search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[TG3]: Set minimal hw interrupt mitigation.
[linux-2.6/verdex.git] / net / ipv4 / ipcomp.c
blob1a23c5263b993a9004aea0518216de263178f63b
1 /*
2 * IP Payload Compression Protocol (IPComp) - RFC3173.
3 *
4 * Copyright (c) 2003 James Morris <jmorris@intercode.com.au>
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; either version 2 of the License, or (at your option)
9 * any later version.
10 *
11 * Todo:
12 * - Tunable compression parameters.
13 * - Compression stats.
14 * - Adaptive compression.
15 */
16 #include <linux/config.h>
17 #include <linux/module.h>
18 #include <asm/scatterlist.h>
19 #include <asm/semaphore.h>
20 #include <linux/crypto.h>
21 #include <linux/pfkeyv2.h>
22 #include <linux/percpu.h>
23 #include <linux/smp.h>
24 #include <linux/list.h>
25 #include <linux/vmalloc.h>
26 #include <linux/rtnetlink.h>
27 #include <net/ip.h>
28 #include <net/xfrm.h>
29 #include <net/icmp.h>
30 #include <net/ipcomp.h>
31
32 struct ipcomp_tfms {
33 struct list_head list;
34 struct crypto_tfm **tfms;
35 int users;
36 };
37
38 static DECLARE_MUTEX(ipcomp_resource_sem);
39 static void **ipcomp_scratches;
40 static int ipcomp_scratch_users;
41 static LIST_HEAD(ipcomp_tfms_list);
42
43 static int ipcomp_decompress(struct xfrm_state *x, struct sk_buff *skb)
44 {
45 int err, plen, dlen;
46 struct iphdr *iph;
47 struct ipcomp_data *ipcd = x->data;
48 u8 *start, *scratch;
49 struct crypto_tfm *tfm;
50 int cpu;
51
52 plen = skb->len;
53 dlen = IPCOMP_SCRATCH_SIZE;
54 start = skb->data;
55
56 cpu = get_cpu();
57 scratch = *per_cpu_ptr(ipcomp_scratches, cpu);
58 tfm = *per_cpu_ptr(ipcd->tfms, cpu);
59
60 err = crypto_comp_decompress(tfm, start, plen, scratch, &dlen);
61 if (err)
62 goto out;
63
64 if (dlen < (plen + sizeof(struct ip_comp_hdr))) {
65 err = -EINVAL;
66 goto out;
67 }
68
69 err = pskb_expand_head(skb, 0, dlen - plen, GFP_ATOMIC);
70 if (err)
71 goto out;
72
73 skb_put(skb, dlen - plen);
74 memcpy(skb->data, scratch, dlen);
75 iph = skb->nh.iph;
76 iph->tot_len = htons(dlen + iph->ihl * 4);
77 out:
78 put_cpu();
79 return err;
80 }
81
82 static int ipcomp_input(struct xfrm_state *x,
83 struct xfrm_decap_state *decap, struct sk_buff *skb)
84 {
85 u8 nexthdr;
86 int err = 0;
87 struct iphdr *iph;
88 union {
89 struct iphdr iph;
90 char buf[60];
91 } tmp_iph;
92
93
94 if ((skb_is_nonlinear(skb) || skb_cloned(skb)) &&
95 skb_linearize(skb, GFP_ATOMIC) != 0) {
96 err = -ENOMEM;
97 goto out;
98 }
99
100 skb->ip_summed = CHECKSUM_NONE;
101
102 /* Remove ipcomp header and decompress original payload */
103 iph = skb->nh.iph;
104 memcpy(&tmp_iph, iph, iph->ihl * 4);
105 nexthdr = *(u8 *)skb->data;
106 skb_pull(skb, sizeof(struct ip_comp_hdr));
107 skb->nh.raw += sizeof(struct ip_comp_hdr);
108 memcpy(skb->nh.raw, &tmp_iph, tmp_iph.iph.ihl * 4);
109 iph = skb->nh.iph;
110 iph->tot_len = htons(ntohs(iph->tot_len) - sizeof(struct ip_comp_hdr));
111 iph->protocol = nexthdr;
112 skb->h.raw = skb->data;
113 err = ipcomp_decompress(x, skb);
114
115 out:
116 return err;
117 }
118
119 static int ipcomp_compress(struct xfrm_state *x, struct sk_buff *skb)
120 {
121 int err, plen, dlen, ihlen;
122 struct iphdr *iph = skb->nh.iph;
123 struct ipcomp_data *ipcd = x->data;
124 u8 *start, *scratch;
125 struct crypto_tfm *tfm;
126 int cpu;
127
128 ihlen = iph->ihl * 4;
129 plen = skb->len - ihlen;
130 dlen = IPCOMP_SCRATCH_SIZE;
131 start = skb->data + ihlen;
132
133 cpu = get_cpu();
134 scratch = *per_cpu_ptr(ipcomp_scratches, cpu);
135 tfm = *per_cpu_ptr(ipcd->tfms, cpu);
136
137 err = crypto_comp_compress(tfm, start, plen, scratch, &dlen);
138 if (err)
139 goto out;
140
141 if ((dlen + sizeof(struct ip_comp_hdr)) >= plen) {
142 err = -EMSGSIZE;
143 goto out;
144 }
145
146 memcpy(start + sizeof(struct ip_comp_hdr), scratch, dlen);
147 put_cpu();
148
149 pskb_trim(skb, ihlen + dlen + sizeof(struct ip_comp_hdr));
150 return 0;
151
152 out:
153 put_cpu();
154 return err;
155 }
156
157 static int ipcomp_output(struct xfrm_state *x, struct sk_buff *skb)
158 {
159 int err;
160 struct iphdr *iph;
161 struct ip_comp_hdr *ipch;
162 struct ipcomp_data *ipcd = x->data;
163 int hdr_len = 0;
164
165 iph = skb->nh.iph;
166 iph->tot_len = htons(skb->len);
167 hdr_len = iph->ihl * 4;
168 if ((skb->len - hdr_len) < ipcd->threshold) {
169 /* Don't bother compressing */
170 goto out_ok;
171 }
172
173 if ((skb_is_nonlinear(skb) || skb_cloned(skb)) &&
174 skb_linearize(skb, GFP_ATOMIC) != 0) {
175 goto out_ok;
176 }
177
178 err = ipcomp_compress(x, skb);
179 iph = skb->nh.iph;
180
181 if (err) {
182 goto out_ok;
183 }
184
185 /* Install ipcomp header, convert into ipcomp datagram. */
186 iph->tot_len = htons(skb->len);
187 ipch = (struct ip_comp_hdr *)((char *)iph + iph->ihl * 4);
188 ipch->nexthdr = iph->protocol;
189 ipch->flags = 0;
190 ipch->cpi = htons((u16 )ntohl(x->id.spi));
191 iph->protocol = IPPROTO_COMP;
192 ip_send_check(iph);
193 return 0;
194
195 out_ok:
196 if (x->props.mode)
197 ip_send_check(iph);
198 return 0;
199 }
200
201 static void ipcomp4_err(struct sk_buff *skb, u32 info)
202 {
203 u32 spi;
204 struct iphdr *iph = (struct iphdr *)skb->data;
205 struct ip_comp_hdr *ipch = (struct ip_comp_hdr *)(skb->data+(iph->ihl<<2));
206 struct xfrm_state *x;
207
208 if (skb->h.icmph->type != ICMP_DEST_UNREACH ||
209 skb->h.icmph->code != ICMP_FRAG_NEEDED)
210 return;
211
212 spi = ntohl(ntohs(ipch->cpi));
213 x = xfrm_state_lookup((xfrm_address_t *)&iph->daddr,
214 spi, IPPROTO_COMP, AF_INET);
215 if (!x)
216 return;
217 NETDEBUG(printk(KERN_DEBUG "pmtu discovery on SA IPCOMP/%08x/%u.%u.%u.%u\n",
218 spi, NIPQUAD(iph->daddr)));
219 xfrm_state_put(x);
220 }
221
222 /* We always hold one tunnel user reference to indicate a tunnel */
223 static struct xfrm_state *ipcomp_tunnel_create(struct xfrm_state *x)
224 {
225 struct xfrm_state *t;
226
227 t = xfrm_state_alloc();
228 if (t == NULL)
229 goto out;
230
231 t->id.proto = IPPROTO_IPIP;
232 t->id.spi = x->props.saddr.a4;
233 t->id.daddr.a4 = x->id.daddr.a4;
234 memcpy(&t->sel, &x->sel, sizeof(t->sel));
235 t->props.family = AF_INET;
236 t->props.mode = 1;
237 t->props.saddr.a4 = x->props.saddr.a4;
238 t->props.flags = x->props.flags;
239
240 t->type = xfrm_get_type(IPPROTO_IPIP, t->props.family);
241 if (t->type == NULL)
242 goto error;
243
244 if (t->type->init_state(t, NULL))
245 goto error;
246
247 t->km.state = XFRM_STATE_VALID;
248 atomic_set(&t->tunnel_users, 1);
249 out:
250 return t;
251
252 error:
253 t->km.state = XFRM_STATE_DEAD;
254 xfrm_state_put(t);
255 t = NULL;
256 goto out;
257 }
258
259 /*
260 * Must be protected by xfrm_cfg_sem. State and tunnel user references are
261 * always incremented on success.
262 */
263 static int ipcomp_tunnel_attach(struct xfrm_state *x)
264 {
265 int err = 0;
266 struct xfrm_state *t;
267
268 t = xfrm_state_lookup((xfrm_address_t *)&x->id.daddr.a4,
269 x->props.saddr.a4, IPPROTO_IPIP, AF_INET);
270 if (!t) {
271 t = ipcomp_tunnel_create(x);
272 if (!t) {
273 err = -EINVAL;
274 goto out;
275 }
276 xfrm_state_insert(t);
277 xfrm_state_hold(t);
278 }
279 x->tunnel = t;
280 atomic_inc(&t->tunnel_users);
281 out:
282 return err;
283 }
284
285 static void ipcomp_free_scratches(void)
286 {
287 int i;
288 void **scratches;
289
290 if (--ipcomp_scratch_users)
291 return;
292
293 scratches = ipcomp_scratches;
294 if (!scratches)
295 return;
296
297 for_each_cpu(i) {
298 void *scratch = *per_cpu_ptr(scratches, i);
299 if (scratch)
300 vfree(scratch);
301 }
302
303 free_percpu(scratches);
304 }
305
306 static void **ipcomp_alloc_scratches(void)
307 {
308 int i;
309 void **scratches;
310
311 if (ipcomp_scratch_users++)
312 return ipcomp_scratches;
313
314 scratches = alloc_percpu(void *);
315 if (!scratches)
316 return NULL;
317
318 ipcomp_scratches = scratches;
319
320 for_each_cpu(i) {
321 void *scratch = vmalloc(IPCOMP_SCRATCH_SIZE);
322 if (!scratch)
323 return NULL;
324 *per_cpu_ptr(scratches, i) = scratch;
325 }
326
327 return scratches;
328 }
329
330 static void ipcomp_free_tfms(struct crypto_tfm **tfms)
331 {
332 struct ipcomp_tfms *pos;
333 int cpu;
334
335 list_for_each_entry(pos, &ipcomp_tfms_list, list) {
336 if (pos->tfms == tfms)
337 break;
338 }
339
340 BUG_TRAP(pos);
341
342 if (--pos->users)
343 return;
344
345 list_del(&pos->list);
346 kfree(pos);
347
348 if (!tfms)
349 return;
350
351 for_each_cpu(cpu) {
352 struct crypto_tfm *tfm = *per_cpu_ptr(tfms, cpu);
353 if (tfm)
354 crypto_free_tfm(tfm);
355 }
356 free_percpu(tfms);
357 }
358
359 static struct crypto_tfm **ipcomp_alloc_tfms(const char *alg_name)
360 {
361 struct ipcomp_tfms *pos;
362 struct crypto_tfm **tfms;
363 int cpu;
364
365 /* This can be any valid CPU ID so we don't need locking. */
366 cpu = smp_processor_id();
367
368 list_for_each_entry(pos, &ipcomp_tfms_list, list) {
369 struct crypto_tfm *tfm;
370
371 tfms = pos->tfms;
372 tfm = *per_cpu_ptr(tfms, cpu);
373
374 if (!strcmp(crypto_tfm_alg_name(tfm), alg_name)) {
375 pos->users++;
376 return tfms;
377 }
378 }
379
380 pos = kmalloc(sizeof(*pos), GFP_KERNEL);
381 if (!pos)
382 return NULL;
383
384 pos->users = 1;
385 INIT_LIST_HEAD(&pos->list);
386 list_add(&pos->list, &ipcomp_tfms_list);
387
388 pos->tfms = tfms = alloc_percpu(struct crypto_tfm *);
389 if (!tfms)
390 goto error;
391
392 for_each_cpu(cpu) {
393 struct crypto_tfm *tfm = crypto_alloc_tfm(alg_name, 0);
394 if (!tfm)
395 goto error;
396 *per_cpu_ptr(tfms, cpu) = tfm;
397 }
398
399 return tfms;
400
401 error:
402 ipcomp_free_tfms(tfms);
403 return NULL;
404 }
405
406 static void ipcomp_free_data(struct ipcomp_data *ipcd)
407 {
408 if (ipcd->tfms)
409 ipcomp_free_tfms(ipcd->tfms);
410 ipcomp_free_scratches();
411 }
412
413 static void ipcomp_destroy(struct xfrm_state *x)
414 {
415 struct ipcomp_data *ipcd = x->data;
416 if (!ipcd)
417 return;
418 xfrm_state_delete_tunnel(x);
419 down(&ipcomp_resource_sem);
420 ipcomp_free_data(ipcd);
421 up(&ipcomp_resource_sem);
422 kfree(ipcd);
423 }
424
425 static int ipcomp_init_state(struct xfrm_state *x, void *args)
426 {
427 int err;
428 struct ipcomp_data *ipcd;
429 struct xfrm_algo_desc *calg_desc;
430
431 err = -EINVAL;
432 if (!x->calg)
433 goto out;
434
435 if (x->encap)
436 goto out;
437
438 err = -ENOMEM;
439 ipcd = kmalloc(sizeof(*ipcd), GFP_KERNEL);
440 if (!ipcd)
441 goto out;
442
443 memset(ipcd, 0, sizeof(*ipcd));
444 x->props.header_len = 0;
445 if (x->props.mode)
446 x->props.header_len += sizeof(struct iphdr);
447
448 down(&ipcomp_resource_sem);
449 if (!ipcomp_alloc_scratches())
450 goto error;
451
452 ipcd->tfms = ipcomp_alloc_tfms(x->calg->alg_name);
453 if (!ipcd->tfms)
454 goto error;
455 up(&ipcomp_resource_sem);
456
457 if (x->props.mode) {
458 err = ipcomp_tunnel_attach(x);
459 if (err)
460 goto error_tunnel;
461 }
462
463 calg_desc = xfrm_calg_get_byname(x->calg->alg_name, 0);
464 BUG_ON(!calg_desc);
465 ipcd->threshold = calg_desc->uinfo.comp.threshold;
466 x->data = ipcd;
467 err = 0;
468 out:
469 return err;
470
471 error_tunnel:
472 down(&ipcomp_resource_sem);
473 error:
474 ipcomp_free_data(ipcd);
475 up(&ipcomp_resource_sem);
476 kfree(ipcd);
477 goto out;
478 }
479
480 static struct xfrm_type ipcomp_type = {
481 .description = "IPCOMP4",
482 .owner = THIS_MODULE,
483 .proto = IPPROTO_COMP,
484 .init_state = ipcomp_init_state,
485 .destructor = ipcomp_destroy,
486 .input = ipcomp_input,
487 .output = ipcomp_output
488 };
489
490 static struct net_protocol ipcomp4_protocol = {
491 .handler = xfrm4_rcv,
492 .err_handler = ipcomp4_err,
493 .no_policy = 1,
494 };
495
496 static int __init ipcomp4_init(void)
497 {
498 if (xfrm_register_type(&ipcomp_type, AF_INET) < 0) {
499 printk(KERN_INFO "ipcomp init: can't add xfrm type\n");
500 return -EAGAIN;
501 }
502 if (inet_add_protocol(&ipcomp4_protocol, IPPROTO_COMP) < 0) {
503 printk(KERN_INFO "ipcomp init: can't add protocol\n");
504 xfrm_unregister_type(&ipcomp_type, AF_INET);
505 return -EAGAIN;
506 }
507 return 0;
508 }
509
510 static void __exit ipcomp4_fini(void)
511 {
512 if (inet_del_protocol(&ipcomp4_protocol, IPPROTO_COMP) < 0)
513 printk(KERN_INFO "ip ipcomp close: can't remove protocol\n");
514 if (xfrm_unregister_type(&ipcomp_type, AF_INET) < 0)
515 printk(KERN_INFO "ip ipcomp close: can't remove xfrm type\n");
516 }
517
518 module_init(ipcomp4_init);
519 module_exit(ipcomp4_fini);
520
521 MODULE_LICENSE("GPL");
522 MODULE_DESCRIPTION("IP Payload Compression Protocol (IPComp) - RFC3173");
523 MODULE_AUTHOR("James Morris <jmorris@intercode.com.au>");
524
Verdex Pro support