search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
lockd: fix "list_add double add" caused by legacy signal interface
[linux/fpc-iii.git] / net / xfrm / xfrm_device.c
blob30e5746085b8fcfc5aa8abc7a8a23753c510a630
1 /*
2 * xfrm_device.c - IPsec device offloading code.
3 *
4 * Copyright (c) 2015 secunet Security Networks AG
5 *
6 * Author:
7 * Steffen Klassert <steffen.klassert@secunet.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15 #include <linux/errno.h>
16 #include <linux/module.h>
17 #include <linux/netdevice.h>
18 #include <linux/skbuff.h>
19 #include <linux/slab.h>
20 #include <linux/spinlock.h>
21 #include <net/dst.h>
22 #include <net/xfrm.h>
23 #include <linux/notifier.h>
24
25 #ifdef CONFIG_XFRM_OFFLOAD
26 int validate_xmit_xfrm(struct sk_buff *skb, netdev_features_t features)
27 {
28 int err;
29 struct xfrm_state *x;
30 struct xfrm_offload *xo = xfrm_offload(skb);
31
32 if (skb_is_gso(skb))
33 return 0;
34
35 if (xo) {
36 x = skb->sp->xvec[skb->sp->len - 1];
37 if (xo->flags & XFRM_GRO || x->xso.flags & XFRM_OFFLOAD_INBOUND)
38 return 0;
39
40 x->outer_mode->xmit(x, skb);
41
42 err = x->type_offload->xmit(x, skb, features);
43 if (err) {
44 XFRM_INC_STATS(xs_net(x), LINUX_MIB_XFRMOUTSTATEPROTOERROR);
45 return err;
46 }
47
48 skb_push(skb, skb->data - skb_mac_header(skb));
49 }
50
51 return 0;
52 }
53 EXPORT_SYMBOL_GPL(validate_xmit_xfrm);
54
55 int xfrm_dev_state_add(struct net *net, struct xfrm_state *x,
56 struct xfrm_user_offload *xuo)
57 {
58 int err;
59 struct dst_entry *dst;
60 struct net_device *dev;
61 struct xfrm_state_offload *xso = &x->xso;
62 xfrm_address_t *saddr;
63 xfrm_address_t *daddr;
64
65 if (!x->type_offload)
66 return -EINVAL;
67
68 /* We don't yet support UDP encapsulation, TFC padding and ESN. */
69 if (x->encap || x->tfcpad || (x->props.flags & XFRM_STATE_ESN))
70 return 0;
71
72 dev = dev_get_by_index(net, xuo->ifindex);
73 if (!dev) {
74 if (!(xuo->flags & XFRM_OFFLOAD_INBOUND)) {
75 saddr = &x->props.saddr;
76 daddr = &x->id.daddr;
77 } else {
78 saddr = &x->id.daddr;
79 daddr = &x->props.saddr;
80 }
81
82 dst = __xfrm_dst_lookup(net, 0, 0, saddr, daddr,
83 x->props.family, x->props.output_mark);
84 if (IS_ERR(dst))
85 return 0;
86
87 dev = dst->dev;
88
89 dev_hold(dev);
90 dst_release(dst);
91 }
92
93 if (!dev->xfrmdev_ops || !dev->xfrmdev_ops->xdo_dev_state_add) {
94 xso->dev = NULL;
95 dev_put(dev);
96 return 0;
97 }
98
99 xso->dev = dev;
100 xso->num_exthdrs = 1;
101 xso->flags = xuo->flags;
102
103 err = dev->xfrmdev_ops->xdo_dev_state_add(x);
104 if (err) {
105 dev_put(dev);
106 return err;
107 }
108
109 return 0;
110 }
111 EXPORT_SYMBOL_GPL(xfrm_dev_state_add);
112
113 bool xfrm_dev_offload_ok(struct sk_buff *skb, struct xfrm_state *x)
114 {
115 int mtu;
116 struct dst_entry *dst = skb_dst(skb);
117 struct xfrm_dst *xdst = (struct xfrm_dst *)dst;
118 struct net_device *dev = x->xso.dev;
119
120 if (!x->type_offload || x->encap)
121 return false;
122
123 if ((x->xso.offload_handle && (dev == dst->path->dev)) &&
124 !dst->child->xfrm && x->type->get_mtu) {
125 mtu = x->type->get_mtu(x, xdst->child_mtu_cached);
126
127 if (skb->len <= mtu)
128 goto ok;
129
130 if (skb_is_gso(skb) && skb_gso_validate_mtu(skb, mtu))
131 goto ok;
132 }
133
134 return false;
135
136 ok:
137 if (dev && dev->xfrmdev_ops && dev->xfrmdev_ops->xdo_dev_offload_ok)
138 return x->xso.dev->xfrmdev_ops->xdo_dev_offload_ok(skb, x);
139
140 return true;
141 }
142 EXPORT_SYMBOL_GPL(xfrm_dev_offload_ok);
143 #endif
144
145 static int xfrm_dev_register(struct net_device *dev)
146 {
147 if ((dev->features & NETIF_F_HW_ESP) && !dev->xfrmdev_ops)
148 return NOTIFY_BAD;
149 if ((dev->features & NETIF_F_HW_ESP_TX_CSUM) &&
150 !(dev->features & NETIF_F_HW_ESP))
151 return NOTIFY_BAD;
152
153 return NOTIFY_DONE;
154 }
155
156 static int xfrm_dev_unregister(struct net_device *dev)
157 {
158 xfrm_policy_cache_flush();
159 return NOTIFY_DONE;
160 }
161
162 static int xfrm_dev_feat_change(struct net_device *dev)
163 {
164 if ((dev->features & NETIF_F_HW_ESP) && !dev->xfrmdev_ops)
165 return NOTIFY_BAD;
166 else if (!(dev->features & NETIF_F_HW_ESP))
167 dev->xfrmdev_ops = NULL;
168
169 if ((dev->features & NETIF_F_HW_ESP_TX_CSUM) &&
170 !(dev->features & NETIF_F_HW_ESP))
171 return NOTIFY_BAD;
172
173 return NOTIFY_DONE;
174 }
175
176 static int xfrm_dev_down(struct net_device *dev)
177 {
178 if (dev->features & NETIF_F_HW_ESP)
179 xfrm_dev_state_flush(dev_net(dev), dev, true);
180
181 xfrm_policy_cache_flush();
182 return NOTIFY_DONE;
183 }
184
185 static int xfrm_dev_event(struct notifier_block *this, unsigned long event, void *ptr)
186 {
187 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
188
189 switch (event) {
190 case NETDEV_REGISTER:
191 return xfrm_dev_register(dev);
192
193 case NETDEV_UNREGISTER:
194 return xfrm_dev_unregister(dev);
195
196 case NETDEV_FEAT_CHANGE:
197 return xfrm_dev_feat_change(dev);
198
199 case NETDEV_DOWN:
200 return xfrm_dev_down(dev);
201 }
202 return NOTIFY_DONE;
203 }
204
205 static struct notifier_block xfrm_dev_notifier = {
206 .notifier_call = xfrm_dev_event,
207 };
208
209 void __net_init xfrm_dev_init(void)
210 {
211 register_netdevice_notifier(&xfrm_dev_notifier);
212 }
Linux with added FPC-III support