb, NETLINK_CB(in_skb).pid, 944 sp->nlmsg_seq, 945 XFRM_MSG_NEWPOLICY, sizeof(*p)); 946 p = NLMSG_DATA(nlh); 947 nlh->nlmsg_flags = sp->nlmsg_flags; 948 949 copy_to_user_policy(xp, p, dir); 950 if (copy_to_user_tmpl(xp, skb) < 0) 951 goto nlmsg_failure; 952 if (copy_to_user_sec_ctx(xp, skb)) 953 goto nlmsg_failure; 954 955 nlh->nlmsg_len = skb->tail - b; 956 out: 957 sp->this_idx++; 958 return 0; 959 960 nlmsg_failure: 961 skb_trim(skb, b - skb->data); 962 return -1; 963 } 964 965 static int xfrm_dump_policy(struct sk_buff *skb, struct netlink_callback *cb) 966 { 967 struct xfrm_dump_info info; 968 969 info.in_skb = cb->skb; 970 info.out_skb = skb; 971 info.nlmsg_seq = cb->nlh->nlmsg_seq; 972 info.nlmsg_flags = NLM_F_MULTI; 973 info.this_idx = 0; 974 info.start_idx = cb->args[0]; 975 (void) xfrm_policy_walk(dump_one_policy, &info); 976 cb->args[0] = info.this_idx; 977 978 return skb->len; 979 } 980 981 static struct sk_buff *xfrm_policy_netlink(struct sk_buff *in_skb, 982 struct xfrm_policy *xp, 983 int dir, u32 seq) 984 { 985 struct xfrm_dump_info info; 986 struct sk_buff *skb; 987 988 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 989 if (!skb) 990 return ERR_PTR(-ENOMEM); 991 992 NETLINK_CB(skb).dst_pid = NETLINK_CB(in_skb).pid; 993 info.in_skb = in_skb; 994 info.out_skb = skb; 995 info.nlmsg_seq = seq; 996 info.nlmsg_flags = 0; 997 info.this_idx = info.start_idx = 0; 998 999 if (dump_one_policy(xp, dir, 0, &info) < 0) { 1000 kfree_skb(skb); 1001 return NULL; 1002 } 1003 1004 return skb; 1005 } 1006 1007 static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 1008 { 1009 struct xfrm_policy *xp; 1010 struct xfrm_userpolicy_id *p; 1011 int err; 1012 struct km_event c; 1013 int delete; 1014 1015 p = NLMSG_DATA(nlh); 1016 delete = nlh->nlmsg_type == XFRM_MSG_DELPOLICY; 1017 1018 err = verify_policy_dir(p->dir); 1019 if (err) 1020 return err; 1021 1022 if (p->index) 1023 xp = xfrm_policy_byid(p->dir, p->index, delete); 1024 else { 1025 struct rtattr **rtattrs = (struct rtattr **)xfrma; 1026 struct rtattr *rt = rtattrs[XFRMA_SEC_CTX-1]; 1027 struct xfrm_policy tmp; 1028 1029 err = verify_sec_ctx_len(rtattrs); 1030 if (err) 1031 return err; 1032 1033 memset(&tmp, 0, sizeof(struct xfrm_policy)); 1034 if (rt) { 1035 struct xfrm_user_sec_ctx *uctx = RTA_DATA(rt); 1036 1037 if ((err = security_xfrm_policy_alloc(&tmp, uctx))) 1038 return err; 1039 } 1040 xp = xfrm_policy_bysel_ctx(p->dir, &p->sel, tmp.security, delete); 1041 security_xfrm_policy_free(&tmp); 1042 } 1043 if (xp == NULL) 1044 return -ENOENT; 1045 1046 if (!delete) { 1047 struct sk_buff *resp_skb; 1048 1049 resp_skb = xfrm_policy_netlink(skb, xp, p->dir, nlh->nlmsg_seq); 1050 if (IS_ERR(resp_skb)) { 1051 err = PTR_ERR(resp_skb); 1052 } else { 1053 err = netlink_unicast(xfrm_nl, resp_skb, 1054 NETLINK_CB(skb).pid, 1055 MSG_DONTWAIT); 1056 } 1057 } else { 1058 c.data.byid = p->index; 1059 c.event = nlh->nlmsg_type; 1060 c.seq = nlh->nlmsg_seq; 1061 c.pid = nlh->nlmsg_pid; 1062 km_policy_notify(xp, p->dir, &c); 1063 } 1064 1065 xfrm_pol_put(xp); 1066 1067 return err; 1068 } 1069 1070 static int xfrm_flush_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 1071 { 1072 struct km_event c; 1073 struct xfrm_usersa_flush *p = NLMSG_DATA(nlh); 1074 1075 xfrm_state_flush(p->proto); 1076 c.data.proto = p->proto; 1077 c.event = nlh->nlmsg_type; 1078 c.seq = nlh->nlmsg_seq; 1079 c.pid = nlh->nlmsg_pid; 1080 km_state_notify(NULL, &c); 1081 1082 return 0; 1083 } 1084 1085 1086 static int build_aevent(struct sk_buff *skb, struct xfrm_state *x, struct km_event *c) 1087 { 1088 struct xfrm_aevent_id *id; 1089 struct nlmsghdr *nlh; 1090 struct xfrm_lifetime_cur ltime; 1091 unsigned char *b = skb->tail; 1092 1093 nlh = NLMSG_PUT(skb, c->pid, c->seq, XFRM_MSG_NEWAE, sizeof(*id)); 1094 id = NLMSG_DATA(nlh); 1095 nlh->nlmsg_flags = 0; 1096 1097 id->sa_id.daddr = x->id.daddr; 1098 id->sa_id.spi = x->id.spi; 1099 id->sa_id.family = x->props.family; 1100 id->sa_id.proto = x->id.proto; 1101 id->flags = c->data.aevent; 1102 1103 RTA_PUT(skb, XFRMA_REPLAY_VAL, sizeof(x->replay), &x->replay); 1104 1105 ltime.bytes = x->curlft.bytes; 1106 ltime.packets = x->curlft.packets; 1107 ltime.add_time = x->curlft.add_time; 1108 ltime.use_time = x->curlft.use_time; 1109 1110 RTA_PUT(skb, XFRMA_LTIME_VAL, sizeof(struct xfrm_lifetime_cur), <ime); 1111 1112 if (id->flags&XFRM_AE_RTHR) { 1113 RTA_PUT(skb,XFRMA_REPLAY_THRESH,sizeof(u32),&x->replay_maxdiff); 1114 } 1115 1116 if (id->flags&XFRM_AE_ETHR) { 1117 u32 etimer = x->replay_maxage*10/HZ; 1118 RTA_PUT(skb,XFRMA_ETIMER_THRESH,sizeof(u32),&etimer); 1119 } 1120 1121 nlh->nlmsg_len = skb->tail - b; 1122 return skb->len; 1123 1124 rtattr_failure: 1125 nlmsg_failure: 1126 skb_trim(skb, b - skb->data); 1127 return -1; 1128 } 1129 1130 static int xfrm_get_ae(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 1131 { 1132 struct xfrm_state *x; 1133 struct sk_buff *r_skb; 1134 int err; 1135 struct km_event c; 1136 struct xfrm_aevent_id *p = NLMSG_DATA(nlh); 1137 int len = NLMSG_LENGTH(sizeof(struct xfrm_aevent_id)); 1138 struct xfrm_usersa_id *id = &p->sa_id; 1139 1140 len += RTA_SPACE(sizeof(struct xfrm_replay_state)); 1141 len += RTA_SPACE(sizeof(struct xfrm_lifetime_cur)); 1142 1143 if (p->flags&XFRM_AE_RTHR) 1144 len+=RTA_SPACE(sizeof(u32)); 1145 1146 if (p->flags&XFRM_AE_ETHR) 1147 len+=RTA_SPACE(sizeof(u32)); 1148 1149 r_skb = alloc_skb(len, GFP_ATOMIC); 1150 if (r_skb == NULL) 1151 return -ENOMEM; 1152 1153 x = xfrm_state_lookup(&id->daddr, id->spi, id->proto, id->family); 1154 if (x == NULL) { 1155 kfree(r_skb); 1156 return -ESRCH; 1157 } 1158 1159 /* 1160 * XXX: is this lock really needed - none of the other 1161 * gets lock (the concern is things getting updated 1162 * while we are still reading) - jhs 1163 */ 1164 spin_lock_bh(&x->lock); 1165 c.data.aevent = p->flags; 1166 c.seq = nlh->nlmsg_seq; 1167 c.pid = nlh->nlmsg_pid; 1168 1169 if (build_aevent(r_skb, x, &c) < 0) 1170 BUG(); 1171 err = netlink_unicast(xfrm_nl, r_skb, 1172 NETLINK_CB(skb).pid, MSG_DONTWAIT); 1173 spin_unlock_bh(&x->lock); 1174 xfrm_state_put(x); 1175 return err; 1176 } 1177 1178 static int xfrm_new_ae(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 1179 { 1180 struct xfrm_state *x; 1181 struct km_event c; 1182 int err = - EINVAL; 1183 struct xfrm_aevent_id *p = NLMSG_DATA(nlh); 1184 struct rtattr *rp = xfrma[XFRMA_REPLAY_VAL-1]; 1185 struct rtattr *lt = xfrma[XFRMA_LTIME_VAL-1]; 1186 1187 if (!lt && !rp) 1188 return err; 1189 1190 /* pedantic mode - thou shalt sayeth replaceth */ 1191 if (!(nlh->nlmsg_flags&NLM_F_REPLACE)) 1192 return err; 1193 1194 x = xfrm_state_lookup(&p->sa_id.daddr, p->sa_id.spi, p->sa_id.proto, p->sa_id.family); 1195 if (x == NULL) 1196 return -ESRCH; 1197 1198 if (x->km.state != XFRM_STATE_VALID) 1199 goto out; 1200 1201 spin_lock_bh(&x->lock); 1202 err = xfrm_update_ae_params(x,(struct rtattr **)xfrma); 1203 spin_unlock_bh(&x->lock); 1204 if (err < 0) 1205 goto out; 1206 1207 c.event = nlh->nlmsg_type; 1208 c.seq = nlh->nlmsg_seq; 1209 c.pid = nlh->nlmsg_pid; 1210 c.data.aevent = XFRM_AE_CU; 1211 km_state_notify(x, &c); 1212 err = 0; 1213 out: 1214 xfrm_state_put(x); 1215 return err; 1216 } 1217 1218 static int xfrm_flush_policy(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 1219 { 1220 struct km_event c; 1221 1222 xfrm_policy_flush(); 1223 c.event = nlh->nlmsg_type; 1224 c.seq = nlh->nlmsg_seq; 1225 c.pid = nlh->nlmsg_pid; 1226 km_policy_notify(NULL, 0, &c); 1227 return 0; 1228 } 1229 1230 static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 1231 { 1232 struct xfrm_policy *xp; 1233 struct xfrm_user_polexpire *up = NLMSG_DATA(nlh); 1234 struct xfrm_userpolicy_info *p = &up->pol; 1235 int err = -ENOENT; 1236 1237 if (p->index) 1238 xp = xfrm_policy_byid(p->dir, p->index, 0); 1239 else { 1240 struct rtattr **rtattrs = (struct rtattr **)xfrma; 1241 struct rtattr *rt = rtattrs[XFRMA_SEC_CTX-1]; 1242 struct xfrm_policy tmp; 1243 1244 err = verify_sec_ctx_len(rtattrs); 1245 if (err) 1246 return err; 1247 1248 memset(&tmp, 0, sizeof(struct xfrm_policy)); 1249 if (rt) { 1250 struct xfrm_user_sec_ctx *uctx = RTA_DATA(rt); 1251 1252 if ((err = security_xfrm_policy_alloc(&tmp, uctx))) 1253 return err; 1254 } 1255 xp = xfrm_policy_bysel_ctx(p->dir, &p->sel, tmp.security, 0); 1256 security_xfrm_policy_free(&tmp); 1257 } 1258 1259 if (xp == NULL) 1260 return err; 1261 read_lock(&xp->lock); 1262 if (xp->dead) { 1263 read_unlock(&xp->lock); 1264 goto out; 1265 } 1266 1267 read_unlock(&xp->lock); 1268 err = 0; 1269 if (up->hard) { 1270 xfrm_policy_delete(xp, p->dir); 1271 } else { 1272 // reset the timers here? 1273 printk("Dont know what to do with soft policy expire\n"); 1274 } 1275 km_policy_expired(xp, p->dir, up->hard, current->pid); 1276 1277 out: 1278 xfrm_pol_put(xp); 1279 return err; 1280 } 1281 1282 static int xfrm_add_sa_expire(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 1283 { 1284 struct xfrm_state *x; 1285 int err; 1286 struct xfrm_user_expire *ue = NLMSG_DATA(nlh); 1287 struct xfrm_usersa_info *p = &ue->state; 1288 1289 x = xfrm_state_lookup(&p->id.daddr, p->id.spi, p->id.proto, p->family); 1290 err = -ENOENT; 1291 1292 if (x == NULL) 1293 return err; 1294 1295 err = -EINVAL; 1296 1297 spin_lock_bh(&x->lock); 1298 if (x->km.state != XFRM_STATE_VALID) 1299 goto out; 1300 km_state_expired(x, ue->hard, current->pid); 1301 1302 if (ue->hard) 1303 __xfrm_state_delete(x); 1304 out: 1305 spin_unlock_bh(&x->lock); 1306 xfrm_state_put(x); 1307 return err; 1308 } 1309 1310 static int xfrm_add_acquire(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 1311 { 1312 struct xfrm_policy *xp; 1313 struct xfrm_user_tmpl *ut; 1314 int i; 1315 struct rtattr *rt = xfrma[XFRMA_TMPL-1]; 1316 1317 struct xfrm_user_acquire *ua = NLMSG_DATA(nlh); 1318 struct xfrm_state *x = xfrm_state_alloc(); 1319 int err = -ENOMEM; 1320 1321 if (!x) 1322 return err; 1323 1324 err = verify_newpolicy_info(&ua->policy); 1325 if (err) { 1326 printk("BAD policy passed\n"); 1327 kfree(x); 1328 return err; 1329 } 1330 1331 /* build an XP */ 1332 xp = xfrm_policy_construct(&ua->policy, (struct rtattr **) xfrma, &err); if (!xp) { 1333 kfree(x); 1334 return err; 1335 } 1336 1337 memcpy(&x->id, &ua->id, sizeof(ua->id)); 1338 memcpy(&x->props.saddr, &ua->saddr, sizeof(ua->saddr)); 1339 memcpy(&x->sel, &ua->sel, sizeof(ua->sel)); 1340 1341 ut = RTA_DATA(rt); 1342 /* extract the templates and for each call km_key */ 1343 for (i = 0; i < xp->xfrm_nr; i++, ut++) { 1344 struct xfrm_tmpl *t = &xp->xfrm_vec[i]; 1345 memcpy(&x->id, &t->id, sizeof(x->id)); 1346 x->props.mode = t->mode; 1347 x->props.reqid = t->reqid; 1348 x->props.family = ut->family; 1349 t->aalgos = ua->aalgos; 1350 t->ealgos = ua->ealgos; 1351 t->calgos = ua->calgos; 1352 err = km_query(x, t, xp); 1353 1354 } 1355 1356 kfree(x); 1357 kfree(xp); 1358 1359 return 0; 1360 } 1361 1362 1363 #define XMSGSIZE(type) NLMSG_LENGTH(sizeof(struct type)) 1364 1365 static const int xfrm_msg_min[XFRM_NR_MSGTYPES] = { 1366 [XFRM_MSG_NEWSA - XFRM_MSG_BASE] = XMSGSIZE(xfrm_usersa_info), 1367 [XFRM_MSG_DELSA - XFRM_MSG_BASE] = XMSGSIZE(xfrm_usersa_id), 1368 [XFRM_MSG_GETSA - XFRM_MSG_BASE] = XMSGSIZE(xfrm_usersa_id), 1369 [XFRM_MSG_NEWPOLICY - XFRM_MSG_BASE] = XMSGSIZE(xfrm_userpolicy_info), 1370 [XFRM_MSG_DELPOLICY - XFRM_MSG_BASE] = XMSGSIZE(xfrm_userpolicy_id), 1371 [XFRM_MSG_GETPOLICY - XFRM_MSG_BASE] = XMSGSIZE(xfrm_userpolicy_id), 1372 [XFRM_MSG_ALLOCSPI - XFRM_MSG_BASE] = XMSGSIZE(xfrm_userspi_info), 1373 [XFRM_MSG_ACQUIRE - XFRM_MSG_BASE] = XMSGSIZE(xfrm_user_acquire), 1374 [XFRM_MSG_EXPIRE - XFRM_MSG_BASE] = XMSGSIZE(xfrm_user_expire), 1375 [XFRM_MSG_UPDPOLICY - XFRM_MSG_BASE] = XMSGSIZE(xfrm_userpolicy_info), 1376 [XFRM_MSG_UPDSA - XFRM_MSG_BASE] = XMSGSIZE(xfrm_usersa_info), 1377 [XFRM_MSG_POLEXPIRE - XFRM_MSG_BASE] = XMSGSIZE(xfrm_user_polexpire), 1378 [XFRM_MSG_FLUSHSA - XFRM_MSG_BASE] = XMSGSIZE(xfrm_usersa_flush), 1379 [XFRM_MSG_FLUSHPOLICY - XFRM_MSG_BASE] = NLMSG_LENGTH(0), 1380 [XFRM_MSG_NEWAE - XFRM_MSG_BASE] = XMSGSIZE(xfrm_aevent_id), 1381 [XFRM_MSG_GETAE - XFRM_MSG_BASE] = XMSGSIZE(xfrm_aevent_id), 1382 }; 1383 1384 #undef XMSGSIZE 1385 1386 static struct xfrm_link { 1387 int (*doit)(struct sk_buff *, struct nlmsghdr *, void **); 1388 int (*dump)(struct sk_buff *, struct netlink_callback *); 1389 } xfrm_dispatch[XFRM_NR_MSGTYPES] = { 1390 [XFRM_MSG_NEWSA - XFRM_MSG_BASE] = { .doit = xfrm_add_sa }, 1391 [XFRM_MSG_DELSA - XFRM_MSG_BASE] = { .doit = xfrm_del_sa }, 1392 [XFRM_MSG_GETSA - XFRM_MSG_BASE] = { .doit = xfrm_get_sa, 1393 .dump = xfrm_dump_sa }, 1394 [XFRM_MSG_NEWPOLICY - XFRM_MSG_BASE] = { .doit = xfrm_add_policy }, 1395 [XFRM_MSG_DELPOLICY - XFRM_MSG_BASE] = { .doit = xfrm_get_policy }, 1396 [XFRM_MSG_GETPOLICY - XFRM_MSG_BASE] = { .doit = xfrm_get_policy, 1397 .dump = xfrm_dump_policy }, 1398 [XFRM_MSG_ALLOCSPI - XFRM_MSG_BASE] = { .doit = xfrm_alloc_userspi }, 1399 [XFRM_MSG_ACQUIRE - XFRM_MSG_BASE] = { .doit = xfrm_add_acquire }, 1400 [XFRM_MSG_EXPIRE - XFRM_MSG_BASE] = { .doit = xfrm_add_sa_expire }, 1401 [XFRM_MSG_UPDPOLICY - XFRM_MSG_BASE] = { .doit = xfrm_add_policy }, 1402 [XFRM_MSG_UPDSA - XFRM_MSG_BASE] = { .doit = xfrm_add_sa }, 1403 [XFRM_MSG_POLEXPIRE - XFRM_MSG_BASE] = { .doit = xfrm_add_pol_expire}, 1404 [XFRM_MSG_FLUSHSA - XFRM_MSG_BASE] = { .doit = xfrm_flush_sa }, 1405 [XFRM_MSG_FLUSHPOLICY - XFRM_MSG_BASE] = { .doit = xfrm_flush_policy }, 1406 [XFRM_MSG_NEWAE - XFRM_MSG_BASE] = { .doit = xfrm_new_ae }, 1407 [XFRM_MSG_GETAE - XFRM_MSG_BASE] = { .doit = xfrm_get_ae }, 1408 }; 1409 1410 static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh, int *errp) 1411 { 1412 struct rtattr *xfrma[XFRMA_MAX]; 1413 struct xfrm_link *link; 1414 int type, min_len; 1415 1416 if (!(nlh->nlmsg_flags & NLM_F_REQUEST)) 1417 return 0; 1418 1419 type = nlh->nlmsg_type; 1420 1421 /* A control message: ignore them */ 1422 if (type < XFRM_MSG_BASE) 1423 return 0; 1424 1425 /* Unknown message: reply with EINVAL */ 1426 if (type > XFRM_MSG_MAX) 1427 goto err_einval; 1428 1429 type -= XFRM_MSG_BASE; 1430 link = &xfrm_dispatch[type]; 1431 1432 /* All operations require privileges, even GET */ 1433 if (security_netlink_recv(skb)) { 1434 *errp = -EPERM; 1435 return -1; 1436 } 1437 1438 if ((type == (XFRM_MSG_GETSA - XFRM_MSG_BASE) || 1439 type == (XFRM_MSG_GETPOLICY - XFRM_MSG_BASE)) && 1440 (nlh->nlmsg_flags & NLM_F_DUMP)) { 1441 if (link->dump == NULL) 1442 goto err_einval; 1443 1444 if ((*errp = netlink_dump_start(xfrm_nl, skb, nlh, 1445 link->dump, NULL)) != 0) { 1446 return -1; 1447 } 1448 1449 netlink_queue_skip(nlh, skb); 1450 return -1; 1451 } 1452 1453 memset(xfrma, 0, sizeof(xfrma)); 1454 1455 if (nlh->nlmsg_len < (min_len = xfrm_msg_min[type])) 1456 goto err_einval; 1457 1458 if (nlh->nlmsg_len > min_len) { 1459 int attrlen = nlh->nlmsg_len - NLMSG_ALIGN(min_len); 1460 struct rtattr *attr = (void *) nlh + NLMSG_ALIGN(min_len); 1461 1462 while (RTA_OK(attr, attrlen)) { 1463 unsigned short flavor = attr->rta_type; 1464 if (flavor) { 1465 if (flavor > XFRMA_MAX) 1466 goto err_einval; 1467 xfrma[flavor - 1] = attr; 1468 } 1469 attr = RTA_NEXT(attr, attrlen); 1470 } 1471 } 1472 1473 if (link->doit == NULL) 1474 goto err_einval; 1475 *errp = link->doit(skb, nlh, (void **) &xfrma); 1476 1477 return *errp; 1478 1479 err_einval: 1480 *errp = -EINVAL; 1481 return -1; 1482 } 1483 1484 static void xfrm_netlink_rcv(struct sock *sk, int len) 1485 { 1486 unsigned int qlen = 0; 1487 1488 do { 1489 mutex_lock(&xfrm_cfg_mutex); 1490 netlink_run_queue(sk, &qlen, &xfrm_user_rcv_msg); 1491 mutex_unlock(&xfrm_cfg_mutex); 1492 1493 } while (qlen); 1494 } 1495 1496 static int build_expire(struct sk_buff *skb, struct xfrm_state *x, struct km_event *c) 1497 { 1498 struct xfrm_user_expire *ue; 1499 struct nlmsghdr *nlh; 1500 unsigned char *b = skb->tail; 1501 1502 nlh = NLMSG_PUT(skb, c->pid, 0, XFRM_MSG_EXPIRE, 1503 sizeof(*ue)); 1504 ue = NLMSG_DATA(nlh); 1505 nlh->nlmsg_flags = 0; 1506 1507 copy_to_user_state(x, &ue->state); 1508 ue->hard = (c->data.hard != 0) ? 1 : 0; 1509 1510 nlh->nlmsg_len = skb->tail - b; 1511 return skb->len; 1512 1513 nlmsg_failure: 1514 skb_trim(skb, b - skb->data); 1515 return -1; 1516 } 1517 1518 static int xfrm_exp_state_notify(struct xfrm_state *x, struct km_event *c) 1519 { 1520 struct sk_buff *skb; 1521 int len = NLMSG_LENGTH(sizeof(struct xfrm_user_expire)); 1522 1523 skb = alloc_skb(len, GFP_ATOMIC); 1524 if (skb == NULL) 1525 return -ENOMEM; 1526 1527 if (build_expire(skb, x, c) < 0) 1528 BUG(); 1529 1530 NETLINK_CB(skb).dst_group = XFRMNLGRP_EXPIRE; 1531 return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_EXPIRE, GFP_ATOMIC); 1532 } 1533 1534 static int xfrm_aevent_state_notify(struct xfrm_state *x, struct km_event *c) 1535 { 1536 struct sk_buff *skb; 1537 int len = NLMSG_LENGTH(sizeof(struct xfrm_aevent_id)); 1538 1539 len += RTA_SPACE(sizeof(struct xfrm_replay_state)); 1540 len += RTA_SPACE(sizeof(struct xfrm_lifetime_cur)); 1541 skb = alloc_skb(len, GFP_ATOMIC); 1542 if (skb == NULL) 1543 return -ENOMEM; 1544 1545 if (build_aevent(skb, x, c) < 0) 1546 BUG(); 1547 1548 NETLINK_CB(skb).dst_group = XFRMNLGRP_AEVENTS; 1549 return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_AEVENTS, GFP_ATOMIC); 1550 } 1551 1552 static int xfrm_notify_sa_flush(struct km_event *c) 1553 { 1554 struct xfrm_usersa_flush *p; 1555 struct nlmsghdr *nlh; 1556 struct sk_buff *skb; 1557 unsigned char *b; 1558 int len = NLMSG_LENGTH(sizeof(struct xfrm_usersa_flush)); 1559 1560 skb = alloc_skb(len, GFP_ATOMIC); 1561 if (skb == NULL) 1562 return -ENOMEM; 1563 b = skb->tail; 1564 1565 nlh = NLMSG_PUT(skb, c->pid, c->seq, 1566 XFRM_MSG_FLUSHSA, sizeof(*p)); 1567 nlh->nlmsg_flags = 0; 1568 1569 p = NLMSG_DATA(nlh); 1570 p->proto = c->data.proto; 1571 1572 nlh->nlmsg_len = skb->tail - b; 1573 1574 NETLINK_CB(skb).dst_group = XFRMNLGRP_SA; 1575 return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_SA, GFP_ATOMIC); 1576 1577 nlmsg_failure: 1578 kfree_skb(skb); 1579 return -1; 1580 } 1581 1582 static int inline xfrm_sa_len(struct xfrm_state *x) 1583 { 1584 int l = 0; 1585 if (x->aalg) 1586 l += RTA_SPACE(sizeof(*x->aalg) + (x->aalg->alg_key_len+7)/8); 1587 if (x->ealg) 1588 l += RTA_SPACE(sizeof(*x->ealg) + (x->ealg->alg_key_len+7)/8); 1589 if (x->calg) 1590 l += RTA_SPACE(sizeof(*x->calg)); 1591 if (x->encap) 1592 l += RTA_SPACE(sizeof(*x->encap)); 1593 1594 return l; 1595 } 1596 1597 static int xfrm_notify_sa(struct xfrm_state *x, struct km_event *c) 1598 { 1599 struct xfrm_usersa_info *p; 1600 struct xfrm_usersa_id *id; 1601 struct nlmsghdr *nlh; 1602 struct sk_buff *skb; 1603 unsigned char *b; 1604 int len = xfrm_sa_len(x); 1605 int headlen; 1606 1607 headlen = sizeof(*p); 1608 if (c->event == XFRM_MSG_DELSA) { 1609 len += RTA_SPACE(headlen); 1610 headlen = sizeof(*id); 1611 } 1612 len += NLMSG_SPACE(headlen); 1613 1614 skb = alloc_skb(len, GFP_ATOMIC); 1615 if (skb == NULL) 1616 return -ENOMEM; 1617 b = skb->tail; 1618 1619 nlh = NLMSG_PUT(skb, c->pid, c->seq, c->event, headlen); 1620 nlh->nlmsg_flags = 0; 1621 1622 p = NLMSG_DATA(nlh); 1623 if (c->event == XFRM_MSG_DELSA) { 1624 id = NLMSG_DATA(nlh); 1625 memcpy(&id->daddr, &x->id.daddr, sizeof(id->daddr)); 1626 id->spi = x->id.spi; 1627 id->family = x->props.family; 1628 id->proto = x->id.proto; 1629 1630 p = RTA_DATA(__RTA_PUT(skb, XFRMA_SA, sizeof(*p))); 1631 } 1632 1633 copy_to_user_state(x, p); 1634 1635 if (x->aalg) 1636 RTA_PUT(skb, XFRMA_ALG_AUTH, 1637 sizeof(*(x->aalg))+(x->aalg->alg_key_len+7)/8, x->aalg); 1638 if (x->ealg) 1639 RTA_PUT(skb, XFRMA_ALG_CRYPT, 1640 sizeof(*(x->ealg))+(x->ealg->alg_key_len+7)/8, x->ealg); 1641 if (x->calg) 1642 RTA_PUT(skb, XFRMA_ALG_COMP, sizeof(*(x->calg)), x->calg); 1643 1644 if (x->encap) 1645 RTA_PUT(skb, XFRMA_ENCAP, sizeof(*x->encap), x->encap); 1646 1647 nlh->nlmsg_len = skb->tail - b; 1648 1649 NETLINK_CB(skb).dst_group = XFRMNLGRP_SA; 1650 return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_SA, GFP_ATOMIC); 1651 1652 nlmsg_failure: 1653 rtattr_failure: 1654 kfree_skb(skb); 1655 return -1; 1656 } 1657 1658 static int xfrm_send_state_notify(struct xfrm_state *x, struct km_event *c) 1659 { 1660 1661 switch (c->event) { 1662 case XFRM_MSG_EXPIRE: 1663 return xfrm_exp_state_notify(x, c); 1664 case XFRM_MSG_NEWAE: 1665 return xfrm_aevent_state_notify(x, c); 1666 case XFRM_MSG_DELSA: 1667 case XFRM_MSG_UPDSA: 1668 case XFRM_MSG_NEWSA: 1669 return xfrm_notify_sa(x, c); 1670 case XFRM_MSG_FLUSHSA: 1671 return xfrm_notify_sa_flush(c); 1672 default: 1673 printk("xfrm_user: Unknown SA event %d\n", c->event); 1674 break; 1675 } 1676 1677 return 0; 1678 1679 } 1680 1681 static int build_acquire(struct sk_buff *skb, struct xfrm_state *x, 1682 struct xfrm_tmpl *xt, struct xfrm_policy *xp, 1683 int dir) 1684 { 1685 struct xfrm_user_acquire *ua; 1686 struct nlmsghdr *nlh; 1687 unsigned char *b = skb->tail; 1688 __u32 seq = xfrm_get_acqseq(); 1689 1690 nlh = NLMSG_PUT(skb, 0, 0, XFRM_MSG_ACQUIRE, 1691 sizeof(*ua)); 1692 ua = NLMSG_DATA(nlh); 1693 nlh->nlmsg_flags = 0; 1694 1695 memcpy(&ua->id, &x->id, sizeof(ua->id)); 1696 memcpy(&ua->saddr, &x->props.saddr, sizeof(ua->saddr)); 1697 memcpy(&ua->sel, &x->sel, sizeof(ua->sel)); 1698 copy_to_user_policy(xp, &ua->policy, dir); 1699 ua->aalgos = xt->aalgos; 1700 ua->ealgos = xt->ealgos; 1701 ua->calgos = xt->calgos; 1702 ua->seq = x->km.seq = seq; 1703 1704 if (copy_to_user_tmpl(xp, skb) < 0) 1705 goto nlmsg_failure; 1706 if (copy_to_user_sec_ctx(xp, skb)) 1707 goto nlmsg_failure; 1708 1709 nlh->nlmsg_len = skb->tail - b; 1710 return skb->len; 1711 1712 nlmsg_failure: 1713 skb_trim(skb, b - skb->data); 1714 return -1; 1715 } 1716 1717 static int xfrm_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *xt, 1718 struct xfrm_policy *xp, int dir) 1719 { 1720 struct sk_buff *skb; 1721 size_t len; 1722 1723 len = RTA_SPACE(sizeof(struct xfrm_user_tmpl) * xp->xfrm_nr); 1724 len += NLMSG_SPACE(sizeof(struct xfrm_user_acquire)); 1725 len += RTA_SPACE(xfrm_user_sec_ctx_size(xp)); 1726 skb = alloc_skb(len, GFP_ATOMIC); 1727 if (skb == NULL) 1728 return -ENOMEM; 1729 1730 if (build_acquire(skb, x, xt, xp, dir) < 0) 1731 BUG(); 1732 1733 NETLINK_CB(skb).dst_group = XFRMNLGRP_ACQUIRE; 1734 return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_ACQUIRE, GFP_ATOMIC); 1735 } 1736 1737 /* User gives us xfrm_user_policy_info followed by an array of 0 1738 * or more templates. 1739 */ 1740 static struct xfrm_policy *xfrm_compile_policy(u16 family, int opt, 1741 u8 *data, int len, int *dir) 1742 { 1743 struct xfrm_userpolicy_info *p = (struct xfrm_userpolicy_info *)data; 1744 struct xfrm_user_tmpl *ut = (struct xfrm_user_tmpl *) (p + 1); 1745 struct xfrm_policy *xp; 1746 int nr; 1747 1748 switch (family) { 1749 case AF_INET: 1750 if (opt != IP_XFRM_POLICY) { 1751 *dir = -EOPNOTSUPP; 1752 return NULL; 1753 } 1754 break; 1755 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 1756 case AF_INET6: 1757 if (opt != IPV6_XFRM_POLICY) { 1758 *dir = -EOPNOTSUPP; 1759 return NULL; 1760 } 1761 break; 1762 #endif 1763 default: 1764 *dir = -EINVAL; 1765 return NULL; 1766 } 1767 1768 *dir = -EINVAL; 1769 1770 if (len < sizeof(*p) || 1771 verify_newpolicy_info(p)) 1772 return NULL; 1773 1774 nr = ((len - sizeof(*p)) / sizeof(*ut)); 1775 if (nr > XFRM_MAX_DEPTH) 1776 return NULL; 1777 1778 if (p->dir > XFRM_POLICY_OUT) 1779 return NULL; 1780 1781 xp = xfrm_policy_alloc(GFP_KERNEL); 1782 if (xp == NULL) { 1783 *dir = -ENOBUFS; 1784 return NULL; 1785 } 1786 1787 copy_from_user_policy(xp, p); 1788 copy_templates(xp, ut, nr); 1789 1790 *dir = p->dir; 1791 1792 return xp; 1793 } 1794 1795 static int build_polexpire(struct sk_buff *skb, struct xfrm_policy *xp, 1796 int dir, struct km_event *c) 1797 { 1798 struct xfrm_user_polexpire *upe; 1799 struct nlmsghdr *nlh; 1800 int hard = c->data.hard; 1801 unsigned char *b = skb->tail; 1802 1803 nlh = NLMSG_PUT(skb, c->pid, 0, XFRM_MSG_POLEXPIRE, sizeof(*upe)); 1804 upe = NLMSG_DATA(nlh); 1805 nlh->nlmsg_flags = 0; 1806 1807 copy_to_user_policy(xp, &upe->pol, dir); 1808 if (copy_to_user_tmpl(xp, skb) < 0) 1809 goto nlmsg_failure; 1810 if (copy_to_user_sec_ctx(xp, skb)) 1811 goto nlmsg_failure; 1812 upe->hard = !!hard; 1813 1814 nlh->nlmsg_len = skb->tail - b; 1815 return skb->len; 1816 1817 nlmsg_failure: 1818 skb_trim(skb, b - skb->data); 1819 return -1; 1820 } 1821 1822 static int xfrm_exp_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c) 1823 { 1824 struct sk_buff *skb; 1825 size_t len; 1826 1827 len = RTA_SPACE(sizeof(struct xfrm_user_tmpl) * xp->xfrm_nr); 1828 len += NLMSG_SPACE(sizeof(struct xfrm_user_polexpire)); 1829 len += RTA_SPACE(xfrm_user_sec_ctx_size(xp)); 1830 skb = alloc_skb(len, GFP_ATOMIC); 1831 if (skb == NULL) 1832 return -ENOMEM; 1833 1834 if (build_polexpire(skb, xp, dir, c) < 0) 1835 BUG(); 1836 1837 NETLINK_CB(skb).dst_group = XFRMNLGRP_EXPIRE; 1838 return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_EXPIRE, GFP_ATOMIC); 1839 } 1840 1841 static int xfrm_notify_policy(struct xfrm_policy *xp, int dir, struct km_event *c) 1842 { 1843 struct xfrm_userpolicy_info *p; 1844 struct xfrm_userpolicy_id *id; 1845 struct nlmsghdr *nlh; 1846 struct sk_buff *skb; 1847 unsigned char *b; 1848 int len = RTA_SPACE(sizeof(struct xfrm_user_tmpl) * xp->xfrm_nr); 1849 int headlen; 1850 1851 headlen = sizeof(*p); 1852 if (c->event == XFRM_MSG_DELPOLICY) { 1853 len += RTA_SPACE(headlen); 1854 headlen = sizeof(*id); 1855 } 1856 len += NLMSG_SPACE(headlen); 1857 1858 skb = alloc_skb(len, GFP_ATOMIC); 1859 if (skb == NULL) 1860 return -ENOMEM; 1861 b = skb->tail; 1862 1863 nlh = NLMSG_PUT(skb, c->pid, c->seq, c->event, headlen); 1864 1865 p = NLMSG_DATA(nlh); 1866 if (c->event == XFRM_MSG_DELPOLICY) { 1867 id = NLMSG_DATA(nlh); 1868 memset(id, 0, sizeof(*id)); 1869 id->dir = dir; 1870 if (c->data.byid) 1871 id->index = xp->index; 1872 else 1873 memcpy(&id->sel, &xp->selector, sizeof(id->sel)); 1874 1875 p = RTA_DATA(__RTA_PUT(skb, XFRMA_POLICY, sizeof(*p))); 1876 } 1877 1878 nlh->nlmsg_flags = 0; 1879 1880 copy_to_user_policy(xp, p, dir); 1881 if (copy_to_user_tmpl(xp, skb) < 0) 1882 goto nlmsg_failure; 1883 1884 nlh->nlmsg_len = skb->tail - b; 1885 1886 NETLINK_CB(skb).dst_group = XFRMNLGRP_POLICY; 1887 return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_POLICY, GFP_ATOMIC); 1888 1889 nlmsg_failure: 1890 rtattr_failure: 1891 kfree_skb(skb); 1892 return -1; 1893 } 1894 1895 static int xfrm_notify_policy_flush(struct km_event *c) 1896 { 1897 struct nlmsghdr *nlh; 1898 struct sk_buff *skb; 1899 unsigned char *b; 1900 int len = NLMSG_LENGTH(0); 1901 1902 skb = alloc_skb(len, GFP_ATOMIC); 1903 if (skb == NULL) 1904 return -ENOMEM; 1905 b = skb->tail; 1906 1907 1908 nlh = NLMSG_PUT(skb, c->pid, c->seq, XFRM_MSG_FLUSHPOLICY, 0); 1909 1910 nlh->nlmsg_len = skb->tail - b; 1911 1912 NETLINK_CB(skb).dst_group = XFRMNLGRP_POLICY; 1913 return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_POLICY, GFP_ATOMIC); 1914 1915 nlmsg_failure: 1916 kfree_skb(skb); 1917 return -1; 1918 } 1919 1920 static int xfrm_send_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c) 1921 { 1922 1923 switch (c->event) { 1924 case XFRM_MSG_NEWPOLICY: 1925 case XFRM_MSG_UPDPOLICY: 1926 case XFRM_MSG_DELPOLICY: 1927 return xfrm_notify_policy(xp, dir, c); 1928 case XFRM_MSG_FLUSHPOLICY: 1929 return xfrm_notify_policy_flush(c); 1930 case XFRM_MSG_POLEXPIRE: 1931 return xfrm_exp_policy_notify(xp, dir, c); 1932 default: 1933 printk("xfrm_user: Unknown Policy event %d\n", c->event); 1934 } 1935 1936 return 0; 1937 1938 } 1939 1940 static struct xfrm_mgr netlink_mgr = { 1941 .id = "netlink", 1942 .notify = xfrm_send_state_notify, 1943 .acquire = xfrm_send_acquire, 1944 .compile_policy = xfrm_compile_policy, 1945 .notify_policy = xfrm_send_policy_notify, 1946 }; 1947 1948 static int __init xfrm_user_init(void) 1949 { 1950 struct sock *nlsk; 1951 1952 printk(KERN_INFO "Initializing IPsec netlink socket\n"); 1953 1954 nlsk = netlink_kernel_create(NETLINK_XFRM, XFRMNLGRP_MAX, 1955 xfrm_netlink_rcv, THIS_MODULE); 1956 if (nlsk == NULL) 1957 return -ENOMEM; 1958 rcu_assign_pointer(xfrm_nl, nlsk); 1959 1960 xfrm_register_km(&netlink_mgr); 1961 1962 return 0; 1963 } 1964 1965 static void __exit xfrm_user_exit(void) 1966 { 1967 struct sock *nlsk = xfrm_nl; 1968 1969 xfrm_unregister_km(&netlink_mgr); 1970 rcu_assign_pointer(xfrm_nl, NULL); 1971 synchronize_rcu(); 1972 sock_release(nlsk->sk_socket); 1973 } 1974 1975 module_init(xfrm_user_init); 1976 module_exit(xfrm_user_exit); 1977 MODULE_LICENSE("GPL"); 1978 MODULE_ALIAS_NET_PF_PROTO(PF_NETLINK, NETLINK_XFRM); 1979 1980