1 /* xfrm_user.c: User interface to configure xfrm engine. 2 * 3 * Copyright (C) 2002 David S. Miller (davem@redhat.com) 4 * 5 * Changes: 6 * Mitsuru KANDA @USAGI 7 * Kazunori MIYAZAWA @USAGI 8 * Kunihiro Ishiguro <kunihiro@ipinfusion.com> 9 * IPv6 support 10 * 11 */ 12 13 #include <linux/crypto.h> 14 #include <linux/module.h> 15 #include <linux/kernel.h> 16 #include <linux/types.h> 17 #include <linux/slab.h> 18 #include <linux/socket.h> 19 #include <linux/string.h> 20 #include <linux/net.h> 21 #include <linux/skbuff.h> 22 #include <linux/rtnetlink.h> 23 #include <linux/pfkeyv2.h> 24 #include <linux/ipsec.h> 25 #include <linux/init.h> 26 #include <linux/security.h> 27 #include <net/sock.h> 28 #include <net/xfrm.h> 29 #include <net/netlink.h> 30 #include <asm/uaccess.h> 31 32 static int verify_one_alg(struct rtattr **xfrma, enum xfrm_attr_type_t type) 33 { 34 struct rtattr *rt = xfrma[type - 1]; 35 struct xfrm_algo *algp; 36 int len; 37 38 if (!rt) 39 return 0; 40 41 len = (rt->rta_len - sizeof(*rt)) - sizeof(*algp); 42 if (len < 0) 43 return -EINVAL; 44 45 algp = RTA_DATA(rt); 46 47 len -= (algp->alg_key_len + 7U) / 8; 48 if (len < 0) 49 return -EINVAL; 50 51 switch (type) { 52 case XFRMA_ALG_AUTH: 53 if (!algp->alg_key_len && 54 strcmp(algp->alg_name, "digest_null") != 0) 55 return -EINVAL; 56 break; 57 58 case XFRMA_ALG_CRYPT: 59 if (!algp->alg_key_len && 60 strcmp(algp->alg_name, "cipher_null") != 0) 61 return -EINVAL; 62 break; 63 64 case XFRMA_ALG_COMP: 65 /* Zero length keys are legal. */ 66 break; 67 68 default: 69 return -EINVAL; 70 }; 71 72 algp->alg_name[CRYPTO_MAX_ALG_NAME - 1] = '\0'; 73 return 0; 74 } 75 76 static int verify_encap_tmpl(struct rtattr **xfrma) 77 { 78 struct rtattr *rt = xfrma[XFRMA_ENCAP - 1]; 79 struct xfrm_encap_tmpl *encap; 80 81 if (!rt) 82 return 0; 83 84 if ((rt->rta_len - sizeof(*rt)) < sizeof(*encap)) 85 return -EINVAL; 86 87 return 0; 88 } 89 90 91 static inline int verify_sec_ctx_len(struct rtattr **xfrma) 92 { 93 struct rtattr *rt = xfrma[XFRMA_SEC_CTX - 1]; 94 struct xfrm_user_sec_ctx *uctx; 95 int len = 0; 96 97 if (!rt) 98 return 0; 99 100 if (rt->rta_len < sizeof(*uctx)) 101 return -EINVAL; 102 103 uctx = RTA_DATA(rt); 104 105 len += sizeof(struct xfrm_user_sec_ctx); 106 len += uctx->ctx_len; 107 108 if (uctx->len != len) 109 return -EINVAL; 110 111 return 0; 112 } 113 114 115 static int verify_newsa_info(struct xfrm_usersa_info *p, 116 struct rtattr **xfrma) 117 { 118 int err; 119 120 err = -EINVAL; 121 switch (p->family) { 122 case AF_INET: 123 break; 124 125 case AF_INET6: 126 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 127 break; 128 #else 129 err = -EAFNOSUPPORT; 130 goto out; 131 #endif 132 133 default: 134 goto out; 135 }; 136 137 err = -EINVAL; 138 switch (p->id.proto) { 139 case IPPROTO_AH: 140 if (!xfrma[XFRMA_ALG_AUTH-1] || 141 xfrma[XFRMA_ALG_CRYPT-1] || 142 xfrma[XFRMA_ALG_COMP-1]) 143 goto out; 144 break; 145 146 case IPPROTO_ESP: 147 if ((!xfrma[XFRMA_ALG_AUTH-1] && 148 !xfrma[XFRMA_ALG_CRYPT-1]) || 149 xfrma[XFRMA_ALG_COMP-1]) 150 goto out; 151 break; 152 153 case IPPROTO_COMP: 154 if (!xfrma[XFRMA_ALG_COMP-1] || 155 xfrma[XFRMA_ALG_AUTH-1] || 156 xfrma[XFRMA_ALG_CRYPT-1]) 157 goto out; 158 break; 159 160 default: 161 goto out; 162 }; 163 164 if ((err = verify_one_alg(xfrma, XFRMA_ALG_AUTH))) 165 goto out; 166 if ((err = verify_one_alg(xfrma, XFRMA_ALG_CRYPT))) 167 goto out; 168 if ((err = verify_one_alg(xfrma, XFRMA_ALG_COMP))) 169 goto out; 170 if ((err = verify_encap_tmpl(xfrma))) 171 goto out; 172 if ((err = verify_sec_ctx_len(xfrma))) 173 goto out; 174 175 err = -EINVAL; 176 switch (p->mode) { 177 case 0: 178 case 1: 179 break; 180 181 default: 182 goto out; 183 }; 184 185 err = 0; 186 187 out: 188 return err; 189 } 190 191 static int attach_one_algo(struct xfrm_algo **algpp, u8 *props, 192 struct xfrm_algo_desc *(*get_byname)(char *, int), 193 struct rtattr *u_arg) 194 { 195 struct rtattr *rta = u_arg; 196 struct xfrm_algo *p, *ualg; 197 struct xfrm_algo_desc *algo; 198 int len; 199 200 if (!rta) 201 return 0; 202 203 ualg = RTA_DATA(rta); 204 205 algo = get_byname(ualg->alg_name, 1); 206 if (!algo) 207 return -ENOSYS; 208 *props = algo->desc.sadb_alg_id; 209 210 len = sizeof(*ualg) + (ualg->alg_key_len + 7U) / 8; 211 p = kmalloc(len, GFP_KERNEL); 212 if (!p) 213 return -ENOMEM; 214 215 memcpy(p, ualg, len); 216 strcpy(p->alg_name, algo->name); 217 *algpp = p; 218 return 0; 219 } 220 221 static int attach_encap_tmpl(struct xfrm_encap_tmpl **encapp, struct rtattr *u_arg) 222 { 223 struct rtattr *rta = u_arg; 224 struct xfrm_encap_tmpl *p, *uencap; 225 226 if (!rta) 227 return 0; 228 229 uencap = RTA_DATA(rta); 230 p = kmalloc(sizeof(*p), GFP_KERNEL); 231 if (!p) 232 return -ENOMEM; 233 234 memcpy(p, uencap, sizeof(*p)); 235 *encapp = p; 236 return 0; 237 } 238 239 240 static inline int xfrm_user_sec_ctx_size(struct xfrm_policy *xp) 241 { 242 struct xfrm_sec_ctx *xfrm_ctx = xp->security; 243 int len = 0; 244 245 if (xfrm_ctx) { 246 len += sizeof(struct xfrm_user_sec_ctx); 247 len += xfrm_ctx->ctx_len; 248 } 249 return len; 250 } 251 252 static int attach_sec_ctx(struct xfrm_state *x, struct rtattr *u_arg) 253 { 254 struct xfrm_user_sec_ctx *uctx; 255 256 if (!u_arg) 257 return 0; 258 259 uctx = RTA_DATA(u_arg); 260 return security_xfrm_state_alloc(x, uctx); 261 } 262 263 static void copy_from_user_state(struct xfrm_state *x, struct xfrm_usersa_info *p) 264 { 265 memcpy(&x->id, &p->id, sizeof(x->id)); 266 memcpy(&x->sel, &p->sel, sizeof(x->sel)); 267 memcpy(&x->lft, &p->lft, sizeof(x->lft)); 268 x->props.mode = p->mode; 269 x->props.replay_window = p->replay_window; 270 x->props.reqid = p->reqid; 271 x->props.family = p->family; 272 x->props.saddr = p->saddr; 273 x->props.flags = p->flags; 274 } 275 276 /* 277 * someday when pfkey also has support, we could have the code 278 * somehow made shareable and move it to xfrm_state.c - JHS 279 * 280 */ 281 static int xfrm_update_ae_params(struct xfrm_state *x, struct rtattr **xfrma) 282 { 283 int err = - EINVAL; 284 struct rtattr *rp = xfrma[XFRMA_REPLAY_VAL-1]; 285 struct rtattr *lt = xfrma[XFRMA_LTIME_VAL-1]; 286 struct rtattr *et = xfrma[XFRMA_ETIMER_THRESH-1]; 287 struct rtattr *rt = xfrma[XFRMA_REPLAY_THRESH-1]; 288 289 if (rp) { 290 struct xfrm_replay_state *replay; 291 if (RTA_PAYLOAD(rp) < sizeof(*replay)) 292 goto error; 293 replay = RTA_DATA(rp); 294 memcpy(&x->replay, replay, sizeof(*replay)); 295 memcpy(&x->preplay, replay, sizeof(*replay)); 296 } 297 298 if (lt) { 299 struct xfrm_lifetime_cur *ltime; 300 if (RTA_PAYLOAD(lt) < sizeof(*ltime)) 301 goto error; 302 ltime = RTA_DATA(lt); 303 x->curlft.bytes = ltime->bytes; 304 x->curlft.packets = ltime->packets; 305 x->curlft.add_time = ltime->add_time; 306 x->curlft.use_time = ltime->use_time; 307 } 308 309 if (et) { 310 if (RTA_PAYLOAD(et) < sizeof(u32)) 311 goto error; 312 x->replay_maxage = *(u32*)RTA_DATA(et); 313 } 314 315 if (rt) { 316 if (RTA_PAYLOAD(rt) < sizeof(u32)) 317 goto error; 318 x->replay_maxdiff = *(u32*)RTA_DATA(rt); 319 } 320 321 return 0; 322 error: 323 return err; 324 } 325 326 static struct xfrm_state *xfrm_state_construct(struct xfrm_usersa_info *p, 327 struct rtattr **xfrma, 328 int *errp) 329 { 330 struct xfrm_state *x = xfrm_state_alloc(); 331 int err = -ENOMEM; 332 333 if (!x) 334 goto error_no_put; 335 336 copy_from_user_state(x, p); 337 338 if ((err = attach_one_algo(&x->aalg, &x->props.aalgo, 339 xfrm_aalg_get_byname, 340 xfrma[XFRMA_ALG_AUTH-1]))) 341 goto error; 342 if ((err = attach_one_algo(&x->ealg, &x->props.ealgo, 343 xfrm_ealg_get_byname, 344 xfrma[XFRMA_ALG_CRYPT-1]))) 345 goto error; 346 if ((err = attach_one_algo(&x->calg, &x->props.calgo, 347 xfrm_calg_get_byname, 348 xfrma[XFRMA_ALG_COMP-1]))) 349 goto error; 350 if ((err = attach_encap_tmpl(&x->encap, xfrma[XFRMA_ENCAP-1]))) 351 goto error; 352 353 err = xfrm_init_state(x); 354 if (err) 355 goto error; 356 357 if ((err = attach_sec_ctx(x, xfrma[XFRMA_SEC_CTX-1]))) 358 goto error; 359 360 x->km.seq = p->seq; 361 x->replay_maxdiff = sysctl_xfrm_aevent_rseqth; 362 /* sysctl_xfrm_aevent_etime is in 100ms units */ 363 x->replay_maxage = (sysctl_xfrm_aevent_etime*HZ)/XFRM_AE_ETH_M; 364 x->preplay.bitmap = 0; 365 x->preplay.seq = x->replay.seq+x->replay_maxdiff; 366 x->preplay.oseq = x->replay.oseq +x->replay_maxdiff; 367 368 /* override default values from above */ 369 370 err = xfrm_update_ae_params(x, (struct rtattr **)xfrma); 371 if (err < 0) 372 goto error; 373 374 return x; 375 376 error: 377 x->km.state = XFRM_STATE_DEAD; 378 xfrm_state_put(x); 379 error_no_put: 380 *errp = err; 381 return NULL; 382 } 383 384 static int xfrm_add_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 385 { 386 struct xfrm_usersa_info *p = NLMSG_DATA(nlh); 387 struct xfrm_state *x; 388 int err; 389 struct km_event c; 390 391 err = verify_newsa_info(p, (struct rtattr **)xfrma); 392 if (err) 393 return err; 394 395 x = xfrm_state_construct(p, (struct rtattr **)xfrma, &err); 396 if (!x) 397 return err; 398 399 xfrm_state_hold(x); 400 if (nlh->nlmsg_type == XFRM_MSG_NEWSA) 401 err = xfrm_state_add(x); 402 else 403 err = xfrm_state_update(x); 404 405 if (err < 0) { 406 x->km.state = XFRM_STATE_DEAD; 407 __xfrm_state_put(x); 408 goto out; 409 } 410 411 c.seq = nlh->nlmsg_seq; 412 c.pid = nlh->nlmsg_pid; 413 c.event = nlh->nlmsg_type; 414 415 km_state_notify(x, &c); 416 out: 417 xfrm_state_put(x); 418 return err; 419 } 420 421 static int xfrm_del_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 422 { 423 struct xfrm_state *x; 424 int err; 425 struct km_event c; 426 struct xfrm_usersa_id *p = NLMSG_DATA(nlh); 427 428 x = xfrm_state_lookup(&p->daddr, p->spi, p->proto, p->family); 429 if (x == NULL) 430 return -ESRCH; 431 432 if ((err = security_xfrm_state_delete(x)) != 0) 433 goto out; 434 435 if (xfrm_state_kern(x)) { 436 err = -EPERM; 437 goto out; 438 } 439 440 err = xfrm_state_delete(x); 441 if (err < 0) 442 goto out; 443 444 c.seq = nlh->nlmsg_seq; 445 c.pid = nlh->nlmsg_pid; 446 c.event = nlh->nlmsg_type; 447 km_state_notify(x, &c); 448 449 out: 450 xfrm_state_put(x); 451 return err; 452 } 453 454 static void copy_to_user_state(struct xfrm_state *x, struct xfrm_usersa_info *p) 455 { 456 memcpy(&p->id, &x->id, sizeof(p->id)); 457 memcpy(&p->sel, &x->sel, sizeof(p->sel)); 458 memcpy(&p->lft, &x->lft, sizeof(p->lft)); 459 memcpy(&p->curlft, &x->curlft, sizeof(p->curlft)); 460 memcpy(&p->stats, &x->stats, sizeof(p->stats)); 461 p->saddr = x->props.saddr; 462 p->mode = x->props.mode; 463 p->replay_window = x->props.replay_window; 464 p->reqid = x->props.reqid; 465 p->family = x->props.family; 466 p->flags = x->props.flags; 467 p->seq = x->km.seq; 468 } 469 470 struct xfrm_dump_info { 471 struct sk_buff *in_skb; 472 struct sk_buff *out_skb; 473 u32 nlmsg_seq; 474 u16 nlmsg_flags; 475 int start_idx; 476 int this_idx; 477 }; 478 479 static int dump_one_state(struct xfrm_state *x, int count, void *ptr) 480 { 481 struct xfrm_dump_info *sp = ptr; 482 struct sk_buff *in_skb = sp->in_skb; 483 struct sk_buff *skb = sp->out_skb; 484 struct xfrm_usersa_info *p; 485 struct nlmsghdr *nlh; 486 unsigned char *b = skb->tail; 487 488 if (sp->this_idx < sp->start_idx) 489 goto out; 490 491 nlh = NLMSG_PUT(skb, NETLINK_CB(in_skb).pid, 492 sp->nlmsg_seq, 493 XFRM_MSG_NEWSA, sizeof(*p)); 494 nlh->nlmsg_flags = sp->nlmsg_flags; 495 496 p = NLMSG_DATA(nlh); 497 copy_to_user_state(x, p); 498 499 if (x->aalg) 500 RTA_PUT(skb, XFRMA_ALG_AUTH, 501 sizeof(*(x->aalg))+(x->aalg->alg_key_len+7)/8, x->aalg); 502 if (x->ealg) 503 RTA_PUT(skb, XFRMA_ALG_CRYPT, 504 sizeof(*(x->ealg))+(x->ealg->alg_key_len+7)/8, x->ealg); 505 if (x->calg) 506 RTA_PUT(skb, XFRMA_ALG_COMP, sizeof(*(x->calg)), x->calg); 507 508 if (x->encap) 509 RTA_PUT(skb, XFRMA_ENCAP, sizeof(*x->encap), x->encap); 510 511 if (x->security) { 512 int ctx_size = sizeof(struct xfrm_sec_ctx) + 513 x->security->ctx_len; 514 struct rtattr *rt = __RTA_PUT(skb, XFRMA_SEC_CTX, ctx_size); 515 struct xfrm_user_sec_ctx *uctx = RTA_DATA(rt); 516 517 uctx->exttype = XFRMA_SEC_CTX; 518 uctx->len = ctx_size; 519 uctx->ctx_doi = x->security->ctx_doi; 520 uctx->ctx_alg = x->security->ctx_alg; 521 uctx->ctx_len = x->security->ctx_len; 522 memcpy(uctx + 1, x->security->ctx_str, x->security->ctx_len); 523 } 524 nlh->nlmsg_len = skb->tail - b; 525 out: 526 sp->this_idx++; 527 return 0; 528 529 nlmsg_failure: 530 rtattr_failure: 531 skb_trim(skb, b - skb->data); 532 return -1; 533 } 534 535 static int xfrm_dump_sa(struct sk_buff *skb, struct netlink_callback *cb) 536 { 537 struct xfrm_dump_info info; 538 539 info.in_skb = cb->skb; 540 info.out_skb = skb; 541 info.nlmsg_seq = cb->nlh->nlmsg_seq; 542 info.nlmsg_flags = NLM_F_MULTI; 543 info.this_idx = 0; 544 info.start_idx = cb->args[0]; 545 (void) xfrm_state_walk(IPSEC_PROTO_ANY, dump_one_state, &info); 546 cb->args[0] = info.this_idx; 547 548 return skb->len; 549 } 550 551 static struct sk_buff *xfrm_state_netlink(struct sk_buff *in_skb, 552 struct xfrm_state *x, u32 seq) 553 { 554 struct xfrm_dump_info info; 555 struct sk_buff *skb; 556 557 skb = alloc_skb(NLMSG_GOODSIZE, GFP_ATOMIC); 558 if (!skb) 559 return ERR_PTR(-ENOMEM); 560 561 NETLINK_CB(skb).dst_pid = NETLINK_CB(in_skb).pid; 562 info.in_skb = in_skb; 563 info.out_skb = skb; 564 info.nlmsg_seq = seq; 565 info.nlmsg_flags = 0; 566 info.this_idx = info.start_idx = 0; 567 568 if (dump_one_state(x, 0, &info)) { 569 kfree_skb(skb); 570 return NULL; 571 } 572 573 return skb; 574 } 575 576 static int xfrm_get_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 577 { 578 struct xfrm_usersa_id *p = NLMSG_DATA(nlh); 579 struct xfrm_state *x; 580 struct sk_buff *resp_skb; 581 int err; 582 583 x = xfrm_state_lookup(&p->daddr, p->spi, p->proto, p->family); 584 err = -ESRCH; 585 if (x == NULL) 586 goto out_noput; 587 588 resp_skb = xfrm_state_netlink(skb, x, nlh->nlmsg_seq); 589 if (IS_ERR(resp_skb)) { 590 err = PTR_ERR(resp_skb); 591 } else { 592 err = netlink_unicast(xfrm_nl, resp_skb, 593 NETLINK_CB(skb).pid, MSG_DONTWAIT); 594 } 595 xfrm_state_put(x); 596 out_noput: 597 return err; 598 } 599 600 static int verify_userspi_info(struct xfrm_userspi_info *p) 601 { 602 switch (p->info.id.proto) { 603 case IPPROTO_AH: 604 case IPPROTO_ESP: 605 break; 606 607 case IPPROTO_COMP: 608 /* IPCOMP spi is 16-bits. */ 609 if (p->max >= 0x10000) 610 return -EINVAL; 611 break; 612 613 default: 614 return -EINVAL; 615 }; 616 617 if (p->min > p->max) 618 return -EINVAL; 619 620 return 0; 621 } 622 623 static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 624 { 625 struct xfrm_state *x; 626 struct xfrm_userspi_info *p; 627 struct sk_buff *resp_skb; 628 xfrm_address_t *daddr; 629 int family; 630 int err; 631 632 p = NLMSG_DATA(nlh); 633 err = verify_userspi_info(p); 634 if (err) 635 goto out_noput; 636 637 family = p->info.family; 638 daddr = &p->info.id.daddr; 639 640 x = NULL; 641 if (p->info.seq) { 642 x = xfrm_find_acq_byseq(p->info.seq); 643 if (x && xfrm_addr_cmp(&x->id.daddr, daddr, family)) { 644 xfrm_state_put(x); 645 x = NULL; 646 } 647 } 648 649 if (!x) 650 x = xfrm_find_acq(p->info.mode, p->info.reqid, 651 p->info.id.proto, daddr, 652 &p->info.saddr, 1, 653 family); 654 err = -ENOENT; 655 if (x == NULL) 656 goto out_noput; 657 658 resp_skb = ERR_PTR(-ENOENT); 659 660 spin_lock_bh(&x->lock); 661 if (x->km.state != XFRM_STATE_DEAD) { 662 xfrm_alloc_spi(x, htonl(p->min), htonl(p->max)); 663 if (x->id.spi) 664 resp_skb = xfrm_state_netlink(skb, x, nlh->nlmsg_seq); 665 } 666 spin_unlock_bh(&x->lock); 667 668 if (IS_ERR(resp_skb)) { 669 err = PTR_ERR(resp_skb); 670 goto out; 671 } 672 673 err = netlink_unicast(xfrm_nl, resp_skb, 674 NETLINK_CB(skb).pid, MSG_DONTWAIT); 675 676 out: 677 xfrm_state_put(x); 678 out_noput: 679 return err; 680 } 681 682 static int verify_policy_dir(__u8 dir) 683 { 684 switch (dir) { 685 case XFRM_POLICY_IN: 686 case XFRM_POLICY_OUT: 687 case XFRM_POLICY_FWD: 688 break; 689 690 default: 691 return -EINVAL; 692 }; 693 694 return 0; 695 } 696 697 static int verify_newpolicy_info(struct xfrm_userpolicy_info *p) 698 { 699 switch (p->share) { 700 case XFRM_SHARE_ANY: 701 case XFRM_SHARE_SESSION: 702 case XFRM_SHARE_USER: 703 case XFRM_SHARE_UNIQUE: 704 break; 705 706 default: 707 return -EINVAL; 708 }; 709 710 switch (p->action) { 711 case XFRM_POLICY_ALLOW: 712 case XFRM_POLICY_BLOCK: 713 break; 714 715 default: 716 return -EINVAL; 717 }; 718 719 switch (p->sel.family) { 720 case AF_INET: 721 break; 722 723 case AF_INET6: 724 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 725 break; 726 #else 727 return -EAFNOSUPPORT; 728 #endif 729 730 default: 731 return -EINVAL; 732 }; 733 734 return verify_policy_dir(p->dir); 735 } 736 737 static int copy_from_user_sec_ctx(struct xfrm_policy *pol, struct rtattr **xfrma) 738 { 739 struct rtattr *rt = xfrma[XFRMA_SEC_CTX-1]; 740 struct xfrm_user_sec_ctx *uctx; 741 742 if (!rt) 743 return 0; 744 745 uctx = RTA_DATA(rt); 746 return security_xfrm_policy_alloc(pol, uctx); 747 } 748 749 static void copy_templates(struct xfrm_policy *xp, struct xfrm_user_tmpl *ut, 750 int nr) 751 { 752 int i; 753 754 xp->xfrm_nr = nr; 755 for (i = 0; i < nr; i++, ut++) { 756 struct xfrm_tmpl *t = &xp->xfrm_vec[i]; 757 758 memcpy(&t->id, &ut->id, sizeof(struct xfrm_id)); 759 memcpy(&t->saddr, &ut->saddr, 760 sizeof(xfrm_address_t)); 761 t->reqid = ut->reqid; 762 t->mode = ut->mode; 763 t->share = ut->share; 764 t->optional = ut->optional; 765 t->aalgos = ut->aalgos; 766 t->ealgos = ut->ealgos; 767 t->calgos = ut->calgos; 768 } 769 } 770 771 static int copy_from_user_tmpl(struct xfrm_policy *pol, struct rtattr **xfrma) 772 { 773 struct rtattr *rt = xfrma[XFRMA_TMPL-1]; 774 struct xfrm_user_tmpl *utmpl; 775 int nr; 776 777 if (!rt) { 778 pol->xfrm_nr = 0; 779 } else { 780 nr = (rt->rta_len - sizeof(*rt)) / sizeof(*utmpl); 781 782 if (nr > XFRM_MAX_DEPTH) 783 return -EINVAL; 784 785 copy_templates(pol, RTA_DATA(rt), nr); 786 } 787 return 0; 788 } 789 790 static void copy_from_user_policy(struct xfrm_policy *xp, struct xfrm_userpolicy_info *p) 791 { 792 xp->priority = p->priority; 793 xp->index = p->index; 794 memcpy(&xp->selector, &p->sel, sizeof(xp->selector)); 795 memcpy(&xp->lft, &p->lft, sizeof(xp->lft)); 796 xp->action = p->action; 797 xp->flags = p->flags; 798 xp->family = p->sel.family; 799 /* XXX xp->share = p->share; */ 800 } 801 802 static void copy_to_user_policy(struct xfrm_policy *xp, struct xfrm_userpolicy_info *p, int dir) 803 { 804 memcpy(&p->sel, &xp->selector, sizeof(p->sel)); 805 memcpy(&p->lft, &xp->lft, sizeof(p->lft)); 806 memcpy(&p->curlft, &xp->curlft, sizeof(p->curlft)); 807 p->priority = xp->priority; 808 p->index = xp->index; 809 p->sel.family = xp->family; 810 p->dir = dir; 811 p->action = xp->action; 812 p->flags = xp->flags; 813 p->share = XFRM_SHARE_ANY; /* XXX xp->share */ 814 } 815 816 static struct xfrm_policy *xfrm_policy_construct(struct xfrm_userpolicy_info *p, struct rtattr **xfrma, int *errp) 817 { 818 struct xfrm_policy *xp = xfrm_policy_alloc(GFP_KERNEL); 819 int err; 820 821 if (!xp) { 822 *errp = -ENOMEM; 823 return NULL; 824 } 825 826 copy_from_user_policy(xp, p); 827 828 if (!(err = copy_from_user_tmpl(xp, xfrma))) 829 err = copy_from_user_sec_ctx(xp, xfrma); 830 831 if (err) { 832 *errp = err; 833 kfree(xp); 834 xp = NULL; 835 } 836 837 return xp; 838 } 839 840 static int xfrm_add_policy(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 841 { 842 struct xfrm_userpolicy_info *p = NLMSG_DATA(nlh); 843 struct xfrm_policy *xp; 844 struct km_event c; 845 int err; 846 int excl; 847 848 err = verify_newpolicy_info(p); 849 if (err) 850 return err; 851 err = verify_sec_ctx_len((struct rtattr **)xfrma); 852 if (err) 853 return err; 854 855 xp = xfrm_policy_construct(p, (struct rtattr **)xfrma, &err); 856 if (!xp) 857 return err; 858 859 /* shouldnt excl be based on nlh flags?? 860 * Aha! this is anti-netlink really i.e more pfkey derived 861 * in netlink excl is a flag and you wouldnt need 862 * a type XFRM_MSG_UPDPOLICY - JHS */ 863 excl = nlh->nlmsg_type == XFRM_MSG_NEWPOLICY; 864 err = xfrm_policy_insert(p->dir, xp, excl); 865 if (err) { 866 security_xfrm_policy_free(xp); 867 kfree(xp); 868 return err; 869 } 870 871 c.event = nlh->nlmsg_type; 872 c.seq = nlh->nlmsg_seq; 873 c.pid = nlh->nlmsg_pid; 874 km_policy_notify(xp, p->dir, &c); 875 876 xfrm_pol_put(xp); 877 878 return 0; 879 } 880 881 static int copy_to_user_tmpl(struct xfrm_policy *xp, struct sk_buff *skb) 882 { 883 struct xfrm_user_tmpl vec[XFRM_MAX_DEPTH]; 884 int i; 885 886 if (xp->xfrm_nr == 0) 887 return 0; 888 889 for (i = 0; i < xp->xfrm_nr; i++) { 890 struct xfrm_user_tmpl *up = &vec[i]; 891 struct xfrm_tmpl *kp = &xp->xfrm_vec[i]; 892 893 memcpy(&up->id, &kp->id, sizeof(up->id)); 894 up->family = xp->family; 895 memcpy(&up->saddr, &kp->saddr, sizeof(up->saddr)); 896 up->reqid = kp->reqid; 897 up->mode = kp->mode; 898 up->share = kp->share; 899 up->optional = kp->optional; 900 up->aalgos = kp->aalgos; 901 up->ealgos = kp->ealgos; 902 up->calgos = kp->calgos; 903 } 904 RTA_PUT(skb, XFRMA_TMPL, 905 (sizeof(struct xfrm_user_tmpl) * xp->xfrm_nr), 906 vec); 907 908 return 0; 909 910 rtattr_failure: 911 return -1; 912 } 913 914 static int copy_to_user_sec_ctx(struct xfrm_policy *xp, struct sk_buff *skb) 915 { 916 if (xp->security) { 917 int ctx_size = sizeof(struct xfrm_sec_ctx) + 918 xp->security->ctx_len; 919 struct rtattr *rt = __RTA_PUT(skb, XFRMA_SEC_CTX, ctx_size); 920 struct xfrm_user_sec_ctx *uctx = RTA_DATA(rt); 921 922 uctx->exttype = XFRMA_SEC_CTX; 923 uctx->len = ctx_size; 924 uctx->ctx_doi = xp->security->ctx_doi; 925 uctx->ctx_alg = xp->security->ctx_alg; 926 uctx->ctx_len = xp->security->ctx_len; 927 memcpy(uctx + 1, xp->security->ctx_str, xp->security->ctx_len); 928 } 929 return 0; 930 931 rtattr_failure: 932 return -1; 933 } 934 935 static int dump_one_policy(struct xfrm_policy *xp, int dir, int count, void *ptr) 936 { 937 struct xfrm_dump_info *sp = ptr; 938 struct xfrm_userpolicy_info *p; 939 struct sk_buff *in_skb = sp->in_skb; 940 struct sk_buff *skb = sp->out_skb; 941 struct nlmsghdr *nlh; 942 unsigned char *b = skb->tail; 943 944 if (sp->this_idx < sp->start_idx) 945 goto out; 946 947 nlh = NLMSG_PUT(skb, NETLINK_CB(in_skb).pid, 948 sp->nlmsg_seq, 949 XFRM_MSG_NEWPOLICY, sizeof(*p)); 950 p = NLMSG_DATA(nlh); 951 nlh->nlmsg_flags = sp->nlmsg_flags; 952 953 copy_to_user_policy(xp, p, dir); 954 if (copy_to_user_tmpl(xp, skb) < 0) 955 goto nlmsg_failure; 956 if (copy_to_user_sec_ctx(xp, skb)) 957 goto nlmsg_failure; 958 959 nlh->nlmsg_len = skb->tail - b; 960 out: 961 sp->this_idx++; 962 return 0; 963 964 nlmsg_failure: 965 skb_trim(skb, b - skb->data); 966 return -1; 967 } 968 969 static int xfrm_dump_policy(struct sk_buff *skb, struct netlink_callback *cb) 970 { 971 struct xfrm_dump_info info; 972 973 info.in_skb = cb->skb; 974 info.out_skb = skb; 975 info.nlmsg_seq = cb->nlh->nlmsg_seq; 976 info.nlmsg_flags = NLM_F_MULTI; 977 info.this_idx = 0; 978 info.start_idx = cb->args[0]; 979 (void) xfrm_policy_walk(dump_one_policy, &info); 980 cb->args[0] = info.this_idx; 981 982 return skb->len; 983 } 984 985 static struct sk_buff *xfrm_policy_netlink(struct sk_buff *in_skb, 986 struct xfrm_policy *xp, 987 int dir, u32 seq) 988 { 989 struct xfrm_dump_info info; 990 struct sk_buff *skb; 991 992 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); 993 if (!skb) 994 return ERR_PTR(-ENOMEM); 995 996 NETLINK_CB(skb).dst_pid = NETLINK_CB(in_skb).pid; 997 info.in_skb = in_skb; 998 info.out_skb = skb; 999 info.nlmsg_seq = seq; 1000 info.nlmsg_flags = 0; 1001 info.this_idx = info.start_idx = 0; 1002 1003 if (dump_one_policy(xp, dir, 0, &info) < 0) { 1004 kfree_skb(skb); 1005 return NULL; 1006 } 1007 1008 return skb; 1009 } 1010 1011 static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 1012 { 1013 struct xfrm_policy *xp; 1014 struct xfrm_userpolicy_id *p; 1015 int err; 1016 struct km_event c; 1017 int delete; 1018 1019 p = NLMSG_DATA(nlh); 1020 delete = nlh->nlmsg_type == XFRM_MSG_DELPOLICY; 1021 1022 err = verify_policy_dir(p->dir); 1023 if (err) 1024 return err; 1025 1026 if (p->index) 1027 xp = xfrm_policy_byid(p->dir, p->index, delete); 1028 else { 1029 struct rtattr **rtattrs = (struct rtattr **)xfrma; 1030 struct rtattr *rt = rtattrs[XFRMA_SEC_CTX-1]; 1031 struct xfrm_policy tmp; 1032 1033 err = verify_sec_ctx_len(rtattrs); 1034 if (err) 1035 return err; 1036 1037 memset(&tmp, 0, sizeof(struct xfrm_policy)); 1038 if (rt) { 1039 struct xfrm_user_sec_ctx *uctx = RTA_DATA(rt); 1040 1041 if ((err = security_xfrm_policy_alloc(&tmp, uctx))) 1042 return err; 1043 } 1044 xp = xfrm_policy_bysel_ctx(p->dir, &p->sel, tmp.security, delete); 1045 security_xfrm_policy_free(&tmp); 1046 } 1047 if (xp == NULL) 1048 return -ENOENT; 1049 1050 if (!delete) { 1051 struct sk_buff *resp_skb; 1052 1053 resp_skb = xfrm_policy_netlink(skb, xp, p->dir, nlh->nlmsg_seq); 1054 if (IS_ERR(resp_skb)) { 1055 err = PTR_ERR(resp_skb); 1056 } else { 1057 err = netlink_unicast(xfrm_nl, resp_skb, 1058 NETLINK_CB(skb).pid, 1059 MSG_DONTWAIT); 1060 } 1061 } else { 1062 if ((err = security_xfrm_policy_delete(xp)) != 0) 1063 goto out; 1064 c.data.byid = p->index; 1065 c.event = nlh->nlmsg_type; 1066 c.seq = nlh->nlmsg_seq; 1067 c.pid = nlh->nlmsg_pid; 1068 km_policy_notify(xp, p->dir, &c); 1069 } 1070 1071 xfrm_pol_put(xp); 1072 1073 out: 1074 return err; 1075 } 1076 1077 static int xfrm_flush_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 1078 { 1079 struct km_event c; 1080 struct xfrm_usersa_flush *p = NLMSG_DATA(nlh); 1081 1082 xfrm_state_flush(p->proto); 1083 c.data.proto = p->proto; 1084 c.event = nlh->nlmsg_type; 1085 c.seq = nlh->nlmsg_seq; 1086 c.pid = nlh->nlmsg_pid; 1087 km_state_notify(NULL, &c); 1088 1089 return 0; 1090 } 1091 1092 1093 static int build_aevent(struct sk_buff *skb, struct xfrm_state *x, struct km_event *c) 1094 { 1095 struct xfrm_aevent_id *id; 1096 struct nlmsghdr *nlh; 1097 struct xfrm_lifetime_cur ltime; 1098 unsigned char *b = skb->tail; 1099 1100 nlh = NLMSG_PUT(skb, c->pid, c->seq, XFRM_MSG_NEWAE, sizeof(*id)); 1101 id = NLMSG_DATA(nlh); 1102 nlh->nlmsg_flags = 0; 1103 1104 id->sa_id.daddr = x->id.daddr; 1105 id->sa_id.spi = x->id.spi; 1106 id->sa_id.family = x->props.family; 1107 id->sa_id.proto = x->id.proto; 1108 id->flags = c->data.aevent; 1109 1110 RTA_PUT(skb, XFRMA_REPLAY_VAL, sizeof(x->replay), &x->replay); 1111 1112 ltime.bytes = x->curlft.bytes; 1113 ltime.packets = x->curlft.packets; 1114 ltime.add_time = x->curlft.add_time; 1115 ltime.use_time = x->curlft.use_time; 1116 1117 RTA_PUT(skb, XFRMA_LTIME_VAL, sizeof(struct xfrm_lifetime_cur), <ime); 1118 1119 if (id->flags&XFRM_AE_RTHR) { 1120 RTA_PUT(skb,XFRMA_REPLAY_THRESH,sizeof(u32),&x->replay_maxdiff); 1121 } 1122 1123 if (id->flags&XFRM_AE_ETHR) { 1124 u32 etimer = x->replay_maxage*10/HZ; 1125 RTA_PUT(skb,XFRMA_ETIMER_THRESH,sizeof(u32),&etimer); 1126 } 1127 1128 nlh->nlmsg_len = skb->tail - b; 1129 return skb->len; 1130 1131 rtattr_failure: 1132 nlmsg_failure: 1133 skb_trim(skb, b - skb->data); 1134 return -1; 1135 } 1136 1137 static int xfrm_get_ae(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 1138 { 1139 struct xfrm_state *x; 1140 struct sk_buff *r_skb; 1141 int err; 1142 struct km_event c; 1143 struct xfrm_aevent_id *p = NLMSG_DATA(nlh); 1144 int len = NLMSG_LENGTH(sizeof(struct xfrm_aevent_id)); 1145 struct xfrm_usersa_id *id = &p->sa_id; 1146 1147 len += RTA_SPACE(sizeof(struct xfrm_replay_state)); 1148 len += RTA_SPACE(sizeof(struct xfrm_lifetime_cur)); 1149 1150 if (p->flags&XFRM_AE_RTHR) 1151 len+=RTA_SPACE(sizeof(u32)); 1152 1153 if (p->flags&XFRM_AE_ETHR) 1154 len+=RTA_SPACE(sizeof(u32)); 1155 1156 r_skb = alloc_skb(len, GFP_ATOMIC); 1157 if (r_skb == NULL) 1158 return -ENOMEM; 1159 1160 x = xfrm_state_lookup(&id->daddr, id->spi, id->proto, id->family); 1161 if (x == NULL) { 1162 kfree(r_skb); 1163 return -ESRCH; 1164 } 1165 1166 /* 1167 * XXX: is this lock really needed - none of the other 1168 * gets lock (the concern is things getting updated 1169 * while we are still reading) - jhs 1170 */ 1171 spin_lock_bh(&x->lock); 1172 c.data.aevent = p->flags; 1173 c.seq = nlh->nlmsg_seq; 1174 c.pid = nlh->nlmsg_pid; 1175 1176 if (build_aevent(r_skb, x, &c) < 0) 1177 BUG(); 1178 err = netlink_unicast(xfrm_nl, r_skb, 1179 NETLINK_CB(skb).pid, MSG_DONTWAIT); 1180 spin_unlock_bh(&x->lock); 1181 xfrm_state_put(x); 1182 return err; 1183 } 1184 1185 static int xfrm_new_ae(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 1186 { 1187 struct xfrm_state *x; 1188 struct km_event c; 1189 int err = - EINVAL; 1190 struct xfrm_aevent_id *p = NLMSG_DATA(nlh); 1191 struct rtattr *rp = xfrma[XFRMA_REPLAY_VAL-1]; 1192 struct rtattr *lt = xfrma[XFRMA_LTIME_VAL-1]; 1193 1194 if (!lt && !rp) 1195 return err; 1196 1197 /* pedantic mode - thou shalt sayeth replaceth */ 1198 if (!(nlh->nlmsg_flags&NLM_F_REPLACE)) 1199 return err; 1200 1201 x = xfrm_state_lookup(&p->sa_id.daddr, p->sa_id.spi, p->sa_id.proto, p->sa_id.family); 1202 if (x == NULL) 1203 return -ESRCH; 1204 1205 if (x->km.state != XFRM_STATE_VALID) 1206 goto out; 1207 1208 spin_lock_bh(&x->lock); 1209 err = xfrm_update_ae_params(x,(struct rtattr **)xfrma); 1210 spin_unlock_bh(&x->lock); 1211 if (err < 0) 1212 goto out; 1213 1214 c.event = nlh->nlmsg_type; 1215 c.seq = nlh->nlmsg_seq; 1216 c.pid = nlh->nlmsg_pid; 1217 c.data.aevent = XFRM_AE_CU; 1218 km_state_notify(x, &c); 1219 err = 0; 1220 out: 1221 xfrm_state_put(x); 1222 return err; 1223 } 1224 1225 static int xfrm_flush_policy(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 1226 { 1227 struct km_event c; 1228 1229 xfrm_policy_flush(); 1230 c.event = nlh->nlmsg_type; 1231 c.seq = nlh->nlmsg_seq; 1232 c.pid = nlh->nlmsg_pid; 1233 km_policy_notify(NULL, 0, &c); 1234 return 0; 1235 } 1236 1237 static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 1238 { 1239 struct xfrm_policy *xp; 1240 struct xfrm_user_polexpire *up = NLMSG_DATA(nlh); 1241 struct xfrm_userpolicy_info *p = &up->pol; 1242 int err = -ENOENT; 1243 1244 if (p->index) 1245 xp = xfrm_policy_byid(p->dir, p->index, 0); 1246 else { 1247 struct rtattr **rtattrs = (struct rtattr **)xfrma; 1248 struct rtattr *rt = rtattrs[XFRMA_SEC_CTX-1]; 1249 struct xfrm_policy tmp; 1250 1251 err = verify_sec_ctx_len(rtattrs); 1252 if (err) 1253 return err; 1254 1255 memset(&tmp, 0, sizeof(struct xfrm_policy)); 1256 if (rt) { 1257 struct xfrm_user_sec_ctx *uctx = RTA_DATA(rt); 1258 1259 if ((err = security_xfrm_policy_alloc(&tmp, uctx))) 1260 return err; 1261 } 1262 xp = xfrm_policy_bysel_ctx(p->dir, &p->sel, tmp.security, 0); 1263 security_xfrm_policy_free(&tmp); 1264 } 1265 1266 if (xp == NULL) 1267 return err; 1268 read_lock(&xp->lock); 1269 if (xp->dead) { 1270 read_unlock(&xp->lock); 1271 goto out; 1272 } 1273 1274 read_unlock(&xp->lock); 1275 err = 0; 1276 if (up->hard) { 1277 xfrm_policy_delete(xp, p->dir); 1278 } else { 1279 // reset the timers here? 1280 printk("Dont know what to do with soft policy expire\n"); 1281 } 1282 km_policy_expired(xp, p->dir, up->hard, current->pid); 1283 1284 out: 1285 xfrm_pol_put(xp); 1286 return err; 1287 } 1288 1289 static int xfrm_add_sa_expire(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 1290 { 1291 struct xfrm_state *x; 1292 int err; 1293 struct xfrm_user_expire *ue = NLMSG_DATA(nlh); 1294 struct xfrm_usersa_info *p = &ue->state; 1295 1296 x = xfrm_state_lookup(&p->id.daddr, p->id.spi, p->id.proto, p->family); 1297 err = -ENOENT; 1298 1299 if (x == NULL) 1300 return err; 1301 1302 err = -EINVAL; 1303 1304 spin_lock_bh(&x->lock); 1305 if (x->km.state != XFRM_STATE_VALID) 1306 goto out; 1307 km_state_expired(x, ue->hard, current->pid); 1308 1309 if (ue->hard) 1310 __xfrm_state_delete(x); 1311 out: 1312 spin_unlock_bh(&x->lock); 1313 xfrm_state_put(x); 1314 return err; 1315 } 1316 1317 static int xfrm_add_acquire(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) 1318 { 1319 struct xfrm_policy *xp; 1320 struct xfrm_user_tmpl *ut; 1321 int i; 1322 struct rtattr *rt = xfrma[XFRMA_TMPL-1]; 1323 1324 struct xfrm_user_acquire *ua = NLMSG_DATA(nlh); 1325 struct xfrm_state *x = xfrm_state_alloc(); 1326 int err = -ENOMEM; 1327 1328 if (!x) 1329 return err; 1330 1331 err = verify_newpolicy_info(&ua->policy); 1332 if (err) { 1333 printk("BAD policy passed\n"); 1334 kfree(x); 1335 return err; 1336 } 1337 1338 /* build an XP */ 1339 xp = xfrm_policy_construct(&ua->policy, (struct rtattr **) xfrma, &err); if (!xp) { 1340 kfree(x); 1341 return err; 1342 } 1343 1344 memcpy(&x->id, &ua->id, sizeof(ua->id)); 1345 memcpy(&x->props.saddr, &ua->saddr, sizeof(ua->saddr)); 1346 memcpy(&x->sel, &ua->sel, sizeof(ua->sel)); 1347 1348 ut = RTA_DATA(rt); 1349 /* extract the templates and for each call km_key */ 1350 for (i = 0; i < xp->xfrm_nr; i++, ut++) { 1351 struct xfrm_tmpl *t = &xp->xfrm_vec[i]; 1352 memcpy(&x->id, &t->id, sizeof(x->id)); 1353 x->props.mode = t->mode; 1354 x->props.reqid = t->reqid; 1355 x->props.family = ut->family; 1356 t->aalgos = ua->aalgos; 1357 t->ealgos = ua->ealgos; 1358 t->calgos = ua->calgos; 1359 err = km_query(x, t, xp); 1360 1361 } 1362 1363 kfree(x); 1364 kfree(xp); 1365 1366 return 0; 1367 } 1368 1369 1370 #define XMSGSIZE(type) NLMSG_LENGTH(sizeof(struct type)) 1371 1372 static const int xfrm_msg_min[XFRM_NR_MSGTYPES] = { 1373 [XFRM_MSG_NEWSA - XFRM_MSG_BASE] = XMSGSIZE(xfrm_usersa_info), 1374 [XFRM_MSG_DELSA - XFRM_MSG_BASE] = XMSGSIZE(xfrm_usersa_id), 1375 [XFRM_MSG_GETSA - XFRM_MSG_BASE] = XMSGSIZE(xfrm_usersa_id), 1376 [XFRM_MSG_NEWPOLICY - XFRM_MSG_BASE] = XMSGSIZE(xfrm_userpolicy_info), 1377 [XFRM_MSG_DELPOLICY - XFRM_MSG_BASE] = XMSGSIZE(xfrm_userpolicy_id), 1378 [XFRM_MSG_GETPOLICY - XFRM_MSG_BASE] = XMSGSIZE(xfrm_userpolicy_id), 1379 [XFRM_MSG_ALLOCSPI - XFRM_MSG_BASE] = XMSGSIZE(xfrm_userspi_info), 1380 [XFRM_MSG_ACQUIRE - XFRM_MSG_BASE] = XMSGSIZE(xfrm_user_acquire), 1381 [XFRM_MSG_EXPIRE - XFRM_MSG_BASE] = XMSGSIZE(xfrm_user_expire), 1382 [XFRM_MSG_UPDPOLICY - XFRM_MSG_BASE] = XMSGSIZE(xfrm_userpolicy_info), 1383 [XFRM_MSG_UPDSA - XFRM_MSG_BASE] = XMSGSIZE(xfrm_usersa_info), 1384 [XFRM_MSG_POLEXPIRE - XFRM_MSG_BASE] = XMSGSIZE(xfrm_user_polexpire), 1385 [XFRM_MSG_FLUSHSA - XFRM_MSG_BASE] = XMSGSIZE(xfrm_usersa_flush), 1386 [XFRM_MSG_FLUSHPOLICY - XFRM_MSG_BASE] = NLMSG_LENGTH(0), 1387 [XFRM_MSG_NEWAE - XFRM_MSG_BASE] = XMSGSIZE(xfrm_aevent_id), 1388 [XFRM_MSG_GETAE - XFRM_MSG_BASE] = XMSGSIZE(xfrm_aevent_id), 1389 }; 1390 1391 #undef XMSGSIZE 1392 1393 static struct xfrm_link { 1394 int (*doit)(struct sk_buff *, struct nlmsghdr *, void **); 1395 int (*dump)(struct sk_buff *, struct netlink_callback *); 1396 } xfrm_dispatch[XFRM_NR_MSGTYPES] = { 1397 [XFRM_MSG_NEWSA - XFRM_MSG_BASE] = { .doit = xfrm_add_sa }, 1398 [XFRM_MSG_DELSA - XFRM_MSG_BASE] = { .doit = xfrm_del_sa }, 1399 [XFRM_MSG_GETSA - XFRM_MSG_BASE] = { .doit = xfrm_get_sa, 1400 .dump = xfrm_dump_sa }, 1401 [XFRM_MSG_NEWPOLICY - XFRM_MSG_BASE] = { .doit = xfrm_add_policy }, 1402 [XFRM_MSG_DELPOLICY - XFRM_MSG_BASE] = { .doit = xfrm_get_policy }, 1403 [XFRM_MSG_GETPOLICY - XFRM_MSG_BASE] = { .doit = xfrm_get_policy, 1404 .dump = xfrm_dump_policy }, 1405 [XFRM_MSG_ALLOCSPI - XFRM_MSG_BASE] = { .doit = xfrm_alloc_userspi }, 1406 [XFRM_MSG_ACQUIRE - XFRM_MSG_BASE] = { .doit = xfrm_add_acquire }, 1407 [XFRM_MSG_EXPIRE - XFRM_MSG_BASE] = { .doit = xfrm_add_sa_expire }, 1408 [XFRM_MSG_UPDPOLICY - XFRM_MSG_BASE] = { .doit = xfrm_add_policy }, 1409 [XFRM_MSG_UPDSA - XFRM_MSG_BASE] = { .doit = xfrm_add_sa }, 1410 [XFRM_MSG_POLEXPIRE - XFRM_MSG_BASE] = { .doit = xfrm_add_pol_expire}, 1411 [XFRM_MSG_FLUSHSA - XFRM_MSG_BASE] = { .doit = xfrm_flush_sa }, 1412 [XFRM_MSG_FLUSHPOLICY - XFRM_MSG_BASE] = { .doit = xfrm_flush_policy }, 1413 [XFRM_MSG_NEWAE - XFRM_MSG_BASE] = { .doit = xfrm_new_ae }, 1414 [XFRM_MSG_GETAE - XFRM_MSG_BASE] = { .doit = xfrm_get_ae }, 1415 }; 1416 1417 static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh, int *errp) 1418 { 1419 struct rtattr *xfrma[XFRMA_MAX]; 1420 struct xfrm_link *link; 1421 int type, min_len; 1422 1423 if (!(nlh->nlmsg_flags & NLM_F_REQUEST)) 1424 return 0; 1425 1426 type = nlh->nlmsg_type; 1427 1428 /* A control message: ignore them */ 1429 if (type < XFRM_MSG_BASE) 1430 return 0; 1431 1432 /* Unknown message: reply with EINVAL */ 1433 if (type > XFRM_MSG_MAX) 1434 goto err_einval; 1435 1436 type -= XFRM_MSG_BASE; 1437 link = &xfrm_dispatch[type]; 1438 1439 /* All operations require privileges, even GET */ 1440 if (security_netlink_recv(skb, CAP_NET_ADMIN)) { 1441 *errp = -EPERM; 1442 return -1; 1443 } 1444 1445 if ((type == (XFRM_MSG_GETSA - XFRM_MSG_BASE) || 1446 type == (XFRM_MSG_GETPOLICY - XFRM_MSG_BASE)) && 1447 (nlh->nlmsg_flags & NLM_F_DUMP)) { 1448 if (link->dump == NULL) 1449 goto err_einval; 1450 1451 if ((*errp = netlink_dump_start(xfrm_nl, skb, nlh, 1452 link->dump, NULL)) != 0) { 1453 return -1; 1454 } 1455 1456 netlink_queue_skip(nlh, skb); 1457 return -1; 1458 } 1459 1460 memset(xfrma, 0, sizeof(xfrma)); 1461 1462 if (nlh->nlmsg_len < (min_len = xfrm_msg_min[type])) 1463 goto err_einval; 1464 1465 if (nlh->nlmsg_len > min_len) { 1466 int attrlen = nlh->nlmsg_len - NLMSG_ALIGN(min_len); 1467 struct rtattr *attr = (void *) nlh + NLMSG_ALIGN(min_len); 1468 1469 while (RTA_OK(attr, attrlen)) { 1470 unsigned short flavor = attr->rta_type; 1471 if (flavor) { 1472 if (flavor > XFRMA_MAX) 1473 goto err_einval; 1474 xfrma[flavor - 1] = attr; 1475 } 1476 attr = RTA_NEXT(attr, attrlen); 1477 } 1478 } 1479 1480 if (link->doit == NULL) 1481 goto err_einval; 1482 *errp = link->doit(skb, nlh, (void **) &xfrma); 1483 1484 return *errp; 1485 1486 err_einval: 1487 *errp = -EINVAL; 1488 return -1; 1489 } 1490 1491 static void xfrm_netlink_rcv(struct sock *sk, int len) 1492 { 1493 unsigned int qlen = 0; 1494 1495 do { 1496 mutex_lock(&xfrm_cfg_mutex); 1497 netlink_run_queue(sk, &qlen, &xfrm_user_rcv_msg); 1498 mutex_unlock(&xfrm_cfg_mutex); 1499 1500 } while (qlen); 1501 } 1502 1503 static int build_expire(struct sk_buff *skb, struct xfrm_state *x, struct km_event *c) 1504 { 1505 struct xfrm_user_expire *ue; 1506 struct nlmsghdr *nlh; 1507 unsigned char *b = skb->tail; 1508 1509 nlh = NLMSG_PUT(skb, c->pid, 0, XFRM_MSG_EXPIRE, 1510 sizeof(*ue)); 1511 ue = NLMSG_DATA(nlh); 1512 nlh->nlmsg_flags = 0; 1513 1514 copy_to_user_state(x, &ue->state); 1515 ue->hard = (c->data.hard != 0) ? 1 : 0; 1516 1517 nlh->nlmsg_len = skb->tail - b; 1518 return skb->len; 1519 1520 nlmsg_failure: 1521 skb_trim(skb, b - skb->data); 1522 return -1; 1523 } 1524 1525 static int xfrm_exp_state_notify(struct xfrm_state *x, struct km_event *c) 1526 { 1527 struct sk_buff *skb; 1528 int len = NLMSG_LENGTH(sizeof(struct xfrm_user_expire)); 1529 1530 skb = alloc_skb(len, GFP_ATOMIC); 1531 if (skb == NULL) 1532 return -ENOMEM; 1533 1534 if (build_expire(skb, x, c) < 0) 1535 BUG(); 1536 1537 NETLINK_CB(skb).dst_group = XFRMNLGRP_EXPIRE; 1538 return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_EXPIRE, GFP_ATOMIC); 1539 } 1540 1541 static int xfrm_aevent_state_notify(struct xfrm_state *x, struct km_event *c) 1542 { 1543 struct sk_buff *skb; 1544 int len = NLMSG_LENGTH(sizeof(struct xfrm_aevent_id)); 1545 1546 len += RTA_SPACE(sizeof(struct xfrm_replay_state)); 1547 len += RTA_SPACE(sizeof(struct xfrm_lifetime_cur)); 1548 skb = alloc_skb(len, GFP_ATOMIC); 1549 if (skb == NULL) 1550 return -ENOMEM; 1551 1552 if (build_aevent(skb, x, c) < 0) 1553 BUG(); 1554 1555 NETLINK_CB(skb).dst_group = XFRMNLGRP_AEVENTS; 1556 return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_AEVENTS, GFP_ATOMIC); 1557 } 1558 1559 static int xfrm_notify_sa_flush(struct km_event *c) 1560 { 1561 struct xfrm_usersa_flush *p; 1562 struct nlmsghdr *nlh; 1563 struct sk_buff *skb; 1564 unsigned char *b; 1565 int len = NLMSG_LENGTH(sizeof(struct xfrm_usersa_flush)); 1566 1567 skb = alloc_skb(len, GFP_ATOMIC); 1568 if (skb == NULL) 1569 return -ENOMEM; 1570 b = skb->tail; 1571 1572 nlh = NLMSG_PUT(skb, c->pid, c->seq, 1573 XFRM_MSG_FLUSHSA, sizeof(*p)); 1574 nlh->nlmsg_flags = 0; 1575 1576 p = NLMSG_DATA(nlh); 1577 p->proto = c->data.proto; 1578 1579 nlh->nlmsg_len = skb->tail - b; 1580 1581 NETLINK_CB(skb).dst_group = XFRMNLGRP_SA; 1582 return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_SA, GFP_ATOMIC); 1583 1584 nlmsg_failure: 1585 kfree_skb(skb); 1586 return -1; 1587 } 1588 1589 static int inline xfrm_sa_len(struct xfrm_state *x) 1590 { 1591 int l = 0; 1592 if (x->aalg) 1593 l += RTA_SPACE(sizeof(*x->aalg) + (x->aalg->alg_key_len+7)/8); 1594 if (x->ealg) 1595 l += RTA_SPACE(sizeof(*x->ealg) + (x->ealg->alg_key_len+7)/8); 1596 if (x->calg) 1597 l += RTA_SPACE(sizeof(*x->calg)); 1598 if (x->encap) 1599 l += RTA_SPACE(sizeof(*x->encap)); 1600 1601 return l; 1602 } 1603 1604 static int xfrm_notify_sa(struct xfrm_state *x, struct km_event *c) 1605 { 1606 struct xfrm_usersa_info *p; 1607 struct xfrm_usersa_id *id; 1608 struct nlmsghdr *nlh; 1609 struct sk_buff *skb; 1610 unsigned char *b; 1611 int len = xfrm_sa_len(x); 1612 int headlen; 1613 1614 headlen = sizeof(*p); 1615 if (c->event == XFRM_MSG_DELSA) { 1616 len += RTA_SPACE(headlen); 1617 headlen = sizeof(*id); 1618 } 1619 len += NLMSG_SPACE(headlen); 1620 1621 skb = alloc_skb(len, GFP_ATOMIC); 1622 if (skb == NULL) 1623 return -ENOMEM; 1624 b = skb->tail; 1625 1626 nlh = NLMSG_PUT(skb, c->pid, c->seq, c->event, headlen); 1627 nlh->nlmsg_flags = 0; 1628 1629 p = NLMSG_DATA(nlh); 1630 if (c->event == XFRM_MSG_DELSA) { 1631 id = NLMSG_DATA(nlh); 1632 memcpy(&id->daddr, &x->id.daddr, sizeof(id->daddr)); 1633 id->spi = x->id.spi; 1634 id->family = x->props.family; 1635 id->proto = x->id.proto; 1636 1637 p = RTA_DATA(__RTA_PUT(skb, XFRMA_SA, sizeof(*p))); 1638 } 1639 1640 copy_to_user_state(x, p); 1641 1642 if (x->aalg) 1643 RTA_PUT(skb, XFRMA_ALG_AUTH, 1644 sizeof(*(x->aalg))+(x->aalg->alg_key_len+7)/8, x->aalg); 1645 if (x->ealg) 1646 RTA_PUT(skb, XFRMA_ALG_CRYPT, 1647 sizeof(*(x->ealg))+(x->ealg->alg_key_len+7)/8, x->ealg); 1648 if (x->calg) 1649 RTA_PUT(skb, XFRMA_ALG_COMP, sizeof(*(x->calg)), x->calg); 1650 1651 if (x->encap) 1652 RTA_PUT(skb, XFRMA_ENCAP, sizeof(*x->encap), x->encap); 1653 1654 nlh->nlmsg_len = skb->tail - b; 1655 1656 NETLINK_CB(skb).dst_group = XFRMNLGRP_SA; 1657 return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_SA, GFP_ATOMIC); 1658 1659 nlmsg_failure: 1660 rtattr_failure: 1661 kfree_skb(skb); 1662 return -1; 1663 } 1664 1665 static int xfrm_send_state_notify(struct xfrm_state *x, struct km_event *c) 1666 { 1667 1668 switch (c->event) { 1669 case XFRM_MSG_EXPIRE: 1670 return xfrm_exp_state_notify(x, c); 1671 case XFRM_MSG_NEWAE: 1672 return xfrm_aevent_state_notify(x, c); 1673 case XFRM_MSG_DELSA: 1674 case XFRM_MSG_UPDSA: 1675 case XFRM_MSG_NEWSA: 1676 return xfrm_notify_sa(x, c); 1677 case XFRM_MSG_FLUSHSA: 1678 return xfrm_notify_sa_flush(c); 1679 default: 1680 printk("xfrm_user: Unknown SA event %d\n", c->event); 1681 break; 1682 } 1683 1684 return 0; 1685 1686 } 1687 1688 static int build_acquire(struct sk_buff *skb, struct xfrm_state *x, 1689 struct xfrm_tmpl *xt, struct xfrm_policy *xp, 1690 int dir) 1691 { 1692 struct xfrm_user_acquire *ua; 1693 struct nlmsghdr *nlh; 1694 unsigned char *b = skb->tail; 1695 __u32 seq = xfrm_get_acqseq(); 1696 1697 nlh = NLMSG_PUT(skb, 0, 0, XFRM_MSG_ACQUIRE, 1698 sizeof(*ua)); 1699 ua = NLMSG_DATA(nlh); 1700 nlh->nlmsg_flags = 0; 1701 1702 memcpy(&ua->id, &x->id, sizeof(ua->id)); 1703 memcpy(&ua->saddr, &x->props.saddr, sizeof(ua->saddr)); 1704 memcpy(&ua->sel, &x->sel, sizeof(ua->sel)); 1705 copy_to_user_policy(xp, &ua->policy, dir); 1706 ua->aalgos = xt->aalgos; 1707 ua->ealgos = xt->ealgos; 1708 ua->calgos = xt->calgos; 1709 ua->seq = x->km.seq = seq; 1710 1711 if (copy_to_user_tmpl(xp, skb) < 0) 1712 goto nlmsg_failure; 1713 if (copy_to_user_sec_ctx(xp, skb)) 1714 goto nlmsg_failure; 1715 1716 nlh->nlmsg_len = skb->tail - b; 1717 return skb->len; 1718 1719 nlmsg_failure: 1720 skb_trim(skb, b - skb->data); 1721 return -1; 1722 } 1723 1724 static int xfrm_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *xt, 1725 struct xfrm_policy *xp, int dir) 1726 { 1727 struct sk_buff *skb; 1728 size_t len; 1729 1730 len = RTA_SPACE(sizeof(struct xfrm_user_tmpl) * xp->xfrm_nr); 1731 len += NLMSG_SPACE(sizeof(struct xfrm_user_acquire)); 1732 len += RTA_SPACE(xfrm_user_sec_ctx_size(xp)); 1733 skb = alloc_skb(len, GFP_ATOMIC); 1734 if (skb == NULL) 1735 return -ENOMEM; 1736 1737 if (build_acquire(skb, x, xt, xp, dir) < 0) 1738 BUG(); 1739 1740 NETLINK_CB(skb).dst_group = XFRMNLGRP_ACQUIRE; 1741 return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_ACQUIRE, GFP_ATOMIC); 1742 } 1743 1744 /* User gives us xfrm_user_policy_info followed by an array of 0 1745 * or more templates. 1746 */ 1747 static struct xfrm_policy *xfrm_compile_policy(u16 family, int opt, 1748 u8 *data, int len, int *dir) 1749 { 1750 struct xfrm_userpolicy_info *p = (struct xfrm_userpolicy_info *)data; 1751 struct xfrm_user_tmpl *ut = (struct xfrm_user_tmpl *) (p + 1); 1752 struct xfrm_policy *xp; 1753 int nr; 1754 1755 switch (family) { 1756 case AF_INET: 1757 if (opt != IP_XFRM_POLICY) { 1758 *dir = -EOPNOTSUPP; 1759 return NULL; 1760 } 1761 break; 1762 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 1763 case AF_INET6: 1764 if (opt != IPV6_XFRM_POLICY) { 1765 *dir = -EOPNOTSUPP; 1766 return NULL; 1767 } 1768 break; 1769 #endif 1770 default: 1771 *dir = -EINVAL; 1772 return NULL; 1773 } 1774 1775 *dir = -EINVAL; 1776 1777 if (len < sizeof(*p) || 1778 verify_newpolicy_info(p)) 1779 return NULL; 1780 1781 nr = ((len - sizeof(*p)) / sizeof(*ut)); 1782 if (nr > XFRM_MAX_DEPTH) 1783 return NULL; 1784 1785 if (p->dir > XFRM_POLICY_OUT) 1786 return NULL; 1787 1788 xp = xfrm_policy_alloc(GFP_KERNEL); 1789 if (xp == NULL) { 1790 *dir = -ENOBUFS; 1791 return NULL; 1792 } 1793 1794 copy_from_user_policy(xp, p); 1795 copy_templates(xp, ut, nr); 1796 1797 *dir = p->dir; 1798 1799 return xp; 1800 } 1801 1802 static int build_polexpire(struct sk_buff *skb, struct xfrm_policy *xp, 1803 int dir, struct km_event *c) 1804 { 1805 struct xfrm_user_polexpire *upe; 1806 struct nlmsghdr *nlh; 1807 int hard = c->data.hard; 1808 unsigned char *b = skb->tail; 1809 1810 nlh = NLMSG_PUT(skb, c->pid, 0, XFRM_MSG_POLEXPIRE, sizeof(*upe)); 1811 upe = NLMSG_DATA(nlh); 1812 nlh->nlmsg_flags = 0; 1813 1814 copy_to_user_policy(xp, &upe->pol, dir); 1815 if (copy_to_user_tmpl(xp, skb) < 0) 1816 goto nlmsg_failure; 1817 if (copy_to_user_sec_ctx(xp, skb)) 1818 goto nlmsg_failure; 1819 upe->hard = !!hard; 1820 1821 nlh->nlmsg_len = skb->tail - b; 1822 return skb->len; 1823 1824 nlmsg_failure: 1825 skb_trim(skb, b - skb->data); 1826 return -1; 1827 } 1828 1829 static int xfrm_exp_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c) 1830 { 1831 struct sk_buff *skb; 1832 size_t len; 1833 1834 len = RTA_SPACE(sizeof(struct xfrm_user_tmpl) * xp->xfrm_nr); 1835 len += NLMSG_SPACE(sizeof(struct xfrm_user_polexpire)); 1836 len += RTA_SPACE(xfrm_user_sec_ctx_size(xp)); 1837 skb = alloc_skb(len, GFP_ATOMIC); 1838 if (skb == NULL) 1839 return -ENOMEM; 1840 1841 if (build_polexpire(skb, xp, dir, c) < 0) 1842 BUG(); 1843 1844 NETLINK_CB(skb).dst_group = XFRMNLGRP_EXPIRE; 1845 return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_EXPIRE, GFP_ATOMIC); 1846 } 1847 1848 static int xfrm_notify_policy(struct xfrm_policy *xp, int dir, struct km_event *c) 1849 { 1850 struct xfrm_userpolicy_info *p; 1851 struct xfrm_userpolicy_id *id; 1852 struct nlmsghdr *nlh; 1853 struct sk_buff *skb; 1854 unsigned char *b; 1855 int len = RTA_SPACE(sizeof(struct xfrm_user_tmpl) * xp->xfrm_nr); 1856 int headlen; 1857 1858 headlen = sizeof(*p); 1859 if (c->event == XFRM_MSG_DELPOLICY) { 1860 len += RTA_SPACE(headlen); 1861 headlen = sizeof(*id); 1862 } 1863 len += NLMSG_SPACE(headlen); 1864 1865 skb = alloc_skb(len, GFP_ATOMIC); 1866 if (skb == NULL) 1867 return -ENOMEM; 1868 b = skb->tail; 1869 1870 nlh = NLMSG_PUT(skb, c->pid, c->seq, c->event, headlen); 1871 1872 p = NLMSG_DATA(nlh); 1873 if (c->event == XFRM_MSG_DELPOLICY) { 1874 id = NLMSG_DATA(nlh); 1875 memset(id, 0, sizeof(*id)); 1876 id->dir = dir; 1877 if (c->data.byid) 1878 id->index = xp->index; 1879 else 1880 memcpy(&id->sel, &xp->selector, sizeof(id->sel)); 1881 1882 p = RTA_DATA(__RTA_PUT(skb, XFRMA_POLICY, sizeof(*p))); 1883 } 1884 1885 nlh->nlmsg_flags = 0; 1886 1887 copy_to_user_policy(xp, p, dir); 1888 if (copy_to_user_tmpl(xp, skb) < 0) 1889 goto nlmsg_failure; 1890 1891 nlh->nlmsg_len = skb->tail - b; 1892 1893 NETLINK_CB(skb).dst_group = XFRMNLGRP_POLICY; 1894 return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_POLICY, GFP_ATOMIC); 1895 1896 nlmsg_failure: 1897 rtattr_failure: 1898 kfree_skb(skb); 1899 return -1; 1900 } 1901 1902 static int xfrm_notify_policy_flush(struct km_event *c) 1903 { 1904 struct nlmsghdr *nlh; 1905 struct sk_buff *skb; 1906 unsigned char *b; 1907 int len = NLMSG_LENGTH(0); 1908 1909 skb = alloc_skb(len, GFP_ATOMIC); 1910 if (skb == NULL) 1911 return -ENOMEM; 1912 b = skb->tail; 1913 1914 1915 nlh = NLMSG_PUT(skb, c->pid, c->seq, XFRM_MSG_FLUSHPOLICY, 0); 1916 1917 nlh->nlmsg_len = skb->tail - b; 1918 1919 NETLINK_CB(skb).dst_group = XFRMNLGRP_POLICY; 1920 return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_POLICY, GFP_ATOMIC); 1921 1922 nlmsg_failure: 1923 kfree_skb(skb); 1924 return -1; 1925 } 1926 1927 static int xfrm_send_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c) 1928 { 1929 1930 switch (c->event) { 1931 case XFRM_MSG_NEWPOLICY: 1932 case XFRM_MSG_UPDPOLICY: 1933 case XFRM_MSG_DELPOLICY: 1934 return xfrm_notify_policy(xp, dir, c); 1935 case XFRM_MSG_FLUSHPOLICY: 1936 return xfrm_notify_policy_flush(c); 1937 case XFRM_MSG_POLEXPIRE: 1938 return xfrm_exp_policy_notify(xp, dir, c); 1939 default: 1940 printk("xfrm_user: Unknown Policy event %d\n", c->event); 1941 } 1942 1943 return 0; 1944 1945 } 1946 1947 static struct xfrm_mgr netlink_mgr = { 1948 .id = "netlink", 1949 .notify = xfrm_send_state_notify, 1950 .acquire = xfrm_send_acquire, 1951 .compile_policy = xfrm_compile_policy, 1952 .notify_policy = xfrm_send_policy_notify, 1953 }; 1954 1955 static int __init xfrm_user_init(void) 1956 { 1957 struct sock *nlsk; 1958 1959 printk(KERN_INFO "Initializing IPsec netlink socket\n"); 1960 1961 nlsk = netlink_kernel_create(NETLINK_XFRM, XFRMNLGRP_MAX, 1962 xfrm_netlink_rcv, THIS_MODULE); 1963 if (nlsk == NULL) 1964 return -ENOMEM; 1965 rcu_assign_pointer(xfrm_nl, nlsk); 1966 1967 xfrm_register_km(&netlink_mgr); 1968 1969 return 0; 1970 } 1971 1972 static void __exit xfrm_user_exit(void) 1973 { 1974 struct sock *nlsk = xfrm_nl; 1975 1976 xfrm_unregister_km(&netlink_mgr); 1977 rcu_assign_pointer(xfrm_nl, NULL); 1978 synchronize_rcu(); 1979 sock_release(nlsk->sk_socket); 1980 } 1981 1982 module_init(xfrm_user_init); 1983 module_exit(xfrm_user_exit); 1984 MODULE_LICENSE("GPL"); 1985 MODULE_ALIAS_NET_PF_PROTO(PF_NETLINK, NETLINK_XFRM); 1986 1987